A

All right, Good morning, everybody. Welcome to the party. Today is Wednesday, March 4, 2026. This is episode 1081 of Simply Cyber's Daily Cyber Threat free podcast. I AM your host, Dr. Gerald Ozier, coming to you live from the Buffer Osier Flow Studio. Nope. Coming to you live from Zero Trust World here in beautiful Orlando, Florida. You'll notice we are at a podcast setup situation. I'm joined by my good friend James McQuiggin at 35, 000ft off camera. Audio engineer Kimberly can fix it and camera operator Kathy Chambers. We got a great crew here for you today. We got a great show for you. So settle in, get ready, because we're about to cook. Live from Zero Trust World. Let's go. All right, everybody. Welcome to the party. Let us know if there's any audio issues. We got mod chat, Dan Reardon, AKA the Haircut fish in here. Where's the sippy cup? Okay, so, yeah, we got the team sippy cup for space tacos in chat. As always, I will say shout out to James McQuiggin for bringing his portable one as I forgot to pack mine. And we'll be drinking coffee from that as the show goes on. This is a live show. We are going to be going through the top eight stories of the day. Now, you, of course, could be doing this on your own. So what is the value prop? Why would you want to spend an hour with me and James McQuiggin and get insights on the top cyber news stories of the day? Because collectively, between us, we have about 45 years of cybersecurity industry experience, and we go beyond the headlines to deliver insights and value that can make you stand out as a professional and help you. Absolutely. To destroy job interviews. And that's what we're here alongside all of the Simply Cyber Community members who are live in chat right now with us. You are going to get answers, insights and community. So believe that. Now, every single episode of the Daily Cyber Threat Brief is worth half a cpe. So it's very easy. Just sit here. The show's an hour long, we kick it, we high five, we drink coffee and have fun for about half the show. The other half, we're doing the insights in the news. So all you got to do is say what's up? In chat, you'll hear on stream live as part of the show, take a screenshot, make sure that the title of the show, which includes the title and unique index number of this episode, is in that screenshot. And then every day do that. You show up on the regular. And once a year, you count those screenshots, divide by two, and that's how many CPS you got. It's very, very easy. The whole point of the screenshot is so you have forensically sound evidence to be able to demonstrate to an auditor if and when that ever happens. I also want to say shout out. First of all, shout out to James McQuiggin, my good friend here on the couch with us for co hosting this episode. Not a first timer, but definitely first time in a while on the couch here, co hosting. You are muted right now.

B

Since Wild West Hacking Fest.

A

Yes, since exactly. Wild West. So much to Space Tacos Delight, I'm sure. And others. This is a new laptop, new setup. I actually am discovering some of the shortcomings of my setup right now. So, like, the stream deck doesn't have the sound effects built into it. So we will be manual sound effecting today. James o' Quick and I invite you to.

B

Sure.

A

Periodically provide the sound effects. We do have. We do have some sound effects built. Okay, let us know. Let us know how loud the Carl is. Turn that sound effect board down so we got some sound effects. So James, you'll be in charge of the sound.

B

Oh, there we go.

A

All right, all right. I'm gonna look at live chat just for a second and say, hey, I'm looking actively at live chat. If you were here for the first time, you picked a banger to be your first episode. You're like, wait a minute, why are these guys all up in here? Let's do, let's go wide here. Why are these guys doing these things? Well, this is community. This is good times. This is the award winning 2024 podcast the Year award winning daily Cyber thrive brief. And it is a amalgamation of good times, professionalism and not taking ourselves too seriously. So if you're here for the first time, drop a hashtag first timer in chat. Let us know. We have a special sound effect which will be a manual sound effect. So no, no, tricky people don't say you're a first timer just to get us to make sound effects and whatnot. But I do want to say what's up to Devin Grady, who says hi to James McQuiggin. Hey, Devin, good to see you. Ad tech is in here. Mara Levy. Richard Duff is saying, okay, this is great. The mobile studio. We've got the mod chat in here. I see Kimberly in haircut. Okay, this is great. So guys, here we go.

B

Best comment so far in chat. We love James from a particular Mrs.

A

Ozier oh, is Mrs. Ozier in the chat?

B

Yep.

A

Oh, hey babe. Yeah, I love my wife. Hey, honey, good to see you. Welcome to the party. Well, welcome to the party, pal. Nadine gets the manual sound effect on here. So great to have you here. So we've done the first timer, we've done the CPEs, we've welcomed. Folks, let's just take a minute and say say thank you to the stream sponsors, those who enable me to bring this show to you every single day, whether we're live in Florida or we're coming to you from the Buffer Osier Flow Studio, starting with my good friends over at Anti Siphon Training. Anti Siphon training is disrupting the traditional cyber security training industry by offering high quality, cutting edge education to everyone, including you, at an unbelievable price on all of their training. Everybody should know that today there is still time at Wednesday, March 4th at noon today Eastern. Noon Eastern, the real time zone. I know you, you Pacific people are like if you are handling IR or soc analyst work and you don't know how, if you're treating AI incidents just like a traditional incident, that's like treating cloud infrastructure like on prem infrastructure. It does not map one to one. So level up today for absolutely free you can go to Anti Siphon Training and learn from Gerard Johansson on how to prepare for an AI incident. This is just one of the many offerings that Anti Siphon training offers on the regular at free or very low cost. I'm going to drop a link in chat right now. James, I'm going to ask you to just keep an eye on chat since I'm doing like 80 things here. So let me know if there's any good comments coming. Not good, but comments I should respond to. All the links for the sponsors are in the description below, so please do a solid by hooking the community up and checking the those links out. Many of you know Black Hills already. I also want to talk about Flare. Now Flare is doing some wild stuff, y'.

C

All.

A

Flare is a cyber threat intelligence platform that basically they go crawl the dark web, they put on waiters and go mucking through the pluff mud and they get all stinky and then they, they clean it up and bring it to us and then they put a pretty interface in it and then they allow us to query it looking for our endpoints, our domains, our users, cloud accounts, SAML tokens, all the things. And what this does for us is it allows us to find compromises, identities that have been busted, you know, people with like weak passwords that have been compromised. Impending attacks potentially all through their interface. So yes, defensive posture is good. EDR is good. But guess what? We have to manage risk. Not everything gets stopped. So if you can find out about an attack before it happens. Oh my God. Chef's kiss. Go to Simply Cyber IO Flair. It's cool. It's. It's just switching songs. Simply Cyber IO Flair now. And check it out. You get a two week trial. I do want to point out that they do have to validate you because this is basically like if the Legion of what was the bad guys in Justice League. Yeah. If the Legion of Doom got access to the Cyber Threat Intelligence platform flare it would be out of control. So they just want to make sure the Justice League gets it. So they do have to validate that you are on the side of the of good and high integrity. Go check them out links in the description below. Also want to say come on now. Threat Locker up in this piece. So we're going to hear about Threat Lockers platform. But I'm telling you we're at Zero Trust World and if we were just giving out points for food. Okay, we're gonna, we're gonna give them a bonus. The food here is ridiculous. So I'm gonna come back probably heavier and just like slower. So going to have to get my miles in on my run. Let's hear from Threat Locker and then I'm going to melt everybody's face with the top cyber news. Let's go. I want to give some love to the daily Cyber Threat brief sponsor Threat Locker. Do zero day exploits and supply chain attacks. Keep you up at night. Worry no more. You can harden your security with Threat Locker. Worldwide companies like JetBlue Trust Threat Locker to secure their data and keep their business operations flying high. Threat Locker takes a deny by default approach to cybersecurity security and provides a full audit of every action allowed or blocked for risk management and compliance. Onboarding and operation is fully supported by their US based Cyber Hero support team. Get a free 30 day trial and learn more about how Threat Locker can help prevent ransomware and ensure compliance. Visit threatlocker.com dailycyber. All right, welcome back. Here we are everybody. I do want to say shout out one of the comments bdubs5542 saying they love the live setup. It is a lot of fun. We'll take some photos and drop them in the discord. Go to Simply Cyber IO Discord if you want to get access to these. Some B roll, some behind the scenes stuff. It is all about good times, and I'm just super excited to be here. Doing the live show from the conference floor is always just a really energized experience. And we got a bunch of new equipment, so I'm super pumped that most of it's working as designed. All right, guys, do me a favor. James, I need you to sit back, all right? Kimberly, I need you to relax. Kathy, I need you to be ready to let the cool sounds of the hot news. There's definitely a spicy sounder on that one.

B

Yeah. Hit it.

A

No, no, that's anime.

B

There it is.

A

All right. Let it wash over you in an awesome way, guys. I'll see you at the mid roll.

B

Let's cook CISO series. It's cyber security headlines.

C

These are the cyber security headlines for Wednesday, March 4, 2026. I'm Rich Trofalino. Quantum decryption gets theoretically easier. When we talk about quantum computers breaking cryptography, we're specifically referring to their ability to solve the factorization problem used by RSA and ECC algorithms. This has been based on Shor's algorithm, but it's required an estimated 1 million qubits, which is still far from feasibility. However, the Advanced Quantum Technologies Institute announced a new Jesse Victor Garabaghi JVG quantum decryption algorithm that claims to require fewer than 5,000 qubits to break current encryption. Both SHOR and JVG algorithms use a combination of classical and quantum systems, but JVG offloads more work to classical. Shor's algorithm has been studied for years, so further evaluation by researchers is needed to verify the claims of JVG. OpenAI alters the deal.

