Loading summary
A
Foreign. Well, good morning everyone and welcome to the Simply Cyber Daily Cyber Threat Brief. I am your fill in host, Daniel Lowry. Jerry is still on vacation. Hopefully he's enjoying that. Hopefully he's getting refreshed and recharged, reinvigorated, ready to tackle the cyber world as he makes his triumphant return next week. Because yes, that is the thing, kids. Burnout is real. What about Israel? Burnout is a real thing. Do not let this, this game grind you into the dust because if you let it, it absolutely will do that. You got to take some time from time to time. I myself have even taken a little bit of time away from things like LinkedIn and stuff this last few weeks, trying to just step away, have a little breather. So hopefully you have as well and we'll be ready for. Because now guess what? It's 2026, baby. Here we are. Brand new year just started. I mean we didn't have a show yesterday, but today's the second. It's close enough, right? I can still, I can still smell the first, so we're close enough. Thanks for joining me everyone. See a lot of cool people in there. James McQuiggin in the house. What's up, Jimmy? Love to see you there, brother. Dennis Keefe, always a pleasure. Who else is in the house today? Larry Shervington Jr. You know. Was your dad unavailable? Yeah, just send his son. No, just have some good times. Space Tacos. Good to see you there. Marcus Kyler as well. Divine Dream Divine. Carrie Chase and Steve Young. Anvil3589 Marlon J122. A pleasure as always. Sabertooth Sam. That's a great name. Ah man, here I am with just my own stupid name, doing my own stupid name things. But hey, great to see everyone today. Ad tech in the house as well. Just. Yeah, Cheat hall. I don't know. Anthony7919 mpln b8z Bates. I don't know. Cool name though. Good to have everyone here. Justin Goal. I just saw you pop in there, man. I could probably do this all stinking morning and and shout outs to everybody here today. Glad to have you. Let's run through the housekeeping as we do. If you are new to the daily separate threat brief, you know what to do. You get into the chat room and you just say, hey, how's it going everyone? I'm new so we can say hello and greet you properly. It's always a pleasure to have new folks around here. But for all the oldies and goldies out there, we're never, never sad that you are here. We are always happy to see you joining us. Let's see here today is as I mentioned, Friday, January 2nd. This is daily cyber threat brief number 1037. For those of you keeping score at home. You are now starting the new year. So you got to keep track of these things so that you can do what you can. Get that half a CPE for every episode that you watch. So you gotta track, track these things. Get that half a CPE so by the end of the year you can pick up those CPE credits for whatever you need them for like certifications and things of that nature. All right, so that said, let's get to Jerry reading them sponsors doing that sponsored ad sponsored thing that he does oh so well and get paid in bills just a little bit. And then we'll get to the CISO series and see what's on the plate for today's headlines.
B
Want to give some love to fortify 365? The Microsoft 365 configuration solutions from Barricade Cyber Solutions. Barricade Cyber brings you all the knowledge in the incident response form, but they are also quite adept at helping you configure and set those protection controls for your M365 instance. Go to fortify365.com today to talk to Eric Taylor and the team over at Barricade Cyber and make sure that you are taking full advantage of all the configurable security controls that you have in your M365 instance. Fortify365.com today. Also want to give some love and some shouts to Anti Siphon Training. Holla Holla. Hollow at Anti Siphon Training, the group that is disrupting the traditional cyber security training industry by offering high quality, cutting edge and education at a discounted rate. For so many people out there, their rates are insane. Some of their courses free or pay what you can. It's amazing. Go to ant-training.com today, check their upcoming live training, their on demand training, government and military discounts. I mean it's absolutely crazy. I love it. Maybe not government and military discounts. I made a mistake. They've just aligned their training to NIST. Nice framework. Also pretty awesome. Thank you anti siphon training.com and of course as always we've got Threat Locker kicking it. We'll hear from them and then back to the news. I want to give some love to the Daily Cyber Threat Brief sponsor Threat Locker. Do zero day exploits and supply chain attacks keep you up at night. Worry no more. You can harden your security with Threat Locker. Worldwide companies like JetBlue Trust Threat Locker to secure their data and keep their business operations flying high. Threat Locker takes a deny by default approach to cybersecurity and provides a full audit of every action allowed or blocked for risk management and compliance. Onboarding and operation is fully supported by their US based Cyber Hero support team. Get a free 30 day trial and learn more about how ThreatLocker can help prevent ransomware and ensure compliance. Visit threatlocker.com DailyCyber.
A
Well, thank you Jerry for those wonderful ads and you good folks out there should avail yourself of those excellent resources. That said, it is time for us to get to the news. Let's get to it. Let's do this thing we do first. I gotta show you my screen so you can see these wonderful things. There we go. And now, Mr. Steve Prentice announced the.
C
Seizure of a ship suspected of damaging a subsea telecommunications cable in the Baltic Sea. This is after a series of faults.
A
Were detected from the CISO series, it's cyber security headlines.
C
These are the cybersecurity headlines for Friday, January 2, 2026. I'm Steve Prentice. New York City mayoral inauguration bans Flipper Zero and Raspberry PI devices as part of New York City's 2026 mayoral inauguration of Zoran Mandani, some new items have been added to the list of prohibited items such as backpacks, weapons and laser pins. As first reported by the tech blog site Adafruit, the event's official FAQ now includes Flipper Zero and Raspberry PI devices. Quote event organizers have not provided any details explaining why these were singled out specifically. Rather than a generic mention of portable technologies, crypto must now.
A
Well, all right then. Going to the mayoral inauguration in New York, are you? Well, you better leave your Flipper Zero at home because they will not be very happy with you. They see you with that. And of course, a lot of different prohibited items that are going there. I mean, right, it's a security thing, right? And funny, right? These types of things tend to, to bring out the, the, the really interesting people in life. And if we don't do stuff to protect against it, then you just might as well say, hey, please, crazy people show up here. So it says the list of prohibited items also includes a large bags, backpacks and duffel bags. Weapons, fireworks, explosives, drones, other remote controlled aerial devices, strollers. Don't bring your babies unless you gotta carry them the whole time. Maybe get one of those like where you put the baby in, like it's like a frontal backpack thing. I had one what's it called? Baby Bjorn or something like that? No, coolers. So you're not going to be, like, you know, tailgating at this event. I hope you like standing, because chairs are out. I mean. Okay, so that seems to be a bit of a. You can't bring a chair. Okay. Fun. Blankets, umbrellas. Okay, now this is getting a little weird. Bicycles or scooters, alcoholic beverages. Yeah, you probably want to keep those bad boys at home when it comes to gatherings. Illegal, so. I'm sorry. I'm sorry. So by definition. So they're saying they've banned these. This is on the banned list. Like illegal substances.
C
Right.
A
Right there. Illegal substances. Last time I checked, illegal substances are banned 24 7, 365. That's how that works. Oh, my goodness. People are dumb. Pets. Other than service animals. Laser pens and bats or batons. Can I bring a cane? See, this is. This is where Daniel's mind go. All right. You gonna tell me no. Samuel Clemens said the strongest way. I'm going tech neck here. I am. Oh, Sammy Clemens said that. Strongest word in the English language. Most powerful word in English language is no. Right. I can see Billy over there right now fashioning all sorts of just ridiculous things that you ain't got it on your band list. You gonna kick Billy out? I mean, you're probably gonna kick Billy out because.
C
But it's.
