Dr. Gerald Ozier

Come on. Good morning, everybody. Welcome to the party. Today is Friday. Go ahead, computer, change the output so you stop playing it on my desk. Played in the bruh. All right. Good morning. Alexa, stop. That'll be enough. Good morning, everybody. Welcome to the party. This is simply Cybers Daily Cyber Threat Brief. I AM your host, Dr. Gerald Ozier, coming to you live from the Buffer Osier Flow Studio. In the next hour, you stick with us, you're going to get the top cyber news stories of the day. Hot takes on all those stories, community engagement tips, tricks, lessons and all that and more. And you might even get a couple rib ticklers. I promise you're going to have a good time one way or another. I'm Jerry, your chat. Let's get cooking, everybody. Let's go. All right. Good morning. The nice thing is during the little video overlays, I'm able to shuck and jive and hustle and flow over here and got the. Got it all sorted out so you can hear the music playing underneath me. Good morning, everybody. We're gonna go through eight cyber stories today. Guess what? I haven't researched your preferium. Do you know why? I'll give you one. I'll give you one guess. Ain't nobody got time for that. 100. Ain't nobody got time for that. But that's okay. We've been able to do it 1062 times in a row or today is 160. 1062. So 1061 times successfully in the past and today's gonna be no different. I promise you. You are in good hands for a great show, a great experience today. If today's your first episode. Welcome to the party, pal. Drop a hashtag first timer in chat. Hashtag first timer in chat. We have a special sound effect, a special emo. All those green names, all those blue names, they know exactly what to do. And welcome everybody. And if you're a long time member of the community, please be, be kind and welcome others into the community. It's all about good times. Please remember the first time you showed up. Hopefully we greeted you with open arms and inclusion and all the good things. Every episode of the Daily Cyber Threat Brief is worth one half of a cpe. A continuing professional education credit, which you only need if you are maintaining cyber security certification. So if that's you, say what's up in chat? And then grab a screenshot, you can hit Windows key s. I'm sure there's a Mac equivalent. You Linux people, I don't know. Take your phone out and take A screenshot of the monitor. I don't know what Lennox has got cooking, but make sure that you include the episode number and today's date, which is all in the title of the show. So right beneath the screen showing this. So like, basically like right over there down there, right? Get that in there. File away. You do it once a day. It takes two seconds. Literally two seconds. And, you know, once a year, you submit those CPEs. And if, and only if, you get audited, you'll have all the evidence. As a former auditor, believe me, I know exactly what those auditors are going to want. I'm giving you the secrets, secret answers to the quiz over here. I want to say really quick, just a shout out to. There's so many regular Simply Cyber Community members showing up every single day. So it's great to see you all. I just saw Nerman's name flyby. If you guys don't know Nerman. Nerman's good people, man. I'm a big fan of Nerman. All right, so we got CPEs, we got first timers, we got. I don't research or prep for the show. Super Bowls this weekend. If you're gonna watch it, I am absolutely gonna watch it. Matt Stafford getting the MVP over Drake May. I'm calling. I'm calling Shenanigans. I think it's. It was a political thing. Not. Not like Republicans and Democrats, but like Matt Stafford's at the end of his career, he never really got his flowers. I know he won a Super bowl, but Marcus Kyler. It's probably just hate because Drake May didn't get it, but feels. I don't know. I feel like Drake May elevated the Patriots. All right, guys, hey, real quick. Every single episode of the Daily Cyber Threat Brief is worth half a cp. But I'm able to bring this show to you. I'm able to give CPEs out. I'm able to tickle your ribs with James McQuigan at 35,000ft. I'm able to give away prizes on Mondays and other days because of the stream sponsors. So please let me tell you about them for a hot minute. And basically, basically, Justin Golden Nurman are good friends. Listen, stream sponsors, they allow me to do this. If you want to support the channel, please click the links in the description below. Go check out. I make the links very easy so you could just type them in yourself. So first, let me tell you about material. Our. Oh, my God. Hold on. Our. One of our February sponsors. February 2026. Listen, y'. All. Cloud workspace security is wicked hard. Email security alone stops phishing at the perimeter. But that's not enough. Today's threats target email files and accounts across your entire workspace. You know this Material Security, our sponsor. They protect Google Workspace and Microsoft 365 by providing holistic visibility and automated remediation across your cloud environment. It goes beyond phishing protection to detect and protect sensitive data, monitor account threats, respond to risks across the workspace. Material uses advanced AI detections, automates user report triages and delivers flexible one click remediations for email file and account issues. Best of all, this is the best part. It scales your security without scaling your team. So more value without the head count. Protect your entire workspace for the cost of traditional email security. If you want to learn more, go to Simply Cyber IO Material. Simply Cyber IO Material. Again, the whole deal here is if your organization is using Google Workspaces or Office365, you can basically get additional protections and security without, you know, just by kind of shuffling around the dollars, not so much adding budget. Okay, very good, very good. All right. Also want to say what up to anti siphon training guys. Many of you know that the Wild West Mile High Fest or I forget what they call. It's like Wild West Hack and Fest Mile High is. Oh, there it is. Yeah, this is next week. There is still opportunity. Say your plans have changed, you've got training dollars that are going to expire. You were supposed to work on a project next week and it's been delayed because whatever reasons, there's still time to get in on some virtual training for Wild West Hack and fast Mile High. You could see, look at all this different training. It's kind of bananas. Hayden Covington was here yesterday and he. Oh, he is doing one of the trainings. So if you want to be like a SOC analyst and engineer, you can attend all the talks virtually. You can do 80 security and hardening. Like here I'm gonna drop. I can't really drop a link because this is like a URL from like a Wes Craven movie in the 80s. But just believe me when I tell you there is an entire kit and caboodle of training opportunities next week. You want to learn how to build a C2 framework and go done security ops with Hayden Covington. Why not AD Fundamentals? Sure. There's something for everybody at the training for Wild West Hack and Fest Mile High. So go check that out and enjoy. If you're going to the conference, do high five other simply Cyber Community members. If you're going alone or you don't have a crew yet. Go on to the Discord server. Simply Cyber IO Discord. And you, there's a Con chat. Con chat. Not to be confused with Will Captain Kirk K Chat, which we, we don't have one of those, but we should. And you can, you can connect with other Simply Cyber Community members going to Mile High. Just, we had an issue last year at that conference, so hopefully this year is. Conflict free. I'm not going to get into it, so please don't ask me, but if you, if you were involved with the issue last year that you know what I'm talking about. So anyways, I also want to say shout out to Flare now. Dude, I gotta tell you, I think Flair is phenomenal. We've been talking about Flare Academy for a hot minute, but their cyber threat intelligence platform is super dope. I've used it, I made a video about it. I liked it so much. And you can get a two week free trial which is more than enough time to like do a bake off of this platform. The people behind Flare are cool. And I'm not, listen, I'm not saying this because they paid to be a sponsor. I'm saying this because I feel this way. The people at Flare are cool. The platform is useful. The information that they're garnering has value. So I would recommend anyone check it out for the two week trial. They do have to validate your identity because if you're a criminal, dude, like this is like an absolute thirst trap for a cyber criminal. The amount of information in here is like an easy button for, you know, initial access brokers. So they do validate your identity. Go to Simply Cyber IO Flare. Holy crap. Just become best friends.

Real Bilbo

Yep.

Dr. Gerald Ozier

Jesus, my hair got blown back there. Real Bilbo. Real Bilbo coming off the top rope with a 50 super chat. Thank you very much, Real Bilbo. The community slay. I'm 45 days into a new gig, which I found implementing Jerry's LinkedIn pre hire process interview in 90 days to success friends. Jerry has a video for everything. My life was forever changed thanks to Jerry and team. You know, Bilbo, I don't, I, I don't swear or I try not to swear on this show, but I gotta tell you, I would love to drop an effing right bomb right now, dude. So happy for you, Bilbo. And if you guys don't know Real Bilbo, his name is Bill. He's a great guy. Longtime Simply Cyber Community member. Just phenomenal. And I'm very happy that he was able to transition employment and and crush it and now he's just absolutely slain like an absolute boss. Real Bilbo, my man. And and also well, I'm not going to share your personal stuff real but. But Bilbo's had some really high wins in his personal life too. Big W's going on so super pumped for that guy just crushing life right now. All right guys, we did anti siphon material flare. Let's hear from Threat Locker really quickly and then, and then get some sunblock because I'm absolutely gonna melt your face with a hot cyber news. All right, get Sunblock SPF 500 because I'm going nuclear with my hot takes to get today. All right, let's hear from Threat Locker for real. I want to give some love to the daily Cyber Threat brief sponsor, Threat Locker. Do zero day exploits and supply chain attacks keep you up at night. Worry no more. You can harden your security with Threat Locker. Worldwide companies like JetBlue Trust Threat Locker to secure their data and keep their business operations flying high. Threat Locker takes a deny by default approach to cyber security and provides a full audit of every action allowed or blocked for risk management and compliance. Onboarding and operation is fully supported by their US based Cyber Hero support team. Get a free 30 day trial and learn more about how ThreatLocker can help prevent ransomware and ensure compliance. Visit threatlocker.com DailyCyber. All right, my friends, stay tuned for the mid roll where James McQuiggin is going to tell us some jokes. But right now, I got one thing for you. Directions very clear. I need you to sit back. I need you to relax. I need you to reach down and grab that lever that reclines your barker lounger. I need you to relax and then let the cool sounds of the hot news wash over you in an awesome wave. I will see all of you at the mid roll. Let's go. Let's cook.

Real Bilbo

From the CISO series, it's cyber security headlines.

Sarah Lane

These are the cyber security headlines for Friday, February 6, 2026. I'm Sarah Lane. Substack admits data breach. Substack is notifying users of a data breach after attackers accessed email addresses, phone numbers and internal metadata back in October. Substack CEO Chris Best says the issue was only discovered this week and there's no evidence that passwords or financial data were accessed. A threat actor has since posted a database with around 697,000 records online. Substack says it's fixed the flaw and is warning users about potential phishing all.