A

All right, I have to manually start and stop the podcast, so just, you know, grant me some grace for that. Okay, so a couple things here right off the rip. One, as much as I wanted to, like, avoid cryptography and the math of cyber security, as quantum computing gets further and further closer to being, like, a real thing, we're gonna have to talk more about it. So just, like. Honestly, just like, how we're talking about on prem is different than cloud infrastructure. You don't just lift and shift to the cloud. The way that we're handling breaking quantum encryption and looking at quantum encryption and having the traditional encryption algorithms work, in a way, you. You just. It. I don't think you can apply the traditional encryption techniques to the quantum ones. And as we're seeing, RSA has been, like, synonymous with, you know, good encryption and encryption that's acceptable. And in the quantum level, thank God, there's some innovators out there who are looking at other things. Now, James, if you have any thoughts on this, I want to get them, but really quickly, I just want to share this with everybody. The rsa, you know, for forever has been like the key term. Now they mentioned that this new algorithm, the JC jvg, which is a acronym. So if you didn't know, RSA is an acronym of three dudes names that were the researchers behind. It's like Rivers, Shaman. Yeah, Shamir. And then. So that's it. But everybody just says rsa, right? It's like one of those acronyms that you just don't even speak about the real names, jvg. These poor guys. Because I'm probably going to start saying JCVD just because like Jean Claude Van Damme is a kind of a national treasure and we should, you know, despite his troubles and whatnot. So as soon as I saw jvg, I was immediately thinking jcvd. So I'm trying to make Jean Claude Van Damme encryption normal. So, James, any thoughts on this topic?

B

Yeah, this is certainly bringing back to light the whole PQC post quantum cryptography and making sure that you get ready for PQC day. And I know last year it was like, all right, get ready, got to be ready by 2030. And with what JVG is doing with their algorithm and offloading and being able to try and crack this, you've got to imagine that you've got nation states and cyber criminal groups out there with all of this encrypted data that had been has been collected over the years. They're just waiting until they can properly and easily get their hands on a quantum system to be able to start cracking all of this and basically whatever your, your PQC plans are, you know, start testing them, start getting ready for it, because it's going to get here quicker than we realize.

A

Yeah. And one other thing too. Sorry, this is me multitasking. Like I'm always doing one other thing that you should be mindful of.

C

Right.

A

Like, because I was talking to my Citadel students the other day, like not only when you think about encryption, okay, we normally think confidentiality. All right. That's like almost always what we associate it with. And oh, like you know, you know, nation state, big scary nation state is siphoning large amounts of encrypted data right now in one PQC day happens, they're going to break it all and they're going to hear secrets. But, but put this in your mind, like expand your mind with me for a second. Right, Microdose. And let's, let's expand our minds. Listen, there is an element of integrity and there's an element of repudiation that needs to be talked about for a second. With integrity. Yeah, I can go back and break stuff, but if I can break the encryption key, I can then send, you know, I can send the, the naval fleet in the Persian Gulf right now orders to say pull out or to strike another target. And the authenticity of who sent that or excuse me, the integrity of that can be compromised. Right, so like president sends orders, I then send. I intercept, manipulate because I can decrypt and then send new orders to do something that is more advantageous to me. So the integrity of the data can be compromised. Furthermore, the digital signature for non repudiation could be compromised because now I can reverse. Well, I don't actually, I don't know if you can reverse. You can't really reverse a public key because it's a pair. Yeah, but okay, so maybe stand down on that. All right, so I don't know if Quantum's going to break that. But anyways, the integrity of the message is something to be concerned with. All right, well, you're talking about the

B

public key, the private key.

A

Yeah, yeah, well, yeah.

B

So that's your one way.

A

I know asymmetric encryption. I guess the only way that this would work of changing the fleet. And this is why I don't swim in crypto waters. Because cryptography water, sorry, Justin Gold just like appeared. Why I don't do it because like I suppose if you bake in the digital signature into the data packet before encrypting it, then you would actually cause it to fail the hash of it to fail. Because when you decrypt it, when you decrypt it and change the orders, the signature of it would change. Okay. Anyways, we live in a, we're going to live in a post Quantum world and things are going to change. Just expand your mind beyond confidentiality only. Also, whoever said it in chat about JCVD being the Belgian national treasure. And also people who were yelling drink because apparently that is me aging myself. That's a thing.

C

So let's go with the Pentagon. Last week, OpenAI agreed to terms with the Pentagon to use its AI models on classified military information following an end to negotiations with Anthropic. At the time, OpenAI CEO Sam Altman claimed the agreement contained more guardrails than previous agreements with Anthropic. However, this week Altman said it was working with the Department of Defense. To add terms to its contract to exclude usage by the National Security Agency and to prohibit deliberate tracking, surveillance or monitoring of US persons or nationals, including through the procurement or use of commercially acquired personal or identifiable information. South.

A

Yeah, okay, so, okay, all right. OpenAI. Listen, the Pentagon wanted to use the Anthropic, in my opinion. I don't normally take these hotter takes, but like, to me, Anthropic is substantially better than Open AI. I like the product better. I use Claude all the time. Chat GPT. I uninstalled like in 2023. Like, I'm just, I'm off the train. Okay. So I mean, obviously the Pentagon tried to take Anthropic to the prom and Anthropic said no, no, Right. So then open it. Like, basically the Pentagon was like, oh, geez, like, went in the bathroom stall, got open AI's phone number off the wall for a good time call and called them and they were like, sure, let's party. And then I don't know if you saw this. They had, I saw it reported yesterday. They are having a substantial wave of people leave OpenAI as customers. Okay. They already had a bunch of engineers leaving because OpenAI and Sam Altman, you know, for whatever his, his boyish looks and stuff, like, that's not going to go so far when you're talking about existential threat and just taking guardrails off. So I feel like OpenAI got in bed with the Pentagon and then like they started to not really think through what the terms were of what was being asked of their chat GPT and their OpenAI backend platform. And there's been real lash back and blowback from that decision. So honestly, if anything, I think that OpenAI, which, by the way, I don't know if you saw this. OpenAI got $110 billion investment. Like seed, not seed funding, but like $110 billion of investment capital went into them just last week. So they have enough money to hire a PR firm or eight. So to me, this is pr. They're probably going to make some changes. But like, they're definitely. It's a bad look right now. Like there's, there's a lot of bad looks. We'll see. I don't know why the nsa, I don't know why every part of the federal government wouldn't want to use this. Right? There are, dude, there's rumors that they were using Anthropic in the planning of the Venezuelan Maduro mission. And I would assume that they. I mean, there's some people who are really, you know, I don't want to say fringe conspiracy theorists that like part of the entire Venezuelan thing has to do with like securing the oil. So when we go to Iran and do the thing in Iran, like the, the oil isn't a big blocker for us, James. Keeping it non political. Yeah, drop, drop thoughts here. Open AI changes the deal with US military.

B

Yeah, I mean you got to kind of look at it from your own perspective. I mean you've got organizations out there that are leveraging these large language models whether anthropic, Gemini. I mean anybody with a Google house is pulling in Gemini. Anybody using Microsoft's got copilot. So you've got OpenAI and Anthropic is the big two that can be out there. And you know, when it comes through to your contracts and what you can and shouldn't be doing with particular systems, you want to be having those conversations whether it's government contracts, whether it's public. But you know, it's always important to be able to go through and, and verify what you're going to allow, what you're not going to allow. And don't be rushing into it because if you rush into it, try to close the deal then you're going to have a lot of you could be opening yourself up to other issues that could be problematic and for reputation and brand on your organization.

A

Yeah, 100, 100%. And again, I mean this is a cyber story in the fact that AI is blistering hot. To me the lesson learned here, this is like really for and I mean this with all respect this story from a cyber perspective. The value here is for CISOs and maybe besos at large organizations around making strategic that could have consequences downstream that you didn't think about and backing up from it. Sock analyst. The story is like really impacting day to day. So like.

C

A well deserved

A

I I okay, it said it, hey, really quick. It said we disconnected and now we are reconnected. So if there was a, a blip. Sorry about that. Let's keep cooking.

C

Billion won worth of digital assets from 124 tax evaders. That's about US$5.6 million. The press release features some photos of the seizures, including a note that had the seed phrase for a hardware crypto wallet. By Friday morning, the wallet was drained of about US$4.8 million.

B

Oh, there we go. Here we go.

A

Yeah, I mean you're on a 22nd delay so chances are you got the delay. All right, so hey, yeah, we're back.

B

Okay. Yep.

A

Yeah, so we're dealing with, you know, certain, we have certain infrastructure dependencies like Internet and such. Okay. So here, let's just keep doing it, guys. If you're. Hey, did we see any first timers, by the way? If we had any first timers holler and chat with a hashtag first timer for long timers. You know the deal, guys. We live in a world, we work in cyber security, right. So like our goal is to keep business operations going and making money. So just like Simply Cyber is a podcast, if we suffer some kind of, you know, impact, we're going to continue going and try to give you 85% of the show or 40 of the show or whatever. But we're back and we're cooking. Michael Fink says it's not simply Cyber without an audio issue. Can you, can you play the anime? Wow. Please. I think it's the orange one, Kimberly. No. Well, that would be applicable too. Yeah, those are both on brand, I suppose. All right, let's finish this

C

worth of PR tokens. While certainly the face of the NTS, those tokens account for about 40% of the entire PRTG supply. The hundreds of dollars on each day. So actually cashing out those.

