Volexity’s Steven Adair on Russian Wi-Fi hacks, memory forensics, appliance 0days and network inspectability

Three Buddy Problem - Episode 23: Volexity founder Steven Adair joins the show to explore the significance of memory analysis and the technical challenges associated with memory dumping and forensics. We dig into Volexity’s “nearest neighbor” Wi-Fi hack discovery, gaps in EDR detection and telemetry, and some real-talk on the Volt Typhoon intrusions. We also cover news on a Firefox zero-day exploited on the Tor browser, the professionalization of ransomware, ESET's discovery of a Linux bootkit (we have a scoop on the origins of this!), Binarly research on connections to LogoFAIL, and major visibility gaps in the firmware ecosystem. Cast: Juan Andres Guerrero-Saade (SentinelLabs), Costin Raiu (Art of Noh) and Ryan Naraine (SecurityWeek). Honorary buddy: Steven Adair (Volexity)Links:Transcript (unedited, AI-generated)Steven Adair on LinkedInThe Nearest Neighbor Wi-Fi Attack Detecting Compromise of Palo Alto Networks GlobalProtect DevicesVolexity Catches Chinese Hackers Exploiting Ivanti VPN Zero-DaysVolexity Warns of 'Active Exploitation' of Zimbra Zero-DayRomCom exploits Firefox and Windows zero days in the wildBootkitty: Analyzing the first UEFI bootkit for LinuxBinarly: LogoFAIL Exploited to Deploy BootkittyT-Mobile statement on Salt TyphooonLABScon24 Replay -- Cristina Cifuentes