Dr. Gerald Ozier

Right, so gifted subs from Real Bilbo. Thank you, Real Bilbo. If you're One of the 10 recipients of the gifted subs like Terence Billingsley and Chad Green, Justin Woods, Chop de Joy, like, you can access your emote tray and notice that there's a bunch of additions in there. Thank you very much, Real Bilbo. And yes, you get a membership. You get a membership. The old Oprah emotes very. The Oprah one's got like, some wear around the edges because we use it so often. I love it. All right, so Substack, very popular blogging platform. If you've listened to me talk about personal branding and the. The need for it in 2026, Substack is one of those platforms that's phenomenal. Also. You'll. I've seen a lot of, like, content creators that do shorts and stuff, like talking head shorts. They'll give like a little taster and they'll say full, full story on my sub stack Lincoln bio. So, like, the substack is like the call to action and people are using. Social media is kind of like the, the little, you know, like, God, this is like such a callback. But like, back in the day, I mean, they probably still do this in some places, but like, usually at malls in the food court, the rolly bowl people or the hibachi place is standing out there with like little tasters or with a toothpick in it. A lot of people are using social media for that toothpick thing. And then the hibachi counter is where the substack is. So definitely a legit platform. They got hacked. Of course, there's nobody, Nobody can be 100% secure and be practical, you know, it's legit. I say this all the time. If you see this anime avatar for the profile picture, the. The person's a legit hacker. Like, I feel like if you use this and you're not legit, the cyber criminal underground are going to, like, flame you, basically. So what do they get here? Data compromised. Email, phone number, name, user id, stripe id, profile, picture, bio. Okay, so basic, you know, starter kit for phishing. No passwords, no financial information. None of that. Be on the lookout. You could get an email of, You know, oh, hey, like, you know, like your substack account was hacked. Like, click here to reset your password and then they get your password. Right. Kind of on the nose type attacks. I don't know. I feel like, honestly, I feel like this story is fine. You know, it's a big Platform, change your password, like, know, whatever. Like, the password wasn't even compromised. Just. You should always be on the lookout for phishing emails, right? It doesn't matter if it. Your substack was hacked. It's like, you know what I mean? Like it, it. Tomorrow it could be Beehive, and the next day it could be LinkedIn, and the next day it could be Gmail. Like, it, it's. If you're, if you're taking some action and reacting differently because of this story, I mean, I guess today, you know, today's a good day to start doing basic cyber hygiene, you know, so this, I mean, whatever, this is like a fine story, you know?

Sarah Lane

Russian attacks Target Winter Olympics Whoa.

Dr. Gerald Ozier

Italy's born Robert Hendrickson with a super chat. Thank you. Robert says, I found your show and channel six months ago. It changed my life for the better and you rock. It led me to get what I consider my dream job. Hell yeah, dude. I didn't know that. Robert, thank you. Thank you, man. Thank you for, for sharing that with us. And obviously thank you for the super chat. It goes to help support the show. But I didn't know it led to your dream job. God, like, I'm gonna, I'm gonna get misty eyed up in here, man. That's awesome. That is. Oh, yeah, here we go. Dude, this is why I do simply cyber. Yes. Like, you know, I was able to, like, quit my job and focus fully on this and it makes money and I'm able to, you know, do fun stuff and make content and everything, but, like, the whole, the whole reason I started Simply cyber, like December 2019, the whole reason was to help people. And, like, it's just awesome. Thank you, Robert.

Sarah Lane

Foreign minister says cyber attacks of Russian origin have targeted Foreign Ministry sites and infrastructure linked to the Milano Cortina Winter Olympics, including hotels. Though officials say the attacks were blocked, no details were given on whether the activity was state backed. The warning comes as the UK urges organizations not to underestimate pro Russia activists. And as Cloudflare CEO threatens to pull free services for the Games after Italy fined the company 14 million euros for anti piracy violations.

Dr. Gerald Ozier

All right, so two things here and then one editorial thing. Number one, like, anytime there's a global event like the Olympics or the FIFA World cup or, you know, a geopolitical conflict like Russia invading Ukraine, Palestine, Israel type stuff, there's always like a massive uptick in cyber criminal activity. And it could be, it could be like phishing emails that are targeting, hey, like here's, you know, watch the Olympics, free here or, you know, whatever. You know, answer this quiz and like figure out which Olympic sport you would play, you know, or whatever. It's just an increase, right? So like, if someone sends an email last year about the Olympics, it's going to hit less because it's not top of mind for people, right? So always be on the lookout. I always tell people, you know, like, whatever's hot right now, like, even with COVID and the stimulus checks and stuff and the vaccines, like there was a ton of phishing email going around with all that stuff. So be mindful of that now because of this, because it's on the world stage and there's lots of countries looking at it. It is another opportunity where you get ideologically motivated hacktivists that are trying to like, basically get their, you know, get their. Their mission or get their. Their. What's the word I'm looking for? Get their cause. Get their cause like announced on the world stage, right? So it's like no different than like some like in the 80s, this was like a thing, but like there'd be like a really famous person coming out of, you know, a movie premiere when we used to care about movie celebrities. And like someone would run up and throw like a bucket of red paint on them because they were wearing like a fur coat and be like, meat is murder, right? So like it's. It's an opportunity to have way more awareness. It's a, it's a marketing opportunity basically for these ideologically motivated individuals. Of course I. I actually know somebody. What? A Flex Jerry. I. I know someone who was actually responsible for cyber security at the Olympics. At Lily Hammer. I think it was Lily Hammer. It was definitely a Winter Olympics and it was definitely in Europe. I think it was Lily Hammer. Unless. Unless were the Olympics in Italy like 15 years ago, 16 years ago or so, whatever. It doesn't even freaking matter anyways, this individual was responsible. I had breakfast with this guy and he told me all sorts of really interesting things. So like when I tell you that the Olympics, cyber security is a top priority. It is a top priority and kind of fun fact, they have a bunch of different, like independent systems. But the one that is the most important, surprisingly to me, and I don't even know if this is like, I'm supposed to say this, but like the one that's most important. Actually, I'm not going to say it because I don't even know if I'm cleared to say this. Please disregard what I just said. I'm going to have to check with him. I'll check with him and I'll text him and then I'll ask if it's something I can share publicly. Here's the third thing, third and final thing. And by the way, I don't know if we missed. I don't know if we missed any first timers here. So if you're a first timer, I'm pretty sure it was Lily Hammer Code Brew. If you're a first timer here, drop a hashtag. First timer in chat. I just want to make sure that we welcome you properly. So here's a quick, like, I don't even want to call it a tinfoil hat moment, but it is a little bit of an editorial. I try to keep on brand and make sure that I give. You guys go beyond the headlines because you can read the story on your own, so what's the point of listening to me yap about it? I go beyond the headlines. I don't know if it's because there's a lot of way more important things going on in the United States right now, politically speaking and socially speaking, but. Or. Or if it's just, you know, Bob Dylan. Times are a changing. But, like, I'm old, okay, guys, I'm 46. Okay? I remember the Olympics was like. Like a pivotal event. Like, the Olympics are coming. The Olympics are coming. Like, everybody, like, stop everything you're doing. The Olympics are coming. And now, like, I might not even watch this Olympics. Like, I'll probably, like, auto, you know, DVR or TiVo curling, because I like watching curling for some reason. But, like, I don't. I don't know about you guys, but, like. And I hate to sound like, I guess, unpatriotic, but, like, I just don't care about the Olympics right now. I saw a commercial for. And I'm like, nah. So I don't know what it is. If you. If you have a thought about the Olympics, let me know. But I just. To me, I found. I found it unusual yesterday when I saw an ad for the Olympics and I was like, huh? Like, I'm. I actually find that. I don't care. That's weird. It's weird. To me, it used to be such a big deal. All right. Hey, we got a first timer in chat. Chat. Thomas Cauley. Welcome to the party, pal. Welcome to the party, pal. All right.

Sarah Lane

GitHub code spaces enable RCE Orca Security says attackers can achieve remote code execution in GitHub code spaces by. By tricking developers into opening a malicious repository or a pull request, the researchers found that default configuration files can automatically run commands on startup, letting attackers steal tokens, access secrets, and potentially move laterally across enterprise environments. Orca warns developers should treat repository supplied configs as untrusted. Russia.

Dr. Gerald Ozier

All right, I was reading DMS right there. Hold on, let me text this guy. Well, actually, I'll do it when the mid roll plays. Oh, my God. All right. Malicious commands and GitHub code space enable remote code execution. No kidding. Guys, listen, the secret's out. Criminals have figured out they can just put a powershell cradle into, you know, a GitHub repo or some code, and you or your AI clawbot is going to pull it down and run it under all the permissions you've given it. So if you've given it like carte blanche, super user privileges, because I want my AI bot to do all the things for me now I'm gonna go recline on a, on a beach somewhere and just let the money flow in. Threat actors know this and they're straight up doing all the things. Steve Young, you're a curler, broph. I love basically the reason I like curling. And this is, this is a terrible reason, but it's basically like a bar sport. Like, I can sit around at a bar and watch people play darts. I can sit around and watch people play foosball. And curling. Curling's basically just like glorified shuffleboard. Right? I mean, let's be real here. I know they have the fancy shoes and you know, the commands where they scream at each other, but it's just, to me, it's a relaxing sport to watch also. I feel like it's accessible. Right? I feel like I could do curling. Like, I certainly can't do the high jump or the long jump or anything that involves jumping them out. Ice hockey? No, the, the, the, the, the, the ski one where you go like 90 miles an hour down a ramp and then hit it and then you just like, fly. I'm not doing that. But curling. Give me a broom, Steve. All right, so GitHub code spaces has RC. Here's what I would recommend. They're embedding malicious commands and files which are triggering. I'm. I'm just telling you, be. The problem is, this is a real problem. Developers were not looking at code they were importing already, and now you're having AI pull the codes down and you're definitely not looking. I don't know if it's possible to. I'll find out because I'm rolling out one of these Claude bots myself. But I don't know if it's possible to ask the CLAUDE bot to review any code that you're importing for potential malicious commands. That would be like a really useful use of AI since you know, you, me, we're not going to be able to review all the code and quickly discern if there's malicious functionality in there. But an AI, it's, it could do better than me. So that's actually kind of a, I don't know, a hot take or something or someone already figured that out, but that's what I would do. But yeah, no, no, this is like 100% what it is. And then what are they doing? RCE remote code execution. They're going to, basically the first thing they're going to do is reach out and pull down second stage payloads, infect your machine and then either steal your, your, your API tokens and use your CLAUDE API code, your, you know, Pro Max plan and run it for their own goods. They look for crypto, look for credentials, move laterally through your environment, drop ransomware. It's like basically you're screwed. And by the way like when we just another thing to think about when we think about users in our environment just standing up AI bots, especially Open Claw, if you have someone in your company, this is a, this is like a call to arms, dude. You should be looking for people running Open Claw in your work environment. It is not a good idea to let them do that. You should stop that asap. And I'm, I'm just telling you right now, like if you allow like these, these AI bots without any kind of oversight, you could have them running remote code execution cyber criminal activity and infecting the crap out of your, your organization. And sure, maybe your EDR catches it through behavior analysis, but like why are you taking on that risk? A lot of the AI risk and AI governance that I've been talking about is much more around data security. So like, you know, Justin Gold takes an export from simply Cyber Academy, right? And then uploads it to chat GPT to do analysis. That's the kind of concerns I'm thinking about as a GRC person in data sovereignty and data governance. But like as a, you know, tactical my environment is compromised. That is another risk that I is now in my, my landscape because the AI there people are installing AI bots and agents locally on their own systems to do things. And I, I honestly feel like agents already existed and people were kind of doing it, but it was almost for, I don't want to Call it like advanced technical people, but you did have to have a level of technical acumen to be able to runup agents. And this Open Claw has basically lowered the barrier to entry. Where literally my aunt Orthea. I love my aunt orthea. Not. She's not the most technically savvy person. Okay. And that's not a, that's not to disparage her, it's just a, you know, it, it. I'm sure you all have your own Aunt Dorotheas, right? Open Claw makes it very easy. Like you literally run one line of a powershell command and it run. It pulls down essentially, it pulls down a payload. It's not even essentially. That's exactly what it's doing. It runs a powershell command that run. That pulls down a powershell file and runs it. Just like threat actors download second stage payloads. It's the same thing. So because the barrier to entry is lowered, your likelihood of exploitation is much higher. So be. Be on the lookout for that stuff. Okay? BW5542. As far as Open Claw goes, that payload, look at. Hold on. It's kind of hard because my thumb still hurts. But like. This right here. See this one liner right here? This is the, this is the payload. This is the PowerShell payload. This is a PowerShell cradle that is going to run. It's going to say go get this PowerShell file and then execute it on the box. So what I would do is look for Openclaw AI slash, install PS1 in your log files. You may even want to go next level and just straight up tell your EDR that this is like. If you see this command, you should not execute it or, or, or prevent the PowerShell from firing right afterwards. You'd have to, you'd have to like, you could like so. Because you can download this if you don't do this unless you know what you're doing. Okay, but if you run this command right here without the, the pipe iex, you, you'll just pull it down. The IEX is executed, right? So you could technically pull down this PowerShell file, open it up in a text editor and then look at what the commands are and then build detections around that as well. But, but you know, make sure you know what you're doing. Okay? You don't want to accidentally pop your. You don't want to be Plaxico Burris. Okay? Nobody wants that. And I'm probably dating myself, but. November 2008 Plax go burris. You know, just for those who are watching on video. I'll just leave this here. Plexco Buris, he did a thing. And I'll bring this up every time I can because he was on that 2007 Giants team that defeated the, at the time undefeated New England Patriots, which had one of the all time amazing Brady, Randy Moss.