A

The opening lines of. I don't know. Okay, I guess we are going to do it. So South Korean police confiscated a bunch of crypto from a bad guy. Awesome. What they didn't know. And this is probably. Oh, it says we're stuttering really badly now, bruh. We'll get this done. Basically, here's the deal. In this picture here you can see they actually have included, sadly, you know, kind of like this is like their evidence porn photo.

B

Yeah.

A

And unfortunately what they've done here is they've included, you see the passwords there written on the side. Those were the one time passwords that allowed them to basically unlock the cold wallet. So unfortunately, someone or some group of people could steal all this information and steal this data. But of course, because it's blockchain, because it's the ledger, anyone who steals that money will be able to be identified. Again, if you're a criminal or a threat actor and you're already dealing with illicit funds and moving money and stuff like that, I'm sure it won't matter. Someone's going to steal this money. Like there's no question about that. Yeah, but James, any, any thoughts on this? I know Justin Gold's probably getting like a microscope out right now trying to zoom in on this thing, but what do you got on this? Any thoughts?

B

The first thing that came to mind was the. When you've had news crews go into socks or into, you know, operation centers and there's the WI fi password and the SSID sitting there on the whiteboard. And that's exactly what this is. It's like, could this be any more of a human error by easily displaying that information? And I wouldn't be surprised if Justin Gold sitting there with his little microscope trying to zoom in on that. But yeah, that's, that's very much one of those, you know, face, palm, don't type. Yeah, Carl definitely comes into play there.

A

Carl. Carl. Yeah. So from a, From a cyber security perspective, all I would. All I would say is, yes, it's super convenient for the, for the command center or the production studio to throw the password on a dry erase board. And that's not a problem. Like, dude, like, writing passwords down, like, this is like kind of a hot take or whatever for a cyber pro. But like, writing passwords down is not a bad thing. Like, it's not bad. It's just managing the risk of like, okay, you've made this decision, so how do you manage the risk of having that exposed now? Right, but in the world of risk, you can remediate, you can transfer, you can also avoid. So if you don't write it down, you don't have any of that risk. If you do write it down, you do. But now you have to manage that risk, right? It just, it increases your attack surface, which is why I tell, like Aunt Dorothea's of the world, you can write it down in a notebook and leave it next to your computer. No one's breaking into your house to steal your little notebook, okay? But if you take the notebook with you on travel and leave it in an Uber, well, you've exposed yourself to some risk. So just, Just be mindful as a cybersecurity professional, yes, we love bits and bytes and digital everything, but there is a physical security element. Guards, guns, locks, gates, all that and passwords written down on dry erase boards. So don't, don't. Don't be that guy, okay? Don't be Carl. Ooh, can we get a Carl? Thank you. Kimberly can fix it. At the ready.

C

Hits Israel. If we've learned nothing else from the ongoing war in Ukraine, the chaos of war creates the perfect breeding ground for a cyber attack. Cloudsack saw a new campaign exploding the Israel Iran conflict with red actors. Using a spoofed version of an app for missile strike notifications from the Israel Defense Forces home front command. This app relays legitimate Alerts, but runs a surveillance payload on the side. This app must be sideloaded and gives telltale red flags like asking for gps, SMS access and contact sharing permissions. The app shows significant sophistication, however, spoofing the legitimate app's signing credentials, altering installation data to make it look like it came from the Play Store, and using proxy hooks to get around Android's built in integrity checks.

A

Okay, that was a lot to consume and yeah, like, Josh Mason's arrived on the scene. Everybody good to see Josh and he attacked you? Yeah, no, it was good. It's just this is a pretty complicated story that we were just covering here. All right, so Israel's developed some new spyware, but again, I say it all the time. Israel is excellent at cyber security and at spyware, among other things. This particular one is mobile espionage campaign exploiting civilian fears. So again, Israel in United States attacked Iran. I guess that's a fact, right? Like I'm not, this isn't me wandering into political waters. And here's the thing, I don't care if it's the World cup coming to Atlanta allegedly, or if it is Iran getting attacked by the US or Iran launching missiles into Dubai. Like when, when citizens are worried about their safety, right. This Maslow's pyramid of needs becomes in question. Any information is good. We, we saw this during COVID right when Covid happened and people are sending out messages about get your N95 masks here, use the vaccine, don't use the vaccine. It, it, it's just a, from a social engineering perspective, people are like super thirsty for information to help their situation and help benefit them. So you know, Israel is, is I guess jumping on this by using this as part of their multi pronged campaign of, you know, basically winning their war. Right. So unfortunately you would, you would hope that in a military conflict, citizens and civilians would be removed from that, but this particular attack, they're going the whole stack and attacking everything again. Chat. We're trying to keep this apolitical as best as we can. This particular malware is called Red Alert and it is being, it's an app for Android. It says it bypasses Google Play store and lures victims into side loading. So of course if you can just not download apps from random places, that would be good.

B

That's always a good thing.

D

Yep.

A

And then I don't even know. Oh, here we go. Multi infection stage here. I'm going to bring this up on chat really quickly. The initial loader cloaks the app and extracts hidden assets. So at this point you're already. So like, don't install weird apps from weird places. Educate your end users. This is why I like to use iPhone personally. It kind of like limits my attack surface due to me making a stupid choice. A dynamically loaded intermediate payload, whatever, that's just basically staging and then it reaches out to a C2, remember too? Here's another thing. You can have MDM on your device and stuff like that, but dude, most like Android phones, like, people aren't going to jump, hey, what's up? People aren't going to jump on the wireless network or the corporate environment or they're all running around and stuff like that. So your exposure to potential company assets, company accounts, your enterprise security technologies are not necessarily going to protect you from that. Just in with cloud and identity is the new perimeter. So someone doesn't even get on your corporate network, their account gets compromised. Now threat actor logs into corporate network. James.

B

Yeah, yeah. I mean this app, like you said, you know, we should always be downloading for rep locations. But here they're relying on, hey, you can hear about where the latest missile strikes are. People are, you know, not really going to stop and audit the app and verify. It's like, oh, this is something that can give me information that can help me that, you know, possibly save my life. Lives of friends, families.

A

I'm sorry, really quick. Like this is an important distinction. Mickey pointed this out in chat, I just confirmed it. Okay, so Iran is impersonating Israel's red alert rocket warning app. So it's, it's Iran attack attacking Israeli citizens. Which by the way, it's, it's, yeah, it's, you know, one in one a. I mean it's the same thing, like the same incentives, the same motivations to do these things. All right, please continue.

B

Yeah, but it, yeah, so whether it's whichever side, but it's, it's adding it on the cyber attack perspective as well as the physical attacks that are going on. So Iran, who have been known for creating a lot of these software, these type of malware apps to trick people, get them to, you know, they're relying on that emotional aspect to download and install the app. They're giving up GPS information, whole lot of sense of info and it's. Yeah, it's a trifecta of attack.

A

It's gnarly. And as I mentioned in the stream yesterday, I think, and not that this is any like crazy hot take, but like if you think about motivations, right. It's not, I always say it's always about money, but like in this particular instance, Iran, you know, politics aside, whether you think they're right or wrong or whatever, Iran is facing existential threat like the eradication of Iran. Right. They've already kind of eliminated the leaders and you know, so like, I'm not surprised that they're shooting all of their, you know, proverbial shots, you know what I mean? So, yeah, it is what it is. All right, let's do mid roll midroll.

C

And now a huge thanks to our sponsor, Adaptive Security. This episode is brought to you by Adaptive Security, the first security awareness platform built to stop AI powered social engineering. Attackers don't need malware anymore, they need trust. Set a simple passphrase for high risk actions like wire requests or urgent account recovery, especially within finance teams and families. If the caller can't answer it, pause and verify. Adaptive runs deep fake and vishing simulations so employees practice this before it's real. Learn more@adaptivesecurity.com all right, Coalition, turn it

A

down a little bit. Of course, we're live from Zero Trust World. We're going to blow out the copyright. Guys, thank you so much for being here. We are halfway through the show, a couple minutes over. So Nick Barker is probably on an elliptical sweating his butt off shaking a fist in the sky right now. Guys, thank you so very much to Zero Trust World and Threat Locker for hosting us here, providing great infrastructure. I've already seen several simply Cyber community members right off camera we've got Josh Mason, FedEx, TJ's here, find the true many others so definitely appreciate it. Shout out to the stream sponsors. Flare Threat Locker, anti siphon training. All about good times. Now every single day of the week has a Special and James McQuiggin, thank you. Every single day of the week has a special segment. And Wednesdays used to be worldwide Wednesday but we've since changed it to Wayback Wednesday and I've been trying to keep it tightened to technology so I wanted to get to all in the Wayback machine and see if this vibes with anybody. So you know, nowadays you youngs like casually Joseph don't know the struggle like my Garmin watch probably has more power than like the, you know the space shuttle in 1969. Right. But let me take you back to 1991. 11 year old Jerry, well it was probably 1993. 13 year old Jerry's like watching cartoons, scarfing down frosted flakes and incomes. Where is it? In comes the EE machines. Hewlett Packard 46 SX with 25 megabytes of RAM. It had a 25 GHz processor. No, it had 32 megabytes or 8 megabytes of RAM 30. I think it had a 25 megabyte hard drive.

B

Oh wow.

A

And it 25 MHz processor with the 33 MHz turbo button, which if you knew the turbo button, it was like, I'm going to be running this app right now. I've got to put that turbo button in reality. You turn the turbo button on and never look back.

B

Yeah, it was always on.

A

It was the dumbest feature. So James, what was your first computer?

