A

All right. Good morning, everybody. Welcome to the party. Today is April 7, 2026. Yes, my voice does sound like that, and I'll ask that you grant me some grace. I've got to get the chat sorted out I've been dealing with just by getting the studio set up while kind of half in it. All right. You get to see how the sausage is made. Ladies and gentlemen, welcome to Simply Cyber's daily Cyber Threat podcast. Over the next hour, we're going to go through the top cyber news stories of the day, and I'll be breaking down each of those stor going beyond the headlines to give you additional insights and value that you wouldn't get from a classroom, a textbook, or really anywhere else. I don't know what I'm going to say. I don't know what stories we're going to go over. I don't research a prep for the show. Ain't nobody got time for that. There we go. Computer, we've got the. We've got the chat working now. Popping. If you're listening on Spotify or on replay, just getting the studio set up just a little bit. There we are, guys. We're off and running. Eight stories, one hour, half a CPE and good times abound. Get comfortable, get. Get your coffee, and let's get ready to cook. Hey, what's up, everybody? Good morning. Now that we're all sorted out and set up, I do want to say hello to Mike Andruzzi, Ad tech, Dream Logic. Mara Levy. It is a Tuesday, which means as soon as I wrap here, I gotta hustle over to the Citadel Military College to educate the next generation of cyber practitioners and intelligence majors on all the good things. Silent Hawk 2000, DJ B is here. What's up, James Aquan at 35,000ft. I do have some emergency Rolas. Not a sponsor, but I will tell you, the Pink Eonia Honey Lemon Echinacea Rolas are officially my spirit animal. I do love these things. Slept like crap last night. If you slept last night like crap, let me know. Dream logic says. What is wrong with your voice, guys? I don't know. I'm sick, I think. Basically feels like I'm gargling thumbtacks right now. But you know what, guys? Hey, this is episode 1105. And honestly, guys, I gotta tell you, this is like. This is what consistency looks like here. Let me just tell you something really quickly, okay? And then I'm gonna get into the intro and all that stuff. Dude, showing up or doing the thing when it's easy is Easy, right? If it was easy, everybody would do the thing. And I'm not just talking about doing a podcast. I'm talking about, you know, building a personal brand or doing a bunch of labs or joining a CTF or, or committing to speak at a conference. Right? It's, it's, it's when things are hard, that's when the, the test of adversity occurs. Right? If it was easy, everybody would do it. Right? It's easy to show up when it's easy. All right, so this is unfortunately one of those days where it's hard. But episode1105 must go on. All right, guys, Every single day of the week, we do the show every single day of the week, Monday through. If you're here for the first time and you're like, oh my God, is this guy Dicky Barrett from the Boss Stones? Oh, yeah, that's a, that's a deep cut. Is this guy Dicky Barrett from the Mighty, Mighty Boss Stones? It could be. Could be. If you don't know who Dicky Barrett is. I, I guess I'm just feeling myself a little bit for the first timers here. I'm sorry, I'm just having a little bit of liberties. This is Dicky Barrett, my favorite Boss Stone song. I'm just gonna let this marinade for a second. Oh, my God. Do you know the Boss Stones guys? If you're here for the first time, drop a hashtag first timer. If you like the Boss Stones, drop a hashtag Boss Stones in chat. As soon as Dicky starts talking, I'll wrap, I'll play it. All right, guys, first timers, hashtag first timer in chat. We have a good time every day and every first timer is welcome. Here we have a special sound effect, special emote. Listen to this guy's voice. Oh, my God, such a good song. Deep cut. It's called Toxic Toast off of the Mighty, Mighty Boss Stone self titled album. It is a good one. All right, let me, let me quit blowing out the copyright here. All right, all right. So first timers, we got you sorted out. Every episode of the Daily Cyber Threat brief is worth half a cp. So what's up? Say it in chat. You'll appear above my head, grab a screenshot, and if you file it away once a year, you can count those screenshots up and divide by two. That's how many CPEs you got. This show can get you up to 120 CPEs per year. Douglas. Douglas is a first timer. Welcome, Douglas squad members. If you can Hook me up with a little love for Douglas in the chat again. Don't get too excited. I'm undoing my top button. Feels like it's choking me out. All right, Douglas. All right, there we go, Douglas. Welcome to the party. All right, we got CP Easter days. We got first timers like Douglas in chat. You guys know how I'm feeling and I'm pushing through. A lot of love for the boss Stones. Jenny Gulette knows what's cracking. Hey, Bebop. 33735. Bebop. Bebop. Not a first timer, but first timer in chat. Guys, I'm gonna say welcome to the party, pal to Bebop. I know it's hard to get to the chat sometimes, but guess what, Bebop, thank you so much for making the effort. Welcome to the party, pal. Dude, I love it. I love this community. Thank you guys for being awesome. I slept like crap last night. I'm a, I'm a pot of coffee in right now and the energy that you give me is unbelievable. I am lit like a candle right now because of you guys. Thank you so very much. Every single day of the week, Douglas, we do something special. Yesterday was simply cyber community member of the week. We recognize Shir Gonzalez. Today is tidbits Tuesday. I share a little bit with you. Kind of like the Boston and and we see if we vibe on it, I don't know what it's going to be. David P. Is in the chat. What's up, David P. Good to see you. He's promoted to management. Congratulations, dude. David P. David is it? Louisville. Feel like David P's in Louisville. All right, guys. Every episode of the daily cyber threat brief, whether it sounds like I'm gargling rusty nails or if I'm straight kicking it like an absolute pele, we have stream sponsors and I want to thank them for being here. Dude. Anti siphon training is disrupting the traditional cyber security training industry by offering high quality, cutting edge education to everyone regardless of financial position. You can go to anti siphon trainings live training calendar right now and be able to see all the upcoming training and I guys, I want to share this with you. Look at this. The absolute truths of cyber security with document Blackburn. This is going to be a bold, non nonsense talk that will reveal the truths of cyber and hard realities. Guys, I tell you all the time, you're going to get the real deal on this show. Simply Cyber's daily cyber threat brief. We don't pull punches. We tell you how it is based on industry. You Know being in the chair and things you won't hear, right. You get a lot of like packaged realities in boot camps and webinars and stuff. This is going to be raw, no fluff, all real, right? Check this out. Go check it out. I just dropped the link in chat register for this. It is this Wednesday, April 8th at noon Eastern time. The anti Siphon community is awesome already and this is going to be value add. I don't care if you're looking to break in, you just broke in or you're a couple years into your career. This is value add. If you're a long time practitioner, you might just do some trauma bonding here with Doc Blackburn. Thank you. Anti Siphon training. I also want to say what's, I also want to say what's up to Flair Flare Cyber Threat Intelligence Platform. I'm a huge fan. I told you guys numerous times. I actually have a post coming out later today about Flare's threat intelligence platform. Guys, threat actors aren't hacking in, they're logging in. That's what's up in 2026. Solar Winds, Snowflake Salesforce. Dude, these were all just compromise creds. Flare Cyber Threat Intelligence Platform is chock full of all the dark web data info stealer logs, Cyber Criminal, Telegram channels. Flare's team goes out and gets it. They don't buy it, they go get it themselves. So it's hot, legit data and then their interface allows you to query it very easily to see if your organization, your end users, are going to be compromised. Just go to simply Cyber IO Flare. You'll see this form right here. The value of this platform is so valuable that they can't let it get into the hands of a threat actor. So they have a verification step before you can do it. I know TJ's in here. I know other people in the community have used Flare and like it. If you have a comment on Flare, what's up? All right. Also want to say what's up to Threat Locker. Threat Locker has been a sponsor for two plus years, maybe three years. Love what they're doing. Love to see that they're increasing, keeping to push the boundary. Zero Threat. I mean, excuse me, Zero Trust application security at the endpoint, they recently moved up into the cloud. Dude, they are going places. I love, I love what Threat Locker is doing. I think the product's great. I think the leadership there is solid. Check it out. Let's hear from Threat Locker and then I'm going to melt your face. Also to Marcus Kyler and all The Detroit Crew, the Michigan people. The up. Congratulations on your win last night. That team was dominant. I want to give some love to the daily Cyber Threat brief sponsor Threat Locker. Do zero day exploits and supply chain attacks. Keep you up at night. Worry no more. You can harden your security with Threat Locker. Worldwide companies like JetBlue Trust Threat Locker to secure their data and keep their business operations flying high. Threat Locker takes a deny by default approach to cybersecurity and provides a full audit of every action allowed or blocked for risk management and compliance. Onboarding and operation is fully supported by their US based Cyber Hero support team. Get a free 30 day trial and learn more about how ThreatLocker can help prevent ransomware and ensure compliance. Visit threatlocker.com DailyCyber. All right everybody, it's that time. Do me a favor Douglas. You are ready for a a good time Douglas. All right, you first timers, you long timers knows what's up. Do me a favor everyone do like Elliot Cadeau and lean back, relax and let's let the cool sounds of the hot news wash over all of us in an awesome wave. I'll see you guys at the mid roll. Let's cook.