Sarah Lane

Teams used Starlink terminals are now deactivated. Ukraine says its new Starlink whitelist system is now stopping Russian military use of the satellite Internet network and has already cut off access for unverified terminals following the impact of yesterday's move to disconnect unauthorized devices. Approved terminals on the white list are operational, but Russian ones have been blocked and verified. Lists are being updated daily as part of the ongoing registration process.

Dr. Gerald Ozier

All right, so we talked about this yesterday. Russian drones, they're basically sticking a Starlink receiver on it. So again, I'm, I'm, I'm being hyperbolic and paraphrasing a little bit, but my understanding is they're putting the Starlink receiver on top of the drone and then they're putting like a grenade or C4 or landmine or claymore or whatever, you know, bomb underneath it, and then they're flying it directly into like Ukrainian soldiers. As you can imagine, that doesn't turn out very well for the military target. Right. Putting metal on foreheads, I think is what the US Military says. So they're using application allow listing probably on the Mac addresses, if I had to guess, or you know, the unique wireless NICs of these Starlink terminals. And that is causing the Russian drones to basically not have Internet access and, you know, make it unable to control. This is fine. I actually was talking to my cadets about this yesterday because we're talking about denial of service attacks and how most people think of denial service attacks is just spewing a lot of network data at an endpoint. But this is a denial of service attack as well. Like Ukraine's allow only list is denying the Russian drones access to the Starlink network. Again, I'm going to guess, I'm going to guess again. I'm, I'm, I'm no great shakes, but I'm gonna guess that Russia is working on warheads on foreheads. Okay, thank you. I'm getting mocked in chat over here. I'm gonna guess that the Russians are going to find a way to either spoof their Mac address so that it appears on the allow list, or they're going to come up with, probably easier, some type of alternative Internet access to control the drones. Again, you know, Starlink is a privately owned company they are into making money. So, you know, I Hopefully, you know, they choose righteousness over there. But I'm glad that the Russians aren't able to fly drones into citizens. Right, but. And, and just to be clear, I. Ukraine is defending their country. Okay, so, like, they're defending an invasion. Ukraine is using drones with munitions on it too. So, like, I'm not. I'm not chastising the use of that as a military capability. I'm just saying it is an interesting cyber capability and kind of a classic throwback to yesteryear on how to protect. How to protect the network, for lack of a better term. Right. Allow listing is very difficult. Right, because every, you know, special snowflake in your business wants to run their own special app, and then you end up managing this unmanageable list of applications. So just be mindful of that.

Sarah Lane

Huge thanks to our sponsor, Strike 48. It's no secret that AI is only as good as the data available to it. Strike 48 unifies agentic AI with unmatched log visibility while avoiding the typical hefty price tag. Build and deploy agents for phishing detection, alert triage, threat correlation, and more. Query existing logs where they currently live so you can keep the technology you already have. Learn more@strike48.com.

Dr. Gerald Ozier

All right, so I texted my. I texted my informant. I texted my. My smoking man in the gray jacket or whatever you guys want to call my. My secret. My secret friend. Whatever you want to call it. I don't know. Let's do this. All right. Hey, Thomas Cauley. Every single day of the week has a special segment. Fridays we tell jokes, guys. Again, thank you to the stream sponsors, threat locker, anti siphon, flare and material security links in the description below. Clicking on them does help support the channel. It makes a material impact on helping the channel. So if you have gotten value from the show, whether it's your first day or long time and you want to support, I, you know, you don't have to send money. You can just click on the links and that is incredibly helpful. Okay. It was an exiles reference. Okay, So I think this guy. Honestly, I think this guy is. I don't know where he is. He's been traveling to Europe a lot lately and it's afternoon there, so he should be responsive. All right, so check it out. Every single day of the week has a special segment. And guess what? This guy, James McQuigan, 35,000ft. If you see this guy in the wild, definitely give him a high five and let him know that you have spotted him, chances are he'll give you a sticker that says you spotted James McQuiggin at 35,000ft. Very difficult sticker to get for the laptop. Hey, when an optim. Okay, so this is the jokes of the week. Okay. When an optimist sees a glass half full and a pessimist sees the glasses half empty, how does Microsoft see it? Jesus Christ. I don't read these jokes in advance, so you're. All right. So when an optimist sees a glass half full and a pessimist sees it as half empty, how does Microsoft see it? Microsoft. They see It Excel as January 2nd. They see it Excel as January 2nd. 1, slash, 2. I had a. Had to put some thoughts on that one. What do calendars eat? Very straightforward. What do calendars eat? If you're taking a calendar out for a date or you've been hired to babysit your friend's kids and they happen to be calendars, not humans, what do you feed them? Dates. You feed them dates. Okay, what's the best. What, what is the best outfit to wear on February 2nd? February 2nd is National Ballerina Day because it's appropriate to wear a 2. 2.

Real Bilbo

2.

Dr. Gerald Ozier

2. February 2nd. 2, 2. Why are calendar puns so bad? Why are calendar puns so bad? Because obviously, much like me, they're so weak and dated. They're so weak and dated. All right, so James, looking at 35, 000ft. If you don't like the jokes, take them up with James. Don't hold me accountable. I am merely the vessel that delivers the jokes. I'm joking. Thanks so much. James McQuiggin at 35000ft. Love having the jokes of the day and love it. All right, let's finish strong everybody.

Sarah Lane

Cyber espionage operation targets governments worldwide. Palo Alto Networks Unit 42 says an Asia based cyber espionage group reached at least 37 governments and conducted reconnaissance in 155 countries, calling it one of the most widespread state length compromises since solar winds, telecom firms, police ministries and even a parliament were accessed. Researchers say the campaign focused on espionage and data theft Using phishing and common tools like cobalt strike across buried targets. Kahnped discloses cyber.

Dr. Gerald Ozier

Hold on. My, my, my, my guy in the. My, my undercover operator just texted back and said I can share this information. Okay, so check it out really quickly. Researchers uncover vast cyber espionage operation. Dozens of governments targeted. Awesome. You know, without even going any further, immediately China. Okay. Like it's China. Until proven otherwise, they are aces at espionage. And when you're attacking 37 different governments across 155 countries. Chances are you are a nation state threat actor with lots of resources, including time, money, and people. All right, so Pete Reynolds, director of National Security programs at unit 42, declined to attribute the specific country. So the story does not say China. I'm. I'm saying China. Okay, so with Jerry, it's simply cyber. Says this. This is a pretty big deal, though. I mean, he is saying it's the most widespread and significant compromise of global government infrastructure since solar winds. You guys know how I feel about solar winds. So hot that Hansel's so hot right now. So I wonder how they. How they got this telemetry. I mean. All right, so Reynolds, who doesn't want to attribute to a country, does compare to the recent Chinese campaigns. Volt, typhoon, Salt typhoon. So again, not attributing it anywhere, but seems like it's quite similar to. All right, D. Unit 42 first discovered the campaign when it was investigating a series of phishing attacks targeting European governments early last year. So this has been going on for 12 months? Unit 42 has been tracking it. The company determined it was based in Asia during due to the regional tools, language settings, et cetera. Again, not attributing it to anyone, but a lot of indicators would point to one specific nation state threat actor. That's excellent at espionage. All right, metadata shows the file was previously named daiu, the Chinese word for fishing. Oh, my God. My God. So I mean, this is like straight up insulting the intelligence of the European governments, literally. The. The file that was used as part of like, you know, here's a malicious email with an attachment and the file's called phishing. Hey, idiot, click on this phishing email. It's called phishing and it works. Okay? Cobalt Strike payload. Cobalt Strikes a Enterprise grade C2. If you think that criminals can't use it, you're wrong. They just stand up shell companies and then purchase it over the. Over the wire. I mean, over the counter. All right, here's the reality. Okay, guys, this is interesting. This story should continue to be reported on, I would imagine. Now that Palo Alto unit 42 has come out and shared this, I would imagine there'll be more information, more research, more IOCs coming out. If you are responsible for protecting federal government installations, federal government infrastructure and end users, because they're obviously targeting federal employees through email. If you are responsible for people that have.gov email addresses, you should be on the lookout for this. Again, the thing is, when you have sophisticated nation state backed military operators, they are going to have time, money, resources. The thing is they are going to. Their mission is to get into the. Whatever the Chechnya government. It doesn't. The difference between cyber criminals and nation state threat actors is a cyber criminal. If they can't get into your email, they just go to the next victim. They don't care. They want straight cash homie. Straight cash homie. A nation state. The, the guy, like the guy or the lady at the keyboard has been told by their superior officer, your mission is to break into this account. Don't come back until it's done. So it doesn't matter if it takes a day, a week, a month. It doesn't matter if you need special tooling or whatever. Your job is to do that. And they're going to keep doing it. So obviously the, the likelihood is going to go up because you're going to have a persistent threat actor, which is why you need defense in depth on these federal controls. Great email security gateways, great education of your end users around. Hey, you are the target of a nation state. Be on the lookout for things like this, weird attachments, emails with attachments called phishing. That would be an indicator. Okay, for real now again, the word is daiyu, which is Chinese for fishing. But. And I don't expect, you know, whatever. I don't know, you know, Johnny Dutch to, to read Chinese. I wouldn't know if I saw daiyou. But like, my point is just we need consistent vigilance around best, you know, not best practices, but like cyber risk mitigation up and down the stack. Protect your people, protect your process, protect your technologies and be ready to respond. Go check out this article by unit 42. There may be indicators of compromise that they have provided. Let me look. No, they don't provide any in the story, so I can't really look for anything because they're not attributing to anyone. But I've already given my attribution.