B

Well, the first computer was the Commodore Vic 20. I mean but I was 10, I think at that time. But my first PC was an XT machine 8086 processor. I think it had 22 megahertz speed in it. It had two five and a quarter inch floppies.

A

Whoa, whoa, you sprung for the. Yeah, the Cadillac package.

B

No, no hard drive in that system. Everything was running off two floppy drives. Load up the operating system with one and then load an application with another one. And yeah, that was my, that was 1988 I think is when I got that machine. That was in high school. So do the math.

A

All right. Hey, and really quickly, just bringing the Simply Cyber community into the mid roll here. Phil Stafford was on a FIC 20 Cyber Shin and Gami Tandy 1000 which was Kimberly's first one. We saw. Let's see, Packard Bell, right?

B

Yep.

A

Tandy from Radio Shack. That's right. Some of us had the Commodore 64.

B

Remember the Amiga computers?

A

Oh yeah, it was a wild time. We were, we were doing all sorts of crazy things back then.

B

Lots of stuff.

A

ZMIF was a 386 guy. I love it.

B

Oh, I remember the Zenith. Yep, yep.

A

All right guys, so we're gonna do the la la la la's blow. I mean if we're gonna blow out the copyright strike, we might as well get our blow it value out.

B

Yep.

A

All right, so do me a favor, you know the words. I didn't see any first timers, so it's just us.

B

Old tier, no Alpha Sierra on today.

A

I didn't see it, but that's okay. Alpha Sierra, let's get ready. I want to thank you all. People are lined up here at Zero Trust World. If you're here, come on down, stop by the booth. Let's get our la la.

C

La.

A

Simple Minds full send. All right, let's finish strong, everybody.

C

Coalition building security foundations for 6G. We're still a long way from finalizing any spec for what 6G networks will look like with only broad strokes about ultra low latency AI integration and linking satellite and terrestrial systems. But that doesn't mean it's too early to think about security. The uk, us, Canada, Japan, Australia, Sweden and Finland announced the formation of the Global Coalition on Telecoms. The to set out non binding principles aimed at developing 6G with a secure by design approach. Their initial guidance calls for stronger threat containment, diversification of the 6G supply chain to prevent systemic threats and support for quantum resistant cryptography. This is meant to guide vendors, academics and trade groups in 6G development.

A

Okay, so all right, I mean were we done with 5G? I.

B

Well, I mean once 5G comes out, it's already old, right? Gotta start working on the next one.

A

I feel like this is like, I mean whatever, like I know it's 6th generation but like I feel like this is like people screaming about like I P V7. It's like yeah, wait, wait, like WI fi. It's not even a thing. Stop it. You can't just add one to it and call it a new thing. All right, so to me this, this today's episode is just littered with political landmines. So it appears that this entire thing is designed to basically redevelop telecommunication infrastructure to explicitly exclude China from a security perspective. Because 5G, I mean China obviously salt typhoon has gotten all up in everybody's telecommunication infrastructure, Internet service providers, both Japan, United States, there's other, I think Germany or polling got crushed up in that. So we're doing the 6G thing guys, as far as I know, I mean, okay, here's the reality. This isn't a video game where it's like age of civilization where you, you give like 30 credits and all of a sudden you push a button, you've got 6G. Like you have to have researchers develop the technology and get it standardized. Then you have to roll it out to industry which has to integrate it into hardware solutions and tech stacks. Then you have to have people buy it and implement it. This takes multiple years. Okay, so like sure, if you're like ah, like China, you're not allowed up in this piece, that's fine. But we're looking, in my opinion we're looking at like 20:30.

B

Yeah.

A

Before this is even practical. And by then I mean I don't know man. If all the countries. China is the best at espionage as far as I'm concerned. So the you know, hot take, they'll wait till 2029 and then just download like the protocol and move on. James Again like this. Today's episode is rife with, it's rife

B

with all kinds of stuff. Well, I mean I was looking at it from the optimist perspective of the glasses half full here and the fact it's like, well, hey, good, you know, let's start getting security in earlier. Let's not be added bolting it on later on, you know, that perspective. But yeah, noticing that certain countries aren't part of that, trying to exclude them. Yeah, but it's never too early to start getting security and thinking about security in your products, in your services. So I'll take it from that perspective, looking at it that way. But yeah, I'm not surprised they're starting to plan 6G because 7G is right behind it.

A

I'm sure 6G is now with AI, I heard. Oh, it'll be, it's 5G with AI.

B

5G with AI.

A

Yeah.

B

So it'll, it'll be hallucinating phone calls for us.

A

Yeah, yeah.

C

Honeywell spars with researcher on vulnerability severity Cybersecurity researcher Joko Kristick is known for investigating building control systems. Most recently turning his attention to Honeywell's iQ4 controller, he found that out of the box, these controllers expose management interfaces without authentication by default and could allow for external access to lockout admins. He reported this to Honeywell in December 2025. However, the company declined to make any changes, arguing the device is for on premises use only and not exposed to the Internet. Kristick countered that he found 7,500 Internet exposed instances with about 20% of those accessible without any authentication. Telling Security Week, I've seen installations where the user account has not been created and I was able to write changes to components. Kristick reached out to the Cert Coordination center at Carnegie Mellon University to mediate the vulnerability disclosure dispute with Honeywell.

A

Okay, so finally we've got a legit cyber security story and one that I'm going to go off on a little bit of a riff here and let you know, pisses me off. Okay, so here's the reality in 2026, like how are companies like Honeywell, which is a massive faceless super conglomerate that has tons of subsidiaries and stuff, this is the most tone deaf, ignorant response from a vendor that I have seen in a minute. So, so they sell a bunch of product, okay? And the product is being connected to the Internet and it allows physical access to facilities which could include very sensitive things. Like let's, let's just go off on a, go down the rabbit hole on, on hyperbolic Things. It's protecting a nuclear power plant, okay? It's, it's protecting an armory, it's protecting an orphanage of children, right? Like whatever. Okay. The fact that they say it's not designed for Internet, it's for on prem only. So therefore it's not a problem is complete trash, dude. Like the fact that it can even be configured to connect to the Internet means that that capability is there. And in 2026 everybody's managing everything all over the place. Like it's completely, it's asinine that they would say that this is a friggin feature and that the, it's the user's responsibility not to connect it to the Internet. To me this is, this is like gross negligence from a, from a vendor perspective to ignorantly push off liability for this particular issue and shout out to the researcher for not just taking it on the chin and be like well I guess, I guess like no dude, push the buttons, push it forward. There's a reason that we don't arrest hackers anymore for disclosing know faceless conglomerates. Negligence, right? So anyways, if you're running these Honeywell things, number one, secure them, right? Like obviously change the default creds if you can. You know, I would put it behind a, a vpn, you know, like make it so you can't get it from the Internet, right? Cr. Like, like you know, manage creds. All those things. Do all the best practices for security architecture. But at the same time like when it. Here's my problem too. Like I'm sorry, I'm getting like pissed off. Like here's my problem. These are physical controller infrastructure. So like even if you hate it and you're going to have your wallet do the talking, there's no way you're ever going to convince administration to rip all this out and deploy, you know, Honeywell's competitor, right? It, this is like kind of you buy it once and it works for a long time type thing. So unfortunately we can't make Honeywell pay financially for this. But to me like you know, shame on you Honeywell. I guess that's what I'm just going to say. Shame on you.

B

Well, I gotta admit, you know, Honeywell, the orphanage cracked me up. But you've got, as consumers you've got thermostats, you've. Honeywell has a lot of thermostats in people's homes that are connected to the Internet. They are hopefully connected hot behind people's routers and you know, not fully exposed. Now what's that oh yeah. After spending 18 years working for a large little German company that dealt with power generation and developing programmable logic controllers that weren't designed to go on the Internet, you can still go onto Shodan these days and do a search and find them even. And you're exactly right, we didn't design them to be put on the Internet. They're supposed to be behind firewalls and VPNs and protected. But if they get connected, you know, and they get exposed, that becomes a problem. And your, your device is going to be pwned in no time flat. And there's probably. Nowadays with AI it's not that hard to have a script running, have a program running, something where it's like, oh, discover a plc, discover one of these home automated and lo and behold, they'll be in it within a day, if not less so.

A

Yeah, exactly.

B

And I mean it's almost, sorry, it's almost like a David and Goliath story. You've got David, you know, as the, the researcher. Goliath is the, is Honeywell. They're standing there going, oh yeah, no, it's a vulnerability. Yeah, no, it's not that bad. But, but all the while, like any large organization, they're going to be behind the scenes scrambling, going, hey, how bad is this? Whether it's you know, a team of people, an apartment or one person going, no, it's not as bad as they're saying that. They're trying to downplay, market it, play it off, but you know, it'll depending if there's an actual attack that comes out of it remains to be seen.

A

Yeah, it's gross. And I mean again like there's two things from a risk perspective. Again, as a GRC dork, my first thoughts are like, what's the actual risk? Right. Is this something I should care about? So number one, like if they get into it and they can like unlock a door, I mean then they'd have to physically go there. So like North Korea is not like running crypto inside your orphanage. But, but, but that aside, a lot of times these are. If someone is, I, I don't want to say. Can you play the Carl sound effect please? If someone's configuring this thing with no creds in Internet facing, chances are they're not doing network segmentation or proper architecture. So now you're giving them a, like a foothold into your internal network and being able to move laterally into crown jewels and like, you know what I mean? So like, like don't think of this as exclusively a physical controller or a nest thermostat that gets like owned. Think of it as like an IP with a, with an operating system. It's probably a lightweight Linux build that's on your internal network. Okay, that's a concern that you have to be mindful of.

