A

Well, good morning, everyone, and welcome to the Daily Cyber Threat Brief from Simply Cyber. I will be your host this week, Daniel Lowry. I am also known as Sick Boy because I am sick. I have been sick for the last couple days. Yesterday was horrible. Oh, my goodness. I laid in bed literally all day with pounding headaches. I went through an entire box of tissues with a runny nose, just pouring. It's fun. It's fun. You should try it. Don't try it. It's horrible. It's not fun at all. Good to see everybody in the chat this morning though. I had a couple people here already pre gaming with me. But like I said, this is the Daily Cyber Threat Brief. Today's episode is episode number 1 035, 1035. It's a lot of. It's a lot of episodes, Jerry. I'm filling in for old Jer Bear. He's out on vacation doing his vacation thing, having fun. Hopefully not sick. I know he was sick like a couple of weeks ago. So I guess it's just my turn. If you are new to the show and you're just trying to checking in going, hey, what is this Daily Cyber Threat Brief thing all about? Well, it's an op ed where we just kind of go through the daily headlines from the CISO series and we discuss, we talk, we get into some of the weeds on some of these things and maybe learn a little bit, maybe just kind of stay on top of what's going on in cyber security. And that's what this show is all about. Cool fact is that you will earn half a CPE for, for every episode of the Daily Cyber Threat Brief that you watch. So keep track of those things and you'll be able to utilize that for your CPE needs. All right, that said, like I said, I'm a little sick this morning. One thing I like to do right out of the gate when we get going is once we get the hellos out of the way. Hello, everyone. Actually, let's. Let's do that. Let's see here who is in the chat? Let's give some shout outs today. Who's out there? We've got Marcus Kyler. We got Grady in the house. We've got Elusa Gun. I think I'm saying that right. Michael Lanham. Cool. Phil Stafford. I was also talking with Keishan infoSec AD Tech247. No mistletoad. You guys and your names. I love this stuff. Not only it is in the house as well. Let's see here. Who else? Who else is checking in with us this morning. Marlon.

B

Marlon.

A

Jade122 I don't know if that actually shows up in the link or not. LinkedIn, but what's this thing called? YouTube. That's right. Sick brain. I have a medicine ball. Hopefully this helps. James McQuiggin. Hello there, good sir. Find the true two. Dennis Keefe. Who else is in here? Kyle. Kyle Kerman. Man, sometimes trying to read these usernames is fun. David P5280 don't you love all this? Don't you just love the way. Rhonda Rummerfield. What's up? What's up, Rhonda? Good to see you in the house as well. The trucking cyber guy, man. Lots of great folks in the house here. Now everybody's starting to roll in. We were talking about how we had a bit of a skeleton crew this morning, but y' all were just waiting. You were just poised and crouched at the doorstep just waiting for us to open and bam, bam. You leapt. I don't know if you've seen the video of the snow leopard going after a mountain goat, but it's got Freebird playing, you know, the whole like the, this snow leopard goes to pounce on this, on this mountain goat. And a mountain goat just straight up just like, bye. It dives off of the mountain and apparently this is like something they do and they just fall down the mountain and then he gets up and goes like, what's up, dude? We would be wrecked and dead, but apparently not. These mountain goats, they. They do this crazy stuff. All right, with that said, it's time to pay some bills, right? It's time to do that bill pay thing. So let's let Jerry do that thing that Jerry do and let him read those ads. So rock and roll. Here we go.

C

Want to give Some love to fortify 365. The Microsoft 365 configuration solutions from Barricade Cyber Solutions. Barricade Cyber brings you all the knowledge in the incident response form, but they are also quite adept at helping you configure and set those protection controls for your M365 instance. Go to fortify365.com today to talk to Eric Taylor and the team over at Barricade Cyber and make sure that you are taking full advantage of all the configurable security controls that you have in your M365 instance. Fortify365.com today. Also want to give some love and some shouts to anti Siphon training Hollow Hollow Holiday Anti Siphon Training. The group that is disrupting the traditional cyber security training industry by offering high quality, cutting edge and education at a discounted rate. For so many people out there, their rates are insane. Some of their courses free or pay what you can. It's amazing. Go to ant-training.com today, check their upcoming live training, their on demand training, government and military discounts. I mean it's absolutely crazy. I love it. Maybe not government and military discounts. I made a mistake. They've just aligned their training to NIST. Nice framework. Also pretty awesome. Thank you. Anti siphon training.com and of course as always we've got Threat Locker kicking it. We'll hear from them and then back to the news. I want to give some love to the daily Cyber Threat brief sponsor, Threat Locker. Do zero day exploits and supply chain attacks. Keep you up at night. Worry no more. You can harden your security with Threat Locker. Worldwide companies like JetBlue Trust Threat Locker to secure their data and keep their business operations flying high. Threat Locker takes a deny by default approach to cyber security and provides a full audit of every action allowed or blocked for risk management and compliance. Onboarding and operation is fully supported by their US based Cyber Hero support team. Get a free 30 day trial and learn more about how Threat Locker can help prevent ransomware and Ensure compliance. Visit threatlocker.com Daily Cyber.

A

Well, there you go. Boy, that had a long tail on the end of that there didn't. It's a lot of fun trying to work with other people's Restream like. Yeah, anyway, a lot of fun, A lot of fun. Thanks Jerry for the opportunity to come in here and hopefully do you proud. But we got to get into the CISO series today. Check out these headlines. There's some interesting headlines today. I've I write them down as we go just to see what the headlines are, but yeah, we got some. We're going to start off with a banger here for those of you that like gaming. Let's do this. Let's do this. And yes. All right. Steve Prentice. Do us. Do us. Well, here we go. Let's see here from the CISO series, it's cyber security headlines.

B

These are the cyber security headlines for Monday, December 29, 2025. I'm Steve Prentiss. Rainbow Six Siege suffers breach. Gamers go shopping. The Rainbow Six Siege R6 online game, a product of French video game publisher Ubisoft, suffered a breach over the weekend that allowed all types of chaos to ensue, including unbanning players and granting players massive amounts of in game Currency. Ubisoft quickly shut down Rainbow six Siege and its in game marketplace. It later stated that quote, players would not be punished for spending the granted credits, but that it would be rolling back all Transactions made since 11:00am Paris time.

