B (5:59)

Dude.

A (5:59)

Like for example, Kathy Chambers and several cyber female professionals are taking over Simply Cyber Firesides next Thursday. I won't, I'll do the intro. But Kathy's taken over and they're doing an all female do I belong here? Imposter syndrome session. Right. We got a one hour skill stream coming up next week as well. If you want to pick up some skills from Tim Papa's like Simply Cyber IO Schedule. That's where it's at all right now. Fully loaded, let me tell you. Fully loaded. And all of the squad members. What's up? Devin Grady. Jim Wales. Jim Wales. Dude, it's been a minute. Jim, good to see you. Jim. Coffee cup. Cheers y'. All. All right. Hey, real quick, before I do, the sponsor reads every single day of the week has a special segment. Guess what today is. This guy right here, one James McQuiggin at 35000ft from seat 3B somewhere over the Midwest is going to deliver rib ticklers. I do not read these jokes in advance so I'm getting them right when you're getting them. Also hilarious. So look forward to that. About 8:30 this morning or in about 20 minutes. All right, holler at the stream sponsors. Let me tell you real quick. Let me tell you about material security. All the stream sponsor links are in the description below. Please go check them out. It helps the channel. And I, I, I personally there's, there's tons of sponsors I say no to because I don't want to be associated with them. So if they're, if they made it this far, they're legit and worth checking out. Your cloud workspace is more than just email. So why is security. Stop there. Material delivers complete protection for Google workspace and Microsoft 365. Going beyond perimeter defenses to secure email files and accounts across your entire environment. With advanced AI detections and automated threat response. Material correlates signals across the workspace to identify risks that others are going to miss. It protects sensitive data in inboxes and shared files and bonus monitors. Account access and third party apps and automates remediation from phishing response to user reported triaging. And what's the result from all this effort? You mature your security posture and you scale protection for your organization without Eddie Headcount. So basically for the cost of traditional email security, you get all of these extra capabilities and you don't have to add bodies to the workforce. I love it. Ready to secure your workspace? Go to Simply Cyber IO Material to learn more. Oh my God. Marcus Kyler. I just threw up in my mouth. All right. Hey, let me tell you about Anti Siphon training. Anti Siphon training is disrupting the traditional cyber security training industry by offering high quality, cutting edge education to everyone regardless of financial position. Maybe you're just wrapping up your Denver experience. My Wild west hack and fest. Mile High. Zach Hill was sending me pictures yesterday. Elite Dennis is there. Several others are there. If you are at Mile High, don't be shy to use the Con chat channel on the Discord server. The FOMO for those who can't make it is real. But Anti Siphon training for $0 you can learn about active directories, new security enhancements and absolutely be a boss at your next job interview when you're just casually throwing out new capabilities that the person interviewing you might not even know that they have. How do you do this? Sign up here. I'm going to drop a link to this in chat. This is a free one hour practical webinar. You will leave with skills, register for it and if you can't make it, no one's going to hold you accountable. Like no one. You don't get to go to like 5 anti siphon trainings a year and you don't want to accidentally sign up for one and spend one of your five credits. You can go to all of them or you can go to none of them. It makes no difference, right? So there's no reason not to sign up. And then you know, basically make it if you can. And you know, if you can't, don't. So go toantisiphontrain.com for more. All right, quick word from Threat Locker and then we're gonna get going on the news. I want to give some love to the daily Cyber Threat brief sponsor, Threat Locker. Do zero day exploits and supply chain attacks. Keep you up at night. Worry no more. You can harden your security with Threat Locker. Worldwide companies like JetBlue Trust Threat Locker to secure their data and keep their business operations flying high. Threat Locker takes a deny by default approach to cyber security and provides A full audit of every action allowed or blocked for risk management, compliance, onboarding and operation is fully supported by their US based Cyber Hero support team. Get a free 30 day trial and learn more about how Threat Locker can help prevent ransomware and Ensure compliance. Visit threatlocker.com Daily Cyber. Okay, normally I would melt your face immediately with hot cyber news, but I just saw Jonathan and Jonathan, I don't know how to pronounce your last name because it starts with wc, which is a unusual combination for me. So we'll just say Jonathan on LinkedIn. Who says it's tough to get an interview? Jonathan, this one's for you. But anyone who's having a tough time getting the interview part, I did this live session with Mike Miller on January Something January 28th. It doesn't matter actually what day it is. This is one hour. And this is like literally, like literally mount your face to a fire hose and turn the fire hose on for an hour. That's, that's what this is. And it's all about establishing personal brand, which isn't a gross term. We explain why in this session, but it can help you get visibility. It can help you stand out in a sea of sameness, Jonathan, and help you get interviews. Okay, I'm gonna drop a link to this video in chat for John Johnathan. I can't, I can't Type over on LinkedIn. So this is for. I just dropped the video but you won't see the chat. So Jonathan, just search for the term personal branding for your cyber career on Simply Cyber. Or just go to Simply Cyber's YouTube channel. Or like go to this, this is what you need to do. Or come over to YouTube and I can give you the link. All right, guys, do me a favor and thank you for giving me a moment everybody to help Jonathan out. Do me a favor, everybody. I need you to sit back fully loaded. I need you to relax. Space tacos in Roswell, uk. I need you to let the cool sounds of the hot news wash over all of us in an awesome wave. You might need a shower after today because it's going to be a big wave of spicy hot news. Let's go.

B (13:17)

From the CISO series, it's cybersecurity headlines.

C (13:25)

These are the cyber security headlines.

A (13:27)

Steve Prentice.

C (13:28)

Friday, February 13, 2026. I'm Steve Prentice. Hackers abuse Gemini AI for all attack stages, says Google. A report released yesterday from the Google Threat Intelligence Group confirms that threat actors from China, Iran, North Korea and Russia have used Gemini for target profiling and open source Intelligence generating, phishing lures, translating text coding, vulnerability testing and troubleshooting, end quote. They are also showing increased interest in using it for social engineering click fix campaigns. The report says that Gemini is used quote, from reconnaissance and phishing lure creation to command and control development and data exfiltration, end quote. With specific actions including using an expert cybersecurity Persona to request that Gemini automate vulnerability analysis and provide targeted testing plans in the context of a fabricated scenario. A link to the report is available in the show. Notes to this episode.

A (14:33)

All right, really quick, this graphic on screen right here, if you're listening on audio, I. I can't possibly describe this and, and keep this, you know, rated G, like was the prompt for this graph. This graphic is graphic if you're picking up what I'm putting down. Jesus. Shall we play a game? Okay, so check it out. Now, this should come as no surprise. Google's Gemini AI model is being used for every phase of the kill chain. My guy Claude is being used for every stage. Chat GPT is being used for every stage. Roll your own LLM is being used for every stage. Like, come on, like China already did this, like back in November where they had like three or four phases, sub agents doing recon, iterative analysis and by saying, oh hey, you're a seasoned cyber security professional with 3, 000 years of experience. Do a reverse analysis of this vulnerability. Right. Like you can do all that and we as defenders should be using Google, Gemini and other, you know, LLMs. I'm not, I don't at this point, I, I have a preference on LLM, but I'm not like, I'm not hell bent on it. This isn't like Red Sox, Yankees or Patriots, jets and Bills, or basically the AFC east versus the Patriots where I'm like vehemently against it. So choose your own LLM. And, and it's probably being used this way. And we as defenders have to use it to write detections quicker, move faster, all of the things, everything is just speeding up. We are again, I don't want to get dark with y' all about my AI predictions. I'm almost done with my Prepper tablet. Ruggedized tablet with solar power on it. But yeah, okay, so there's nothing like the deal is there's nothing here that you really need to do anything specific about. This is more of an awareness on threat. Actors are going to be moving exponentially faster on, you know, attacks and attacks with success. Which means two things. One, you have to be using AI. It's just inevitable to Be able to move faster from a defender perspective. And this should come as no surprise. But like in, in 2026, like you, you can't just protect, okay? You need to be wicked effective at detection and response. Like orchestrate it. Okay, I'm going to just show you something really quickly again, by the way, fully loaded. Our first timers here, I know you can, you can go to this website and look at this news article yourself. You don't have to come to Daily Cyber Threat Brief. The reason I want you to be here is because I do have 20 plus years of experience and a lot of thoughts on cyber and I can go beyond the headline to give you value. So let me just, let me just show you this really quickly. Okay, look at this because this is, this is a paradigm shift for you, all right? NIST cyber security framework. And a lot of you are going to, not a lot of you, but many of you might feel called out right now. This is the reality, okay? Just look at the Identify, protect, detect, respond, recover. And I know this is NIST CSF 1.2 and 2.0 has the governance cap function. So don't come at me in the comments. I know that. But for this demonstration, let me tell you, identify and protect is left of boom. Left of boom means everything you can do before you get punched in the mouth by a threat actor. Detect, respond, recover. Yellow, red, green. These are right of boom. This is after a threat actor has absolutely worn you like a hand puppet, you know what I'm saying? Like really getting in there. They, they are, they are in your environment. They have compromised you. They have taken over things. They have control of assets. You are not good, you're not in a good situation. This is a reality and this is where you might feel called out for years and years and years and even into today, many cyber security programs. I'm going to step away from the mic because I, I feel like I'm yelling many of the cybers. And let me know if my audio sounds okay from here. Many cyber security programs focus on identify and protect only with a huge emphasis on protect, because it's easy. You can put controls in place, you can buy technology, you can roll out mfa. You can do all those things. Detect, respond and recover often is left to its own devices. It's a nice to have because they're not doing pen testing. You're. If you are getting compromised, you're basically reimaging the machine and going about your day. These three capabilities are often not mature. And in 2026, when threat actors are able to move exponentially faster because of AI. The, the, the, the cracks in your foundation, the, the things that you, you didn't identify, the things you're not protecting or the things that you're protecting not well enough are going to be compromised. And when that detect, respond and recover is moving at AI speed and your information security program looks like it was built in 1996 right of boom, you are going to have a horrible day. A horrible day because they're going to be moving at AI speed. Okay, so now that I've like made this claim and I'm telling you I have built programs from scratch. I have been hired to come in and fix programs. And what I just told you is an axiomatic tenant of all of them. Even, even when I'm building no programs. Identify and protect usually goes first because you have to put all the controls in place. But before you can begin to look at where are things going to be broken or where do I have gaps in my security controls, etc. All right, now that I've made that passionate case for cyber program, you see, GRC is not lame. Tyler Ramsey will have you think that GRC is a three, a four letter word. But I'm telling you, we got, we got hot takes over here. So anyways, yeah, Gemini, AI, all stages of attack. This is happening today. It was probably happening last year. You got to beef up your program. Okay, I'm about, I'm going to write a LinkedIn post later today about how cyber capabilities are a integral part of all first, you know, first world, nation, state, national power influence operations. Like it's just cyber is a critical infrastructure in my opinion at this point. So yes, you need to do these things and be mindful of it. It's not going anywhere. It's not going anywhere.