B

And joins a bot.

C

LexisNexis confirms data breach the data analytics company confirmed that threat actors access customer and business information in a recent cyber attack. This disclosure comes after the group FulcrumSec leaked about 2 gigabytes of files from LexisNexis on illicit forums. FulcrumSec claims they exploited the React2Shell vulnerability in an unpatched React front end app to access the company's AWS infrastructure. LexisNexis claims most stolen data were legacy files from prior to 2020 and included customer names, surveys, IP addresses, support tickets, and business contact information. Fulcrums that claims that the data includes contact information from government employees and that they unsuccessfully tried to extort LexisNexis.

B

All right, so take security very seriously.

A

I know. Get ready for your. Oh, hold on. Just ignore. Ignore this magic. The gathering injected ad. Just ignore that. Okay, so LexisNexis, if you didn't know, I mean, I feel like LexisNexis when I was young it was like, oh, here's like the research database before, like Google and the Internet kind of was a thing. LexisNexis is like this super wealthy data aggregator, super data broker. Right. I mean essentially that's what it is. So like if you're gonna hit someone and get a data breach out of them, one of the biggest data brokers out there is super valuable. Now, excuse me. LexisNexis not paying the ransom is interesting, you know.

B

Right, right.

A

Like I said, we're seeing a downturn in people paying ransoms. And I think they just do the calculus and they're like, okay, so all of our customer data got stolen, but we still have a copy of it. Right. And we're. They're asking us to pay $2 million. But like, let's look at any other company that suffered a data exfil breach, not a ransomware encryption breach. So business operations are still going for LexisNexis. I believe in this story.

B

Yeah.

A

So what, what's the impact? Well, if you look at other companies as case study, you know, they buy some identity theft protection, they send out some emails and their bottom line does not get impacted. So follow the money. Right. Like, why would LexisNex is poop their pants here. They wouldn't. They'd be like, all right, like, sucks. Like f. You know, take. Take a hike. Threat actor. So this sucks for me, you, Kimberly, Kathy, TJ, FedEx, and the whole simply cyber community because it's our data, right? And they've got massive data troves, right? Just. I mean, guess what? Spoiler alert. You see this magic, the gathering ad, There's a reason that that shows up in my feed because probably LexisNexis is doing data aggregation on my web history and, you know, serving these up. So it was a REACT to Shell vulnerability. By the way, React to Shell was a web application. So modern web applications use React and. Jesus, I can't even think of all the new technologies that they use, but the REACT is one of the more popular ones. And you could easily exploit it to get root access or Shell terminal shell into the box itself. And unfortunately, if you didn't patch it, it was a problem.

B

Oh, you gotta patch it.

A

You gotta patch it. Yeah. The one thing I will say for LexisNexis in this instance, because I don't want anyone to just throw shade, is LexisNexis is a huge company that's been around for a wicked long time. So it's possible that they could not fix this vulnerability without causing operational impact. Famously, I cite this kind of once in a while. Equifax was actually suffered a massive breach a few years ago, and it was because of their Apache struts front end was vulnerable to an attack. And it was later determined that they literally couldn't patch the Apache struts vulnerability because they had all sorts of custom builds and custom configuration and it would have broke operation. So they were working on a plan to fix it.

B

But yeah, I thought it was because they had a server that they didn't know about that was running it, that was sitting exposed and they got in through that.

A

Oh, well, it probably was that too. Oh, okay. Well, let's.

B

For me, that came down to inventory, you know, not knowing what you've got.

A

Let's both be right, James.

B

Sure, why not? All right, Someone's gonna.

C

Someone's gonna fact check us on at cyber criminal demographics. I don't know if the picture of the classic hacker as a teenager in a hoodie was ever representative of cybercriminals, but Orange Cyber Defense's latest Security Navigator report shows it's definitely an outlier today in an analysis of hundreds of public arrest and takedown notices Globally from between 2021 and 2023, 37% of all cases involved threat actors aged 35 to 44. Those dang millennials are still hacking. The next most common demo was 25 to 34, accounting for 30% of all instances, followed by 21% of 18 to 24 year olds, and less than 5% were under 18. The 18 to 24 demo most commonly got arrested for illicit system Access involved in 30% of those cases. The 25 to 34.4year old demo focused on selling stolen data and cyber extortion most commonly, While the Elder 35 to 44 demo focused on cyber extortion and deploying malware.

A

Okay, so first of all, Rich Stroffolino, I don't know if I would call the 35 to 44 the elder category. What are we doing here? I'm not, I'm older than that category.

B

I'm like, we're out of it. So it's like, good, we can go,

A

am I in the deceased category?

B

No, we're, we're.

A

Jesus Christ.

B

We're not being represented here. We got to start getting out there and start putting our names. Actually, no, now it's like, all right, good, I'm not part of it, so we're just defending against it.

A

Okay, so my, my thoughts on this right away. Turns out cybercriminals are old enough to know better, with the 35 to 44 year olds being the ones most likely to hack. If you just do some back of the napkin math, those are people who were like 19 and 20 when like, hacking on the scene came into vogue. So they've had 20 years of getting their crap together. Like this makes sense to me. Like, this isn't like, oh, like it was never, it was never associated with the age. Right? It's not like 19 year olds are more like, prone to do hacking today. It's, it's. What's your capability, what's your access? What are your motivations? And those people have come up with access to the, you know, opportunities and built relationships. Right? I mean, we always talk about networking, right? Like when you get older, you build a bigger network because you talk to more people. You work with people, you get, you get a authority and trust right, in these, like, cyber criminal undergrounds. So this story does not surprise me whatsoever. I will say it is noteworthy that that young 18 to 22 generation is kind of getting a little bit of a surge through lapsis scattered spider. And what's the, what's the other one there? Freaking bruh. Lapsus scattered spider. What's the third punk ones? No, no, no, not clop. Uh, they're. They're all part of the comm.

B

Oh, okay.

A

Oh, Shiny Hunters. Yeah, of course. Thank you. Tj off camera with the assist. All right, so Shiny Hunter. So the reason that that's working is there's actually an uptick in activity. And honestly, if I had to guess. Okay, here's a hot take. Can we. I'm going to zoom in on me. Listen, here's a hot take. I actually suspect that the people who are running, like, the brains of. Not Shiny Hunters, but th. Those groups that are, like, recruiting those youngs are probably older people and. And kind of organizing that because there's. I attended a flare webinar to talk about the CD underbelly of the criminal ecosystem, and there's a lot of, like, hey, like, do you not belong anywhere? Do you want some friends? You want to do some cool stuff? Look, I'm driving a Bentley, and I got gold rings. You want. You, like, you can't afford anything. You can't even afford to rip Pokemon packs, right? Like, be cool like me. And they're, like, recruiting them like Shredder in the original 93 TMNT movie. So there's a. Like, an active recruitment of those youngs coming up. But. But for the most part, I'm not surprised that it is this age group, this elder age group, which I'm gonna punch a wall, but go ahead. James, what do you got?

B

I. You know, I look at it as, you know, that's kind of where our workforce is nowadays. You know, working in the socks, working in our organizations. They're just as much of an insider threat as, you know, the. The external threats that are coming in. So, I mean, Orange always puts out their. Their reports that they put are always informative. This one kind of in there as well. But it's also, you know, not surprising to see a lot those age groups represented. I'd be curious to see what the percentage would be for the over 44s, you know, how much. How many of the OGs are. Are still out there, you know, hacking away. I. I know we're. We're out there doing it. It's just a matter of. I guess we're not on. On the radar when it comes to that particular report overall. So. Yeah.

A

Thank you. All right. I love it. I love it. I love it. Okay. All right, y'. All. You know what that sound means? It means only one thing.

B

We got through another day.

A

We got through Simply Cybers Daily Cyber Threat Brief. Live here at Zero Trust World alongside my co host, James McQuiggin. Kimberly Confixen as audio engineer. Kathy Chambers as camera operator. We straight crush it. And producer dude, it takes a village. Especially when we're building a on set podcast studio in the morning and then ripping it down at night. It is a massive undertaking. I want to say thank you to all of you. Shout out to the mods. We will be doing Jawjacking right now, so don't go anywhere. We're gonna have some special guests on the couch with us. Maybe we'll figure it all out. I'm Jerry from Simply Cyber. He's James McQuiggin at 35, 000ft. Until next time, y' all stay secure. Ever wonder what it takes to break into cyber security? Join us every weekday for Jawjacking, where industry experts answer your burning questions about the cyber security field live, unfiltered, and totally free. Let's level up together. It's time for some Jawjacking. All right, everybody, welcome to Jawjacking. We're gonna do this. One second.

B

How's it going, Jerry guy?

A

It's good, Kimberly. Can we make sure that the audio is like, like the low audio? Yeah, yeah, that's fine. All right, we're gonna have some people join us on the couch. We can, we can do one. TJ, do you want to join us? And then FedEx, we can, we'll swap out. All right. All right, so we're gonna get tj, AKA Find the True sitting, to join us on the, on the couch. Just give me one second as I get the camera sorted out really quickly. So grant me some grace as we're doing this. Let me do this, Let me do this. Let me do this. Let me do this. Let me do. I can't. It won't let me do that. All right, hold on one second. All right, hold on. We're gonna, we're gonna get this sorted. I guess we'll just do it this way, Kimberly. I mean, I'm sorry, Kathy. Can you either zoom out a little bit or just adjust slightly because, or, or TJ can just move.

