B (11:28)

From the CISO series, it's cyber security headlines. These are the cyber security headlines for Tuesday, April 28, 2026. I'm Sarah Lane. Phantom RPC Flaw enables Privilege Escalation A Kaspersky researcher disclosed an unpatched Windows vulnerability dubbed Phantom RPC that allows privilege escalation by exploiting how the OS's remote procedure call or RPC mechanism handles connections to inactive services. The flaw lets attackers with limited access spin up rogue RPC servers to that impersonate legitimate services and capture high privilege connections, potentially escalating to system level control. With five exploit paths validated on recent Windows server versions. Microsoft classified the issue as moderate severity due to required privileges and is not issuing a fix. So monitoring RPC activity and restricting impersonation privileges is key to reduce risk. Check mark.

A (12:33)

All right. Hey, quick shout out to Varsa. Thank you, Ryan. Varsha Thomas over on LinkedIn. Welcome to the party, pal. Welcome to the party. All right. And if you're here for the first time, drop that hashtag first timer so we can recognize you too, Varsha. We're off and running on this beautiful Tuesday morning. We got our first story. Okay, so check it out. Kaspersky, researcher, which it's good to see Kaspersky still kicking, right? For those who don't know, Kaspersky is an anti malware solution company, but they're out of Russia as the name Kaspersky might indicate. And the US Federal government like basically put the you Know the death penalty effectively on Kaspersky being used either in federal government or in the United States. Either way, Kaspersky took a big L a couple years ago, but they're still kicking, they're still rocking and paying. Apparently they can still pay for security researchers to do security research. Now check this out. Unpatch flaw. Windows enables privilege escalation. So right away, number one, and they mentioned it in the story that it's medium severity. But number one, let me call your attention to this privilege escalation right there in the title. Let me pull up this. I'm googling the word cyber kill chain. Let's see if I can find one that does us some. One that does us some justice. Oh my God, this is horrible. Of course not. Of course. When I need something, you know, it's. It's not here my guy. All right, I guess I'll just describe it quite well. This is why infographics are valuable. All right, so listen, here's the deal. There is Windows operating system has these remote procedure call functions, right? And essentially what they do is they enable connections for remote processes, as the name would indicate. Now, this flaw essentially looks like if the RPC makes a call and the service is unavailable, it'll fail. It's like imagine if you will, you call a phone number. Like say you have a phone number from a friend that you haven't talked to in 10 years, okay? And they have gotten a new phone number. Follow me on this one because I think this analogy is going to work. Okay? You call the friend's phone number and it just rings, rings, rings, rings, rings, rings, rings, rings, rings, rings the phone. Their your friend is unavailable. That's what's happening here. The RPC is making a call to make a connection and the service is unavailable. Now what, what happens is it just doesn't connect and you're just left hanging, right? Like, all right, I guess this will eventually time out and fail that what the threat actor has realized is that if they can put something there. Ring, ring, ring, ring. Hello. It's the threat actor, but like your, your RPC mechanism reaching out to make the connection and isn't going to be doing any kind of verification that. Hey, is this tom pine from UMass Amherst? That part doesn't happen. It just ring, ring, ring, ring. Hey, what's up? I still owe you $20. Can I send it to you or. Hey, what's up? It's my kid's birthday. Like wish him a happy birthday like you. It just immediately goes into like whatever the the data transfer is, that's, that's the problem. The problem is it's not really validating the connection. And you can slap something in here. Honestly, if, if you're looking for a more technical comparison. To me, this feels like DLL side loading attacks where you stick a malicious DLL with the same name kind of in line and an executable reach out to the malicious DLL and because the things check out, it's like good to go. Seems a little bit like that now. Why am I not pooping my pants right now? Why am I so casual? You know, if I had some sunglasses on, I'd be like, why am I so casual, bruh? Because it's a privilege escalation. This means that they have to get. Oh my God, I gotta stop doing that. This means that they gotta get on your box first. Like the, the caller is coming from inside the house. The threat actor already owns your box, bruh. And, and I'm not saying there's a million ways to do privilege escalation, but once they're on the machine, my guy, privilege escalation is like the next. I mean dude, admins log into boxes, cash credentials, Kerber roasting, mimikats. If you're doing a poor job of security on the endpoints like you can get elevated privileges. Okay so okay, and again, I'm not saying like let's let this fly. You just, you know, come on. So this is great for Kaspersky. See if no patch despite various exploit paths. Okay, again various exploit paths, but they have to be on the machine already. Okay, so like let's not, let's not crap ourselves right immediately. By, by the way, I don't want a threat actor getting escalated privileges to system because now they fully own the box. But, but the reality is dude, once a dude, once a bad person is on the box, you're going to reimage the machine anyways once you find it. Let's see. Kaspersky disclosed the flaw to Microsoft in a 10 page report. Boss move Kaspersky. 10 page report. They didn't issue a CVE which is kind of booty. Microsoft says that the moderate severity due to the requirement. Yeah, yeah, yeah. This privilege was typically required for the attack to secede. Oh, so Microsoft is. See what I'm saying guy? Like Microsoft is saying in order to execute this in the first place, you already have to have privileged a privileged access to. To a process. So like I don't know man. It like Microsoft is basically. Microsoft didn't release a CVE for this. Microsoft's saying that this is not a flaw because effectively what they're saying is. This is the. Okay, so this is the equivalent. Work with me on this one, guys. This one is the equivalent of Microsoft say, like Kaspersky reached in and said, hey, listen, if someone has stolen your car, they have the ability to change the radio station. And Microsoft's like, dude, like, they've already stolen the car. And like, people can only change the radio station in the driver's seat. Like, the fact that they've already done that means that they already have the access and permissions that they need. Like, it's not a new thing, you know, so that's kind. I mean, I know that, that. By the way, if you're new here, Varsha over on LinkedIn and other people, I love using analogies and I've got a ton of experience, so my analogies aren't ridiculously not making sense. I love using analogies because I feel like they stick better. All right, anyways, I I tell you, you gotta patch it, but there's no patch. Ah, you gotta patch it. All right, we got a an update here. Olis O L I s olis 48.97 says good morning. Just got a new job as a SEC Op engineer. This is the second job Simply Cyber Resources has helped me get. Thank you, Jerry. Heck yeah, dude, let's go. All right, dude, Love it, love it, love it. I'm. Hold on, let me get this guy at Oly. Hell yeah. Nice job, dude. Thanks for sharing your. Thanks for sharing your personal good news with us. It's. Thank you, Varsha, for letting me know about my analogies. Also, guys, really quickly, just a meta thing for the Simply Cyber community. If you get wins, share them. Yes, the wrecking ball is fun for you, but. But you may not realize how motivating and inspiring it is for other people to see that it's working, to see that, you know, it pays off to see the light. So thank you for sharing because you are inspiring other people.

