Loading summary
A
All right. Good morning, everybody. How you doing? Welcome to the party. Let me get this music going. There we go. What's up, everybody? Hope you had a great weekend. Welcome. If you need to stay current on the top cyber news stories of the day, but you want to go beyond that and make your time ultra valuable by getting additional insights and ways that you can use that type that top cyber news in order to be more effective at your job, in order to, wow. Drive job interviewers, in order to be the CEO of you and basically help drive cyber risk reduction. Well, welcome to Simply Cyber's daily cyber threat brief podcast. I'm your host, Dr. Gerald Oer, coming to you live from the Buffer Oer Flow Studios. We got a great show for you today. Lock in because we're gonna be ripping the band aid off and getting deep into the top cyber news. I can't wait. Let's go. That's right. Good morning, everybody. Got a great show for you. I want you to know of the top eight cyber stories that we're going to go through over the next hour, I'll be going beyond the headlines because obviously you can read these stories yourself. So what's the value prop? Why would you spend extra time here? Well, it's multifaceted, number one. I've got 20 plus years of experience, so I love to take insights from stories that seem kind of pedestrian and vanilla and give you additional value where you can go beyond and like, implement something at work today or understand how these things connect together. So if you're looking to break in the industry, I know some people have passed their security plus and said, you know, by covering the stories the way you do, Jerry, I'm able to see how all these terminologies or, you know, words and acronyms, they all make sense together in the big scheme or. Guys, I'm just telling you, leveling up, you know, if all you all you know how to do is use a hammer, everything looks like a nail. So what I'm trying to do here is show you what a wrench looks like. Show you what a. Show you what a screwdriver looks like. Show you all the things, even the obscure tools, like, I don't know, like an all or something like that. Maybe in Augur. Oh, my God. You see what I did there? All right. Hey, shout out to Team usa. Sorry, Canada. Team usa. Olympic hockey. Just straight crushing it like a bunch of bosses. One of the most exciting, you know, hour and a half of sport I've ever watched. So good. End to end, of course, you know, Spoiler alert. Gold medal. Guys, if you didn't know of all the stories we're going to be covering, do you know how many I researched and prepped for? 0. Ain't nobody got time for that. I don't research or prep for the shows. I literally have no idea what stories are going to be coming. And I'm just reacting in real time, which makes it super easy. Ask Marcus Kyler. He knows what I'm talking about. Lol. All right, guys, if today's your first episode, welcome to the party. Squad members know what to do. But yeah. Hey, if today's your first episode, drop a hashtag first timer in chat. Hashtag first timer in chat. We love welcoming you to the show. We love welcoming you to the community. Remember, simply Cyber IO Discord. We're here for an hour live every single morning. You can catch us on replay on YouTube or your all podcast audio podcast app of choice. We, we re. We republish this show every day on Spotify and Apple Podcasts. You can listen on audio. But if you're here for the first time, say what's up with a hashtag firsttimer? And then definitely go check out that Discord server. Simply Cyber IO Discord. Because the conversations in the community really blossoms over there. For those who are on a two hour delay, anvil3589, feel that. I checked the weather this morning, dude. New England. New England. My family, my people getting absolutely bamboozled with a blizzard. So stay safe out there, everyone. Hey, Calvin. Whitney. Good to see you guys. Every single episode of the Daily Cyber Threat belief, including episode 174 here on February 23, is worth half a CPE. Mike Amel, 1973, a Yadu Kersey, a squad member and a first timer. That's a wild coincidence. So hey, just say what's up in chat. Grab a screenshot of you saying what's up? And chat. Include today's episode number, which has the date and unique id. File it away so you. You'll have a folder on your desktop with a bunch of screenshots. Once a year, count up those screenshots, divide by two. That is how many CPEs you get. Super simple, super easy, super value. That's what's up here. Squad members. We got some first timers we got to say what's up to. We got. Hold on. Where is it at? I think at Anvil. What the hell? Where is that? I. I saw some first timers and now I don't see them. I don't know where they Are I went Ayatu and Andvil. Let's welcome them to the party, pal. Anvil and Ayatu, welcome. Hold on, let me get my emotes. See, if I had a producer, the producer could do this while I talk. All right, there we go. And then welcome to the party, pal. It's great to have you here. I hope you enjoy the experience. What's up? All right, Coffee cup. Cheers to everybody. Every single day of the week has a special segment. And Mondays is simply Cyber's community member of the week, sponsored by Threat Locker, which means this. The member gets a hundred dollar Amazon gift card. If the winner gets wants Simply Cyber merch, that's fine. I know from a branding perspective it makes sense to give out merch, but it's incred. It's like, it's complicated. Okay, 100Amazon gift card. If you want merch, I'll give you merch, but. All right, guys, let's get into it. Oh, wait a minute. We got show sponsors without them. I can't do the show without them. I'm not drinking this cup of coffee and I'm not yelling into this microphone. Also, hey, fun fact. Got to spend a lot of Saturday with 1J Crypto, aka Justin Gold. I want the community to know I went out and spent Saturday with Justin with my boys and Callan, my youngest asked Justin to explain bitcoin to him. So Justin was in his glory, just letting that wash over him. So just so everybody knows, sharing a little bit of a little behind the scenes on what's going here. Guys want to say shout out to the stream sponsors, those who enabled me to bring this show to you. Quick holla to Flare Academy. This Wednesday, February 25th. They're showing the 2025 capture the flag answers. So listen to this. Check this out really quickly. Simply Cyber IO flare. If you go to Simply Cyber IO Flare, Simply Cyber I. Oops. Simply Cyber IO Flare. I'm gonna drop it in chat. Okay, listen really quickly. I. I want everybody to understand this because this is super important, okay? Now some of you who are, you know, seasoned professionals, maybe this doesn't matter to you, but capture the flags are fun. Like challenges, they happen a lot of times at conferences where there's a scoreboard and you solve these like puzzles, basically cyber puzzles. Find the flag, reverse this binary, look through this network packet, capture whatever. And a lot of people, first of all get intimidated by CTFs or capture the flags. And two, don't realize that Capture the flags are really fun networking opportunities because everybody else doing the ctfs with you are, you know, talking with each other and socializing. It's, it's very much an event or an activity that people opt into. Now I, Flair's doing something very cool and that's why I want to share this with you. On Wednesday they are doing a two hour essentially like mentor led CTF walkthrough. So last December Flair hosted a very cool capture the flag event. Okay. And they had some great competition and the answers are out there. But they said, you know what, people really do want to kind of break down the barriers and the intimidation, the imposter syndrome of doing CTFs. So this Wednesday they're actually going to walk you through step by step, every step of the ctf. So you can like basically solve the challenges, get, get a feel for how CTF work, learn some skills, some practical hands on skills. I think this is just phenomenal. Such a great way to help individuals and repurpose the CTF stuff so you can see the learning outcomes. You're going to be playing with cyber Chef Ghidra Docker binwalk. You're going to be doing, learning how idor or indirect object references work, reverse engineering oent like this is literally like if I had the time, I would do this. This is fun. This is a lot of fun. So go to Simply Cyber IO Flare. Check it out again. You can always sign up and not go. There's no, there's no, you don't pay to attend this thing. So I also want to let everybody know about material security. Oh yeah, material security. Your cloud workspace is more than just email. So why does everyone stop there? Material delivers complete production for Google Workspace and Microsoft 365. Going beyond perimeter defenses to secure email files and accounts across your environment. With advanced AI detections and automated threat response. Material correlate signals across the workspace to identify risks others miss. It protects sensitive data in inboxes and shared files, monitors accounts across third party apps. It automates remediation all the way from phishing responses to user report triaging. You can see it all here. So what's the result of all this? You mature your security posture and you scale protection. All without adding headcount. Which business loves. And it's all at the cost of traditional email security, which business loves. So be the superhero at your work. Secure your entire workspace. Learn more simply cyber IO material. Simply cyber IO material. Thank you very much. Material for sponsoring. All right. Of course. Zero Trust World. Just a few weeks away here. Oh, next week. Holy crap. Zero Trust World. Next week with Threat Locker. So let's get hopefully you guys can go if you're going to Zero Trust World. Sound off in chat. I'll be in chat. Let's hear briefly from Threat Locker and then I'm going to melt your face with the news. Let's go. I want to give some love to the Daily Cyber Threat Brief sponsor Threat Locker do zero day exploits and supply chain attacks. Keep you up at night. Worry no more. You can harden your security with Threat Locker. Worldwide companies like JetBlue Trust Threat Locker to secure their data and keep their business operations flying high. Threat Locker takes a deny by default approach to cybersecurity and provides a full audit of every action allowed or blocked for risk management and compliance. Onboarding and operation is fully supported by their US based Cyber Hero support team. Get a free 30 day trial and learn more about how ThreatLocker can help prevent ransomware and ensure compliance. Visit threatlocker.com DailyCyber. All right, there we go. We got it all dialed in. Everybody shout out to Luke Canfield. Good to see you in Chad. Isaiah Morris over on LinkedIn. Good to see you with the GRC Mafia BW5542. Always in the chat. Know your threats. Blue Badge. Love it. All right guys, you know what's cracking. I need everyone to do me a solid. Tasha Smiles or Tasha Miles Sit back. Isaiah Morris Relax Doom Kraken Chill and let's all let the cool sounds of the hot news wash over us in an awesome wave. I'll see you guys at the mid roll.