A
Is that gonna be before or after he makes a complete fool of himself? That's the question. As he walks through with his cane and nunchucks. I see. Nunchucks. I guess weapons are on there, right? Yeah. Okay. What is considered not a weapon, but is actually a weapon? You're right. This is where the mind goes. Welcome to Inside My Head, kids. Well, let's see here. So speaking of the Flipper Zero thing, because we got to get to the actual tech of this stuff. Flipper Zero is a handheld. Yeah, we know what it is. Does all sorts of fun wireless protocols and lets you have fun with said wireless photo protocols. It's commonly used for security researchers, developers and hobbyists. Protocol analysis, pen testing. I like how Raspberry PI made it on this list. You can't bring a computer. My phone. That doesn't count. It's way more powerful than this. Raspi is. Shut up. Single board computer. Yeah, we know. It is capable of running standard Linux. I mean, I can. I can put NetHunter on my phone and I've got Kali and a whole. A whole bevy. Plus there's radios on my phone. Anyway, you ever sit back and go, that Seems like a stupid rule. Like if you're gonna ban flippers and Raspis ears, are you banning the Lilygo thing? That's like right? Are you banning Meshtastics? Are you banning like if I, if I build something, what if it's, you know, an orange pie, is that banned? You specifically named Raspberry PI. Are other single board computers on the band list? Can I use an ESP32? Can I? You see what I'm saying? Like sometimes they get a little stupid. This has been historically done that. It gets, it gets kind of dumb to name specific things you need to generically ban things. Hey, no single board computers, no laptops, no this, no that. Okay, cool. Because you start going hey, you can't have the flipper. Okay, no problem. Well, I built this thing on my own and it's, it's not a flipper. It's like a flipper. It does flipper stuff but. But it's not a flipper. So it's not on the band list and you can't kick me out, you know what I mean? Anybody that has any modicum of common sense should have figured this out in about 5 seconds. Run this by a 13 year old boy and see how. If you wanted to bring some of this stuff, what would you do? They are crafty at getting around the rules. Right, so let's see here. Yes, yes, yes. They have add on peripherals making them amazing fun. Oh, it was just once. You just advertise for Flipper zero at this point. Unlike most other items on the prohibited list which are grouped into generic or general categories, both devices are specifically named rather than being restricted under a general computer. See? See? Doesn't take a genius, kids. Drawn scrutiny from governments which have raised concerns about the potential use in car theft, network breaches and other forms of cybercrime. In some cases this has led to proposal to restrict or ban the devices as well. Yes, that's not what this article is about. It's about it being stupidly specifically named on the no fly list here at the mayoral inauguration in New York. Online retailers have also banned it. Yes, we know. That's the history of it. However, the ban of these devices from Venhouse caused confusion as laptops and mobile phones are not listed among the prohibited items. You see. Oh man off. Coming up with some mission impossible level thinking to social engineer the event. You got to right like this. Is that not why we got into this game? Is because that's how we think? We're just going, oh, hold on, hold up. Swelled up, you don't gonna tell me I can't bring my flipper and my natty eyes Emma, my master of puppets beer koozie to this event. I actually have a master of puppets bar stool sitting right over there. Let's see here. All right, so, yeah, that seems a little ridiculous. Modern laptops can run pen testing day. Yeah, exactly. Smartphones can run them as well. Oh, look, Ned Hunter. Flaming donkeys loving Daniel suggested on this topic. I mean, this isn't rocket science, kids. All right, well, that was fun. These things get ridiculous from time to time. Yeah, we're good. All right, so let's move on to the next article. So don't bring your flipper zero and other, you know, illegal substances to the New York mayoral inauguration.
C
Moving on, Rich, I'll share account details with UK tax officials. As of yesterday, January 1, people buying cryptocurrency in the UK must now share their account details with the country's tax authorities or face penalties. This move, enacted by the UK's tax body, HMRC, is designed to ensure they pay all relevant tax on buying and selling crypto, including capital gains tax. HMRC will begin automatically collecting information on all users of cryptocurrency exchanges, which are effectively the industry's banks, in a bid to start collecting tens of millions in unpaid tax.
A
Well, for you crypto folks out there, you know, I think we've had a crypto article every day this week, except for Thursday, obviously, because we didn't do articles. But now, here's the thing. Government man ain't gonna allow you to just walk away with money. You. You gonna pay, you gonna pay. Is it legalized theft? I don't know, but it is interesting. So you got that cryptocurrency in the uk, they're gonna be like, so here's the thing. You've been circumventing our tax laws for quite some time now with your crypto, Mr. Funny Man. Mr. Funny Lady. Mr. Funny Lady. Anyway, you know, that doesn't work. Here's the thing. You are going to start paying that money because we are going to make legislation that says that you have to share your account details or face penalties and changes those. So this is in effect now as of today. So if you're in the uk, I'm looking at you, Roswell, uk. If you're out there, I don't know if you're here today. I didn't see you. Your tax body is designed to ensure that they pay all relevant tax on buying and selling crypto, including capital gains tax. They love God Forbid you make a profit anywhere without, oh, Uncle Sam or whoever, the UK equivalent of that is just putting their hands straight down your pocket and going, this is my. What are you doing with that? That's my money. But you didn't do anything to earn. I don't care. It's my money. You made a profit. How dare you? I mean, aren't you pulling taxes on all sorts of stuff already? Yeah, Please, sir, please, sir, let me have my. My money. Don't take it all. It's just crypto. Yeah, they don't like that. HMRC will begin automatically collecting information crypto, effectively the industry's banks. Yeah, we heard that part, thank you, Steve. Changes come as the financial watchdog continues its consultation on tougher regulation for the industry, including measures to stop insider trading. All right. The value of Bitcoin, which is often seen as a barometer for the entire industry, surged from 93, $500 or 69, 500 US or euros a coin at the start of 25 to nearly 124, 5. So that's, that's a good jump. It's about 30,000 if I'm doing the math correctly, which I'm probably not. Oh, but then it fell below 90 grand. Yeah, that is interesting. Like, I mean, I only make a profit if I sell it right or at the end of tax time. Like, at what point? Because the, the price of it fluctuates so hard, if it dips below what I bought it for, then don't I show a loss? Like, at what point are we taking the snapshot in time and going, here's whether or not you made money. That's what you need to know. I'm sure the tax law there is extremely easy to follow. You know, there are countries out there that make taxes really easy. They just take all your money and then give you what they think you need. That's, that's how it works. I've seen a meme one time, it was proposing new taxes for 20, 26. How much did you make? And you fill that in, it says, send that to us. Ah, man, I hate taxes. Anyway, investors who bought when value was lower and sold when it was higher in line to pay taxes, but authorities have historically struggled to collect it says Don Register, HMRC has been concerned for some time about the high levels of non compliance among crypto investors. The new rules coming. This is an interesting article, right? We do cyber security news and this is about crypto. I mean, this is more of a tax article. It's not even so much a Crypto article. It's like, let's see here. Well, yeah, so get ready to pay your taxes if you got that crypto over in the uk. And honestly, that's really what it seems to be all about. Meanwhile, Financial Authority is running public consultations on February 12 on the proposed crypto rules, which include standards for crypto exchanges, new requirements to ensure brokers act responsibly, and news around crypto lending and borrowing. Interesting. Okay, so if you're into that crypto, this is something you definitely need to take a look at. It's not necessarily a cyber security issue as of yet. I'm sure there will be fraud that goes along with this as tax season rolls around. Looking forward to those W. Those W2s. Right. Be a lot of fun. And all those 1099s and paying taxes. Yeah. It says that it will bring in at least 300 million in the next five years. Anyone who made crypto gains in 24, 20, 25 financial year may have to file a tax return before January 31st to get that done. Okay, well, you have been warned, my UK brethren and sisters. Let's move on.
C
End quote. Sabotage ship. Finnish authorities have announced the seizure of a ship suspected of damaging a subsea telecommunications cable in the Baltic Sea. This is after a series of faults were detected in undersea cables and in this case in part of a cable running through Estonia's exclusive economic zone. This was detected on December 31. Estonia is a northern European country located directly across the Gulf of Finland from Helsinki. Finland's border guard found the ship with its anchor chain lowered into the sea and so instructed the vessel to move to safe anchorage within Finland's territorial waters. End quote.