A

All right, Rainbow Six, man. I'll tell you what man. Rainbow Six used to be my jam. I loved Rainbow Six, like Rainbow Six, Vegas and Vegas 2. Those, those were my games on Xbox 360 back in the day. I played them non stop. It's the only thing I played. It was the first time I actually really got into any kind of like online play because normally I just like playing the game. But I was like, let me check out some online play. So I. It hurts my heart to see that Ubisoft has had this, this horrible, horrible breach. But you know where there's ways to have money, there will be threat actors out there trying to do threat acty things. So they suffered a breach. They allowed hackers to abuse internal systems, ban and unban players. I'm sure that that was, that was a cherry on their cake right there. Because they're like, oh, I'm unbanning all my banned players, right? My boys and girls that are out there that got banned because we're total D bag. They got to manipulate in game moderation feeds and grant man massive amounts of in game currency and cosmetic items to accounts worldwide. Isn't that crazy? Like this didn't go after I guess actual money per se. Even though it affects them in actual money. Isn't that weird that this is the world we live in, that the game has its own in game economy. But because of that, right? Just like any other economy affects other economies because that's how people make real money and people care a lot. It boggles my mind that people care a lot about like cosmetic items. Who cares? The people care. They love this stuff. Let's see here. According to player reports and in game screenshots shared online attackers were able to abandon them. Yeah, we already saw that. Display fake ban messages on the band ticker. That should be fun. That's just a good time to troll the people that are in the game. R6 credits are premium in game currency sold for real money on Ubisoft store. See, you see what they do there? So 15,000 R6 credits cost 100 bucks, placing the value of 2 billion credits at roughly 13.33 million worth of ingrain current ingrain in game currency. Let's see here at 9, 10, blah blah blah. No one cares what time really. That's when they Became aware of it shortly afterward. Oh, here I go. It's. It's coughing time. Oh, hit the old mute button there for you to hear me hack. And not the good type of hacking, right? But the like, I'm sick hacking because I sick. Let's see here. Intentionally shut down Rainbow six and it's in Game Marketplace. You know, they're like, we can't let this keep on rocking. So their instant response playbook says, I just. Just hit the button, man. Just turn it all off because it's. It'll get more stupid if we don't foreign. I'm guessing the money they were losing on what the hackers were doing versus the money they would lose on pulling the plug on it. That was a math equation that they did and came out to this conclusion. Siege in the marketplace have been intentionally shut down while the team focuses on resolving the issue. Is it back up in a final update? Here we go. Clarify. The players would not be punished for spending the granted credits, but it would be rolling back all transactions made since this time. So we won't punish you for it, but if you made like a real transaction during this time because it says it's rolling back all transactions made since this time, you now just lost that. That's. That seems to be like, I would be pissed if I spent my real money, like hadn't done nothing wrong and then got rolled back. I mean, do they. They going to refund my credits? That would be. That would be a problem, right? It was like a hundred bucks, man. That's no joke. Let's see here. The company also stated that Ubisoft did not generate the message seen on the band ticker. Well, duh. Here it is. Was banned from TOS breach for TOS breach Terms of service Terms of service fake breach message. So they were continuing to restore the game, but servers remain down at this time. When was this article? Here, let me do this so I can find this. Was it today? Was this an article from today? That was yesterday. Yeah. All right. They've not released a formal statement regarding the incident. Has not responded to emails from sleeping computers. Sure. If you have information regarding this incident or other undisclosed attacks, you can contact us. Confidentiality via signal. Rumors of a larger breach. So this might just be a symptom of that within Ubisoft's infrastructure. Is that what they're saying? According to the security. I think this is a separate article. They love to tie articles together. Yeah. Are they saying that that's what's going on here? Unverified claims. It According to the research. So it might be the. They might got hit by the new Mongo Bleed that came out. I think we talked about it last week. Exposing credentials, remember? Yeah, yeah, yeah, yeah, yeah. So man, you see why you gotta patch it is like a thing. It's something we tell you to do because that's important. All right, so there you go. Poor Rainbow Six. Hopefully they're gonna do better and they'll get your game back up and running and get your credits and all that other fun stuff. Let's get to the next article.

B

Go. Diesel generators and aircraft engines in high demand to power. AI the developers of data centers are now using aero derivative turbines based on or made from jet engines as well as diesel generators to address a growing need for power to process AI technology. This is being done to counter the issue of supply chain shortages and wait times of up to seven years to connect to the grid, as well as a growing backlash over their impact on consumer utility bills. This power is needed for the training and running of artificial intelligence models. As a result, local and federal regulators in the US are starting to loosen the restrictions on the use of backup generators and are even floating the idea of commandeering existing backup generators such as those located behind many large stores and businesses in order to support the demand.

A

Well, how about them apples, right? It's the. Now you'll notice I tried to go to the Financial Times thing here. Oh, that doesn't show up. Interesting. But it's like, oh, yo, if you really want to read this article, it's paywall time. So I'm like, okay, that's cool. Financial Times. You make your money that way. I'm sure you're not the only game in town. So then I found this article from Tom's Hardware. I was a little bit older, honestly, so this is not the first time that this has been discussed and talked about. This goes back to October 22nd. October 22nd on 2025. So just a few months ago. Just two months ago, right? November. Yeah, there we go. I can do the math. And saying the exact same thing. Talking about how long it takes for these companies to get access to the power grid. It takes years even, right? Faced with multi year delays to secure power grid, they want to deploy aero derivative gas turbines. So AI need that power, man. AI power hungry. It needs that power and we, we are using it so much. I, I had read something to the fact that I'm, I'm sure this is like, you know, because things change daily when it comes to AI. I'm sure that it's, it's probably even more at this point. But I, I read that it was like AI consumption is that much of like the population of India per day or some junk like that. It's insane. It needs so much power. My brother actually has been delivering the turbines and everything to the new data centers being built for AI and he's, he's telling me the size of the generators, he's telling me the size of the, the actual data centers and how massive they are. It's like holy crap, it's getting insane. Like the fact that we cannot keep up with the power consumption of how much we use AI and how much we are leaning on AI at this point. That's a little freaky, right? That's a little, that's a little concerning to me that you know, the population of India can't, is using as much power every day as, as AI is. So that seems to be a problem. We probably need to get some, some new energy sources up. Not just. And if they're hijacking, if they're talking about hijacking people's already power backups, right? So I worked for a company, an insurance company. They had two or three massive diesel generators to power the building in case of hurricanes or anything like that. Because when hurricanes come through Florida, fun fact tends to wipe out power quite a bit. As soon as like a hurricane even starts thinking about coming our way, you'll just start seeing linemen coming into Florida just running down the interstate. There are every gas station just parked in spots to where they think they're going to make landfall because they know the power is going to go out. And we got to restore power as soon as possible, right? It's critical infrastructure. Without power, people die. So they, they try to pregame these things now and get those people into the state as soon as possible. Ready and ready to rock. But we had these three. I worked for an insurance company and that insurance people, they do like homeowners insurance and things of that nature. So they need to be able to coordinate with the entirety of the state. Fun fact. Florida is one of the largest states in the nation. I know it doesn't seem like it, but it is land wise. It's got a lot of distance between one end to the other. So keeping everything up and running had all these mobile works is crazy. All the stuff they had so that when a hurricane hits they could deploy and keep our building running because that's where all the servers were and everything. This was before the cloud. All this stuff was built. You Know, and even. Even after the cloud instantiation, where we started moving things to the cloud, which I was a part of, it was. It was pretty crazy. Like, we still needed those generators because we still had physical servers. We still have, like, security systems, records, things of that nature. We had to keep the place safe and ready to rock. So you can't just let it, you know, flap in the wind. You got to keep it up and running. And now they're saying for AI purposes, we're going to use that. What happens if I need it? You know, I. It's mine. I built it. What if I need that now? I'm assuming they're going to be paying for it, but let's actually. Is there any more to this? I think they're just talking in this article. I think they're just talking about the jet turbines being used. What they gain in fast deployment at ramp speed, they lose thermal efficiency. Air derivative turbines run a simple cycle mode, burning fuel without capturing waste heat, which puts them well below the efficiency of combined cycle plants. Most run on diesel gas delivered by truck. Yeah, interesting. Well, what. What an interesting thing. Yeah, we'll probably see some modular nuclear power plants being built very, very soon. I think that, like, France is, like, 80 nuclear powered. Interesting. All right, well, there you go. AI hungry. It need that power. Let's go to the next article.

B

LastPass 2022 breach reverberates through the crypto world. According to blockchain intelligence firm TRM Labs, encrypted vault backups that were stolen in the 2022 LastPass breach are still being used to break weak master passwords, allowing threat actors to access crypto accounts. Wallet drains continued through 2024 and 2025, with stolen funds traced through mixers to high risk. Russ. TRM Labs found repeated use of Russian cybercrime infrastructure and continuity of wallet control, indicating likely Russian criminal involvement in monetizing the breach. End quote.