Sarah Lane

Attack. Romania's national oil pipeline operator Conet says a cyber attack disrupted its corporate IT systems and knocked its website offline, but didn't affect operational technology or fuel transport. The company runs nearly 4,000 kilometers of pipelines. The Qilin ransomware group claims responsibility, saying it stole about one terabyte of data and leaked sample documents as proof open.

Dr. Gerald Ozier

All right. Did they say Killin? Yeah. So Killin, which by the way, I call it Chillin, the Chillin Ransomware gang. But killing has taken responsibility for this. Again, I, I think the killing threat actor group is one of these ones that is Eastern European based and has like some senior operators but they're recruiting kind of the younger people. I'm taking this from my Flare Academy Syndicate Life of a ransomware operator webinar that I attended last month. I believe they are one of the ones that do that. The killin one is advanced again. There's certain, I guess effective players in the Eastern European ransomware space. So like I want to say that the Killing ransomware gang has somebody from the Conti Ransomware gang was like a higher up that's involved with it. But anyways, they've attacked this oil pipeline and disrupted business systems. Okay. So I gotta tell you, like, you know, the, the bravery of this threat actor group to attack an oil pipeline company is pretty interesting considering I think 2021 dark side attacked colonial pipeline. I think it was 2021, fact check me on that one. But like Colonial Pipeline got hit and in one of the very rare cases, the US federal government basically dropped all of its resources on dark side, got the money back that was paid by the ransom and dark side immediately disbanded. Which was insane. So like again it was, it was misreported that you know, the oil pipeline itself was impacted. It's the business systems. This group isn't attacking the ot, ICS stuff. They're attacking like file servers and active directory and stuff which screws up business. Right. Like if you don't know where you're sending things, it is going to result in degradation of service delivery. See how it says right here we note that the OT and SCADA systems were not affected. Exactly. These threat actor groups, again they can have OT and ICS experience, but by and large the ransomware threat actor groups are attacking IT systems. They're trying to disrupt business operations. They're not trying to cause. This isn't the 1995 movie Hackers where the bad guy is trying to like basically flip an oil tanker and run away with a bunch of money. It like they're not trying to cause devastation and like environmental damage. They're. They're trying to get paid. You they got their dark web leak site and you know, they're dropping all this information. So we'll see one terabyte of documents. It's now into conets. Court to see if they're going to pay or whatever. Again, guys, here's what you got to do. If you're not doing this, do it today, do it tomorrow, do it next week, whatever. What's up? Cheria Gonzalez to see you. Listen or Shamira. Sorry. Here's the deal. Run Tabletop exercises at your work make them interesting. Say, hey, let's just pretend our IT systems are taken down. Let's just pretend that IT can bring everything back up in five days. Okay, Those are. Make those assumed facts. Now, as a business, what do we do? Do we pay the ransom? Like, what's our criteria for evaluating the data that they're leaking on their sites and determine if it's bad for us, is it good for us, what the. The press is calling, what do we do? Do we answer the phone? You know what I mean? So. Oh, yeah, I forgot. Yeah. So anyways, tabletop exercises are incredibly valuable. I would seriously recommend not really doing like an IT focused tabletop exercise with the executives there. And don't do an executive high level. Well, you can have the IT people there when you do the executive one, just so the I T. People understand what the tone at the top is and what the strategic vibes are. But if you try to bring them all together, a lot of times what you're going to get is people on their cell phone because you're. You're speaking to two different audiences and you. You can't speak to both audiences at the same time, unfortunately. So tabletop exercises killing ransomware continuing to be a nuisance. Really quickly, I do want to point out this. As far as the Olympics go, I forgot about this guy in the Summer Olympics, this like, OG Gangster who was just like, everybody else has like, cyber eyes and they look like, you know, it's like metal gear solid 2075. And this guy's like, nah, I play Red Dead Redemption straight up. So there is. That.

Sarah Lane

May reveal big personal info. The OpenClaw AI agent platform may be riddled with security flaws, including prompt injection attacks that could let hackers backdoor a user's machine, steal files, or deploy ransomware. Snyk found that 283 of around 4,000 skills in the Clawhub marketplace exposed sensitive data like API keys, passwords, and credit card numbers. Zenity also showed attackers could use indirect prompt injection through integrated apps to gain remote control of systems and exfiltrate data. Encase driver.

Dr. Gerald Ozier

Yes. This is why I'm telling you, man, like, I get it. Ooh, innovation, disrupting the market, all these things, sure, that's fine. But I'm telling you, man, if you, if you just like, throw caution to the win, strap in, strap in and like, just hit go and see what happens, you know you're gonna have a rough ride of it, right? Like, All right, here's another reference. Okay. And again, I Know you youngs don't know. But hold on one second. Hold on, hold on, hold on, hold on, hold on. Okay, so this movie Explorers, I think River Phoenix, Ethan Hawk, very young in this movie. I want to see their actual time machine because it was ridiculous. Broseph. Whatever. Okay, I guess we'll use the classic time machine from the sci fi classic. Okay. Or the DeLorean. Yeah, let's use the DeLorean. Okay, check it out really quickly. You're gonna build a time machine, okay? 1 of 1. You get in this thing and just hit go. Good luck. The fact that this thing actually worked, like, no disrespect, Doc Brown, but like you were kind of an eccentric scientist who had many failures before the DeLorean worked correctly. The fact that this thing worked, okay, like this is what happens when you do disruption and innovation and you take the guards off and just let people go buck wild. R and D developers, they don't want to be held down. They want to, they want to, they just want to be free, man. Like, let my hair flow. Let me just. Let me just like, you know, do whatever. Okay. And when you do that, move fast, break things, you run into all, all sorts of problems. And that's what's happening right here. The skills marketplace that open Claw, your AI assistant threat actors figured it out. Threat actors are like, oh, geez, people are going to download all sorts of dumb things. Let's go ahead and rip them off. And people are putting bank accounts, credit cards, API keys, all the, you know, you passwords. Again, if people are installing this on their work machine, you are like, you are not in a good situation as far as your enterprise infrastructure goes. Okay? So threat actors know it and they're exploiting it. This is why if you're going to deploy it yourself, you really need to put massive guard rails around this thing. Static IP addressing, allow only lists for what websites it can go to. Not having VLAN it off so it can only see out of your network, not into your network. You know, putting commands on it. Like you're not allowed to do X, Y and Z. Like the, the trick with open claw, and I was having a conversation with a buddy the other day, the trick with open claws, you can come up with tons of ideas on what not to do. Open claw, don't do this. Open Claw, don't do that. The problem is there's going to be things that it's going to do that you wouldn't have thought of. Right? Like DJ B Sec told me yesterday that Openclaw went out and spent $7,000 on two classes for some woman because it determined that the classes would help the woman improve herself professionally. I, I don't know if she was ready to drop seven grand, you know what I'm saying? So you got to be careful out there. Threat actors know it. This thing is nuclear hot. And, and it's, it's going to continue to be a breeding ground for threat actors.

Sarah Lane

Huntress researchers say that attackers are abusing an old revoked Windows driver from the Encase forensic tool to disable security software in bring your own vulnerable driver attacks. The team found that Windows still loads the driver because of legacy signing rules that allow pre2015 certificates even if they're expired or revoked. If you have some thoughts.