C (21:54)

Apple patches, decades old, possibly exploited. IOS0day, possibly exploited.

A (22:03)

That is the most lukewarm vanilla take I've ever had. Possibly, possibly not exploited. Thanks.

C (22:12)

This vulnerability affects, quote, every iOS version since 1.0, end quote and has been used in what the company calls an extremely sophisticated attack against targeted individuals. Discovered by Google's Threat Analysis Group. The CVE numbered vulnerability dealing with the Dyld. Apple's dynamic linker allows attackers with memory write capability to execute arbitrary code. Brian Milbeer, deputy CISO at Huntress, said, quote, this vulnerability represents a door that has been unlocked for over a decade, end quote. Acting cease.

A (22:48)

I wonder. Well, okay, so first of all, well, several things. One, even though it's an Apple product, it's vulnerable. Like, I know that this myth has been busted for years. But just for the people in the back who maybe didn't hear it, Linux can be vulnerable. Apple iOS can be vulnerable. Mac OS can be vulnerable. It's just. Is there researchers looking for the vulnerability and exploitation. So let me look at this really quick. All right, so it is patched. Okay. So you gotta. Patrick. Ah. You gotta patch it. So you gotta patch it to like tell everyone, hide your wife, hide your kids, patch your iOS, right? I'm gonna do it, I'm gonna do it right now. Like while we're doing this, right while we're talking. So a decades old patch, which is not good. It makes me wonder if you know how like the FBI hired that Australian guy to crack into the San Bernardino shooter's phone and get all the stuff out of it. You know how Cell Bright basically sells a plug it in and we own your phone solution. I wonder if you know this, this capability had been discovered. It's decades old, going all the way back to iOS1. We're on iOS26. My. Ow, fudge sickles. My. My phone is currently looking for updates. So I'll report back in in real time here. Oh, there is a patch. Holy crap, dude. It's a 10 gig patch, bruh. Foreign I'm gonna update tonight so I will be vulnerable for the rest of the day. But I gotta do James McQuiggin at 35000 feats jokes. I can't be a 10 gig patch on my phone. What are we up to? All right, educate your end users. Again, this is a sophisticated attack, very likely targeting specific individuals. So Jerry, you know Dr. Gerald Oer from Daily Cyber Threat Brief. Nobody is spending energy attacking me, but I'm still gonna patch because of best practices and consistency and vigilance. But if you are, I don't know, Sam Altman or you know, Donald Trump or Gai Ping or you know, insert Elon musk like, you know what I mean? Like if you can have a remote code execution delivered and take over a phone, those are the people who should be mindful of it, Right? By the way, Huntress, if you guys didn't know Huntress is one of these. Does Huntress do MDR services? They have a security research branch, John Hammond's over there, a couple others over there. I think they have like 600 employees now. I'm not entirely sure what they do, but they're always putting out really good research and I just like their vibe. I've heard the guy over there who started Huntress is A really good guy as well. So I, I like Huntress. I like Huntress. By the way, if Huntress wants to sponsor Simply Cyber Daily Cyber threat brief pre approved. All right, so Dyld is a dynamic linker type thing. They have a nice analogy in here. Think of the Dyld as the doorman for your phone. Every single app that wants to run must first pass through the doorman to be assembled and given permission to start. So normally the doorman checks creds and places apps in high security sandbox where they can't touch your private data. This vulnerability allows an attacker to trick the doorman into handing over a super key before security checks even begin. Very clever. Now of course, of course, like anything else, you can chain, you can chain vulnerabilities together to get, you know, higher permissions and, you know, more persistence and stuff like that. So, you know, this particular one allows you to execute code. I would imagine that the first thing that this payload, you know, if a threat actor did compromise this would be to, would be then to set up some kind of, you know, additional account or backdoor mechanism or disable security or something like that. That would be the first thing. And then pull down, you know, other payloads and do things. So again, this one's simple to avoid. Just patch it. Ah, you gotta patch it. That's it. Okay, great work by Huntress. I mean, again, this, this is a vulnerability that's been there for over a decade. So 10 years this thing's just been floating in there. By the way, it goes to show you something as super prestigious as Apple iOS can still have old flaws in it. All right, so for all the.

B (27:46)

For.

A (27:47)

All the imposter syndrome people out there are like, oh, all the easy things have already been picked. I mean, obviously this wasn't easy, but like there, there's vulnerabilities for everybody. Reynard Waite says Huntress has EDR SIM ITDR for i365. ITDR. I'll be the guy who says the emperor has no clothes on. I don't know that acronym. Is that Disaster Recovery Identity Threat Detection and Response? Huh. Okay, okay, so I guess I, I just haven't heard this acronym before. ITDR is in for chat really quickly. Is ITDR basically looking for anomalous behavior of users in your environment? Like bizarre logins from weird places or trying to access things or doing large data exhils. Is that what like did they just basically give a name to the thing that we've been looking at for a while? Anyways, let me Know in chat Chief.

C (28:48)

Criticizes potential DHS funding lapse. Speaking to the House Appropriations Subcommittee on Homeland Security on Wednesday, acting SISA leader Madhu Gautamakala stated that another Department of Homeland Security shutdown would hamper cease ability to respond, respond to threats, offer services, develop new capabilities, and finish writing a key regulation while the two sides on the Hill battle it out. Gotta. McCalla said Caesar planned to, quote, designate 888 of its 2341 employees as accepted, meaning they could continue to work during a shutdown, albeit without pay.

A (29:24)

Oh, wow.

C (29:25)

End quote.

A (29:26)

What a. What a dynamite opportunity. You too can work for free. What are we doing here? I don't know about you, but I don't work for free. Last time I checked, I have bills like, what are we doing here? The entire social contract of employment is I give you my time and energy and you give me money. Like to be debt. Like to be designated as you can work for free. That will like, oo. I can't wait to run home and tell Mrs. Oer I've been chosen. Yay. Like, it makes me think. Did you guys see the movie? What's the freaking movie? It's an animated movie. Madagascar. Madagascar. With the king, Julian's assistant. Whatever. This guy is mortal. This guy. This guy here. This guy here was the first one. This guy right here was like, Cease is like, all right, we're gonna choose 888 people. You're number one. And he's like, come on, bro. All right, so I. Okay, so CESA may have a shutdown as part of this whole shutdown thing we saw earlier in January 2024, 2025, where there was like a possible loss of funding for the CVE management and all that, and everybody kind of lost their collective mind. The European Union actually started spinning up their own version because they're like, United States. You look like an empire in decline. We're going to go ahead and just start our own vulnerability management situation over here for redundancy and continuity. This seems to be very similar. What I will say again, Elliot Mati, I'm going to do everything to not get political up in this mother trucker. But dhs, Department of Homeland Security, CESA is. CESA is a sub agency of dhs. Okay. Subagency. Also subagency of DHS is ICE or also sub agency. Is Border Patrol. Also sub agency, I think is U.S. coast Guard. Correct me if I'm wrong, Coast Guard might be Department of Transportation. But. But anyways, there is a lot of. How do I best put this? There's a lot of strife in the United States around DHS and their approach to immigration control right now. And one of the levers of power that lawmakers are trying to wield is essentially not funding DHS in order to essentially not have the immigration officers get paychecks so then they don't go to work. Right. So one of the casualties of this is that you can't fund CESA and not ice, basically. Right. So DHS and I assume this, this is like Game of Thrones all day, every day. So now like cease is like, wait a minute, we're gonna lose funding and there's going to be massive impact. You've got to fund us. And don't look over here in Minneapolis or anything like that. So we'll see what happens. Let's see, it says, I mean, CESA's reduced its personnel by a third under the current administration. So I mean, they're already doing more with less anyways. I don't know, man. So I guess all you got to know here for the story is if you depend on CSA for threat intelligence or service, they might have a shutdown and you would be, you know, out of luck here.