B

From the CISO series, it's cybersecurity headlines. These are the cyber security headlines for Tuesday, April 7, 2026. I'm Sarah Lane. Drift says exploit was North Korean intelligence operation A North Korean state linked group apparently spent about six months infiltrating Drift protocol by posing as a legitimate trading firm, building trust through meetings, technical collaboration and depositing more than $1 million before executing a $270 million exploit on April 1. Investigators say the attackers compromised Contributor devices via a malicious test flight app and a vulnerability in VS code cursor letting them secure multisig approvals and drain funds in under a minute. Drift attributed the attack to UNC4736 and warned the operation highlights weaknesses in DeFi's reliance on multisig security against long term identity based infiltration campaigns.

A

This sounds like it should have an infographic. Come on now. Oh, there we are. Oh yeah. Oh yeah. Oh yeah. Don't stop. Keep going. Oh yeah. All right, listen. North Korea steals crypto like China does espionage. Russia does disinformation. North Korea, they're coming for your crypto. Hide your wife, hide your wallet or your digital wallet, right? And this is it. So they send you a fish with a LNK file that has a decoy or a PDF. Looked like it was an lnk, but it's got a PDF in it. Once you run it and run some VB script to set up a task scheduler for persistence mechanisms, very standard issue. Then it runs a PowerShell to go to GitHub for C2. All right, number one, also, it's Kim Suki. I don't know why, but I like Kim Suki. I like that name. Okay. All right, now for me and you. Yeah, you can see here, LNK based infection change from Kim Suki results in the deployment of a python based back door. So a number of things here. Number one, this looks like they're targeting South Korea, right? So for me and you. Yeah, okay, targeting South Korea. So if you are responsible for South Korean operations, South Korean end users, maybe you work in a multinational conglomerate, then you could focus your energy efforts and education to this particular user base. If you're responsible for, I don't know, a transportation business in Houston, Texas, this one doesn't really apply to you. Now I do want to point out that this attack sequence can be leveraged easily to change a target. It could target a, you know, whatever a fintech company out of Mountain View, California. The, the approach and the initial fish would have to change, but it could be done. The infrastructure is the same, but that's not what's happening here. Okay, it makes sense too, right? North Korea stepping on South Korea makes sense. It's a double win. They get money, same language, I'm pretty sure. And you know, South Korea is like partners with the United States. North Korea is not a fan of the US necessarily. So that's what's up, obviously. End user awareness training. How do you prevent this or protect from this? End user awareness training. So they don't click on the things Email security gateway. So they don't receive the things Endpoint detection and response. So when it does run, it prevents it from running and detections in your sim if it does run. Looking for PowerShell running and then opening up network connections to GitHub. Now the final thing I want to tell you guys about this, and I've said this before, is about C2, okay? C2, Charlie 2, right here, C2, you should be absolutely familiar with C2. If I say C2, which is an acronym, right, and you don't know what I'm talking about. Let's get that sorted out. C2 is an acronym for command and control. Command and control is a critical piece of a modern cyber threat actors infrastructure, for lack of a better term or kill chain. Okay, let me show you. All right, can I get something in here? I don't think I Want to do that? All right, I guess this is going to do it. Okay, that's kind of a crappy looking graphic, isn't it, bruh? Can I get a graphic that like, doesn't look like a hot mess Express? For real? All right, I guess this works. All right, so if you're listening on Spotify, I've brought up a very simple graphic. On the left is a laptop infected host. In the middle is a firewall, presumably your network or your organization's firewall. And on the Right it says C2 server. What's missing from this graphic is there should be a further right that has an attacker laptop that's going into the C2 server. When you're a criminal or a nation state and you infect a bunch of machines, this isn't a lab where like you're infected a machine and like you're just sitting on that machine like you would normally do in like a hack the Box or Hack Smarter Lab. It is, you know, a mission, an operation, a crime. And what you end up doing is you have several infected machines and they're reporting into a C2 server, which is a centralized server, to allow a threat actor to, number one, see what assets they have compromised, and number two, be able to send commands to effectively control those things. So this infected host on screen could just be sitting there, infected for days, not really doing anything malicious. And it checks in every 10 minutes, every hour, every 15 seconds, whatever it is. And when the threat actor wants to do something, then the threat actor sends a command and the command sits in a queue. And the next time the host checks in, it will take down that command and pull it. Okay, which means? Which means the request for communication initiates inside the environment from the host, which bypasses the firewall because firewalls will not allow traffic inbound to the organization. But you, you can go on any website you want, right? You can go to GitHub right now from your company asset, you can go on Google Drive, you can go on Twitter, right? Maybe you can't. Maybe there's some policies at work, but for the most part, you can go anywhere that port 443, where encrypted network traffic goes. And threat actors know this. So that's what C2 is. Now the final thing I want to point out is C2, God damn it, my voice. C2 can be done in any way that there is a way for a threat actor to put something on the Internet and for an infected host to reach it. So in the story they're using GitHub right? Which means if you have a stupid project, right, that you control and you have a stupid file named like, you know, fubar and like whatever's in that file is the command. So the, the infected host. Checks in, files empty, do nothing. Checks in, files empty, do nothing, check in. The file has one line that has some type of command or encoded command or number that means a command, it'll run it. You can use C2 with DNS, with Telegram, with GitHub, with web shells, with you know, like more advanced ones like Cobalt Strike. Like you like have their built in C2 infrastructure. You could just have a bulletproof hosted server. You can have a SharePoint forum anywhere. You can stick information as a threat actor and you can have a victim machine. Check it. That's C2. All right. Your favorite Steve, first timer. Welcome to the party. Your favorite Steve. Welcome to the party, pal.

B

GitHub used in multi stage attacks targeting South Korea Researchers at Fortinet for the Guard Labs report that North Korean linked hackers are using Am I, am I

A

like blacked out right now? Didn't we just cover this story? Wasn't this the first story?

B

GitHub as command and control infrastructure in multi stage attacks against South Korean organizations.