B (21:22)

Olus confirms GitHub data leak hit the Dark Web Checkmarks confirmed that Data from its GitHub repository has been posted on the Dark web following a March 23 supply chain attack that compromised development tools and workflows. The reach involved tampered GitHub actions and VS code extensions distributing credential stealing malware with researchers linking subsequent leaks to groups like Lapsus and activity attributed to team pcp. Exposed data may include source code and credentials, though customer environments were reportedly unaffected. The company has restricted access to the impacted Repository and is continuing its investigation, noting it will notify customers of sensitive data exposure.

A (22:07)

Pip. All right, check marks. GitHub repo data posted. All right, they say supply chain security. I mean, I suppose it is like they have a GitHub repo. All right, so question. First question is how do the threat actors get in the GitHub repo? Is it crappy configuration of security of that check marks did of their GitHub repo? Basically having their butt hanging out in the wind. They didn't tie the back of their hospital gown. Huh? Varsha, you see that analogy I just did there? Ha. Or did they have creds? They had the thing buttoned up and tightened like a drum. But some threat actor was able to steal creds and walk in looking like, you know, a guard or whatever.

B (22:57)

Foreign.

A (22:58)

Let's see. All right, the GitHub repo is maintained separately from the customer production environment. Really quickly. Obviously, like, dude, you have to be an absolute knucklehead or, or a small business that doesn't know what you're doing. Dude, the year is not 2003. You don't run your dev environment as a production environment. So just, just saying really quickly, when they're like, they emphasize that the GitHub repo is maintained separately from the customer production environment. Yes, that is how a real business that does software manages their environment. Dev test prod. Again, I know that they're doing this for damage control. I'm telling you, in case you're not aware. Like, like, like when I read this, when I read this, I'm not like, somebody give me a bandana so I can dab my brow. I do declare, Mr. Beauregard. You did keep your GitHub repo separate from your customer production environment. Oh my. No. It's like, yes, that's how you do business in 2026. Thank you. Let's move along. I mean, they might as well have say. They also emphasize that developers have. Are employed at GitHub. Like, yeah, no kidding. Okay. And by the way, I don't even know where that southern gentleman just came from. Have to check that out. As I said in the intro, I have no idea what I'm gonna say. Did not have Mr. Beauregard on my bingo card today. I have, I do declare, Marcus Kyla. I have the vapors. All right, so the company said it locked down access to the effect of GitHub repo here. Air. I would assume this means credential compromise. Info stealers. Somebody clicked on something somewhere. I'll give you A hint what their first name was as Carl. For those who don't know, Varsha and other people who are relatively new to the community, I don't dunk on Yen users because it's our responsibility to educate them. I'm not calling them children, but I'm not going to expect them to understand cyber security. That's my job. That's your job. But Carl is our token end user who's just there to get their stuff done. Let's see. Lapsis. Cybercrime did the claim. Lapsis, dude, I'm telling you, okay? So get ready for your kool Aid. And if you're a squad member, Squad members. People who are squad members, they hit the join button on Simply Cyber. It's a couple bucks a month. They get access to the sweet emo tray. I'm doing a little bit of a Kool Aid, man. I'm making this connection right now. Here we go. Get ready for this. This is the most epic drink. Mad Destroyer. Five gifted subs and a bunch of coffee. Heck yeah, dude. Thank you, Gift. Mad Destroyer.

C (26:03)

Did we just become best friends?

A (26:05)

And if you're one of the five people. Cyber Sasquatch, fake human genus. All this. All this. Who just announced his new job. Also a squad member. Make it rain with Those Kool Aid man. Eight bit. Guys, listen, in the 80s, there was a thing called the Brat Pack, okay? The Brat Pack was like this new wave of actors. Many of you recognize them. I mean, I wouldn't. This is kind of an extended orbit of the Brad Pack. I wouldn't put Tom Cruise and Ralph Macchio in the Brat Pack for sure. But Emilio Estevez, Anthony Michael Scott. Rob Lowe. You. You could see him. This guy over here on the far left from Red Dawn. He had a promising career and failed. Demi Moore, Kiefer Sutherland, Robert Downey Jr. You want to talk about a guy who rejuvenated his career? Charlie Sheen. A guy who took it and went tiger blood full crazy. Why am I showing you the Brat Pack? Ali Sheen's in here. Why am I showing you the Brad Pack? Because, guys, this is like the ransomware Brat Pack. Lapsis shiny hunters scattered spider. And now they have like this like. Like lapsis scattered spider and shiny hunters are like Anthony Michael Scott, Robert Downey Jr. Emilio Estz. Like, they're like the prime. Robert Downey Jr. Robert Rob Lowe. These are like the prime prime A ones. But now we're starting to see a bit of a expansion. Winning Tiger Blood. We're seeing an expansion of these threat actors, a growth to like a sec tier of these guys. So who do we got here? All these guy dude picks up a new job and he's just making it rain dolla dollar bills.

C (27:52)

Did we just become best friends?

A (27:54)

Yep. Thank you, Alice. And in. In Mad Destroyer, thank you for hooking all us up with a squad membership. All right, so anyways, just be aware that these guys are rolling like the Brad Pack. Okay, how do they work? So the threat actors were able to get source code, employee database. Thanks. Employee database, API keys, Mongol. So it's a crappy day of check marks. They're going to be rotating API keys or they should be database creds. Etc. Yeah, it's it. Dude, I thought we were winning the war on friggin ransomware and we're not. There's like a new way. Like it's like a new like. I don't know if anyone here plays like I, I don't really play the zombies game of like Call of Duty or any of these, but there's like a form of like first person shooter games where there's like waves of guys that come in and you have to mow them all down. Like I thought we were winning the war on ransomware, but instead it was just like we were in between waves because there's this new wave of like young Brat pack ransomware threat actors that are coming at us and man, they are winning hard. Guys, as always. I. All I can do is tell you. Ben Wilkinson in the chat. Dude, what up? Listen, all I can do is tell you the best thing you can do is the things you can control. And you can control protection mechanisms, detection mechanisms. Like basically to discover faster before the, you know, real impact hits you. And three, the response. How fast can you respond? How, how, how wide can you respond? It's all about managing the, the impact in the blast radius. And this is why I tell you you have to like. It's called cyber security. Everybody calls it cyber security. I'm going to put it on my gravestone. It's going to say OER and then right below it in quotes, it's going to be etched in there. It says we should call it cyber resiliency. Literally the hill. I'm going to be buried on a hill. So it can be the hill I'm willing to die on. Work in cyber resiliency. The point is, can you keep making money and keep doing your thing, even when you're getting punched in the grill? That's what's up. All right, so do all the things. Obviously if someone gives up their cruds. That's it, you know?