A

Well, last past breach of 2022. It's the gift that keeps on giving, right? It's always fun to know that once people had your encrypted passwords, which were encrypted with some shoddy encryption, that you are now in trouble. I. I would. It's weird to me. So as soon as this happened, I was a LastPass user. It's what's up, right? LastPass was the cat's meow up until this happened. And everybody was like, whoa, what. What did. What are you doing? What's going on? So I immediately switched. This was such a problem that I. I just closed My accounts, changed all my passwords, which was fun, right? But it had to be done, because that's what you do. So it doesn't matter if they had my old logins and all that stuff, if they've decrypted all my passwords. All this stuff has been changed. I literally went through one by one. It was a cool thing, was I switched to bit warden and it imported everything. And then I just went through my entire vaults changing passwords. It took me like two days. Excuse me. But that was the necessary work that needed to be done at that point in time. And then I got to point and laugh at last pass, you know, facetiously, you know, I. It was horrible. But they. Anybody can get breached, right? But you don't have to then make it, like, super simple for them to. Now that they've found themselves in your home. That would be. Here's. Here's basically what LastPass did. They went, we're gonna get. We're gonna build a house. We're gonna put locks on the doors, gonna shutter the windows. All sorts of fun stuff, right? Keep people out, right? And then we're gonna have a safe inside for all the valuable stuff. And they made the combination to the safe, like 1, 2, 3, 4, 5 or something like that, or 1, 2, 3, or they just left the door open. You know, it was. It was ridiculously, you know, garbage security that they were using comparatively to their other contemporaries, right? So that was the problem. So, yeah, they had some guards and gates and stuff that kept people out, but once they got breached into, it was. It was a free for all. They were like, ah, sweet. And they just started gathering data up and, you know, it's like buying a safe that you got for your daughter to keep her little trinkets in. You know, it has one of those little stamped metal keys, you know what I'm talking about? Like, I could just rip it open like tissue paper. And that's what they did cryptographically to all this LastPass stuff. So they had a massive amount of data, and now they're still going after and. And exfiltrating sensitive information, right? Including crypto keys. If you're interested in what a mixer is, that's where. When you've gotten. I think. Let me see if I can get this correct here. Cryptocurrency. If I stole your crypto, and then I went and bought a bass boat, you know, for. For a friend of mine, and a bunch of Zebco rods and, you know, some dough, urine, and things that he needs for hunting and fishing. Then they pop me pretty quickly because you see who owns the Bitcoin wallet. So what, what they're doing is they're using these things called mixers where you basically use all these little microtransactions and everything gets mixed up. You don't really, can't really tell who bought what, when, where, how, because of the mixing service. So they don't like mixers for that purpose. And then there's the whole privacy side of things. We can have that debate at another time. But ultimately that's what's being utilized. So that it's basically money laundering for crypto. Right. That's what they're doing. They're trying to obfuscate how where the money is coming from and where it's gone and where through these mixing services. Oh look, it says it right there. Large scale hats and the diminishing effectiveness of mixing is reliable means of obfuscation. This looks like an interesting sentence here. While definitive attribution of the original intrusion cannot yet be confirmed, these signals combined with TRM's ability to deactivate. I'm sorry D Mix activity at scale highlight both the central role of central Russian cybercrime infrastructure monetizing large scale hacks and the diminishing effectiveness. So that's good on one hand. What else is going on here? Yeah, laundering through Wasabi Wallet. I just watched something about Wasabi. It was fairly interesting. I think the, the creator of the Wasabi Wallet is going to jail or is in jail at this point. They said he was complicit in the crimes even though he was not a part of them. It was an interesting, a lot of semantics that go on legally. I don't know all the details on that, but it does seem like an interesting read. I want to learn more about it. I need to learn more about crypto. I don't have any crypto or anything, so. Haha. Take that, crypto hijackers. You're never getting Dan's crypto because you don't have any. I, I wish I did. Let me rephrase that. I wish I would have bought some before it became the most amazing thing ever for you to make money. That would have been fun. But hey, what are you gonna do? All right. I think they're just kind of repeating themselves at this point. Any other interesting thing? Yeah, I guess if you're a cyber criminal, your days are numbered when it comes to the standard mixing services that are available for you. Russian based financial infrastructure continues to function as a systemic enabler of Global cybercrime, even as enforcement pressure increases. Yeah, because what are you going to do? Invade Russia? That's where you would have to be that, that's like, that's where you're at at this point. They're like, yes, we like to do the cybercrime and facilitate you mixing cryptocurrency and. No, no, no, no, no, no. What you going to do? Right. My name is Vladimir. I do what I want. So. Yeah, because what are you going to do? You're gonna, you're gonna invade Russia and go start snatching people up? I doubt it highly. Which begs the question, okay, if that's not an option on the table, then what do we do? Well, right. That's where cyber security is important on our end of the spectrum, is that we are especially anything around our finances and anything even closely related. See, everything ties in. That's where it gets difficult. Everything kind of ties in together. Maybe you reuse a password, maybe they. Your crypto wallet and your email is connected somehow. And, you know, they, they gain access to your email, which then gives them. You see what I'm saying? Everything can be kind of like a tie in. So you have to use really good opsec all the time, which is why we see breaches all the time, because that's not going to happen. All right, let's go to the next article and then we'll hit the mid roll. All right, do it, Steve.

B

ChatGPT ads will allegedly prioritize sponsored content in Answers. The ongoing back and forth regarding the inclusion of ads in Chat GPT space has now seen a new concept enter the room. This called sponsored content. Despite initial resistance from OpenAI management about adding adverts to ChatGPT, fearing quality issues, especially in light of Gemini's advancement in the space, a new report suggests that OpenAI plans to prioritize sponsored content in AI answers, end quote. This might take the form of sponsored information in a sidebar next to the main ChatGPT response window. Although search tools like Google Search have had ads for a long time, experts point out that generative AI products like ChatGPT quote, know more about users than Google, end quote, and as such are likely to disrupt the web economy.

