A

All right everybody, welcome to the party. Today is Thursday, March 5, 2026. This is episode 1080 something of Simply Cyber's daily Cyber Threat Brief podcast. I am your host, Dr. Gerald Ozier alongside audio engineer Kimberly can fix it in camera operator slash mega producer Kathy Chambers. Live from Threat locker, Zero Trust World 26. We are going to be shredding the top cyber security news stories of the day while you right above me, drop in your thoughts, comments, chat and we build a community of absolute bosses. So over the next hour, we're going to go through eight stories, I'm going to shred them. I'm going to go beyond the headlines to deliver additional value. You get cozy, get your coffee, get your water, get your bourbon wherever you are. Kind of speed is and let's get to work. I am ready to cook. What's cracking everybody? I'm gonna switch up the the graphics a little bit. Right now it's just me on the couch, but we've got some rumors that a totally decked out FedEx could be in the works alongside Kyle, Kyle Ross, Carlos walking by right now. We've got a whole stymie of people coming down, but I want to say welcome to the party. Now, if you are here for the first time, drop a hashtag first timer in chat. This experience is going to be wild. Now we're not always coming to you live on location from a conference like Zero Trust World, but when we do, we do it correct and have fun doing it. So if you are a first timer, drop a hashtag firsttimer in the chat, let us know. I'm trying to watch the chat. At the same time, I do see a lot of John Mlan's in the chat space tacos. So let me know if I'm missing one somewhere in the chat. Steve Young, good to see you. SC Brittany Brown, Coyote Restream sending LinkedIn folks over here. Chris Sabata, good to see you all. I want you to know, in addition to going through the top cyber stories, I use my 20 plus years of industry experience to go beyond those headlines and give you additional insights and value. Now you might be like, oh, this guy's just cherry picking stories and then, you know, spending all night briefing on them. Guess what? I'm not. Do you know why? Because ain't nobody got time for that. Also, I'll be doing manual sound effects. So if you like authentic quirky behavior, get settled in, make sure you got a butt pillow or something to sit on because it's going to be you're Going to be there a minute, you know, I'm saying. All right. Now, every episode of the Daily Cyber Threat Brief, including this one right here. Let me make it easy for you. Is worth half a cpe. So a cpe, a Continuing Professional Education credit, is reserved for maintaining your cybersecurity certifications. Now, if you don't have a cyber security certification, that's cool. I'm sure you're studying to get one and you're on your way. And that's absolutely perfect if you do have one. You know that you got to maintain those things with CPEs. So how can you do that in a way that doesn't suck? Let me introduce you to the process. Very simple. Say what's up? In chat, you appear directly above my head. You're part of the show, which is super cool. Then you'll notice that the title of the episode says cyber news. Now, March 5th episode. What is it? I think 1082. 1083 squad members. 82. Thank you. Kimberly can fix it or fingerly can fix it just while on the stream. Include that in the screenshot. I was an auditor for a number of years. If you hand me a piece of evidence with a date and a time stamp and a unique identifier, I cannot call shenanigans. There's no level of auditor interpretation that can make that evidence seem different than what it is. So get your certs, get your CPEs, get your CP here. Like a 1920s newsy. All right? It's as easy as that. Now, I do want to say shout out to all you because I'm on the. Hold your butts. Marcus Kyler screaming it from the back row. Rhonda Rummerfield's in the chat. Steve Young. It's always good to see you, man. Mickey T1037 keeping me correct on that Israel Iran story yesterday. Guys, I don't know what stories are coming. Hopefully they're not political today. Guys, let me say shout out and thank you to. Oh, we got a first timer up in this piece. TM Barnhart squad members, if you can help me welcome TM Barnhart in the chat. Welcome to the party, pal. I do not have the proper sound effects or graphics package for reasons, but just trust me when I say welcome to the party, pal. I am welcoming you to the party pal. T.M. barnhart. Let me say real quick, shout out to the stream sponsors those who enable me to bring this show to you, starting with Anti siphon training, guys, Anti siphon training. Disrupting the traditional cyber security training industry by Offering high quality, cutting edge education to everyone, regardless of financial position. Yesterday, if you are following Anti Siphon, you learned how to prepare for an AI incident with Gerard Johansson. Well, guess what? On Friday, why don't you learn how to do the other side of that by hacking AI and LLM applications. Very simple. You're getting a double shot with Brian Furman and Derek Banks. You can sign up. Dude, this training is ridiculously affordable. You got two juggernauts in the industry for $25. Get out of here. Is this a typo? Noon on Friday, March 6th. It's simple. Sign up, check it out, get trained, and then immediately go into a job interview and be like, oh, I'm sorry, what are you guys doing about AI? Because I'm hacking all the AI. And then they're going to be like, oh, my God, when can you start? Monday? And you're like, oh, hey, hey, be cool. Be cool, man. Stop being so thirsty for me. I got other interviews. You're picking up what I'm putting down. I'm dropping this in chat right now. Go check out Anti Siphon Training. Love what they do. Big fan of John and all the team over at Anti Siphon Training now. Oh, gosh, I gotta get rid of that. All right. Hey, flare. What? Flare. Flare online too. Hold on. Yes, this is coming in right now. Flare. Cyber Threat Intelligence Platform is awesome. That's actually a fact. I read it. You know, there's Plymouth Rock and then there's Flare. Cyber Threat Intelligence Platform being legit. We've got the real Kyle. Kyle off camera, this guy's bringing the heat with his DEFCON shirt and his Hawaiian vibes. If you want to get right to the root of all the best, Cyber Threat Intelligence, Flare Threat Intelligence Platform has it. I have a video I can normally show, but not on the mobile studio. Listen, guys, I swear to you, like, I have used this platform. It's not just a sponsor. This isn't a paid endorsement. I'm not like a hand model who's like, oh, look at this. Right? I don't know why the hand model thing came up. It made sense in my mind. I have used flare. I like flare. People in the community have used flare. Give your own opinion. If you've used flare in chat, say what you think about it. Be honest. All right, I think it's great. Go check it out. You can sign up for a two week free trial. That's about 13 days more than you actually need to know if you like the platform or not. They do have to verify that you are a good person and a professional in the industry, not a scumbag cyber criminal. They do that pretty thoroughly. And if you've, if you're not a scumbag, you are going to be good to go. And go check out Flair right now. Simply Cyber IO Flare and then Threadlocker. You want to talk about coming in like a wrecking ball. Jesus. We're at their conference right now here in beautiful Orlando at the Rosen Shingle Resort. We got video content coming out. Kathy Chambers run around with a gimbal yesterday doing all the gimbaling. DSLRs galore. It was, it was kind of bananas. But Threat Locker does more than just throw a great conference. They also help protect your organization by using deny by default application security. Let's hear from them. And then I'm going to melt everyone's face. I want to give some love to the daily Cyber threat brief sponsor, Threat Locker. Do zero day exploits and supply chain attacks. Keep you up at night. Worry no more. You can harden your security with Threat Locker. Worldwide companies like JetBlue Trust Threat Locker to secure their data and keep their business operations flying high. Threat Locker takes a deny by default approach to cyber security and provides a full audit of every action allowed or blocked for risk management and compliance. Onboarding and operation is fully supported by their US based Cyber Hero support team. Get a free 30 day trial and learn more about about how Threat Locker can help prevent ransomware and Ensure compliance. Visit threatlocker.com Daily Cyber. All right everybody. Love it, love it, love it. Let me go full steam because you can't contain me. Listen, you can only hope to contain me. There is no stopping me. The train has left the station and it's pitched downhill. We are runaway. All right, guys, it's just me right now. Which means. No. I've got no handlers. All right guys, do me a favor. Marcus Kyler, I know you're the drum major, but I need you to, I need you to be the throw on one of those reflective vests right now and kind of lead the the troop. I need everyone in chat right now to sit back, relax and just let the cool sounds. Oh. Of the hot news. My headphones almost blew off my head. That was so hot. Wash over you in an awesome wave. I will see you guys at the mid roll. It is Dan Reardon's meme of the week and this guy cooked up a spicy hot take for you. I can't wait to show you. Let's get into it. Oh, hold on. I forgot to do one thing. One second. We're so getting into it. I'm just cleaning up my stuff. All right, here we go from the