A
Okay, they. They seized the ship suspected of. Did they do it on purpose? Is that what they're saying? I didn't really listen to Steve on that one. I was kind of fiddling with things. But let's see here. Finnish authority said Wednesday they had seized the suspected of damaging a subsea telecom. Okay, well, I mean, the latest such incident amid concerns about Russian sabotage targeting critical infrastructure and got shot. So they think they did it on purpose. Follows a series of faults. Okay, so we're looking at this as like a physical attack, but because it is a telecommunication telecommunications cable that affects their ability to communicate with the rest of the world and that impacts them especially in more time efforts. It follows a series of faults that have been detected in the undersea cables in recent days, some likely due to recent stormy weather, according to Estonia Ministry of Justice, with two others currently be Investigated says there was no impact on their services. Okay, but that doesn't mean that, you know, just because I tried to kill you and didn't, doesn't mean I didn't break the law. Right. You know what I'm saying? Okay. Explaining redundant connections allow them continue. So they've got redundancies. That's great. That, that's very relevant to just about anything. Right. Two is one and one is none kind of idea. You never want to just have one single point of failure because if somebody runs over your cable with a big boat and you're sitting there going, we don't have any Internet, it seems this, this email is not sending. So, yeah, there you go. Finnish border guard located a suspect, a suspect ship after receiving a report from a telecommunications company, at least in the early morning of New Year's Eve. Thought was found part of LSS cable running through Estonia's exclusive economic zone early this morning. All right, so this goes back to physical security. Right? You gotta. I wonder if they're gonna ever try to do something like. Because obviously this is becoming more and more a target of opportunity for the Russians. I guess if, if, you know, we're just kind of generalizing here. I don't necessarily know whether or not that's true, but even if it's not, you would want to protect either way. Are they, are they going to now create and build now? If the risk and probability is going up, are we going to create new protections to keep those cables from being damaged? Easily? Right, that would be a good idea. I don't know how they would do that, obviously. I mean, just putting a cable on the bottom of the ocean seems pretty flipping phenomenal to me. But right now they're just taking control of this vessel. I mean, how do you prove this? I guess did the boat actually hit it or did they drop something down there and, you know, mess with it? Interesting. All right. Yeah. This comes after a year as a oil tanker that damaged multiple cables. Again, how are they doing it? It. Correct me if I'm wrong, but the cable is under the water pretty far. Are, are they floating tankers through waist high water or like, what the heck is happening here? How are they damaging in it? And then how would you prove that that was the, that they were the ones that damaged it? Like, here we go. Oh, no, it just says they were scrutinized. I thought they were going to say they were caused by, but they don't sell you how. Why do they do this? So annoying. This is the meat and potatoes of the of the story that I want is how the heck they did it. Okay, they. Oh, here we go with the anchor. So how would you prove that they did? Every boat has an anchor. They need them. How do you prove that there was criminal intent? Let's say that they did do it. Let's say, oh, yeah, we were. We anchored down and all of a sudden it was like, what the heck is that? We thought we caught a rock or something. And I don't know. Right. So how do you prove that they did this purposefully? Do they have maps that show them where these cables are? And then how would you prove that it was there? Anchor that again. I would love to see how they do that. Yeah, those anchors are huge. Coco got. Yeah, Everybody's saying the drag the anchors, drag the anchors. Divers. Right again. But how do you prove this? How do you prove. Okay, so Michael nolan is saying raise the anchor and see how much damage there is. Some power. Yeah, but how do you prove that it was the cable that made the damage Even if it is damaged? You know what I mean? There's a jay goal saying really can't prove it was under malicious intent Unless you capture communications prior to them leaving port. Right there. You would have to have some sort of smoking gun, catch him in the act kind of thing. Yeah. There are charts and maps. I would assume that that is the case. But again, proving intent. Difficult. Yes. Thank you, space dacas. Cool. Okay, Fun article. Let's get to the next one here before we hit that mid roll. This one's from the record. Let's do this.
C
Two more banks suffer marquee software ransomware attack. Following up on a story we covered early in december, two more US Banks are now warning customers about fallout from an august ransomware attack on the financial software company mrkey software. These two banks, artisans bank and vera bank, Confirmed that the breaches resulted in access to customer communication data Such as informational updates and analysis of bank products and services that may best fit customer needs. Both banks stressed the hackers never breached their own systems and only stole information maintained by marquee software. End quote.
A
All right, ransomware time. It is that time for us to talk about either ransomware or data breach. Two more banks or malware. Don't forget malware. Those are the. That's the trifecta of cyber security headlines. And they are typically a daily occurrence. Right. Two more banks notifying thousands of victims. Marquee software ransomware attack. All right, foreign. Let's see. Two u. S. Banks. They've come forward to warn customers Oh, I just popped myself in the nose. That hurt. That really hurt. By an August ransomware attack on popular financial software company Artisans Bank Varbank. They say, oh, no, man, we had this whole horrible Marquee Software cyber attack thing. Software company previously said it suffered a ransomware attack around August 14 that affected dozens customer. So why did. Why did it take them so long? Why did it take them so long to come forward about this? They just now realizing that they got popped? Vera Blank explained to a letter the victims. Marquee Software is their customer communications and data analysis vendor. They had access to your data to communicate relevant and necessary updates with you and also to analyze what bank products and services may best fit your needs. The Texas bank said we only provided Marquee with access to your data after they had contractually agreed to secure and protect the same. In total, 37,318 people had information stolen, but the letters omit you wonder if anybody's getting some free credit monitoring, right? Take a drink if you're getting free credit monitoring today. Artisan bank said it was notified of the incident by Marquee Software in October. Discovered that the names and Social Security numbers of 32, 344 people were leaked as a result of the cyber attack. Both banks stress that hackers never breached their own systems and they were still and only stole information maintained by Marquee Software. Okay. Oh, gotcha. Gotcha. Okay, so I'm like, what does that sentence mean? That. So they're saying that the attack did not include those banks servers or systems, just the information that was maintained by Marquis because Marquis had access to certain information. Let's see here. Apparently this was a really good time for whatever threat actor did this. I didn't see them mention it yet, but August was a very good month for them. Apparently she's been back to a vulnerability in it. Okay. An investigation traced the intrusion back to. So this is how they got into Marquee. They had a sonic wall firewall device and there was a vulnerability that was not patched assumedly. That would be my guest. A guest. That would be my guest. My guess, I'm speaking parcel tone. I am a nerd. Let's see. I actually have not read the Harry Potter books. I have watched the movies with my daughter. My daughter has read all the Harry Potter stuff. She loves it. That and Warrior Cats. Let's see here. And Wing Feather saga. She's into that too. That's security X because database. Okay, here's. Here's what they got. Information stolen included names, addresses, phone numbers, Social Security numbers, taxpayer identification numbers. Welcome to tax time, kids. The tax fraud will be a flowing financial account information without security or access codes and date of birth. So basically everything they need to financially ruin you. Between October 27 and November 25, Marquee Software notified at least 74 banks, which means they really. I send it out to three because if I'm not mistaken, there's not that many actual banks out there that aren't owned by a larger bank. Finalist notices. So, yeah, victim count is large and in charge. So you, you got to be doing your, like, do you see kind of the standard operating procedure here. A lot of threat actors like to come in through third parties and that, you know, it's funny, I was just applauding yesterday, the financial cyber security posture very, very much. They, they do a very good job. And you'll notice that the banks were saying our servers didn't get busted. It was marquee software system that got busted. And because they had we do business with them, your accounts, that information which we shared with them has been made public to some, you know, threat actors. So that's the problem. Your third parties might not be doing as good a job. So you have to be vetting them and holding their feet to the fire on cyber security just as much as you do yourself. And if they're not going to do a good job of that, maybe you want to find another third party, which is why it's good that there might be multiple vendors in that space so that you can go to. I remember when I worked at an insurance company, we had a specific piece of software that did. It was. It was called Map. Was it Map Marker or Flare? I think it was Map Marker, which was a Pitney Bow software. And I was like. And it sucked. At least at the time it did, in my opinion. And I was like, can we look for a competitor? Because this stuff sucks. And they're like, they bought all the competitors. There is no competitor. They have a monopoly on the space. Basically. I'm like, whatever, right? So yes, there were competitors, but none that could provide the, the level of service that we needed as a larger organization. So I'm like, what the heck, right? This. That should not. Anyway. Rant. I'm ranting. Ranting. It's annoying. Cybersecurity firm obtained since the leader breach notification letter of Iowa based communication first credit union. Yeah, okay. No ransomware gang ever took public credit for the attack. So we don't know exactly who did it, apparently. All right, time for that mid roll. Let's do it. Let's see here. Oh, yeah. Hey, hey, hey, hey. You're not getting a copyright strike on Daniel singing this song. But hey, don't you forget about me, though, right? Thank you to our sponsors from old Jer Bear. He's got it going on. Let's see here. We've got. I'll start from the bottom today. Flare, Anti siphon, Delete Me, Threat locker, and barricade. Cyber solutions, thank you so much for sponsoring today's episode. We appreciate the money you bucket into this place so that we can continue to have this show and help people out there get their CPEs learn about cyber security and all that fun stuff. Excellent work. Thank you, thank you, thank you. We really, really appreciate it. All right, that said, Jazzy Jazz says, nice singing. You're a good liar. Well, or at least a liar because that is not nice singing. And I also have. Today is a fun day because we have James McQuiggin's dad joke Friday with James McCuicking at 35,000ft. Last time I checked, he is in the chat. He might be lurking at this point, but he's there. He's listening. He's got us some dad jokes. All right, are we ready? Here we go. First one. I started building sailboats in my attic. The sails are going through the roof. Okay, but. Right. What is. What is it called when a boat follows another too closely? Sail gating. That's really what the cyber security. Because the tailgating you see with the. See what you did there, James? I see what you did there. It's a good one. Yeah. There he is. I told you. I knew he was in lurk mode, but he was still there. And then finally we get. How did the pirate get his ship for. For so cheap? I actually like this one. It was on sale. That is funny. That is a funny one. I like that one a lot. Thank you, James McQuiggin, for your hilarity in your dad jokes for this Good Friday. All right, it's time to continue on with our articles. Back to the CISO series headlines, which is this one.