A

Man. What do y' all think about that? Right? Are. Let me just, let me start here. Are you sick of just being advertised out of your minds, like, where everything is an advertisement? No, don't get me wrong. We. There's nothing inherently wrong with advertising. I think that it has its place. You're trying to sell a product, you're trying to. It's totally fine. But we are being like, over advertised, I think, right? The fact that I can't hit pause on watching a show without getting an ad that pops up on my tv, I'm like, oh, my goodness. I. I started hanging out with my phone. So if I'm watching tv, I turn on the show. When it goes to the commercials, I pick up my phone and I watch YouTube stuff. And of course I do it through Brave. So there's no ads. But. But man, like, the advertising is getting insane. It's. It's not getting insane. It is insane with this stuff. So now it's going for Chat gbt, which I'm sure, shocker, right? Everyone here is just gob smacked. They are flabbergasted. They're on the floor with their jaw just, oh, are you kidding me? I never in a million would have thought it. Thoughted. All right, Billy, get out of my head, right? I. I never would have thought it that day to put them ads up in that chat ji. Isn't that what is chat Chat gypped. I like Jack J. This good. I use it all the time. But find the best fishing hole, right? So. So yeah, there you go. Yeah. I see somebody like, daylight M. They're saying that they use Brave and they're on YouTube Premium. So if you're on YouTube, you use YouTube Premium. This used to be the model we had, right? You just paid them money and now you pay them money and they still advertise to you, right? Oh, my ear is itching. Oh, yeah. I'm like a dog. Oh, I felt good. But right, so like, when cable TV came out, you paid for cable and you got no ads. It was awesome. And then somebody said, why ain't we got no ads? He said, well, people are paying for us and like, forget that. I want more money. And so they started putting advertisements in. On cable television, you're like, ah, whatever. I guess you still get like a bunch of different variety of content. And, you know, I guess it's worth it. Even though I'm kind of paying for this, it does make sense. So right now you can pay for services so that you don't have advertising, but it's a lot more money. Like, it's a lot more money to not get advertised to. So now you got to come up with more creative ways. There are ways, by the way. There are ways now Chat GPT with their sponsored content, which could influence your buying decisions. So when you go and ask Chat GPT a question, it's Going to push the sponsor instead of what it in. Right? Just like Google used to do. Google used to just tell you, here are the best results for what you're looking for. And then some. They had a board meeting and someone said, I got an idea. What if. They said, what are we in business for? And they said, to make money. And they said, amen, brother. What's our product? To make the best search engine available. So give people the best results. And they said, ah, that's where your problem is. And they're like, what are you talking about? If we're the best, people will come to us and we get all the traffic. And there you go. They said, but I got an idea. The idea is, what if we gave them really good search results, not the best. And that way they have to scroll and click through to the next page to start to find the best stuff. And that keeps them on the platform for longer. And we've got advertisement all over the place. How's that sound? And they went, it'll be a blizzard of money. And that's exactly what they did. So they actually like reduced the quality of their search algorithm and now here comes Chat GPT, Gemini, Grok, you name it, it's. They're all going to do the same thing. This is how they're going to make money. And again, nothing necessarily wrong with them making money. It's just that I don't, I don't want you to give me the result that got paid for. I want to get the result that is the best result for what I'm looking for. And as they say, that Chat GPT knows way more about you than Google does, then that's not good. That is. That is crazy. Let's see here. All right, so ChatGPT leaders decided to focus on AI's quality after being threatened by Gemini's advancement. Right? Because Gemini 3 came out and it was like really good. They p. So they push back their efforts to add ads. That's a fun sentence. However, it looks like OpenAI has not given up on their plans entirely. Information reports. OpenAI plans to prioritize sponsored content in AI answers. So now not only do you gotta like be really good at prompting your AI to give you the right answer, now you've got to kind of like prompt it through. I wonder. I mean, you could probably like prompt engineer and prompt injected to not give you. This will be a fun game to play with, right? That's because that's what I want to do. I want to have to manipulate it so it can't manipulate me for everything. I'm just like, I just need to know how to make pasta. You know, I don't need, you know, to give, to give me this. An X, Y and Z pasta maker and spaghetti sauce and blah blah, blah, blah. Like as the ingredients, just tell me pasta sauce. I'll choose the one I like the best. All right, mid roll time. Guess what? It's time for ads. Right? Let's do it. And let's do this thing right here where we say thank you to our sponsors. You'll notice this is going to be like a crazy long thing, but we do want to give a shout out because they do pay the bills and they do keep the lights on here at Simply Cyber. So Barricade Cyber Solutions, Friends of the Channel. Right. These are, this is more like partnerships than they are sponsorships, honestly. At least in my opinion. Right. Because everybody here that I've been aware of, they really do care about the community. So like Threat Locker, Delete Me, Anti Siphon and Flare, all of these sponsors that keep the daily cyber threat brief going that allows us to come together and talk about these articles and learn from each other and interact. We give you a big fat thank you every day of the week. Much obliged. All right, Steve, go through your sponsors and then we will get to the next thing here when it comes to the mid roll.

B

Huge thanks to our sponsor, Threat Locker. Want real Zero Trust Training? Zero Trust World 2026 delivers hands on labs and workshops that show CISOs exactly how to implement and maintain zero trust in real environments. Join us March 4 through 6 in Orlando. Plus a live CISO series episode on March 6. Get 200 off with the code ZTW CISO26@ZTW.com.

A

All right, Thread Locker, got something going on in Orlando. 200. 200 off using that Z20. Whatever it was that I'm gonna have to look into that. All right, let's see here. What is going to be our next article? This one here. Oh, this is actually really kind of cool, actually. So let me get this going.

B

New York Governor allows warning labels on social media, describing social media platforms as, quote, addictive, end quote. New York Governor Kathy Hochul signed a bill this past week that will, quote, require social media platforms to show warning labels to younger users before they're exposed to features such as autoplay and infinite scrolling, end quote. The bill was actually passed in June and the warnings are supposed to resemble those on tobacco products and media with flashing lights. Surgeon General Vivek Murthy also had suggested Last year that, quote, social media platforms should add warning labels, end quote.

A

Well, it's finally happened. Social media has become cigarettes, right? Like, like, this is a real problem. Like, I don't know what's going on here, but like, there's a real issue happening with the old social media. The fact that it is addictive and it's long been known. Like, just a question for the chat here. How many of you are, are unaware that social media is extremely addictive? Throw that in the chat if you, if you're like, I legit had no idea that this was an addictive thing. Make, make way for those people. Like anybody that's got that, that had no clue, throw that in a chat over there. Because that I am, I am interested in that perspective. I would love to hear that because from everything I've ever read or heard since the advent of social media, it was, how do we keep people on the platform longer? Well, we can figure out ways, algorithmically to make their dopamine spike through X, Y and Z. Types of things, types of content, and they'll never leave. It's totally happened. I'm sick. I'm sick of social media. That is. Honestly, I've done a bit of a detox of social media for the last couple of weeks because you gotta, you gotta take a break from it. It's been, it's been noise, it's been nice. All right, so the governor of New York, Kathy Hochul, signed a bill saying that most social media platforms will need to put warning labels for younger users. So is this going to be like, do not use Instagram if you are pregnant or trying to get pregnant. Is that what's happening here? This could damage your fetus if you watch social media too much. I wonder if there's like a study that could prove that. I wonder if. Because. Right. Because it does interact with your body chemically. Right. It causes chemical dopamine strikes. I wonder if that affects a pregnant woman's fetus in uterus. That's an, that would be an interesting study. There's some tax dollars that could go in the right way. I think, I think they said that this has actually gone out since last year. This is kind of tiny font. So can I, can I, can I. There we go. Whoa. Make it legible. All right. State legislators passed the bill back in June with text calling for mental health warnings on addictive social media platforms, which are defined as platforms offering an addictive feed, push notifications, autoplay, infinite scroll, scroll, scroll and or like accounts as a significant part of Their services, though exceptions can be made if the Attorney General determines those features are used for, quote, a valid purpose unrelated to prolonging the use of such platform. I like, I'm a dummy. I don't know. How would that not be used for that? In what capacity could you say, well, yeah, Infinite scroll is exactly what's up. Autoplay is exactly what's up. And it's not for the intensive purposes of making you just continue to watch the platform. Yeah, TechGround's giving me the tinfoil hat in chat there. Except I think it's true. I think it has to actually. Is it a conspiracy theory if it's actually happening? Right. So, yeah, I'm, I'm looking to see if anybody. Oh, Jay Gold is also giving me the tinfoil hat. See if anybody did not know. Corporate overall lords are the problem. Not the algos. Yeah, but the corporate overlords run the algos. Right. Like the other ones saying, this is what I want the algorithm to do. And that's when clickbait became a thing. Right. Because they were like, oh, rage bait. People will not leave if I can get them incensed. Keisha Info Sixes. I hate social media. I miss when making the platform addictive was like adding Farmville or Wordle. Yeah. So. And I love this. Jojo Rabbit 1113 says, My wife is a teacher and her school is finally enforcing the no phone policy. Those kids were definitely in withdrawals for the first few weeks. Yeah, I mean, I. Since we cannot trust that they will do it for us that they like now, that's cool that we've got some, some starts of this. So that's, that's great. Right. Who knows what kind of lobbying will come in to try to protect and, and do. Because that, that typically does seem to be what happens. But they are trying to make some sort of headway into the fact that these can be addictive things and are meant to be so in a variety of different ways. So at least in my opinion, let's put some warnings on this, just at least educate people to the fact that this could be a problem. So that's cool. But just like any other thing, just like we Talked about with LastPass, right. The onus is on us. It's on us to like, stay informed. And while, yes, it is meant to be addictive, therefore if you do get trapped by it, you know, that's not your fault necessarily. That's that, you know, that's a system. We need to, we need to break that down so that doesn't happen. But for those of us out there that know about this stuff and we've got loved ones around us, I can't tell you how many times I've had these types of conversations with just random people at a grocery store or at church or whatever. Especially the elderly. It's funny. It's the elderly and the young, right? The young have never known anything else. So they're like, it's just the way life is. You're like, no, it's not. It's. It's become this way and it's not good for you. They. So they don't know. And then you have the elderly, which are like, I'm on my Facebook. It's going to be amazing. It's like, you know, they're doing things to make you stay on Facebook so they can advertise. And you're like, really? They're like, yeah. They, they just have no idea. Zmer or I'm sorry, zmap42 says, don't put your onus on me, bro. That is funny. That is super funny. But let's see here. Requiring a warning label. I think this is a good first start, right? Do the same thing with smoking and it was an effective campaign. Next will be commercials, people like us that know better and telling people, hey, you should really detox and like use moderately. It's kind of like alcohol, right? Modern. In moderation, you should be fine. But be, be aware this thing can hook you and that. That's a problem. So make sure that you have an accountability partner or whatever the case is. Something to keep you from like sitting there and just. Why are you on the toilet so long, huh? I'll be out in a minute. You've been in there for like 45 minutes. I wondered why I couldn't feel my feet right, and I got the tingles in the old feet. Oh, is that deep vein thrombosis I feel? Yep, I'm dying. So just moderation, kids, moderation. Everything in moderation here. Anything else? California's post a similar bill that'll probably impact tech to some in some way, shape or form. So if you're in these areas where you might be starting to see these warning labels, I wonder how that's going to work itself out when it comes to things like advertising. Will they then move away from this type of advertising? So on these platforms that are now being like, again, anytime you drop a pond in the water, it ripples out. So I can't wait to see how that works out. Interesting stuff. All right, next.