C (33:34)

Moscow moves to throttle telegram and WhatsApp in favor of its own messaging app Russia's communications regulator, Roscoe Nadzor confirmed on Tuesday that it has, quote, deliberately slowed down the Telegram app, which has nearly 90 million local users, citing the company's failure to comply with Russian law. Russian users began reporting widespread Telegram disruptions earlier this week, according to data from Internet monitoring service Down Detector. Meanwhile, a separate report from Meta on Thursday said Russia has also attempted to fully block WhatsApp in an effort to push users towards a state backed alternative. Users, therefore, are being encouraged to switch to the alternative Max Max, a government backed messaging platform.

A (34:21)

All right, Moscow moves the throttle Telegram. All right, I mean, dude, what is going on? We live in such a wild time right now, dude. Between the confluence of a. AI and geopolitical disruption, like world power disruption. We live in like a bizarre time. All right, so listen, here's something really quick. Signal, telegram, WhatsApp, whatever. These are messaging apps that are not state controlled, they're not owned by the government. The government doesn't have, I mean, they have some influence over it, right? They can round up the CEO of the company and throw them in jail. They did that. The, the, the Telegram CEO, if you remember, his girlfriend A.B. accidentally doxed his helicopter tail number and he got thrown or detained for a hot minute until he complied. I think it was, I Forget what country it was around visibility into some Telegram stuff. But these nation state powers, they, they don't want their people to be able to organize or communicate. And again, you can wrap this in a civil defense, public, public service type thing like oh, criminals use telegram, so we're not going to allow telegram. But at the same time, if you're pushing everybody into a state controlled messaging app, I mean, do you think for a minute, hold on, let me just confirm this, what I'm about to say because I don't research or prep this really quickly. Which, what is the app they're trying to get them to. Yeah, see authorities call for extremist activity. That's the problem with using Telegram. Threat actors are using it, predators are using it. So, so this is the argument. And, and dude, we see this all the time. It's not safe. You, you, are you willing to give up some of your privacy in order for the, you know, common good of everybody so we can round up bad threat actors? And a lot of people are like sure, yeah, like I'll erode some of my privacy. But the problem is you can't just say it's going to be you. Like you can say it's just going to be used for threat actors, but there's humans who are operating it with their own motivations, their own incentives and it becomes a lever of power. This has been the case forever. So now Russia's trying to push everybody to this messaging app. Where is it? What's the friggin one? Yeah, see Pavel Durov, this is the guy who's like the founder of Telegram. I'm almost positive that's him. I don't know why. It's Dubai based. I didn't know that. But he's calling this an authoritarian. Authoritarian move. Yup, yup, that checks out. Built for surveillance. Yup. Judges. I'm getting nods from the judges. Yes. So where's, what's the app they're trying to push people to? That's what I want to know because I have a hot take on it. That's you know, not going to be like ground shaking, but. Where's the friggin. Hold on. I thought the story said that there was an app that, I thought there was a, like there was a new app that they were trying to push them to. Did anyone hear that? I, I swear to God they said that there was an app they were trying to push him to. My point is I want to say that this new app they're pushing to I suspect is Russian backed, state sponsored and they would absolutely have the keys to the back end. The app is Max. Thank you. Okay. To replace these apps, Russian officials are promoting a national messaging platform called Max. A government back. I knew it. I knew it. Modeled on China's WeChat. Dude, I will bet you an amount of money that makes a material amount of money to me that they have the keys to the back end. Like, there's no question. Think about it for a second. Okay? Think about it. You guys are all using these apps that we have no controller, visibility over. They're not allowed. You are allowed to use our app only. You know what I mean? Like, dude. Like my son is dude. 7 year old Jerry could have seen this. Like, this is such. This is. I mean, it's Big Brother. It's Big Brother.

C (39:20)

Huge thanks to our sponsor, Threat Locker. Want real Zero trust training. Zero Trust World 2026 delivers hands on labs and workshops that show CISOs exactly how to implement and maintain zero trust in real environments. Join us March 4th through 6th in Orlando, plus a live CISO series episode on March 6th. You can get 200 off with the code ZTW CISO26@ZTW.com.

A (39:56)

All right, here we go.

B (39:57)

Here we go.

A (40:03)

Where is that computer? Play the warm chocolate swirls. Thank you. Oh my God. It just doesn't hit like Simple Minds. All right. Hey guys, really quick. Thank you all for being here. Thank you to the stream sponsors, Threat Locker, Anti Siphon material and Flare. That's right. Flare is a cyber threat intelligence platform. I know several of you are using Flare currently or trying to use Flare. I want to tell everybody Flare's threat intelligence platform is phenomenal. I've used it. I really, really like it. If you go to Simply Cyber IO Flare, you can try it out for yourself for two weeks. You only need a few days to try it out to figure out if it's going to be valuable or not for your organization. I suspect it. The answer is it will be valuable. Just as a fun fact, I will tell you, several Simply Cyber community members have messaged me that it takes a minute to get into Flare because they can't just give access to everyone. Because if you are a cyber criminal, this right here would be an absolute easy button gold mine. So they have to validate who you are as a human and it goes beyond just like an AI checking that you have a LinkedIn profile. I'm telling you, several community members have shared with me that they've had a back and forth communication with Flare and have had multiple steps of Validation. So it isn't simple to get into the free trial, but I'm telling you, it's absolutely awesome. I love their platform. If you want to. If you don't want to go through the trouble, you just want to see a demo. I have a video on the channel. Simply Cyber IO Flare. Threat intelligence that's unbelievably accessible. That. That's the deal. Like, their level of threat intelligence is dope, but their interface allows you to search it very effectively and very quickly for things that matter to you. All right, let's go guys. I gotta tell you, it is Friday. Holla. What's up Friday? What did this just happen? See, I did the ad read without the song. So when I go back and trim out Simple Minds, I don't lose the sponsor spot. You feel me? All right, guys. Every single day of the week has a special segment. And Fridays is James McQuiggin at 35000ft. Joke of the week. This guy lives above sea level. Way above sea level. He's got a permanent seat on every Delta plane. Here we go guys. James is going to be on Team Replay today too. So James, hello from the past. Ready, Ladies and gentlemen. What did one volcano say to the other? I don't read these jokes in advance. Okay. What did one volcano say to the other? I lava you. Apparently James has chose a Valentine's Day vibes for the jokes today. Here we go. So you can tell your special volcano tomorrow. I lava you. James wants to know why. Who always has a date? Who always has a date on Valentine's Day? You know, some of you out there might be. I don't want to say lonely, but you may not have plans for Valentine's Day. You may not have that special someone yet in your life. But did you know that Valentine's Day always has. Who on Valentine's Day always has a date? A calendar. A calendar. Oh, James grown. Hey, did you hear about the two WI fi routers that got married? This is a true story. Like AI is everywhere. These non human identities are doing things. And it was reported that two WI fi routers got married. And I gotta tell you guys, the reception was amazing. Oh my God. The reception was amazing. James, you scoundrel. All right, guys, I hope you enjoyed the jokes of the week. This is what we do on Fridays. I'm taking it casual. Let's do the la la la la's. Everybody let this. Feel free to let it wash over you in an awesome wave. Hey, fully loaded.

C (44:46)

We.

A (44:46)

We don't do this all the time. But when we do, we do it. Well, get ready. Get your la. La. Oh, it just feels right, doesn't it? All right, guys, let's finish strong. We still got work to do.

C (45:31)

New York City explores using AI cameras to spot subway fare evaders. The New York Metropolitan Transportation Authority is, quote, testing subway gates that use cameras powered by artificial intelligence to collect data on people suspected of not paying fares. End quote. This is, of course, generating concern amongst privacy advocates. Cubic. Cubic. The manufacturer of the gates reportedly says their product has cameras that record for five seconds when someone neglects to pay a fare. Artificial intelligence is used to produce a physical description of suspected fare evaders, they say, and the description is sent to the mta.

A (46:13)