B (30:22)

PI package hacked to push info stealer PI PI. A widely used PI package with more than one.

A (30:29)

She said PI. It's PI PI, PI PI. Not Popeye, but PyPi.

B (30:36)

0.1 million monthly downloads was compromised in a supply chain attack that pushed a malicious version containing an info stealer targeting developer credentials and crypto wallets. Researchers at Step Security found the attacker exploited a GitHub action script injection flaw to steal a workflow token, forge a legitimate release, and then distribute the backdoored package and Docker image. The issue has been Fixed in version 02.3.4, but affected users should rotate secrets and restore systems since the malicious release could automatically propagate to environments using unpinned dependencies. Italy extradites.

A (31:17)

Hold on. I hate when they do this like reporters do. This freaking attention economy. An attacker pushed a malicious version of a popular elementary data package. Hold on. PI PI. Like, here's my thing. Like, unless I'm mistaken, which I'm not, okay? And I, I, I, I feel confident about this, PI. PI is the platform. This is like saying the library or Lowe's hardware store or, you know, a freaking the Dewey Decimal System. Like it's the repo that holds all of them. So if a popular elementary data package was compromised, that's one cassette tape at Blockbuster, right? That's one saw in Lowe's. Like one thing was compromised, but the, the, they bury it in the head like it's annoying to me. Like, tell me what friggin package, because that's what I need to worry about as a professional. All right, let's dig in, see if we can't find it. It's, oh, it's literally called elementary data. All right, well, I guess I feel a little silly, but Jesus, man, tell this to me. This looks like a description. I hate to. I'm sure there's people who are listening and watching right now. They're like, this guy's an ass, maybe. But like, dude, to me this looks like a sub. Like a, a description of what the package is, not the name of the package. All right, so I stand down. I digress. I'm sorry, It's a live show for those who think I'm AI generated, which, by the way, we'll talk about it tidbits Tuesday. I'm not. Look, real guy. It's called elementary data. So if you're running elementary data, it looks like there was only one sub version that was compromised. But dude, the threat actors are getting into the docker containers and screwing it up. The Docker container is great. Docker is awesome because it's like a self contained maybe. I mean Docker is great because it's a self contained. It has all the dependencies and stuff. Which if you've. If you're old and you've ever. If you're old like me, right, and you've pulled down Python and then you try to run something and then you get all sorts of dependency errors, you just want to scream at your keyboard. All right, so if you're set for auto patching, you get a clean one by default, which got pushed. But if you downloaded the malicious variant, you are currently compromised. What's the compromise do? It steals your sensitive developer data, which would be API keys and crypto wallets. So be mindful of that if you're using anything crypto. Let's see, It does have a million downloads a month, which is pretty sick. Pretty sick. Okay, in comparison, like Simply Cyber gets like maybe 70,000, 80,000 downloads a month, right? So these guys are doing a million a month. So greater than. All right, let's see. So how is this attack manifested? They did not steal creds and take over developer account. Instead they posted a malicious comment on a P pull request, sometimes referred to as a PR. A pull request that exploited a GitHub Action Script injection flawless, causing the workflow to execute attacker controlled shell code. Guys, this is basically a cross site scripting attack resulting in an injection flaw. So the GitHub action takes action on the comment. The comment was code. I mean dude, this is, this is a cross site. They don't say it in here as a cross site scripting, but everything I know suggests this is cross site scripting. Any pen testers in chat want to comment, let me know if I'm correct or not. It then exposed the GitHub token. Sure, why not reveal that? And then once they had the forge get. So this is actually pretty clever. Okay, let me explain what happened because this is a tough one to protect because there's two things here. One is if you're running this elementary data package, you got to get it fixed, okay? Ah, you gotta patch it. Number two, if you are running a, a PI PI repo or GitHub repo or whatever. PI PI specifically they're saying that like PI PI as a platform would have to fix this, not you. You can't fix this. They're saying that you're able to add a comment which comments can be added. No one can stop. I mean you could block comments I suppose I don't know if that's configurable, but a comment gets added which causes an injection because it's like a cross site scripting error. So instead of your project sucks, it's like code and then the code gets run and the code then delivers a GitHub token to the threat actor. The threat actor now has a key and the key allows them to commit malicious code to the project. So if that makes sense, the analogy here would be. The analogy here would be that the threat actor is able to like I, I guess like use a coat hanger to get under the front door and unlock and open the door and then enter your house and then you know, like swap out the ham in your fridge for like spoiled ham or spoiled meat or something like that. Right. Like they, they did it. It was a two part attack. One was to get access to be able to do the actual attack. And you know, it worked. I mean to me, honestly, I don't see how like this isn't more prevalent in an attack because it kind of seems like it's attacking the pypy platform with the way it handles comments. If you have that automatic action script thing running, what is it? It's, Let me see, hold on. Attacker exploitative. Load workflow dot com. Hold on. It says action scripting. Yeah, if it's running GitHub Actions. Script injection flaw. All right, there we go. So check that out. I might have to step outside for a second. Jesse, are you here? I see you here, but.

B (38:04)

Alleged Chinese state hacker to the U.S. italian authorities extradited Xu Zhu to the U.S. where he faces charges tied to alleged involvement in the state backed hat hafnium, also known as Silk Typhoon campaign that targeted Microsoft Exchange servers and thousands of global victims. US prosecutors say he participated in intrusions between 2020 and 2021, including attacks on universities and researchers to steal COVID 19 related data allegedly under direction from Chinese intelligence services. Xu denies the allegations but could face up to 77 years in prison if convicted. China has criticized the extradition.

A (38:48)

All right, hold on, I got something going on here. Sorry guys. We have a contractor here who's power washing our house and was some things with the plants in the back and I, I hear him. He's two hours early. Thank you. But Mrs. Oer just texted me. We're all set, so stand down everybody. I didn't even listen to the story because I was, I was. What's the word? I was doing? Managing priorities, I suppose. Italy Extradites alleged Chinese state hacker to U.S. all right, Italy. Way to go, bruh. Regulators. All right. And by the way, thank you, guys. It's a live show again. People think that this is like, I don't know what people are thinking. Not you guys. You guys are cool. Let's see. Juj Way was arrested in July 25th by Italian authorities after he was accused by the U.S. nice, dude. Italy's like Italy with the solid assist, you know what I mean? Like, first the Olympics in Milan and now they're just like extraditing people over here. This guy denies Chinese government hacking ops. Let's see. All right, all right, so this guy's allegedly involved in attacks on Microsoft Exchange servers. Again, if you're running Microsoft Exchange on prem, you really should consider a new, a new architecture. This Guy was targeting U.S. universities, immunologists, virologists conducting research. I. I don't know, dude. There's a little bit of, there's a little bit of, I guess, conspiracy theory, little side quest action for Justin Gold. Let's see. How fast did China get the COVID vaccine after us did? Ah, so the US China actually preceded the US for vaccines. There we go. So anybody who's suggesting that it was stolen, get your, get your facts right. All right? So anyways, this guy, we'll see how it goes. As far as, like, you doing anything at work different today? No. Just know that, you know, basically law enforcement's doing its thing.