C
Huge thanks to our sponsor, Threatlocker. Want real zero trust training. Zero Trust World 2026 delivers hands on labs and workshops that show CISOs exactly how to implement and maintain zero trust in real environments. Join us March 4th through 6th in Orlando, plus a live CISO series episode on March 6th. And get $200 off with the code ZTWCISO26@ZTW.com New air traffic service exploits click fix through fake browser glitches Researchers at Hudson Rock are warning of this new platform that allows threat actors to, quote, automate click fix attacks, generating fake glitches on compromised websites to lure users into downloading payloads or following malicious instructions. The platform promises conversion rates as high as 60% and can determine the target system to deliver compatible payloads, end quote. The researchers describe air traffic that is spelled err T R A F, F I C as requiring prior access either to a website that accepts victim traffic or where it has injected malicious code into a legitimate compromised website and then add air traffic to it via an HTML line.
A
Okay, this is an interesting little, little hackaroo. You know, the threat actors out there, they, they get pretty crafty from time to time. So now they are. Okay, so this is Earth traffic, which I'm not 100% sure about. Okay. This is a cybercrime tool called air traffic. This allows the threat actors to automate, click fix, right? Which is the, hey, you got yourself a little problem. You need to click here to fix it. Copy paste this and stick it in a, in a run box. And then, yeah, all sorts of great things happen. But this takes it another step, right? By creating fake glitches on compromised websites. This makes them think that the, oh yeah, this is legit. Look at the glitchiness. Look at all the crazy, crazy crap that's happening to this website. Obviously something's wrong and I do need to get my hands on this fix. So I will download this payload and follow these malicious instructions and. Ah, that was not what was good for me. Dang you, you tricked me. And that's, that's what happens. That's, that's a problem. Platform promises conversion rate as high as 60%. That's a lot. And can determine the target system to deliver compatible payloads. That's, I mean, they're making some cool tools out there for nefarious purposes, but cool nonetheless. I mean, that's, that's pretty impressive. Qlik Fix is a social engineering technique. Yes. Where we're tricked into executing dangerous commands on their systems under believable pretenses, such as fixing technical problems are validating their identity. This has grown in popularity since 2024, as if you're doing sock work right now. It's one of your favorite things in the whole wide world. I'm sure both cyber criminals and state sponsored actors have adopted it because it just works, right? It's the apple of cyber crime. It just works. You just tell people their stuff's broken and they will believe you and they'll do anything to fix it because I can't, you know, grandma's got to get on Facebook and you know, yell at clouds. It's a new cyber crime platform first promoted in Russian speaking hacking forums earlier this month under the alias Len AI Lenai. Lenai is it like a screened in back porch lanai? It functions as a self hosted traffic distribution system that deploys click fix lures and is sold to customers for a one time purchase of 800 bucks. For the low low price of $800, you can steal a lot. Yeah, well I just saw someone said where was it? There it is from Jostin Jost Tx. The website was glitching. Now my computer is glitching too. Weird. Yeah, it is weird, isn't it? Oh man, I remember used to get like calls on the help desk and they would say my computer is running slow and I would have to go your computer's running slow or the Internet is running slow. Like you're on a web browser and you're trying to do web things but everything else works just fine. That's the Internet running slow versus your computer. Like if everything you do is like takes forever, that's a different story. You always had to clarify where are we at here? Hudson Rock researchers analyze the platform reports that it offers user friendly panel that provides various configuration options at the time on access to real time campaign data. Yeah, you know, if they could only use their powers for good, I guarantee there's plenty of companies that would love to have these developers that are building this thing to like build dashboards and reporting tools and things of that nature for them. Not, not you know, click fix stuff. Okay, so the attacker must already be in control of a website that accepts, that accepts victim traffic or has injected malicious code into a legitimate compromised website and then add the air traffic. Okay, here it is. Look at that little yellow different click fix or UR traffic. Site's behavior remains the same for regular visitors and not match the targeting criteria. But geolocate. But when geolocation OS fingerprinting conditions are met, the page's DOM is modified. Display a visual glitch. Yeah, we get it. This makes the page appear broken, creates a condition to provide a victim of solution in the form of installing a browser update. Yeah, we kind of got all that. Oh, look at that. Oh yeah, look at your page, man. Dude, if I saw that I'd be like what in the actual heck is this? Was this like a flash animation? I would just be annoyed and go away. Like, I mean I'm sure it's, it's supposed to look like a legitimate site, but yeah, there you go. That's. That. That is an interesting thing, though. So, I mean, that could be cool, like, take notes from this. Build your own dashboards and tools that. Because that seems to be a really good skill to have, you know, not for cybercrime, obviously, but for just keeping track of things and doing stuff. Should be able to. Most of us should be able to vibe code. Some pretty interesting, useful little tools. At this point. I'm just taking a page out of their book as far as, like, how they do operations. Not cyber crime part. Don't leave that part out. Okay. Anything else we really need to get out of this? I mean. Sold on the darknet. 800 bucks. Suck. Moving on.
C
Coupang to spend over $1 billion to compensate users. South Korea's leading e commerce and logistics platform, often dubbed Korea's Amazon, has announced the amount, specifically the equivalent of $1.17 billion to compensate almost 34 million people affected by its recent data breach. This compensation will be in the form of purchase vouchers for impacted users. Coupang plans to, quote, sequentially notify all 33.7 million account users via text message regarding the voucher redemption process. End quote.