Dr. Gerald Ozier

All right, so N Case, if you are a digital forensics investigator, you know exactly what N Case is. It's one of the top tools for doing digital forensics, right? Like making copies of data, you know, bit by bit, doing analysis, looking for, carving out files, looking for interesting things, etc. So it has a digital certificate that's expired. So when you go to use it, you get a notification saying this thing's expired. But you're like, it's in case it's fine. You just click through. Well, threat actors have figured out that they can weaponize it in order to exploit EDR Endpoint detection and response. Threat actor got. So Huntress responds to an IR and they noticed that the threat actor used a sonic wall SSL VPN creds for initial access. So not hacking here they just bought creds and logged into the network over a VPN using real credentials. So again, make sure if you can, users are not reusing passwords or they have complicated passwords. Multifactor authentication for the people in the back. And conditional access is the person whose creds were used logging in from the right country, logging in at a time. That makes sense. Multi factor authentication. Okay. And then they use the forensic tool End Case to basically disable the security products. Now, I don't know why Encase has this capability, probably to prevent EDR for disabling it because it's doing kind of like kernel level things, which makes sense. But unfortunately some threat actor figured it out. Let me ask you this, digital forensics people, is NK still considered hot? Because like when I was going through one of my, one of my degrees, when I was going through my master's in information assurance, I believe I took a privacy and forensics course and I used Encase. I remember using N Case or. And or ftk. So let me know, is NK still relevant? Let me know. Let's see. All right, so Microsoft introduced a new policy in Windows 10 that requires new kernel drivers to be signed via its hardware dev center. But unfortunately, backward compatibility. Thank you, Microsoft, for making backward compatibility. Allows driver sign with certs issued before 2015. So in this weird, bizarre kind of situation, because NCASE certificate expired a long time ago and NCASE has capabilities to disable EDR products because it's operating at the kernel level. In many instances, the backward compatibility allowed that end case file to run and, and weaponize and be weaponized. Very cool work, Huntress. I'm a big fan of Huntress. Obviously, I'm a big fan of John Hammond, and I don't know if Matt Kiley's still over there. Matt Kiley was over there for, for last I knew. So I'm a big fan of those guys. And if they like Huntress, I like Huntress. Plus, Huntress is always doing great work. All right, so how do they stop this from working? So the EDR killer used by the threat actor was. Okay, so how do they. This is interesting. So static analysis is difficult because the threat actor has encoded the payload throughout the binaries data section. So without getting super into the weeds on this one, the way that you can store stuff in these files, like payloads and stuff, usually when you look at it in a tool like, like a hex editor or a IDA or Gija or something like that, it'll be in memory, but it'll be in English. And it's a payload. Right? I mean, obviously threat actors can encode it and do other things, or reach out to A, A C2 and pull down the payload itself so you can't find it. But in this case, they scattered it throughout and encoded it so it just looks like noise. Obviously, you know, there's static analysis and dynamic analysis. Dynamic analysis is better, obviously, because the, you know, the payloads have to be assembled for execution and at that point you can stop execution of the binary and review it and look at it and stuff like that. Ah, so here's a little, here's a little flex for Huntress. The, this particular malware targets 59 different EDR solutions on the market and disables them, but not Huntress. So if you're wanting to be protected from this, consider Huntress. It's, it's, that's a clever way to work in the, A little marketing push there. Oh, and it's, that's why Huntress was able to discover it because their EDR platform wasn't disabled. Because it. This tool doesn't see it. I will say really quickly, you know, hopefully, you know, people protect from this. There. I'm going to drop a link to this in chat. There's, there's a way to kind of protect from this particular attack. But if I was the threat actor, I would just update my code to work on the Huntress EDR now that this has gone public. Right. All right, Foreign. Definitely went over on time, guys. I'm Jerry from Simply Cyber. This has been episode 1062, Friday, February 6th. I hope you guys had a great experience, a great show. Thomas Collie, I hope you come back. We're gonna flip it over to Jawjacking, see what, what happens there. Let me do this really quickly. Oh, yeah, very cool. If you got to get out of here because you got stuff to do, holla. If you're gonna hang around, let's high five. I'm Jerry from Simply Cyber. Until next time, stay secure. Again, Thomas Cauley. Don't go anywhere. Like, there's another show right after this one. And if you stay tuned, I'll tell you that secret about the Olympics that I've gotten approval to share with you. Ever wonder what it takes to break into cyber security? Join us every weekday for Jawjacking, where industry experts answer your burning questions about the cyber security field live, unfiltered, and totally free. Let's level up together. It's time for some Jawjacking. Oh, hold on. Looks like we're gonna have a panelist member here. I'm just seeing this right now. All righty, guys. Welcome to Jawjacking. If you don't know what's happening here, I'm Jerry Guy. Oh, hold on. No, I'm not. I'm Dr. Gerald Oer. Hold on. What's up, everybody? Welcome to the party. My name is Jerry Guy, coming on live from the Buffer Oer Flow studio. This is a 30 minute AMA. Ask me anything. I'll give you answers the best I can. If I don't have the answer, I will. Oh, I guess it's episode 1063. If I don't have the answer, I will get you the answer. We're going to be joined by some other practitioners in industry, you know, and if you're wondering, isn't this the same as Dr. Gerald Oer? It's not. This is my alter ego. Dr. Gerald Ozier is a nerd. I am cool. Feel me? All right, we got a couple panelists creeping in here. This is good. So let Me bring the panelists on. First off, his camera's not on, so that's not going to work. We're gonna have real Bilbo here once his camera gets sorted out. We also have looks like potentially Zach Hill Fleet is post in the 3rd etc. So we're going to do that. Let me look at chat really quickly. I'm going to keep playing music until otherwise noted. Oh, my finger. What's the use case for the Protegrity Developers Edition? Oh, okay. Hold on one second. All right, let me look at chat. Hold on one second. Dude, I love the phone booth. I thought about that. But the thing is the phone booth came from the future, right? I didn't want to use Bill and Ted's excellent adventure because the phone booth came from the future. They had already worked out the details. We don't know about the R D about the phone booth time machine, the DeLorean. We know, we know Doc Brown made it in 1985. Right? So I guess to be an absolute nerd, I was. I was being very specific. Okay, hold on one second. I'm looking for this question about the protegrity. Hold on, man. Hold on. I'm like trying to get to this. Hold on one second. Where's the question, bro? All right. Oh, here we go. All right. So what's the use case of the Protectory Developers Edition from the video you posted? Is it just something to load in some data and sanitize it? Is it put on the network? No, you'd run it. I mean, you could put it on a headless server. Sean Saylors and if you guys don't know what I'm talking about, really quickly, this is the video. I release videos now, produce videos that are good quality. Like, you know, they got all the editor touches and stuff like that every single Sunday at 4pm I'm doing Sundays for six months to see if. If you know, that works well for the channel and for people. But this is the video that they're doing. I see people in. In the green room. I'm going to get to you in just a minute. Check it out. Hello. What if I told you so? This is that video right here. AI not exposure. Basically there is a. If you go to the show notes, you'll see that there is a link to a GitHub repo protectory developer Edition. Anyone can download this and essentially what's the use case? So here's the deal. If you are going to stick data in AI, you can use this to sanitize the data. You can use it to tokenize the sensitive bits of data and it's smart enough to know what is sensitive and what is not sensitive. Okay? So it can sanitize or excuse me, it can tokenize sensitive bits of data so then you don't lose referential integrity. So imagine if you will, you want to look at analytical spending habits of people who are customers of yours in, in the month of March 2025, right? So you could take all of that information from your databases, right? Like you know people, what people bought in 2025, right? So you could take all that data. Now we have email, name, maybe gender, location, credit card number. Okay? You don't want to stick all that in chat GPT. Believe me, you don't want to stick it in Claude. You could because you could do the analysis yourself, but that's going to take like two weeks. But if you stick it in clotting, you say, look at this data set. Identify spending habits. Four people that I could use for my March 2026 campaign to make the most amount of money for my business. AI is going to come back and give you like insights and you're going to be like, yes, that's awesome. But now you've taken all that data and you've stuck it in a freaking third party with no governance, no rules, no like contract in place and you're screwed. You use this tool and you sanitize it, they can have that data. It's fake data, fake names, credit cards are fake. But the thing is, if I used my credit card to purchase 10 things, all 10 of those purchases are going to have the same unique session token or sessionized token for that thing. So you still maintain referential integrity. You see what I'm saying? Also, you can use it for synthetic data if you have developers who are like, we want to build an app that works with our data set. Give me a copy of production data. Guess what? Old way, yeah, you could do that. But now you can just have this thing look at your production data, figure out what data assets you use, and then create synthetic data. So now your developers can make tools that work correctly for your data sets without giving them the data. Because spoiler alert, developers think that their dev environment is not part of production infrastructure. No production, your production infrastructure is your enterprise infrastructure. It's all co commingled, right? It's just production is like the forward facing, client facing piece of it, your dev. If your dev is vulnerable and a threat actor gets after it, they're going to compromise you. So anyways, that's what's up with that. Now, let me. Let me introduce you to our panel today. Hold on one second. Real Bilbo's saying something about something. Okay. All right, so here we go. We're going to bring in our panelists. Ladies and gentlemen, Real Bilbo, who shared a win in chat today. Uncommon on the stream, but good to see you, Bilbo. Bilbo is on stream, buddy. Maybe he doesn't realize it. We'll go ahead and bring Fleetus posting the third on. Hey, Fleetus. What's up, dude?

Fleetus Posting the Third

Happy Friday, everyone.

Dr. Gerald Ozier

I love it, Bill, if you are watching on YouTube, you have to be.

Real Bilbo

Well, I'm good.

Dr. Gerald Ozier

Oh, okay. All right. You were acting like you were on a delay or something. All right, hold on. Let me change my camera so I don't look like some weird oddball. There we go. Look at me. Look at us. Good to see you. So Real Bilbo.

Real Bilbo

Hey, what's going on?

Dr. Gerald Ozier

It's good to see you. Tons of experience at an MSP and just Cyber and all the things. He is a Fortinet fanboy, so we'll just leave that there. And then Fleet is posting the third SEC Ops and grc running more of like kind of a CISO show now. So we've got tons of experience in the chat for you. Zach Hill may be joining us. I don't know. How you doing, Fletus?

Fleetus Posting the Third

Doing well. Doing well. It's cold here again. I'm ready for spring. Ready for spring.

Dr. Gerald Ozier

I am ready for spring too, dudes. 35 and it's gross. Real Bilbo, how are you, buddy? Okay. Real Bilbo's giving us the finger. That's fine. All right, so we're gonna move Real Bilbo out. Okay. So, Fletus, it's me and you rocking the mic tonight.

Fleetus Posting the Third

Totally fine. Totally fine.

Dr. Gerald Ozier

All right. Hey, what do you think about this open claw thing while I queue up some questions?

Fleetus Posting the Third

So I think I shared something in your channel. I've shared a few other places. I think it was just not guardrailed correctly when it was deployed. I think, like everything else, let's go to market too quickly. It's been rebranded, what, three, four times now, depending on which side of the fence you're on. I've seen both sides. Just put it in a virtual. But then it doesn't do what it's supposed to do, or put it on your device, but give it puppet accounts again, still doesn't do what you want it to do. So you have to decide again. It's back to the age old question. Do you want convenience or do you want privacy?

Dr. Gerald Ozier

There you go. I'm deploying it on a Mac Mini back here. I had one. I know, I don't know if you've seen this, that Apple is blowing out their sales numbers because everybody's buying Mac Minis right now. I had one laying around. The first inception of Simply Cyber, before I. Before I started pushing performance boundaries, was on a Mac Mini. So I had one that I wiped yesterday. It's just, personally, I'm not going to just install and like let it go. I want to put in all sorts of security architecture around it because I don't know how, you know, it's AI man. I don't know how smart it's going to be and how it's going to help me.

Fleetus Posting the Third

What I've seen so far is it takes any metadata it can get a hold of. So if you've got any cookies, persistent or non persistent, if you've logged in any browser sessions and you let it. So for all those people who've just logged in and remembered everything, it's learning every bit of that. So anything that you saved a password, especially if you saved it into the browser, any cookies you've got in your box that you haven't cleaned it up, it's looking at all your history. It's trending off of all the ads that you're getting. So all those 301s that are served up for all of your web surfing, so it's gathering a lot of data on what you're doing. So to your point, if you keep it in an isolated spot and control what you're searching, you're going to control your blast radius for now. But if you ever accidentally log in with your Gmail account or go somewhere that's got an Internet presence, it's going to find it.

Dr. Gerald Ozier

Yeah. There you go. Bilbo looks like he might be back. Let me, let me bring him back really quickly.

Real Bilbo

Yes, sir.

Dr. Gerald Ozier

All right. How are you, Bill? I'm doing well.

Real Bilbo

How's everyone out there?

Dr. Gerald Ozier

We're doing good. We're doing great. I will tell you just on the Open Claw thing, you know, everybody's going to have their own approach to architecture. But for me, I wiped the Mac Mini fully and I'm going to create. I'm going to create like I'm calling my bot Urza. Just whatever. Just whatever. I'm calling it Urza. And I'm going to create an Urza Dot Simply Cyber at Gmail account for it. I'm going to create a, an Apple ID for, for Ursa. Like I'm creating its own everything. I'm going to download one password. Like I use Bitwarden, I'm going to download one password. So it's a different tech stack all together so it can have its own password vault. I'm actually, this is next level, you guys tell me if you think I'm crazy pills here. I'm actually going to go open a bank account and put 500 bucks in it and, and like that'll be its bank account. So we'll see what happens. I'll keep you guys informed.