B (41:46)

Huge thanks to our sponsor Guard Square. Your back end is only as secure as your front end.

A (41:53)

All right. Hey guys, she said it yourself, your back end's only as secure as your front end.

B (41:58)

Research shows that client side compromise is now a primary driver of API risk, with 63% of leaders detecting mobile app tampering or cloning last year. Don't leave your mobile app security to chance. Get multi layered protection for your entire mobile app ecosystem from the outside in. Learn more@guard square.com.

A (42:30)

Speaking of the Brat Pack. Speaking of the Brat Pack. Hey guys. Varsha, thanks for being here. Guys, I want to say thank you for joining us for the Simply Cyber daily Cyber threat brief. Every single weekday morning, I want to say shout out. We got Jesse Johnson coming up at the top of the hour for Hotline Cyber career hotline, your 30 minute AMA show where we bring the heat to you. Getting all your questions answered. Thanks to the stream sponsors Threat Locker anti siphon flare for bringing it. Talk a little bit about Slay Cert, the new project by Jesse Johnson. Simply Cyber is a proud sponsor of Slay search, so definitely make sure Jesse tells you all about that. Guys, every day of the week has a special segment. We take a little breather at the mid roll. Tuesdays is Tidbits Tuesday, where I share a little bit about myself and we see if we vibe on it. Okay, so I got two tidbits Tuesdays for you. One's the real one and then one is something living rent free in my head. So let me share the rent free in my head one. First, I've been posting a lot of videos on LinkedIn, right? It's like talking head vertical format, you know, it's my vibe, right? Hot pink and blues, retro synth wave, right? All this stuff, dude, some woman on LinkedIn was like, huh, no blinking interesting or something like that. I don't know if no blinking means like I'm AI generated or something, but I watch the video, I blink in the literally the first second, like the show, the video starts and I'm like, hey. And I'm like, what are you on? And, and then like I responded directly to her to like, I would like asking for some clarity and no reply. It's like, I, I, I know I should just move on and not even spend a minute thinking about that, but it's like, that's the second time someone has called me AI. I'm, I'm human, man. Trust me, I'd be way smarter if I was AI. I'd have way less audio issues. All right, what game am I playing right now? Magic Gathering Paper. All right, so second Tidbits Tuesday. This is the real one. This is where I reveal a little personal stuff and maybe, you know, a little vulnerability. Okay, this, this, this is something that I thought about the other day. So my son is 14 and he wears like, you know, he has like a school uniform or whatever. So he got up yesterday in the morning. He's like, dad, like, I don't have it, I don't have clean clothes or whatever. And he wears a sweatshirt. He's like, I got everything, but I don't have a sweatshirt. And I'm like, you know, you don't have to like take your sweatshirt off every single day and put in the dirty laundry. And then it got me thinking. I don't know about you guys, but like, yes, I change my boxer shorts and my shirt every day. Like those go into the hamper. Socks go in the hamper when I wear socks, which is infrequently, but dude, like a hoodie, A hoodie. I don't know if you guys have like, there's like clean clothes in the bureau Dirty clothes in the hamper. And then there's like this middling like state of clothes that are like not dirty but they're also not going to get folded up and put in the bureau. And this is like hoodies or quarter inch zips and stuff like that. I don't know if you guys do that, but there's like. And it's just kind of like. I try to maintain it, but I have a couple things hung on a hook on the back of my closet door. And then there's like a hot bar on my bureau top where there's like two hoodies. One's a light hoodie, one's a heavy hoodie and a baseball hat. So I don't know. You tell me. Am I gross? I don't think I'm gross. I, I just. It's a weird, it's a weird state because there's clean clothes and dirty clothes, but then there's like a third state state of like in use clothes. So I don't know. Maybe it's just me. Maybe it's just me. Okay, let me know in chat what you guys think about grc. Guardrail says the chair. Some people, it's the, the treadmill. I don't know. I just don't. I think here's my thing. I think it's a real thing that no one talks about. Okay. And I'm putting it out there. I'm, I'm bringing it to the, to the people. All right, so while we talk about that, let's go ahead and get our LA LAs on. Let's normalize multi day hood. La. It's just hoodies take forever to clean and dry and you can only wash so many of them because they take up so much space in the wash. It's, it's not. I, I have a cardigan over here. Yes, I have a cardigan. I'm old. It has elbow patches. That's me. I, I don't even know. Last time I washed it, it's like my office. Oh, I'm chilly. Let me throw this on. All right, let's keep cooking. Varsha, first timer in chat. Didn't realize she was getting all this today.

B (47:55)

U.S. sanctions target Cambodian scams. The U.S. treasury's Office of Foreign Assets Control sanctioned a Cambodian cybercrime network including Senator Koch on over large scale cryptocurrency scams that have defrauded Americans of millions of dollars through romance and fake investment schemes. Authorities say the operation runs from scam compounds tied to casinos where victims send funds to fraudulent platforms While trafficked workers carry out the scams under coercive conditions. The action was coordinated with the doj, FBI and Secret Service, including domain seizures and, and criminal charges intended to disrupt both the financial infrastructure and human trafficking tied to the network.