B

CISO series, it's cybersecurity headlines. These are the cybersecurity headlines for Thursday, March 5, 2026. I'm Sarah Lane.

A

Sara Lane.

B

Possible iPhone hacking toolkit used by spies an iPhone hacking toolkit called Karuna has likely infected tens of thousands of devices and and may have originated as a US government tool. The toolkit exploits 23 iOS vulnerabilities to silently install malware when users visit a compromised website. Google and security firm Iverify traced Karuna through multiple campaigns. Russian spies targeting Ukrainians, then cybercriminals stealing cryptocurrency from Chinese speaking victims. Apple patched the vulnerabilities in iOS 26, but older versions remain at risk. Hacker mass males hunger.

A

All right, so I mean, hey, you know, for once, like way to go United States, usa. Like this is interesting. Usually, usually Israel is the one creating the, you know, IOAS iOS based malware for spyware capabilities. And it sounds like a US based contractor is the one who developed this one and then sold it to the American government. Now that's fine. Spyware is a nation state level capability. We have all these mobile devices. There's only really two platforms, right? There's iPhone and there's Android. I mean we, we do have graphene and these other kind of fringe operating systems that you can use. But like, let's be real, I hate to, I hate to say it, but like just because you're the, I don't know, Secretary of Defense or Secretary of War or the president or you know, like, let's not even like pick some hot button ones. Like you could be the Secretary of the epa, right? Like just, or Department of Motor Vehicles, right? You're going to use an iPhone, right? Like humans are humans and they like convenience, they like, you know, accessibility and functionality. So they're not going to use some stripped down, lockdown graphene version. And because of this attack surface, it makes sense for threat actors and security researchers to develop weapons that target those platforms, right? This is why Windows operating system is a massively targeted operating system because it's in like 95% of all businesses in the world. Now as far as protecting from this, they don't go into any details regarding indicators of compromise or prevention of compromise. The Pegasus spyware from NSO Group, famously the no click spyware software. You could just get a text message and your phone is pwned. Remember you can't. Here's the thing you gotta like cook into your brain really quickly. Everybody here gets text messages from scammers or people they don't know. Everybody here can get a phone call and it says spam risk or unknown number. You cannot stop somebody from initially contacting you. You can block the number, you can delete it and add to a block list, but you can't stop that initial one. And if all it takes is to send you a text message to own your phone, well, guess what? There is no protection right now. That lockdown mode on iPhone is a decent approach to handling this. But again, this story is more surface level political than it is necessarily something that we can use as practitioners. I guess the TLDR is just like 20 years ago, people thought Linux couldn't have malware. You know, hey, it's 2026. Your iPhone, it's not super secure, so be mindful how you're using it. Okay, let's keep going.

B

Extortion emails. Restaurants using Hunger Rush's point of sale system have had their patrons receive mass extortion emails claiming that millions of customer and restaurant records could be exposed unless the company responds. The messages Sent via Twilio SendGrid from Hunger Rush domains threatened data, including names, emails, passwords, addresses and credit card information. Security researcher Alan Gal linked the campaign to credentials stolen from a Hunger Rush employee in October of 2025. Hunger rush confirmed the incident and is investigating with law enforcement tycoon.

A

All right, so I'm, I'm old, right? So this whole like order food from a restaurant that doesn't have delivery and then have it just show up at your house by some random person. That, that's kind of like a vibe that I just never got on board. Like I still get in my car and drive 20 minutes to the taste of India to pick up my curry. You know what I mean? I know you don't. So Kimberly can fix it, hasn't left her House since 2018. But one of these services, Hunger Rush that you know, works with all of them has been compromised. And what's interesting is normally these threat actors kind of operate as almost like professional criminal enterprises. This particular one almost seems like it's a one person deal because they got into the Hunger Rush whatever email system or, you know, infrastructure, right? So somebody at Hunger Rush's credentials got compromised. But by the way, banger job on MFA and you know, identity protection, et cetera, I'm sure they had all those things and somebody just fell for an info stealer. But what is interesting to me is the first email came from them and it literally said, and I quote, you cannot ignore all my requests and expect me not to take malicious actions. You still have time. So threat actor kind of self identifying as a one person show. Additionally, I guess like it feels like they're, they're like, I'm going to turn this car around if you don't shut up. Like, and then like I'm going to count to three. One, two. And then I'm. They send another email. Right? Like, okay, like you've kind of nerfed yourself. The second email says every restaurant customer of said restaurants data, which is in the millions, is in jeopardy here. And I can't even get a response back. Not to worry, there's still time left. So this person is like basically screaming into the void. And hunger rush is like, bruh, we have cyber insurance. We've worked through this, we're good. So we'll see. There is credit card information involved. It didn't go into detail whether or not it was just the last four digits or if it was redacted in any capacity. If the CVV number, that number on the back that like is supposed to be like the super security thing, but like you'll give that number over the phone. We don't know if any of that has been involved in here. If you do work in retail or. Excuse me, Food and bev, right? And you are using the hunger rush pos. You know what I mean? I mean, I know it's point of sale, but is anybody else thinking what I'm thinking? If you do use the hunger rush pos it does sound like you're not impacted. Like it's not, there's not operational impact. This is like data exfil. Hunger rush is like, dude, we're still sending Sbarros to your aunt's house. Like it's, it's cool. Like Kimberly can fix. It's going to get her, you know, Cairo's bowl at noon today. So we're good here. Doesn't seem like it's going to impact them. It does impact you and I as citizens, but this threat actor seems to kind of be like their first rodeo, right? So it is what it is. All right, let's Keep cooking here.