Okay, okay, so check it out now with AI, Just like, shall we play a game? Okay, so to me, first of all, not a cyber security story. If you didn't know if you're like, new to industry or you're looking to break into cyber security, one thing that you should know is that privacy has a. Ooh, fire. Privacy has an overlap with cyber security, but cyber security professionals are not privacy professionals, and privacy professionals are not cyber security professionals. But when you think of the Venn diagram intersection of cyber security and privacy, that confidentiality security objective, that CIA triad that everybody learns on day one, it's like, oh, hey, you know, here's your. Here's your name tag, there's your desk, and here's your CIA, CIA, triad. That confidentiality is that intersection. So we could talk about this. Listen, they're using AI, like to spot fare evaders. People have been not paying to get on the subway in, in New York City forever. Okay? It's like, it's a thing. And obviously the New York City transit authorities losing money because these people aren't paying fares. You know, the. The year 2004, Jerry would look at this exclusively from a technical perspective. Okay? But like, let's. Let's take a step back and actually think about this, okay? I like to think now about impact and outcomes and, you know, what does it mean? Okay, so New York City's had cameras there for quite a while now. They have AI cameras. And the AI cameras are supposed to be writing physical descriptions. My guy, if. If a 6 foot tall white male with long hair and a green jacket jumps a fair and the AI writes a description of that, then what are you going to deploy? The New York City's finest in blue to go round this person up? Because they skipped on like a 2.50 fair. That doesn't make any sense. And then like, what's the play here? So tomorrow you're looking for a six foot tall, long haired guy wearing a green jacket or whatever. He's probably not going to be wearing the same thing. So like, and then there's going to be like, it's not like there's like some phantom pooper that you're like trying to find and uncover this. Like, there's lots of people not paying the fares, okay? And, and honestly most of them that aren't paying the fair, they don't care, okay? Like, they're not, they're, they're rabble rousers, okay? They're not like the guy or the lady who's like on their way to, you know, World Trade center with like, with their suit or what. Like, they're, they're not, they're the, they're not skipping the fair, okay? Like the people who are skipping the fares, they, they are, they don't care about breaking the law. They don't care about it. You know what I mean? So like, what's the, what's the long term play? Okay, Second of all, to me this just seems like I hate to be. I guess today is Cynical Friday here at Simply Cyber. To me this just screams a convenient explanation for deploying facial recognition, more facial recognition cameras with AI capabilities to identify and monitor in a survey in a massive tech surveillance state, AKA like flock cameras and all this other stuff. Which again, you might be like, what's the big deal, Jerry? Well, let me tell you something. Like this very similar technology deployed at Madison Square Garden. The guy who owns Madison Square Garden was being sued for whatever reason, I can't even remember now, and one of the lawyers who just happened to be on the team of the people suing him. So she's just doing her job. She doesn't care about this guy one way or the other. She took her, she was a Girl Scout pack leader or whatever they call those people, and she took her Girl Scouts to the Rockettes concert at Christmas time a few years ago. And wouldn't you know it, an AI camera identified her at the ticket booth. She got about 10ft into the event and security rounded her up and booted her out. And they're like, you're not welcome here. Ruined the entire thing and the woman didn't do anything. So that's like a, you know, casual example of tech surveillance and kind of like the ugly side of it. So like, but by the way, like, I'm sorry that I'm going whole hog on this today, like, talk to Me about, oh, we've got to deploy this massive technology surveillance, you know, web everywhere, this massive network of AI surveillance to help everybody. Nancy Guthrie out in Arizona disappeared a couple weeks ago. And like, where's the tech surveillance super network? Where like. Whatever, I just.

C (51:39)

Amos Infosteeler targets macOS through a popular AI app. Researchers from Flare Security have released their 2026 Enterprise Infosteeler Identity exposure report, which highlights quote, the growing dominance of info stealers within the cybercrime economy and the expanding impact of identity exposure on organizations. End quote. They state that infostealers like Atomic Mac OS stealer are more than standalone malware and act as foundational components of a mature cybercrime economy built around harvesting, trading and operationalizing stolen digital identities. They find success in a highly opportunistic social engineering approach in which attackers continuously adapt to technology trends, abusing trusted platforms, popular software search engines, and even emerging AI ecosystems to trick users into executing malware themselves. A link to this report is also available in the show notes to this episode.

A (52:40)

Oh, cool, look. Flare researchers. I'm telling you guys, it's the same flare. Like it's, it's. They're awesome. They are awesome. You know that Lego movie, everything is awesome that they were singing about flare. Okay, what's interesting is these kind of the evolution. Info stealers have been hot for a minute that Hansel's so hot right now. Okay, so info stealers are hot. The what? I guess what the research is showing here is that it's kind of evolved into almost a automated workflow where the info stealers steel cred steel tokens, steal session cookies, etc, and then just automatic, not automatically, but they just pump them into these dark web marketplaces and, and honestly, you know, as a service platforms, so you can just execute, you know, basically actions on objective because you don't have to hack into the box, you just log into the box. Which by the way, is probably why ITDR is a whole thing right now. Guys in and it's targeting Mac os. Do you know who uses Mac os? Executives. We're a window shop here. Except for the cfo, the CEO, CTO and general counsel. They, they, they like their max. They're special. Okay, this malware is being pumped out through an AI tool, I guess. Let's see which one it is. All right, it doesn't say what AI tool. Oh, here we go. Researcher describes claw havoc as a large scale supply chain campaign targeting open claw and claw hub ecosystems. Yeah, I gotta tell you guys, right now they're targeting open Claw. Many of you know, if you're a regular of the show, I'm very, I'm very transparent. I'm very open about what's going on with me for, for, you know, so I can share and help educate. I have a Mac Mini back here and I've installed OpenClaw on it. And I'm well aware, dude, these, the skills, basically the apps that you can download with Open Claw. It is an absolute cesspool of like malware, like you've got like a 50, 50 shot of basically shooting yourself in the leg or shooting down range. So I think that's why they're targeting the Mac os, simply because it's quite, it's quite popular right now to install Claw on the, on the Mac Minis. But yeah, these info stealers, they're getting, they're getting all these authentication tokens and getting after it because remember at the end of the day guys, zero Trust paradigm. Zero trust architecture. Identity is the new perimeter, right? And I know that sounds like a freaking buzzword, but identity is the perimeter. That's why zero trust is important. And as we get further along, BT dubs as we get further along and agentics get their own identity. Like this guy back here, my AI, he's got his own, he's got his own Google account, okay? Like I stood up a Google account for him in my workspace. He's got his own, like he's got his own things going on, you know what I mean? He's got his own account on the Mac Mini. Like there's an identity that the AI is using and it's just, you know, like that has to be protected as well. So. And if an info stealer gets that. Think about the, think about that for a second. If it info stealer gets your agentic AIs session, the permissions that you may or may not have given it become a threat actors and they can just go whole hog and deploy malware and stuff that the, the, the, the challenge oftentimes is getting initial access. Once you have access and you can do anything you want, you can just pull down second stage payloads, you can pull down persistence mechanisms, you can pull down, you know, keyloggers and ransom ransomware and crypto jackers and all that other jazz. Okay? Tldr, if you're not already talking to your workforce, warn them about open clause Skills workshop or not Workshop Marketplace. The skills marketplace. I will tell you I'm a little on the fence about it only because like if, if my aunt or Thea doesn't know about Open Claw and I send a message out saying, watch out for Open Claws Skills workspace. It's a cesspool that might cause my Aunt Dorothea to go, what's Open Claw? Let me go look. So I'm not a big fan of obscurity. Excuse me, security through obscurity, but this might be one where it's just. Yikes.

C (57:40)

Conduit breach hits Volvo Group an intrusion on the network.

A (57:45)

We're going to speed run these last two everybody.

C (57:47)

Conduit that occurred on January 13, 2025 has impacted Volvo Group with nearly 17,000 employees affected. Volvo appears to have learned about the incident only in January of 2026. Conduent provides services for printing and mailroom document processing, payment integrity and other back office support services to Volvo Groups as well as to other companies, some of whom have also been affected by its data breach. An investigation into the attack on Conduent shows that the hackers, quote, had access to ITS network since October 21, 2024, end quote. Taking PII health insurance data and medical information, this is the second third party vendor related data breach to hit Volvo Group in recent months, having suffered a breach through Milo Data, a Swedish IT company that had also been hit by ransomware.

A (58:41)

All right, we're speed running the last two stories for the sake of time. Really quick. This Volvo Group got hacked. Big data breach, okay? Threat actors were in there for over a year. That's gross in 2026. So shame on you. Shout out to the main attorney general. You guys know that the main attorney general might be the hardest working person in privacy data breach. This. This attorney general is like always banging the drum. I know, I know. Maine is almost like east Coast Alaska where it's like very rugged and they don't have a lot going on except like fishing and like hanging out and smoking. Is weed legal in Maine? I'm actually not sure, but like basically Maine's. Maine's got cycles to do. Okay, so they got hit and you're. If you have anything to do with Volvo Group, your name, address, social, date of birth, health insurance and medical information for some reason was compromised. Not good. My final thoughts on this one. If you're watching on stream, you see the picture. If you are listening on audio only because we do push this out to Spotify and Apple podcasts so you can can listen to this on your Apple your podcast app of choice. This headline image is like five different heavy industrial trucks kind of in like a 1980s rock band pose. This is like, this looks like the like the Trucks got together and were like, bro, bro, bro. Like, let, let's, let's, let's line up and pose. Like, basically, this looks like, like Ben Wilkins. Let me know. Ben Wilkins is a community member. He spoke at Simply Cybercon. He works in transportation and trucking. Is this like, is this like a calendar pinup for heavy truck drivers? Like, it, it makes me think of this, it makes me think of this photo right here. Like, look, okay, like, I mean, do you see the similarities? Hold on. Where is it? Like, look at it. This is NWA kind of standing up, being like, what's up? And then it's like, look at these trucks. They're like, yeah, this is almost like, like if Transformers were real or Auto Gobots. Remember Temu version? Transformers, The Gobots. Like, that's what's up here. Straight flex.

C (61:02)

Department of justice says Trenchant boss sold exploits to a Russian broker. Trenchant is a US based maker of hacking and surveillance tools and is a division of the US defense contractor L3Harris. In October, Australian national Peter Williams, 39, pleaded guilty to selling eight hacking tools that he stole from his employer, Trenchant, including software that takes advantage of flaws in other software to gain access to someone's computer or device. Williams admitted to making more than $1.3 million in crypto from the sales between 2022 and 2025, per the Justice Department. Federal prosecutors said Williams sold the hacking tools to a Russian company, which counts the Russian government as amongst its customers. In response to the prosecutor's memorandum and request for a nine year sentence, Williams submitted a letter to the judge explaining his decisions, saying that he regretted his actions. We hope.

