Shai-Hulud 2.0, Russia GRU Intrusions, and Microsoft’s Regulatory Capture

(Presented by Material Security: We protect your company’s most valuable materials -- the emails, files, and accounts that live in your Google Workspace and Microsoft 365 cloud offices.)

Three Buddy Problem - Episode 74: We attempt to parse the rumor-fog around Microsoft’s CISO at CYBERWARCON and what it reveals about the company’s shifting posture on intel sharing, regulation, and its outsized grip on the security ecosystem. Plus, coverage of the Shai-Hulud npm supply-chain mess, CISA’s mobile spyware guidance, NSO’s legal contortions, a sharp new GRU-linked intrusion from Arctic Wolf.

We also discuss the FCC retreating on telco security rules, and the emerging AI arms race shaping how cloud giants hunt threats and how Washington misunderstands all of it.

Cast: Juan Andres Guerrero-Saade, Ryan Naraine and Costin Raiu.

Links:

Transcript (unedited, AI-generated)
Microsoft CISO LinkedIn comments
Shai Hulud 2.0 Strikes Again
Wiz: Sha1-Hulud 2.0 Supply Chain Attack: 25K+ Repos Exposed
CISA guidance on mobile spyware on iOS, Android
NSO Group argues WhatsApp injunction threatens existence
Arctic Wolf: Russian APT targets U.S. Companies Supporting Ukraine
FCC revokes telecom cybersecurity rules after Salt Typhoon hacks
FCC Chairman statement on removing telco rules
Amazon Is Using Specialized AI Agents for Deep Bug Hunting
Anthropic CEO called to testify on AI cyber threats
TLPBLACK
Material Security (Book a demo)

Published on 1 week ago

Podcast Episode Details

Shai-Hulud 2.0, Russia GRU Intrusions, and Microsoft’s Regulatory Capture