B

Fake MAS Windows activation domain spreads PowerShell malware according to Bleeping Computer quote a typo squatted domain impersonating the Microsoft Activation Scripts MAS tool was used to distribute malicious PowerShell scripts that infect Windows systems with the Cosmology Loader. MAS is an open Source collection of PowerShell scripts that automate the activation of Microsoft Windows and Microsoft Office using HWI deactivation, KMS emulation and various bypasses. Numerous reports have been showing up on Reddit that inform users about a Cosmali Loader infection with a warning popup that chides users for using the correct Win domain to activate windows in PowerShell. The correct address being Get Activate Win. The message then instructs them to enter a typo squatted address that has one additional letter added which changes the word activate to activated.

A

Okey dokey. So there we go. Fake Moz Microsoft Activation Scripts using a Typo squad domain is again. I mean this is different. All right, this is a little bit different. Typo squatting is not a new idea, but utilizing typo squatting for Fake Moz is interesting. So let's see here. Impersonating the Microsoft Activation Scripts tool was used to distribute malicious PowerShell scripts that infect Windows systems with the Cosmoli Loader. So Loader is just a first initial stage of malware. It doesn't do anything malicious usually per se. That way the loader does not get busted and popped by whatever AV EDR systems you might have employed. So the loader will then go hey, let me go ahead and reach out to the Internet and grab something else. And then that never actually touches disk, it just gets loaded into memory. This is typically how these things go. Not always, but typically. And then booyah, you're infected. Welcome to the welcome to the party pal. But not in a good way, right? So Bleak Beacon Feeders found multiple Moz users began reporting this on Reddit and they received pop up warnings on their system about this. Cosmoli Loader says you have been infected by a malware called Cosmoli Loader because you mistyped Git activated win as Git Activate Win when activating Windows in PowerShell, the malware's panel is insecure and everyone viewing it has access to your computer. Reinstall Windows and don't make the same mistake next time. For proof that your computer's infected, check Task Manager and look for weird PowerShell processes. I'm guessing that I'm gonna go with 70% of the people that got infected with this have no idea what a task manager is, let alone a weird PowerShell process. Even if they did know what the task manager was, they're probably looking at those PowerShell processes and going, they all look weird. How do I know which one's the weird one? Then that's when. That's what again to the rescue is people that know about computers. And we go, oh man, there it is right there. That's. It's. That's no bueno, kiddo. I'm sorry to thought you look. But how did you feel about reinstalling Windows today? Right? Better yet, let me throw some Linux on this just because I'm on a Linux kick. Take that, Windows. Based on the reports, the attackers have set up a lookalike domain Git Activate Win. So there's your typo squat. This is not the right domain. The right domain is Git activated. Right? Which closely resembles. Right there it is, Get Activated Win. So just one little, one little thing now you're like, hey, it's got these brackets around that's just so that people don't click on this as a link and go there. It's a safety precaution. It's Get Activate Win versus Get Activated Win. And I. You know what's funny is I remember doing this as a kid. Somebody would be like, hey, read this sentence. And then you would not read the sentence exactly. Because your brain kind of fills in the way it thinks the sentence should look. So you leave words out even though they're there. They're printed on the screen. It gets removed in the same vein. It will fill things in and make you go, oh yeah, that's right. Or it will change characters from the wrong character to the right character in your mind. So it's just a. It's a fun little psychological trick that your brain is like, if you're not on guard for, you will get. You will probably get popped by. Interesting thing though, right? And that. That's how we get taken advantage of, given the difference between the two is a single character attacks attackers bet on users mistyping the domain. And there you go. That's even easy to do, right? You're just slamming through the typing you for whatever reason. So this, this would be for the more technically savvy. They're like, well, I have to go do these mass scripts today. They just accidentally type in the wrong thing and then bam. Malware time. There's the. There's the popup right there. Hey, just so you know, infection time. You might want to see your doctor about Infectula. Ask your whe. Ask your doctor whether Infectula is right for you. Or Cosmol, whatever the hell it is. All right. Security researcher Russian Panda discovered the notifications are related to the open source Cosmoli loader. Interesting. Russian Panda told bleeping computer that Cosmology Loader delivered crypto mining utilities and X worm remote access Trojans. Crypto mining. It's like a. Yeah. Is that. I. I have never had anybody say to me, oh, you can use crypto. And I've never seen crypto buying. You must be purchasing everything online if you're using crypto to buy stuff. Like, are people just buying cryptos? And I'm legit. Don't know, because crypto's never been my thing. That people love the crypto, apparently. And that's. That's what these attackers are going for a lot. Let's see here. Maz's open Source collection of PowerShell scripts that automate the activation of Windows. Oh, yeah, I. I think that they might be able to actually activate your. Because if this is the MOZ for activation, it might actually assist. The project is hosted on GitHub, is openly maintained. However, Microsoft sees it as a piracy tool that activates products without a purchase license using unauthorized methods that circumvent its licensing system. So then there's that. You can go steal with this, I guess. Don't do that, by the way. A double threat. Interesting. Here's Moss trying to tell everybody, hey, don't do this. It's a real problem. And I love this part right here. It says users are recommended to avoid executing remote code if they don't fully understand what it does. You know, it's like the warning labels on stuff. You would think you wouldn't need that, but apparently we do because we do this a lot. This is always testing the sandbox, I guess you're doing things like Moz, you can. You know, you should have a sandbox ready to test. Like a test bed for you to test things you don't just YOLO stuff that you got off the Internet. Marcus Keller says it sounds like I've started to get better since the air. Yeah, you know, crazy cyber security stuff will do that to me. It makes me feel better. Yeah, I'm. I'm on the mend, but I'm still dealing with it. But thank you. I appreciate that. I'm glad to know that you guys are hearing a marked change in my. My wellness and well being. All right, we got five minutes left and then we gotta do some jawjacking, so let's do this now. Last.

B

Last article Krebs Most parked domains serve malicious content, says Brian Krebs. Krebs is warning Internet users that means everybody about the dangers of parked domains, those web addresses that are no longer in use or that are intentionally misspelled as typo squatting sites. As with most things, Internet exploitation is rife. Parking pages that show these parked domains as no longer in use are often lead to malware disguised as antivirus software and illegal content scams. In his article published this month, which draws on research from Infoblox, he describes how parked websites can remain benign if a visitor arrives at the site using a VPN or a non residential Internet address, but will be redirected to a scam site if coming from a residential IP address. A link to the Krebs article is available in the show notes to this episode.