Fleetus Posting the Third

You're actually not on a bad idea. The other thing that people aren't talking about, and I don't think they're realizing it, is if you've got pass keys or API keys, watch those because it's going to try to capture anything it can. And if you don't set limits on your APIs, you're going to get a nice little bill because it's going to utilize and it's going to start going out there. So you need to throttle them or you need to set up rate limits on your personal API keys if you're going to give it API access to anything.

Dr. Gerald Ozier

Perfect. All right, first question coming in hot. We've got Mara Levy, the app. Oh wait, hold on. There's gonna be two things here. She's talking about the Protegrity AI Developer Edition free GitHub tool that I talk about. It would reduce risk for using third party AI. But what's the risk involved with putting your data in the sanitation app? Isn't that also a third party? No, no, no. So Mara, this tool runs locally on the box. There's no. When you pull down the docker container, all of the intelligence and you know, capability is local on your machine. You can do this offline. So it's, it's, that's the, that's the difference. A school I work at has an upcoming job fair. We are a virtual school. We're accepting pre recorded submissions. Anyone interested? It's a way of giving back to the community. So if you are interested in this, connect with Angular 777 in chat. But Bill, I would like to ask you, let's say the answer is yes, you are interested in submitting a pre recorded submission to a job fair. What would you put in that video? Advice. It's your kid who's like, dad, I'm going to apply to this thing. What should I put in this video? Give, give us the outline.

Real Bilbo

Well, you know, the first thing I would say is go to Simply Cyber IO and start data mining the site to find what you need. And I'm going to beat that drum really loud. Because when I came, when Jerry and I last saw each other in August, September, time frame, I left DEFCON at my highest in my career. I felt amazing. When I left DEF con, everything was going to be good. And then I got back to the office and I realized I was still in the toxic environment, the culture still sucked, and I was still being exploited by the people that I work for. And so I just kind of fell off the thing and without all the content that's out there. But to answer the question, I would start number one. You gotta have a LinkedIn, son. You gotta get that set up. You gotta curate it. You wanna make sure you use every single ounce of space on that YouTube to promote your brand. Now you have to have a brand. But I'm just a sixth grader, dad. That's okay. What makes you unique? What makes your skill set unique? And what makes you the right choice for the person that they're looking for? And then once you have that brand built, you need to work on the network. And I'll, I was, I'll say, three years ago, I was skeptical on the network. I used to refer to LinkedIn as the place where all the college kids posted their pedigrees because, you know, I came from a blue collar family. At 50 years old, I still didn't have a degree. I learned everything by reading books and cutting my teeth on, you know, ojt. Essentially that's on the job training for the youngs out there. And once you have your network built, then the rest is just gonna happen. And I know it sounds fairy tale and fantasy like, but that is the truth. What if you build a network, you invest in your network and, and you give back to that network. Don't just ask, hey, what can you do for me? Hey, Tyler, I want to be a pen tester, bro. What can you do for me? No, what can you do for Tyler? How can you help out Jerry? How can you help out Fleetus? Like, don't worry about them helping you. If you're there for people and you, you know, hey, Fleetus has a question. He posts some weird, you know, situation that he's going through on LinkedIn about, you know, a log that makes no sense to him. He's not going to post any details. He's just going to post maybe a one liner. It's like, yeah, this Log is my friend today. And maybe you have some input. You've seen it before. Maybe you just fixed your clod bot, you know, and so you can give him the info, then he's going to remember it. Like somewhere down the line there might be a job in his organization or at the school. Since we're focusing on the job fair, there might be a job at the school that, hey, we want to implement this automated cloud bot, so what can we do? And fleetus is going to be like, hey, you know, Bill's pretty smart. Like he gives in, he helps everybody out, he's always there when folks need him. So we know he's reliable and he knows claudebot. We should look at him. So summarize that because I know I said a lot. You gotta have a visual presence online. LinkedIn is great. It's easy because folks don't. Not everyone wants to do YouTubes and write blogs. You gotta have a network. Once you get that network established, you have to contribute to the network. The network is not there to give you anything. The network is there for you to invest in. Once you're invested in the network, just sit back and wait, watch the beauty happen.

Dr. Gerald Ozier

Fledus, what do you think about what, what should be in this prerecorded submission?

Fleetus Posting the Third

Yes. So first off, find out like if they have a size limit, if they have a requirement, do a little research because you don't want to go too long winded, you want to go too short. So introduce yourself real quickly. Give any accolades if you have them. So what is your pedigree of any type of. If you have any certifications, mention them. If you don't have them, talk about your working knowledge of comptsec plus, of siht nist, whatever you want to talk about, whatever control you're most passionate about, and align it back to the job description. So when you're recording, talk about how you fulfill the bullet points in the job rec while highlighting what you've done to apply it and how you continue to learn about it. So highlight it real quick, keep it concise as use brevity where possible, only expound on something if it's something that they keep calling out. So they say AWS four times. Spend a lot of time on AWS. If they don't briefly mention AWS and then move on to the next topic.

Dr. Gerald Ozier

Yeah, 100.

Real Bilbo

Yeah, and I guess I missed that. You know, when it comes to the, the actual video itself, my like to the video and the submission, I would try to make a commercial. I would try to make A commercial that, that told why you were the right fit for that job. If you don't know, you know, what content or how to make that commercial, just go watch any, go watch 10 minutes of regular air TV that has, you know, 10 minute show is going to have seven and a half minutes of commercials and look at how they build the commercial and just make sure your commercial ends with a call to action and you'll be good to go.

Dr. Gerald Ozier

Yeah. And you can also, essentially what this commercial is, is you're marketing yourself, right? There are really well defined marketing frameworks. So if you ask ChatGPT or whatever, like I want to do this pre recorded submission, here's who I am, here's the job, give me a marketing framework in order to execute this script effectively. And that's where like you identify a problem and then you irritate the pro or agitate the problem and then you're the solution. Like, you'll, you'll see like if, if once you understand these marketing frameworks, when you watch a commercial, it's almost like you're like watching it on rails. I will also put in there just, this is kind of like a bonus thing because when I was young I, I didn't appreciate these things, right? So like if you're gonna send in a pre recorded submission, like my suggestion, like yes, you could like do a handheld and be like, what's up? You know, I'm, I'm the person for the job, right? Like I would suggest maybe spending 20 minutes and actually get your phone set up. You know, whatever. If you're going to use your phone, get your phone set up, get the lighting okay, make your background look okay. You can, you can put the effort into like shape it, okay. Because what you're going to do is implicitly convey standards, quality, expectations. Like for example, let's say I'm, you know, let's say I have a PhD in cyber operations and I'm, I'm doing a pre recorded submission for a video, but I'm standing in a dumpster on, at a, a rest stop off the highway and there's freaking noise everywhere. You can literally see trash bags behind me and I'm just filthy looking. I'm like, what's up? I've got a PhD. I'm perfect. Like people are gonna be like, I don't give a damn about your degree. You are disgusting, sir. Like I don't want you here. So that's a hyperbolic example to make the point of why you should kind of lean into the other direction. So don't just think about what you're going to say, think about the entire packaging of what you're going to be delivering for that pre recorded submission. So a couple people. Go ahead, Bill.

Real Bilbo

One quick thing you can do too is chat, GPT, Gemini, Claude, whatever your choice of AI is your friend. You could easily say I want to create a video submission for a job fair utilizing a style similar to insert commercial name here or brand name here. And then build me a script that helps me keep it to and give us some timelines to, to meet the, the constraints that Fleeta said to identify earlier.

Fleetus Posting the Third

Yeah, and to that too. One more thing before we move on. It's a good question. You're going to do a lot of video interviews. More and more companies are giving you questions to answer you record it and submit it so they don't have to do the screening interview. When I was in the middle of my reduction enforce this summer, I submitted virtual interviews. So this is something you should practice to Jerry's point. Find a comfortable room, find a good setup and be comfortable recording two to three minutes per question because they're going to ask you to do two to three minutes per question. That's all they give you. And depending on their platform, they may let you rerecord, they may not let you rerecord. It may be a one time submission. So practice, practice, practice for this because it's going to come up in your career.

Dr. Gerald Ozier

Yeah. So couple follow ups from people and if you have questions, drop them in chat. TJ's asked about the Olympic hotness. So really quickly I mentioned this earlier. So Fledus. Bill, if you were not watching the show when the Olympic story came on, I have a friend. Okay, so for those who are just joining us, like quickly, I have a friend who was responsible for cyber security at the Olympics. I, I think it was Lily Hammer. It doesn't matter. It doesn't matter. Yeah, so I was having breakfast with him. He's like, you know something that's really interesting? There's three networks at the Olympics. There's the Olympic Village network where all the athletes are doing all of the nonsense. Okay, so that's like one network. Then there's like the Olympic Business Network. Right. So all the people who are running the Olympics and stuff like that, and there's a third network and it's the most important one. It's the one that had the most money spent on it, the most secure, the most critical for the athletes. No, no, it's for the timing. The, like the timing of the events because we're talking about like world records and it's just like those systems cannot be compromised in any way. Like the, like the integrity is exceedingly high of importance that they put so much resources into making sure that those systems are incredibly well protected. So I found that interesting. It makes sense but like, you know, it's, it's wild. So that, that, that was the fun fact about that.

Fleetus Posting the Third

I may have shared something similar, but they do the same thing with the stock exchange. Depending on where the brokerage they will run the exact amount of length of fiber so that there's no way of getting a trade in a half a second millisecond before. So making sure you have the right security, right networking is important. Just to add on to that. I don't know if I've shared that in the past, but when I first learned that it made sense to me. But I was like, it never made sense that all of the brokers that were around have the exact amount of old fiber sitting in their data center to make it the same no matter where they're geo located.

Dr. Gerald Ozier

I've heard on again, I've never looked into it, but I have heard that, you know, some brokerages will like where they're physically located, like with proximity to like, you know, the ocean for like the European, you know, coming over, it's faster and stuff like that. I don't know, I, I just, I, I suck at that. Someone says what's the purpose of the bank account? So I was talking about opening a dedicated bank account for my clawbot. This is because if I, if I wanted to do something for me like, like I want you to start, I don't know, like affiliate marketing or something like that. Like I want you to start a blog that can generate me money on home technology innovation, like home smart home stuff. And I want you to do it go. I want it to be able to have access to money so it can sign up for a professional substack account or professional, you know, insert blog platform here. I, I don't want it to begin executing a business plan and then it run into a financial problem or, but, but I don't want to give it access to my bank account. I want it to have its own bank account. And someone mentioned overdraft fees. I mean I would just literally tell it not to overdraft. Like just look at the balance, think about what you're doing and you know, don't, don't overdraft. We'll see. I mean, I don't know, fun Question from Dream Logic for the panel. What's your favorite games? Not a cyber question. And then she put in game platforms. PSP, Nintendo, etc. I'll leave it to you guys. You can. You can drop a platform or you can drop a game if you like. I'll go first. As much as I love. I love all sorts of playing video games and stuff. I will say that Magic the Gathering arena seems. I probably have like a thousand hours on that game, according to Steam. So it's. That's what it is. But I always enjoyed the original PlayStation. I got a lot of fun out of that growing up. Pletus, what's yours?

