(Presented by TLPBLACK: High-fidelity threat intelligence and research tools for modern security teams. From curated Passive DNS and real-time C2 monitoring to actionable IOC feeds and daily malware samples, we help defenders detect, hunt, and disrupt threats faster, with seamless integration into SIEM and SOAR workflows.)

Three Buddy Problem - Episode 92: Costin walks through real-world ransomware incident response while Juanito makes the case for AI-generated operating systems that never run anyone else's code. Plus, debates on whether vulnerability research is cooked, why nobody should pay ransoms, and what the security industry looks like after the massive AI flood.

Cast: Juan Andres Guerrero-Saade, Ryan Naraine and Costin Raiu.

0:00 – Introductory banter
2:00 – Costin's ransomware incident response work
3:30 – How attackers break in: Fortinet vulnerabilities everywhere
6:30 – Hunting for ransomware decryption keys
9:00 – Breaking into ransomware C2s and monitoring leak sites
12:00 – The ransom payment debate: should you ever pay?
16:00 – Why "don't pay the ransom" is overgeneralized
21:00 – How ransomware gangs price their demands
24:00 – The AI-pilling of the security industry
28:30 – Nicholas Carlini, Ptacek, and "vulnerability research is cooked"
35:00 – Towards a generative-first operating system
41:00 – Code factories, trusted computing, and killing dependencies
48:00 – Microsoft and Apple's AI positioning
56:00 – Chris St. Myers' "Cognitive Rust Belt" essay
1:18:00 – Choice, The Matrix, and the illusion of control
1:38:00 – Supply chain attacks, North Korea, and dependency sprawl