A

Okay, last article here we've got park domains now serving malicious content. So I was always under the impression that park domains were for like, hey, I am XYZ Corp. You know, I'm example.com and I want to have either mist type stuff or future domains that we're going to use. Do we just go ahead and buy them and then we park them? They just kind of hang out until we, we need them. We have plans for them, but they're not ready yet. So they kind of kind of go sit over here in the parking lot. This article is making it seem like the only thing that park domains are good for now is his malicious content and that typo squatters are. They're somehow getting their hands on park domains and parking them. Or they're getting their hands on typo. They're typo squatting domains and parking them for the purposes. Maybe that's, maybe that's what they're trying to say. So direct navigation, the act of visiting a website by manually typing the domain name in a web browser has never been riskier. Thanks for taking away one of our tools. We appreciate it. A new study finds the vast majority of parked domains, mostly expired or dormant domain names or common misspellings of popular websites. See, that's where it was like a little bit different from, from my understanding of park domains that they don't necessarily just stick them in the wings and hang on to them and keep paying for them even though they're expired or dormant. Maybe. Yes, whatever. I don't run websites. I'll take their. I'll take their word for it. Let's see, our common misspellings of popular websites are now configured to redirect visitors to sites that voice scams and Malware. Yay. This is a lookalike domain for the FBI Internet Crime Complaint Center. Return to non threatening parking page left. Well, that's fun. When users try to visit expired domain names, accidentally navigate to a lookalike typo squatting domain, they are typically brought to the placeholder, blah, blah, blah. So yeah, ultimately it says here, a decade ago, and ending up at one of these park domains came with relatively small chance of being redirected to a malicious destination. In 2014, researchers found that park domains direct redirected users to malicious sites less than 5% of the time. But in a series of experiments over the last few months, researchers at the security forum firm Infoblox says they discovered the situation is now reversed. This content is by far the norm now for parked websites. That's fun. In large scale experiments, we have found that over 90% of the time visitors to a park domain would be directed to illegal content scam, scareware and antivirus software, subscriptions or malware. As the click was sold from the parking page company to advertisers, often resold that traffic to yet another party. Oh, man, the Internet is a stupid place now. Used to be fun and exciting and now because, so this kind of goes back to our earlier conversation about advertising, because the Internet now is just like the, the visible Internet, and because I hope you don't spend too much time on the dark web or even the deep web. But the Internet is an advertising tool at this point, at least in my estimation. So what do they go for? They go for those advertising dollars. And where there's advertising dollars or any dollars to be had at all, there will be people that go, how can I manipulate this to steal that money, to get that money either legitimately or illegitimately or somewhere in the middle? And, and that's just what's going on here. If I, I, I, I can only assume that it's working, right? I can only assume that no matter how, and maybe we're just a thin slice of the population and for, you know, 95 of the population, everybody loves advertisements and they love being able to go, oh, this looks like something for me. That looks like something for me. And it's very curtailed or tailored advertisement to them that they like that. I'm not that guy. I don't mind seeing advertisements, but you don't need to know everything about me. I actually like finding stuff that I probably normally wouldn't have been into. And maybe you're the same way. And that's why we're the, we're the voices Crying in the darkness going this is ridiculous. Just advertise things and when we see something we like, we'll go buy it. All right? But if this wasn't such a massive playground for marketing money and paying dollars for advertising, maybe we wouldn't be having this problem. And now you can't go to websites. You can't even type the dang thing in and without interfere. So what do we do that? That's always my question about these articles. So what do we do? Right? Does this have a solution to this problem? All right, you're scaring the crap out of me. So what do I do? Right. Often a chain of redirects great. Lots of detail on how it works. Designed to relevant park page. Let's see here. Said domain parking services claim the search results they return on park pages are designed to be relevant to their park domains, but that almost none of this displayed content was related to the lookalike domain names they tested. Infoblox said the different threat actor who owns domain control.com a domain that differs from GoDaddy's name servers by a single character has long taken advantage of typos and DNS configurations. Right. So it's up to us to make sure that we have the actual which means more work. And maybe this is something where AI agents could come into come in handy. Right. These are the kind of things that we don't do great at. Right. Like we talked about psychologically we have an issue with how our brain sees these things and it will fill in the blanks where AI won't do that. Well, at least I guess it does. It hallucinates. So. Wow. Yeah. Even then you can't get 100 accuracy programmatically and through an AI agent. Right? So it's crazy. There's. We just have to do as much due diligence as we can to make sure that we're set up correctly so that this doesn't happen. But apparently that's not going to be effective. So you then what do you do? You need to force multiply. So you do both. You do. Is that. Is it even telling us that? Because I think all it said right now is that people are typing in the wrong thing. And through these wrong typing DNS resolvers, even variations on well known government domains are being targeted. Blah blah blah blah. Emphasis on malicious activity is tracked. However, report includes that while the park companies claim to only work with top advertisers or don't work with advertisers at all. How about that? How about stop advertising on park stuff that when I accidentally type something in, I don't get advertisement. Maybe that info blocks also pointing out the recent policy changes. So literally no answers to what to do from this article. Thanks, Krebs. At least not that I saw. Of course I. I skimmed through it. There could be previously defaulted to allowing their ads to be placed on park page. Early 201225 implemented default setting that had their customers opt out by default. Okay, so maybe you can go opt out, but if you're opted in by default, right, you need to voluntarily go into their settings and that would assume that you even knew that that was the thing. Everything should have you by default opting into security and then make you have to go, well, no, I want those advertisements there for X, y or Z reasons. Why am I not getting those advertisements?

B

You're.

A

You're good at advertising everything else. Why can't you advertise the fact that people need to opt in or out of this service? Anyway, I'm a little over time. It's just starting to get me angry now. All right, so there we go, kids. That was John. Or not John. This was Daily Cyber Threat Brief. It was a lot of fun, but it has come to an end and it's now time for me to shuffle off into the back. And when I come back, we'll be doing some Jawjacking where you get to ask your questions. Hopefully you enjoyed today's episode. Be sure to join me momentarily. Fire that beautiful bean footage.

C

Ever wonder what it takes to break into cyber security? Join us every weekday for Jawjacking, where industry experts answer your burning questions about the cyber security field. Live, unfiltered and totally free. Let's level up together. It's time for some jawjacking.

A

Welcome back everyone to Jawjacking. Hopefully today we get some really good stuff. We had a lot of great conversation over in the Daily Cyber Threat Brief. Interesting articles today. Some of them that will make you your blood boil a little bit. I know it does me, I hate. I really have trouble reading news articles. Oh, my back. Ah, my sciatica is acting up. Gotta get a better chair. That's what I gotta do. That's the problem. Anywho, this is the part of the show where you get to ask me questions. So make sure if you have a question, you put a big Q in front of it and that will help it pop out from the rest of the just chitter chatter that's going on. Not that we don't love that chitter chatter. Please, everybody have great conversation. Engage with each other as well, you don't have to just engage with me, but I am here to facilitate conversation. If that is in the form of a question and me trying to come up with an answer, then so be it. And like I said, just put a big A big capital Q so I know it's a question. Or maybe three Q's. I like. We'll go with three cues today only. No, I'm not kidding. You can do three cues. You can do one Q. I'll try to find it. I'll make sure that we can see everyone on the stream as well. If you are just now joining us. I am sick. But hey, what are you gonna do? I. I persevere.

B

Foreign.