B
Let's cook.
A
From the CISO series, it's Cyber Security headline.
B
These are the cybersecurity headlines for Monday, February 23, 2026. I'm Steve Prentiss. Arcanix the new AI infostealer experiment. Researchers from Kaspersky now say that an information stealing malware operation named Arkanix Stealer that is a R K a N I X which appeared on Dark Web forums towards the end of last year, was likely developed as an AI assisted experiment end quot it included a control panel and a discord server for communication with users, but has since been removed by its developer. Although it consisted of many standard data stealing features that cybercriminals are already using, along with a modular architecture and anti analysis features, the Kaspersky researchers said the clues that indicated LLM assisted development might have drastically reduced development time and costs. End quote.
A
All right, the problem here is. CESA series like the first story that they had was not that story. So I can't even bring up a graphic of that. Unfortunately I was like reading this story. Crap. All right, I apologize because I, you know, obviously there's a disconnect here. I'm. I'm expecting the first story link to be the first story that they talk about in the, in the stories. So all I can say is number one, they talked about using AI to. I, I missed that whole story. We're just gonna skip it. Okay, I'm sorry everybody. Basically, it sounded like AI to do malware. Like, okay, news at 11.
B
AI assisted hacker breached 600 Fortinet firewalls in five weeks. Following up on a story we covered exactly one month ago. Amazon is warning that quote, a Russian speaking hacker used multiple generative.
A
Ok, what is going on here? Hold on. Am I like, am I like high right now or something? All right, so this is definitely the right story for today. Oh, they stuck this stupid. This new show that like bruh. All right, hold on one second. This hasn't ever happened before, but here we go. You get to see how the sausage is made, y'. All. By the way, saying y' all Ryan Hall, y' all dude, when a storm comes around, I. I like tuned into him today. That dude has 18, 000 people live on his live stream right now watching him look at like weather pictures. It's crazy. Nice guy. All right, so we're back here. Arcanic Steeler pops up as a short lived AI info stealer experiment. Yeah, Control panels are normal. Discord servers are less normal, I would say. Okay. Ooh, source code, screenshots. Very nice. All right, so you know, Phil Stafford and John V. Can tell you that this looks like, I guess LLM traces, kind of like M dashes in, you know, social media posts. There's kind of like these indicators of what's up. But oh, and by the way, I haven't said this in a minute. If you see this like anime girl on the Dark Web, whoever's profile that is is legit. I don't know what kind of rules the Dark Web criminal underbelly have, but like I feel like if you are Script Kitty or something or you don't know what you're doing and you use this profile, you're like opposer. Like this is for like, like legit practitioner criminals only. So very legit anyways that the, the thing that you really need to know is if you're not protecting today from like malware and malware operations both like your end users, like human layer and your endpoints, your tech layer and your in Your network layer as well. What are you doing? You've got to do it. Like, the fact that they're using AI to do this, all that means is they're going to be able to convert malware faster with more efficacy. So it is what it is. You know what I mean? Also, just as a fun, fun fact. And I'll talk about this at Jawjack, and if you want, I am, like, two weeks into Open Claw, right? Everybody's, like, losing their mind about Open Claw. That guy Peter got a job at Open AI for Open Claw. Just between, like, my. My initial thoughts, Open Claw is fine. It's fine. It's not like we're not losing our job, right? Like, it. It fails as often as it succeeds. I guess I'll put it that way. I've been, you know, open class. Fine. Okay? It's all the YouTube videos, all the news press, where it's like, losing their collective minds over Open Claw. They're just showing it when it works. Like, it doesn't work every time. It literally doesn't work, like, half the time. Okay, enough dunking on OpenClaw AI services
B
as part of a campaign that breached more than 600 Fortigate firewalls across 55 countries in five weeks. End quote. As reported by CJ Moses, CISO of Amazon Integrated Security, the January hacking campaign did not rely on exploits.
A
All right. Priceless Pancakes wanting to know where their I heart nest all white on black shirt is. Oh, man. Thanks for the 25 months priceless pancake. Good to see the blue badge on you instead.
B
The threat actor quote, targeted exposed management interfaces and weak credentials that lacked MFA protection. Brute forcing with common passwords and using AI to help automate access to other devices on the breached network. End quote. Russia stepping up hybrid attack again.
A
If you are here, see if you don't know, okay? If you don't know, you know, like, either you're new here or you're like, not a tech person. You're like, oh, my God. AI assisted. Oh, my God. 600 firewalls down. Like, but like, AI assisted were brute force attacked. Like, my guy. Go use NCrack, go use Hydra. Go use any of the tools that have existed for like 20 years. And you can do this attack. You don't need AI to assist you. If anything, it was someone who didn't know what they were doing and asked AI to help him. And AI is like, yeah, let me just show you this tool that was developed in 2003. You can use this to do it. You know what I mean? Like, why do you have. I hate to be this guy, but please allow me. How do you have Internet facing firewalls with credentials that are easy to compromise and don't use mfa? Like are you out of your mind? How many? Like this isn't technical exploitation. This isn't like Fortinet's always getting crapped on because they have zero days like every day. Like that's the Fortinet. I need a bumper sticker that says zero days every day Fortinet. Like that's their slogan. Right. By the way, I'm probably gonna get slandered or like you know, all opinions are my own. This is satirical. But weak credentials lacked MFA protection. Like this. This is. When you see this, it's. This is. This is bad grc. This is bad information security program design. This is a CISO like not doing their job. Okay. Like period. And I hate to whoever is the one behind this. I don't know what to tell you. I don't know what. Like there must have been some compelling reason for them not to put MFA on Internet facing firewalls. I don't know what they are. It's beyond me. But there must have been a reason because no one, no one who knows how to do their job, no one would possibly ever have Internet facing weak credential firewalls without MFA and, and be considered competent at their job. So there's no way that whoever did this is that person. Right? They, they would have to be an absolute. All right. So of course a couple like month ago for gate firewalls or the fortigate like single sign on thing was messed up. Threat actors can scan the Internet for the fingerprints for fortigate management interface. So the TLDR here is. The TLDR here is very simple. All your Internet take this as an action today. Scan your Internet facing assets. You can use the IP addresses to know which ones those are. There's a, there's a thing called RFC 1918 that, that calls out non public routable IP addresses. Your, this is your 10.0, your 172.0 I think 16, your 192, 168 IP address ranges. Right. You're 127001. Right. If you want to get really particular like anything that's not those that's Internet facing potentially. Unless you're like an old institution that bought up a bunch of IP addresses and for some stupid reason you're using them internally. Which anyways scan your Internet facing IP address range and look for devices, see if they are there. And then you won't. Here's the thing. You won't be able to tell if MFA is enabled or not without having the password right? And you don't want to go that far. Just figure out where your attack surface is and then go talk to the IT team. Go talk to the networking team. Hey, guys, just confirming mfa, Citrix team application, gateway, VPN concentrator. All the things that are Internet facing get answers. Strong credentials, mfa, even weak credentials. And MFA is better than that. Nothing.