A

Oh, I'm sorry. There was two North Korea stories. I got, I got a little ahead of myself, Little over my ski tips there. Whatever. Honestly. You know what, it's the same story. North Korea is doing North Korean things with crypto. I don't have the audio here, but I'm a crypto evangelist. I love it, I love it, I love it. That's a joke. I'm not a crypto evangelist. I think crypto is a scam.

B

Campaign starts with phishing delivered link files that drop decoy PDFs while silently executing PowerShell scripts which profile infected systems, evade analysis and exfiltrate data to attacker controlled GitHub repositories. The activity is tied to the Kim Suki group, pointing toward a broader shift of living off the land techniques that rely on legitimate tools and trusted platforms to maintain persistence and reduce detection. Data leak threatened after D linka attack the Qilin Ransomware Group claimed a cyber attack on Germany's left wing party Die Linke, threatening to steal stolen data if a ransom isn't paid. The party confirmed a serious breach, shut down parts of its IT systems and warned that internal data and employee information could be exposed. Though its membership database wasn't affected, officials worry this reflects a broader pattern of cyber attacks on political institutions with some ransomware operations potentially aligning with Russian geopolitical interests. Russian.

A

All right, so the Chillin Killin Quillin, Peter Quillin, Q I L I N, they are a ransomware threat actor group. I guess they're Russian based. I didn't know that. And they have been around since 2022. They are very effective. They, I mean, geez, like killing victim list. Let's see. You know, apparently ransomware live, this is a website I've never seen before. But the chillin ransomware has 1669 victims first seen October 2022. So I was, I was right on that. 10% of the time they hit their victims with info stealers. And this website's cool, dude. Victim heat map by country computer. Show me more. All right, so while that thing loads, these are quite capable threat actors. And whether I'm attacking you and getting paid or I'm attacking you for ideologically motivated incentive, it's the same skill. Remember, threat actors are going to attack. Cybercrime is cybercrime. And it's just what is the action on objective that makes it the category it is. Right? The action on objective. Is it to disrupt and terrorize, Is it to steal money, Is it to expose injustice? Like what is the action on objective? Because whether I'm trying to expose fraud or I'm trying to steal money, it's the same attack, right? Now remember, the Russian government typically allows Russian cyber criminal threat actors to operate without a lot of intervention as long as they're not attacking Russian businesses or Russian government. And if they, you know, wink, wink, nod, nod, do a solid for the Russian government, even better, right? So to me, I don't know if the killing ransomware Chillin ransomware is ideologically motivated and they're taking action against this German Democrat Socialist political party or if they've been given a little bit of a manila envelope with a target and said, hey, do us a solid, knock these guys out. I don't know. Basically the threat actors got in and they have internal organizational data, personal information belonging to employees at the headquarters. I mean, okay, Obviously this is, this is designed to terrorize people of a certain political affiliation. I don't know if it'll work or not. I mean, a lot of people who are associated with political affiliations aren't super shy about letting people know what their political affiliations are, especially if they work at the German Democrat Socialist political party headquarters. Like you would think that they would be quite open and proud about it. Ransomware live. Darren Reardon is saying that this website is sick. I just found it for the first Time. I like it. And you could see the chilling ransomware. I. I just want to point a couple things out really quickly. Number one, you'll notice that the United States is the highest attacked victim country of the chillin ransomware. You'll also notice Russia has no attacks. Same with a lot of like former Soviet Union countries that are not western aligned. Now, of course, you'll see Ukraine's got some Scandinavia, European Union. Little surprised to see China in here. Lots of South America. So this is what's up. Cool website Ransomware live. Thanks. I'm going to share this with everybody.

B

Crypto payments expand into Africa. On the topic of geopolitical interests, a sanctioned Russian crypto network called A7 is expanding into Africa with reported offices in Nigeria and Zimbabwe as part of Russia's effort to build alternative payment rails outside Western systems. Founded by Elon Sor and backed by a Russian Defense linked bank, A7 uses tools like space stablecoins and promissory notes to keep ruble based trade flowing despite sanctions. Analysts say the move aligns with Russia's broader geopolitical push into Africa, though the network's actual footprint and usage is unclear.

A

All right, all right, all right, all right. So Russia's moving crypto in Africa. I guess Today is Tuesday, April 7th. Crypto, Justin, crypto. Is today like a special day in the crypto world? Is today the day that Nakamoto or whatever the guy's name is, the guy who invented Bitcoin, was this like his anniversary or something? Shimitsu, who's the guy who invented Bitcoin? One second. Bitcoin creator, Satoshi Nakamoto. I was right. I think I said Nakamoto. All right, so Russia is expanding into Africa. Guys, I'm gonna spend like all of about 5 seconds on this story. Africa is like, listen, this is slightly uninformed. Okay? So I'm gonna put a tinfoil hat on. Okay? Colonialism back in the, you know, 1500s, 1400s, 1500s, you know, it was a land grab. European countries, Portugal, Spain, France, the Dutch, the English. At some point, the East India Trading Company, which was. Which was like almost more powerful than a lot of countries. They basically went around the world and just like colonized, right? This colonized is like such a classy word. And what they did was absolute atrocious. Like, in my opinion, in 2026, like Africa, while it's got a lot of development, it's still a pretty massively untapped resource as far as like first world nation state powers go. We are seeing China push in with the Belt and Road initiative. And to me, Russia is just getting on the train. Like hooking a caboose to the back of the China, you know, bullet train or what. I know that's Japan, but you know what I'm saying, like just hooking on and going for it. So I don't know what you want to do. Like, there you go. Like there's not, there's no story here. This is absolutely not a cyber security story. All right, Wait, hold on there.

B

Huge thanks to our sponsor Vanta. Risk and regulation are ramping up and customers expect proof of security just to do business. Vanta's automation brings compliance, risk and customer Trust together on one AI powered platform. So whether you're prepping for a Sock2 or running an enterprise GRC program, Vantech keeps you secure and keeps your deals moving. Learn more advanta.com CISO all right, here we go.

A

All right, all right, all right. Hey, we are at the mid roll, I guess. Thanks for the crypto stories. It allowed us to fast track guys. Thanks to the stream sponsors Threat locker, anti siphon and flare for allowing BR to bring this show. Thank you. Hey, thank you. Simply Cyber community. I know it can be rough with the ad reads at the beginning. I, I've done the show for years. Many of you have been here for years. I could sprinkle the ad reads throughout the show. I just find knocking them out at the beginning, getting them in the front of the show, sponsors like that, we can focus on the show afterwards. You guys like that? So that's what's up. I am deploying my first Ricola. Deployed. All right, guys, I want to say thanks all you all. I hope you're having a good show. Douglas, let us know how we're handling the show. Every single day of the week has a special segment and Tuesdays is Tidbits Tuesday. Hey, Zach Hill, IT career questions. Welcome to the party, Zach. All right guys, what do I got? What do we have for Tidbits Tuesday? All right, I got a couple things for you guys. Number one, as far as getting sick, listen, we all get sick. It sucks. I. I have a sore throat. I had a tough time going to bed last night. As far as my like remedies go or whatever you want to call it. What do you do when you got a sore throat? Maybe you think you're getting sick. I'm basically a slug dayquil kind of guy and just eat a bunch of ricolas. That's my, that's my jam. I will drink like the ginger honey Lemon teas. I don't know if they do anything. It just sucks getting sick socks. No one's into it. I am going for a run today. Oh. So number one, what do you do with that? Number two, I'm excited, guys. I have started running again. I don't know if you're a runner in chat or not. I still have yet to like get back to runners High, which if you guys don't know what the runner's highest. For me, it manifests by from my neck down is on autopilot and from my neck up is basically like chilling on a couch. So I'm just like running, running, running, but I'm like chilling. I'm wearing running clothes right now. You can see like, I don't know if you can see it, but like I've got like a runner top on. I'm running running shorts under my pants right now. I go to the Citadel and then like a tracksuit. Like I'm a. I'm a six man on Michigan's championship team. Last night I rip ripped the tearaways off and then I boogie downtown. I don't know. So there's two tidbits for you. Devin Grady's giving us the Low country, the the Southern solution. Brandy, I also want to remind everybody, just so everybody remembers, we've got Kathy Chambers Authentically Cyber podcast coming up at 9:30am and cyber mentor hotline coming at 9am but right now, let's get our LA LA LA LA's on Douglas. Just say la.

