Loading summary
Transcript23 lines
- [00:01]
A
All right. Good morning, everybody. Welcome to the party on this freezing cold Monday morning, February 2, 2026. Welcome to February, everybody. If you're looking to stay current on the top cyber security news stories of the day, while being entertained and educated from a gaggle of Simply Cyber community members, basically a bunch of cyber professionals, including myself, with 20 plus years of experience going through the top cyber stories of the day, than going beyond the headlines, giving you additional value that you wouldn't get from just doing it on your own. Well, my friend, you've come to the right place because this is Simply Cyber's daily cyber threat brief. I'm your host, Dr. Gerald Oer, coming to you live from the Buffer Oer Flow studio here in Chile, South Carolina. I hope you had a great weekend. We're off and running. Get your coffee, get warm, get a blanket, or get your Snuggie, if that's your jam. Either way, let's get busy. Oh, boy. Steve Young's got 13 degrees, we've got 21 here in the low country. Good morning, everybody. Hey, if today is your first episode, thanks for choosing Simply Cyber, please let us know with a hashtag. First timer. In chat, we have a special sound effect, a special emote, and it's all about good times. If you're dealing with cold pipes, low key, frozen pipes, I can vibe with you, I didn't drip my pipes last night. They're not frozen, but they're certainly not super pumped to be 20° here in the low country. Guys, every episode we go through the top eight stories, right? And because of that, because I'm going with additional insights and value, we, we can qualify that as an instructor led webinar. So what I would love for you to do is give a hashtag. Excuse me, my brain is foggy. I would love for you to understand that you can get half a CPE for this episode. So go ahead and say what's up. In chat, grab a screenshot, divide. Oh, my God. Jerry, grab a screenshot, file it away. Once a year, count up the screenshots, divide by two. Now, remember the. The screenshot, you can include the show title, which includes the episode number and today's date. February 2, 2026, episode 1059 of the Daily Cyber Threat Brief. I'd love for you to get those CPE Space tacos is in the house. Guys, I gotta let you know, I had a little bit of a. A little bit of an accident last night. You'll notice I'm wearing a glove because my, my thumb is completely bandaged. I accidentally used a chef knife and took not a insignificant part of my thumb off last night. So good news is, if you're a nerd like me, my left thumb is actually kind of my least used keyboard finger. So the show will go on. We will, we will rebuild. But yeah, definitely dealing with some very sensitive pain here. Got a cup of coffee. This is instant coffee, by the way. I almost used Team Sippy Cup Space Tacos because I had to get into it because I couldn't pour enough water out of my faucet fast enough to get, you know, a pot of coffee going. But whatever, it's all good. So we got our first timers, we got our CPEs. Oh, the stories we go through. The stories we go through, I don't know what they are. I literally don't know what they are. I had to run my trash can out to the street curb. I don't even know if they're picking up trash today. Oh, city slickers with your city services. So anyways, I don't know what the stories are going to be. Ain't nobody got time for that. And that's fine with that. Let me take a slug off this old coffee. Let's see what happens. Yeah, it was not insignificant. I'm out of my thumb. I'm willing to talk about it at Jawjacking. Thanks Elliot. I appreciate very likely will become a meme. Guys, hey, before we get into it, let me say shout out. And thanks to the stream sponsors, those who enable me to bring this show to you every single day, starting with anti siphon training. Did you know anti siphon training is disrupting the traditional tribe cyber security training industry by offering high quality, cutting edge education to everyone regardless of financial position. Sound off in chat if you're going. Thank you everybody, Space tacos and others for your kind concerns and well wishes. It is, it's nice. Thank you guys. I, it, I, I appreciate it. Yes, it does. Explain the hat, James. Well, and oh listen, just to explain the hat really quickly, if, if you didn't know if I have a hat on, it means I haven't like got ready for the day yet because it's 20 degrees here and Steve Young's probably going to verbally scoff at his phone or monitor right now. Here in the low country, children get a. Children get the E learning day, so. So it's too cold to physically go to school. So E learning digital packets, which basically means the kids got to stay up late last night and sleep in today. So I was kind of getting ready Doing as quietly as possibly could with one hand. All right, guys, hey listen. Anti siphon training, check it out. Go there, check it out. This Wednesday you can learn how to strengthen your M365 exchange online with Kevin Cling. Kevin's gonna take care of you guys. And listen, if you are looking to break into cyber security, understanding how it works, especially cloud, is very, very useful for you. And many Organizations are running M365 and exchange is the email secure, the email gateway. But Microsoft 365 Exchange has built in security capabilities. Right. So if you didn't know how to configure it properly, you'd be kind of out left, left out in the cold. Oh my God. You see what I did there, James? So go check it out. Anti siphon training, every Wednesday they got a webcast. Very exciting stuff. I'm going to drop a link to that in chat. Go check that out. Thank you very much. Also want to say shout out to Flair. What's up Flare Academy. If you go to Simply Cyber IO Flare. Actually, let me do that right now because I think actually Flare doesn't have a training coming up right away. Yeah, so check it out. If you didn't know Flare itself is a cyber threat intelligence platform. That is why they're able to do so many awesome 2 hour webinars on the dark web. Ransomware, threat operators, cryptocurrency markets, all that stuff is because they have analysts who are, you know, deep into the dark web and deep into the CD underbelly of the cyber criminal underground. And they provide all that information and telemetry to you in a wicked awesome portal that you can, you know, basically query on and honestly you can see if your organization has been compromised. It is a perfect, it's a perfect component of an information security programs, threat, threat landscape, threat modeling, threat intelligence program. It's awesome. And you can get two week free trial. So give it a shot, kick the tires on it. Go to Simply Cyber IO Flare. Simply Cyber IO Flare. I would type it in myself, but I've got one hand and it's a bit awkward I guess. I guess I've. I've traveled enough where I'm holding the microphone with one hand so I've had to learn how to type. There we go. Simply Cyber IO Flare. Go check it out as always. Oh boys. All right guys, we're gonna hear from Threat Locker really quick. Then we're gonna get into the news again. I've got a left hand injury and you know what sucks? It was like the big chef knife. I usually, I usually use like the Japanese one that has like the bevels in it and that one was dirty because I had used it to cut some chicken up earlier in the day. So I had the big chef knife. Oh gross. All right, let's hear from Threat Locker and I'm gonna melt your face. I want to give some love to the daily Cyber Threat brief sponsor Threat Locker do zero day exploits and supply chain attacks keep you up at night. Don't worry no more. You can harden your security with Threat Locker. Worldwide companies like JetBlue Trust Threat Locker to secure their data and keep their business operations flying high. Threat Locker takes a deny by default approach to cyber security and provides a full audit of every action allowed or blocked for risk management and compliance. Onboarding and operation is fully supported by their US based Cyber Hero support team. Get a free 30 day trial and learn more about about how Threat Locker can help prevent ransomware and Ensure compliance. Visit threatlocker.com Daily Cyber. All right, I'm eating. I don't even eat donuts. I'm eating a donut right now just cuz I needed something. So I'm eating a donut, drinking instant coffee. I got one hand. February is off and running. What a day. But you know what guys, I tell you all the time and this has, this is truth right here. Straight facts, consistency. It's vitally important. So If I got nine fingers and instant coffee, I'm here at 8am Eastern Time on a weekday to deliver this news to you. Doesn't matter if I showered yet. Doesn't matter if I'm feeling bad or feeling good. It's consistency. You got to show up and do the work. And with that, do me a favor. Rob Cooper, tech grunt, GRC guardrail. Any first timers who are in chat, Hashtag first timer. Do me a favor, sit back, relax and just let the cool sounds of the hot news wash over all of us and you in an awesome wave. I will see you all at the mid roll. From the CISO series. It's yeah. Nobody tell Mad Destroyer I'm drinking instant coffee. I don't even have to.