A (61:58)

Yeah, you're about to go to jail for nine years. I'm sorry, dude. You regret your actions? I, I don't know if you regret your actions as much as you regret being caught and being sent to jail for nine years. Dude. Silly games, silly prizes. This dude had a company that was making cyber weapons and he basically turned into Nicolas Cage from Lord of War and selling them off. I, if anything, I'm kind of stunned he only made $1.3 million. I mean, that's kind of like bush league money when you're talking about selling cyber weapons to nation states. Dude, $1.3 million in a three years window. Again, I'm not, I don't run in these circles, but when you look at Pegasus software, which is kind of like a legit one, and they're still selling it, it's like half a million per shot, like half a million per bullet of Pegasus software. I think if you buy, like, five installs, you get a discount. It's like $2 million. Like, people are like, oh, my God, like, L3Harris is selling these exploits on the chip. Let's go. Like, threat actors are going to get all over this. So, like, whatever. This guy, good. Nine years, eight years. I don't care, dude. You're selling weapons to people, like, and thinking you're living, like, you know, the posh life. It's the same thing if you're a criminal. I mean, a cyber criminal like this just. This guy just wore a suit instead of, like, an Adidas tracksuit. You know what I'm saying? All right, what's this guy's name anyways? Let's see. How. How much? Peter William. Oh, my God. He's only 39, too, so, like, technically, I, I mean, eight years. I mean, he'll. He'll be out in his upper 40s. I mean, I'm in my upper 40s and feel quite spry. Let's see. Oh, yeah, here he is, this guy. Hey, I hope it was worth it. By the time he gets out, if he still has that $1.3 million, it might be worth more. Ooh, Bitcoin's up 2%, J. Crypto, but definitely down. Guys, if you haven't been following it, I don't care about crypto. I think it's a scam. And I know a lot of people in the crypto space don't think that, but it was at 120 in August, and now it's half its value. Personally, I like to run in more stable markets. All right, let's do it. All right, y'. All. Today has been Friday, Jan, February 13, 2026. This was your Simply Cyber Daily Cyber Threat Brief podcast. I hope you got value from it. Don't go anywhere because we are going to be going jawjacking. It is a ask me anything show. I can't mentor one on one. I get tons of dms, tons of emails. Jerry, can you tell me which cert? Jerry, can you review my resume? Jerry, can you do this, this, this, and this? I, I, I want to help. I feel bad when I say I can't. So the compromise is I, I do a 30 minute show every single day and mentor at scale. So if you have a question, chances are someone else got the same question. So I can knock out 50 birds with one stone. Don't go anywhere if you got to get out of here. Have a great weekend. Happy President's Day. I'm Jerry from Simply Cyber until next time, stay secure. Don't go anywhere. Ever wonder what it takes to break into cyber security? Join us every weekday for Jawjacking, where industry experts answer your burning questions about the cyber security field live, unfiltered, and totally free. Let's level up together. It's time for some Jawjacking. What's up, everybody? Welcome to the party. I'm your host, Jerry Guy. Jerry Guy. All about good times up in here. Hey, Fully Loaded was our first timer. So Fully Loaded, let me introduce you to the change. What just happened? You may notice that I wear glasses because I'm a different person right now. This is Dr. Gerald Ozier, who is an absolute nerd, and I am Jerry. I all about good times, high fives, and cool, cool things like magic. The gathering. Okay, so here's the deal. If you got a question, put it in chat with a queue, and I will answer it. Space tacos. First question will be there. Will there be a show on Monday? Yes, there will be a show on Monday. I didn't even think that President's Day was a holiday. So I run my own business, which basically means I forget about holidays because I just, like, plow through everything. But, yes, there will be a show on Monday. Thank you, Richard Duff. Thank you for staying with us for the show. Richard Duff. In Western Australia. It's very late at night out there. Oi, oi, oi. Berlinda, why are healthcare data breaches so common? And how can individuals protect themselves before and after a breach? Great question, Berlinda. Healthcare breaches are common because in the healthcare industry, patient safety is the top priority, right? So also there's clinical staff have their own language. And at least in the United States, there's a lot of clinical staff that, like, float between different institutions. Traveling nurses you may have heard of. So there's a lot of fluidity in users. Plus, dude, healthcare is a big business, right? Pharma. Big pharma kind of plays into healthcare and. And medical device technologies is big money, like Siemens, Phillips, ge, Healthcare, etc, right? So there's this massive tech footprint. There's lots of coming and going with users. A lot of times, medical device companies won't allow you to touch their medical devices, so they have to come in remotely. So it just makes for a very dynamic environment. And of course, patient safety always takes priority. So whenever there's a. A conflict between security and safety, obviously safety wins. And I'll give you a perfect example. Like vulnerability scanners, right? Vulnerability scanners are a standard tool in the cyber security playbook, right? We Scan the network, we look for vulnerable devices, we prioritize, we fix them. You cannot scan medical devices because if, imagine if you will, in a hyper example, you know you've got a machine that is breathing for a patient, right? The patient is completely out, they're in a coma or whatever. There's tubes pushed down into their lungs and they are being kept alive by a machine. And then you run a vulnerability scanner against it and the machine flakes out and the person dies. That is not acceptable in any capacity ever. So those medical devices typically are just not on the network. Visibility for vulnerability scanner. But all those devices do need to be remoted into by the vendors for maintenance and other crap like that. So you get this fluidity plus, here's another hot one for you VPN concentrators. Okay? Hey, I'm Siemens, I've got to come in. Sure, no problem. Now you only need to remote into this one device. But what I'm going to do is I'm just going to allow you access to that entire VLAN segment because it becomes a maintenance nightmare. Because Siemens has 30 devices in your environment. So now you got to write 30 different rules to allow them 30 different unique IP address allowances. Then they move the device from building one to building two. It's on a different subnet, so the IP address changes. Siemens can no longer remote in. So now we've got to put in a request to have the firewall updated and the VPN concentrator. Ah hell, let's just give them access to the whole medical device vlan. They'll be fine. They're only going to access their things. Which is true, because the Siemens people probably don't care about hitting all the other devices. But when a threat actor takes over Siemens account and then remotes in and then they have an entire splay of the whole environment, well, guess what? Then you're going to be dealing with a nightmare scenario. So that is why threat actors get into healthcare very, very often and why it's just a nasty environment. Plus there's tons of healthcare data, tons of personal data. Except individual protect themselves before and after breach before you really can't. I mean you could try to like not go to the hospital, but good luck with that insure. At least in the United States, insurance companies are, you know, our healthcare system in the United States is completely messed up. So that's an entire separate problem. But the insurance companies are going to have all of your data, all of your, all your nonsense and everything like that. So now it's all about their security controls and all about the third parties that they employ in their security controls. So, honestly, at this point, you might as well, you know, turn into Ben Affleck in that meme where he's, like, smoking a cigarette on the back porch, because you cannot really control it. Short of, you know, go getting your own medical degree and working on yourself and just kind of, like, compartmentalizing that. So that's not happening. What can you do after a breach? I mean, really, the same thing. You should always be doing vigilance, best practices, securing all your things, the whole stack from awareness all the way down to, you know, your technology of preventing compromises and stuff like that. It sucks, Berlinda. It sucks that we have to deal with this, but that's the reality. I guess I had a lot to say about that one. Good question, though. Thank you. Is that Brad Pitt? It might be. It might be Roswell uk. Calvin said, what's up? So I don't know if he's talking to me or Mara Levy, but what's up? Okay, here we go. Magic the gathering. Lawsuit. Yeah, there's a lawsuit against Hasbro about. It's all money. Hasbro is, like, printing cards all over the place. It's kind of bananas. Favorite Transformer. I liked the boombox one. The bad guy, boombox one, Right? So there was like a. A orange and yellow, a red and yellow good guy, boom box, and then there was like a purple boom box guy. This guy right here. My man. Dude. I love having access to the Internet. You just like, type in whatever you want and. Hold on. That's not right. This guy. This guy was so cool. Okay? This guy, like, he basically didn't say much, but he was super awesome, super effective. He was cool. He was. He was evil. If we could just get his programming right, he'd be better. All right, how would you navigate? Highlight the detect, respond, recover area of cyber program for the organization you work with.

B (73:41)

With.

A (73:41)

How would you navigate highlighting? Soundwave. Thank you very much. Yes, Soundwave. I'm not going to get a tattoo of a transformer, but if I did, it would be Soundwave. How would you navigate highlighting? Well, okay, so here's how you would do it. And this is like, a standard practice. Nathan, give me one second. I'm pulling up a graphic, too. Illustrate my. All right, here we go. So what you have to do is you have to. Basically, first you have to assess your current situation. Like, if you're highlighting, detect, respond, and recover. Like, you have to be able to understand what your current status is. Right. So then this is a spider graph. You can use this. Also you could use a bar chart. You basically have to show where your immaturities exist and what the gaps are. This particular one is mapped to CMMC levels, which is, you know, different than that. But basically, if you could have a simple graphic that just shows our current overall security program is a 1.2. But that's because our identity and protect is strong and our detect, respond, recover is trash, which means we're very likely to get hit. And when we do, we're not going to be able to do anything about it for any period of time. Oh, here, here's a more simplified version. This is perfect. One second. Okay. Eric Taylor's in chat. I see that. Look at this one. Here's another, like, example, right? Very simple, right? Zero to five, maturity level. And then each of the categories you can see, the spider chart kind of quickly points out that the respond is weak. This is one approach. I'm not a huge fan of spider graphs, but some people like it. What I would recommend doing if I was going to do this, I would use double bar charts. If you guys know what a double bar chart. Hold on one second. Double bar charts, overlay. Let me see if I can find this. Yeah, okay, so this is what I like to do. I mean, you guys know I'm a big old infograph dork, right? So this is what I like. So again, just bear with me. So imagine the light blue is considered what your cyber security program levels should be, right? So you're indicating what your goals are, your targets, and then the dark blue would be your current status. What this is going to allow you to demonstrate and communicate very quickly is that you're going to see a lot of light blue on that detect, respond and recovery. Anybody who has any pride in themselves is going to see that if the first two are almost completed and the next three are trash, you're going to be like, why are those three trash like, or why. Why is there so much gap? What the hell's going on there? And that's when you can start having the conversation. Yeah, we are not doing well with that. And that's a big problem. You know, these gaps indicate that threat actor could be in our environment right now. We could get hit with ransomware and we can't recover. Like, these are the problems. Okay, so that's how I would do that. All right, let me pivot really quickly here, because now that we're going to have a panel, we can do this. Let me welcome into the Chat for Barricade Cyber's own Eric Taylor. Hey, Eric. What's up? What's going on?