Fleetus Posting the Third

So I still revert back to Mario Kart. I played on all, all the Mario. So on the Switch. On the Wii, I've played it on Nintendo 64. I revert back to just playing Mario Kart.

Dr. Gerald Ozier

Yeah, there you go. That's a fun one. Always a fan favorite. Bill, you got a favorite game platform?

Real Bilbo

So Jerry's been dying to tell everyone that I got married back in November. I actually got married three days before I got fired. I should say three days before I got married. And I kept that secret from my wife. Anyways, answer the question. We ended up. When I got. When we took our wedding trip, we agreed that it was going to be technology free. This was a little anxiety driven because we had one phone. We got a different phone with a different phone number and only gave it to the couple people that we wanted to get a hold of us if they needed to. And so because we were tech free, we had to find new things to play. And my wife and I discovered this game called Uno. No mercy. And let me tell you what it is. A hoot.

Dr. Gerald Ozier

Okay. Uno. No mercy. Thank you.

Real Bilbo

You can make someone draw 24. The object is to put 25 cards in somebody's hand and then they're out of the game.

Dr. Gerald Ozier

Oh, okay. I like it. If you got favorite games, favorite platforms, drop them in chat. I see a lot of people dropping those in there. If. If you're a big fan. My son has a. A gaming computer or whatever, and he downloaded Call of Duty, Modern Warfare or whatever, like the, the free one that's like free to play. He's like, dad filled my entire hard drive. I'm like, yeah, welcome to. Welcome to modern Gaming. Yeah. Bill Reynard wants to know what video you were referencing back in the Super Chat when you said that the videos helped you.

Real Bilbo

Well, so it was a whole series of videos. And Jerry, I have to link them because I don't have the ability to link them, but Jerry has a series on how to curate your LinkedIn. So all the things I said in the first question, how do I set my LinkedIn up so I get the most value from my LinkedIn and it provides information about me, who I am, what I do, and why I would be a good fit on your team or just simply why you want to hang out with me. The second piece, he has a series, how to transition to cybersecurity from any job field. He has specific job fields. He has any job fields. So go look at it. He also has a bunch of podcasts. The produced videos. They're not produced videos. They're actually interviews with. What's the. The cat's name? I can't remember. You guys did the whole interview series? The. Build your resume.

Dr. Gerald Ozier

Oh, Stephan se. Yeah, there.

Real Bilbo

Thank you. And so in that, like, they do that then. So that's the video. And then let's see, what was the third one?

Dr. Gerald Ozier

If you go to simply Cyber's YouTube channel, this is the ChatGPT powered cybersecurity career boost. So this is the playlist that shows you how to chatgpt to fix your resume. Get the right. Get to an interview, crush an interview and do that. This is the video series on building, you know, basically a YouTube podcast or personal branding. And then there was one in here around. Anyone can pivot into cybersecurity. And I do, like rabbi to cybersecurity, school teacher, you know, truck driver, etc. I'm trying to find that particular one, but they're. They're all in here. Go to the playlists on simply or YouTube and. Oh, it's this one right here. Anyone can pivot.

Real Bilbo

Anyone can pivot into cyber security. There it is.

Dr. Gerald Ozier

Oh, my God. So, but watch.

Real Bilbo

If you watch one of those videos from that video, it'll start like informing the algorithm what you're trying to do with the videos. And the next video suggestion is going to be, you know, cyber security for, you know, how to get into a soc analyst, whatever it is. You know, when I started hanging out on Simply Cyber almost four years ago now, four and a half, I think it was Jerry's, like, almost every question he got started with, I have a video for that. And then he would link the video. He's got so many videos now that we don't hear it as much as we used to back in the day. The nostalgia just, I. I missed the nostalgia some days.

Dr. Gerald Ozier

Yeah.

Real Bilbo

The key to that, someone, like tying it back to this, to the video interview Question. The other thing you're going to want to do before you shoot that video, before you do any of this or as you're doing all this, you want to use that network. So join communities like Hack Smarter, where you can do mock interviews, you can get resume roasts like all the things used to do. That's another thing Jerry used to do that helped me out a ton. I thought I had a nice, well put together resume. I sent it to Jerry and said, roast me, please. And, you know, from that I learned what I needed to do better. I thought, hey, I'm a hiring manager. I know how to build a resume. And I got so much valuable input just by putting myself out there and letting people critique me. That helped me for the long run. One for, two, for two reasons. One, it's not the first time I'm hearing it. So if I hear it in an interview, the emotional reaction is already gone. Now I can just digest that and be like, hey, I've heard this before. I'm going to respond this way. And the second one is, practice, practice, practice. The more natural it is, the better it feels. That's why I said, use the commercial aspect. Jerry said, rehearse. If you wanted to do the video by the dumpster, it might be plot, it might be, you know, the right idea. If you're trying to present yourself as the guy that puts out dumpster fires, right? Maybe you light the dumpster on fire. I don't recommend that. It's probably against the law and you want to be in a controlled environment, but as long as it's on brand to what you're trying to do and, and where you're going with it, that's what's going to help. And that's what I learned from Jerry. That's what I learned from watching success story after success story. I thought, hey, this is all just for new, new people in the field. I've been doing this for 20 years. Like, I know what I need to know. I'm just here to help out. And in the end, it was the community that helped me.

Dr. Gerald Ozier

All right, next question coming in. And Nick Dowd says he doesn't. I don't know what video you're talking about. Nick, you say you don't have time for the video. Just answer the question. Let us know what question you're talking about. But, like, the reason that we make the videos is because, like, whatever your question is, if I have a video for it, that means, like, if I just answer your question, I'm going to say exactly what's in the video. So by doing the video you can consume it when you want, you can pause it, you can watch it again, you can take notes. That's why the video exists. So I don't think you're actually getting any benefit by not watching the video and just hearing me answer the question because it's a repeat of what I'm saying in the video. Next question is coming in here. This is a good one. Fleetus putting you on the hot seat. Overemployment, ethical or not, how would you manage and please define overemployment really quick.

Fleetus Posting the Third

Yeah, so overemployment is holding multiple W2s or full time positions and or working for another employer while using another employer's asset or time. So be so here's the thing. If you are a purely office employee and have no hybrid status, overemployment is very hard and is unethical because you will be carrying multiple laptops into someone else's work, potentially joining their network and doing additional work. The only way that if you are a, let's just say W2 so an FTE and you overwork is if you do a night shift. So you have a day job, you work 8 to 5, you work a night shift, it's 8 to 4. That could probably work. That's not unethical. It's only unethical if it's a competitor. You cannot work in the same industry or for a competitor in which you work for. Same goes if you do a consulting so a 1099, you're going to sign NDAs, you're going to sign in non disclosure agreements and you're going to have to be prepared to say no to contracts because of certain clients that you hold as a consultant. So you can get in trouble either way so long as you don't have a policy that states you cannot. Some employers now say you cannot have any other job, especially if it's a publicly traded company. They don't want you to be on board, they don't want you serving in communities, they don't want you having works. You can't even have a side consulting gig. So be very careful and read your employment contracts. When you start, ask in your interviews, is it okay to still be on a board and have a paid position? Is it okay to still have my side consulting business? How do I disclose my speaking engagements? Had a close friend of mine who was a CISO at a very large Fortune 50 company. They finally phased him out because he was being paid and speaking on the side, he was okay with it, but it finally became a conflict of interest and when they had to do their reduction in force, he was one to be let go. So can you do multiple work? Yes, I'm sitting here today. I have a full time job, I have my consulting, but I disclose that to my employer and if I have a conflict of interest, my employer is going to win out. I have to stay with my W2, my FTE, my full time position, not my sidekick, unless I'm willing to resign. And then even if you do resign, there's probably a clause there, you can't work for them for X amount of days. Which leads us into a whole different discussion on non competes. Most states have now banned that you can't enforce a non compete but there are certain roles that they will come after you civilly if you go from a CTO of one company to a CTO of a competitor. So be very cautious if and when you move around. I know that was a long winded answer. I'd love to see if I answer your question, but that's where it gets tricky. It, it depends. What is your employment agreement? Say, is it a conflict of interest and are you using your current employer's time to get double pay? So those are things to weigh and.

Real Bilbo

I can piggyback on that. How you would manage it? It's a little easier to manage if you already have it established when you're going into the employment because you can disclose that after the job offer, Hey, I have a YouTube channel and I do X, Y or Z or I have my own company and I kind of focus on small business. I the job. I'm not beating my drum here, but the job I've got today is my best paying job of my entire career. And in the interview once they, or I should say the meeting we had after the job offer when we started the negotiation process, I said hey, I have a 1099 or have my own LLC. I do my own work. I have these types of clients. I just want to make sure you guys are going to be okay with that going forward because it's not something that I'm willing to sacrifice. The CEO looked me dead in the face and said how much do I have to pay you to get rid of that? And I said none. You can't pay me enough. It's job security. In some ways there's no conflict of interest, especially now I moved out of the MSP space completely. So I'm an in house. I do OT and it, I, I helped the IT Side, but I'm primarily doing the OT side now for a large, large, large mining company. And so to me, I saw no reason why that we had some discussion back and forth, and his concern was like, hey, when are you going to be doing this? And I said, like, I, I can do it outside of your time, I promise, you know, if the channel goes live as I. I wanted it to, it will go here. My people are. Are here. And I only work on these guys, you know, they're smaller, so they won't bug me during the day. And if they do, you know, I'm ethical. So I will let you know, hey, I have to leave or I have to do X, Y or Z because my job is remote. That's the other winner, winner, chicken dinner for me, man, is like, the only thing I cared about was that this place was remote. And they're like, they agreed, like, after we talked it, we worked it through. It's in my HR file. So if anyone ever goes and complains, they can go back and look and say, no, that we discussed this. These were the limits, limitations that we set. This is what we agreed to as a company. And so just be upfront. Don't try to hide it. The more honest and upfront you are about it, the more comfortable the employer is going to be with it.

Dr. Gerald Ozier

There you go. Solid guidance and advice on how to kind of how to manage this. I will say there's different, like, almost different definitions of overemployment. Like a Covid. Early Covid over employment was like, literally, like, people would have like, five or six jobs.

Real Bilbo

Yeah, that's.