- [10:40]
B
These are the cyber security headlines for Monday, February 2, 2026. I'm Steve Prentice, Coupang CEO questioned by police regarding data breach probe Harold Rogers was quote reportedly questioned on Friday by police in Seoul who are probing whether the e commerce site destroyed or hid evidence relating to a massive data breach that became public in November, end quote. He is considered a suspect in their investigation into whether coupang obstructed a government inquiry. According to the Korea herald, investigators are also still probing another former coupang employee who they believe played a key role in the data breach. Cyber.
- [11:25]
A
All right, here we go. Excuse me while I eat this donut here. All right, so check it out. This is beginning to make sense. Listen, anytime you see a story and there's something peculiar about it or odd, there's always something under the surface. Okay, this story, if you don't remember, this company had a massive data breach. And this, I believe it was the CEO, maybe the ciso. I think it was the CISO quit. And. And at the time we had said like, oh, you know, you know, eastern cultures, lot of pride, you know, taken, not sepu, but like basically kind of taking the l and, and quitting and all this other stuff. Well, now it seems like there might be more to the surface here that the police investigation into it was disrupted in december. Korean police recovered a smashed laptop from a river which was allegedly tied to bricks in an effort to destroy evidence. Buddy, come on. See police report these side with. Hold on one second. Yeah. All right, so this. There's not much to this story. Hold on, I want to see. This company had a data breach. Breach. Is it CSO quit? Somebody quit. I remember this. Yeah, I was the CEO. See this story December 10, it was just like a month or two ago. CEO resigns after massive data breach. And I was like, oh, this guy's just taking the L for the group. Well, the cur. It says coupang CEO. I almost wonder if it's the one who quit, was trying to get the hell out of there. Hold on one second. What's this guy's name? Park de June. Okay, so this is interesting. The CEO quit and the current CEO, Harold Rogers, is being questioned by police about a massive data breach. All right, so let me. Let me just paint you a picture. Whatever was on the whatever, this may be a self inflicted cyber crime in order to hide evidence of something despicable, which I. As far as I know, this doesn't happen very often. I can't. I can't even think of an example where this has happened. No, I can't. So literally, it would appear police are investigating whether or not the coupang group basically had a problem and then tried to hide it. I'm thinking one of two things is either happening here. One. Well, one of three things, right? If the only thing they have is this laptop in the river with bricks tied to it. First of all, whoever the fool was that did that, my friend, like there. There are There are tools out there. There's tools that'll wipe it. You don't need to physically destroy the device. You can digitally destroy it and no one will know. It's called a wiper, bud. All right? So number two, either somebody messed up that resulted in the data breach and they're trying to basically hide. Like the way that the Mirai botnet original developers posted their code on GitHub in order to hide. It could be that the coupang group was doing something illegal and it was going to get out, so they just decided to go scorched earth and kind of nuke themselves in order to basically hide in the noise and be able to blame anything on a hacker. I don't know. I don't know. What I do know is if you are involved, like, we work in cyber security, if there's a data breach, guys, we're gonna be. We're gonna be involved, okay? If there is a data breach or a cyber attack, believe me, you're gonna be involved, okay? So here's what I have to tell you. Number one, do not try to cover anything up, okay? That's. That's not a. That's not a good look. It typically will not work out for you. Number two, if you do need to wipe stuff, there's software for it. You can. You can. I mean, Jesus. Like, threat actors do it all the time. They encrypt all your stuff. Like, ask Russia. Russia's very good at wipers, right? Ask, what was it? I forget who attacked Saudi Aramco with Shamoon, but that was a massive wiper virus too, so. And then thirdly, just if you're gonna. If you're gonna physically destroy a laptop or whatever, dude, like, take a drill and drill through the hard drive, or take, like, Korea is on the coast of the ocean, like, take it out to sea and drop it, throw it in a river. And the fact that someone found it. What? I don't know how deep the river was, but anyways, this is just kind of like, this story has nothing to do with me and you from a day, day in, day out, capacity of cyber security, but this sounds like, like, really, really somebody making stupid choices. Personally, I'd like to subscribe and hit the bell for notifications on all future coupang law enforcement investigations, because it sounds. It's not funny, but it is hilarious. Regulators.
- [17:05]
B
Attack on large Russian bread factory disrupts deliveries this attack occurred in Russia's Vladimir region, 120 miles east of Moscow and has disrupted food deliveries. According to local media, the Vladimir bread Factory is one of the region's largest bakeries, and the attack disabled the office computers, servers, electronic document management tools, and the widely used 1C enterprise accounting system. Production of the bread products was not affected. However, delivery and logistics were. No group has been identified or has taken responsibility.
- [17:40]
A
All right, so check it out. I just googled the weather in Vladimir region, Russia. Right now it's negative 2 degrees. So if you live in the UP or the Michigan, Michigan, Minnesota, North Dakota region, you know, Russia's got nothing on you, bruh. So, dude, here's the deal. Typically, and we're gonna go a little bit like, gather around. Oh, my God. Roswell uk. Sounds like the bread factory's toast. Listen, here's the reality of this. Here in the low country, people don't know how to deal with like blizzards and cold and snow and ice and everything like that. So I'm from. I'm from New England originally. Like Boston, if you can't tell by my edgy attitude and my pension. For good professional sports, you go to the grocery store and it's like water, bread, produce. It looked like, you know, the end of days was coming. Or like the opening scene from World War Z where people are just like clearing shelves. If this is the largest bread producer in Russia and they've been hit, which is causing disruption because at the end of the day, guys, a bread factory, it's just that is manufacturing. They are producing a product at scale and it's, it's a, it's a manufacturing gig. So this could lead to food disruptions. Not today. Right, because all the food that's on the shelves is still there. But you know, this could have negative consequences for the, for the people of this region. Of course, it's just bread. So like, you can ship it in from other places or you can eat other things. Right? But. But this isn't good. I do want to point out it is unusual to see Russian businesses getting slammed with ransomware, typically. And this comes from my attendance of the Flare Academy's syndicate ransomware operator Day in the Life webinar I attended last week. Typically, these threat actors are deliberately not targeting Russian based businesses effectively. They don't poop where they sleep. You know what I'm saying? So whoever did this, we'll see. It sounds like a ransomware attack. Not confirmed, of course, but it sounds like one. Oh, my God. Oh, my God. Okay, somehow, Somehow Dan Reardon has already produced a injured thumb meme. This guy, he's out of control. Sounds like a ransomware attack on your manufacturing Business. What's. Yeah, well, you need to know. What you need to know is protect yourself from ransomware attacks. If you work in a business that is manufacturing. I don't care if you're Jaguar Land Rover and you're manufacturing automobiles. They just suffered a massive, very, very expensive cyber attack. I don't care if you're a Russian bread factory, right, or anything in between. Somewhere there's a manufacturing company that makes the, the whip line for weed whackers. Somewhere there's a manufacturing place that produces Adidas sandals. Doesn't matter what you're making, it's a manufacturing company and they are a top target by ransomware threat actors for ransomware attack. So all of us here, please do the best you can with the resources you have. Tabletop exercises, end user awareness training. Make sure that you're doing your backups and make sure you're validating your backups. It's the start of a new month. I personally have to go get, I have a, a nas, but once a month I go into my house, into my safe, I, I get this big fat external hard drive, I plug it back in, in the back of my nas and I do a data dump, right? I take, I take a, I take a physical backup. Off site, quote, unquote, off site now of Lava comes through Charleston, you know, we're screwed. But I got bigger problems if Lava comes through Charleston. All right, guys.