B (77:16)

What's going on?

A (77:17)

Good to see you, man.

B (77:20)

Friday the 13th. The technology is going crazy today.

A (77:23)

Oh, my God. Yeah, don't, don't. Except for your Apple iPhones. Don't patch all the things today. Do you know if Flair will have a reply on the anthropic video from yesterday? I do not know what Flair is doing, but Flair has a pretty healthy discord server, the rarest heart. So I'd recommend, you know, going in there and pinging them really quick just to introduce Eric Taylor. Eric Taylor is chief forensics officer at Barricade Cyber. So he's very specialized in digital forensics and incident response. I am Jerry Ozier, so I'm specialized in GRC and things like that. So if your questions are. If you have questions around SOC analyst, detection, engineering, incident response, forensics gathering, you know, kind of MSSPs type stuff. Eric's got answers for days on that. All right, let me check out what else we got. What do we got here? So if you got a question in chat, put it there with a Q. Ryan. Ryan Pearson loves spider graphs. Okay. Sound wave would be tiny. Now, Eric, do you have a favorite Transformer?

B (78:30)

Bumblebee.

A (78:31)

Bumblebee. Okay, classic. A very Bumblebee.

B (78:34)

Yeah.

A (78:35)

All right, I love it. I honestly, I think the original Transformers cartoon movie is. Is kind of underrated that, that I feel like that holds up. It's pretty good. All right, so we are. We are caught up on chat on questions and stuff like that.

B (78:51)

We do have one long one here came in from LinkedIn. Did you see that?

A (78:55)

Where is it? How long ago. Do you have a time stamp on it?

B (78:58)

Literally a minute ago from Jonathan.

A (79:01)

All right, let me take a. Well, just say the question and start answering it and I will. Oh, Jesus. Okay. Yeah, it just.

B (79:07)

Yes, I'm saying.

A (79:10)

All right, so Jonathan says. Oh, and Jonathan, can you. I know this is very specialized, but can you put a phonetic pronunciation of your last name? I'd really like to know how to say it. He says he's going to graduate end of April with a cyber degree. He's been applying for positions at help desk, IT support internships, an interview with an MSP at the beginning of the last summer and the end of the summer. Jesus. LinkedIn really gives you like a test.

B (79:36)

Like Twitter? Yeah, this is like Twitter level characters here.

A (79:39)

Yeah, both times they said we were impressed, but I don't have enough experience. I'm coming to realization These types of jobs are shrinking. The people that are people who have experience but don't adapt. So my. Oh, my gosh, they asked for exposure. All right, hold on. So I guess the question here is.

B (79:57)

He'S trying to break in.

A (79:59)

How do you demonstrate experience? Right? Because that's the thing. You've had internships and you are struggling to get the job. All right? And you have a GitHub. All right? So a couple things I would say, number one, those in those people you met at internships, the people that said they liked you, you should continue to connect with them and engage with them. Okay? And. And Jonathan, I don't mean like, hey, like, do you have a job yet? Hey, do you have a job yet? Hey, do you have a job yet? I mean, treat it like a professional colleague or acquaintance, right? Like, oh, hey, like, say you did. I don't know, like, let's say you just did something in your internship around vulnerability management, just to pick an example, right. Eric actually has written a tool called EPSSLOOKUP.com. it's a website. You put in a CVE, you hit a button, and it gives you some information that you can do kind of threat intelligence with. All right, That's a cool tool. And Eric maintains it and updates it. You just found out about it, Jonathan, I think, right? I just told you about it. So if you were doing vulnerability management, it would be pretty cool if maybe you did like a blog post on it or a LinkedIn post on it or something like that, right? But then reach out to the person that you were working with and, and just say, hey, I hope everything's well. Happy three day weekend. I just found this pretty cool tool. I think it could help the work that you're doing over there. Have a great day. Check it out, right? So now you're delivering value and you're, you're staying relevant, top of mind to that individual and, and you're doing a good thing, right? So if you keep doing that, you can't do this one off. It's got to be like a, a thing you do. But when you start doing that, then that person, part of your network is like, you know, oh, man, Jonathan was so good when he worked here. And like, he's still crushing it. Like, he sent me this tool. Like, check out this thing. You guys. You remember the guy Jonathan that used to work here, that intern? Yeah. Like, check out this tool he sent me. This is cool. All right, fast forward a month, two months, six months, 10 months, whatever opportunity presents itself. But you, you've been kind of in the ecosystem. You've been floating about. Jonathan, are you still looking for work, man? No, no, I got a job. Ah, that's cool. But you're still like, let's just stay in contact, right? This is great. This is, this is what building a network is. You're not building a network with like, hey, John. Hey old boss, here's a tool I found. Do you have a job? Don't do that. That, that, that's not the goal. The goal is to basically, you want to be in people's thoughts essentially, right? That's building a network, building personal brand, etc. Eric, you want to comment on this?

B (82:36)

Yeah, I actually want to, I want to piggyback and ask you a follow up question. So that we were doing some hiring. We're still going through resumes. You know, it's crazy the amount of people that will apply for a job. But I'm starting to see an old tactic for us, people who are gray in the beard that have come back around and I don't know how to perceive it. You remember back in the old days, like when we were in middle school or early high school and we were getting our first job, we would go fill out that paper application. Then you would wait three or five days and you would give them a call. Hey, just want to make sure you see my application like every week. You would follow up. Now we're seeing like when we put out a job posting, the entire team is getting messages on LinkedIn. Hey, just want to see that. Is that a tactic that you support, you believe in? I've got mixed emotions because, like, I.

A (83:33)

Mean, I don't think, I mean, I think if you do it once, it's fine. It doesn't really erode any, any potential for you. I don't know if it necessarily helps in any way. I mean, I guess if you message them, they, they might click on your profile and look at you. But like my, my, my whole thing is if, if I submit an application and then I'm messaging you about my application, like my, my motivation is deliberate, right? Like I'm, I want the job. I'm trying to, I'm not messaging you because I'm interested in you. Like, so to me it kind of, I don't want to say it, it reeks. But like it's, it's just, it's not, I don't know it to me, like, I, I probably wouldn't do it, I guess is to put it plainly. And I would strongly recommend nobody repeatedly bang on the drum. Okay, if you already have like for.

B (84:29)

Just for a point of clarification, like if you're looking at the cup greater. We're a small firm, right?

A (84:33)

Sure.

B (84:34)

But if you're looking at a larger firm and you're sending your resume to everybody in the organization that may not be adjacent to even the hiring process, but just trying to get visibility, what are your thoughts on that?

A (84:47)

I mean, I don't think it really helps you in any capacity because like, you know, if I work in finance and I'm getting messaged by someone in cyber about an app they sent, I'm like, okay, like, okay, like, like I'll probably forget about it like 30 seconds later. So, you know, so then looking at the applicant's pov, spending time sending those messages out without any really return on the investment. And again, for those who don't know, I'm like very like time is incredibly valuable to me as an asset. So like I don't see the value on blowing that up. If anything, if anything, what I would do and I did this like when I went to get the job at Musc, like I would oent the team at Musc, the cyber team, and figure out who they are and figure out if there's anyone in my network that I have a pre existing relationship with that, you know, works on the team, obviously that would be number one or knows somebody that works on the team and then you can get that warm introduction because it's all about relationships. I, I've been, I've been saying this quite publicly lately, like we don't live in a meritocracy. Okay? Like the valedictorian doesn't get the first job and then they just go down the, the track. It's like, hey, I've got a, like Eric's got a job. Right. So you can take a bunch of blank replies, but then if I know of someone and I'm like, hey, Eric, like my buddy Tony is applying for the job and I can tell you he's great attitude, proactive, a lot of initiative. Like, that doesn't mean Eric hires Tony, but it does mean that Tony probably gets a legit look by Eric on, okay, let me look at this guy. Let me look at this resume. Because Eric respects my opinion and I'm not going to offer that I'm not going to vouch for him unless I believe it. Because my, I guess my, my integrity, when you voucher someone, it's like you're putting your name on the line form. Right? So yeah, those are My thoughts on that.

B (86:42)

What are your. There's going to be a grill. Jerry, top we with the advancement of AI and especially with LinkedIn, because that's where I posted the job at. We're seeing a lot of AI generated resumes to be submitted and you're like, this is exact verbiage that we put into the job description coming back. Like, this has got to be clearly generated by AI. And I, I know that you've created some really, really cool educational videos on how to do that. Maybe this is something that you, I'm not sure if it needs a refresher or we just kind of talk about, hey, you need to go back there. But you know, give your insights. Like, do you, do you consider that to be lazy because you didn't take the time to put in an actual resume? Or what are your thoughts?

