AddGitHub
All podcastsSuggest edits
Three Buddy Problem
4.9(62)

Three Buddy Problem

by Security Conversations

219 episodesLatest 3 days agoEN-US
Threat IntelligenceAI Security
WebsiteYouTube
AppleSpotifyPocket CastsOvercastCastroRSS
The Three Buddy Problem is a popular Security Conversations podcast that goes beyond industry talking points to discuss what others won’t -- nation-state malware, attribution, cyberwar, ethics, privacy, and the messy realities of securing computers and corporate networks. Hosted by three veteran security pros -- journalist Ryan Naraine and malware paleontologists Costin Raiu and Juan Andres Guerrero-Saade -- the weekly show attracts a highly engaged audience of security researchers, corporate defenders, CISOs, and policymakers. Connect with Ryan on Twitter (Open DMs).

Hosts

  • Ryan Naraine
  • Costin Raiu
  • Juan Andrés Guerrero-Saade

© 2026 The Naraine Group

Recent reviews on Apple Podcasts (5)

  • Insightful

    Smart takes and more accurate understanding than most cybersec podcasts. Good personalities.

    Laughedoutloud ·

  • Oo

    A bold new take on cybersecurity podcasts: unfiltered, authentic, and refreshingly real.

    \x4A\x4D ·

  • 1X

    The only podcast I listen to at 1x. Thoughtful, insightful, occasionally profane, always erudite.

    mjg5772 ·

  • Security and more

    Excellent, well articulated, thought provoking conversations. It has quickly made it onto my “must listen” list.

    Chris Mc.38 ·

  • True cybersecurity expertise and knowledge at your fingertips

    Ry, JAGS and Costin are insightful, enlightening and entertaining. This cybersecurity podcast is the best in the industry. The guys manage to dissect the most prominent cyber incidents and news happenings in the world with knowledge, truth and expert opinion. Totally recommended for anyone in the industry and for folks who want to learn more about cybersecurity.

    AA13AA13 ·

View all reviews on Apple Podcasts

Episodes (219)

  1. The disappointing death of big-game APT reporting

    May 10, 20262h 2m

    ( Presented by TLPBLACK : A cybersecurity intelligence platform focused on sharing curated, high-sensitivity threat insights and research with trusted security professionals. ) Three Buddy Problem - Episode 97 : We discu

  2. Cracking the Fast16 sabotage malware mystery

    May 1, 20261h 47m

    ( Presented by TLPBLACK : A cybersecurity intelligence platform focused on sharing curated, high-sensitivity threat insights and research with trusted security professionals. ) Three Buddy Problem - Episode 96 : We're jo

  3. Mark Dowd on AI hacking, exploit chains, zero-day sales

    Apr 24, 20262h 2m

    ( Presented by TLPBLACK : A cybersecurity intelligence platform focused on sharing curated, high-sensitivity threat insights and research with trusted security professionals. ) Three Buddy Problem - Episode 95 : Vigilant

  4. The Angry Spark APT Mystery: A Year-Long Backdoor, One Victim, Zero Attribution

    Apr 18, 20262h 35m

    ( Presented by TLPBLACK : A cybersecurity intelligence platform focused on sharing curated, high-sensitivity threat insights and research with trusted security professionals. ) Three Buddy Problem - Episode 94 : We discu

  5. The Claude Mythos, Project Glasswing Shockwave

    Apr 10, 20262h 34m

    ( Presented by TLPBLACK : A cybersecurity intelligence platform focused on sharing curated, high-sensitivity threat insights and research with trusted security professionals. ) Three Buddy Problem - Episode 93 : We discu

  6. LLMs writing exploits, engineers losing skills, and a case for the generative OS

    Apr 3, 20262h 19m

    ( Presented by TLPBLACK : High-fidelity threat intelligence and research tools for modern security teams. From curated Passive DNS and real-time C2 monitoring to actionable IOC feeds and daily malware samples, we help de

  7. Jeremy Banon: Personal Exec Compromise as Corporate Incident

    Apr 1, 202636m

    ( Presented by TLPBLACK : High-fidelity threat intelligence and research tools for modern security teams. From curated Passive DNS and real-time C2 monitoring to actionable IOC feeds and daily malware samples, we help de

  8. Google's Cyber Disruption Unit; Coruna is Triangulation, US Bans Foreign-Made Routers

    Mar 28, 20262h 32m

    ( Presented by TLPBLACK : High-fidelity threat intelligence and research tools for modern security teams. From curated Passive DNS and real-time C2 monitoring to actionable IOC feeds and daily malware samples, we help de

  9. The greatest APT hunter of all time, Apple's exploit kit problem, Microsoft FedRAMP mess

    Mar 20, 20262h 27m

    ( Presented by Thinkst Canary : Most Companies find out way too late that they’ve been breached. Thinkst Canary changes this. Deploy Canaries and Canarytokens in minutes and then forget about them. Attackers tip their ha