B
Preparing for confrontation with the West. This dire warning comes from Dutch intelligence services who said that, quote, the intensifying cyber attacks, sabotage and covert influence operations across Europe show the Kremlin is preparing for a prolonged confrontation with the west, end quote. Two Dutch intelligence agencies, one general and the other military, said the Russian armed forces are preparing for the possibility of a conflict with NATO and are carrying out various activities to test the West's willingness to escalate. Their term, hybrid refers to a blend of cyber attacks, sabotage, disinformation, covert political influence, and espionage designed to stay below the threshold of open war. End quote.
A
All right. I mean. Okay, sorry, guys. I always forget which one. So listen really quickly. It would appear that we, as a species or society. I don't even know how to put it. Have been marching to. Towards this, right? It says Russia. Here's the thing. This is like. This is like cyber adjacent, okay? So I'm going to. If you're new here, we don't really get into politics, okay? We don't talk politics, we don't talk religion. And if you're a Bob's Burger fan, we don't talk about the Ottoman, okay? Now, Russia has been at war invading Ukraine since 2022. So four years. If you guys haven't been paying attention. Part of the whole reason they invaded when they did was because they didn't want Ukraine to join NATO, Right? That was, like, part of the deal. They were trying to get in there before they joined NATO. Russia, allegedly, whatever you want to say, has been attacking NATO countries for the last year. So I don't know what you're talking about. Stepping up hybrid attacks, bro. Like, they attacked Poland, they attacked Estonia, Latvia, and I don't know if these countries are in NATO or not. They attacked or not? They attacked. They allegedly damaged the Internet pipeline going across the Baltic Sea into, you know, those. Those fjord, Scandinavian countries. Sure, if we look hard enough. I've seen. I think they attacked Italy or Po or Spain at some point. So, like, my man, like, oh, like we're going to Attack NATO. Like, I'm pretty sure this has already been happening, so I don't know why this isn't a. A big thing. Of course, it's very interesting, too. The timing of it, I think, is directly related to what has happened with the United States current administration in their very public opinions of NATO and how, you know, like, NATO needs us more than they. We need them and like, Iran. Okay, so we're not talking politics, but there's just a lot going on from a cyber security perspective. What I would like to tell you. What I would like to tell you is that they say hybrid attacks. I'm going to tell you right now. Mark, tape. February 23, 2026. All first world power military conflicts are hybrid attacks. We have been using cyber as a capability to complement a mission for decades. Decades. Okay? And I know that might sound like, oh, Jerry's got a tinfoil hat on. Like, let's tune into this. My. My man. Like, knocking power out. Did you. I mean, I don't know, did you see when the United States. I don't even know the right word. Kidnapped the president of Venezuela? Like, there was a cyber complimentary capability that knocked out the power, you know, in route. We. There was even talk about how anthropic was involved during the planning of that mission. We've seen many kind, like, dude, Stuxnet, which was like, 2013, I think United States, Israel, combining forces like wonder twins with 70 days to destroy in the most elegant way possible, a uranium enrichment facility in the Tanz, Iran. My guy. Like, again, like, I feel like. I feel like I'm taking crazy pills because we live this every day, people, right? Cyber people. We live this every day. For my aunt Dorothea, she's like, oh, no, Russia's. Russia's going to start doing cyber attacks with their military strikes. Oh, no. It's like. Like this has been the playbook. Like, there's people who joined the military and have since retired that would be able to tell you that the cyber was always part of it.
B
So whatever Japanese semiconductor supplier suffers ransomware attack. Tokyo based Advantest, that is Advantage, a supplier of semiconductor test equipment, said the attack occurred last Sunday and has impacted several company systems. Advantest is one of the largest manufacturers of test and measurement equipment used in the design and production of semiconductors for machine learning, autonomous vehicles, 5G systems, and more. Its tools have become critical assets in the production process of semiconductors globally. No group has yet claimed responsibility for this attack.
A
All right, so there's like, two opportunities here from a one is like just kind of an objective call. The other is a tinfoil hat. So really quick. Japan has been getting bamboozled by ransomware attacks for quite some time. Like Nissan Godhead or Toyota. Nissan and Toyota Godhead. If you just type in Japan ransomware attack 2025, you'll see a whole list of them. So the semiconductor supplier being hit is not a surprise. Remember, manufacturing is, you know, between manufacturing and healthcare globally those are the top two industries that suffer the greatest frequency of ransomware attacks. I also want to point out really quick. I saw unit 42s, Palo Alto's research ARM and MDR arm released a report recently and the one fact that jumped like stuck with me. Obviously right now 22% of ransomware attacks now are just data exiled. They're not even bothering encrypting. So I don't know how this particular attack happened because it's manufacturing. I would assume that it was encrypted to disrupt operations. Remember, the reason that opera, the reason that manufacturing and healthcare are so highly targeted is because when you bring them down, there is immediate impact. In health care, there's patient safety. Like this person is sick and needs help now and we can't do it for them because we're down in manufacturing. It's like every, every second in manufacturing is making money. That's why these facilities run 24, seven producing widgets and McGuffins. So when you disrupt the machine, you stop making money. Jose V019 thanks for the squad membership, dude. All right, so you know, this is like, this is, I don't want to say this is a no brainer but like, you know, Japan's here. I don't, I don't think I've ever seen anyone in chat who's in Japan or protecting businesses in Japan. But just so you know, if you are responsible for manufacturing and, or in Japan or your business is in Japan, you absolutely should have this on your radar. You should be doing tabletop exercises. This is a perfect example where when in the world of GRC and risk, like the basic, basic day one stuff, there's likelihood and there's impact. How likely is something bad to happen and if it does happen, how bad is bad? Right? These are the two values we use to determine risk and then you know, we prioritize based on the risk and stuff like that. So this one, your likelihood should be going up. It should be steadily going up if you're in manufacturing or you're in Japan and if you're doing manufacturing in Japan, you are red hot you know, should be focused on this now from a tinfoil hat perspective because it is a semiconductor company. China and Russia are BFFs. China wants those semiconductors, you know, pretty badly. I feel like they've got a pretty good lock on it. But by disrupting this supplier, Japan and the United states are, are BFFs. Russia, remember Japan, Netherlands semiconductor agreement, right? This is like two, three years ago, April 2023, Japan and the Netherlands announced plans for new export controls on semiconductor equipment. So I'm, I'm showing this story from two years, three years ago. Why am I showing you this? Because Japan made an agreement with the United States that they wouldn't send China semiconductors easily. And that really pissed off China, right? Because now it turns into this like, you know, acts not axes and allies, but like superpowers fighting each other with like proxy, like proxy wars, right? This is like an economic lever that the United States pulled. And now Japanese semiconductor suppliers getting ransomware attacked. If anything, I think I could see a directed military strike against this, but doing it through a third party, like a for profit cyber criminal. Hey, like we caught you and you, you're going to go to jail unless you kind of like do your operation and you take out things that we like in addition to doing your own ops. So again, that's why this is the tinfoil hat. I have no information whether or not this is related to geopolitics. I'll leave that to Elliot Matice. Now, does it say how the initial attack happened? No, it's ransomware, dude. Probably came through a phishing email. Someone clicked on something, ran PowerShell, click Fix. It doesn't matter.
B
Huge thanks to our sponsor, Adaptive Security. This episode is brought to you by Adaptive Security, the first security awareness platform built to stop AI powered social engineering. Deep fakes aren't science fiction anymore. They are a daily threat. So here's a quick tip. If your voicemail greeting is your real voice, switch it to the default robot voice. A few seconds of audio can be enough to clone you. Adaptive helps teams spot and stop these AI powered social engineering attacks. And you can learn more@adaptivesecurity.com that is the two words adaptive security together dot com.