A
So what was the. What was the thing that raised your eyebrow in that little. That little quip from Mr. Steve Prentice? I am gonna say that it is for me. I mean, I get it right. They got popped pretty big. I mean, that's a big chunk of chains for compensation over so many users. I mean, what is the math on that? What is 33.7 million divided by. Or I'm sorry, 1.17 billion divided by 33.7 million. Let's do the math. I'm gonna do it. Here we go. Oh, where's my calculator? Calculator. How much is everybody getting? Like, equally. If it's equally distributed. So, goodness gracious. 1. How do you do 1.17 billion? So that's. That's 1 billion. 17. 17 million, right? Oh, my goodness. I. I don't do math very well. Let me just ask. Chat GPT. I'm bad at math. What is 1.17 billion divided by 33.7 million. Okay, there we go. And the answer is. Survey says. Since 1 billion equals a thousand. Okay, I don't care. Just give me the answer. Approximately 34.72. Everybody's getting 34 bucks, which you get to spend at Coupang. You're not even allowed to leave the. The platform. You get to spend it here. Well, you know. Oh man. You know, there's a lot of things I want to say right now which is completely inappropriate, but. Hey, what you gonna do? What you gonna do? Yay. A free lunch, right? Yes. Thank you, sunshine. 24. 7 7. Exactly. Exactly. That is such a crazy. Yeah, like 35 bucks. This is the real takeaway from here is that if you're using coupang and they get popped, you might as well just pucker up and aim for the hairy spot because that's what they've basically told you. You can kiss our sweetness. Yeah, Lots of money. They had a data breach. They got popped. Annoying. Annoying. And you get a hot $35 now for them. It's a big deal, right? Because that's one point something billion bucks. I mean that's. But if they are Korea's. I mean, I don't know what their how much money they make a year, so how. How badly that impacts them and their bottom line. But I would venture a guess that no one wants to pay $1.17 billion out at all. But then. Hold up, hold up. Now that my brain is working, they're gonna give you. Let's play the scenario. You ready? Okay. I'm Coupang. You're the coupang user, right? You're the member. I. Oh, we got breached. My bad. Yo. Here's 35 bucks you can only spend here. So where does that money go? Back to me. You see? You see what they do there? Isn't that funny? Isn't that nice? Isn't that awesome? So that's interesting. Just saying. Just saying. I gotta move on from this. It's just starting to piss me off. Moving on, moving on. More Korea stuff. Okay, hit me.
C
Korean telco failed at femtocell security say investigators. South Korea's Ministry of Science and ICT found that Korea Telecom deployed thousands of poorly secured femtocells enabling long running attacks involving micropayments, fraud and customer surveillance. Femtocells are customer premises equipment which include a small mobile base station and use a wired broadband service for backhaul into a carrier's network. Carriers typically deploy them in areas where mobile network signals are weak to improve coverage in and around customers homes, end quote. In this situation, all devices used the same network authentication certificate, had no root password, stored keys in plain text and exposed remote SSH access. Attackers could extract the certificate, clone femtocells, and have them accepted as legitimate by Korea Telecom's network for up to 10 years. Investigators believe up to 20 clones were used one for 10 months. During 2024, 20, 25. Compromised devices allowed attackers to intercept texts, learn subscriber IDs and track calls. All of which was compounded by Korea telecoms lacking proper femtocell management tools. This according to the Register.
A
This is an interesting article. This is a. I mean it's not something you see every day talking about femtocells. So for those of you again, this was a great rundown of what a femtocell is. Their customer premises equipment which include a small mobile base station and use a wired broadband service for backhaul into the carrier's network. Carriers typically deploy them in areas where mobile network signals are weak to improve coverage and in and around customers home. So you live in an area, you don't get great coverage. These femtocels can be used to help boost that by backhauling on another into a carrier's network from a broadband service. So what was the problem here? What was the, the. The security issue? Right. So it said that they have found that the local carrier, Korea Telecom deployed thousands of badly secured femtocells. So it's a device and as we just read, it's connected to a carrier or not carrier, a broadband service. And this led to an attack that enabled micropayment fraud and snooping on customers communications maybe for years because they just said yolo, you get a femme to sell, you get a fem to sell, you get a fem to sell and everybody gets a fem to sell. But that did not work out so well because they deployed thousands of the devices all which used the same certificate to authenticate to the carrier's network. According to analysis by Korean Infosec Academy and IEEE fellow Young Dae Kim, femtocells had no root password. That means you just logged in as root. Sweet. Stored keys in plain text. Sweet. They are breaking all the rules here. And we're remotely accessible because. Dun dun, dun, SSH was enabled, not ssh. Yes, ssh, you dumb son of a. Right, so I don't understand. Are like, were they hitting the head? Is that what happened? And like, is Billy running the Korean telecoms? Is that one? Because he definitely. I saw that boy get kicked by a horse and now he does it for fun. You can literally just whack him about the head and shoulders with a 2x4. He don't feel it at all. His, his skull is about that thick, I'm assuming. Ain't much in there to protect anyway. And now it's built up a nice calloused layer around it. So he was all like, ah, you know what I need to do? We need to put ourselves some SSH on these famous cells. Put it out there in the networks. Thousands of them. Root, password, that's for sissies. What in the actual heck? The trucking cyber guy says they do know who their neighbors are, right? Yeah, exactly. Ah, they ain't gonna say it. It's fine. My Mimo says hers works like a charm though. She gets that, that cellular like it's not even funny. She's enjoying it. And then the other people that are enjoying watching her do it. Attackers is therefore waltz in and retrieve the certificate, then use it to clone a fem to sell. That KT would treat as a legitimate device. What is wrong with you? Because that cert was set to expire after 10 years. Miscreants who understood these vulnerabilities had a long period in which to clone the fem to sell and use it for evil. Yeah, I mean that's the. Oh, we have clues. How did they. How did they find it? Investigate. Right. How did they figure this out? It's always good. The report also found that K2 customers devices will automatically connect to attackers cloned up to 20 femtocells and use one for 10 months. All right, so how did they bust it? How did they figure this out? Korean telecom operates a micropayment service that allows its customers to pay for digital content using SMS messages. September the carrier investigated some of its customers bills and detected the use of of cloned FEM cells. Follow the money, right? Follow the. What the heck is this? These charges. What's going on here? They said that $169,000 haul is absurdly small for this infrastructure sophistication. Maybe that wasn't the end game, it was just a byproduct having having complete access into a cellular telco seems like a pretty good thing for an attacker, right? If. If you're. It's. It's small if your goal was to make money, right? And if it's been out there for years and that's all the money they made, right? Or is that all the money you've just discovered? Anyway, we got a few minutes left. Let's hit this last article and get to it because we got jawjacking coming up. Let's hit it.
C
UK company sends factory with 1800 degree furnace into space Space Forge, a company based in Cardiff in Wales has sent a factory the size of a microwave oven into orbit and has demonstrated that its furnace can be switched on and reach temperatures of around 1800 degrees Fahrenheit. The company plans to manufacture material for semiconductors for use in electronics, communications infrastructure, computing and transport. The company explains conditions in space are ideal for making semiconductors which have the atoms that they're made of arranged in a highly ordered 3D structure. When they are being manufactured in a weightless environment, these atoms line up absolutely perfectly. The vacuum of space also means that contaminants can't sneak in. And the purer and more ordered that a semiconductor is, the better it works. End quote.