A (48:41)

Glassworm. Yes. Let's go. Regulators. Hell yeah, dude. Way to go. FBI, doj, US Secret Service. I hope everybody put on big old like the, the biggest boots that they could put on. I'm talking Red Wings platinum edition. And just start kicking mud holes in this Cambodian scam network. Dude, you're getting on ofac, the Office of Foreign Asset Control. That is like you don't want to be on that list. That's a list where you basically are no longer allowed to do business with the United States. And, and, and you're, you are radioactive. You're basically like the cheese and diary of a wimpy kid. No one wants to touch you because you're gross now. And the United States is like just dropping this on 503 domains linked to fraudulent criminal platforms. Criminal charges against operators in Burma and Cambodia. Messaging apps getting screwed. Dude, I'm all on board for this. Now listen tldr, you don't have to do anything different, ok? This criminal enterprise targets individuals, not really businesses. These are pig butchering scams. These are, you know, oh, you have a friggin late toll booth fee like, like the, the text messages and the phone calls you get that are scams. That's what this is. And you know I have friends, parents who got compromised. My, literally my aunt Dorothea, who I always bring up. My aunt Dorothea attempted to be compromised but she doesn't own a computer. So the joke was on them like these people suck. And, and to make it even add insult to injury, there's actually a humanitarian crisis going on over there. If you didn't know, here's a little bonus for you. In Cambodia, they actually like lure Vietnamese people into Cambodia with promises of a better life. And, and when they get there, they take their passport away, they stick them in like a dormitory basically. And what they get to do every day is go from the dormitory to a call center and then start committing fraudulent crime. And if they don't steal enough money from victims, they get beaten before being brought back to the dormitory where they get to get up and do it again the next day. So literally the people who are calling you and sending you these text messages, they don't even want to do it. They're being basically it's, it's, it's. Listen, if you think slavery doesn't exist in 2026, you are mistaken. This is one example of it. And for the US to drop this hammer on them. Good. There is a problem going on. I, I love this particular story. Not this story, but what I'm about to show you. Look at this really quickly and then I'll move on because I know I'm like all over the place today. Cambodia. Let me get a better map. Well, if you're looking on stream, I'm showing you a world map of Cambodia. You can see Vietnam is on the right. This is where they're luring victims who just have to like come on over. And then on the top left is Thailand, formerly Siam. I in, in fifth grade I did a project on Thailand so I know that anyway, some of these call centers are like right on the border of Thailand and Cambodia. Check this out. Look at this one. I mean this was more of an FU than it was anything else. But in June of 2025, the country of Thailand actually cut power to like on the border of Cambodia, which resulted in some of these Cambodian call centers losing power and having to go down. So I mean it, it's, it's a funny way of kind of combating this all the. But I'm telling you, it's like a humanitarian crisis. So shout out to the United States. Way to go. The capital of Thailand, Bangkok. So check it out for you personally, there is nothing you're going to do different today because of this story. This is just a feelgood story that criminals are being held accountable and hopefully some humanitarian crisis are being remediated.

B (53:16)

Computer attacks return Researchers at Socket identified a new wave of the glass worm supply chain campaign abusing 73 open VSX extensions designed to appear benign before turning malicious. Through later updates, six extensions have already been activated using loader techniques to fetch and execute hidden payloads that can steal developer credentials, crypto wallets and sensitive environment data. The campaign reflects a shift towards stealthier sleeper tactics with cloned extensions mimicking legitimate tools. Developers should remove affected packages and rotate secrets utilities.

A (53:57)

All right, the power wash is power washing the studio right now. I don't even know what this is. Glass Worms, an ongoing supply chain attack campaign using invisible Unicode characters to hide malicious code. Okay, so check it, check it out now. Where do they, where do they put it? So listen, Unicode, I'm trying to figure out where they do this. The attacker used the same icon as legitimate extension adopted. All right, so there, there's a couple things going on here. Number one, there's a threat actor who is using known Good extensions, like the name of the extension in the icon and logo of the extension, but they're creating something different. So they're trying to exploit, you know, authority and social trust in recognizable names and images. Second of all, they're using Unicode to hide the malware. So if you don't know, like, Unicode, see if I can show you some Unicode. Like Unicode. It looks like this. Like if you ever like, had, you know, a computer take a crap on you and. And like, I mean that proverbially, obviously, like, these Unicode glyphs don't look like anything. So if you put Unicode into, you know, into a. A program or software, it may not even render to the screen in some instances, or a human can't read it, which means they're able to. Hold on. Stop. Don't. You're blowing water all up in this. I know. I. Okay. I got a lot of equipment in here, Craig. I appreciate. Okay. All right then. Then hit it. Yep. All right. All right. All right. Power wash guy has entered the chat. Dude, I have so much. I have so much water in my studio right now. I have a pool in here. And I had to bang on the door to get his attention because I couldn't open the door. He would have blasted directly in here. Holy Jesus Christ. All right, Dude, I. I need. I need an adult in the. Okay, hold on one second.

B (56:59)

Tech supplier Itron discloses attack. Itron disclosed a cybersecurity breach involving unauthorized.

A (57:07)

Again, again, it's AI this is all a.

B (57:12)

Access to its IT systems, but said it has since contained and remediated the incident with no ongoing malicious activity detected. The company reported no impact to customer hosted systems or core operations, which continued without disruption and expects insurance to cover most of the associated costs. Itron is still investigating the scope of the breach and evaluating any required regulatory disclosures, but doesn't currently expect a material business impact.

A (57:42)

All right, hold on. I don't even know what's going on right now. I'm like, got so much going on my head. Let's see. Cyber attack, AKA usc. Discovering Management. Okay, yeah, I am. My shirt is wet right now. My pants are wet. I don't understand. Like, what. So a company I've never heard of, ransomware, etc. I'm just going to skip it for the sake of this story.

B (58:13)

Crypto money launderer given five year sentence bro. California based Evan Tangemon was sentenced to 70 months in prison for laundering millions in stolen cryptocurrency tied to a cyber criminal group known as the Social Engineering Enterprise. Which stole roughly $260 million from victims. Prosecutors say the group used social engineering and physical tactics to target high value crypto holders. While Tangemon helped convert stolen funds into cash and assets, including luxury homes used in operations. He also attempted to cover up the scheme after arrests and is one of nine individuals to plead guilty in this case. The rush to not.

A (58:57)