- [22:02]
B
Real estate agents in Australia use apps that leave lease documents at risk. According to a researcher who spoke to the Guardian. Australia under conditions of anonymity, the platforms used by real estate agents in that country to upload documentation regarding renters and landlords are leaving people's personal information exposed in hyperlinks accessible online, end quote. This was proven by follow up research performed by the Guardian. The exposed data includes lease agreements, identification documents, pay slips, and personal references. The researcher also showed that these links can be scanned by web crawlers and then cached.
- [22:44]
A
Yep, cached. Not cash. Cached say with me cash. Not cash. Straight cash, homie. Straight cash, homie. Oh, man, Randy Moss, talking about your cached files on your computer. All right, so guys, check it out. This is probably a vibe coded app, right? Australia. Hey, here it is again. Like, again, Anytime Australia comes up like this, I want to just. I, I hate, I hate that I feel this way, but I'm being real with you guys. Exactly. Code Brew. I. I want to be real with you guys. Like anytime I see this, it's not. I feel bad for the people whose data is being compromised. I Feel for the software company that wrote this code that did a crap, a crap job of thinking through cyber security. But what I really want to do is take the Australian federal government's face and just mush it in here. Just like mush it in here. And, and you might be like, Jerry, that doesn't sound very nice. You, you're supposed to be a nice guy. I, I am. But a couple years ago Australia suffered like a massive cyber attack and then another massive cyber attack on their telecommunications group and then on their healthcare group. And as a ridiculous knee jerk reaction, the federal government, Australia passed like an immediate law saying if you get hit with a cyber attack, you're going to get fined basically to oblivion. And at the time I was like, this is the most tone deaf, uninformed, like, like just inappropriate reaction to this. And believe me, I, I call you to the carpet Australia when this happens. I want to see you actually find people. Otherwise it's just, you're just like a blowhard walking around peacock and like your magic from that or mystery. That weirdo who was like teaching guys how to pick up women on TV like a couple years that, that might even be a 90s show is this ridiculous thing, the pickup artist. Anyways, so this software company, let's see if they get like, let's see if they get hit with this software, I mean with this data fine thing that Australia passed a few years ago. Now here's what I want to tell you. If you, if you live in Australia, you're probably watching this on replay, okay? So you know, obviously this is somewhat interesting. If you work in, the thing is if you work in real estate in Australia, your data could be compromised. But the problem is it's not, it's not you, it's them, it's the software platform. It's definitely some cloud based, cloud based SaaS app being used. So your only options are to pull out of the, of this SaaS application and put your data somewhere else. Doesn't change that your information has, could be compromised. Okay, now another thing I want to point out here, and this is a great opportunity for everybody, there's two things here. Again, I like to go beyond the headlines for you guys. There's two things here. Number one, If you are a cyber security professional at a, you know, software company, a tech company, any of these companies that's making SaaS apps or with AI or whatever, and there's a ton of them guys, okay, You have to do testing, software testing or work with the developers to at least put in some you know, fundamental hygiene, cyber hygiene, cyber best practices. And, and yes, and, and this is not an option. Okay? And in full disclosure, I'm co co owner, co whatever of a penetration testing company, Cairo sec. So for full disclosure, okay, but if you're a software company with a web based application, you have to, you have to get a pen test done of it because you can have all the, hey you guys, you developers, you should do these things. And the developers could say okay, we're going to do those things and you could look at code and stuff like that. But a pen tester will really stress your web application and look for all the things. Right? I, I can't emphasize enough how valuable a pen test is. And think about it like honestly guys, like a pen test of a web app, it's like 15 grand, 18 grand, 20 grand, right? Which like if I asked, if I asked easy does it for $20,000 right now that's kind of ridiculous but for a business that is selling a piece of software, it's, it's just the cost of doing business. And you avoid this, this situation because again I don't know what kind of fine this Australian group is going to get, if any, but it's not good. Okay, hold on. Australia. Federal. Oh my God. Dude. Federal law, cyber breach fines. Look it 11-3-2025. Okay, here we go. They did their first fine. Of course they don't have the value in here. Yeah. Okay, so they passed this law in 2022. And the, there's, they have different tiers of violation but the, the lowest tier, right, the, the, the like the basic tier, like the first level, $330,000 for corporations, 66,000 for individuals. So according to this, this company should be getting a minimum of three hundred and thirty thousand dollar fine. A minimum I want to just point out really quickly that can buy you 15 years worth of pen tests. Just saying simple math here. The other thing I want to point out guys is that if you are a security researcher, right? This is a perfect example of like you know, this is today all the easy, easy finds, all the work hasn't been picked clean. Like this is, this is an example, it's right out there. And I want to point out one other like bonus story that's directly tied to this to, to encourage people not to shy away from doing you know, security research because there's a ton of it out there. It's awesome. There was a like AI kid toy research, cyber. Oh my God. This was just in the news just yesterday. Yeah, look at this. I'LL leave this story for everybody. I heard this story yesterday. This is insane. Basically. Is there a picture of it? No, you don't have it. Basically there was this AI toy. It's basically a squishy. You give it to your kid and it's AI enabled, designed for like one to five year olds. And if you go to the dashboard, like, basically if you just look at what the AI is talking to and you could log into the dashboard, the admin panel with any Google account, any Google account would log in. And essentially this thing was just like an interface for little children to an AI bot. And it was capturing everything, all the conversations, all the things, all the things, all the data, all the things. It was pretty messed up, dude. Like this story, I, I like, I don't normally demand this of anyone, but this story, you absolutely should dig into. I, I heard it over the weekend. This was like messed up, honestly. But my point is these opportunities are out there. Don't sleep on them. Especially with vibe coded sloppy stuff, SaaS, apps. There's going to be a ton of opportunity.
- [31:27]
B
Microsoft to disable NTLM by default in Future Windows releases. NTLM, short for New Technology LAN Manager, is a 30 year old challenge response authentication protocol that was introduced in 1993 with Windows NT 3.1 and followed on as a successor to the LAN Manager protocol. It has now been superseded by Kerberos, which remains the default protocol for domain connected devices running Windows 2000 or later. NTLM is still used as a fallback authentication, although it uses weak cryptography and has been widely exploited in NTLM relay attacks and bypass the hash attacks. The retirement of ntlm, a part of Microsoft's push towards passwordless phishing resistant authentication methods, will occur in phases throughout 2026.