A
All righty, we got the mid roll. Let's do our warm chocolate. All right guys. Hey, I want to say thank you all so very much for being here. Thanks for the squad memberships. Thanks for showing up guys. Every time someone learns about daily cyber threat brief and learns that we've done a thousand episodes in a row, always blown away it takes a village though. Guys. I genuinely appreciate all of you showing up on the regular, being supportive, helping each other. You know, I'm just one person up here, kind of like at the front of the boat. But I'm well aware and I can see it because I have the chat right in front of me. I see you guys every day just hooking each other up and helping each other like even like dude, Sage the professor jumping it or. Yeah, Sage. Good morning practitioners. I love it. The energy is great. This is such a wonderful way to start your morning. In addition to it like being practical for cyber professionals. Guys, really quick want to say thank you to Anti siphon training. Anti siphon training. Disrupting the traditional cyber security training industry. Offering high quality, cutting edge education to everyone regardless of financial position. If you didn't know, Today, starting at 11am or noon Eastern time, this man right here, John Strand, wonderful human being will be leading a four day, 16 hour cyber security foundations course. If you've been wondering where to start or if you've been pushing your peas around the plate waiting to take your first bite, getting into cyber, this is definitely for you. You can take this for $0. They do ask for a, a $25 commit. You pay what you can. Basically if you can't pay anything, they'll still let you in. John wants everybody to get access to this education. Stop. Here's what I would say. Stop trying to like have the perfect plan. Stop delaying, stop procrastinating. If that's you, maybe you had to hear this today. Take action, start moving forward. This is a wonderful opportunity. 16 hours, 16 CPEs, four days, noon. Starting at noon today, I'm gonna drop a link in chat. Consider doing it for yourself. Invest in yourself. Guys. No one like, and I mean this with all the love in my heart, no one, maybe your mother, but no one's going to care about your career more than you. If you don't care about your career, why would anyone else? So like invest in yourself. And this is a $0 16 hour investment if you've been looking to kick it off. All right guys, every single day of the week has a special segment in Mondays is simply Cyber Community member of the week. Now it is sponsored by Threat Locker which means I get to give away a hundred dollar Amazon gift card. Basically Threat Locker gives me money and I turn around and give money to the community member because it's oh get your Oprah emotes. I just love doing this. I'm so happy when I suggested this to Threat Locker and they Were like, yeah, yeah, let's give money to people. So the Simply Cyber Community Member of the Week. Guys, so many of you are, you know, helping each other, as I've already laid out, but I like to call out one particular member just to, like, let them know. And where is she? I know she's in chat right now. Hold on one second, let me. I gotta get the graphic up. Many of you see her. She's behind the scenes. She's been in the community for. For a very long time. And ladies and gentlemen, I would love for you to put your hands together for this week's Simply Cyber Community Member of the Week one, Jenny Housley. All right, so Jenny Housley, if you don't know, Jenny Housley, has been a moderator of the Simply Cyber Discord server. She's in chat. She's helping, you know, not control the stream, but make sure the stream stays safe, supportive, inclusive for everybody. She's a wonderful human being. And I just. This weekend we've had. Here's the deal. We've had a bit of a rash in the Discord server of, like, evil people, like. Like criminals, scammy accounts, just bad people. And Jenny Housley, like, turned into Thor with the banhammer. And, you know, I. I was. I was out this weekend, and Jenny was, like, cleaning up the streets like a. Like a vigilante, just keeping the Discord server clean. So if you are, here's the deal. If you enjoy your experience on the Discord server, this woman right here is part of the reason why it's a safe space. So thank you, Jenny. On top of that, we also have. I always forget we have a women only or, like, for the women. I forget what it's called, but there's, like, a female only channel on the Simply Cyber Discord server. That was Jenny's doing as well. I don't even. I never go in there unless there's a problem, just to respect the boundaries. I know Shamira Gonzalez is in there doing good things, but Jenny's the origin story of that channel. So, anyways, if you don't know Jenny, allow me to introduce you to her. She's a great person. Thank you, Jenny Housley, for all you do. All right, let's finish strong.
B
Anthropic announces embedded Security Scanning for Claude. This new feature can scan a user's software code bases for vulnerabilities and suggest patching solutions. Claude Code Security, as it's called, will initially be available to a limited number of enterprise and team customers for testing and and this is after a year of internal stress testing conducted by and for the company. Anthropic says that as Vibe coding becomes more widespread, the demand for automated vulnerability scanning will exceed the capacity of manual security reviews. New.
A
All right, so way to go. I'm a huge fan of Anthropic and not because of the commercials they made making fun of OpenAI. Anthropic definitely seems interested and invested in improving their product. Not just printing money, guys, skills. Extensions. These plug in things like, dude, there is a wild west of malware going on in the entire AI ecosystem, and Anthropic's doing a pretty good job of trying to look for malware in code, look for malware in skills, look for malware in, in software in general. Right. And then offer ways to fix it. Right. Whether it's patch it or remove it or, or anything. Right. So this is pretty good. I want to point out this will not. This will do nothing around prompt injection. Okay? So just just to be crystal clear, prompt injection is its own thing. Basically. Prompt injection is the code or the AI doing what it's supposed to do. But I definitely appreciate this. This seems more for software developers using Claude and Claude code, by the way, Claude code, I know you that I feel like just this is another thing that I'm learning. Claude code is a bit of a misnomer. Yes, you can use it to write software, but I use Claude code just last week and I took a two hour workshop to learn a new skill and we used Claude code in it and I didn't write any software. I did, I mean, I did make some. I guess I did make some like website, but it's not exclusively for developers. Also, Claude cowork is a lot like Claude code. You gotta be careful though, how willing you are to allow it access to your file system. All right, Claude. Anthropic says we expect that a significant share of the world's code will be scanned by AI in the future, given how effective models have become at finding long hidden bugs and security issues. So this is good. Honestly, this is Anthropic saying that they can help any software in any code. Guys, I gotta tell you really quickly, if it were me, I would. If you wanted to get a C. If you ever wanted to get a CVE associated with your name, I, I would. Now's the golden time. You can use AI to help you find those CVEs and get them published and stuff. But I think in like maybe six months, a year. This is a hot take. All right. This is like the legit reason for the tinfoil hat. I have a hot take guys. Spicy hot. Ready? Here we go. In. In six months, in, in one year from now, 12 months from now, there will be very little CVEs found because software developers will be using AI to basically stress test and look for bugs in their code. So I mean, there'll still be bugs, right? There'll still be vulnerabilities, they'll still be process based vulnerabilities. Kind of like prompt injection where like it's not a vulnerability in the sense that it's like a buffer overflow or use after free vulnerability. It's just the way it works, can be exploited. But like a lot of these, you know, cross site scripting, SQL injection things will be eliminated before they get pushed to production because AI is going to find them. That's what I'm thinking.
B
Big Fix campaign deploys Mimic RAT malware A new report from cybersecurity research company Elastic Security Labs describes a new click fix campaign that delivers a previously undocumented remote access trojan called mimicrat. The sophisticated operation attacks compromised sites in diverse industries and geographies to drop a LUA scripted shellcode loader. The final implant communicates over HTTPs using profiles that resemble legitimate web analytics traffic. The researchers added that the campaign supports 17 languages with the lure content dynamically localized based on the victim's browser language settings to broaden its effective reach.