B

2fa phishing platform dismantles Europol, Microsoft and cybersecurity firms dismantled Tycoon 2fa, a subscription based phishing as a service platform used to send tens of millions of emails monthly to 500,000 organizations. The platform let attackers bypass multi factor authentication and capture credentials from email and cloud accounts. Contributing to roughly 62% of Microsoft's block phishing attempts. Last year, Law enforcement seized 330 domains and took legal action against operators, including SOD Freddy in Pakistan. The takedown involved agencies across Europe and support from major cybersecurity companies.

A

All right, really quick 14. Oh, yeah, I have to do this kind of regulators the dirty way. All right, So I, I don't have the soundboard, so I had to work that in kind of a different way. But hey, check it out. Way to go. Way to go, law enforcement. If you guys have been a long fan of the show, you know that I have, like, an unhealthy obsession with Interpol. Europol, kind of like, they're like, you know, little cousin, I'll allow them on the bus. Like, they can sit, you know, they can sit up front with us, right? We'll save a seat at the table for them. But, like, they're not Interpol. You're picking up what I'm putting down. So Microsoft gets involved. I do love how it's gone from, like, into that in modern age. Like, hold on, let me go wide for this. Think, think about this for a second. Doesn't it, does it blow anyone else's mind that, like, Europol and Microsoft took them down?

B

Like,

A

like, Elon Musk owns his own space shuttle company. Like, it's just, there's private militaries. Like, it's insane to me that, like, private citizens, private sector, financially motivated businesses have capabilities that were once reserved for the most powerful countries in the world. Now if Elon wants to fly to Mars on the weekend, like, he can just hop into SpaceX and be like, deuces, right? So it's just bananas, like, to me. So Europol and Microsoft taking down Tycoon2FA. Now Tycoon2FA, I hadn't really heard much about it. It pops up in the news from time to time. But it's phishing as a service malware capability. And remember, guys, like, in many, many attacks, right, like, depending on what reports you read, upwards of 70% of cyber attacks start with a phishing email. So if there's a phishing as a service capability that allows, you know, my cousin Pat to basically turn into a threat actor because he can just sign up and follow a Word document that allows him to click through and send out half a million phishing emails with some efficacy. And that's not even like, the best part, right? Like, not only is it phishing as a service to send out those emails, but, but I'm sure this capability this tycoon2fa, in addition to bypassing MFA, has the capability to report back to the clients of Tycoon2FA on successful hits, compromised accounts, individuals that gave up creds. Right. I mean, that would be the really value value part for a client, right? I'm not interested in how many emails you can send. I'm interested in how many creds I can get. And that leads to initial infection and then second stage payloads and all that stuff. If the threat actors even into that. There's a whole ecosystem around selling initial access. Anyways. Yeah, you can see here. Again, I don't research or prep for these stories, so I have no idea not only what's coming up, but what the stories are going to say. And they report in the story here. By lowering the technical barrier to entry, it allowed criminals with limited expertise, that is people who don't know what they're doing, to turn into sophisticated threat actors. It's basically standing on the shoulders of giants. Now. Tycoon 2fa accounted for 62% of phishing attempts. It blocked last year. 6. Holy crap, dude. So Microsoft, it's Microsoft, right? Fortune 5 company. Many, many governments of the world use Microsoft and Microsoft Office 365. The US government has its own little gov cloud going on. And 62% more than half of every email Microsoft block came from Tycoon2FA. This is a massive win for the good guys and good ladies, right? I use the term generically, but, you know, just to be inclusive of everyone. This is tens of millions of phishing emails that will not come out next year. The final thing I'll say here, everybody, what I would say is you can take a break for five minutes, you can go hit the bathroom, okay? And then come back. This is a good win for this moment, but there's going to be another threat actor that assumes this position, right? Just like when any dark web marketplace goes down, another one crops up because there is a demand. Tycoon2FA has demonstrated that there is a demand for this service and people will pay for it. The only other thing I want to know is the global takedown. Did it result in arrests? Because, okay, it does not. So unfortunately, whoever the human beings are behind Tycoon 2fa, six months, they'll be back. I'm going to call it right now. What is it today? March. All right, I'm calling it by October. We'll say October. By October 2026, a 2FA bypass of Tycoon2FA's efficacy will be back on the Scene. But way to go, international law enforcement. You guys, next round's on me. All right? International law enforcement, come on by. We're at Zero Trust World. There's an open bar party later today. I'll. I'll go get you the drink, right? I guess I won't be able to pay for it, but I'll go get it for you. All right?

C

Any stealing of his property.

A

Whoa, whoa, whoa, whoa. Nate dog, calm down, bro. Jesus. You get your minute in the sun,

B

but let's not get 14 countries shut down leak base. Authorities from 14 countries shut down leak base. A major cybercrime for.

A

I'm sorry, just a hot old man ran for a second my new laptop. They've replaced the right control button with a co pilot button. Do you know who likes to use the right control button? Me. Do you know what I don't have anymore? That. So now every time I push the button, I have a freaking co pilot pop up and be like, you know what it is? It's like, it's like a 2026 version of a mutated clippy. You know what? I don't need help from you. Jesus, man. Can I replace this with over 100? You can replace it. Oh, we're about to find out.