A
Well, okay, that, I mean that's just kind of cool tech right there. It's not necessarily a cyber security thing, just cool tech. And the fact they're making microwave sized like factories that get up to 1800 degrees or whatever, that's just cool. This is a cool story to end the day on. I mean who doesn't want to build something neat in their garage, right? I mean not that this is a garage necessarily, but it is a company that makes this kind of stuff. But how do you, how do you build something that actually gets to go into space? I remember because I, I got to hang out with Tim Fowler quite a bit. He was all about space hacking and making satellites and cool stuff like that. That might be something really interesting just as a hobby for a lot of us to get into. Kind of keep the passion alive. Something interesting to mess around with. Very cool stuff. And it's cool that this company is making this a reality. So they're. If this works, I assume that this is kind of like step one, get a minimum viable product, make sure that everything actually works. That we can, we can perform this action. We can make these more amazing semiconductors because we can do it in space. Right. It says right here semiconductors in space will be up to 4000 times purer. And I'm guessing that is find the truth is only cost 44,000 times more expensive. There's the, there's the old kicker, right. The other shoe has hit the floor at this point. Yeah. More stuff in orbit, says Phil Stabber. Why not? Right? We're, we are working our way toward Wally and you act like this is a bad thing. Conditions in space are ideal for making semiconductors. Right. Because it affects the way atoms are structured, I guess. Very cool. Those atoms line up absolutely perfectly. What we're doing now is allowing to create semiconductors 4,000 times. Okay, we got that. You're repeating yourself. Don't start that action. This sort of semiconductor would go on to be in the 5G tower in which you get your Mobile phone signal. It's going to be in the car charger you plug your EV into. It's going to be in the latest planes. I mean, that's cool. I mean, we're not going to be able to make that stuff for very much longer because they're not cranking out RAM for anything other than AI. So what good does it do me? It's going to be so expensive, I can't afford it. Plane tickets, 9,000 bucks. Company's mini factory launched a SpaceX rocket in the summer. Since then, the team has been testing. I mean, I always think of that movie antitrust when it comes to space stuff where he had his own satellite system. The bad guy, the Tim Robbins played and you know, he was. Had a little like dashboard, he controlled the whole thing. I mean, that would be stinking cool. Could I build something that orbits? I would assume the FCC would not. The fcc? The faa. Yeah, the FAA would probably not like that for me to launch a weather balloon high enough to get a satellite into orbit that I could control from my laptop. But hey, you know, whatever cool stuff, it is exciting. I hope they do well. I hope they make it super cheap. Hope everything gets cheaper. I'm trying to see if there's anything that's. But by providing technology, it really opens the door for an economically viable product where things can be made in space, return to Earth and have use and benefit to everyone on Earth. And that's really exciting. Well, good. I look forward to seeing more about this in the future and hopefully it goes really, really well. All right, everyone, that does it for me. Stop sharing. That does it for the Daily Cyber Threat Brief. Thank you so much for joining us, but don't go anywhere. Up next is Jawjacking a little AMA for your day. You get to ask me questions and anybody else that joined a couple of of requests for a panel to show up. I haven't heard back. Let me check that real quick. Nothing cool, but there you go. That's cool. It can just be me. We've done it all week. We'll do it again. We'll get that AMA going a momentarily. Thanks for watching the Daily Cyber Threat Brief. Now stay tuned for Jawjacking.
B
Ever wonder what it takes to break into cyber security? Join us every weekday for Jawjacking, where industry experts answer your burning questions about the cyber security field live, unfiltered and totally free. Let's level up together. It's time for some Jawjacking.
A
And welcome back. It's. It's me again. It's just Me, but that's cool. Yeah, we're going to do jawjacking. Jawjacking. For those of you that are new to what this is, it's just an ama. You ask me questions, I give you answers. We kind of have a conversation going here in the chat and it'll be a lot of fun. Speaking of the chat, I have twice in a row forgotten to do that so that all this stuff is here for us to see. So there you go. If you have a question, what you need to do is put a Q in front of your question so that I can kind of have it. It kind of pops out from the chit chat that's going on in the chat room. So if you want to grab my attention, I'm also watching the YouTube chat, so you can also at my name that, that'll work as well. I'll try to keep an eye on both of those things, but I'll mainly be in the restream chat looking at that. So the cues will probably be the best. And from there I answer your questions. We do our best anyway to get you some good information to help you succeed in your cyber journey. All right, with that said, let me see what I got here. I think I got a question here that was asked before. I told you to put a queue in front of it, so that's cool. We got Tal462 says, what's your suggestion for mid level cyber security engineers to climb up the enterprise ladder? And I mean not the level but specialty or speciality and principal engineering direction. I mean. Okay, let's, let's dissect this. So you're a mid level cyber security engineer or hypothetically they want to climb up the enterprise ladder. I assume that's what you meant. Ladder, not letter as in like I'm going up, climbing up. And I mean not the level but speciality and principal engineering direction. So you want to become like a senior engineer. That's what you're looking to do? You specialize in something? Yeah, yeah. You got to pick something and something that's most likely really difficult, like exploit research and development, zero day kind of stuff. Depending on your niche and depending on what kind of security engineer you are. So if you're like a firewall engineer, maybe you're, you know, that kind of stuff or a SOC engineer. They could. It's going to be different than if you're working in offensive security. So. Yeah, yeah, yeah. So that, that will just depend on that. I would probably in any of those cases going to tell you it's going to be a combination of getting really good at AI stuff at this point in time because that's just a, that's a non starter. If you don't have the AI capabilities to get at the senior level, that's probably your best bet regardless of whatever niche of cyber you're in, is to straight up get some of that AI schooling. So learn AI in whatever niche you're looking to get into and then learn it up to a very high level and then you are a senior at that point you start asking for to be brought in on those projects, more responsibility. You talk to your manager and say, I'm looking to level up and become a senior level. Right. And what kind of path can we develop for me so that I can reach senior level here? Yeah, there you go. That's, that's what I got so far. What else we got here today? Here we go. From Cryptic Roses. Any tech related New Year's resolutions? Mine's to get some Azure Certs. Yeah, yeah, I've, I've talked about mine a little bit, but I'll go ahead and reiterate. For me, it's all about that hardware life and firmware IoT probably a little OT that kind of stuff. So that's, that's what's on Danny Boy's plate. That's what I'm looking to get into. Here's one from Space Tacos. Can you share the worst Carl? Or in your case, maybe it'd be a Billy story. The worst Billy story. I mean it's. It probably what I'm trying to think here. Give me a second. I mean, because they were idiots or because they were a holes, because those are two different things. But both Billy, I'll say an idiot, right? The first I, I think this is probably just the craziest one that I personally experienced was that somebody call me and say, I'm trying, I can't read the files on my thumb drive. I said, okay, remote PC into their computer. Oh, I think we were using VNC. So I VNC'd into the, into the device. I'm looking in the, you know, Windows Explorer and I'm like, I don't even see the drive. It's like the drive's not connecting. So I'm in device manager. I'm doing all this stuff and I'm going, can you just verify that it's seated well into the USB slot? And it was a lady and she said, you mean you have to plug it in? I said, well, yes, ma'. Am. Most electronic devices require Electricity to work. And it's not a wireless device. So yeah, you got to plug it in. I've been working on it for like 20 minutes. And because she had swore to me she had plugged that was how she started off is the way she framed it was. It seemed like, and maybe that was a dummy move on my part that I should have started with layer zero, right Layer and then layer one, like assume that they are not telling you the truth, which leads you to layer one, which is make sure all the things are plugged in correctly. But the way she framed it was like, it seemed like she was telling me it was plugged in. And you just, a lot of times when a user calls you, they're just missing the forest for the trees. It's like, oh, it's right here. Click, bam. No big deal. But that can get you down the wrong road yourself. So we spent about 20 minutes in, but she didn't realize, she had no idea that they actually had to plug it in to be able to read it. She thought you just had to plug it in to write things to it. So we had ourselves a little, a little fun day figuring that out. The other one was my friend Bill. He was working on the old microcontrollers for the mainframe. And to update the thing we'd have to send out these floppy disks and they would have to plug it in and do this combination of things to get it to update. And he said, he sent it out there to the county office and the county office was saying, I can't plug in the, the floppy disk. I'm trying to plug it in, it won't go in. And he said, I spent so much time trying to figure out why it wouldn't insert into the floppy drive of that controller and finally realized that what the user was doing was there was a door that you opened up on the controller and that gave you access to the panel. On the inside flap of the door, right on as you flip the door around, there was a diagram, a photo diagram of the panel telling you what each one of those things were. They were legit trying to push the floppy disk into the photo. That's probably the dumbest thing I've ever heard of in my life. So yeah, that's what's up. Never underestimate the power of your user. Cryptic roses. How do you politely start conversations at an in person cyber event when people are already deep in discussion without interrupting