A

Let's see if we can find ourselves an interesting question or just some fun conversation. Looking for those questions. I don't see any cues yet. Oh, here we go. This comes from the real Kyle. Kyle, have you seen the Great Flood On Netflix? I call it. I'd call it a action drama about training, AI and the apocalypse. I have not seen this. The Great Flood. Oh, okay. Let me go look up this. The Great Flood. Netflix. Let's get a synopsis of this. It says the Great flood is a 2025 South Korean science fiction disaster film co written and directed by these people. Starring these other people. The film depicts the desperate struggle of those who have pinned their hopes on humanity's last days in a flooded apartment building. The film had its world premiere. Okay, good for him though. Here's the plot. An AI researcher and recent widow wakes in her apartment to find flood water rising in the 30 floor complex with her 6 year old son. She attempts to reach the floor, the roof and receives a call from the United nations officials who informs her that the agents are on route to extract her and her son by helicopter. She is saved by a. Saved from a tsunami by an agent named He Joe. He reveals that the United nations had known for years about an asteroid impact. Interesting. No, I have not seen this at all. Have to look into that. I could use a good. A good show. Is it a movie? Is. It's a movie, right? Yeah, film. Cool. That's a. That's. That's where. Thank you for letting us know about that. Let's see here. Questions? Oh man. You guys are talking about piracy. I. Tell me you're in. You. You grew up in the 90s? I'll tell me you grew up in the 90s or the mid or early 2000s. You wouldn't download a car, you wouldn't download music. The old FBI warnings that came in front of the DD DVDs. That is funny. Thank you, Phil. What the heck? Where am I? All right, looking for the cues. Looking for the cues. Yeah. The Internet used to be for nerds. It did. All right, I'm scrolling down to the bottom because I think that my chat is a little behind. Let me see if I go the other way. Here we go. This comes from zero keystrokes. I got a three to four old let win laptops. Got any fun unique ideas to use them in my labs? Absolutely. Like, you know what would be fun is to like take a couple of them and make them vulnerable lab machines. You know, go find some recent RCEs with some high CVSS scores that use un, you know, some unauthenticated RCE stuff and then build your proof of concepts, attack them. You know, do, do all your phases of pen testing, like scan and recon. Do all that fun stuff. Learn about that. Write it up as basically building your own hack the box. It could be a lot of fun. Or learn a new skill. Like, you know that MongoDB thing that's going on out there, Maybe you can recreate that. So spin up some mongodb, give it a very primitive web front end and then mess around with that and use AI to try to help you get all that stuff built. But make sure you're learning and understanding that stuff as you go. It'll be a great way for you get some hands on experience and say, well, I've actually installed MongoDB. I've actually created tables and rows and users and blah blah, blah. I guess it doesn't do it that way. I know MongoDB is a no, no SQL database, but I'm not really familiar with this form. Another database guy. See, I could do it myself. I could use that way. Yeah, that could be fun. Just anything, like what interests you. That's how I would go with it. Here's one from Arty. Does the NIST need to be revised to solve the issues in today's episode? Probably that. I guarantee it. It will be revised to solve the issues and they'll at least try to give you some guidance on them. They'll get together and they'll talk about it and then it'll be, you know, it's like a haircut, right? I find that frameworks and standards and anything that's in written format as guidance. It's like a haircut and you're like, how's that, Daniel? You see what happens is your hair. Well, back when I used to have hair, it would grow Right. And it grows and it becomes unruly. And you're like, it's time. I gotta go to the barber or the salon or whatever you do. And then they cut it and it looks horrible. And you're like, ah, that sucks. And you have to live with that for three weeks maybe. And then you get this one day of. It's like perfection. You're like, my hair looks amazing. And then the next day after, it looks horrible again. You gotta go get. It's time to get a cut. I feel like that's how, like, these written things are. Like all these standards and stuff is they. They're only good for a very short amount of time. I. I say that they have a lot of really good information. The good news is cyber security stuff doesn't. Like, old things are still relevant. It's the new things that we have to add to the old stuff. Right. That, that's. That's typically how it goes, at least in my estimation, in my experience. I like this. You dig the haircut analogy. I appreciate it. I hope it works. Right. It's all about trying to figure out how these things, like, operate and you have something tangible in your brain to, to connect it to. All right, give me those questions, man. We're only not even quite halfway through. Here's an interesting thing. Someone's asking Jay Gold this. How do you feel about a Zero Trust router? That's. That could. It depends on the. Right. I. I know this is for Justin, but I just thought that was an interesting thing because I. I don't think about that kind of stuff very often. A Zero Trust router, meaning basically that it never trusts where it's coming from or where it's going. It always verifies that that's what's going on. I would assume there'd be a bit of a performance hit on that. But this is where, you know, cyber security kind of does its cyber security thing is the more difficult things tend to be, the more secure they tend to be as well. Right. Not saying that they're perfection, but when you start adding complexity of security, the user experience tends to get a hit a bit, or to a great extent, just depending on what you're doing. So I found that that's why a lot of security does not get implemented, because they've. They prefer a better user experience than they do the security. And therefore. So you got to learn whether or not you. You'd be able to live with any kind of performance hits or whatever. Right. But I thought that was a cool question. I know it wasn't directed toward us, but good stuff gets the conversation going in a lot of people's minds. Here comes one question from Artie. If Tor or Threat Locker offered a privacy centric residual residential ISP service, would you pick it over a large carrier like Verizon or Comcast? It depends. It's. It's possible that I would do that because I prefer privacy centric things. I am not perfect at eating my own dog food and practicing what I preach on that kind of stuff. And, you know, that's just me being real. And I'm sure a lot of you, if you're honest as well, same, I'm sure there's the, the edge cases out there that are like, I don't even give a dang. I do whatever I want. I click on things, I do all that stuff. And then there's the people that are like, my OPSEC is perfect, but the people in the middle of the bell curve. Right? We are, yeah, I'll say. I'll throw myself. I'll lump myself in. Even though I probably do more security, more privacy than the average person, so I'm not completely dead center. But, you know, they just want things to be easy. That, that, that is going to be the, that's the kick. If they could make it easy, I can't. And, and here's the other problem. When it comes to privacy, people don't understand why they need privacy. They think, and I'm sure you've heard this before, I don't have anything to hide. It's like, that's not what it's about. It's not what it's about at all. It's not about. You're over there, like, looking at something you shouldn't look at or visiting websites that are probably morally questionable or things of that nature or that you're like becoming part of a terrorist cell. That. That's not what it's about. What it's about is, is the fact that the more, the more you increase your privacy, the less likely it is that your data will be available for a threat actor to utilize. And. Because what happens if someone steals my information and uses it to contact my wife and say, I'm stuck, I got this thing, I need you to wire me some money. Blah, blah, blah, Give me the routing number. I'm trying to buy this online and she thinks it's me, right? So the more people know about me now, I'm, I'm a bit of a public figure, so there's some trade off to that. That I have to live with. And I, I, I've kind of like found myself in that sphere. I didn't set off to be that. It just happened. So now I got to do a lot of backpedaling, go back and clean up my life or whatever or create a, or be, just be more privacy focus from here on out kind of thing. But for you regular folks that are out there just trying to live your life and have some privacy, right, that's the kind of things you got to look out for. And it doesn't. Because what hurts worse, right, that you know, a multi million dollar company gets hit for, you know, a million dollars. Yeah, it sucks. It hurts. They got insurance. Not that it makes it right or that they should have that happen or that it's any less wrong, but. Or Joe or Jane out there that gets popped for a thousand dollars that they ain't got and now the little they did had is gone. Right? And all it would have taken was some better security, some better privacy. But we're advertising to everything. They want to know everything about you. And that's, that's the problem. So I would be inclined to at least give it a shake. Artie. I, I and if it was usable, I'd go for it. That's the trick though. They have to make it usable. They have to make it at least user friendly enough. And that's a fine line to find and just ask Linux, right? It's, I think it's objectively a better operating system than Windows ever thought of being, but it's not as user friendly. So people opt for what they get. And they know instead of doing a little bit of hard work so that they can be more secure. So we have to come meet them where they are. All right, let's get, let's get going here. We got another 12 minutes to go. Jojo Rabbit. Morally questionable. Does Facebook count, judges? The judges will allow it. The judges will allow it. Facebook is morally questionable. This is so fun. All right, here we go from the real Kyle. Kyle, what do you think about security cameras in public that aren't encrypted? Not nothing good. I've been seeing stories about a lot of them. Yeah, those Flock cameras have default crits creds too. I know I've come across a few in my research. Yeah. So if I'm not mistaken in which I could be, I think the Flock cameras are a service that law enforcement and government systems use. So they're like a third party. They, they're not owned by them per se. Is that the way it is, is Flock security cameras. Is Flock security cameras owned by governments governance, or is it just a service? All right, it is not owned. They are contracted, says Flock safety. Cameras are owned by the company Flock safety, not by the governments or municipalities that contract with them, While the governments and businesses that use those cameras own the data they collect. And the physical cameras themselves are owned and operated by flock safety. This arrangement has raised concerns about data privacy and control rights, and that is what Kyle is getting to. And yes, I am concerned about that, especially with the lack of encryption, the lack of security this is. And it always starts off with, oh, well, no one will even know they're there. No one has access to this but us. It's like, get real, right? On what planet are you living? Because. Yeah, Right. Like jojo Rabbit here says, I told my wife we need a password. And she thought I was nuts. I then cloned her voice and called her. That was. That was an excellent thing to do. All this privacy and stuff. All. All rings true together. So that's why I'm glad to kind of put it. Put it here together with all this, that we should be opting into security and privacy as much as we possibly can. And you're going to find where it's like, wow, that's a bridge too far for me. And then you got to make that decision and go, is it worth the risk? And see, now you're doing a risk analysis and a risk impact analysis or business impact analysis on your personal business, which is you, your data. Is it worth it? What's the likelihood and probability of these things happening? Right. Utilize all the stuff that we talk about every day. Now, here we go. GRC had to make its way here. And you go, oh, okay, man. It does seem like it would be likely. And the impact is high of, like, catastrophic if that does occur. So we're just going to take the safety measure and implement a password between me and my family members so that anytime the words I need some money comes out of someone's head. Okay, cool. What's the password? And they're gonna be like, ah, shut up. Like, yeah, that's what I thought. Piss off. Stupid scammer. Oh, let's see here. Jesse Johnson's in the house. What's up, Jesse? Feels good to be back. Headed out to get an office chair from Facebook Marketplace. I need one myself. I have one. It's a nice one. It's just. It's not. When I sit in it for too long, I get my. My get, like a nerve that Pops up in my hip and does not like it. So it's time to go back to the, to the Facebook marketplace where all good chairs go to get sold. Let's see here. Any more questions? We got a few minutes left. The safe word is pineapple juice. That's funny. Efs. I'm sorry. The EFF has some good articles. That's awesome. So definitely that's the Electronic Freedom foundation, right? EFF Frontier Foundation. That's what it is. Electronic Frontier. They're basically privacy advocates and encryption and all that kind of stuff. So definitely check that out. Read some articles. Michelle Khan also has some stuff on his websites too. So definitely check that out. Here we go. We're getting into first amendment rights. Do you earnestly believe our first Amendment right to free to speech and fourth Amendment right to privacy realistically exist in today's it economy? It exists, it's just not being respected. Right. So if the argument you're making is because it's not being respected, no one's enforcing it, then it's therefore not really there. And I think that's how they hide behind this stuff is that they just get enforcement to go away or only enforced for specific things that, that would be the problem. What can we do to protect our right? Making security convenient. Decentralization is probably the best way to go. Utilizing encryptions and that kind of stuff on all your data. That, that could be another message going back to the whole crypto thing. I know a lot of people that are crypto advocates are so. Because of prying eyes of governments and they don't, they don't. You don't need to know what the heck I'm buying on Amazon. You just need to know that I made a transaction and you can. Right? Because they don't want the, the fear in a lot of people's minds are that. And of course here comes the tinfoil hats that if you can track what it is I'm buying and selling then and. Or you can control the currency in which I buy and sell with then you control me. Which I find it hard to. We did see that with the Canadian truck drivers. Right. They legit just took their, took their bank accounts, took all the money out of their bank accounts so they couldn't continue to do their protest. So whether you agree with that, with the protest or not is irrelevant. It's. Do you agree? Because I had this conversation with my brother in law one time. It's like it doesn't matter who's in office or who's in power or whatever. It could be the one way this day, it could be another way tomorrow. The reason that we protect the rights is so that no matter who's in charge, they can't, they can't fiddle with our business. Right. If I want to say things, I'm, I'm, I'm allowed to be critical of whoever's in, in power. I'm not allowed to slander them. Right. Not a free speech absolutist where I should be able to say whatever I want, whether it's lies and slander or labless whatever. Like, no, that's, that's not the case. And that was not the intention of American free speech either. It was meant to. In public forums, you have the right to be critical of things. So it's a, it's a sketchy topic. I don't know if Jerry wants me to get into this too much. I've tried to just kind of stay right there on the surface of that. If you, if you in at all care for your privacy, then you're going to be a free speech advocate. You're going to be someone that is going to be advocating for privacy. It is interesting. So demand it from your, from your IT stuff and implement as much as you can in your own IT environments and say, see, this can be done. Everybody doesn't need to know this. And that will actually help out businesses because if their information is being kept safe and more difficult, you had more layers of complexity to get at it, then threat actors are going to have a harder time. It's, it's a win, win for everyone. All right, here's, here's maybe the last one for the day. Let's see if we have time. After this, the rich asks, how do you feel about people who release zero days around major holidays? I'm on the fence because the threat actors don't play by our rules anyway. Like, are you talking about threat actors releasing? I mean, obviously that's a bad thing. Most people are on vacations, less likely to get triaged. Well, so, yeah, I, if you're talking about releasing zero days, there's no fix. They haven't done responsible disclosure kind of a hole business. I'm not for that at all. They should contact the vendor and let them know, work with them with the. So they can get it. I understand not every vendor jumps to when someone releases or gives them information that, hey, I found a vulnerability. They like to downplay, they like to slow roll, I get it, but that's going to be on them. That doesn't give you the Right. To then go, well, well, if you won't fix it, I will. Right.