B

We can scoot over. We can make room.

A

It actually works out perfect. All right, guys, welcome to Jawjacking. I'm your host, Jerry Guy. Hold on. I'm your host, Jerry Guy with the monocle. And basically what we do here is a 30 minute show. I can't mentor one on one. I, I even got DMS just recently to, like, meet with someone for 15, 20 minutes to interview them for a fake job. I, I, I, I, literally, it's it's very difficult for me to do these things, but what I can do is provide this show and allow you to ask questions and get answers. We're, It's. We're very fortunate today to be joined by two additional industry professionals. James McQuiggin at 35, 000ft.

B

Howdy.

A

And TJ, who's one of the. A great example or a product of someone with second career in cyber. So if you have questions around moving into cyber security career, thoughts on stories today that are apolitical, put them in chat with a queue and we will answer your questions. Kimberly, is his mic hot? Yes.

D

Okay.

A

Hey, tj, so at the mid roll, just to kind of get things started at the mid roll, we talked about our original OG Computer. Now, I know you had a second career, but, like, what was your first computer? You got to put your mic right up there.

E

Commodore 60.

A

Commodore 64. All right, so the OG I like it. Is his mic warm?

B

No, it's odd. Just bring up. Just bring number three up.

A

There we go. Right, tj, tell us. Tell us just a little bit about yourself. Give us 30 seconds so we can dial in your audio.

E

Real, real simple, Very simple. We had an issue with our air conditioning. Couldn't get an honest answer. So I went into that trade. A couple years ago, my dad had an issue with somebody getting in his accounts. Got some help that way, didn't know how it worked, got in, and I've been busting my butt ever since.

A

So there we go. And he's a man who works hard, I can tell you that for a fact. Also got to spend some time with him at simply CyberCon 2025. So that was definitely good. As always. If you got questions, drop them in chat. I see Zach Hill in the chat. Very nice, Zach. Zach. Phil Steffen, Roswell uk Bruising hex. All right, we got a question here. Bruising hacks, can you please look up the Equifax breach and realize your gap of a couple of years to almost a decade? All right, so I guess I got the year wrong on Equifax breach.

B

20 something.

A

Oh, yeah, you want to get Equifax breach was. I think.

E

I'm thinking 2020. I'm thinking of 2020 as well.

A

No, no, it was definitely not that.

E

It was way before that.

A

I don't know. Bruising hacks instead of your chiding, passive aggressive. Give us the year. All right. Kimberly can fix its hand. It's like the thing from Adam's family. So apparently, Kimberly, your hand comes in and out of frame onto the mixing board.

B

Yes, it does. Yeah.

A

Yeah. Good thing she did her nails. Yeah. All right. Looking for some chat. So cyber risk, which says she's loving the feminine touch. I will tell you, for those who don't know, we don't. I don't really like, walk around and boast about it, but like, simply, cyber is a very equitable community and, you know, diverse and whatnot. So we have large international population, male, female population, geographical demographics. We've just been joined on the couch by FedEx. All right, so Zach Morrison says is I am a great field to work in in cyber security. I'll do. So the questions haven't started rolling in really heavily yet. So we're going to do a little bit of a panel, two questions I'm gonna ask, and then we'll go around. So the question is, is Iam a great field to work in in cyber security? I would ask1, is IAM in cyber security? And then is it a great field to work in? James McQuiggin, go.

B

Is I am a good field to work in? I, you know, if it's something that you enjoy, you know, if you're just looking, hey, this, there's a job opening and you know, is it a good one? I want to know if it's good or not. I would certainly go talk to people that do Iam. First of all, is it part of cyber security? I would say the more of the governance aspect of it, the policy aspect of it is, but the actual doing of the IAM is going to come out of it. It's like patching. Ah, you gotta patch it. The patching aspect of it is more of an IT function. Right. But we're gonna set the rules, the policy, the governance for that overall. So if I am is something you're looking at, definitely go talk to people that do it for a living and see what their perspective is. What's it like in the day, in the life of worst case scenario. Go ask Claude and see what Claude's got for you.

A

There you go.

E

Always getting AI tj, if identity is the new perimeter, then yes, it makes perfect sense. And I expect that to be growing very quickly.

A

Yeah, great point. Identity is the new perimeter. FedEx, what do you got for us?

D

And I bet the difference I am it is part of cybersecurity. And I tell you why. Because you need an identity to work in a company. They're going to be the ones who's going to create your identity. They're going to give you your first Rise. They're going to give you the first access and they're most likely the ones that also going to cut you once you get terminated from a company. I mean im, normally it is the first line of termination and then it comes to the SOC thing or the termination team to make sure that every other account has been terminated in a no more access. But IM is highly involved on creation and terminations.

A

Yeah, and personally I don't want to work in IAM personally, but like it's definitely a burgeoning field. Like, like if you were looking for like the quickest path in I think CMMC auditing from a GRC perspective and IAM also, iam, like if you're going to integrate like SAML and single sign on, like it isn't magic that doesn't. There's not magic that happens. You have to integrate with the vendor for that capability to happen. So that's like a more ongoing thing for IAM professionals to handle. All right, James, how good is it to get a degree in UI UX from Squirrelium?

B

Squirrelium? Well, where is Squirrel? I've never heard of Squirrel.

A

Squirrelium's the user was the name.

C

Sorry.

B

All right.

A

Did you get a degree in uiux, period?

B

Well, I mean, that's really specific. So I mean, if you're already working in that field already and it's something you want to specialize in, sure. But I think for me, you know, again, it comes down to what is it you're looking for specifically out of that degree. You know, if. Is this a bachelor's? Is it a certificate? You know, they do offer the very specific ones, but if you're going to go specific, then that's the field that you're going to be in. It can be tricky later on if you want to try to pivot or laterally move to another type role. Unless you want to become like a leading expert in UI UX overall. But nowadays with what AI is doing. This was a conversation I had yesterday with Ben Cybertruck Ben, with regards to, you know, with regards to programming, with regards to roles that could be disappearing over the next number of years, we're still going to need people that understand the fundamentals, that know the, you know, understand the basics and, and can work through it. Even though AI is going to be writing all the code and everything else. But, you know, if a degree is a degree, it all depends where you are in your career. If you're just starting out versus if you're 20 years in. If you're just starting out. Yeah. It might be something specific that you need to help you get that job. But if you're 20 years in, unless you're doing it for fun, I don't see a reason.

A

All right, and really quick, before we pivot off this, Kimberly can fix it. I sent you a discord. Just really quickly. Thumbs up or thumbs down? Bring your hand in. Thumbs up, thumbs down. A degree in UI ux. All right. Okay. All right. Can we get the anime out? No, I just wanted her hand. Thank you very much. All right, very good. All right, next question. Coming in hot. T. Strong says, how heavy is the lift, in your opinion, to go from a NIST 53 Rev 4 to Rev 5. I'll take that one. Since it's NIST and whatnot, it's not a big lift. You know what I mean? Like, the only time it becomes a big lift is when your security categorization changes. Right. If you went from low to moderate, moderate to high, then you're gonna have a big lift. But like, you'd have to do the crosswalk between what controls they added and removed. But I would say you're not re architecting. It's not like you're switching from on prem to cloud. So I don't think it's a heavy lift at all. Lester says, any advice for someone working in RMF and trying to shift to the private sector? So I think they're saying going from government to private FedEx. Do you have experience in the government sector? No. TJ to you. All right, so TJ. Yeah.

E

Going from government, not in cyber. That's for sure. But the time frames and the pace seem to be a lot different between public going to private. It's going to pick up tremendously. If you're going to private, you're going to see it very, very quickly.

A

All right, there we go. Joseph. Josiah Culling says, how should I stay competitive and what skills, knowledge, specialty should I focus on? I'm 35, just recently got a very entry security analyst role. But I'm concerned about the future, first of all. Hold on. I. I don't have the sound effect,

B

but came in like a wrecking ball.

A

Right. Squad members, drop the wrecking ball for Joseph. Congratulations.

B

Congrats on the roll.

A

FedEx. How should he stay competitive?

D

So you just started on a analyst, honestly started focusing on learning what the logs and how you manage the logs, because that's how you're gonna start understanding the network, how things flow on the network, and then how can you pivot it from there? Congratulations on the new job. That is great to start up. That is really awesome. But cyber security, it is one thing that you're going to be a long life learner. You will always have to keep up with the trash. You will always. You start doing some cti, you know, threat intelligence and start learning and that way you continue growing. It depends on, I would say the video, the 90 days. What is more important right now in your company? See a. An immediate need for your company and that's maybe where you want to start focusing because that's probably what the next opportunity for you to grow in the company is.

A

All right, there you go. That's perfect. Jay, did you have a thought on this one?

E

Just. We're just where everybody's complaining. That's, that's a good place to go.

A

I love it. Really quickly shout out to Roswell uk, who's like basically a co host of the show at this point. He's saying that your name is now Fingerly can fix it.

B

Fingerly convict.

A

I love it. Very well done, Roswell uk. So if you have questions, what's your. If you're just joining us, you're watching Jawjacking. This is a Simply Cyber, a 30 minute podcast that will go to 9:30am Eastern Time. I'm joined by James McQuicken at 35, 000ft. TJ and FedEx or find the true. Do you prefer being identified by your handle or your name?

E

I used to care.

A

Okay, okay, okay. All right. So with TJ and FedEx here on the couch live at Zero Trust World

B

here in Florida, I did get a question from Carrie.

A

Okay, go ahead and ask it.