or coming across? Awkward and intrusive Phenomenal question. Great. You get question of the day right There. And because I have given this advice multiple times, here's how you do it. You kind of, like, scooch into the circle and you're like, oh, I'm interested. I'm listening. And as you're listening, you start thinking of things that. About whatever it is you're listening to that are interesting to you. And naturally, questions are going to come up in your mind. And when they do, you say, you know, I'm listening to your. Real quickly. I'm listening to your conversation. It's very interesting. And then you ask your question, right? Or you can go another route, same idea, same, same frame, but you have, you know something about what they're talking about and go, oh, I know exactly what you guys are talking about. And I've actually had some experience with this. I would. I thought it was funny or I thought it was interesting. And then you throw it out there. You don't take over the conversation. You just kind of, like, add to it. So in some way, shape or form, either through questions and engaging, being engaging, you are now becoming a part of that conversation, right? And you don't take it over. You don't try to take over the conversation. What you try to do is you try to contribute to the conversation in both of those ways by asking questions and giving your experiences, whatever it is, you know about that stuff, right? If you don't know anything, you can just kind of chill and hang back, maybe ask a question or two. And then as the conversation starts to evolve and change and move from one topic to another, you continue to roll with it. And that's how you start going, oh, my name's so and so. You know, I'm cryptic Roses. I'm. It was really good to me. I love this conversation. You might have a seat. Maybe they're seated. You mind if I sit down? Not at all. Because you've proven yourself to be someone that is going to contribute, and it's cool if you don't want to. There's plenty of people I've seen plenty of times, been in plenty of cons where there's a. There's a prayer circle going on. And some people just kind of want to hang out on the edge there and listen. That's cool if you want to do that. But if you want to engage, you want to build your network, you want to make new friends and win hearts and minds, that's how you. If you want to politely start a conversation, that's an issue. I don't know why you would start a convo with a rando person at a con, other than maybe they had a cool shirt on or whatever. You just find that, that point of contact and you're like, oh man, I love that shirt. That's so funny. Whatever it is. And my favorite shirt that I've seen other than that is blank. And you go, oh, look at my shirt. You know, oh, I was at this con the other day and you just start regular random conversation about the thing you're both interested in. Wow, I just saw some serious text. Hit the. Hit the thing. LinkedIn user spammed the text there. Interesting. Okay, but that's how I would do it. That's how I would. I would make that happen. All right, let's see here. Hopefully that helps. Let's move on. Find some more questions to try to keep my, my answer short here. Lately. What was the malware injection day from Find the true what was the malware injection day? Our injection day? I don't know. I have no idea what that means. Okay. Find the true clarification. Thank you. More cryptic roses Is it reasonable to expect graduate cyber cyber candidates to know Windows XP7 troubleshooting when it is not listed on jobs? No, it's not reasonable for them to know that, but features heavily in the assessment process. What? Is it reasonable to expect a graduate cyber security candidate to know Windows XP7 troubleshooting when it is not listed in the job specification but features heavily in the assessment process? No, that is not reasonable. That's not reasonable at all. Why? If that is something that they are going to heavily ask you about, it should be in the job description. Just all there is to it. That simple. Moving on, Looking for the questions. Oh, there's that. LinkedIn user 1. The White House, Congress and federal agencies race to keep up with rapidly involving cyber security landscape. Blah, blah, blah blah. Someone paste an article? Yes, they did. Wants to know what's my take. I don't know. What? Okay, that's a bit much. Okay, I don't know. I don't have a take on that yet. I. I don't have the time to like sift through that much information and formulate a. A position that is thoughtful and thorough. Cryptic roses Cryptography's got some questions today. What is your view on Try Hack Me's AI focused training? I haven't taken it. And how valuable is it for cyber professionals given the recent attention highlighted in Tyler Ramsby's LinkedIn posts? I've taken about three weeks off of LinkedIn, so I haven't really seen anything. What's my view on try Hackneys. I mean any AI focused training is going to be a good for thing for you at this point. You need to be learning AI is as much as you possibly can. I can't stress it enough. People that know how to use AI are going to be the ones that are able to get jobs because it seems to be steadily just sweeping up anything that is repetitive or low hanging fruit type tasks. I don't know what people that don't have the ability to up skill are gonna do. Right. So there you go. So yeah, go, go crazy. Learning AI. You should absolutely. I mean just spin up N8N or do take Corsair courses. Do anything you can mess around like Olama. Whatever you, whatever you can do, learn that stuff and learn it well. That's what's up. All right, moving on from Carrie. Jason, Daniel, how's the weather in Florida? I will be in the 80s today. So yesterday there was ice on everything. Today was cool. This morning, like I'm, I'm a little chilly in my office. I don't have the heater on, I forgot to turn it on. But it'll get warm today. It's gonna get, it's gonna warm up. It's gonna cool a bit back down. We don't really see much like we get these random spikes of like 30s and then the same day it'll get to 80, right. A 50 degree swing in temperature and then it'll get down to the, you know, upper 40s or something and you know, high of 70 something. That's kind of how Florida goes. It's, it's a legit question. I, I got you LinkedIn user. It is a legit question. I just don't have time like or I can't tell you that I, I would be able to give you a good answer to that at this point in time. Hit me up on LinkedIn. Send me this question on LinkedIn. I'll take a look at it, I'll look at the details, formulate an actual informed opinion on it and we can talk more about it. So just let me know who you are. DM me and LinkedIn. Let's see here. Jazzy Jazz 88, which Cloud do you recommend a beginner to pursue? Azure, Amazon or Google? Depends, right? It depends on what you want to do in your career. If you are like, I'm going to be a cloud admin for a Microsoft shop and that kind of thing. We're going to be running Microsoft 365. Obviously Azure is where you want to start. That's just what's up Learning all the cyber security stuff that they have available and things of that nature. So yeah, if you are going to be running Internet services and things of that nature, probably looking at aws, right? Not that there won't be Windows servers or whatever, but it Windows people tend to because they want you on enter ID, they want you on Microsoft 365. Everything in Microsoft kind of pushes toward Azure at this point. So where do you want to go? And gcp? I've never really used it, so I can't really speak to it. It's got its place, I'm sure, but Azure and Amazon are two big dogs. Let's see what else we got. What else do we got From Katie Jordan 9411 I re I just graduated with my bachelor's in cyber. Trying to break into the field. Congratulations Katie Jordan I am on Try Hack Me daily and keeping up with my IT studies. I have my CompTIA certs through WGU. Would cloud plus be a good cert to add if you want to go into cloud or if you just want to have some competency in cloud? It's a good foundational search, covers a lot of bases. But I feel like from what you're showing already, I feel like you should just go ahead and start going vendor kind of to the point of the last person that was asking about AWS or Azure and so on and so forth and maybe for you and like getting a few AWS certifications would be better than just Cloud plus. That's, that's my opinion. I mean that's from what I gather from just a little bit you've told me and that's cool. But yeah, maybe start getting into vendor certifications and maybe get across the board just the basic cloud certs for each of the three big vendors out there could be another good way to go. Right? JoJo Rabbit says AI is my jam now. Yeah, it is. Phil Stafford talking about Tyler's point is that Try Hack Me is now using users for AI training and looks like Gotcha, gotcha, gotcha. That's what you're talking about? Yeah, he has talked about that. I have seen him talk about that. I have talked to him about talking about that. A lot of people aren't very happy with that. I like the ability to opt out of those types of things and I think Try Hack Me is is like saying if you want to opt out, you just close your trihack Me account, which is a valid concern. Right? It's like okay, and I'm. I'm guessing a lot of people have done that. But a. If you're talking about using trihack me to learn AI while they train their AI on how you learn. You know what I mean? That in Inception kind of idea is. Yeah, it's a real. It's a real pickle. They're not the only game in town. You just go somewhere else and learn it. Like. Like what's. What's. Is it Arkham, which is Arcanum? I think that's them. That is Jason Haddocks. They got stuff just go to Udemy, go to other places. You know what I mean? They. They're not the only game in town. Is. Is the point. Or if you like what they're doing, you don't mind training their eyes stay on. Try hack me. It's up to you that. That's a personal decision you got to make. All right, let's see here. Looking for the questions. Here's one from Space Tacos. What's up, Space Tacos? We know you've platformed the guitar, but are you also right songs if. Yes. Ever written a song about hacking? I have written songs before. I. I say songs, not lyrics. I've written music that became songs that somebody else put lyrics to, But I. I don't do that often. I've never really been a big songwriter or music writer. Every now and then I'll come up with something cool. I have a few of them in my back pocket, but yeah, there you go, looking for those questions. Making sure I didn't miss anything. Oh, yeah. I'm almost caught up with you guys. Which is perfect because we're almost out of time. Looks like I had a question here from Michael Nolan. I'm about to take my EC Council CH exam. Best of luck to you on that. Seeing now what people think about the cert. Was it a bad idea? I mean, if you're already there, it's not a bad idea necessarily. So EC Council has had. And specifically the CEH exam. And EC Council as an organization has had a. Interesting past.