B

2000 members seizing its database domains and arresting multiple suspects. The site hosted stolen data, including banking details, credentials, and personal information from U.S. and international targets. Around 100 enforcement actions targeted 37 active users and the FBI, Europol and other agencies coordinated the takedown to disrupt access to stolen information and hold operators accountable.

A

All right, hey guys, listen. I do not research or prep for this show. I have no idea what stories are coming up. I just snipped at Nate Dog and Warren G to get back in line. And the next story is like friggin Europol and 13 other countries getting all on top of threat actors. So I guess we're gonna do this. Hold on. It was a clear black night, a clear white moon.

D

Warren G was on the streets.

A

Oh my God. Just. Just let that breathe. Just let that breathe. Is that not good? Oh, search for the E so I could get some phones rolling. And you Youngs, I hope you appreciate that that is oh so good. All right, so check it out. Europol. This, this is a major shutdown. Like the last story taken down. Tycoon 2fa is fine, but they didn't arrest the person behind it. In this instance, the form league base that had 140,000 members. All right, just to put that in perspective, like Simply Cyber has like 20,000 members with like a thousand that are like super active. This is 140 times that. This is massive. Not only did they arrest Several people, like 37, I think they said that were involved with the running of this, but they basically issued the FBI office out of Salt Lake City issued essentially like a, a very stern warning that like, if you think that you're hiding behind your screen, you're mistaken because we're coming for you. You hear footsteps, that's us. So I love it. This is why I don't like to commit crime. I mean, there's a couple reasons I, I like to not commit crime. But like, one reason is because I like sleeping at night. I don't like looking over my shoulder like, ah, you know what I mean? Like I, I'm, I don't know. Like hypothetically, if I accidentally sideswiped a car pulling into a parking spot, I, I'd be like, oh yeah, like I, I, I put the note on the windshield. You know what I'm saying? I'm not that guy who's like, it'll be fine. So leak base taken down. I, I don't know what leak. I mean, obviously the name would suggest that it's a data leak site where people are selling and trading data. Leak information Breach forums was another popular one. Law enforcement is taking it down. I love it. Like, invest all the things in cyber security, law enforcement actions that their humans are making mad money and they feel like they're invincible from any accountability, especially Eastern European. So these coordinated takedowns, if you can get the humans behind the keyboard, you are going to scare the crap out of them. And, and you know, when they're talking to each other about how they do their tradecraft and all of a sudden, you know, Kimberly can fix it. Is no longer at the table because she's in jail. Sorry. Kimberly, like, has a, it has an impact, right? On whether or not someone makes a decision to continue committing crime. All right, so way to go. All right, let's do this. I'm sorry, that was another misfire. Foreign

B

Huge thanks to our sponsor, Adaptive Security.

A

I know, I know.

B

This episode is brought to you by Adaptive Security, the first security awareness platform built to stop AI powered social engineering. Picture a new hire who interviews well, except they're synthetic AI, video AI voice AI backstory. Once they're in, they go after payroll, internal docs and access. That is the new reality. The attack surface is trust itself. Adaptive fights back with realistic deep fake simulations and training that actually sticks. Learn more@adaptive security.com

A

hacktive all right. Hold on one second. I do not have the. What's your meme. Hold on. We're gonna play this. All right, so check it out. I do not have the. I. I cannot. Hold on. Oh, I see what I'm doing. I cannot find the Dan Reardon what's your meme promo card. And it's not. It's not Kimberly's fault. It's not my fault. I mean, it is my fault. I. I just. It's a new computer. I don't have all the assets installed, but that's okay. Listen, every single day of the week has a special segment. You want to get on the couch? FedEx. Every. Every day of the week has a special segment. And Thursdays is. What's your meme Thursday, Kimberly. FedEx is going to join us on the couch. Okay. These are hot right here. Okay. Yep. All right, so, hey, check it out. Thank you, Kathy. Dan Reardon cooks up a special hot meme every single Thursday for us, and today is no different. So while we're enjoying this lovely Simple Minds track, let's bring up Dan Reardon's meme of the week. And he actually has a couple. Some I don't want to show because I mentioned privately about how I ate a bunch of spicy Thai food on Tuesday night and how I was not. I was having tummy troubles, and then Dan made a ridiculous meme. But let me. Let me do this really quickly. Oh, here we go. Oh, all right. Hey, so check it out. If you know me for a minute, you know that I love myself some Costco. Mrs. Ozier and I are big old Costco hounds, and. But I have. I have some very strict protocols that my wife, bless her soul, is willing to live with me with. And one of them is how I feel about when we go to Costco. So here we go. Ladies and gentlemen, I present you with Dan Reardon's meme of the week. This is me at Costco. And at the top, if you can't read it in fine font, it Sundays, meanwhile at 6:15pm on Monday. And there I am standing in front of Costco. It looks like Dan has got a push card, and he's doing the fun, like running and then jumping up and sliding.

E

You know, I love the fact that Costco is less than a mile from my house because I can always go for a hot dog and a soda for a buck fifty. You should not beat that anytime.

A

It's Costco's signature, right? Like, they.

D

Absolutely.

E

I. I do like that.

D

So.

E

But you're absolutely right there is a way to go to Costco. You cannot go in a weekend.

A

No, absolutely not. Especially like in November 26th to December 24th. You're not going to want to do that either. I also want to point out really quickly, Dan Reardon has got me in a shirt that says I got that dog in me with a hot dog. Dan, you are a national treasure. Next time you see Dan Reardon at a conference, give this man a high five at minimum. Dan, all the beers are on me at Wild West Hack Infest. Deadwood. All right ladies and gentlemen, this is our mid roll Ernet 100 says Glizzy Days. I love it. All right, here we go. I'm gonna jump to the la la la la's. You know what we're doing. All right Kimberly, you're gonna goose it a little bit. All right guys, just let it wash over. Here we go. We are live at 0trust world 26. You are la la.

C

La.

A

All right, let's keep cooking everybody. Back to the news. Live at Zero Trust World. And I'm trying to keep an eye on Chad. I know, Kimberly, FedEx, Kathy are all on the chats too. So if you got something fun to say, drop it in chat and we we will bring it.

B

Activist DDoS hits 110 orgs in 16 countries following the US Israel military campaign against Iran, hacktivist groups launched 149 DDoS attacks targeting 110 organizations in 16 countries, mostly in the Middle East. Key groups included Key Mouse plus, Dinette and Hydra Next focusing on government, finance and telecom sectors. Attacks also included phishing campaigns and attempts on critical infrastructure with Iranian state sponsored actors targeting energy and digital Systems. All right, LexisNex.