C

La.

A

Yeah. I will tell you, I'm well aware that at some point my body will give out. I'll. I'll have to stop running. Oh, one other thing that's not going to be in today's news because CISO series is always a bit slow. Open claws officially like dead. I don't know if you saw this yesterday, but basically Anthropic came out and said they're not going to let people use Open Claw API calls unless you pay extra, which is going to effectively kill it. I was. My Karn instance was already dead. I'm going to spin up my own LLM locally and use it, but for the most part, Open Claw the experiment. All right, let's finish strong, y'.

B

All. Microsoft links Medusa affiliate to attacks Microsoft says a China linked cybercrime group known as Storm 1175 is carrying out rapid ransomware attacks by exploiting both zero day and recently disclosed vulnerabilities, sometimes within days or even before patches are released. The group chains multiple exploits, steals credentials disables defenses and deploys Medusa ransomware within as little as 24 hours, targeting sectors including healthcare, education and finance across the U.S. the UK and Australia. Microsoft notes the group has used more than 16 vulnerabilities across widely used enterprise software.

A

I am surprised, I am surprised that Medusa ransomware is a Chinese based threat actor. Oh my, what have we here? I, I, I don't believe Medusa is a Chinese based threat actor. I just, I mean, I mean Microsoft is a pretty legit company. They have a lot of practitioners over there. So for me to like say it's not true is I better be really confident about that. But just like m, like just think about how China operates, okay? And I know you know there's a billion citizens over there and I'm applying all of them to like the way they run their country. But like Medusa attacked the Minneapolis school district a few years ago and they made like a 45 minute video showing themselves hacking it. Like that is not really kind of like nation state level capability. Like, yeah, nation state could make the video, but it just doesn't fall into the ttps of a nation state. Steve Young probably remembers what I'm talking about. I'll just show you Medusa Minneapolis School District. Yeah, look at this. May 10, 2023. Okay. Medusa claims it a 51 minute video showing the, a 51 minute video showing the depth of the attack and what they stole was posted Tuesday Minneapolis Public Schools MP4. I'm not making this up. Like this alone to me doesn't scream nation state backed threat actor. Call me crazy, just don't call me late for dinner. All right? All right, so let's look at their ttps. I will say that Medusa ransomware, I haven't seen much of them in a minute, but they are legit. So let's look at this really quickly. We do see the, this is kind of the cyber kill chain, but also mapped to Miter attack frameworks, naming conventions. If you don't know what Miter Attack is, it's absolutely a solid resource, bruh. You should absolutely know Miter attack. Okay, this isn't even like a nice to have. This is like, you should know what Miter Attack is. Okay, so here's Miter attack. By the way, if you can just like casually bust out Miter attack in a job interview, you know what you're gonna see. Hold on one second, my guy. Okay. If you were to bust out a job at a job interview, Miter attack, the person interviewing you would absolutely be like oh my God, this looks like crap. It would be this. You had my curiosity, now you have my attention. Okay, all right, so let's look at their actual kill chain. Initial access for your end day or zero day exploit. So a lot of, a lot of modern threat actors are just logging in. I told you this during the flare read. This particular threat actor is technically exploiting things, which is, which is not good for us. I mean obviously you got to patch it. Ah, you gotta patch it. But once they get in, they create a new user in the admin group so they can have permissions and you can't really stop them. Then they create a web shell so they can get a remote management tool. They're using any desk or remote desktop or go anywhere. They're using a over the counter remote management solution. To me that's like, you know, not super sophisticated. Then they use lull bins to run discovery commands. Now LOL bins. LOL bins. Living off the land. Living off the land is great. I'll just share this resource with you guys. Outlaw bins. You should absolutely know what law bins is Living off the land. Binary script and libraries. Listen, if I hack into your machine and I pull down my own tools, those tools are going to be written to disk and they're going to cause EDR to flag. If I'm using binaries that come standard with Windows operating system or Mac OS or Linux, they're going to hide right there. They're, they're, they're signed by Microsoft. They're not going to flag EDR unless you've got like really good detections for behavior base, right? And you could see the rest here. For the sake of time, I won't spend much more time. Here's what I would say. Be, be mindful of this. Two things. One, you could see that for credential access they're actually using mimikats. Mimikats, your EDR solutions. There's no reason to run mimikats unless you're a threat actor. Okay? So you should flag on mimikats right away. Number two, and this is just something that stands out as very weird to me. And if you're listening on audio, we're looking at Storm 1175's kill chain, bruh. Here's what's very weird to me, guy. Under persistence they deliver a remote management tool like Go anywhere and then they use Living off the land binaries. Like I don't know man. Like if you're gonna, if you're going to install your own fat client Remote management tool. What's the point of living off the land? You already are bringing down a freaking application. You know what I mean? It just seems, I don't know, it just seems like silly to me. Like, what would be an analogy of this? This is like, I don't know. I, I, I don't have an analogy. But it, it's, it just seems weird to me. Like they're going to like blow up their own operational security by bringing down a remote management application and then immediately be, be discreet by using living off the land binaries. My guy, you've already, you know, I don't know, it's like cropping your pants and changing your shirt. Like, what are you doing? Like, it doesn't Clever poor and US

B

warn of latest Fortinet bug US and Singapore authorities are warning that the critical vulnerability in Fortinet support a client EMS that we covered in Monday's show.

A

Yeah. Thank you, Kyle. Kyle. There are native living off the land remote management solutions you can use like Quick Assist, RDP and others. There's even some clever ones for remote reverse shells. Right.

B

Is being actively exploited after its disclosure by researchers at defused. The flaw rated 9.1 out of 10. Is widely used across government networks, prompting CISA to order rapid patching and mitigation to prevent compromise. Researchers say exploitation began almost immediately and may have intensified during the latest holiday window stalkerware.