All right. Money launderer, crypto thieves. We are behind time. I'm, I'm dealing with, you know, business continuity, planning as Zach Hillpoint's IT career. Questions? I just had the inside of my studio. Power washed Fudge. All right. Money launderer for crypto thieves given 5 year sentence. Guess what? Do the crime. Do the time regulators. This guy's 22. Give it up for the youths, man. A lot of enterprising people out there trying to make theirs. I don't think crime should have been the way they go. But, you know, this guy laundered three and a half million dollars. I gotta tell you, if I was, when I was 22, if you asked me to do anything with three and a half million dollars, first thing I would have done is bought a pair of adult diapers because I would crap myself with that kind of money. I wouldn't even know what to do with it. This guy rented and purchased lavish homes from 2023 to 2025. Definitely keeping a low profile. This is like the guy in Good fellas who buys like the Cadillac dummy. Let's see. Criminal enterprise is built on greed. This is what I'm saying, guys. This is the youth. Like, I get it. They're enterprising. They, they, they're looking at like kind of a broken society. They're not seeing opportunities from themselves and they're taking initiative. And it's just they're young, so they make. Their OPSEC is awful. Which is great for us, by the way, because if they had great opsec, we'd be screwed. But we don't. So this guy's getting 70 months in prison and he's going to do seven, three years of supervised release. Okay, Big deal. All right. Yeah, no, this is quite the enterprising group, dude. They took, they really went after crypto. They did their research on these people, they raided his home. They found a 2022 Rolls Royce Ghost valued at more than 300 grand and a black Porsche GT3RS. I gotta tell you what, listen, my son plays Forza 5 Horizon or whatever. If I gave my son my 11 year old 3 1/2 million dollars, he, he probably would buy these cars too. I'M telling you, it's so hot right now that Hansel's so hot right now. All right, guys, I'm gonna have to get going. I'm sorry. I feel like I didn't do a great job with the daily Cyber Threat brief today. There's a lot going on. I did what I could. Stories were kind of not directly relatable to you, driving risk reduction for your business stakeholders, but I do think law enforcement got a lot of W's today. Shout out to the, Shout out to everybody for tidbits Tuesday, letting us know about how you, how you manage that third state of dirty, clean and then not dirty but not clean clothes. The, the quantum physics or the quantum computing of clothing. It's both 0 and 1. I'm Jerry from Simply Cyber. Guys, don't go anywhere because my man Jesse Johnson, AKA the Cosmic Cowboy, is going to be grabbing the cans, throwing them on and answering the calls across the cool waves of the Cyber Career Hotline. This man's got answers. He's killing it. Definitely going to let you know about his slay cert, live streams that have been going on and how you can benefit from that. I'm Jerry from Simply Cyber. Don't go anywhere until next time. Stay secure. I'm Dr. Gerald Osher. This is the Cyber Career Hotline. If you're building a career in cyber security, this show is for you. Let's get into it.

C (62:39)