C
Okay.
A
And you can just do some Google searching and look into that. The certification itself has its pros and cons. Just like any certification, there are people that value it and people that don't and people that, you know in a spectrum in the middle of people that find it more or less valuable. Get what I'm saying? So if you get won't. It won't be without value completely. You will find organizations that put on their job post CEH and they find it valuable, a useful thing. So if you're already down the road. Yeah, it's not going to be a bad idea. I mean, this would be the question to ask before you put the money on the barrel head, but a lot of people get this kind of thing through their work or whatever, and if they just offered it to you and they say, hey, you, we'll let you. We'll pay for ceh, like, cool, take it. Never turn down free education. Never, Never.
C
Right.
A
So at this point, it's not a bad idea. The good idea would be to see it through, take the exam, get the cert you've already spent the time and effort into. Might as well see it through. All right, we got four minutes left. Bruising axe. I still see ch. Yep. Yeah. LinkedIn user vendor shirts are way better. Yeah, Vendor shirts tend to. Because you're. You. Yes, you are niching into something very specific, but if it's something like Amazon or Palo Alto or things of that nature, there's such a big name in the industry that it tends to. Oh, if you can learn that, you can learn anything. Yeah, if we're an Azure shop and you have AWS certs, they're not going to go, well, I'm sorry, you know, I mean, if somebody comes in and they already have those Azure certs, then yes, you're probably behind at that point. But, you know, you're. You're most likely going to be focusing your efforts on the thing, on the skill, on the jobs that are focusing on the skills you already have. So do some research, figure out are there more job openings for AWS or this vendor or that vendor, kind of do some analysis, use AI to help you and then, yeah, pick your poison, as it were. All right. Trucking Cyber guy asks any opinion on the AAISM cert that ISACA has put out there. It seems a bit shallow, but requires CISSP to qualify. So seems they are trying to position as an advanced cert. I am not familiar with this certification. Let me do this and that and that. And the is I can never spell. I saw ISACA I S a C A and it is the aaism. What is this? This is the ISACA Advanced in AI Security Management certification. The first and only AI centric Security Management certification designed to equip experienced IT security professionals with the skills to manage the evolving risks associated with artificial intelligence in enterprise environments. It is intended for those who already hold the CISM or cissp as builds upon that foundational knowledge. Yeah, I mean, I don't know if it's necessarily a money grab or not. I don't know how new this is. I assume it's fairly new. So until more people are coming out and read Reddit reviews. Right. So if anybody has had experience with this, please, in the chat room, throw down, let us know. And what's your take on that? All right, moving on. Space tacos, not platform. Play the guitar, stupid. Autocorrect. Dang you autocorrect. All right, we got one. Time for one more. All right, well, we'll end with this one. Thank you so much. Cryptic Roses, you were a plethora of great questions today. This one isn't right in line with that. Are there any common mistakes, pitfalls, or career moves that you would advise people to avoid based on things that slowed your own progress in cyber security roles? Yeah, the first one is having too many irons in the fire, right? Oh, we are multitaskers. Piss on that. Put your nose to the grindstone on something, see it through to the end, and then move on to the next thing. Do it well, because what ends up happening a lot of times is you start a lot of projects and you never finish them. So you end up learning a little bit about a lot of it, but not enough to be effective. And that hurts you. Another thing is, is you are going to need some certs and choose wisely when it comes to those certs on whatever it is that you want to do in cyber security. Go after the ones that are the most well known and get them. Network, network, network. My goodness. Go to cons. Do it early, do it often, because that's those people are going to be your cheerleaders for when you're ready to hit the job market. Learned. Learn a bit of coding. Yeah, yeah, there you go. That's the quick and dirty of it. Hopefully that helps you out. Thank you everyone for joining me today. A lot of great stuff. Space Tacos thinks there should be more cyber security songs in the world. Cryptic Rose, you got a lot of great questions. Definitely come back next week for more jawjacking and then you can get Jerry's take on some of these questions. You should keep asking those questions that we didn't get to today because those were great questions. You had a lot of good stuff. I'm just kind of scrolling through, catching up with chat. Happy New Year, everyone. Thanks for joining us. Appreciate your time, your efforts and hanging out and get that off the screen and we will hit the whole hide message thing. But it's time to say goodbye to all our family. I'm gonna go get ready for cybercast IRL, which is at 10am Eastern. We can continue this conversation. So Cryptic Roses, if you want to join us over there, you totally can. That will be on my YouTube channel. So just look up. Go to YouTube, look up Daniel Lowry. You'll. You'll see that Cybercast IRL is going to be at 10am so be doing that in about 30 minutes or so. Until then, until next time, stay secure.
Podcast: Daily Cyber Threat Brief
Host: Daniel Lowry (Filling in for Gerald Auger, Ph.D.)
Episode: Jan 2’s Top Cyber News NOW! – Ep 1038
Date: January 2, 2026
In this high-energy kickoff to the 2026 cybersecurity news cycle, Daniel Lowry (filling in for Gerald "Jerry" Auger) delivers insights relevant to cybersecurity insiders, professionals, and business leaders. This episode covers regulatory developments in crypto, peculiar device bans at a major event, supply chain ransomware woes, critical infrastructure attacks, new “click-fix” social engineering platforms, and both notable technology fails and futuristic innovations.
A significant part of the show is also dedicated to live Q&A (“jawjacking”) with listeners, emphasizing practical career guidance and fielding a broad spectrum of security-centric questions.
Topics addressed:
Selected quote, career advice:
“Network, network, network! Go to cons, do it early, do it often… those people are going to be your cheerleaders for when you’re ready to hit the job market.”
Other quick hits:
| Segment/Story | Start Time | |---------------------------------------------------------|-------------| | NYC Flipper/Raspberry Pi Ban | 06:39 | | UK Crypto Account Sharing Mandate | 14:54 | | Baltic Sea Subsea Cable Damage (Critical Infra) | 21:21 | | Marqee Software/Banks Ransomware Breach | 27:47 | | “Air Traffic” Social Engineering Platform | 39:17 | | Coupang $1.17B Voucher Breach Compensation | 45:28 | | Korea Telecom – Femtocell Security Fail | 50:11 | | Space Forge Orbital Semiconductor Factory | 57:08 | | Jawjacking – Q&A/AMA | 63:00 |
Daniel continues the show’s signature mix of expert analysis, humor, and lively chat banter. He uses approachable analogies, listener interaction, and a laid-back yet insightful tone to keep news both informative and engaging.
This episode delivers both the “what” and “why” behind the latest cyber news, making it essential listening for anyone who needs to stay current on both immediate risks and bigger-picture industry trends.