A

All right, Real Bilbo. Real Bilbo is our official Fortinet, you know, firing squad person. All right, so listen, threat actors out there. As CESA has told us in the last couple days, CISA issued that all federal agencies had a patch by, I think Thursday this week. This is for the Fortinet endpoint management tool. I told you guys, when a vulnerability comes out, there is a temporal value of how long between exploitation. In the modern day of AI tooling, we can go from discovery to working exploit very quickly because guess what? Shall we play a game? AI is good at what it does, which means you have to be great at what you do. Ah, you got a Patrick. What I would recommend you guys do. Obviously, if you're running Fortinet, Ems, you better change your pants and then go get this sorted out. But if you're not running Fortinet, what I recommend, okay, this is an investment in your information security program. What I recommend. Take this story and take other. Hold on this. There's other stories too. Using AI to develop. Develop exploit. Oh my God. Exploit Quickly after cve. Check this out. Okay, look at this. Just two random stories. I Found. Okay, Again, I don't research or prep for the show. Ain't nobody got time for that. This is from March 2026. March 16th, a couple weeks ago. Attackers are exploiting AI faster than offenders. Okay? Exploiting AI, not compromising AI. Using AI to write exploits. Agents automate CVE vulnerability research. Okay? Use these stories to convey to your IT counterparts that the days of, like, patch windows and you'll get to it. When you get to it, those days are gone if you enjoy not getting ramroded by a threat actor. Now, do not use fear, uncertainty, and doubt. This is not the time to pull that club out of your golf bag. Trust me. The fear, uncertainty, doubt golf club is great, but when you hit the golf ball with the. With that club, that the head explodes on it, meaning you can't just keep reusing it, right? It loses its effectiveness. This is one just to kind of begin to set the stage for your IT counterparts that the. The time between publication of vulnerability and active exploitation is getting shorter and shorter and shorter, which means we need to rethink our philosophy and our approach to vulnerability management. Okay? That's what this is, guys. It's not 1997 anymore. Although I loved the 90s, right? I'm a big fan of the 90s. I was listening to some. I was listening to some Hootie, Hootie and the Blowfish yesterday. I'm not even joking, okay? The Cracked Rear View album, let's be real. Okay, we're not listening to any of that other stuff. Your 1990s style vulnerability management program, your patches, once a month, once a quarter, whatever, as time allows. It's just not going to cut it anymore. All right? So use this to lay that foundation

B

receives no jail time. A US court sentenced Brian Fleming, founder of stalkerware firm PC Tattletale, to no prison time beyond one day served and a $5,000 fine after he pleaded guilty to distributing surveillance software designed to secretly monitor victims. Prosecutors say the app was marketed for spying on others without consent, despite nominal legal disclaimers. Following a Homeland Security investigations probe into more than 100 stalkerware companies. The case marks the first US conviction of a stalkerware maker since 2014 and could signal more enforcement, though prosecutions remain rare. Google.

A

All right, so this is a precedent setting situation. Oh, yeah, there we go. All right, so stalkerware, this is a software you install on someone's computer unbeknownst to them. Otherwise, it's just kind of like monitoring software, right? The.

B

The.

A

Just like malware and software, it's the intent that determines the, the name of it. Okay, this guy, not my guy, this guy, he wrote software so you can spy on your spouse. Literally marketed as sp. Catching a spouse. You're worried about if you don't think they're being honest. My guy. If you're installing spyware on your spouse's thing because you don't think they're being honest, you've got foundational issues in your relationship. Okay, but whatever, let's just continue on. This guy was given no jail time, which means it's a precedent setting issue. The guy pled guilty and had to pay five grand. How much money did he make off this? Hold on. This, this guy must have made an boatload of money. Hold on. How much money did PC Tattle Tale make? Oh my God. Okay, a stalking app. 1.2 million dollar McComb mansion. Lead feds to PC Tattletail. So the guy owned a 1.2 million dollar home. That's not how much money it made. It's just. He could afford that. Come on, come on. How much did this guy make? I can't see it quickly. Trust me, this guy made money for days. Okay, I don't know who his legal team was, but I must have had like Johnny Cochran or something or Shapiro, you know, I mean, because dude, the guy had to pay five grand and serve no more jail time. I don't know if he's been in jail since 2014, but it is what it is. I guess I will say this. This gets into a shady area. I would love to talk to a lawyer about this. If I make a piece of software that can do this spying, but I don't install it anywhere. And you install it. Am I committing a crime or are you committing a crime by unauthorized access? Right. I also want to point out, I point. I, I, I share this with my cadets at the Citadel military college all the time. Dude, I have stalker wear. I have spyware installed on my kids devices right now. I could pull up my phone and see exactly where my children are. I don't think like. And here's the difference. My kids know that that software is running on their device. That's part of the the deal of them having that device and it's used for safety. Post Covid. A lot of employers were installing employee monitoring software on their employee workstations. It's it. That's a stipulation of employment of that company. Is, is it wrong? Is it ridiculous? In my opinion, yeah. But it's still not a problem. This is installing it on someone else's device. Without their permission, without their knowledge, without. With the explicit intent of compromising their confidentiality. Okay, I can't believe this guy got no jail time. Honestly. Spy wear, stalker wear, it's out there. And there are tons of other ones. Obviously this guy could have probably had all sorts of legal things saying like, you know, move forward at your own, at your own discretion. We don't make any, we don't, you know, do all these things. But guys, if it's being marketed, it's fine on your spouse. That's what it is. Okay. I think it's deplorable.

B

Mind maps Web attacks against AI agents

A

by the way, by the way really quickly it's being marketed as spying on your spouse. At least that's a relationship like this can obviously be used to spy on someone who has no friggin idea who you are and you're just like unhealthily unhealthy, like desire them, right? Stalker. I mean like the friggin term stalker itself is in the name, right? People who are like oh I'm in love with you and like you have no idea who I am. Right.

B

Google DeepMind researchers identified a new class of AI agent traps where malicious web content manipulates autonomous AI agents into leaking data, spreading misinformation or executing unintended actions. The team outlined six attack categories including hidden prompt injections, semantic manipulation, memory poisoning and system level coordination attacks that exploit how agents process content and follow instructions. The research highlights growing risks in agentic AI systems and calls for stronger defenses like model hardening, runtime protections and standardized security frameworks to mitigate emerging threats.

A

Yeah, quantity guys. The more we understand about AI, the more you know. So AI is non deterministic, right? You, you tell it like what you know, give me an ice cream flavor and it says vanilla. Then you say give me an ice cream flavor and it gives you chocolate, right? It's non deterministic in that way but the way it approaches things though, it's, it's it, I guess it's approach, it's standard procedures etc, the outputs change non deterministically but its approach to solving problems and stuff is known. And once you start identifying and enumerating consistent patterns and behaviors, just like a threat actor or a security researcher, you, you can then begin to manipulate and attack those things. This is no different than attacking any process ever. And remember, if you want to be a security researcher or next level hacksaw, whatever, there's only three things you can hack. All right? Spoiler alert. You can only hack three things you can attack people, I. E. Social engineering, you can hack technology I.e. 0 days misconfigurations, etc. Default creds. And you want to guess you can attack process, humans, tech and process. That's it. That's it. And this right here is an example of attacking the process. Because once you understand how the AI is going to read a web page and do the things you, you can make it do whatever you want. Like a perfect example of this, A perfect example of this, if you're looking for like a visible example is the, the waymos, right? There's been numerous examples. Waymos are like these self driving cars, you see them in San Francisco and Austin, Texas. But people have realized that they can screw with these waymos. Real Bilbo does this all the time, right? And if you order of a bunch of them to the same spot and I wouldn't do this myself but if you order a bunch of them to the same spot, you could see here, they get confused and then like they basically can't get out of what they're doing. They're all bumping into each other. And basically you've crashed the Waymo system because you've abused the process of, you know that if you put in a certain destination they'll go there. You know, if it sees a human in front of you, it'll stop all these things, right? So people are doing this to attack the, the process and threat actors are doing this too. Like this, this story alone is why I did not give my Open Claw instance the ability to go well, I gave it the ability to scrape websites and stuff but I didn't give it access to email documents, my internal infrastructure because I was aware of this. You should be aware of this too. And I just want to point out this is a fascinating area of research right now if you're looking to stand out or learn more about AI but, but be able to build a personal brand. If this gets you excited, don't do this if it's not exciting to you, but this is a huge emerging area where you could have a significant impact. And don't think oh like I'm not good enough or I'm not big enough. Like dude, just start working also I agree, I, I, this might get me cancelled by some people. I'm not a fan of RFK Jr. So the fact that I sound like him right now pisses me off. Just FYI. I'll just throw that out there. Okay, I sound like a, I sound like a rasping ghoul, like Ebenezer okay, let's cook. All right, all right, all right. I really wish that my clawed instance was working, guys. We did a whole show. Thank you very much. And I, I'm grateful that you guys were all super chill with my voice. It'll probably be crappy for another couple days, but it is what it is. The show must go on. I am super excited that we are going to be doing a show right after this. Guys, let me tell you what the new show name is. Okay? I think I'm gonna go with this one. Cyber Career Hotline. Jesse Johnson will have to let me know. Guys, let me tell you what's up. Listen, Cyber Career Hotline is coming up in a minute. It's a live 30 minute AMA show where you, the cyber security community brings real career questions and gets straight answers from people who have actually done the work. No scripts, no corporate speak, just you, a live audience and a chat full of people who need what you know. I am super pumped to be sharing Jesse Johnson, AKA the Cosmic Cowboy. On today's episode of Cyber Career Hotline. We'll be getting the, the graphics package, we'll be doing all that. It's gonna have a 90s vibe, very much like a love line hotline. All right, I leave you in the very capable hands of my friend Jesse Johnson. Ladies and gentlemen, until next time, stay secure. Ever wonder what it takes to break into cyber security? Join us every weekday for jawjacking, where industry experts answer your burning questions about the cyber security field live, unfinished, filtered and totally free. Let's level up together. It's time for some jawjacking.

