China doxxes NSA, CVE's funding crisis, Apple's zero-day troubles

Three Buddy Problem - Episode 42: We dig into news that China secretly fessed up to the Volt Typhoon hacks and followed up with claims that named NSA agents launched advanced cyberattacks against the Asian Winter Games. Plus, the MITRE CVE funding crisis, new Apple 0days in the wild includes PAC bypass exploit, Microsoft Patch Tuesday zero-days. Plus, the effectiveness of Lockdown Mode, the rising costs of mobile exploits, Chris Krebs' exit from SentinelOne after a presidential executive order, and the value and effectiveness of security clearances. Cast: Juan Andres Guerrero-Saade, Costin Raiu and Ryan Naraine.Links:Transcript (unedited, AI-generated)China names alleged NSA cyberattack agentsWSJ: In Secret Meeting, China Acknowledged Role in U.S. Infrastructure HacksApple Quashes Two Zero-Days With iOS, MacOS PatchesApple bulletin - iOS 18.4.1 Security VulnerabilitiesAndroid zero-days documentedMITRE CVE Program Gets Last-Hour Funding ReprieveNIST Still Struggling to Clear Vulnerability Submissions Backlog in NVDEU issues US-bound staff with burner phones to avoid espionageExploitation of CLFS zero-day leads to ransomware Google announces Sec-Gemini v1 cybersecurity model