- [32:22]
A
All right, so dude, if there is one company that absolutely you can never accuse of like surprising you with something, it's Microsoft. And please, let's just pretend that the rollout of Total Recall, I think that's what they called it, right? What was that stupid thing? Was it just recall? Maybe it was just recall the, the, the rollout of that recall function and then the, the, you know, the Texas two step, you know, walk back that they did of that thing. That's, that's a, that's a, that was a anomaly for the most part. Microsoft will give you years notice. Hey, we're going to be getting rid of this thing in five years. Start thinking about it. Hey, two years. Think about it. Hey, it's next week. Hey, it's today. Hey, it was yesterday, right? Here we go. This is a live looking at Microsoft letting you know that NTLM is going to be going away. There we go. Yeah. Hey. All right, NTLM done, guys. NTLM has been used and weaponized by pen testers and criminals for years past the hash it. It's a 30 year old technology guys, anytime. Anytime there's anything 30 years old in I T, chances are there have been significant advances in research and technique around circumventing, bypassing, exploiting, compromising any of those things. That's why, that's why when we saw if. Hey, if you're a first timer, welcome to the party. What I'm about to tell you, you wouldn't, you wouldn't know, but if you're a regular, you'll remember this like two weeks ago I, I like red hulked out on the increased usage of telnet for some reason. Remember? Because I said port 80 and everybody kind of dumped on me at port 23. This is the same thing, dude. NTLM, it was great. It was great for when it was. But guess what, and correct me if I'm wrong, it didn't Kerberos, like, isn't Kerberos like the successor to this thing? Kerberos isn't like perfect either, right? Tim Medine's Kerber Roasting. So here's the thing. It says. Wait, hold on, I'm sorry, I'm reading the wrong story. Disable it by default. It'll still be there. Okay, so it can still be enabled. A threat actor could still turn it on and then weaponize it somehow. So this isn't perfect, but you know, it is, it is something. If anyone in chat has abused ntlm, let me know in chat. That's definitely one of those like classic protocols to attack. I personally haven't. I, I. As far as the pen testing company goes, I help manage it and I help market it and I represent the CSO when we're on the calls, which basically means I use an Apple, I use Apple products and, and when there's a technical question, I'm like, let, let me see if, let me see if Tyler's available. Okay, I'm, I'm making fun of myself. All right, so anyways, TLDR NTLM is or too long didn't read ntlm, the new technology land manager. Lol. Should be. OTLM is going away.
- [36:03]
B
Huge thanks to our sponsor, Strike 48. Strike 48 is the agentic log intelligence platform that actually puts AI agents to work, maximizing log visibility without blowing your budget. Find the threats that your silo tools miss get started today with pre built AI agents and workflows that investigate, detect and respond 24. 7 or build your own at strike48.com security that's strike S T R I K E the numbers 48.com security all.
- [36:44]
A
Right, it is a new day. I, I am, I'm on the struggle bus this morning with this like thumb injury for those who showed up late. I cut the tip of my thumb off yesterday with a, a chef knife. I was going, you know, I do a lot of cooking. I enjoy cooking. Yes, thank you. I so that's it. But I think, I think we need to do this today. Alpha Sierra. Yep. It's just one of those days, y'. All. It's just one of those days. I, I need it, I need it today. I'm on instant coffee. I ate a donut which is like totally outside my, you know, diet normally. Not because I'm like trying to stay lean or something. It's just I don't eat sweets really. All right guys. Hey, holla, holla, holla guys. Welcome to the mid roll. Thank you all so very much for being here. I want to say thanks to the stream sponsors, Threat Locker, Anti siphon Flare and new sponsor. I've been working with these guys for a minute. Material Security. Go to Simply Cyber IO Material help support the channel. If you want to help support Simply Cyber, it's very easy. Just click on the link I dropped in chat and help help support the channel. So listen really quick guys. You could stop email attacks, protect sensitive data and simplify your SecOps. Very easy. All right. Because managing security in the cloud is hard, right? I have Google Workspace. You might have Office365. Phishing is far from the only way. But today's email security stops at the perimeter. And new attacks are hard to detect with siloed email data and identity security tools. But material security, they can hook you up. Your. Excuse me, Your Google Workspace, your Microsoft 365 workspace. They're equal opportunity. I even took their free like configuration survey. I shared that on social media last month and it gave me value. It was pretty cool. Material delivers comprehensive workspace security by correlating signals and driving automated remediation across the environment. Like phishing protection to include email security detection and protection of sensitive data across inboxes. Right. People send in stuff they shouldn't be an account. Threat detection and response with comprehensive control over access and authentication of people. And the best part, third party apps. Material enables organizations to scale security without scaling their team so economies of scale. Mad value Material drives operational efficiency with simple API based implementation and flexible automated one click remediation. Guys, go to Simply Cyber IO Material to check it out. Dude, there's no reason to make it hard. Securing your Office365 or Google Workspace. Simple as that. Thank you material guys. Every single day of the week has a special segment. And Mondays is Simply Cyber Community Member of the week. Simply Cyber Community Member of the Week. Honestly, I, I was, I cut my thumb off. It's. It's been, it's been a bit. Okay, you know, you know who I want to recognize here? Hold on one second. I'm gonna do this in real time. Oh my God, my hand. Rhonda Rummerfield. Good to see you Rhonda. Guys, listen, Rhonda Rummafield's been a longtime member of the Siblings, our community. She's right there in chat right now. So kind saying hi to Devin Grady before she even knew she was gonna get selected. She also like anytime a opportunity, like a job opportunity presents itself, Rhonda is quick to share it with the Simply Cyber community. She has visibility over I'm not saying she's the hiring manager, but she has visibility over openings that are coming within information security, within the space that she works. And she's always quick to share it with Simply Cyber Community members and try to help find great talent, get placed with a great job. And I just love it. It's such a, it's such a kind hearted thing. I've known Rhonda for several years. She's great. Ladies and gentlemen, Rhonda Rummerfield, your Simply Cyber Community member of the week. And Rhonda, if you'd like, you can lead us off with the LA LA la la. But Alpha, Sierra and Marcus are going to do.
- [41:35]
B
La.
- [42:00]
A
All right.
- [42:06]
B
Microsoft links Windows 11 boot failures to failed December 2025 update following up on a story we covered last Monday, the Windows 11 boot failures that had been reported following the January 2026 updates are now being attributed by Microsoft to quote previously failed attempts to install the December 2025 security update which which left systems in an improper state, end quote. The boot failures were first reported after having installed the January 2026 patch. Tuesday cumulative update resulting in a stop error of unmountable boot volume code. Microsoft said it is still working on a fix.
- [42:47]
A
Oh yeah, the classic unbootable boot volume mode code. I'm joking. This blue screen to death I've never seen before. But listen, hard drives get mounted, right? Kind of like Billy Bass over your Fireplace Billy bass. That's a 90s reference string. You don't want to see this. This, basically, it's suggesting that, like, your hard drive isn't being mounted to the operating. The operating system's not mounting your hard drive, which is last time I checked. Yep, yep. Not good, right? You don't want that. I'm not quite sure how you back out of this. You can roll it back, but then your machine's in an improper state. Guys, here's the deal. I haven't said this in a minute. What's up, Ross? Black blood? Listen, I haven't said this in a minute, but this is absolutely 100% what you need to do, okay? When you are doing vulnerability management. When you're doing vulnerability management, right? And for those who have been doing vulnerability management for more than a year, this. You're probably like shuddering thinking about this. There is a proper way to do vulnerability management. You don't just hit, patch all the things and then go grab a cup of coffee, put on some simple minds, and be like, you know what? I did my job today. I'm gonna go tune up this commander Deck. No, no, no, no. We're not all Zach Hill. We don't all get to just kick it, right? When you do vulnerability management and you're rolling patches out, you have to be careful because a patch can break a mission critical application, it can break your environment, it can lead to operational downtime. Okay? So the proper way to do vulnerability management is, is to, first of all, like this Windows 11 patch comes out for December 2025. Patch, patch. Like, basically some of the IT team should patch their machines first, right? I mean, if you're really super sensitive, patch, like a special machine that's just kind of the, you know, the machine that you're supposed to like, that looks like a normal endpoint patch that make sure nothing breaks. But for the most part, you can patch the IT team because IT people can fix their own computer then. Have you. If you, if you got a mature program, you can reach out to like security champions, AKA people that are in different departments that have agreed to work with cyber security in order to be like basically canaries and, and, and apply the patches to their machines first. Because this could, this could break a, like, accounting piece of software. This could break some type of CAD software that the engineering team uses, right? So get them to patch their machines so you don't impact all of engineering or all of accounting, right? And once that's good to go, then you can apply the patches to everybody's computer and move forward. And then of course you're, you're only going to get 80% because you got people who are like out of the office machines that don't take the patch, a computer that for some reason everything looks fine but it's not working, etc. Etc. Right? Otherwise, if you take the, the lazy button and you hit yolo, you can have, you can have a really, a really crappy situation on your hands, okay? And by the way, I know it's a joke, but like, if you are young in your career, right, you could be, you could be older, you could be a gray, gray beard, right? You could know what Tamagotchis are and still be young in your career in cyber security. You may not think twice about it, but listen to me. Do not apply patches on Friday. That's not the day to do it. Sometimes you have to do it on a maintenance window Saturday night because you know, you can't have down time during the day. But don't, don't, don't make, don't make big changes in your environment on Friday unless you don't have weekend plans because believe me, you're gonna, you're gonna have weekend plans at some point. Yep. Yep. Oh, also, I've got an idea for Wednesdays. By the way, I'm cutting out Worldwide Wednesday. I was thinking about it over the weekend. Space tacos, I think I gotta ask me at Jawjack and I think I got an idea.
