US Treasury hacked via BeyondTrust, MISP and the threat actor naming mess

Three Buddy Problem - Episode 28: In this episode, we explore the ongoing challenges of threat actor naming in cybersecurity and the confusion caused by a lack of standardization, methodological inconsistencies and skewed, marketing-driven incentives. Plus, the US Treasury/BeyondTrust hack, the surge in 0day discoveries, a new variant of the Xdr33 CIA Hive malware, and exclusive new information on the Cyberhaven Chrome extension security incident. Cast: Juan Andres Guerrero-Saade, Costin Raiu and Ryan Naraine.Links:Transcript (unedited, AI-generated)BeyondTrust statement on hack investigationU.S. Treasury says it was hacked by China-backed actorsAnother Palo Alto 0day exploited in the wildUS telcos say they've evicted Salt Typhoon Chinese hackersGoogle: What is BeyondCorp?Introducing the MISP Threat Actor Naming StandardMISP: Recommendations on Naming Threat ActorsNew variant of the CIA HIVE attack kitXdr33 Variant Of CIA's HIVE Attack Kit EmergesSavvy Seahorse connection to Cyberhaven incidentUS sanctions China's Integrity Technology over Flax Typhoon hacksOperation AuroraAPT1 Exposing One of China’s Cyber Espionage Units