A
Shiny Hunter all right, so click fix is this really well known attack type or attack vector right now basically just so everybody's on the same page. Click fix is essentially, it's just a pop up or a landing page of looking like a captcha. So it's like click on the fire hydrants, click on the bicycles. And the way that you're proving you're a human is by popping open a run dialog box and then pasting in PowerShell, which I know sounds absurd, but it's working quite effectively for threat actors. So. So they're still using it for this particular campaign. I. There should be a graphic in here. Honestly there isn't. But let me see what the actual story is here. Okay, so, all right, here we go. So here's the deal. There's nothing new here. Okay? This, this isn't like a new novel way to use click fix. Legitimate websites are compromised. Okay, so you're not going to like, you know, bing bang boom.ru you're going to like chase.com okay, so it, which it's not Chase, but it's a legitimate website that has authority. It has reputation. Okay. And the threat actors are injecting JavaScript to cause click fix to happen. Now, if you are already educating your end users about click fix, you're fine. This won't be a thing. So that is what you should be doing. Educate your end users about click fix and how to avoid it, what it looks like, why you shouldn't run things in the start run dialog box if you can prevent them from popping a start run dialog box. But I think it's better to educate them because if they're on their home computer, your GPOs and policies aren't going to push down on their endpoints at home. So they could fall victim to it. So you want, I mean, I like to help people in general, not just help them because they work there. Once they fall for the quick fix, it gets a little sophisticated I suppose because they have, you know, it gets rerouted through Friendster, it ricochets off a satellite dish and then basically there's a lot of post exploitation commands that can be run and it looks at the browser language and delivers a language specific malicious experience for the end user. Okay, so if you're in, you're in France, you get a French language explanation on what's cooking. If you're in America, you get English or you get America language. Okay, okay. It just. All it, all this means is that whoever this criminal threat actor is behind this particular campaign is well funded. It's well funded because you would never put in the effort energy to build out the robustness of 17 different languages. If you, if you're just trying to get some money quick, right, you would just send it to Americans and have English be the only language. This level of sophistication typically indicates one of two things, either well funded threat actor or nation state. Given what it is, I would suspect it is well funded threat actor, not necessarily nation state, because the nation state's not going to bother like this. All right.
B
Beats the house in Vegas. Wynn Resorts appears to be the latest victim of the Shiny Hunters extortion gang. The group posted the company on its blog last Friday, claiming possession of more than 800,000 records containing employees, Social Security numbers and other private details. WIN has until today February 23rd to reach out. Otherwise a data leak. And in the words of the gang, other annoying digital problems will occur. A spokesperson for the crime group told the Register that its members gained initial access to Wins systems in September 2025 with quote via an Oracle PeopleSoft vulnerability using an employee's credentials. End quote paper.
A
All right, so I Okay. I mean, I don't get this. You tell me what this means. Gain initial access via a vulnerability and an employee's credentials. So I. The. I guess the way I would read this is the creds got them in and then the vulnerability allowed them to do privilege escalation. But again, initial access. To me, those words mean something. They mean initial access, which would be the employee's credentials, bruh. So unless this is like the PeopleSoft vulnerability allowed multi factor authentication bypass. Maybe. But PeopleSoft is like the HR. If I remember correctly, PeopleSoft is like, you know, an employee portal. I don't know. We'll see. Dude, they're only asking 1.5 million, which I. That would break me, right? Last time I checked. Hold on, let me check. Simply Cyber's bank account balance. Yeah, $1.5 million would end simply Cyber. But let's look at this. Wynn Resorts annual revenue. Wynn Resorts reported an annual operating revenue of $7 billion in 2024. $7 billion. Let's see if we can see their profit. Because revenue is one thing, but there's expenses, right? Wind Resorts reported a net income attributed to the company's $327 million for the full year, a decrease in $500 million. So the threat actors are asking for 1/3 of 1%. Okay, 1/3 of 1%. They made $320 million in profit. And the threat actors are asking for $1.5 million as an initial starting point. So Wynn could talk them down to 200,000, 500,000, whatever. The question now becomes, like, do you want to, like, do you want to mess around with these threat actors? Yes or no? I would assume. I don't know. I don't know. Interesting question. Like, basically, like, if I. If I took your personal photos, right? If I took your personal photos. Remember, Shiny Hunters did not disrupt operations. They just did Data X fill, right? Like I told you earlier, 22 of all ransomware threat actors, now all they do is take your data. They don't disrupt your operations. So if I took all of your personal photos right, right now, and I was like, I'm going to leak all your personal photos online unless you give me. Let's say you make $100,000 a year. Okay, you give me $1,000, right? That would be. Or not even that, $300. You make a hundred thousand dollars a year. And I'm going to leak all your photos unless you give me $300. That's basically what Wynn is dealing with right now. Now, your photos might be family photos, vacation photos. You wearing your pants on your head because you're being silly, right? So you're like, it's not really that bad, you know, so we'll see what happens. Shiny Hunters very effective at what they do. I will say it is a little interesting to see Shiny Hunters using a technical exploitation only because Shiny Hunters is typically associated with voice phishing and more social engineering. Much, much less technical exploitation. In fact, if, if you didn't tell me the name of the threat actor group, I would not have guessed Shiny Hunters Lapsis or what's the other third? What's the third one that the kids are part of here? Scattered spider. Right. They are almost exclusively social engineering.
B
Al's small data incident has a long tail. PayPal is alerting customers of a data incident following a software error in a small business loan application system which exposed sensitive pii, including Social Security numbers. Although the number of people affected was very small, around 100 customers, the data remained exposed for nearly six months last year between July, the date of discovery, December 12. PayPal has emphasized that this was not a breach and its systems were not compromised. The erroneous code has been since rolled back.
A
Yeah, not a good look. So PayPal was any financial institution. I don't care if it's PayPal, you know, FTX, like crypto exchanges, or it's more like traditional institutions like Wells Fargo. Like a financial institution that can't protect your money is going to lose your business. And that's scary. Af, which is why financial institutions spend the most on cyber security, right? Whether you're a local, you know, Columbia, South Carolina based co op bank, or you're a large multinational, you know, Truist or Deutsche bank, it matters, right? So PayPal's been around, but guess what? Venmo, Apple, Pay Zel, there's a lot of competitors now. So PayPal vehemently pointing out that nobody's bank or nobody's money was affected by this software area. Software error in a loan application exposed Social Security numbers, etc, right? This is fine. You can get two years of free credit monitoring. Add that on the fire. I just got a letter yesterday from a company I've never heard of saying that my data was involved in a breach that, that they had. I love that. I love getting emails from or letters in the mail from businesses I've never heard of saying that they lost my information. All right, here's the deal on this one. PayPal is a software, right? It is a financial institution, but it's fintech, right? They make software. Anybody that works with software development here. You should be doing everything you can to test the software not just for functionality, but also for security and getting it pen tested if you can, getting it stress tested if you can. But hey, you can't eliminate all risk. Software is prone to errors. Obviously, like I said before, you can use AI. Anthropic mentioned this. Use AI to scan this software. So that's a. This is a perfect example. PayPal had this issue. I'm sure it wasn't malicious. Sensitive information was potentially exposed. We don't know if it got exploited or not. Anthropic's talking about AI scanning code bases. This would be a perfect example where you could have caught this issue before it went to production or not have it persist for six months. So, like, this is putting the pieces together as far as how you can use that AI tool to evaluate software to find bugs in advance. Of course, if you use PayPal, your socials out. I feel like if you're over the age of 25, your Social Security number had already been compromised somewhere else. So, like, I don't know. For me personally, I'm almost desensitized at this point. When I hear about like, oh, your, your date of birth was compromised. I'm like, okay, like, yep.
B
Are you planning to be in San Francisco for RSA conference next month?