C

Yo, yo, yo. Ladies and gentlemen, welcome to our Cyber Career Hotline. My name is Jesse J, AKA the Cosmic Cowboy. And I'm coming hot off the heels of that nerd, Dr. Gerald Oer, who is kind enough to host the Simply Cyber Daily Cyber Threat Brief, keeping you updated on the upcoming incoming cyber threats. What is everybody doing? I hope everybody's doing well. It's good to see everybody out there. It's been a minute since I've been on Jerry. Have a wonderful day. We'll talk to you on the flip side. I worked for a short time in radio as a disc jockey and so I like the idea of the Cyber Career Hotline. The phone lines are open. Give us a call, 1-800-555-4-4343. And let us know your Cyber career question. Again, phone lines are open. We'll be here for the next 30 minutes asking your questions. Try something like that cyber risk witch Mara Levy. Kathy Chambers Media what is up? Why is Question why is Kathy Chambers your favorite person? Answer because she knows how to bring joy and light up a room and she always just is on the stoke and I love it. The hype is real with Kathy Marcus Kyler and Chat. What is going on? I see a lot of good friends and family in our building here. Remind everybody at 9:30 sharp. Authentically cyber with Kathy Chambers. Going to be a stellar podcast that you don't want to miss. Grab some more insight. I'm catching up on chat. Remember folks, I've been in the trenches for the last oh man, it feels like six months. And so getting back to live streaming, I feel like it's like riding a bike again or playing an instrument. So you got to find your way through it. Cyrus Shinigami asks tell us about the evolution of SlaySec to slay Siza plus, which I've been battling with the title. So upcoming, coming this month, if not this week, next week. Tech Ricky and I many of you know Tech Ricky in the cybersecurity community. You've maybe you met him at some conferences or something like that. Him and I are going to be taking Slate Security plus, which we did if you're brand new to Simply Cyber for the last two years. About a year ago we did live streaming Security plus, studying right? With a live audience, live pro practice questions and we had a really good response, a good turnout, kind of fizzled out. I got my SEC plus, we had quite a few people go through the class, get their Security plus and then my life changed with my job. I moved homes and so streaming changed, right? And the idea with streaming is you want to be consistent. You want to put out a good product and just be consistent for your audience, have good audio and put out a product. So let me know how my voice is. By the way, talk to Tech Ricky and I said hey, I need to get my size of plus just because I want to have it. And he said I want to get mine too. And so we agreed that we're going to be launching Slay Size of Plus. If you have a better name idea, please drop that in chat. It's going to be on the same premise. Live studio audience, we're going to have live practice questions, special guests, industry leaders, conversations, and so that's going to be moving forward. Super Fun Epicness, Soul Shine, C2Soul Soulshine Command and Control asks what's a good GRC engineering course? Now the way I see it, the GRC engineering moniker is relatively new. It's A relatively novel approach to GRC off the top of my head and maybe in chat you can find one or name one. I don't know of any GRC engineering courses off the top of my hands. Dr. Jerry Ozer the Simply Cyber Academy have their GRC analyst masterclass which is a great opportunity to get hands on experience in the GRC world. GRC engineering and I know we if we go back we had somebody may remember we had a simply simply Cyber Firesides chat and the gentleman's name is escaping me but he did GRC engineering. He primarily worked worked in AWS infrastructure but go back YouTube, Google it up simply cyber GRC engineering that would be the first place I would start. Dr. Jerry Ozier with his many years of GRC experience that would be the very first place I would start is the Simply Cyber channel and jump in Discord if you haven't already jump in the Simply Cyber Discord and put in there. Hey, I'm looking for a good GRC engineering course. I know it's a relative up and coming field. Do you have any ideas a place that you could point me? And more than likely there's going to be somebody in our community who is more than happy to help you get where you need to go and find a good GRC engineering course. AJ Yawn thank you. Kimberly can fix it and thank you. Thank you crinkle security AJ. AJ yawn just released courses and a cert for GRC engineering. So there you go. Angular 777 question Jesse. A better name might be to how to hack the size of plus. Just saying. That's a great idea. I appreciate the input. And so one of the things with the slay SIZA plus and the Slay Security plus is we do break down the concepts, we go through the exam objectives but at the end of the day one of the things that you're going to gain from going through that is the ability to approach multiple choice questions mainly in the Comptia realm. Shortly after signs of Plethora tech, Ricky and I are going to do some kind of OR with DJ B Sec possibly like a slay CISSP type thing after that. But the idea is to help you pass the test. All. All multiple choice tests. Right. So a kind of a holistic approach. Not just size of plus or SEC plus, although that will be our focus. Tony Parrish 2801 I'm a graduate of Slay SEC Plus. Go Jesse. Hey, thanks. Tony Parish. Good to see you. You were there at the beginning. I'm getting compliments on sound. They say sound is good. Hey Marcus, Kyler, have a wonderful day, safe travels and hope you have a blessed work day and you don't lose it with too many co workers. I like that FedEx cert slay. The slay word started to I had been saying slay for a long time just because I say goofy things. And then all of a sudden like my little sister was saying it and I had a few people on the you on YouTube comment and say slice security plus. Sounds like a Tick Tockers version or something like that. Let's slay SlaySec. I think it's cool because you're going to slay it like a dragon. That's how it was my head. I was like, you're going to slay this dragon. Most people aren't. Really. Don't like exams. Who does? And so there's this. It's like a beast, right? A dragon. And so that's why we got the moniker Slay Security Plus. Questions. What kind of questions you got for me? That's what we're here for. Ama. You can. I'm a mid level or a mid career IT and IT Security cybersecurity professional. So what I can answer. Lay it on me and we'll go from there. If not, we'll find somebody in the community and go from there. Super excited to be here with everyone though. This is giving me the the feels, the live stream feels. Don't want to forget to remind anybody if you were in class or if you were paying attention to the podcast for Dr. Jerry Ozier's daily cyber threat brief. That is worth 1/2 CPE if you didn't catch it at the beginning. And maybe you didn't get a chance to chat in the live stream. Especially with ISE too. If you get certain cybersecurity certifications, let's say you get the cissp. You need to maintain a certain level of ongoing training to prove that you can still do the work, so to speak.