- [47:21]
B
Ex Google engineer convicted of stealing AI secrets. Following up on a story we covered in March 2024, a former Google engineer who had been accused of stealing thousands of the company's confidential documents to build a startup in China, has now been convicted in the U.S. according to a Department of justice announcement on Thursday, Lin Wei Ding, also known as Lian Ding, 38, was convicted by a federal jury on seven counts of economic espionage and. And seven counts of theft of trade secrets for stealing more than 2,000 documents dealing with Google's AI technology research. Ding now faces a maximum sentence of 10 years in prison for each count of theft of trade secrets and 15 years in prison for each count of economic espionage.
- [48:18]
A
All right, guys, listen. AI is so hot that Hansel's so hot right now. And Google is one of the, let me check really quickly, five wealthiest companies in the world, and guess what? They have a ton of money in AI. You may have heard of Gemini. Do you remember when they called it Bard? Like that was, that was quite the wet fart. But like, listen, Gemini, you don't think that they're gonna have unbelievable controls around that data. Leon, this guy's got like dude, espionage secrets. This, listen 100% of the time. This is where you actually need like DLP controls and insider threat tech and all this. Okay, so this guy got held accountable. If you saw the Netflix series Super Pumped, they did feature Google in there and how some guy tried to steal self driving technology to bring it to Uber and he got in trouble. Dude, Google invented search. You don't think they can search their own logs and network for theft, broseph. Anyways, this guy's going to jail. Now what can we do for this? Okay, here is the reality. If you are, if you're a manufacturing company or you're even whatever, simply cyber, right? I, I don't really need to invest in insider threat or DLP A because of the employee count here is very small. But, but for the most part, like you, you don't really need to be worried about that. But, but if you have innovative technology, if you're a first market mover, if you work at an organization like that, you absolutely should be having some type of controls in place to prevent insider threat. So what would this look like? Yes, you can have data loss prevention, DLP technology. Dlp. I know DLP works and I've got a couple like you know, fervent members of simply Cyber community that are like all in on DLP and all the righteous virtues of dlp. But every time I have ever used DLP in my life, it has not worked out very well. Typically it works great, like too good. It stops everything from going, it impedes business. So then the business is like, bro, can you like let this thing slide a bit? And then you like put in all these exceptions and by, you know, By Friday at 4:30, you basically have a pass through device. Okay, so there are things though, like if you use proper access management, right? If you don't, if you really, really do proper access management, right, you can make sure that you know, this guy right here for example, only has access to the things he needs to and, and say he is working on AI and he does have to have access to this, that's fine. But then you can also have detections in place. Get, get with your sock engineer, get with your sock team or your detection engineers, your Hayden Covington and your Wade Wells of the world and put in detections where, hey listen, if, if this guy's account is exfilling gigabytes of data, that's a flag. What is he, what is, where is it going? What's he doing with it? Check an email. If they're emailing their own personal email accounts with attachments that are large in file size, that's a problem, right? There's all sorts of, There's all sorts of ways to detect it. Okay. Also, I just, you know, if you really want to get after it, right, Like Tesla, Tesla and Tesla battery, they are a. They've got great tech, right? Self driving cars, battery quick charges and stuff like that. You know, people would be wanting to get after that. So just remember, if you work at a company that has some type of innovative tech, not a vibe coded sassy app, but like some kind of tech, you gotta protect it or this will happen. Okay? This will happen. I will just call your attention to. The abandoned Russian space program, right? You may notice that the Russian spacecraft looks a lot like, I don't know, the U.S. spacecraft. Now this is the Challenger series or not Challenger, the. I don't even remember what they called this series, but the Challenger was just like this one. So like don't come after me when, when I say that. Like this, this level of espionage happens all the time. Okay, I got another one for you really quickly. If you're, if you're following along, It's hard to type with. Oh, here we go. What is this? Tesla and Rivian is settling their battery tech theft lawsuit. Huh? It's like one of them stole the battery tech from the other one. Allegedly. Huh? Huh? Okay guys, don't sleep on this. If you are work at a company like this, you should sound the alarm and use these two stories as examples.
- [54:10]
B
More Oregon residents find out health data was stolen in Trizeto breach. The November 2024 hack on the insurance verification provider Trizeto Provider Solutions allowed intruders to pour through protected health information and other sensitive personal information belonging to hundreds of thousands of patients and insurance policyholders. Trizetto quote, did not discover the presence of the thieves on the network for nearly a year. End quote. NSA candidate Rudd.
- [54:40]
A
All right, so if you live in Oregon, I think a couple simply cyber community members live in Oregon. At least one of them. She's in chat right now, I believe. Hey guys, at wading through logs. Welcome to the party, pal. Welcome to the party, pal. Yes. All right. Parent company Cognizant hit with multiple lawsuits. I think this is a health care company. Someone hacked the insurance verification provider and gained access to a ton of healthcare information back in November of 2024. These people had no idea for a year that they were compromised. That is pretty gross, dude. All right, so in the United States, hipaa, despite it being very, it's not toothless but it's pretty, it's pretty weak sauce as far as like enforcement goes. But in the United States, hipaa, the Health Insurance Protection and Portability Act. I might be getting the P's backwards but it, it's designed to allow US citizens to be able to share their health care information with people that make sense, but there's also fines associated with it if you're a business that is covered, covered entity and you suffer a breach greater than 500 records. So of course this TRO breach is going to result in several notifications to be made. And you know, it sucks is this is a third party app that healthc care providers use. Right. So if you're a small healthcare provider, you're obviously going to outsource a lot of your tech stack to SaaS apps and stuff instead of building it in house. So each one of those businesses are going to have to notify you. So you can see, you know, Deshoit, Deschutes county has to notify 13 people. Lapine 1200 best care 1650. So I think that they are.
- [56:54]
B
I.