A (87:31)

Yeah, so it, this is really an interesting question from a timeliness perspective because I was literally just on a panel this week for clearancejobs.com and basically around getting jobs in the cleared space in the federal sector. And one thing that one of the panelists said was, she said, you know, using AI to generate resumes. Now Barricade Cyber is a smaller business, so like Eric's probably reviewing these resumes. But larger enterprises that are getting tens of thousands of resumes, they are actually using AI to pre screen, which has been around for a while, right? ATS has been around for a while, but they're using AI to pre screen. And she said on the panel we, our AI is tuned to detect AI generated resumes and they immediately get removed. So like if you're just like, hey, AI, here's a job, write my resume and you send it, there's going to be all sorts of indicators that it's an AI generated resume and you're basically not even going to move forward. Now what I would say is here's the thing and I don't, I've been having a tough time lately finding the right word. So I'll just grab the word to move forward. But lazy is not the correct word here. But if you're using AI in a very simplistic way and not really making it understand what your use cases are and how you're using it and stuff like that. Like just hey, chat GPT, write me a resume. You're going to get kind of a generic vanilla response. What I would recommend you do is take the position, right the job wreck, take your own resume and say, hey, like looking at my resume, what areas should I remove? Because it does not deliver any value to the job posting. Also, based on my Resume and my LinkedIn profile, what bullets should I include or where should I. How should I structure this in order to give myself the greatest chance of showing that the experience I have and the value I can deliver directly applies to the needs that the company has? How can I make this bullet sound more, you know, quantified or outcome based? And here's the number one trick you can do. This is like the number one best practice I can tell anyone. It's. It's like borderline a secret. I don't know why. After you ask AI all of that, finish with ask me any questions to help you help me. And I will always ask you questions. It might say like, oh, I saw you worked at MUSC from 16 to 18. Did you do anything with operational technology and SCADA? Because this job is mentioning that you need to do that and none of your experience says you did it. But healthcare systems typically have operational technology. Did you work with any? Well, yeah, I did. I actually did work with the physical security plan and helping secure the closed circuit TV says all these other things. Then AI like, so AI can like pull out of you and make that more effective. So then your resume's tailored, curated and built for you so AI can make you do it faster. But if you're just like, here's a job posting, write me a resume, it's gonna, it's gonna stink. It's gonna be like, I don't know, it's like the difference between. I'm trying to think of like something super generic, like just a, I don't know, like a generic chocolate, right? Versus like some, you know, wicked fancy, fancy bespoke chocolate from like a chocolatier in Newberry Port that's like, you know, this one shop that everybody talks about.

B (90:58)

You remember the, the original world's finest chocolate when we were growing up, that was like the Cadillac, you know, the competing against Hershey's. There's another follow up question here that I definitely want to point to, if you don't mind. So the company can AI, but we can't. I don't understand how this is reasonable. So to address it, at least for my personal belief. I don't like the term vibe coding. And you know what you're doing there, like you're just putting in there and just letting something run wild and just seeing if it works. That removes the intellectual ability for you to create and innovate. I have no problem using AI to do research. We use AI for research. Hey, Grok. I use Grok a lot. I need to know ttps for Akira or, Or, you know, the I don't care ransomware that's literally being talked about in Cyber this morning in some of our private chats. So are there TTPS and reference those URLs so I can conduct further research as a verification. You can use AI? Absolutely. As a tool to help advance. Just piggybacking off what Jerry said. You know, you're taking the job description, you're taking your original resume, you're taking maybe your LinkedIn profile, saying, hey, how can I curate this to look more professional and to help stand out in the crowd that is advancing your already generated intellectual property, your, Your work product to make it better, not replacing what you're doing. And that's really what it's like. I don't want somebody to come into our organization. I know a lot of other organizations are the same way. Like, if we were going to hire someone to just vibe code stuff, we would just vibe code it ourselves, right?

A (92:53)

Yeah.

B (92:54)

Yeah. What's your thoughts on that, Jerry?

A (92:57)

No, I mean, I think I, like, if a company has expectations that you're not using AI or you shouldn't use AI, I borderline don't want to work there. Like, AI is. If you're not using AI, it's like not using the Internet in the year 2000. Like, what are you doing? Like, it's, it's, it's, it's a transformational technology and everybody is using it, and it's ridiculous to think that people aren't using it. I, I think. I, I don't know. I, I'm, I'm. It's wicked slippery. And honestly, again, I'm like, so nauseous when I think about. I, I told people years ago to read the book Coming Wave by Mustafa Suleiman. And Matt Schumer just released this blog post yesterday about, you know, the current model, Opus 4. 6 from anthropic, and how it can do, you know, it can do his job. You know, this guy was like, you know, building AI tools for years and years and years, and now, like, he doesn't. He's not really needed because the tools are that good. But he's, you know, CEO of the company and stuff like that. I just, I would use them. I would use them. I use them every day. I literally use AI every day now. One question I saw come through chat, and I've gotten this question a couple times. So for. Just for the chat here, I use Claude a lot. Like, it's probably the number one LLM I use. Or you know, Opus 4. 6 is the LLM I use My, my chat. My chat bot. My, my, my bot. My AI assistant uses Opus4.6 for its brain. Okay. I use Gemini on my phone and mostly for like, hey, like I want to make a, a recipe that doesn't use mushrooms but for vegetarians. Like I use it for that way. And I almost never use Chat gbt. I never have ever used Grok and any other, you know, co pilot. For some reason co pilot pops up and I get pissed off and I close it. Like I like, I like, I hate. For some reason I hate Copilot. Now you just mentioned you use Grok. I, I can't explain the choices why I've made the choices I've made. It's just been like a vibe. Why are you like, what's your AI tool set look like, Eric?

B (95:25)

I mean right now it's just Grok. I mean I've tested out. I am messing with Claude code a little bit, but I'm not using the anthropic AI right now. I'm using the local model because we have a MacBook Studio here. So we're really testing out, you know, that capability Grok has gotten. When I first started, so I used to use ChatGPT. Then I pivoted over to Grok because it was really excelling at a lot of research. Like I said, you know, I wanted to see, you know, can it quickly find, you know, TTPS, can it find IOCs, can it find, you know, POCs, you know, can it help me quickly do a ton of research in cyber. And Grok was really, really good because if you don't know X or Twitter, whatever you want to call it, a lot of security researchers still post to that platform way more than LinkedIn. Darn more way than, you know, Facebook. So you know, it having that natural algorithm already built into it. It was a real, it's still a really, really cool for security research and being able to advance that. So that's kind of why I've stuck with Brock at least for my research aspect of things.

A (96:34)

Yeah, and ZMF mentioned perplexity. Perplexity is very good. I only use Perplexity exclusively when I'm writing like, like a, a report that need or, or I'm doing a, like a slide deck and I want to use some statistical information but I always want to cite it. So yeah, I guess like a, a nod for, for perplexity for sure. Jonathan with another question. QSo I don't know what that means. By learning skills. Oh, oh, I think it's question. So by learning skills such as Terraform and building networks this way at home, am I more likely to find a junior cloud role? Yeah, I mean those are, those are cloud role related skills. Okay, cool. Yeah. You want to just sign off like say, say goodbye and stuff like that.

B (97:25)

Thank you so much for letting me join. I do have to jump for a client meeting I'm being pulled into. But great seeing everybody. If there's still time, I'll jump back. But thanks so much.

A (97:33)