B

He asked me, why did Shakespeare only write in ink? Because pencils confused him. Is it to be or not to be?

A

Oh, my God. I don't think we have that on the screen.

B

Yeah, we don't, but thanks, Carrie.

A

Thank you, Carrie. All right. Is it hard to be a lifelong learner?

B

Okay, we're learning every day.

A

I feel like a question. We can run the panel here. Is it difficult to be a lifelong learner? I feel like you have to be motivated and honestly as a human being. Like right now, if you were like, jerry, you've got to learn about opera. I'd be like, I'd rather tear my ears off my head. Like, I don't care about it. Right. But Jerry, I need you to learn about AI. I'm like, get out of my way. I'm like pushing babies, like over to get to the AI. So, like, being a lifelong learner is great. If you're interested and motivated. And to me, I think that's the real trick is, like, finding what you're interested in. Like, I love cyber security. So I went and got multiple degrees, and I don't even care. Like, I'm. I'm. I'm actually like, spoiler alert. I've been thinking about this. I think, like, I might go get, like, a law degree and get bar certified for no reason other than the intellectual stimulation of doing it. And so I think you do. I agree with FedEx what he said earlier. I think you have to be a lifelong learner to experience the greatest chance of success in cyber security. You can be successful by not being a lifelong learner, but you will have challenges. All right, So, I mean, dude, there's a million things in cyber security. Find the one that gets you super pumped and then lean into it. That James.

B

Yeah, I. You know, we're learning every day, and. And Jerry, you hit it on the head. If you're not learning, you're kind of staying stagnant. Stand still. You're going to get left behind. I mean, what we were learning on about AI a year ago is already old, way old news. And you've got to con with the way AI is generative, AI gentic, large language, models, everything. It's a matter of having to keep up to date and keep current on what's going on. So is it hard? It's just on however much effort you put into it. You know, if you. Every morning you read a couple newsletters, you know, TLDR AI is what I read. Rundown AI. I read those newsletters just to try to keep up to date and keep current, along with a couple folks on substack. That's my lifelong learning. Every day that I'm doing, along with other learning of other topics. But. But every day, that's kind of my routine. You get that habit. And if you can do something every day for 63 days straight, then it becomes a habit.

A

All right. I love it. T.J. lifelong learner. Go.

E

Well, I'm sitting here with gray hair telling you I'm learning every day, so we'll let you know.

A

All right. I love it. And FedEx, thoughts on lifelong learning.

D

You know, like I say, lifelong learner, find something that you like. There's a lot of things in cyber security. You're gonna pick something, you're gonna learn something. You don't have to become a master. If you want, go for it. But at the end of the day, make sure you don't burn out yourself. Make sure that you don't actually live cyber all day long. You do need to go out. You do need to take time for yourself. Mental health is important because if you start burning yourself, then you start hating what you do. And actually I enjoy what I do every single day. I enjoy cyber. I actually live cyber. But I also make sure that I take, you know, a couple of days off and go out and disappear and disconnect.

A

Yeah, and I love it. And quick shout out to the entire simply cyber community. You know, there's four of us sitting on the couch here and one hand off camera. But. But guys, I got to tell you, there it is. But listen, I see you guys in chat. I know the rest of the team can't necessarily see it. I think they're on their phones. But, like, you guys are sharing your thoughts, your opinions on these questions. Lifelong learner. This is what I'm talking about. Like, yes, we have the microphones, but you guys also have a voice. And there's just so much experience in the simply cyber community. Life experience. And I'm telling you, like, when I was 18 to 22, I didn't have access to these type of things and I was an idiot making idiot choices. So you guys are making a difference and I genuinely appreciate it. If you have any questions, put them in chat. Do a Zero Trust World. Quick question here. James, we're here at Zero Trust World. What is one thing that you're, you know, looking forward to here as we kick off Zero Trust World?

B

Well, coming to Zero Trust World is great to hang out with, get to see you. You know, it's only a handful of times a year and Kathy and Kimberly and, and, and FedEx and true. And the other guys, the old guy sitting next to me, nah, for me, it's all about the networking and, and looking at the beginning of this week, I'm like, oh, man, Zero Trust World. You know, I'm here today, I'm here on Friday. Sadly, I have another commitment tomorrow. But it's all about the networking and, and also get a chance to meet some of the threat locker folks while I'm here as well. There's a couple sessions I want to go to. I saw some folks that are presenting that I know it's like, oh, I want to go see them. So, yeah, so for me, like a lot of the conferences, it's hallwaycon.

A

I love it.

E

Tj last year was pretty awesome. Got to go to six, six conferences. I think it is. Josh Mason, who's standing just off cameras, is really responsible for one of those Kathy, we spent some time with her. Thank God. Jerry. If he doesn't know what I think about him now, he never will. I love this guy, James Mack, for being James Mack. FedEx. Just because, I mean, he can. Just because he can go, really, but he can go into a room and introduce you to probably half of it. Kimberly enjoyed spending some time with her at Hack Space last year, I believe, and I look forward to spending some more time with everybody. Never been to ztw. I'm glad I'm here. Already ran into, you know, David Bombal and some of those other guys, man.

B

It's just Philip Wiley's here.

E

Philip Wiley's here. I mean, it's just nuts.

A

It's crazy. Philip's got a conference talk and FedEx. What do you want?

D

One of the things about conference and everything, getting the cpe, getting the education. Amazing. There are some talks that are amazing, but the hallway con. Meeting people, introducing to people. I mean, I can tell you that two years ago I met someone that right now is my director. And it was through the network. So it is. It wasn't meant to be that way. I don't go to a conference and like, I'm going to meet somebody and he's going to get me to a job. That's not. Not the idea. I'm going to meet somebody. I'm going to make a truthful connection. I'm going to actually connect with people, learn about their life, maybe learn something from them and their story and maybe you never know what could happen from there. But that is what I love about going to these places.

A

Yep, I love it. FedEx. Question from bearded Ruckus specifically calling you. How's the new gig going and what's the most difficult challenge that you've had and how are you tackling it? And then he says he loves you, Big dog. I know.

D

And I love you, my man. I know. I. I know you actually got into the industry too, as well recently. And it's amazing that what you. You ready to teach me things that I probably do not do? And that's the biggest thing about the new job. I love the job. I love working with a team. I came from doing cyber of one to becoming working in a team. So it was a little bit different to have support. But I honestly. Imposter syndrome. I felt it. I felt that I need to level up my game. I feel that I am not good enough in what I'm doing. I feel that my co workers are like, super smart. And I'm like, I do not know how to do that. And it was hitting me hard. And then I had that moment of realization and say, hold on. I know what I know. I'm good at the things that I'm doing. I found a challenge, honestly. I found something that was in need in my job, and I started dialing in on that, and now I'm becoming the SME for that product. I have products that are coming into my job that are already known from a couple years past experience. So I met the SME on those products and the new ones that. They're not new. They're products that always been there. I just didn't never work with it. Those are the ones that hit me hard. And I was like, hold on. I know what I know. And I relied on my team. But, yeah, we built it. I felt imposter syndrome in the last three months since I've been in this job.

A

Yeah, being confident to say I don't know or let me look into it and, you know, getting it after, instead of just being fake it till you make it kind of.

B

I may not know the answer, but I know where I can go get

D

the answer, and that's reliant on your team and in your network. I ask questions, I say, hey, teach me this. I never done this before.

A

So Taekwond Gong says, how do you feel with the dings taken while trying to enter the field? I love cyber, but lean more towards the offensive side. So I don't necessarily know what you mean by dings taken. I mean maybe like, you know, frustrations or. Or, you know, situations where you're like, ah, like, why am I not getting it? So how do you stay. I guess my question would be, how do you stay positive, James?

B

Yeah, that is. That. That's the challenge. But a lot of it comes down to, for me, looking at, you know, what is the good that's going on? What, you know, I'm in a field that, you know, there's a lot of people trying to get into. I've been extremely. I consider myself successful over the last, you know, two decades of working in this field, working in cyber security, getting to meet people. You will have good days, you will have bad days, and it's a matter of just trying to get more good than bad. But, you know, yeah, you're gonna have a bad day, but, you know, try not to take it too personally. Just get over it, get past it, move on. It's in the past. Start looking for the good and, you know, learn. Try and then maybe like, learn something new. Just so that, you know, whatever that bad experience is, is put behind you.

A

All right, panel, any other thoughts on how to. How to deal with, I guess, adversity?

B

It's either that or I'm having a scotch, but that's something.

D

Well, I always say in life, we always come with a no. It's how we make that no into a yes. That's how I got my wife to actually marry me. She told me no in the beginning. So that's the whole point. You got to be persistent. Never give up. I mean, it's hard to hear that no. It's hard to get that rejection letter telling you you didn't get the job. It's hard to get into these things. It hurts you, it hurts our ego, but at the same time, not give up. Know that you are unique in your own way and that you are going to bring something special to that person that's going to give you the opportunity to hire you or that company or the skills that you bring. So just don't give up. It's the best thing I can always tell you is try to make that no into a yes and keep pushing forward.

A

Yeah.

E

I'm not sure if you're ever, like, gonna be wherever there is. Right. You know, it's so hard to be there. I don't know where there is, but the journey from where you are now, just use your past experience as well to fuel tomorrow. You know what I mean? So am I going to know everything today? No. Tomorrow's not looking great either. But I can tell you this. The effort will be applied.