A

Right.

C

That you're still bringing in knowledge, you're still honing your skill sets, sharpening your tools. You get CPEs. These credits go towards your recertification process. Daily Cyber Threat brief is worth 1/2 CPE. You save up a year of those, put them in a file folder, turn those in, and then you get some credit. Carrie, good to see you. Question. Marcus gave me the title as legacy tech guy. How can I take this and find companies that need help? Course that need help. Because I would have to do that where I live. Well, Carrie, you've definitely stumbled or I wouldn't say stumbled. You've made yourself. You know how they say luck favors, you know, timing? I think you put yourself in a really good place, right, because there is a lot of legacy tech out there. Even in multi million dollar corporations, we still see a lot of legacy tech. And in the small, in medium, the mom and pop shops, we see legacy tech and there's nobody there to manage it. This is probably going to sound like a dead horse, but it's going to rely on your network. So continuing to get yourself out there with this idea, contribute to meaningful topics on LinkedIn that maybe resolve around legacy tech. Maybe if you see an article around patching legacy tech or the some of the troubleshooting and some of the issues that go with having legacy tech in your environment, add a meaningful comment, find somebody within that space, link up with them and then start trading ideas back and forth just like you do with Marcus Kyler. And before you know it, which is kind of how we did Slate Security. Plus I had an idea, bounced it back, want to do volunteer work to get myself planted, you know, in the cybersecurity community. And then that kind of grew organically from there. Which brings me to another idea, Carrie, is you could do some volunteer work. I know you said you have to do it from home. If you could commute to a couple churches or local places in your area and I'm sure you maybe have already tried this and say, hi, I'm the local, I'm the legacy tech guy. Have a spiel, have a package. Present something that has value. Maybe it's a portfolio, maybe it's just a quick snapshot that you can give somebody of some of the work you've done so they can say, oh, I have, I have familiarity with those issues. Maybe this person can help me. They can bring value to my legacy tech organization. Angular 777. How can I break into cyber if my company is downsizing? Asking for others, how can I break into my company? Okay, this is going to go back to Another quip that Dr. Jerry says you have to be the CEO of you and that's probably what you've been doing. And so your company is downsizing, which to me is always like the ship is starting to sink, I need to get off of this ship. Maybe that means a different department, maybe that means another company. Make yourself downsizable.

A

Proof.

C

Find areas of your business. Talk to the business, the managers and the department heads and managers. Find areas where you can provide value within the company that if they Were to downsize, they go well, we would have gotten rid of angular 777. But really, he contributes in these so many different facets of the company, we can't let him go. And in fact, he's been really hanging around the cyber area. He's been doing this work. Maybe we can find a position or open one up. If not, you know, at the same time, hold your cards close. You always want to have your cards open on the table. I would consider maybe consistently upgrading your life. Right? Looking for other options, looking for other places. Because if the company downsize, that tells me that there's a reason for it. Whether it's outsourcing jobs to artificial intelligence, whether it is a reduction in financial income, maybe the business is tanking, so they're going to downsize. What is the reason for the downsizing? So take those into consideration and continue the good work, the networking, the home labbing, all the things that we do to break into the industry. Let's scroll back. Bear with me. I see some from homies. I'll hit you up. Tech grunt and FedEx out of band about some of the those titles. Rittenhouse question. I need to learn how to manage my time better. If you have any tips on that. I work for an msp, but I am the only cyber person. Hard to manage cyber alone, let alone regular MSP roles. I know folks in chat are going to probably have some good ideas around time management. I think, in any of these fields, being able to prioritize your time because it's the one thing you can't get back. Right? This is how it goes.

A

This is.

C

I feel like a.

A

An old man up here on my soapbox.