All right, thanks Eric. Appreciate you hopping in here. Ladies and gentlemen, Eric Taylor from Barricade Cyber. Now hold on. As we were. Okay, so yeah, Terraform building networks, definitely important home network. Highlight that. Jonathan. All I could say is definitely go check that video out I showed. Like document these things, share it. You know, like be public about the skills you're learning and the impact and the value and you know, mistakes you're making and lessons learned. I saw early Kishan Infosec said that no one looks at his portfolio or no one goes to his portfolio. This is a fact for everybody. Kishin Infosec and anyone else who can hear my voice right now. I want you to change your mindset on having a portfolio and people going to it. You should have a portfolio and bring it to people. Go like say you post something Kishan Infosec on your portfolio. Write a, a LinkedIn post. Like what's the value? Like why? Like this is going to sound crude but it's just blunt into the point to make, to make it crystal clear. Why should someone go to your blog post? Why should someone go to your portfolio? Why should someone look at it? Why? We live in an attention based economy, right? Like if I was to send or if you were to see something on social media Kitchen Infosec, right? Like you're like scrolling doom scrolling on Instagram or LinkedIn or whatever and you just scroll past something. Why did you do it? Because it didn't interest you, it didn't have value. Next time you're on LinkedIn or your mobile device doing something and you stop and click into something, think for a moment, why did you do that? You probably clicked on that video or post or something because it had value for you. So if you're putting things on your portfolio, awesome, that's great, keep up, keep it up. But now you've got a. You basically gotta bundle it, package it, put it somewhere because people aren't going to come to you. People are lazy, right? People want to. To be presented to them. Then you have to hook them and say, hey, this is valuable. Check it out. And then someone's gonna be like, oh, let me click on that. So don't think about people coming to your portfolio. Think about you bringing it to market and showing people how awesome it is, right? Like, this is a stupid analogy, but like, imagine if you, like, built this amazing, awesome, you know, like, replica car, right? Like you built some crazy cool, awesome car. Like the original, you know, 57 Chevy or 59 Corvette or whatever. Like, you just built it, right? You got the sick car. Awesome. It runs great. Cool paint job. You built it in a barn on your property, and the car's in the barn, and you're like, I built this awesome car. Nobody, nobody cares. Nobody's looking at my car. You have to drive the car downtown, park it, you know, at the town square, and then stand next to it, like, very casually and be like, anybody interested in how to make one of these? I made this car for $3,000. This car runs great. I developed or, you know, I followed this process or do you want to know five mistakes that I made building this car so you don't have to make them, like, whatever. You see what I'm saying? So. And I'm not trying to be harsh or hyper critical of you, Kishan Infosec. It's just, I want you and everybody else to appreciate that just building the portfolio, it's not the complete picture. You. That's step one. You got to have something going on for people to have value, but then you have to bring it to them. And again, I'm. I mean that with all intention of being supportive and helpful. Okay, let me keep. Let me play some music for y'. All. Okay. Adult film. Oh, my gosh, what a name. I got laid off two weeks ago. I'm starting to look into this. Okay. All right, let's see. Continuing to. I'm looking through chat right now. Straw hat sec. We heard stories about claw desktop extensions, NCP servers. Can we talk about the. That since Anthropic is not going to fix it, how can I set up safely? Yes. I don't have a good answer for this one. Phil Stafford, do you have an answer for this one? For those who don't remember, there's like, basically like an anthropic desktop extension that you. If there's like malicious MCP servers that can result in compromise, I believe. I mean, really. Straw Hatsack. My immediate thought goes to. It's. It's less about the desktop Extension and more about making sure that you're validating what MCP servers you're engaging with. You know, if there's ttps for exploitation of that desktop extension, having those in place, maybe removing the desktop extension. I will tell you guys, for my Clawbot back here, which by the way, his name is Karn, if anyone's wondering, you do name and nurture these guys, it's Karn. I am hyper vigilant about installing skills on Karn. So I, I wanted to install a few skills. I went and did a bunch of research beforehand and there were some skills I didn't implement. Okay, like for example, right now there is not. There is a couple skills that allow you to integrate the AI bot into Google workspace or into a Google account, read email, calendar, etc. A lot of people are doing that. I looked at the few skills that Clawbot has to allow that Google integration and I didn't trust any of them. So I don't have the capability. Even though Karn has his own Google account, I don't want, I don't want him to have access to it because I don't trust the developers of the code that Karn would be using to not allow them access to it. So, you know, it's, it's just because, honestly, just because there is this capability out there, you can't just go whole hog into it. Oh, that's a cool idea. Adult filmmaker using a QR code for kind of making it quick and easy for someone. I, I also recommend this right here. This is pretty cool. Simply Cyber IO Socials. This is a link tree, okay? And I don't pay for this. This is the free tier. This is a link tree. So I, I always tell people, simply Cyber IO Socials, it's on like the last slide of all my slide decks. It's on my. In fact, I think it's on my. If you look at my name right now on, well, it's not there on stream, but normally if I'm like speaking at a conference or speaking somewhere, it'll like virtually, it'll be under my name. And you could see here you got all your links, here's a mixtape I made. And if you're interested, go to Simply Cyber IO Socials and get my mixtape. But anyways, adult filmmaker, you could have that QR code just land here and then you could say like, oh, here's my terraform work, or here's my home lab, or here are my research papers. You know what I mean? Like, it's cool. So I Guess what I'm just saying is instead of having the QR code directly to, like, the project itself, you can have, like, a main landing page. Oh, I'm sorry. You guys didn't see what the hell I was doing. I'm so sorry. Hold on one second. This is it. Sorry, guys. This is a link. If you go to Simply Cyber IO Socials, this is a free, free landing page. And you know what I mean? Like, so if I'm talking to someone at a. In an elevator and they're like, oh, we should. We should talk, I'll go. Go to Simply Cyber IO Socials. You can connect, you can get my contact information, my LinkedIn, all of it's there. Okay? Or. Or like Kishan Infosec or Joseph or Jonathan. You could say, oh, like here, like, you know, I've done it here, right? Here's my Daily Cyber Threat brief. Here's my academy. It's a really great tool. And that way, by the way, the whole value here is that you modularize the QR code from the thing you want to share, right? So if you have a QR code that just goes directly to a project you worked on, that's cool, but that QR code always goes there. If you have the QR code, go to a landing page that lists the thing you want. Well, then if something no longer becomes relevant, you just remove it. The QR code still brings people to where you want them to go. You see what I'm saying? All right. Yeah. So really quick Kitchen Infosec make posts more interesting and clickable, for sure. Remember, on LinkedIn, you only get like, two sentences, and then it's like, dot, dot, dot, more. Go look at any of my posts that are written by me. So, like, sometimes there's like, generic posts, like, hey, this Thursday, we're doing a daily cyber. Simply Cyber Firesides, or hey, every morning Daily Cyber Threat Brief. So, like, that's more of like, just like an advertisement type post. But if you look at the post that I. I personally write, I always start with a hook, right? Like, you know, like, hey, like, for example, like, Mo. Let me just pull up one. This should help you. Let me see if I can find one here. Whatever. Yeah, just go look at them. You'll see. You'll see. I'm trying to find one. All right, here we go. See, the problem is I can't show it to you because it's going to automatically load the entire post. But, like, if you were just to go look at this post on LinkedIn, it would probably Say, and this is why I put a space here. It would say the hardest part of AI governance isn't technology. More so like it, it causes intrigue. Well, what does Jerry think the hardest part of AI governance is? I thought it was the technology, but he's saying it's not. What is it? Let me click more. And then you've, you've got, you've got them. They're gonna read your whole post. Right. Okay. Okay, we'll keep going for a minute. Let's see, looking at chat, chat, chat. How long's the show? So normally it ends at 9:30 on Friday's pocket Pixie. We normally go a little longer just because we'll have a panel and stuff. Not really having a panel today, but I don't know, I'm just, I guess feeling it. I did set guidelines for the show. Like I documented the guidelines since we have guest hosts and stuff. And it's 9 to 9:30 Monday through Thursday with an exception on Fridays that it has to go at least 30 minutes, but it can go up to an hour. No, no, karn. Karn. Karn from here. I mean, it's, it's a bit nerdy. It's a bit nerdy. Okay, Just a little bit. But Karn is a Magic the Gathering character and he is a time traveling golem. But the thing is, he was built to serve. So Urza is this like super powerful planeswalker genius guy. One of the first things he made, well, not first, but one thing he made was this, this, this robot named Karn K A R K A R N Karn to help him out. Right. So I named him Karn. So. And the deal is Karn is doing his job. Okay. All right, now some people have said, did you name him Carl? But definitely didn't want to name him Carl. I don't, I don't need that. All right, so looking at chat, we're at 9:51 in the comments, so I'm almost caught up. Oh, shoot. FedEx. FedEx is saying, are we doing the AMA today? Possibly. I have to run out and run a couple errands. Let me see, when did we say this was happening? It didn't get rescheduled. Oh, today at 1. Let me look at my calendar. Yeah. Yes. Yep, we'll do the AMA today. Thanks for reminding me. I, I'm, I've got a lot going on. If I'm not at the ama, I will, I will see if I can get coverage. All right. What? I think, I think we can have an open claw fireside yeah, Raza uk. I think we can. Yeah, maybe. I'm not sure what that would look like yet. I mean, I'm definitely. I'm definitely into, you know, showing or explaining how I've built my Open Claw and some of the things. I don't think Karn's ready to do the AMA yet. He's doing some stuff, though. We'll see. We'll see. I've given him a job to, like. He's doing a bunch of things for me, but one of the things I said was start a small business and if you need human hands to do anything, just task me to do it and I'll go do it and I'll report back on that in a few weeks. Still. We're still building it, but it's. It's looking promising. All right, guys, we're at 9:55. Let me let you go. Especially we're doing the AMA later. I've got a crapload to do. Oh, so rich 464 the guy who created Open Claw. I mean, I can certainly. Probably not. Okay, so here's the thing. I. That guy, because Open Claw is, like, so hot. That guy is doing, like, interviews with, like, Joe Rogan and, you know, NBC. Like, with all due respect, I mean, I think Simply Cyber Firesides is awesome. I don't know if this guy is going to want to get on our show. Second of all, the. I've watched a couple of his interviews. It's awesome. He, he, he made Open Claw very cool. But he actually. No, no. You know what I'm thinking of? I'm thinking of the guy who made Molt Book. That's what I'm thinking about. I have not seen the guy, Peter, who created Open Claw. I mean, I can reach out to him. The guy who created Moat Book. I saw, and that was like a bit of a. I'm not sure he would be a good fit. Dark Iceman. Blue. White. Yes, sir. And blue. White. Black or blue? Black? Blue. White. Blue. Black. Blue. White. Black or black? White. Red and green. I mean, green. I appreciate your ramp, but, like, we're good here. The garage. Is there a Karn guy? We'll see. We'll see. All right, guys. I'm Jerry from Simply Cyber. Thank you all for being here today. I hope you have a great day. Come back for one. We'll do the ama. I'm gonna speed run everything I can. I tried. You know, I had asked Daniel Meler at one point, and he was very polite, but it felt like a polite decline. So which is fine. Not a big deal. All right, I gotta go. Later.