A

So anytime that there is any type of global conflict, nation on nation action, right. The hacktivists come out of the woodwork. I don't know, you know, at early Iran, I mean early Russia, Ukraine, there was the Ukrainian I T Army. If you recall there was some Russian based actors that came out and were doing hacktivist type techniques. This is basically non military or non nation state backed activists doing some type of, you know, support in, in support of their cause, using cyber capabilities to do this. I feel like as conflicts weighing on those capabilities or those hacktivist activities kind of weighing down. But this one has 149 hacktivist groups doing denial of service attacks. DDoS is distributed denial service. It's basically how you effectively do denial of service in 2026 hitting 110 organizations in 16 countries in the Middle East. So obviously Iran, Israel, United States. And then, you know, Iran's headed Dubai and Abu Dhabi and Kuwait is, you know, accidentally shot, allegedly accidentally shot down US fighter jets with friendly fire. So like there's a whole host of things going on in the Middle East. And this is another layer. Now what jumps out to me really quickly on this one is that there are 149 hacktivists. Hold on. Is it. Am I. It says 149 hacktivist DDoS attacks. I believe, okay, that this is 149 instances of a denial of service attack, not 149 hacktivist groups. When I initially read this, I said 149 hacktivist groups. That's insane. Like, I don't know about you, but I don't really think of that many hacktivist groups. I mean, FedEx works in a SOC for unknown named company. I mean denial of service is something that we do deal with in industry. But like, I mean, would you read this as 149 attacks, not 149 activist groups?

E

Yeah, definitely with the conflict and not to get geopolitical, but we was. What's happening. This is the moment that you should be looking at your risk registry and see if your company is a target for this type of incidents, what your company's doing for it. Like do you guys have. Actually a lot of the of the big ISPs have programs that say, hey, we can offer you DDoS protection. So this is the problem where you understand that this is going to happen, it's just going to happen, period. But yes, you're absolutely right. You gotta. I read it as 119, 110 incidents. All different, different companies.

A

Yeah, 100%. And I'm looking deeper into the story right now. It says there were 12 different threat actor groups executing these 149 attacks. Which, which totally makes sense, right? I feel like 12 threat actor groups is a reasonable number.

E

Well, keep in mind right now, one threat actor can do the whole job with AI and, and then, you know, get some clean some bots and then start hammering at the door. Because we all know that all that is is just somebody knocking at your door all the time to the point where just gonna collapse your system or gonna actually cross the entry point. That's what a DDoS is all about. You created massive traffic coming in into your gateway and then it's just going to stop. It's going to actually just crash yourself. So that's the whole point about it.

A

All right, awesome. Kimberly, can you ask Mod Chat to pull that, yeah, definitely one organization with AI could execute this. To me, the way reading deeper into it, the 12 different groups, that just further shows the how much of a flare up this particular conflict is and how people have got their hackles up. And honestly, again, not to get geopolitical, but just objectively looking at it, the Ayatollah of Iran, who was the leader, who was basically taken out last weekend, was not just a political leader but also a religious leader. When you begin to introduce religion into the equation, you get a lot more people who are passionate.

E

So, so if you threat actor Academy 101 it is. You deal with the actual emotions. Once you include somebody emotion, and that's the, that's the technique that they use on phishing attacks. You, you create that emotion. People get passionate about it. Once you start getting to emotion and passion and you bring the human, like trying to bring it to the humanity, people get really upset about it. And this is the reason this, you know, activists start doing these things, they're doing it not for the money, they're not doing it for the glory. They do it because they're passionate, they do it because they feel emotion.

A

I love it. Hey, really quick shout out. You know, Flair is a stream sponsor, but I personally, I've been very vocal about this. I really like Flair as a company. I like the people behind Flare. I call some of them friends, you know what I mean? And Cheddar Bob actually dropped in chat. Thanks, Cheddar Bob, LSU Zone or Louisiana Zone. Right. Chatterbob talked about Flare releasing this report on cyber attack activities linked to us, Israel, Iran, military conflict. You all cannot drop links in chat, only the mods can. And that's a protection mechanism to keep our community safe from threat actors. But I can drop them, so I just dropped that report there. This is very likely not a paywall thing, it's just, it's a report that they put out, by the way, 31 minute read. Holy crap. Crap. Get ready, get a cup of coffee and get comfortable because that's. This is a. This goes deep into the weeds. So nice job, Flair. Check that report out and thanks Cheddar Bob for sharing it with us.

B

Data breach confirmed. Lexus next.

A

Oh, yeah, I said Cheddar Bob, Louisiana. But I meant Louisiana.

B

Texas confirmed a data breach after hackers leaked two gigs of files, including 400,000 personal records. The attackers tried to extort the company, but apparently failed. Compromised data mostly came from legacy Systems prior to 2020, including customer names, contact information, survey IPs and support tickets. Hackers Reportedly exploited the REACT to shell vulnerability and unsecured AWS instances. LexisNexis says its products and services were unaffected.

D

And.

B

And the issue is contained.

A

All right, really quick. We did cover this story yesterday. Talked about Lexus Nexus React to shell vulnerability being exploited in the data breach. So instead of spending two minutes on this particular story, let's spend two minutes thanking DJ B Sec for dropping the link in mod chat because I think his feelings were hurt that I gave Cheddarbob all the glory and DJ B none of the glory.

E

So is he creating an idos attack because we hurt his feelings now?

A

Yeah, yeah, yeah, yeah. He's just going to spam Mod chat. So we're not allowed to manage the chat show. All right. Hey, everybody. Well, hey, can you play the anime wow. Sound for DJ B? Thank you. Thank you, DJ B Sec. All right, for real, though, this is a REACT to shell. This was a major vulnerability. I believe Clop Ransomware is the one who was exploiting that. Clop ransomware low key. My favorite threat actor group, LexisNexis is one of these big faceless conglomerate companies that have access to massive amounts of data. I'm sure whoever owns LexisNexis owns a huge boat, right? Just to put it in perspective. And they got their data breached. It's not really going to change anything. Like you and I are. I. I don't know. How many identity theft protections do you have right now?