A
I am. Thank you for asking. All right, y', all. Holla, holla, holla. Hello, hello, hello. I hope you guys got value from it. We are right at 9:00am Eastern time, so someone called Nick Barker. We nailed it. I want to thank you all for being here again. Shout out. And thank you to Jenny Housley for all she does as far as making the community a great safe space for everyone. Young, old, male, female, a new to the industry, long timer in the industry. Whoops. Let me close. Reopen that, Tim. I'm Jerry from Simply Cyber. If you enjoyed the show, tell a friend, bring a friend tomorrow. Simple as that. I appreciate all that you guys do. Stick around. We got Jawjacking. I do have a, a poll or a question for the community that I will ask near the end of Jawjacking. Because typically the people who are most, most interested in the community stick around. I hope you got value. We'll, we'll be back tomorrow at 10:00am oh, also, I want to remind everybody, if you didn't know, tomorrow at 1pm Come sign up for this tomorrow, 1pm Tim Papa is coming on Simply Cyber Skill Stream. This is a new series we started in January. It's once a month. This is a one Hour Practical skill. Hands on learning. You will leave with a skill. This is absolutely free to attend. This guy is very cool. Kathy Chambers turned me on to him. I'm gonna drop a link in Chat SC Skill Stream. Remember, it's free to sign up and if you want, what I would recommend is go To Simply Cyber. Simply Cyber IO schedule, and you can get this, you can get this on your calendar right here. Click on this link. Get this on your calendar. Drop a link, click here. Wink. All right, sign up. Come hang out. All about good times. I'm Jerry from Simply Cyber. Let's get Jawjacking, shall we? Ever wonder what it takes to break into cyber security? Join us every weekday for Jawjacking, where industry experts answer your burning questions about the cyber security field live, unfiltered, and totally free. Let's level up together. It's time for some Jawjacking. Hey, what's up, everybody? Welcome to Jawjacking. I'm Jerry Guy. All about good times. Coming hot off the heels from that nerds podcast, Daily Cyber Threat Brief. Here's how it works, guys. If you're a first timer here, you ask a question in chat with a queue, and I will answer it. Simple as that. I cannot. I can't do one on one coaching. I'm not gonna pay wall coaching. I'm not gonna tell people, oh, sign up here and 500 bucks, I'll meet with you and answer your questions. I'm not gonna do any of that, but what I can do is mentor at scale. I can do half an hour every day that I give to you guys, you ask a question, chances are someone else has the same question. So I'm able to help multiple people at once, which is the best way I can serve this community. So drop a question, put a Q in front, and I will answer it as best I can. And I'll bring it on stream too, if I can. Let's see. AB is saying, Tim, Papa is awesome. So come hang out tomorrow at the South. South Carolina Simply Cyber Skills stream. All right. Yeah, people in the Northeast, be safe. Definitely appreciate that. We've been formally invited to Asia. Thank you. Dream Logic. Priceless pancake. Got to go to RSA one year before the rest of the team SC started going. Yeah, I'll be there this year. Already booked my flight and hotel. All right. All right, let's see if you got questions, drop them in chat. All right, here we go. Wow. Okay. A lot of questions. Love it. What was. What's your Chinese takeaway order? What's your Chinese Takeoff. I guess in. In the United Kingdom takeout is called takeaway. So here. Here's mine for real. I love. I love evaluating an entire Chinese restaurant based on their hot and sour soup. If your hot and sour soup is bad, it doesn't matter if you have the world's best Singapore noodles. I'm not touching it. All right, so I have two orders. Hot and sour soup with an order of steamed meat dumplings or Singapore May Fun extra spicy. And then you know, my kids get the. Well, I'm and. But also, also as a fun tidbits Tuesday. Many people in this community know how I feel about sour cream. I. I'd rather. I'd rather put my hand in a blender than eat sour cream. Crab rangoons are also dead to me. I. The. The filling and crab rangoon. Oh. All right. What are your plans for SC CON 2026? Trying to get Justin Gold activated on this. We've already booked the location and the dates. Luke Canfield. It's going to be Folly beach and it's like November, early November. It might even be the. The like 7th, 8th, 9th. Like my birthday will be involved. Not that you guys have to treat it special because it's my birthday, but that's what's up. We. We've got all the information. We just need to. I, I met with Justin on last week to talk about it, but we haven't really moved forward on it yet. Did you choose the name Simply Cyber because it's initials or SC in North Carolina? No. BW5542. I actually chose Simply Cyber. Really? I, I came up with this way before any of this. I, I came up with it because to me it's like I just. I want to make cyber security accessible to everybody. That was the original tagline of the show and it's just simply cyber. Like what are you doing here? It's simply cyber. How do you pay? How do you do pay as you go on anti siphon training. Reverend Timothy, Let me take a look here. We can do a follow along Anti siphon training. Enroll now. Click here to register for virtual registration here. Wait, hold on. All right. Why is it showing it in pounds? That's weird. One second. There's definitely a way to do it. Is Zach Hill in chat? I'll have to get that information to you there. It's like you do. There is a way to do it. There is a way to do it. By now, maybe that's it. Zero. I think they call it like tuition assistance. Oh, right here. Right here. For tuition assistance with this course, please send an email to tuition assistancetraining.com. this is how you do it. Pay what you can. 25. And at the bottom of it, it says, for tuition assistance, email tuition assistance atantisiphontraining.com. that's how you do it. Reverend Timothy Johnson. Oh, my God. Mickey said. What's your Indian takeaway order? I know you're not asking me, but, like, chicken korma. Oh, my God. Get on board with that. I will bathe in chicken korma. It used to be chicken vindaloo, but that's a young man's game. I can't. My stomach will, like, if. If I'm. If I was alone for three days, I would get chicken vindaloo. But that. You know what I mean? Like, because I'm gonna have, like, I'm gonna have a, like, rumble in the jungle in my stomach. It's gonna be Royal rumble, you know, 88 WWF Royal Rumble. So, yeah. Hey, Zach, y'. All, Good to see you. Elliot Matais, when you're here for rsa, we can treat you to amazing Chinese food. That'll be good. Oh, hey, also, really quickly, for those who are going to be at rsa, I am trying to organize a Simply Cyber meetup. I do that typically when I go out to conferences. I'm. I'm just gonna. I've found this place, or I was turned on to this place, dude. This is where I'm gonna try to have the Simply Cyber meetup out there. Irish bank. It is down a dark alley. This all day long is my vibe. Like, no windows or the windows are, like, basically almost blocked out. Dark wood. There's soccer on tv, probably good food. Look at this, dude. Whether it's RIRI or whatever there in Vegas, Majarua, if you're familiar with Charleston, like, this is where I'm trying to get the. The meetup. The Simply Cyber Meetup. So just FYI. Stay tuned for details on that. Let's see. All right. Michael Fink. Morning. You mentioned finding CBEs earlier. I know you have a video with Tyler Ramsey from a while ago. Is that where you. Is that if. If you were to go looking for CVEs today, how would you. If I was going to go look for CVEs, I would go pull down someone, get someone's GitHub repo. That is a web application front end. So like a model view controller vibe that has some level of, like, I don't know, maybe 100 stars, right? So it's got some, like, traction. And then I would I would use. I would build it and then like locally and then I would use AI to look at it. You can use Burp Suite to kind of do your, your OAS, top three, top four, SQL injection, cross site scripting, etc. Etc. Data leakage and then report to that developer the cv. That's what I would do. And yes, Michael, if you go watch the Tyler Ramsby video, he explains that methodology step by step. Papa Bear just started my Google Cyber certain plan to do my CompTIA security plus afterwards. What do you recommend for labs? I'd like to be able to practice more so I can hit the ground running. So. Papa Bear on it. Dude, this isn't even like. Because they're a sponsor, this is like legit. This anti siphon training. Hold on one second. This anti siphon training right here, which is today, today, tomorrow, the next day, whatever. The reason I'm bringing it up is because John Strand actually has developed a VM that you can just access right away that has a bunch of labs and a bunch of tools on it. And we'll walk you through it. So like, this is a perfect example where like every, like all. A lot of times people get overwhelmed because like, if you want to do a lab, you've got to set up all the infrastructure first. And that's like, oh, overwhelming. John's built the VM with all the stuff in it. So you just access that in. In. In your in meta CTF and you're off and running. Also, I mean, for labs, you can get a Raspberry PI and screw around with that. I actually have three videos on my channel around using Raspberry PI to do labs like Web Goat Damn Vulnerable web application. Those are two examples. If you want to get kind of like OWASP web app pen testing skills, there are. KC7 is another platform that is good for blue team and defensive