Good morning, everybody. Or evening, or maybe it's the afternoon. Wherever and however you are, hope you're doing well. Welcome to the Cyber Career Hotline. Coming hot off the heels of that nerd, Dr. Gerald Ozier bringing in the heat, the experience and of course, some good old fashioned live content that is not it is human made. Right? Hashtag human made. And Dr. Jerry Ozier on the coattails of what you said. You did not mislead us in the daily Cyber Threat brief list and we come for you. We come for your insights. We do think stories are helpful and can be beneficial. But in the daily come for the community, right? It's about the camaraderie and hanging out with the doctor and getting to know this cyber landscape a little bit better. Let me know how audio is, how my voice is my voice, my voice. Drop those questions in chat. I think I have a couple mods who like me enough to hang out. Maybe one who is at least willing to drop a questioner though. James and Quiggin. Is this Jesse an AI? No, this the AI would have less, less, less aging. Jerry looks like Crockett And Tubs in that white jacket. Oh man, give me some of that. Give me some of that. Miami Vice Life Kiara Kia Aura Bruising hacks Good to see you Code Bruce Cyrus says audio is silky smooth. Love that I find the through too, Jesse. Definitely. Yeah, yeah, I'm over here. AI in it. Super stoked to get to wear this tool shirt that was gifted to me for my birthday. All right, here comes the questions. Let's go. As I prepare to answer these questions, a little bit about myself. My name is Jesse J aka the Cosmic Cowboy. Got 10 years plus in IT experience. More recently in cyber security, security operations, vulnerability management. I currently work in the MSP space as an engineer. I'm helping companies build some security related security operations programs and things of that nature and it's a blast and I absolutely love this industry. So I'll do my best to answer the questions if I cannot answer them. I have a glorified Googler here on the other side of my life pulled up and we can run it in the glorified Googler and see what we can come up with together or we can do it as a community. Random X Skills asks I'm working on a migration plan to transfer servers from VMware to Hyper V. From a documentation standpoint, what are some musts for your documentation and planning? Good morning. Kathy Chambers, wonderful to see you. I can't wait to see you at Wild West Hacking Festival in South Dakota. Okay, just like a Security plus or a CISP or size of plus. Let's pre read the question. I'm working on a migration plan to start going from VMware, probably because it quadruples in price every year. Thank you Broadcom to Hyper V. From a documentation standpoint, what are the musts I've been in? I've helped do similar migrations like this. Let me think for a moment and then if anybody is in chat that can help answer this question that has some virtualization experience and systems administration that would be willing to throw their advice. I know DJ B sec would be a great resource but he's driving. I would make sure that back up make sure that you're backed up obviously make sure the backups are tested, they're validated to be good known backups. Make sure there's no make sure that the known backups. Are obviously stored in a safe place. You want to. I'm getting add from from chat. Save the equipment up and test at least some of the backups. Keep those questions coming. So yeah, you want to make sure you're Documenting a. Documenting, I guess, the state of your backups, validating that they work where you're putting them, and then obviously taking screenshots with the steps that you did. So that if somebody else, at the end of the day, your documentation wants to reflect a process, here it finally popped in my head. Your documentation wants to reflect a process in which somebody else could come in and recreate your steps. So whatever that means, if there is just like Code Bruce Cyber said, if you document a few hiccups, some things, some considerations for other engineers, but really you want this to be something that is, you got hit by a bus on your way to work Monday morning or you won the lottery. Let's look at it in a positive spin that somebody else, another engineer, could come alongside and recreate that process without a bunch of guesswork. And so it sounds like you've got the experience to, to do the stuff, to do the steps. And so think of yourself as another engineer. What would you want to see? Right? If you were someone's boss was documenting this, what are some things that you want to see? And then it's a silly thing to say, but you could always put it into copilot chatgpt. And I'm not saying you use it for gospel, but use it as an idea, as a framework of some documentation. It can help build, build out a framework for you. It can help build out a bullet point. Some things that you can, that you can have. Of course, asset management is obvious. Making sure that all your asset management is taken care of and squared away in a place that is known and known to others. Right. That's the other thing that I see in the auditors ask questions isn't just, hey, do you do backups? Do you have an EDR solution? It's are there policies and are there procedures that are in a central repository that are accessible to whatever user group needs to see them? Right. So those are things to consider. Inventory first, inventory first. Bruising hacks, dropping the tidbits. Jesse was a musical police officer in her previous life. For those that don't know, yes, I did work in law enforcement as a street cop. I wanted to be a homicide detective, which I'm looking for questions, but that gives me a second to, to wrap, to ramble for a second. I want to be a homicide detective. And one of the things is you need to start off as a street cop very similarly to maybe you want to be an advanced penetration tester, advanced red teamer. And there are plenty of folks who do make that switch into those Positions, maybe with not a ton of experience or a ton of education, being in the right place at the right time, working really hard, things of that nature. For the most part. You got to start off as a street cop. You got to start off as an IT analyst. You got to start off in some role, whether it's at home as a volunteer in an enterprise. You need to start somewhere and then you build those skill sets, do the networking and find out what you want to do in your career. Space Tacos Asking the real questions Question how you been at Jesse J? How's the family? What's next for you? A novel of cyber security tunes Take slay study time Global. Oh, that's a great question. How is myself? I am doing pretty darn well. It's nice to have about three, four months into a new job. So that's been really nice to kind of get an idea of where the bathrooms are in the building, the proverbial building, so to speak. What's next for me? Currently working on a musical project that encompasses 90s and 2000s hard rock and also some alternative experimental jazz craziness. And then I also play music full time. One of the things I'm doing with my career though, is I'm continuing to branch into the teaching space for free. Not don't want to be a content creator. But here I am in preparation for certification exams, namely the size of plus coming up and then at some point the cissp. And I won't forget space tacos. But that's a great segue. I'll let everybody know about a great live study opportunity if they're trying to level up their cyber security career. Cosmic Links what is up Cosmic Cowboy here? Like the name, like the handle. First time, long time viewer, first time caller. Welcome to the channel. Good to hear from you. Why did you burr into cyber security? Why did I go into cyber security? I think is what. So let's rewind. We've got a history of in my careers of some leadership, some operational things. I waited tables for a long time, worked in law enforcement. My degree is actually in criminal justice with an emphasis in law enforcement operations. Want to be a homicide detective and do the nitty gritty. I think I mentioned that that's not how it ended up being. I worked really hard to get into law enforcement and then I realized that maybe law enforcement isn't where I was supposed to be or that maybe my shelf life because I got into it later in life, right. And I had a career of some kind of IT experience throughout most of My jobs if I wasn't the in house, de facto IT guy. I had worked as a endpoint person before, right? And so I took some soul searching and here's the thing that I think a lot of people miss is they're trying to break into the industry. Cyber security, like Jerry said, may not be for you. And I only say that in the sense that it could burn you out. It might be one of those career fields that might not just be for you. And so I took a lot of time to do some soul searching and realized, man, I love it. I love being on the proactive, securing things. I love the security side of things. I love investigations, asking questions. And I wanted to continue to work in a career field that would always challenge me. Obviously, cyber security, information security, tech in general can always provide a challenge for you. And so it was at that point about doing the process, getting the experience, adding to the experience that I already had, putting in the time for home labs, working on resumes, getting into the industry, going to conferences, doing whatever I could, usually free, low cost and believe it or not, paying it forward, paying it back by doing the free live streams and whatnot. And it ended up working to where I'm at now. And so I'm telling you, if a person, if Jesse J. The cosmic Cowboy, can bust in. Granted, I had some IT experience and a little bit of cyber security experience coming into the industry, but believe me, man, if I've seen it before, don't give up. It's a war. It's a game of attrition. GRC guardrail asks a really good question. Hold on a second. I don't want to, want to get these in order. Make sure I'm not missing them in chat either. No reason, no mods. How important is LinkedIn to prospective employers? A resume doesn't seem to be enough anymore. And it feels like we can't share our experience without being enumerated like the way. Yeah, without some oent on yourself. Right. LinkedIn is as important as. Boy, that's a tough question. Because I used to be hot and heavy in LinkedIn and it was really because I use it to build a solid community. I didn't care as much about just meeting people truly for the sake of like, I gotta use, right? I gotta use my way to the top. How can I network and communicate and how can I network with people just so I can get a job? That wasn't my mindset. I wanted to build a community and explore those options. And so LinkedIn worked for me. I don't know that it's necessarily something you have to do in 2026. I think it's helpful. I think that in tech it just, it's like a brand. It's like you can send people to a central landing page where it keeps track of some of your stuff. If you have a LinkedIn and then a medium, a blog or you've got a GitHub repo, something that you're tracking, what you're doing I think is more important. It's important and the reason it's important is because employers are inundated the same way that you feel enumerated. Employers