E

I. I guess in the last six months I had about three or four. Because, you know, we're. We're actually the ones that get affected. And by the way, here's a free one year. And after the free one year, just if you want to continue, start paying.

A

So, yeah, and you have to like ask to be taken. Like they autom automatically renew you. Thank you. I will say that this particular threat actor does not have the anime female profile character. So, like that. That immediately calls into question the.

E

If it's a really legit if it's not the real anime. That's, that's, that's what makes it a threat actor.

D

Legit.

A

Yeah, exactly. But yes, the LexisNexis is one. It says Department of Justice and SEC users data is exposed in this. We'll see. It looks like LexisNexis isn't interested in pain. In fact, it looks like they're just on to business as usual. Actually, the story goes on to say that LexisNexis has suffered other data breaches in recent years, including one confirmed in 2024, where 360000 people were stolen as a result from a third party compromise.

E

So third party is hot. I mean so we, we already discussed this is either email compromise or third party compromise. Was actually getting the, the companies lately. One thing that I was so say as a parent and as a practitioner is invest on having a credit monitoring system and dart wet monitoring system even for your own children. Oh, but my child is too young. No, this is the time to start it because guess what, his information, their information is already out. So you start protecting your family by doing those little things.

A

Yeah, and, and I mean for to, to FedEx's point personally I have frozen my credit. Our like everybody in our family's credit has been frozen and you have to freeze it with all of the major credit agencies like Equifax, Experian, TransUnion. You have to go. And each one has a different way to do it because they're not like super interested in you doing it. But and it is a painful process. If you want to go get a car or a mortgage or something, you have to like thaw your credit and it's like a 30 day window. It's a pain in the butt. However, anytime threat actor comes into chat and says like oh hi, I'm Jerry. I'd like a credit card with it. When it's frozen it's like no, you got to go thawed. And it's incredibly inconvenient. And any threat actor is literally just going to go to the next name on the list instead of spending any effort trying to attack you. So it is a wonderful control. It does introduce friction to your life. But I mean I don't know how big baller you are FedEx, but like I'm not buying houses frequently so it's not super.

E

Yeah, we don't do big purchases like that. And when we do the big purchases we kind of do our research and think about it. I as much as I would love to be bowling like that and get that big boat, I am not that guy right now.

A

Yeah, exactly, exactly. In fact like just fun fact for everybody real quick and then I'll go to the next story. I had a threat actor file my, my taxes two years ago.

E

My money back.

A

No, no, I owed like $12,000. So like jokes on you sucka pay my taxes. They didn't like that. Okay, all right, let's keep going.

B

Fake LastPass support emails steal vault passwords LastPass warned of a phishing campaign using fake support email threads to steal vault Passwords, emails impersonate LastPass, urging users to click links like report suspicious activity, which leads to a fake login page that captures credentials. Attackers use multiple sender addresses and altered URLs to appear legitimate. LastPass systems weren't compromised, and users are reminded never to share their master password. The company is working to take down the phishing sites and asks suspicious emails to be reported to abuse LastPass.com okay, so two things.

A

One, if someone emails, please, can you please educate your, your end users and your family and everyone. If someone emails you from any company and says they're, they're from, like this company, it says, hi, It's Sarah from LastPass and her email is Verify Gmail. No. Well, I mean gmail too, but trezor-recovery.net like, what are you doing? Like, the first thing you should look at is the domain of the email address and be like, no. All right, so first of all, like, at least teach them that. Now, that doesn't mean that a email address could be compromised and then someone send it from that email address. Right? So these things happen. But we'd have to do essentially defense in depth, right? Like there's multiple checks. Again, I'm adding friction to your life. You just want to click again. This is a phishing attack where they're trying to get you emotionally scared because they're telling you your master password is compromised. I mean, honestly, I feel like if, if you're using a password vault, you're already kind of like security conscious and would think of something like this. But it's.

E

And last month actually introduced us a couple, I guess, less than a year ago, the passphrase. So you don't even have to have a master password now. You can do passphrase. You can do passwords less now. So, like, there's a lot of ways that you can protect yourself against these things. However, the main important thing on, on any of this, because it doesn't matter if it's LastPass, it doesn't matter if it's Bitterwater. And if 1Password or any other company, once they hold the keys on the Kingdom, they're going to have your passwords. They're going to compromise everything. It is the end users that should be able to see, hey, there's a typo squad. And they redirected me somewhere. I mean, if I get a call from my bank and telling me, Mr. Castro, we're calling you because this and this, and I was like, okay, hold on. I hang up and then I call the bank and be like, why you guys are Calling me. I'm not going to give that person information right away. Send applies to an email. If I get an email, I'm like, no, I'm going to go directly myself to the actual website and find out through them. Directly.

A

Yeah. And I feel like that is, that is the right call and that's the best practice. The best practice is the second you get concerned, like this is what I do. The second I get concerned about something, I immediately like basically flush my cash like, like, like go back to zero and then like okay, now I have a problem. I have a problem with my bank account. I now initiate action of like getting my credit card and flipping it over and calling the number on the credit card or whatever. Like you can't just be like ah. And react directly because threat actors know that and they're going to get after you. And I'll also say I don't have statistical numbers to support this, but anecdotally speaking, a lot of threat actors are very successful by basically telling you about the attack that they're actively conducting. Right? So they're like hey, like with your emotions. Yeah, yeah, well I know, but they'll be like, hey, like this is Carl from it. Someone's trying, someone's trying to. Thank you, Kimberly. Somebody's trying to get your password. Someone's trying to hack your account. Like I need you to, to reset your password. I need you. I'm going to send you an email to reset your password. Like they're literally telling you, like they're not saying I'm trying to get your password, but they're telling you that the attack is going on right now because as you're involved with that attack, it seems much more real and germane because you know, they're walking you through it

E

and if they're doing it light at the same time, I'm going to be like, hey, I'm going to send you a code. And now read me that code. That. That's the MFA.

A

Yep. Yeah, 100%. So just be mindful that threat actors are tricky in 2026. It's not all about AI. Sometimes it's just good old fashioned, you know, lying to your face.

B

Cisco warns of max severity Secure FMC flaws Cisco patched two maximum severity vulnerabilities in Secure Firewall Management center or FMC that allow unauthenticated attackers to gain root access or execute arbitrary Java code as root. One is an authentication bypass. The other affects the cloud based security, cloud control, firewall management. No evidence of active exploitation or public POCs existing Cisco also addressed dozens of other high severity flaws across fmc, Adaptive security appliance and threat defense software, cybersecurity sales.