learning. Here, I'll drop this. I can't say enough good things about, about KC7. Is Jimmy still over at KC7? Wade? There's good people over there. So there's two, two options for you, Papa Bear. Great questions, by the way. Today, guys. Let me know if I'm answering your questions to your satisfaction, please. Dream Logic says. How's John Hoyt? John Hoyt's great. I. I love myself some John Hoyt. He was part of the Cyber Career Mentors podcast. He's CISO at Clemson. Let me share something with you guys. If you didn't know. John and Steve continued to do Cyber Career Mentors Podcast, where is it? Bro. Okay, can. Hold on one second. Mods. Can a mod get me Steve and John? Can we. Can anyone grab a cyber career mentors podcast? New YouTube link channel thing? Listen, Steve and John have continued that, and every Thursday, they launch a new episode. I'm supposed to tell you guys every Thursday, and I always forget because I'm, like, running out the door to the Citadel. And then we've had some, like, challenges with the host of Jawjacking on Thursday recently. So I'm, like, hyper focused on that, not thinking about Steve and John. So. All right. Straw hats, access butter chicken doll. Oh, garlic knot. By the way, if you don't order garlic naan when you get Indian food, you're doing it wrong. Okay. Cyber. Oh, thank you, Justin. All right, so check it out really quickly. Steve and John have continued the. Continued their march. I'm gonna drop a link to this. Okay? They are in active season right now. These guys have very. They're. They're. They're very senior practitioners. Right? Both of them. And they love helping people. They were part of Simply Cyber's media group last year. You could see they're doing season six right now. Reset, rebuild. Restart your cyber career inside the FBI. Why you're not getting. Dude. Why you're not getting cyber interviews. John and Ste. John's the CSO at Clemson. He hires people all the time. He sees what works and what doesn't work all the time. And he does this as a service to the greater community. So strongly recommend. Go check this out. I'm gonna drop a link in chat right now. Go check it out. Plus, it's just good to see them. They're good people. Big fan. All right. By the way, thanks for asking about them. Can we actually. Can we get an actual address this time so we don't get confused by multiple locations asking for a friend. Yes. Hey, so, fun fact. Phil Stafford is in San Francisco. I. I want to share a funny story with the community. It's 10 Mark Lane. 10 Mark Lane at Phil Stafford. So, hey, check this out. True story. True story. Last year, we were at rsa, and I, like, did a simply cyber community meetup. And we went, Phil, what was the name of the place? It was something called, like, the Beer House. Okay. The Beer House. And I said, hey, we're all gonna meet at the Beer House. And I get at 7 or whatever. So I get there at 7, and there's a couple people there. We're hanging out 7:30. Still a few people hanging out. I'm like, I guess we're not Gonna have that big a turnout. And then, like. Like, let's say eight o', clock, like, a bunch of people show up all at the same time wearing name tags. And I'm like, hey, guys, what's up? And they're like, you're never gonna believe this. So there's a. There's another bar called Beer House, right? So I said, let's meet at the Beer House. And there's a place called Beer House. Okay. And apparently a bunch of Simply Cyber Community members went to Beer House, the other place, and there was an actual private party going on. A lot of Simply Cyber Community members haven't met each other in real life yet. So this group walked in very confidently, grabbed the name badge, threw their name on it, started eating appetizers and drinking beers and meeting with people. And then just, like, slowly, they figured out that this was not Simply Cyber. So they collectively extracted themselves and came to our party. But. But they basically did Wedding Crashers at a private meetup in San Francisco. Absolutely hilarious. Also, that. That is the same night where Jason Blanchard walked in. And I called him Brandon for some reason, because I was like. Like my brain was cooked. All right, so that's a fun story if you guys didn't. All right, cool. I'm glad Michael Fink got value from the answer I gave him. Code Brew has a question. Code Brew, you can DM me the question on Discord if you want. I'm not sure why it's not showing up. Stv, we're planning on. We're planning to launch a cyber newsletter for our organization. Could you please provide some recommendations on how to structure it? We want to keep users engaged. Yeah, sure, no problem. Stv, number one, I would have some type of, like, something fun for them to do, like, either, like, something that's unrelated to whatever the cyber is. So, like, recipe of the week or a crossword puzzle or trivia question. Something that's, like, fun, right? Like, think about the newspaper, how it has a crossword in it, right? I would add something like that. I would absolutely be crystal clear about what the value is to them of opening it. And if you want to kind of get initial traction, you could offer some type of prize. Like, oh, if you, you know, everybody that answers the trivia question correctly will be entered to win a 25Amazon gift card. Just. Just something to get it going. Also, don't make it. Make sure your language of the newsletter is the language of the people. You want to read the newsletter, right? So if it's just your end users, don't be talking about next level technical zero days. And, you know, oh, look at IDA versus Gidra, right? Like, hey, click fix. If you see this picture, don't do anything, right, Elliot, Matisse says they can't handle the dairy and garlic naan. Oh, bro, just get, like, an olive oil naan. I don't know. I love garlic naan. I would, I would. Dude, if, like, low key. If there was a zombie apocalypse and I had to live out in the woods, I. I would probably manufacture a blanket out of garlic naan. Because then you can, like, nibble on it. Get a little while also staying warm. How do I get a mentor? I have cysa. I even got into creating my own Linux, but I feel like an idiot here now. Don't. Don't feel like an idiot. That's just imposter syndrome, everybody. You're crushing it, dude. You got CYSA on your own. You got your Linux going. All I would say is you don't sign up for a mentor, like, signing up for, like, a Netflix subscription. There isn't just, like, a line of people who are like, hello, I'm your mentor. Like, let's continue. Like, what I would say here now is go on to the Simply Cyber Discord server. Okay, hold on one second. I'm. I'm putting the link in chat right now. For. For here now go. Go to the Simply Cyber Discord server and either start asking questions or start giving answers based on your experiences, right? And the people who you are talking to. If. If someone's engaging with you, right, Helping you, you're gonna kind of vibe with them and start developing a relationship and, like, mentor. Don't think of mentor as like, a very formal, like, Batman and Robin relationship. It can be very easy. Like, listen, I'll give you a perfect example. I am trying very hard right now to learn a lot about AI. So just last week, I had a call with John V. Simply Cyber Community member, who heard me say, hey, I'm trying to learn. I'm trying to do open claw. I want to run local LLMs. And he sent me some in. In DMS. And I was like, oh, this is cool. Like, I'll check this out. And then it was, like, a little overwhelming, and I said, hey, can I. Can I meet with you just to kind of cut through the noise? He's like, sure. So, like, John is mentoring me on AI stuff, but it's not super formal, and it happened literally the way I'm. I just told you to do it yourself, so I hope that happens. Bruising. Hack says Indian restaurant near my house does goat cheese stuff. Naan. Oh my God, I am so hungry right now. I want to like eat naan for lunch. I want Chinese meal or Indian. Given the choice, I'm doing Indian 100 of the time. I would literally give up Chinese food for the rest of my life if I could have Indian food. Like, if I could just clap, an Indian food would appear in front of me. I would give up Chinese food for the rest of my life. Oh my God. All this food, talking chats making me starve. Rogue Cyber's in the chat. What's up, Brian? All right. Continuing to look at the chat. Oh, all right. So I'm very intrigued by AI into Cyber2, says Christopher IA if you guys didn't know, Simply Cyber releases a produced video every single Sunday at 4pm, which would mean yesterday something dropped. What dropped? Steve McMichaels, agentic AI and GRC, bro. Like, what are we doing here? Look at Steve showing you how to do GRC with AI right here. This is what's up. So if you want to learn some AI and some grc, GRC Mafia, where you at? I'll drop a link to that in chat. Do we have. Here's the thing. It's a blessing and a curse. We have so much freaking content on Simply Cyber that it's hard to tell you guys all about it. I'm gonna say agentic AI and GRC tutorial. Go ahead and get some of that. All right, I think I'm caught up on chat, which is kind of, kind of crazy. Mexican food all the way. Zaga. Mexican food is good. We have a place near us that's pretty dope. Oh my God. All right, so let me ask a question here. Oh my God. Okay, so, all right, so I have a question for chat here and like the. Okay, so I need your help. Okay, I need your help. So we are doing a produced video every Sunday on Simply Cyber. And I've already got the videos all mapped out and, and like scheduled already through mid April. Okay, so the question I'm going to ask you has to do more with like early summer and through the summer. Okay, I, I want to make content that you guys