are inundated with applications and resumes of people who all want the same role. And so they need to be somewhat do their due diligence to find out about you before wasting time to interview you. And sometimes that means an ATS scanner, sometimes that means it's not the actual hiring manager, but a hire, but a outsourced company that calls you. Always be prepared. Never stop learning. Like Dr. Ozer says, be the CEO of you even if you already have a job. Continue to get certs, continue to build homelands, home labs and experiment. GRCGuardrail asks how detailed do you make your documentation for internal use? Do you explain each step and assume someone with zero experience in the field following alongside or skip common sense easy things? That's a great question. I'm. I had this conversation yesterday with some stakeholders talking about some incident response planning. So it's internal use. You also want to avoid getting bogged down in things being so granular and step by step that it ends up being this thick and it has so many steps that even if you weren't new, you'd have a hard time kind of following it. I think it's important to have a nice combination of high level things. But then if something seems like it's common sense, you might want to make it a bullet point. Right? Because we know that common sense isn't necessarily common to everybody. We have language barriers, education barriers, you have differences in the way things naming conventions. And so there's a lot of things when someone says common sense isn't common, there's a lot of reasons for things to not be common to people. And so I think it'd be important to put the common sense things in a bullet point. But more than anything, you want to give that high level overview that somebody who with no experience can look and see the basic steps. Screenshots are important. If you're doing screenshots and you know that's that's how I look at documentation. It depends in almost getting the scope of the documentation. Is it supposed is it technical documentation or is it policy? Right, and if it's policy, then it's going to be worded pretty, pretty verbose. You want your policy to be verbose in the sense that it is efficient in what it's explaining. Right. You don't want to be verbose for the sense of being verbose, but you want to make sure that you're covering your CYA in that policy. Kathy Chambers LinkedIn did bring us together. Nick Nick Dowd hey man, it's been a minute. What does social media say about you? Are you positive or negative? I don't I use. I got rid of Instagram about three years ago. I have a Facebook account that's mainly for posting a picture here and there of me playing music. I generally don't post anything with me or my family or anything of that nature. So for me it's kind of. I used to be on social media and I tried to keep it positive just because there's already enough negativity and I've seen an experience of negativity in my life that yeah, I just keep it positive. But I guess my LinkedIn is pretty positive. I'm kind of a mind over matter guy. I think that if you want to put your mind to do something and if you've got the grit, if you have grit, you can do it. Cyber Shinigami asks oh grand risings brother, what is your. Oh, I need to get back to on that question. What is your favorite screenshot tool and why is it greenshot? Very funny. Looking for questions? Oh yes. I hope everybody's doing well. I'll let everybody know. Hey, if you're studying for your cybersecurity exams, if you're looking to level up, maybe you've already taken your Security plus and you're trying to get to that next level in your cybersecurity career. Myself and Ricky Lee, AKA Tech Ricky, are launching Slay Cert plus. It is coming hot off the heels. Last year we I did something, I started something two years called Slay Sec plus where we got on and did live study sessions to help people pass through Security Plus. It was pretty fun, pretty successful, especially for something that was organic and kind of started from nowhere. I'm taking to the next level starting something. We're live streaming every Friday at 5pm Eastern. You're going to hear a lot more from Jerry and myself and probably see some but anyways, Slicer plus this is a super inclusive community based livestream. We're going to up the production and the idea is to help you pass. I'm doing my Size of plus and so that's what we're studying right now. So we're walking you through Size of plus. We're going to do Microsoft certifications and probably cisp, but the idea is to help folks live, study and understand how to conquer certifications. I was a career college student. I've been a teacher's assistant and I've taught professionally and have worked in higher education and so I really enjoyed studying and doing well on exams and I'm really excited to bring some of those. So it doesn't matter what the content is, right? Maybe taking Sizzle plus. Maybe we're taking a Microsoft cert. Maybe WS cert. Outside of the PBQS or the performance based stuff, the labs, the memorization and how to get to the information quickly, there's techniques and strategies. So Friday, 5pm Eastern, go to Slay Cert Plus YouTube or just go to LinkedIn. You can type in Slay SEC plus and it'll redirect you to Slay Cert Plus. Check it out. We're super excited. How am I working with AI right now? Currently I work. Oh, alternatively, or what are you currently finding interesting? Its ability to automate. Honestly, I don't say meaningless, but tasks that I kind of enjoy but don't want to take the time to do them. Building certain things. I do enjoy building dashboards and looking at data points, building visual representations of values and security postures for stakeholders to present to C suites. I really enjoy that. Sometimes the process of doing it, it can be a little bit tedious. And so I really like sanitized data or example data that you get from elsewhere. And I like using that to help build out visualization. Cyberfit Nick. I love the name. I think fitness is huge. Cyberfit Nick. I gave you a shout out on my LinkedIn last month when I passed my SEC Plus. Thank you again. Let's go. That's awesome. Super cool. Yeah, we really enjoy helping folks break into the industry. Simply cyber. That's what we do, right? Had a few folks drop off stream. That's okay. Hope you're having a wonderful day. EW Power bi. Yeah, right? Jay Gold knows. J. Gold knows. Got this mug. Oh, it's reversed but it says. Let me tell you why. That's bs. A coworker on my leadership team gave it for me. When I was a kid. I had excuses a lot of times for not getting things done. And then a mentor middle school give me a good rundown on why excuses are utterly pointless. And so as I got older, I really took that into my professional field. Things happen. Don't get me wrong, I have dropped the ball just like anybody, everybody in life. I'm human. Oh man, we've all dropped the ball. Oh, space tacos, you are way too kind. I wanted to be like Professor Messer, Dr. Jerry Ozier and things of that nature. So looking up to those guys Kitchen Infosec Hopefully I pulled up the right question. Any advice in keeping up the conversations and NETWORKING whilst working 10 to 12 hours and finding myself? Yes, absolutely. Is be kind to yourself. I had this issue because, let's say three years ago I was everywhere, trying to be everywhere on LinkedIn. I really enjoyed it. I was transitioning out of an IT role into more of a security focused role coming out of law enforcement. And so I was just everywhere in the community. I was on every stream. Black Hills, TCM, Dr. Simply Cyber Streams, those three companies. I was on all other streams. I was everywhere on LinkedIn. Then I got a job, then I had kids, then another kid, then I had to commute an hour each way and I couldn't post anymore. I wasn't networking. It was. I found it to be almost debilitating to try to keep up with cyber information because it was just so much. Be kind to yourself a Take things in chunks. Take things in bits. Do what you can. If you can have a tab open that has dark reading or tab open that has hacker news, or set up some kind of automated threat feed that you can peer into, get yourself some routines. You need to build time in your routines for yourself or you cannot do your job funct. You cannot function properly. If you cannot take care of yourself, you cannot take care of others, period. And so it is incredibly important that even if you're working 10 to 12 hours a day, you're doing some kind of pomodoro method where you're working and then you're taking a break, you are taking time to decompress and sometimes the conversations and the networking helps that decompression process, right? And so I think it's incredibly important that you go for a walk, you take your physical fitness and, and your diet as healthy as you can with the parameters that you have. I seem to be a nut. But I'm telling you, if you don't take care of that mental health, even if that means seeing, seeking, professional counseling, someone to talk to for free, Hotlines. Whatever it takes to take care of your mind and take care of your body so that you can do this for the long haul, do it. Because nobody's going to remember you're. Nobody is going to remember the 10 to 12 hour days besides your family and your friends. No one's gonna care. Your boss isn't gonna care when it's all said and done. So take care of yourself now. Take breaks. Take breaks and build in automation. Build in opportunities to learn more so that they're. Make the barrier to entry easy on yourself because I had the exact same struggle. Struggle. Tyler ramsby, Google or YouTube? Tyler ramsby. Oh, I can't remember. And we gotta cut. Kathy Chambers is starting her awesome. Got a premiere coming up, so we don't want to miss that. But if you look on YouTube or LinkedIn, Tyler Ramsby did an awesome post about that. Exact question is, how do you stay plugged in and in the community when you're working and not just give up and say I'm done with cyber, I'm done with all this? Because if you don't take care of yourself, this industry, it, cyber security at the pace that it moves will chew you up and spit you out, guaranteed. Copying this and drop it in chat, boom, probably will work. We're going to pan over Kathy Chambers here in a couple minutes. And you guys are awesome. All 200 of you hanging out with me on this. What is it, a Tuesday morning afternoon evening for some of you. To my friends in India, good evening. I hope you're doing well. My friends in the uk, good afternoon. That's one thing I love about working in a global company is the culture that I get exposed to is, has been, has been very refreshing. Answering one last question. I got 45 seconds, then we are out of here. Can you post your LinkedIn in chat? Let's try it. Let's go, let's go, let's go, let's go, let's go, go. And. No, we gotta cut over. All right, team, you have been, You've been hanging out with Jesse J. AKA the Cosmic Cowboys. We're going to pan over to Kathy Chambers media and as she presents her latest premiere. Thank you so much for hanging out. I'll see you Friday, 5pm Eastern. And I'll probably see you on the panel this Friday afternoon. Remember, Daily Cyber, Simply, Simply Cyber. Daily Threat Brief. I am Jesse J. It's been awesome. I gotta run, I gotta fly. We'll see.