A

All right, so check it out. Cisco, which is, you know, an enterprise grade Fortune 500. Hey, what's up Kara? A Fortune 500, you know, technology. So you're going to see this. At large enterprises has a massive flaw. This is if it's not a 9.8, I mean if it's not a 10.0, it's a 9.8. They said that there's no act of exploitation right now, so, so it's a 9.8. They don't mention who discovered this. The fact that there's no act of exploitation that they see would lead me to believe that security researchers or Cisco internally discovered this vulnerability. This is an absolute. Hold on, let me see if they have a patch, let me. Oh my God.

E

They didn't mention a patch in there. That's one of the things, and according to the story what I just here, it is a high vulnerability. It's an rce. So they can actually get to your box without credentials.

A

Yep. So Cisco has released the security updates to patch these two maximum security vulnerabilities. It's in the secure Firewall Management center software. Two things. One, two things. One, it's your firewall, right? So like this is an Internet facing assets that's designed to provide security. When that has a vulnerability, you've got big problems. Anytime you have a vulnerability or some type of issue with your security tech stack, you have bigger issues because literally it's supposed to be protecting you. Right. As FedEx mentioned, one of these two vulnerabilities is a authentication bypass that leads to root access which is essentially I don't need creds, I can just walk through the side door and, and I have the keys to the kingdom, which means I can then shut stuff down causing denial of service attacks or availability issues. I can create additional accounts, I can potentially. I don't know the capabilities of this because Cisco runs a custom iOS, not the Apple iOS but the Cisco iOS. I don't know if you could stick some type of info stealer thing in there. But regardless, you can sniff packets because all packets are traversing through the network device. It is SSH based interface or web admin panel. So this is, here's the thing, you can find this on the Internet, right? Like this is, you can scan the Internet, you can use showed and you can find this, get this patched asap. In fact I, I don't want you to leave the show. But I would pause.

E

This is the ones that you will leave the show and say, hey, we got a problem because we got Cisco and we need to pass this. Or are we protected for this?

A

Yeah. 100.

E

And that's when you say, ah, you gotta patch it.

A

You gotta patch it. Yeah. I thank you for the manual. I will say one other thing about this is like, this is not something you screw around with. There is no exploit out right now. But all that should mean to you is that you've been given time to get this sorted out before you get your pants pulled down and then your bottom spanked. All right? Simple as that. Do not, do not delay. Don't be like, oh, there's no exploit out. I'm just gonna go and get an extra, you know, long lunch today. No, go. Don't call your IT team. Call your networking team. Call, you know, hide your wife, hide your kids and go get the Cisco patch, please. All right, we are at 8:52 and that's the last story. Ooh, it feels good. We're going to get an extended jawjacking right now. We got a couple community members that have never been on camera before. You're all going to meet. Get ready to turn down a little. All righty. Holla, holla, holla, holla. Guys, I want to say thank you so very much to all of you. CheddarBob and DJ B Sec for the tag team. Back again on the flare report. Everybody's dropping the patches, guys. Squad members, love it. First timers, thank you so much for checking the show out. Hope you come back tomorrow at 8:00am Eastern Time. Don't go anywhere. Space Talk is letting Nick Barker know that we're ending on time. I love it. Don't go anywhere because we are going to be doing another show called Jawjacking. I can't do one on one coaching or mentoring or anything like that, but what I can do is provide a platform where 30 minutes. We try to answer all your questions and provide community and support and mentorship. And we're about to rock into that. So come on down, hang out. Let's have fun in chat. I'm Jerry from Simply Cyber. Shout out to FedEx for joining us on the couch for the back half of the show. Kimberly can fix it on the audio engineering. Kathy Chambers, come on down. Ross to the couch. Kyle. Kyle's in the house. We got TJ potentially joining us. I'm Jerry from Simply Cyber. Let's get into Jawjacking. Ever wonder what it takes to break into Cyber security? Join us every weekday for Jawjacking, where industry experts answer your burning questions about the cyber security field live, unfiltered and totally free. Let's level up together. It's time for some jawjacking. Come on down. All right, so check it out. Welcome to Jawjacking. This is a 30 minute AMA. We're live at Zero Trust World. We pulled the camera back. Kimberly can fix it is on the audio. You can see her hand. And we just got a quick shot of you, Kimberly, as you leaned over on the board. We are joined live. Guys, you want to put the can do we have cancer Him? Oh, no, no, Kimberly's on him. All right, you, you can hear us. It's fine. You can hear us. Guys, let's go down the panel. Let me, let me allow our guest jawjackers today to introduce themselves. I know many people know who you are, but go ahead and give us a 15 second start with FedEx and walking on down the line.

E

So Federico FedEx, aka FedEx Online and just Partitioner working right now at a sock somewhere and just, you know, been doing what we like to do is help others to get into the industry and mentors as well.

A

All right, so if you got questions around sock soc analyst work, soc experience, different stuff, you can drop them in chat next on the mic. All right.

D

Hi everybody. I'm Kyle. You may know me as Kyle.

A

Kyle the real Kyle.

D

Kyle the real one. Yeah. So I work for a local government as a cyber security specialist. That means I do all things cyber from policies, edr, firewalls, etc, cameras.

E

Sometimes you're on one man show.

D

No, yeah, yeah, one man show. But I got a good team with me also and deep, deep into the risk management framework or the Coast Guard. So I know about ATOs and all that stuff. This control families.

A

All right, hold on one second, hold on.

D

Oh, yeah, all day.

A

All right. And finally rounding out the panel today.

E

Yeah.

C

Hey everyone.

F

Ross, been in the industry for about 20 years. Started in IT, moved on to cyber or cyber adjacent about 10 years ago. Started with GRC, PCI compliance and such, and now leading some cyber and still some IT for the organization. Just happy to join live.

A

I love it. Thank you so much. Joining us, Ross and Kyle. Kyle, guys, really quickly, if you have questions for us in chat or for the panel, drop a queue and I will facilitate getting them answered. If you want to ask a specific panel member of the question specifically, call them out in chat really quick. I do want to just ask to get the, you know, the things rolling here. Kyle, Kyle, Question for you. That story, if you caught it at the end. Cisco fmc, the firewall management console has two really nasty multi max vulnerability zero days that allow for authentication by. Yeah, I'm not saying you have this in your environment, but as someone who has responsibility over firewalls, as you just mentioned, you know, what would be your approach to this? I mean, is it like, like your thought process, right? You hear the story. I mean, are you dropping everything? Are you calling someone? Are you just going to lunch? Like what. What's your thoughts around something like that and how it. You might do it as a practitioner so others in chat can begin thinking like that.