- [56:54]
A
Think they're being sued. Yep, multiple class action lawsuits basically. Unfortunately, for better or worse, this happens. Okay. I, I'm a business that now has to pay money out for, for you know, data breach notifications and service and stuff that maybe I have reputational damage because people are like, oh you like I have to send a letter saying that, you know, your data was involved in a data breach. But it's not my fault. I did nothing wrong. It's this TRO company. So I'm going to sue them to be made whole. Simple as that. Okay. There is, there is actually court precedent set here. Clorox sued Cognizant for $380 million. So I'm sure that this class action lawsuit is going to point to that as precedence. I don't know. Wade Wells is in chat. Wade, let me ask you this. And, and all the blue teamers in chat in 2026 having a threat actor on your network for over a year, it does seem excessive. Like back in the early 2000 teens, like 2010, 2012, like someone could be on your network for a while and it, it was like not acceptable but like it was understood that could happen in 2026. I just, I don't see that as like being okay unless you have absolutely trash information security in place. When was the oh my God, Athena data breach? Was it Athena? There was a massive healthcare data breach Was it Anthem? Maybe it's Anthem. Yeah. So anthem data breach, February 4, 2015. That was a massive, massive data breach. The target data breach was 2013, right? So I'm telling you, the early 2000 teens was like where hit the fan. And like me, you, Wade, that's where like the budget for our jobs got carved out and designed. So anyways, if you work in healthcare or again, you know what, dude, this is like another SaaS app that's getting punched in the mouth and it's leading to problems. Like the lesson of today, y', all, if you are running, if you work for a company that runs SaaS apps, you really got to get in front of it. Pen test your apps.
- [59:26]
B
Defends foreign spying law. Army Lt. Gen. Joshua Rudd has spoken in favor of Section 702 of the Foreign Intelligence Surveillance Act. FISA or FISA, which is weeks away from expiring if no action is taken by Congress. FISA gives spy agencies broad authority to collect communications from US technology firms to hunt for national security threats living overseas, but also scoops up an unknown amount of Americans communications without a warrant, end quote. This is a divisive issue within the highest levels of the U.S. government.
- [60:02]
A
All right, lieutenant general is a three star general. There's probably, you know, a handful of those in the world as, as you know, in the army. So obviously a very high ranking position. And we're talking about spying on foreign powers. Now, I don't know why this is. They're talking about this. I feel like we've been doing this since the cold. I mean spying on foreign adversaries is like, that's what we do. That's what first world powers do. They spy on other first world powers. All right. FISA gives spy agencies broad authority to collect comms from US tech firms to hunt for national security threats living overseas, but also scoops up an unknown amount of Americans comms without a warrant. Yes. So the tricky thing with this is it can lead to spying on US citizens, which is not something that anybody likes at all. So anyways, the deal here is they're discussing whether or not to continue, is my understanding, continue spying on foreign adversaries, which I think, honestly I think it's critical for, I don't want to say the success, but for the maintenance of maintaining national security. The problem is obviously that anytime, anytime you introduce spying capabilities, it's just a technology that can be weaponized, Right? I say, I've said it a million times, right. A handgun can protect you or it can be used to commit a A felony. Right. It's all in the attitude. So spying on adversaries, it's great. Oh yeah, look, we, we found out that, you know, Nicholas Cage is. Or Nicholas Cage. We found out that, yeah, Nicholas Cage in the Lord of War, like gun smuggling or whatever it's going to be. He's going to be at this place at this time because we use spying tools to find out, oh, it looks like Russia is going to invade Ukraine. Let's, let's move things, right? Like that kind of spin on why it's okay. No one's going to argue with. Right. You can find child predators, right? Oh, this is great. But then you can use that same capability to find and discover things that are not okay. Right? Like we see this all the time with like local law enforcement. Right? Oh, my ex wife has started dating again. We'll find out what this guy's all about. Or I'm really into this woman and she's like rebuffed my advances, so I'm gonna spy on her. You know what I mean? Like, it's, it's, it's not, it's, it's, it's all in the hands of the, of the person. So to me, like you, what you need is you need oversight. Make sure the people who are using the tools are being held accountable by those who are kind of at least somewhat independent of the outcome of those tools. All right. All right, let's keep. I think that's it. Oh, 9:05. I went a little over. All right, that's going to do it for today's show. But don't go anywhere because we got Jawjacking coming up. Jaw Jack and. Oh yeah, I do want to call everybody's attention to two things. One, I released a video over the weekend. I've been releasing videos on Sunday at 4:00pm Eastern Time. 4:00pm I'd love for you to go check this out. This is a paid promotion, but I was paid to make this video. But it's, it's, it's all about this free GitHub application that is incredibly powerful. So if you want to do data masking, data redaction, tokenization, basically data level security, synthetic data generation. If you want to do any of that and you have not been able to because of budget, usually tokenization and stuff is reserved for like Equifax or Oracle or Fortune 100 companies. This company Protegrity released a, like a, an AI developer edition and I made this whole video about it. I show you how to install it. This. Hey, for all Those who dunk on me for being GRC and not technical. This video is a technical video. I show you how to spin up Docker, pull down the Protegrity AI Developer edition, and then use it on data sets. And then I explain how you can use it at work today to be a superhero at work. So go ahead, please, check that out. All right? Plus, I have really enjoyed making these videos, guys. I've really enjoyed making produced videos again. Yeah, look at this sick thumbnail. All right, guys, please go check that out. Otherwise, don't go anywhere. Cuz me and 9/10 of my hand are gonna go to Jawjacking. I'm Jerry, your chat. Till next time. Stay secure. Hold on. Ever wonder what it takes to break into cyber security? Join us every weekday for Jawjacking, where industry experts answer your burning questions about the cyber security field live, unfiltered, and totally free. Let's level up together. It's time for some jawjacking foreign. Hey, what's up, everybody? How are you? I'm Jerry Guy, your host. I don't know if we have any first timers in here. I don't know if we have any first timers in here, but if you're a first timer, welcome to the party, pal. Welcome to the party, pal. My name is Jerry Guy. I'm your host for the next 30 minutes, and basically, I'm all about good times. If that nerd, Dr. Gerald Ozier, is all about business, the Jerry guy is all about good times. I'm the party in the back. I am the mullet of the haircut. Welcome to the party. I am going to answer all your questions as best I can. Drop them in chat, put a Q in the front, and I will do everything I can to get you sorted out as quickly as possible. Marcus Cantor. Welcome to the party, pal. Zach Hill. Welcome to the party, pal. I love it. Can we welcome Marcus Cantor? Seems like a legitimate first timer. There we go. I am nervous to take off this bandage. Hey, you know what we're going to do? I think I can do this. Ladies and gentlemen, you always want to stick around for yes. You always want to stick around for Jawjacking, because you never know what you're going to get. You know what I'm going to give right now? Five gifted subs. Jerry. Guys. Throwing gifted subs. If you got a. If you got a gifted sub in here, pick it up, throw it down, rub it, spin it, shake it, whatever. Mr. The Hulk. Mr. The Hulk. First timer. Welcome to the party. Mr. Hulk. Looks like Galaxy and Six. Got one of these things. Ernet. 