C

All right.

A

At least, like, I get the argument behind, well, if I release it, then they'll jump on it and that will. That will force their hand into triaging this. But you also open up. You might be the only one that knows about that. Right. You. You would. If you could come up with some. Some proof that is being actively exploited, something that you've discovered, then that's going to go a long way with getting it worked on and getting people off of their holiday couch and into the office going, this is something we need to work on because it's being actively exploited. And we have proof right here that that's happening. I get it. It's. It's a gray area. It's not just black and white. But I feel like we should err on the side of caution on that. You do what you can, and then you could warn people and say, I know of a zero day. Of course, that focuses threat action. You see, it's complex. This is why cyber security is a giant dumpster fire, because there's so much complexity to it that it's difficult to. To do well. So there you go. We got two minutes left. I know it's a short answer, but I'm just trying to get some more questions here. Any more questions? Any more questions? Here we go. Justin De Jong. Random acts of violence for or against? What? Against. Because if my family was walking down the street and someone randomly did an act of violence on them, I'm gonna have a not so random act of violence going back their way. Because I've got kids and a wife that my job is to keep them safe. So why would I be a. I. I want a polite society. So I'm definitely not for random acts of violence. That. That doesn't. Okay. Yeah. Any more questions? We got one minute to go. We're creeping up POC. This is from Keisha InfoSec. POC needs tweaking, usually, but some people can do it quick. It's true. It's true. Here we go. It's easy to release zero days when 95 of the population doesn't even take the proper measures to protect their devices. I protect my devices all the time and I barely speak online for obvious reasons. Right. Yep. Oh, from the real Kyle. Kyle. Michelle Khan has an offset class for security professionals. It's free right now. Go get your butts on that because that's going to be gold Gold. And I don't mean Justin gold. I don't mean Jay Gold. I mean gold Gold. So go check that out. Really cool stuff, man. This has been an interesting conversation with you good folks today. Thank you so much for joining me. Looks like we are at the end of our fun good times. I'll miss you. I'll miss you. I will be back tomorrow, so hopefully I will see you there in the daily cyber threat brief and for Jawjacking. So until then, everyone stay secure.