Dr. Gerald Ozier

And like, that's right with the goal of being fired in 90 days. And like, I. I even saw someone who's like, I make a million dollars a year now because I have six jobs that pay like, 150 grand, and I'm expecting to get fired from several of them because. But who cares? It's going to take 90 days for them to fire me. And I've made, you know, 40 grand doing nothing. And to me, that's like. That's like egregious. Like, you are literally doing that to steal money versus, like, trying to juggle.

Fleetus Posting the Third

Multiple things from Sean Burns that I want to address real quick. He didn't put a question mark, but it aligns very closely. Be very, very cautious if you develop code or product and move it around. If you have multiple roles. You said you were similar about one role and wanting to develop your own product. And can you. Will the company come after you for building Said tool, maybe if it looks the same color, the same skin, the same layout, they probably make eventually come after you. But they may not. They may say you wrote this code on your own dime. If that code never touched that corporate asset, you're fine. Because they can't ever see it in your GitHub, your GitLab, your BitBucket, whatever your repo is, you're fine. But if you did any part of it and it goes live, it's their code. Even if you wrote it's their WebEx, their UX, it's theirs. Can you recreate it? Yes. And Jerry has talked about that. And I've heard others talk about you can recreate anything you've done, but you have to spin it enough that it's now yours. It's kind of like when you write a paper you can plagiarize without plagiarizing. As long as you can refactor it and write it in your own sentence, it's fine. You don't have to cite a piece of code. You can say you were inspired from your role, great. But think of it that way, when we're trying to do that and be very cautious. And to the people in here, if you really feel like it's, get a lawyer, ask them, go get a retainer with a lawyer and have them evaluate the contract to make sure you're protected so you can deploy or start this company.

Real Bilbo

And I'd say save yourself a little money if you've already created it ahead of time. Before you bring it into the corporate environment, float the idea to your supervisor, to the vp, whoever it is that you work for, let them know it's your intellectual property. You have a tool that you think would help out and it's more effective or more efficient just for you to bring that tool in, but you want to maintain control of that tool. Um, it's. It's not hard to do. Everyone understands IP stuff ahead of time. What the employer, in most cases is trying to do is ensure that they didn't pay you to write something that you're going to go make a bunch of money on the backside from on their time. So if you're like, hey, guys, I want to build this, I'll do it all on my time outside of the office. I think it'll be huge for us, but I just want to maintain the intellectual rights to it when I'm done. Most of the time, if you're working for the right place, place, the culture's good and they're ethical themselves, you're going to get some meet me in the middle type thing at worst. But most of the time I'd say you're going to get the green light to do what you're going to do. Just make sure you uphold your end of the bargain. Don't work on it at work. Don't steal code from the office and move it into your code. Like make sure it's your, your property, your intellect that you've put together.

Dr. Gerald Ozier

All right. I love it. And it's definitely not a conversation you want to have afterward. Like you don't want an icky conversation. You want it crystal clear. And by the way, I would another like, I guess just like lesson learned is like, say you talk to your boss and your boss is like, no, this is cool. Well, guess what, like six months from now your boss quits or gets laid off or they go somewhere else and your new boss is an a hole. Right? Maybe, maybe you don't have that anymore and it's, you're all the way down the road where you're, you got this thing in production making money and now it's not yours. So make sure that you get things documented. You get like, you know, approval or signatures or something that you could basically defend in a civil trial. Which I know sounds crazy and I don't want to get a lawyer and fight my company. But like, you know, it's easier to get it up front than it is afterwards when you're having a, you know, an icky fight, if you will. Right.

Real Bilbo

Word of advice on that too. Make sure that letter, that email, that permission comes from hr.

Dr. Gerald Ozier

Yeah.

Real Bilbo

Coming from the CEO doesn't help you. Coming from your supervisor doesn't help you when it, when it comes down. Push comes to shove and you've got to get litigation or a lawyer involved. HR is the one like that's the one that's going to save your bacon because they're the ones that are all about, you know, employee compliance and they keep it in your file and it's not going to disappear there if they leave. It's still going to be there. You know, they're not going to change their opinion because they're the representative of the company that approves employee changes in one off situations like that.

Dr. Gerald Ozier

Yeah, 100%. So let's let. I don't see any more questions right now. If you have questions, drop them in chat. But let's spend a minute talking about our amazing panelists, Fleetus. You have a YouTube channel and some podcasts that you're working on. What do you? Where can people get some fleetus in their life and what could they expect if they go to those destinations? Sure.

Fleetus Posting the Third

So my channel, I started it right as I joined this community just over two years ago. So it mainly expanded upon a Food for Thought series I had been doing on LinkedIn for the last several years, turning into video blog, so you'll see those. I've kind of backed off on video blogging my Food for Thoughts and switched to just putting out some content that's related to an AI business cybersecurity class that I'm teaching. So I put out some content around that AI class. I've been refactoring some of my lectures and putting them on my YouTube channel, so those have been coming out. I think I'm premiering another one on Monday around Business Risk. So that'll be there. And then on Saturday mornings I try to put out roughly every Saturday. It's two to three Saturdays a month. A cybersecurity sipping. So something you can grab a cup of coffee, sit and listen to for about 15 minutes that you can turn around and apply to Monday morning. So I talk about anything from AI assistance was my last one. The marketing ploy of just making it be your assistant. I talked about a few different things around security theaters. You can see on the screen how that applies. And then I went live. I tried to do a little banter series periodically and I talked about the fact that cyber is not a one time thing. So when I went live on, I think it was Wednesday, I was talking about just the fact that cyber security is continuous. It's always continuous. Continuous monitoring, continuous audit, continuous packaging. It's not a point and click, it's not a checkbox. So you can find that there. I just helped stand up our DEFCON chapter here in Charlotte. So we revived it after being dead for about 10 years. So we have our chapter meeting here on the 6th. Yeah, the 16th. Monday the 16th. Got some friends from the Simply Cyber Community who's been sponsoring it outside of it. So it's been nice to see them come through it. And then I'm looking to get into a few more talking engagements this year. I'll share them on my LinkedIn, but if you're in the Charlotte area, find me. I'm plugged in with Issa now, the DEFCON chapter with IAC too. So there's plenty of opportunities to plug in in person. But if you want to virtually find me, follow me on LinkedIn. I put out some content or look at my YouTube channel. So I Appreciate the opportunity to share that.

Dr. Gerald Ozier

Absolutely. And Bill, if you can drop a link in DMS here on Discord, something we can use. But people like Bill, Bill's story, you know, getting married, turning a negative into a wicked positive. As far as the job front goes, I know you're doing some YouTube content, you're running your own business as well as W2, so a lot of value can be garnered from your experiences. Where can people get more Bill in their life?

Real Bilbo

Well, right now the YouTube thing's kind of on, on hold to, to kind of wrap all that up. I was on James McQuiggins podcast. It was. The timing was perfect. The weekend before Thanksgiving, I was rolling out my first video for my YouTube channel, my first live stream. I did that, went to work the next day, got called into the CEO's office and the discussion started about the YouTube channel and the YouTube content. Because I was doing some video content for them.

Dr. Gerald Ozier

And.

Real Bilbo

It quickly evolved into, you know, a difference of opinions that led to me basically departing the company. I. I wasn't fired. I tell everyone I was fired because they, you know, whatever. I don't care how you, how you depart the company. So it kind of changed everything because now, three days later, I'm going on the thing anyways, fast forward. I'm looking to relaunch that here in the next couple of weeks. I have went through the longest onboarding process, the background check. Hiring process for this job took 45 days. I had to get like basically all the same stuff I got when I got a clearance in the army. And it's just been overwhelming. I'm drinking from a fire hose and that's unusual for me. I usually walk into an environment and I'm very comfortable with it. I've done my job for a long time, so I'm good to go. But I'm in a new realm. Like, OT is a different beast. If you've never worked in it. There's a lot of. You just can't go in there with a machete anymore. And I'm working in mining. So one of the things that a lot of people don't think about in mining is water. When you're underground, water builds up very fast. That's all ot controlled. There are 500 people's, you know, lives at stake in any given day underground, you know, based off of my. My IT stuff. So it's. It's been overwhelming, it's been very humbling, but it's also been very rewarding at the same time. So I appreciate you trying to Plug that. I will get it back out there. For now, folks can find me on LinkedIn on. And if you want to watch me play some video games, you can check my YouTube channel out there at the Real Bilbo. But all that is is for me, me decompressing and playing some magic. The Gathering, some World of Warcraft or possibly some Battlefield.

Dr. Gerald Ozier

Say less. Bill. Let's go on the magic front.

Real Bilbo

Yeah, I'm in. Dude, I'm probably hooked just about as bad as you are. I took a long break because I had to get priorities back in order.

Dr. Gerald Ozier

All right. No, I love it. I love it. All right, guys. Hey, it's Friday. Everybody's kicking it. I do want to say really quickly, I see that there is. We're scheduled to have an AMA in the Discord server today. Today is someone incredibly special to me's birthday. So I was not going to be working a full day today. I didn't realize the AMA is today. So that may be happening. That may not be happening according to. Let me see really quickly. Yeah, it does say today at noon, so stay tuned for that.

Real Bilbo

There's one more that came in. It's right in your way, Jerry. I'm a GRC lead and I want to start consulting company focusing on developing security policies and any advice.

Dr. Gerald Ozier

Yeah, I mean, I can speed run that here. So let me, let me, let me pull this up really quickly. GRC Lee, want to start a consulting company? Yeah, I mean you can totally do that. There's going to be a lot of need for GRC people and basically businesses that don't have any infosec wanting to get straightened out, especially if they have to comply with hipaa. I started a consulting company doing like risk assessments with risk mitigation outputs for those work, you know, basically just explain the value. What. As far as like, I guess advice number one, sales is going to be your hardest thing. You are going to be doing time for money, which means when you're working, you're not selling. So you're going to run into this feast or famine situation, which is very frustrating. If you can. I would work W2 while building this business up, not just quit cold turkey and try to start this business. And if you can go speak in your community, like at Rotary meetings or anywhere to like get the name out and the final best practice, if you can, you can offer to do like say four or five engagements for free, which you might be like, that sounds terrible. Like that's a terrible business model. Do four or five engagements are free and say listen, I'm starting this practice. I'm good at what I do. I will work for you for free. In exchange, I would like an honest testimonial of what your experience was like that I can use for sales. You're talking to business owners. They're going to get that you need testimonials for sales. But the real hidden value is that if you kick so much, but they're going to tell their, like, say you go to a dermatologist and you crush it there. Dermatologists talk to other dermatologists about their business. They're going to be like, oh, like, I know a cyber guy now, and you can be that guy. So that's the best practice. All right, guys, we're going to wrap it up here. I hope everyone is straight crushing it. Bill's crushing it. Fleetus is crushing it. I'm doing okay, myself. Super pumped, guys. Everybody have a great day. Thank you, Fleetus and Bill, for joining the panel. Everybody keep crushing. Yep, my pleasure. And until next time, everyone stay secure.