want, right? Like I, you know, like I'm not making these videos to like, oh, I'm gonna become a viral sensation and like buy a 5 million dollar Pokemon card and wear it around my neck. Like I'm trying to help people while also, like, that's my job now. My job is to help you guys obviously, right? So I want to make content that is valuable to all of you. And I'm trying to zero in on that because if you look at. Hold on, let me show you my studio, my dashboard. Okay, look at my dashboard really quickly. Okay. Okay. And yes, it says $1800 for the last 28 days. Okay. 240,000 views, 27,000 watch time hours, 700 subs, which is low. Right? So this is, this is fine. This is fine. But like, what I really want to do, it's okay, it's increasing a little bit. But what I want to know is like, what kind of content do you guys want? Like, do you want. Do you want AI security content all day long? Do you want. And here's what, here's what I'm going to ask you guys. Whatever you want, put it in chat. If you see something that someone else put that you like, echo it in chat. And then I want to run like a poll before we end the show today. Again, if you have questions, ask them and I will answer them. I'm trying to ask the community for some help here too. Okay? So do you want like AI security? Do you want grc? Do you want. Do you want career? Do you want like labs and hands on? Do you want more shorts? Do you guys like the short content? Do you want like a long, like one hour follow, follow along thing? So let me know. I'm trying, I'm. I'm trying to. Good luck, Justin Gold. I'm trying to figure out what people want so I can help you all. That's what I want. I want to make content you want. All right, so again, if you have questions, holler at me and I will answer. Answer what I can. F Maria and colon new to the community via the recording of your desk New Village presentation pivoting out of hostility and disability services into cyber likely grc. Awesome. Welcome to the GRC mafia. We got a ton for you. I would say go To Simply Cyber IO Discord. Join the Discord server. That's definitely step one. We got GRC education for days. Go to Academy SimplyCyber IO. We have free GRC training there. Here, I'm gonna put a link here. There you go. There's a link to the academy. Giddy up on that and thank you for waving hello. Okay, so here. Now that he asked about a mentor earlier. She asked. Persons have been talking a lot in condescending tones. Hey, listen, let me tell you something right now. This is true for anyone. And I don't care if you're 50 years old or you're 18 years old. I don't care if you're just starting or you've been working in industry for 15 years. Like, dude, I've been working for 20 plus years and I still needed to meet with John the other day to get some mentoring. You will be mentored your whole career, your whole life. If someone is being a prick to you or condescending or. Or making you uncomfortable or just being unhelpful or being toxic, you do not have to take put up with that. They are not the only one that can help you. In fact, they're not helping you. They're hurting you. So don't deal with that here. Now. Condescending tones. Next. Be like Ariana Grande. Thank you. Next. Oh, I got a little sassy on that one. All right. All right, so GRC and labs leaning towards AI security. Okay, hold on. Let me get a pen. I got a pen here. Let's do GRC and labs. AI Sec. Okay. Watch the daily brief and your workshops. Kyle. Kyle. Okay. I mean, the daily Cyber Threat brief's not going to change. I mean, that's. That's alive. I'm talking about the produce videos, the VM management course. I know. I should just make like. I'm almost done with it. Log form with the guest speaker is nice. Okay, so we do that every Thursday anyways. Can we have everything? Sure. Practical videos, workshops backed up with GRC MAFIA level controls. All right. All right. It's helpful to have a lot more AI Sec content, but it might be a bit ahead of the curve. AI has been just about the only thing I've searched for on YouTube lately. Okay. Code brew. Hey, Jerry. AI security in course form. And maybe a little capsules of the latest news on the daily AI, etc. Okay, so AI SEC course. Making courses is very hard. Do a series that follow along. So each part is only 20 to 4 minutes. Tyler's good at that kind of thing. So I've tried to do the. This is interesting. I've tried to do the series before where it's like multiple videos and I've kind of had mixed results with that, so. But thank you. Roswell uk need to know scripting fundamentals for people that don't like coding but want to level up. Okay. That's a very specific. That's almost like a specific video, not necessarily like a genre. Need to know scripting vid. Okay, thank you, Ryan. All right. Everything okay. Review current job listings and making sense of what those jobs actually do. Okay. Okay. Review jobs and what they are. All Right. Phil Stafford's got an AI security blog. Love it. AI is such a focus now. I'd love to dig into it more. Okay, Bonnie, me too. That's. That's kind of what I'm doing personally. All right, so Bonnie got the Ariana Grande reference. So hot right now, that Hansel. So hot right now. All right, AI Security and labs, GRC interview questions. Okay. All right. Eek. Garcia is heading out to three feet of frozen water. Cyber security and disability. Is there a space in GRC or cyber focused on accessibility? What challenges exist for going into cyber with folks with disabilities? Okay, okay. A drone talk. Luke, sign up and come talk about drones. All right. More courses for CP's like the ones you already offer in some SIM courses. Okay. Setting up a home lab is always great to start. Okay. Script. Second. They second. Scripting. Okay. Job listing, reviews, getting a A plus. Okay, so let me. Let me run a poll really quickly, All right? What type of produced video content would you watch? Here's the deal. Remember, guys, like, because there's no. And I'm just being real with you guys, because there's no skin in the game for you. Like, please answer this as honestly as you possibly can. What ends up happening a lot of times is I say, like, like, oh, who would like a workshop on AI Security? And everybody's like, I would love a workshop on AI Security. And then I put together a workshop on AI Security. And then nobody comes. You know what I'm saying? So, like, please answer this poll with intent. All right, so AI, AI and AI Security for pros. Okay. Job. Oh, my God. Job listing, breakdown, reviews. Okay. Scripting skills. Python. Okay, and what else people wanted here? I guess one more. Must contain between 1 and 35 characters. Yeah, but why can't I. Why can't I add this thing? All right, whatever. I can only add three options, I suppose. I don't know what the hell. Okay, the last one people wanted was GRC related content. Okay, here we go. And if you don't want any of these. Hold on, hold on. I should have, like, in chat. Just say, I don't like any of these. This is awkward. All right, All right, All right, here we go. Looking at chat. Let's see. People are saying, I'll sign up for an interview. Job listing, reviews plus one. Okay. Content idea. Pre interview event site. Just so everybody knows or doesn't know, I have a whole host of videos on the channel. Like, look at this. Like, I have these, like, GRC interview videos. There's going to be pen testing Ones coming out in March, and I'm going to be doing sock analyst ones, if you didn't know. These videos are basically me asking an interview question of three different skill levels. Right? So here's me asking a question of someone looking to break in. Here's me asking someone who's been working for three years as a grc. Here's me asking the exact same question of someone who's been doing it for 12 years. And I break down the review of their answers and stuff. Okay. All right, so let's look at the. The poll. I've got to run to a meeting. So how do I. Oh, my God. How do I exp. I'm gonna end the poll. I can't even see, like, what. I can't see the freaking answers. AI Is half. Okay, so AI And AI Security and then job listing breakdowns. Okay, well, thank you. I will. And I know that if you didn't like any of these, you didn't have a way to let me know, but. All right, guys, I gotta get out of here. I want to thank all of you for being part of the show, being part of the experience. Shout out to Jenny Housley for Community Member of the Week. Have a great day. Sage the professor. Thanks, everybody, for helping me, you know, with this AI Stuff. I'll probably make a video or a video series on setting up Open Claw. I'm also running Claude Code. I'm also developing skills. I'm also. I'm doing a lot with AI Personally, so I should just show you guys what I'm doing. I'm Jerry from Simply Cyber. Be well, everyone, and we'll see you tomorrow, 8aM Eastern Time. Until next time, stay secure. See.
Host: Dr. Gerald Auger, Ph.D.
Podcast: Simply Cyber Media Group
Date: February 23, 2026
This episode delivers the most important cybersecurity news from February 23, 2026, with expert insights from host Gerald Auger. The show covers the eight biggest stories affecting the cyber industry, emphasizing how security professionals, analysts, and business leaders can use these developments to inform their daily operations and strategies. Throughout, Gerald balances actionable advice with humor and community interaction, providing both depth and accessibility.
[13:08]
[18:45]
[24:04]
[29:08]
[40:57]
[45:16]
[49:42]
[54:30]
Jenny Housley recognized for her invaluable role as Discord moderator and founder of inclusive community channels, especially for women in cybersecurity.
Stay Secure!
Catch the Daily Cyber Threat Brief live every weekday at 8AM ET or on-demand via your favorite podcast platforms.