C

If you're 15 minutes early. If you're 15 minutes early, you're on time. If you're on time, you're late. And if you're late, you're telling somebody else, my life and my time is more important than yours. Right? So time is the only commodity, really, that you can't get back. It's life. It's not money. It's life. That's. That's right. That's it. And so, first of all, Rittenhouse, I would find things that already work for you. Find, what people tend to do is they think, I need to be better at time management. And then they get excited and they spend hundreds of dollars on time management and productivity tools that they never use. They'll use them for maybe two days of learning how to use the tool. They'll take about, you know, a half a page of notes and then the tools never get used again. So find something that is cons that you can make a consistent thing for. You block time in your calendar. I work for an embassy but I'm also the cyber person. How to manage cyber alone and then prioritize. Put things into the procrastination funnel, right? So you have all these tasks you got to do in a day, then you start putting them into a funnel. Well, is it a priority? Yes or no? If then right. If it's not a priority, is it something that can be done at the end of the day? If yes, you can put it in a stack up here of end of the day tasks. If no, then it moves, right? So you funnel all of your priorities into a tier of some kind. Is it something that is business critical? Is it an alert that I have to take care of now to triage, to escalate? If yes, then that obviously goes now. And it's so easy to become wrapped up with just busyness and not productivity. And so one of the things you could do is some kind of. I'm probably gonna like a pomodoro method. Let's say you have a day where it's not busy with, it's not trife with alerts. You could do something where you do 50 minutes of work, whether that's sorting emails, whether that's creating documentation, whether that's going back and cleaning up documentation, whether that's research and then take a 10 minute break, right? So just find yourself blocks of time that you can consistently go back to and bearded, bearded, bearded ruck makes a good point. Treat your calendar like a second bible. Obviously life happens. You want to create flexibility to go do things, to change your schedule for meetings, to change, to drop. Of course you have the good communication skills to say hey, can't make the meeting. You know, communicate to people around you what's going on. But stick to your calendar. If you stick to it, it becomes part of just your routine. If you'd be h. If, if it would help, I would be happy to meet with you on a, in some kind of a one on one. I'm not Dr. Jerry Oer so I don't have to worry about the mentorship at scale but I'd be happy to meet up with you on, on a one on one zoom chat and just kind of tell you how I manage some of my time. I also happen to work for an MSP and I work closely in the cyber department. I also work with vulnerability management, the engineering team. I also work with the C suite. And so on any given day I, I don't have time to too much non directed slacking, if that makes sense. I try and schedule my slacking. I like that I tend to not use my calendar, but just like a huge task list. Yeah, you'll get overwhelmed. You'll think that you have to be do it all and I have to do it all now and it has to be done perfect or else. And then if you don't do it then you, it's just like dieting or anything else we try. We don't get the positive feedback and so we just stop doing it completely. And then you just have this anxiety of I need to be better at time. Well, the only way to do that is to actually do the stuff. Small consistent changes that you can keep up with throughout the day. Right. And before you know it you're going to be sticking to that calendar like bible. But it'll become a framework, right? It'll become a framework of I kind of how I know what I have going on and then get to know yourself. When are you most productive? Do you like the more technical providing? Now this is all that you're not triaging an alert, right? Some kind of priority alert. It's just everyday tasks at what time? Like in the morning I'm better at admin and plugging and chugging and then I go into a creative state and then I'm pretty useless outside of meaningless tasks and then I kind of have a ramp up period and then maybe I wind down right, something like that. Shadarak. I just dropped out of college and I want to dive into the cyberspace. I would rather use the money for certifications and practical experience. Is a bachelor's a major requirement. What? So what do I think? What do I think? So I do not have a degree in cyber security. I have agreed. Sometimes I kind of wish I did because. Because I like the idea for my own personal edification to have that degree. Experience is king Shadrach. And I know that there's this catch 22 of how do I get experience if I don't, if I'm not, if I can't get a job. And how do I get a job if I don't have experience? Obviously we know from the multitude of podcasts that you've probably heard that home labbing, spinning up infrastructure as code, understanding the cloud, understanding how AI technologies can work from, for you in a, in a hands on environment is the best way. And one of the only ways to do that really is through home labbing volunteer experience if you don't have a job. And so if you dropped out of college because I I didn't complete high school, I got a ged. I wanted to work more than anything. I was done. I went back to school later in life and got a bachelor's in criminal justice with an emphasis in law enforcement which not using it but yes. Is a bachelor's a major requirement? It's not. Unless it is. So if it says some kind of government job or even a real requirement, unless there's something in the company's policy that says we only hire people with bachelor's degrees in whatever field, we only hire those unless that's explicitly stated in their hiring policy. It's not usually going to be an end all deal breaker if you don't have a bachelor's degree. That being said, as a person who has worked in higher education, we spent a lot of time in college and actually enjoyed my time in college. I think there is something to be said for the constructed controlled environment of learning. Right. And you can, you need to put in as much as the teachers are giving you and this is going to come to your practical experience. Money for certifications. All the certification does is prove that you can answer a set of questions. It doesn't prove that you can actually do the job. It doesn't prove that you can have a conversation with a fellow co worker. It doesn't prove that you can explain technical concepts to non technical stakeholders. Right. A certification only proves that you can memorize and understand concepts then regurgitate them back in a environment such as a test. Right. So certifications some they have a name. Hiring teams typically understand those. And so we like to see the comptias and the cissps and the oscps by your name. At the end of the day having a healthy network of people of a family, quote unquote, a network of people you can count on and getting that practical experience is how you're going to slowly but surely make your way into cyberspace. I think that's one of the things I'll get on a very quick soapbox. As hard as it is for me to stay off of the soapboxes. We got a few minutes left is if you can afford it. Remember you're the CEO of you and you'd be surprised. There are so many people that want to invest in you. They want to put money in you, they want to put resources. They see a potential reach out to your social circle and say I'm looking to make a career change. Maybe Somebody will help you with study materials. Maybe somebody will help pay part of your rent or take on some of the bills. Maybe you have to get a second or third job and just grind it out overnight. At the end of the day sometimes you have to make some small sacrifices. As I was working into cyber security I had to take jobs that were not directly in cyber or even it to pay the bills so I could continue to pursue something that I knew was a calling which for me was it and cybersecurity. I also love teaching and speaking and all that stuff but that's where I wanted to go. And so you have to be willing to find those people that that are going to go to bat for you because you can go to bat for yourself. People want to go to bat for you so reach out to them while you're getting that experience. Simply Cyber is an excellent I'm not just saying because I'm a member but I'm also a participant. Simply Cyber is an excellent place to get involved with hands on discussion ideas networking not just grc, not just red teaming, not just soc analyst work. Threat hunting the business side of things right. Security solutions architects. There's so many paths in our industry you really won't know until you show up and get your feet wet get dirty for a little while. Can somebody put money into me? Thanks. Just let me know.

A

Yeah sure.

C

You got telegram. I have a few links I could send you. You can do federal. You have to have SEC+ who. Kyle. Kyle the lead analyst. Don't bother trying to federal US Federal cyber. They want degrees and or certs. Yeah and I mean that's just it. Unless it explicitly you're going to see that in government, corporations and some of the highly regulated industries they may require. I mean you get they may, they may look at your criminal background. Some places don't and so really getting idea of the job using an AI agent some kind of LLM to pilfer through your job descriptions and give you a plain version of what the what companies are looking for. You've heard this before. It's a dream list. The requirements they're asking for is typically a dream list. If you can meet a few of those a lot of times they're willing to work on the rest. We got five minutes left of chat. I'm going to scroll through and make sure I have it. That flew by. I got a few soapboxes will refine this sucker. This cyber career hotline phone lines are still open 1 800/ Simply Cyber give us a call or drop A line in chat. Just kidding. Keep grinding. Jenny asks, aren't you kind of using criminal justice degree experience, though? So I did work as a, As a. As a police officer for about a year on the street, and then before that I did work in youth corrections. So I kind of used it. What I used from the criminal justice degree is the degree experience is being able to complete a task on time to work with the group, to turn a paper in. And it shows that I can start something and stop it and then get a degree. So. Yes, but in actual cybersecurity, other than using street smarts, understanding how the average criminal thinks. Because I was a criminal in my 20s, not literally, but I was a kind of a. How do I say this? I was mischievous in my 20s and in my teens. And so I kind of know how to think like that and understand that hackers and criminals are opportunistic. They look for easy ways out understanding the concepts in those things, that helped. But as far as understanding criminal justice and procedure, not so much. Which is still something I'm passionate about, but it's more of a side. Some side projects with helping with more of a reformation with people who are incarcerated. Helping rehabilitate. Rehabilitate them and give them opportunities in I. T And cyberspace. But we'll see. Being able, yeah, being able to keep your cool when people are screaming in your face. Don't take it personally. Unless somebody's attacking you or your child or your family and they're physically in your face, you got to be like a duck, man, water on a duck's back. You just can't take it personally. That's their prerogative to scream at you. There's something wrong with them. Even if it was your fault. Really, you shouldn't be a workplace screaming in your face. Or if your client, if it's a customer and they're screaming in your face, you literally have to let it go in one ear and out the other. People are screaming because they're angry. And when people are really angry, they're not thinking clearly. You take the high road, you listen. You might vent with your co workers afterwards or your friend and your family and your support structure. But at the end of the day, don't take it personal because it's not worth it. It's just not worth, worth it. Let them say what they got to say. A lot of times when people scream at you, and if you listen and say, I can tell that you've never been heard before, it sounds to me right, hey, thanks, Code Bruce Cyber. Great work, Jesse. Nailed it today. I appreciate that. What time is it? We're going to get ready for the Authentically Cyber podcast. I just don't want to miss it.

A

Right.

C

I'll get in trouble with Kathy Chambers. Not nobody wants that. Kimberly can fix it. Thanks for dropping that in chat. Kathy's podcast starts at 9:30am Eastern Daylight Time. I think she dropped that in chat. I'm going to. Yeah, I'm gonna boogie because I want to get out and get over there and check out that stream. Thanks for joining me for the Cyber Career Hotline. My name is Jesse J. AKA the Cosmic Cowboy. We're gonna be working on some cool graphics and stuff and I will be with you every Tuesday through April, hopefully beyond. We'll see what Dr. Jerry says, but I'll be on the panels more. And then don't forget Slay Sisa plus or Slay Certs or something coming this month. Really, really excited. We'll be streaming live streaming once a week and we may do it from the Simply Cyber channel. I'm working through Jerry on some of the the minutia on that. Anyways, I'm gonna run Kathy Chambers. Authentically Cyber Podcast is dropping now. Let me make sure I do all the things I'm Jesse J. You guys are the sleigh part of it. You guys are what make up the Simply Cyber community. I'm out of here. Until next time. Stay secure.

A

Sa.