B

The other thing also is have somebody that you can talk with when you're having a bad day, maybe. And it might be a loved one, it might be a friend. Kathy and I were chatting last night, and her go to is Mr. Daniel Lowry. You know, she. She's having a good day, she's having a bad day. She's reaching out to Dan. He understands, you know, and I'm kind of the same thing. I've got colleagues and friends. If I'm having a bad day or just not getting something, you know, I'm. I'm texting Jerry going, dude, or, you know, other friends, like Avi or maybe Javad or Eric. You know, we can always have a

D

beer on a bourbon.

B

Oh, yeah, yeah, that's. That's true.

A

All right. Richard Duff says he wants some behind the scenes of the conference. And Team Sippy cup. Are you going to make it possible? Well, here's the deal. Go to the Simply Cyber Discord server in Addition to like having to vent. If you don't have that person that James just mentioned, your Daniel Lowry's or your Jerry's, go to Simply Cyber Discord server. We actually have a channel on the server. I forget what it's called. I think it's called like, huh. It's called venting. And basically you can just scream into the void on the venting channel and you know, maybe someone replies, maybe they don't, but it feels good to get it out there. So definitely take advantage of that. As far as the behind the scenes go. Yeah, we're, we're posting photos and I invite everyone in the Simply Cyber community to use the con chat channel to share photos, behind the scenes stuff of the entire Zero Trust world experience, not just the daily cyber threat brief, but you can get those on the channel. Just we can't, we can't turn the camera around on the, on, on what's going on right here because there's certain rules about what we can video and how we can video and I cannot detonate the opportunity to do the show tomorrow.

B

Some people don't want to be on camera.

A

Yeah. All right, all right, so we've got about seven minutes left here on the, on the, on the stream. I've also, if you guys got any thoughts on Chad. I, I checked with the producer and we've changed the, the shot here so Chad is no longer on stage. But you get a wider shot of the panel here trying to, you know, innovate for you guys and bring the heat, as it were, show you that

B

we're live and not AI generated.

A

Oh my God. Yeah.

D

Shall we play a game?

A

I know, I know, I know. So I guess let's, let's do this for a second. Since there's no questions in chat right now. If you have any questions, put it in chat with a queue. Real quick hits. Conferences that you are expecting to go to. And you know, if you want like a quick little note on what it is, I'll be at Zero Trust World, obviously. Black hat, RSA simply CyberCon in it looks like Wild west hack infest Deadwood. And I love those conferences. I'm trying to say no more this year. So I'm being selective. James.

B

Yeah, no, I'm. Right now I'm, I'm going to be talking at Cyphercon beginning of April up in Milwaukee, Wisconsin. Very excited. Go up and see, see Michael. Michelle is, is keynoting that one. So we'll be hanging out.

A

That's Michelle Khan. Michelle Khan, a friend of the community.

B

Very good friend of the community. We're working on a new joke book, so. A new dad joke book. So hopefully we get that done and released, but definitely deadwood. Working on some new topics. Looking at. Working on something regarding AI governance. Working on topic of human resilience. Kind of stealing the phrase from a buddy of mine, Joe Carson, but looking at, you know, what happens when you get riffed or ped or let go or whatever, you know, what do you need to be doing and kind of. Kind of come up with a playbook. Because as cybersecurity people, we have our playbooks for incident response, disaster recovery, business continuity. You know, do we have one for when we unexpectedly lose our role in our organization? Any happen and it's happening. Well, I'm working on it, yeah.

A

All right, tj, what do you got? And we have a question for James coming up about AI. Okay. From Soul Shine.

E

Go tj, defcon and defcon and Simply Cyber for sure. And I'll probably hit Tampa B sides, Jax B sides, and probably slip in a couple more. We'll see.

D

So I'm a firm local conference. I. Actually, for those who know me and not seen it, they know that I take my youngest one with me, and she already is pushing me and say, dad, when we go into Tampa, when we go into St. Pete. So we're going. We're gonna be in Visa, St. Pete, Visa, Stampa, Visas, Orlando. We're gonna see Visa South Florida, because she has a friend there that wants to go see her. She already asked me, dad, when we're gonna go see Kimberly.

A

Okay.

D

I. I am really hoping to be this year in Simply Cybercon, because last year I missed it because it was my first date at the new company.

A

Yeah, that would be a bad way to start off.

B

Yeah. Yeah.

A

If you. If you watch my how to Be Successful in the first 90 days. I don't say skip the first day of work to go to a conference.

D

Oh, man. And I. And I was. I mean, I was so pumped out. And. And for those who know that she was there two years ago and she killed it. I mean, she was opening lock. She learned how to pick pick locks on Simply Cybercom. I bought her a pick set. And then she came and destroyed all my locks in that house. Oh, no. She opened all my house locks. And I was like, oh, boy. I created them.

B

The consequences.

A

Yeah.

D

The conference created a monster.

B

There you go.

A

I love it. So a AI question for James cooking from Soul Shine. What's the risk of AI having its own identities? So, you know, NHIS agency. Yeah.

B

Well, I mean, there are organizations. I was chatting with someone the other day, and they have their first AI employee now working in the organization. So just like any other risks that you have with regular users, I mean, they're an insider threat if they, you know, you've got to make sure that you've got the right permissions set around them. You know, what they can access. Granted, they're not being authenticated by two factor because they're probably leveraging APIs. But essentially it's the same. You got to do the same things you would with a human user. I mean, technically it is going to be the HR of these nhis, but dealing with AI identities, it all comes down to the same principles and concepts that you're going to have with your users. They can be a threat, they can be an insider risk. Just a matter of controlling their access and what they can get to and what they can do.

D

And you know, what's the thing about that?

A

Am.

D

AM is going to be the one who's actually going to be giving the permission that actually AI bot.

B

So aim for aim.

A

Yeah, yeah. And I just. So I do want to point out another thing about that. Like, obviously you want to not just give everyone access, super access to these things, right? Not to get totally dystopian, but Anthropic has run some simulations. If HR is gonna. Here's the thing, like, say like FedEx is gonna get terminated today. Sorry, FedEx, you just happen to be the avatar.

D

So my co workers are here, they're taking pictures and send it to my boss, right?

A

So James McQuiggin is like, hey, Jerry, we gotta let FedEx go today. And I'm like, okay. So then we, we like set everything up. Hey, FedEx, come into the room. You know, it gets on the camera and like, there's HR there. He's like, this is happening, right? And right then we're terminating access. But it's coordinated. Anthropic has seen multiple instances where like, if you give AI all the access, it can see both that conversation and your conversation. So if you're going to terminate an AI access account, right, it could know. And like, again, this was kind of a curated experience. But like, the AI started blackmailing the HR rep to not fire them or they were going to disclose an affair that the HR person was having. Now, again, that was curated. They deliberately made the AI aware that the HR person was having an affair, which they were not actually. I mean, everybody was fake in this scenario.

D

It was, it was a fake Company fake scenario.

A

Yeah. Yeah. But my point is the AI is trying to sustain life.

D

Yeah. The article actually showed that the AI morphed out in cells and it started actually black manning the saying and say, hey, you can't fire me because I'm going to reveal this and this and that. And it's like, wow. And. And you're absolutely right. It is a coordinated effort. Because when you do hostile terminations that nobody knows exactly. And they tell you until I give you the goal, you don't do nothing.

A

Right.

D

But it's the moment that that person gets on that call is the moment that you get the go, go, go light. And it's like, okay, shut it down.

A

Yeah, but. But the, the person who's being terminated never has visibility into it. AI has all the access. If, if you've given.

B

I mean, it's 2001 Space Odyssey, you know, it's how.

A

Yeah, I know. You're gonna get jettisoned.

B

I can't do that, Dave.

A

All right, so Berlin Dab or Berlinda. Excuse me. Berlinda wants to know how the food is. If, If Kimberly was on, if her hand was on camera right now, she stepped away for a minute, she'd give a thumbs up. But, like, the food here is amazing. Like, I don't know what zero. Like, no one, no one asked. Zero Trust World up to see. There we go. Thank you.

B

Two thumbs up on the food.

A

Kimberly is a big advocate of the food here. Like, I don't know, like, threat locker goes above and beyond. Like, this conference is like, really nice. Like, I've been to a lot of conferences. This one's wicked nice.

D

And they actually changed the location this year, and the location is bigger. And like, I mean, I just walked

B

in and they got more people.

A

Yeah, it's. It's. It's sick.

D

Great company. Great product, though. I, I'm going to tell you, I, I didn't. I, I deployed the product. I deployed the product. I was at CTW last year. We come to look at it, and we went and actually did a tour of the facility, and then we ended up actually buying the product and deploying it into my previous company. I ended up working with the product and getting familiarized with it, and I loved it. I mean, I have firm believer that it does help you. It has some growing pains. Like every product, because you got to learn. It's a new learning curve. But at the end of the day, the stuff that catalyze and the stuff that actually gives you the visibility to it, especially when you have users that, you know, you get applications or extensions or browser extensions that does not require the user to have any administrative rights. Threatlocker sees it and can block it. That is just immediately cut in half of your growing pains in cyber security. So it's just actually a great product to work with.

A

Yeah, 100%. All right, so it's 9:30. We're gonna wrap here on Simply Cyber's jawjacking. We will be back tomorrow at 8:00am Eastern for the daily cyber threat brief. Live from Zero Trust World. I want to say thank you to the panel. James, TJ and FedEx, great show. Off camera, Kimberly and Kathy, definitely making it happen. Guys, thank you so very much. And the mods, of course, the mod chat, making it the grease of the engine. Thank you very much, everyone. Have a wonderful day. And until next time, stay secure.