  10. Handala wiper attacks, APT28 implant devs are back, Signal's verification problems

    Mar 14, 20261h 44m

    ( Presented by TLPBLACK : High-fidelity threat intelligence and research tools for modern security teams. From curated Passive DNS and real-time C2 monitoring to actionable IOC feeds and daily malware samples, we help de

  11. Trenchant, Peter Williams, and the proliferation of a Shadow Brokers-level iOS exploit framework

    Mar 6, 20261h 59m

    ( Presented by Thinkst Canary : Most Companies find out way too late that they’ve been breached. Thinkst Canary changes this. Deploy Canaries and Canarytokens in minutes and then forget about them. Attackers tip their ha

  12. Matthias Frielingsdorf on the mysterious Coruna iOS exploit kit discovery

    Mar 5, 202639m

    ( Presented by TLPBLACK : High-fidelity threat intelligence and research tools for modern security teams. From curated Passive DNS and real-time C2 monitoring to actionable IOC feeds and daily malware samples, we help de

  13. Threat Hunter Greg Linares on the modern ransomware playbook

    Mar 3, 202649m

    ( Presented by TLPBLACK : High-fidelity threat intelligence and research tools for modern security teams. From curated Passive DNS and real-time C2 monitoring to actionable IOC feeds and daily malware samples, we help de

  14. War in Iran, Anthropic v Pentagon, Trenchant zero-day sanctions, AI stock market shocks

    Feb 28, 20262h 8m

    ( Presented by Thinkst Canary : Most Companies find out way too late that they’ve been breached. Thinkst Canary changes this. Deploy Canaries and Canarytokens in minutes and then forget about them. Attackers tip their ha

  15. GitLab doxxes North Korea .gov hackers; fresh Ivanti zero-days; AI addiction and human purpose

    Feb 20, 20262h 16m

    ( Presented by TLPBLACK : High-fidelity threat intelligence and research tools for modern security teams. From curated Passive DNS and real-time C2 monitoring to actionable IOC feeds and daily malware samples, we help de

  16. Palo Alto and the uncomfortable politics of APT attribution

    Feb 13, 20262h 30m

    ( Presented by Thinkst Canary : Most Companies find out way too late that they’ve been breached. Thinkst Canary changes this. Deploy Canaries and Canarytokens in minutes and then forget about them. Attackers tip their ha

  17. From Epstein to Notepad++: Redactions, Zero-Days and Supply Chain Attacks

    Feb 8, 20262h 17m

    ( Presented by Thinkst Canary : Most Companies find out way too late that they’ve been breached. Thinkst Canary changes this. Deploy Canaries and Canarytokens in minutes and then forget about them. Attackers tip their ha

  18. A destructive cyberattack in Poland raises NATO 'red-line' questions

    Jan 30, 20262h 53m

    ( Presented by Material Security : We protect your company’s most valuable materials -- the emails, files, and accounts that live in your Google Workspace and Microsoft 365 cloud offices. ) Three Buddy Problem - Episode

  19. Cheap, AI-generated zero-days and the real meaning of ‘advanced’ malware

    Jan 23, 20262h 9m

    ( Presented by Material Security : We protect your company’s most valuable materials -- the emails, files, and accounts that live in your Google Workspace and Microsoft 365 cloud offices. ) Three Buddy Problem - Episode

  20. Google Pixel 'zero-click' exploit caused by AI, mysterious Poland grid attacks, China bans US cybersecurity software

    Jan 16, 20262h 24m

    ( Presented by Material Security : We protect your company’s most valuable materials -- the emails, files, and accounts that live in your Google Workspace and Microsoft 365 cloud offices. ) Three Buddy Problem - Episode

  21. Hamid Kashfi on the situation in Iran; Did cyber cause Venezuela blackouts?

    Jan 9, 20262h 13m

    ( Presented by Material Security : We protect your company’s most valuable materials -- the emails, files, and accounts that live in your Google Workspace and Microsoft 365 cloud offices. ) Three Buddy Problem - Episode

  22. A special mailbag episode with book recommendations

    Jan 2, 20263h 1m

    ( Presented by Material Security : We protect your company’s most valuable materials -- the emails, files, and accounts that live in your Google Workspace and Microsoft 365 cloud offices. ) Three Buddy Problem - Episode

  23. Quiet Wins, Loud Failures: A Year-End Cybersecurity Reckoning

    Dec 26, 20253h 19m

    ( Presented by ThreatLocker : Allow what you need. Block everything else by default, including ransomware and rogue code. ) Three Buddy Problem - Episode 78 : We close out the year with a no-budget, no-permission awards

  24. What's behind US gov push to 'privatize' offensive cyber operations?

    Dec 20, 20252h 1m

    ( Presented by ThreatLocker : Allow what you need. Block everything else by default, including ransomware and rogue code. ) Three Buddy Problem - Episode 77 : New React2Shell data from Microsoft, fresh Apple and Cisco ze

  25. Legal corruption, React2Shell exploitation, dual-use AI risks

    Dec 11, 20252h 12m

    ( Presented by ThreatLocker : Allow what you need. Block everything else by default, including ransomware and rogue code. ) Three Buddy Problem - Episode 76 : On the show this week, Costin walks through how a single Roma