US Treasury hacked via BeyondTrust, MISP and the threat actor naming mess

Three Buddy Problem - Episode 28: In this episode, we explore the ongoing challenges of threat actor naming in cybersecurity and the confusion caused by a lack of standardization, methodological inconsistencies and skewed, marketing-driven incentives.

Plus, the US Treasury/BeyondTrust hack, the surge in 0day discoveries, a new variant of the Xdr33 CIA Hive malware, and exclusive new information on the Cyberhaven Chrome extension security incident.

Cast: Juan Andres Guerrero-Saade, Costin Raiu and Ryan Naraine.

Links:

• Transcript (unedited, AI-generated)
• BeyondTrust statement on hack investigation
• U.S. Treasury says it was hacked by China-backed actors
• Another Palo Alto 0day exploited in the wild
• US telcos say they've evicted Salt Typhoon Chinese hackers
• Google: What is BeyondCorp?
• Introducing the MISP Threat Actor Naming Standard
• MISP: Recommendations on Naming Threat Actors
• New variant of the CIA HIVE attack kit
• Xdr33 Variant Of CIA's HIVE Attack Kit Emerges
• Savvy Seahorse connection to Cyberhaven incident
• US sanctions China's Integrity Technology over Flax Typhoon hacks
• Operation Aurora
• APT1 Exposing One of China’s Cyber Espionage Units