100, Yetzi. All right, guys, how much snow did you get? We got three fifths of one inch. My kids loved it, though. Steve Young. So thank you for asking. Let me see if I can get chat going here, bro. All right, here we go. Put your questions in chat with a queue and I will put them on screen. Dude, my thumb is starting to hurt. I will tell you, I. I was in a lot of pain last night, so I did medicate like an adult. Nathan, Allison, how would you bring up the need for pen testing in an organization that works in the OST space on the grid? Oh, Nathan, Allison, great question. There is two things that I would do. Number one. Well, three things I would do. Okay, Number one, there have been numerous stories of OT cyber attacks. Just Russia attacks. Ukraine takes out their electrical grid. Russia tried attacking Poland like two weeks ago to take out their power grid. What else? Volt Typhoon. Look up Volt Typhoon, China, next level, attacking energy companies. I don't know what, what space and OT you're on, but basically you've got numerous examples of cyber attacks and the impact. So what I would do is I would, I would, you know, get a collection of those things together. Okay? Number two, You can just educate on the value of a pen test. Like, so the two things I'm talking about right now is where you're going to put together a proposal and justify it. Hey, here is the value of a pen test. Here is the risk of getting compromised and not having access to these things. Also kind of a low key, sleepy power move that I would do, okay? And you have to choose your own adventure. But this is what I would do. I would start seeding this with your, with your management, okay? So don't just come out and be like, we need a pen test. What I would do is I personally, I like doing, I like doing weekly quick hit cyber awareness training, right? So, like, one interesting thing, like, here's what MFA is, here's what a password vault is. Hey, like, here's whatever, right? So what I would start doing is sending like my one message. I would make it around OT compromises and I would just say, hey, you know, like, hey, everybody. Like, you know, Russia attacked Poland's OT recently, and Poland was able to defend it. But this just reminds us that we need to be vigilant, See something, say something, right? Like just kind of like make it more common as far as, like, awareness goes, right? Because if by doing that, when you go talk to management and ask him for some Money for a pen test. They, like, you're not dumping a whole bunch of, like, case study on them. They're already been seated. They already think it's a problem. They already know this is an issue. Right. That's just kind of a. That's a long play. Space tacos. Hey, Jerry, what were you going to share with us in Jawjack? I was super intrigued to hear. Only I can't remember what it was about. Me too. Space Tacos. I forget. Damn it. Sorry. Space Tacos. If anyone remembers what I was teasing at the beginning of the show, and I said, let's do it at Jawjacking, please remind me. Code Brew is usually pretty good about remembering those things. No, you don't get to see the flesh wound. It's pretty gross, dude. Oh, what's Wednesday gonna be? I think this was what it was. Space Tacos. So here's what I was thinking for Wednesday. So it. I'm slowly moving away from copyrighted music. All right, so Daft Punk around the World is obviously copyrighted. And Simple Minds, don't you forget about Me, which we played at the mid roll today. I. I've got a soft spot for that song, so sometimes I slip and play it. But here's what I was thinking for Wednesday. You tell me. This is probably going to get me in trouble as well. Okay, hold on. I'm. I'm pulling something up. All right, you tell me all. So what I was thinking was Wednesdays would be like. Wednesdays would be like, I love the 80s, 1983. Basically, I will pick something, you know, per episode and bring it up. Like, you know, I like. I guess. What. What would be like, I love the 80s, 1983, right? And then. Hold on one second. And then it would be like, I don't like Garbage Pail Kids. Right? I'm trying to type with one hand, like Garbage Pail Kids. I'd be like, I love the 80s Garbage Pail Kids. This. I remember these things, dude. I would, like, go to the flea market and buy these. My older brother had them first. They're awesome. And this is basically like a counterculture to Cabbage Patch Kids, which was another thing. They were gross. Little boys loved the crap out of how gross they were. And I collected these things and they were stickers. So I'd stick them on things. This was Garbage Pail Kids. The year was 1983. So I'm thinking about, you know, Wednesday turning into, like, I love the 80s Wednesday. So what do you got? I mean, you guys let me know. We could beta Test it for a minute and then we can all vibe whether or not we had it. You youngs can either call us Unk, or you can say, oh, yeah, like that's. That made a comeback. That's a thing now, since it seems like the Gen Z kids like appropriating our things from the 80s and 90s. So let me know what you guys think. Jerry took a gummy. I did not take a gummy. I did not. I, I, I, I, I don't, I don't do gummies. Cryptogr says thoughts on companies asking for 3k to be an online school for 5 Azure certs. Come on. Come up as an AD and attended a webinar where a company was guaranteeing interviews. I mean, for what it's worth, I mean, those Azure cert exams are a couple hundred bucks a piece of if you get five, that's a thousand. So maybe you're paying them two grand for training. All the training for Azure is free. Microsoft does it for free. As far as guaranteeing interviews, honestly, that to me is a red flag. People ask me all the time, like, oh, is your GRC Analyst masterclass getting a job? And I'll tell you, people have gotten a job from my GRC Analyst masterclass. Many people have gotten jobs from it. But I will never promise you a job because I just can't. You could be, you could be a total, like, like nobody here is, but, like, you could be a total jerk, right? You could be a wicked jerk, and you could have the greatest resume. But, like, what am I supposed to do? Like, I can't guarantee you a job because you're, you're, you're difficult to be around, right? So I can't, I don't know, man. Guaranteeing interviews? That seems a little sus with anything. Any, any of these boot camps or trainings or guarantees. All I would say is find someone independently who has taken this and ask them what their experience is. Like, do not, do not ask the company to give you a testimonial. I run a comp. I run a simply Cyber academy. I get testimonials all the time. If someone said this, this education sucked, like, I'm not gonna put it on the front of my website and be like, look, see what one student said? We're terrible right now. I like to think that we're pretty good anyways. But my point is, you have to get an independent testimonial. Pocket Pixie. How do I set up an individual pen testing on a small machine? Simple. Get. Yeah, well, it Depends on what you want to do. But you can get. I mean it depends on what you're trying to test it for. Like are you saying you're trying to pen test a small machine or you're trying to turn a small machine into a pen testing rig? Because if you're going to just pen test one computer, I mean you could just run a vulnerability scanner on, look at it, right. For misconfigurations, that's what I would do. If you're talking about turning a machine into a pen testing machine, you can do that. I mean you could buy like a beefy raspberry PI and use that. You could just buy. They sell like go to Hak5. They sell implants that you can just plug in. It's pre built and everything with a web admin console and all that. Alpha Sierra says for the question earlier about how do I convince my OT bosses to get a pen test? Yeah. The cost of punishment is 15 years of pen test. Okay, looking through chat right now, if you have a question, put it in chat with a Q and I will answer it. Please tell us more about the flesh wound. Random skills. Yeah. So basically I cut my thumb yesterday and I was holding a piece of chicken and I was using a blade to cut it into strips and I just went right over my thumb. I basically took out. I didn't cut the nail but like, basically, you know, I don't know how else to explain it. When it's. When it stops bleeding, I can show you. I mean it's probably stop bleeding right now, but it's pretty nasty going in there. And there's no, there was no stitches. You couldn't put a stitch on it because I literally like cut the part of my thumb off. But it was like, you know, I don't know, it's about the size of like a good palm callus. All right. Sisa can do a pen test for free. There you go. See? All right. Pocket Pixie says I could just make my own music. Ah, I don't know. Is VH1 gone? Someone will have to let me know. Dude, that series was awesome. Zima? No, no, zima was like 95. I remember sneaking some Zimas, you know, to my friends. My friends would drink underage. Not me. I was a hall monitor. No, I wasn't. Jerry guy wasn't a hall monitor. Dr. Gerald was nerd. If I send you my research paper I wrote on cyber attacks and their history, would you read it? I mean, you can send it. I can't guarantee it. Just because you could send it Soul Shine. I will definitely take a look at it. I mean, if it, like, I just have to work it into my schedule. I will tell you something kind of funny. Someone took my dissertation and put it into Google Notebook LLM and made a podcast out of it. It's kind of funny the. The podcast host starting. Starting with the podcast, they talk about how they're like, you know, you would think information security and healthcare is an incredibly dry topic. Talking about my research. All right, continuing to look through chat. Stays. Tacos. Nailed it. 80s and 90s had the best music and best tech. Okay, all right, let's go. A lot of people loving the. The new Wednesday idea. Glad people are down with that. All right, let's see. I'm looking through chat right now. Zach Morrison. It's good to see you, Zach. It's been a minute at defcon. Since it's a hacker con, have you ever seen GRC people there? Oh, yeah, yeah. Tons of GRC people at defcon. I mean, it. We don't get our own room. You know, GRC isn't kicking it, but yeah, I mean, a lot of like, I mean, CISOs are GRC and it's not uncommon for, you know, information security leaders to go to defcon. I mean, one of the best ways to be effective at your job is to be up on what is current, and, you know, that's what's up. Chicken was really good. A Japanese crime lord. No, I did watch it. I did get sucked into a YouTube hole. I felt like Justin Gold sent it to me on, like, the eight levels of Yakuza membership, by the way. Hey, really quickly, just a public service announcement for everyone. If Justin Gold dms you a YouTube link or a Reddit link, caution, caution clicking on it. You will lose 45 minutes of your life. That guy's got a pension for rabbit hole Herring. Thoughts on skills someone should study with the eventual immersion of AI within cyber. Yes, John, great question. I mean, for me, I mean, obviously you want to continue to study the fundamental. Right, you should understand I T and stuff like that, but you should understand, like, AI fundamentals. And Phil Stafford's in chat right now. He could definitely talk about this too. But, like, AI is getting immersed and integrated all over the place, right? So understanding what an LLM is. Understanding how AI uses probabilistic reasoning to decide what's going on. I actually heard a really interesting. Talk the other day this past weekend, and it was talking about how AI is trained on everything, right? And it chooses the most Probable thing, which is what, why AI is average. Like AI is fast, right? It does things quickly and it does it kind of well. But like as far as like software developer goes, it's a, it's a mediocre software developer because it's probabilistically hitting the middle of the bell curve. Right? Very interesting. So I mean I, I would do that. I would also John, I would learn some of these like N8N kind of AI automation tools and integrations. And also again the timing of this is unbelievable. But another thing I would talk about really quickly is. This video right here. I literally released this video yesterday. This is, this video is like smoking hot. Still on basically using this GitHub repo for data level security. And you can see here, right, like look, that's, that's redaction right there. What else we got up here? Okay, so this is tokenization and why am I bringing this up again? You can watch this video right now. I would actually love it if you watched it because one, it'll help me and two, it'll help you. So it's a win for everybody. But John, data level security is vital. We just saw the deputy director at CISA put a bunch of sensitive data into chat GPT. Boo boo, boo to you sir. If you had done tokenization you could get all the benefit of sticking something in AI and the reasoning and the findings and the insights while not exposing your sensitive data to compromise. The second you put your sensitive data into an AI tool, you might as well put it on your front lawn and waited for someone to come by and throw it in the back of their pickup truck. So as far as like using AI and, and cyber and skills and stuff like that, I, I would say learning how to introduce data level security is also pretty important. Good thing I made a video for it. Okay, hold on. All right, continuing to look through chat, what operating system will you suggest using between Linux or Windows for someone who's getting into cyber security? Depends what you want to do in cyber security. A lot of productivity apps are, are cloud based now so you can use Linux it. I mean if you want to get comfortable running around on the command line, Linux is good. I mean Windows has PowerShell now. A lot of businesses use Windows operating system is their main. So like you're not really going to go wrong one way or the other. The reality is in 2026 Linux is like very supported. Now back in, like back in the late 90s, like if you were going to run Linux, you were doing it like you were doing it to prove a point like, I don't need your gui, right? Nowadays Linux is super well supported. There's tons of drivers, software is being made for it all over the place. So I don't know, like it's. You can even use Windows and then use Windows subsystem Linux and have a Linux distro on your machine. I don't know if Justin Gold's making fun of me because I said Windows has PowerShell. Now. I. I know they've had PowerShell for a minute. What I'm saying is you can learn scripting and stuff on. On Windows, okay? Plus, by the way, when I, when I was young, PowerShell wasn't on Windows, okay, I was running Windows 95. Okay, Jerry, the donut you ate earlier, was it a Boston cream? No. Dennis Keefe. I hate filled donuts. Boston cream. Might as well be Boston sour cream. Get out of here with that. I. It was a brioche glazed donut. I swear to God, if I, if I went to a. If I was starving. This is going to sound ridiculous, but it's true. If I was starving and then I like walked into a breakfast spread and all they had was like, filled donuts, I guess I would die of starvation. I'm not eating any of these donuts with any of the fillings in it. The last thing I want to do is bite into something, have it splooge on my face. Get out of here. No hard pass. I'll just take an extra coffee. Did the podcast. Thank the midnight too. Lol. Jenny. All right, just so everybody knows, I'm getting dunked on for saying PowerShell's been around for a minute. Whatever. All right, continuing to look through chat here. Oh, cool. John's getting the master class question from. Oh, closing this window. See ya. All right, thanks. Mods are dropping things in chat. Nalana4909, can you share a pro tip to convince a business leader to put compensating controls at the least when there is a heavy pushback because of convenience. Convenience? Yeah. I mean, all you can really do is. What I would do is be like, all right, you know, like, kind of like let them. It's like having, you know, having them have it but then own the problem. So what I would say to them is like, hey, listen, we really. Well, two things. One, if the control that you're trying to put in, they don't want like, MFA or whatever, I would just make kind of a big production around documenting that accepted risk. Like, all right, like, you can't just Be like, okay, I guess we won't do mfa, like, hey, all right, we're gonna capture this in a risk register because the likelihood of us having a data compromise, a data breach of cyber attack is, is significantly higher by not having this control in place. So I'm going to go ahead and document this in a memoir, point out that we're accepting the risk because you've made the decision to accept that risk. And I'm going to go ahead and send that just for our, our records. We, we absolutely don't need this control in place. We, we should. But I understand, business leader, what you're saying here. So we're just going to document it. That way. If there's ever an issue or whatever, when the lawyers get involved, we'll have this documented that we, we were aware of it. We weren't being negligent. It's just that we had made the decision. Or better yet, you had made the decision to accept that risk. So it's no problem, right? Some variation of that. Basically make that person own the risk. A lot of people will push back because who cares? Whatever. Diffusion of responsibility. No, no, no, no, no. You have decided that that's what's happening here. You're telling me no, we're not doing this. So you're wearing the big boy pants. Go ahead, big boy. Sign this memo. All right, guys, it's 9:33. I gotta keep this to 30 minutes. Gotta go change my bandage. All right, guys, I do want to say thank you all so very much. Great questions. If we did not get to your question, please come back tomorrow at 9:00am Eastern Time and we can make it another go of it. But I, I do have to keep this to 30 minutes for today. I'm Jerry from Simply Cyber. Oh, hold on one second. I think I got one more announcement. But wait, one more thing. Just give me a second. I think I have a, like kind of a low key big announcement. Today's February 2nd. Yeah, yeah. So check this out. Just a little fun, little fun thing. Also today at noon. Oh my God. Hold on. My thumb is like starting to low key throb here. At noon. Today. At noon. Today, first episode of the Security Return. This is a brand new podcast on a brand new YouTube channel. And guess who's. Guess who it stars? I'll give you one hint. His name is Tyler Ramsby. And me. So this is Cairo Sex official, you know, YouTube slash podcast. It's a project Tyler and I did alongside Kathy Chambers. There you can see. There's that beautiful man and there's me. So if you're interested in that, go check it out. It's called the Security Return. And basically, if you're wondering what the hell the Security Return does for you, it is. This podcast series is deliberately designed for one thing and one thing only. To give you all the tools you need to be able to convince your management that getting pen tests is a good idea. Breaks it all down super easy. First video drops today at noon. So if you're interested, go check that out. All right, so we got a video from yesterday, a video, a new thing today. All the things. I'm Jerry from Simply Cyber. I do want to say thank you all so very much for being here. I appreciate all the kindness and well wishes for my thumb injury. Be well, everybody. Share with a friend. And until next time, stay secure. Thank you. Mods. All the mods. Just lovely, lovely group of people helping out. Rhonda. I'll connect with you, get you your prize. Till next time.