D

All right, thanks for the question, whoever asked it and for facility.

A

I asked it.

D

Oh, thank you. Yeah, yeah, thank you, Jerry. Well, I rehearsed for this last week with Palo Alto. So what we, we, what we did is we have a high availability pair, which means we have one firewall that's always active and we have a second one running with identical configurations and rules and all that stuff. And our, our practice is to patch the secondary first. But first we, we take it offline so that the primary firewall doesn't try to fail over to a firewall that's trying to update because that won't go well. So we patch the secondary and then we make secondary active, patch the, the primary and put it back.

E

And you know, that's, that's the whole thought about actually doing h. High Hi. High I. When you actually high availability, you make sure you continue getting the business to work but also taking care of the stuff in the background.

D

Yeah, absolutely. And it's pretty cool to see it just switch over in real time. And I was on the VPN the, the whole time and I didn't get dropped off my VPN or, or anything. So it was like zero interruptions.

A

Okay, Kimberly, lower the music just a little bit. Joseph said it's louder than Kyle. Kyle, we're trying to give you some vibes while also answering your questions. Ross, question for you. Ross and I are just getting to know each other, so I'm not 100 sure if this question is in his wheelhouse. So sure. Far far get in one. Far get in one. Thanks for the question asks. Any tips for standing up threat hunting in an MSSP sock? So thoughts around basically initiating some type of threat hunting capability?

F

Yeah, so I, I'm a, I work for a retailer. I'm not in the MSP space, but

A

I doesn't have to be for msp. Just, you know, it could be for a single Organization.

F

But I, I would say always start with the basics. I think understand the environment, you know, what do you have? The criticality of those assets, the value of them, what's your risk profile? So that, that will be, that would be my suggestion. Just, you know, the basics still matter.

A

All right? Yeah, definitely. Best practices. Don't try to boil the ocean. All right? Start at step one and then go to step two. These people who, like, you know that meme where the kids like walking up like nine steps, don't do that. Okay? There's a reason, there's a process. All right. Hey, Ross, real quick, Space Tacos wants to know, do you have like an online handle or are you just a lurker? Like, they want to know who you are in the chat.

F

Yeah, I'm Ross in the chat, a bit of a lurker, but I'm in Discord LinkedIn and I'll connect you folks afterwards.

A

All right, very cool. I also want to say shout out. Really quick shout out to all the people I've been. I have met probably five or six people at Zero Trust World who are like, hey, I've been with the show for years. I've never chat. I don't want to chat. Some people said that they get to work at 9am and they put the show on and listen to it on replay. Shout out to all the sales engineers. I had a guy come up to me, he's like, I'm an executive sales engineer. I handle the big deals. And he's like, I literally listen to your show because I don't know anything about cyber. And like, I just have listened to your show for years and then I can go into a meeting with clients and, and like, understand what they're saying. So, like, I never thought of that as a potential audience member. You know what I mean? Like, I'm thinking it's for practitioners by practitioners, but hey, you know, everybody's welcome here at Simply Cyber. So if you're getting value from the show, holler at you. All right, let's keep going through the chats here.

E

Question, James, from James McQuigan, are you looking.

A

Yeah, I mean, I'll, Yeah, I'll handle facilitating questions here. What are you looking forward to today at Zero Trust World? Sessions, vendors, HallwayCon, FedEx. Go ahead and take this question. What are you looking forward to at Zero Trust World?

E

I actually excited to see what they're going to bring when they say failure is not an option. There's supposed to be some brand new news about some Flash grip product that they got going on. So I do want to know what is the product?

A

Yeah, that's right. Zero Trust World. Threat Locker has got a huge reveal. It's like kind of the anchor for the conference. Danny Jenkins CEO, Co Founder Dropping that knowledge today. Kyle. Kyle, this definitely feels like a panel question. What are you looking forward to today at Zero Trust World Sessions? Vendors hallway Con other.

D

Well, I believe today we get to hear from Malware Attack.

A

Oh yeah, Marcus Hutchins.

D

Yeah. So I'm super excited about that. Yeah, I didn't have to go to Vegas to hear him talk in person.

A

Yeah, I don't know if Marcus wants to go to Vegas either. Last time he was there, had some challenges.

D

A little awkward.

A

Yeah, yeah, yeah. Ross, what are you looking to.

F

Yeah, likewise. I'm waiting for that session as well. Should be very interesting.

A

Yeah. I gotta say, Threat Locker really did go all out. Like Linus Tech tips is him. Linus and and his buddy are here as panelists. They had, they had a guy who's like, you know, well known celebrity. I think his name's James Silver or something. Oh yeah, yeah. Like the guy who was like mission control for all the Apollo missions was like involved. Like they, they kind of got some, some bangers up in here and, and,

E

and I, yes, James was taking pictures yesterday with the OG people that started doing podcasts before. Podcast was famous Leo. And somebody had helped me out in the air because I was like, I, I don't even know who these guys are. And I was like OG Yeah.

D

He posted them on the Discord, right?

E

Yeah.

A

Oh yeah. And just, just a reminder to everybody, definitely go to Simply Cyber IO Discord if you're not already there because we are posting photos, sharing experiences and just having fun. There is a general chat of course, but then there is a con chat also. Just let me announce this right now. We've been talking about getting together here. If you are at Zero Trust World this evening for Simply Cyber Community meetup, the location has been nebulous at best. There is an actual party here that Threat Locker is hosting. That's going to be a huge venue. There's going to be plenty of space. So we're actually confirm, I'm confirming that we will be meeting at that event and having a big old meet up and high five. So come on out. Look to the Con chat channel on Discord for more details around that quick little shout out to Lazaro Rivera. Can you play the anime sound please? 32 months squad member. Let's crush the day. One of my favorite Stories. Lazaro Rivera, guy who came to the community looking to break in. Broke in. And we've just been following his career as he's been going along. If you have any questions, this is jawjacking. We are a panel of practitioners here to help you get all of the answers to all of your questions. Drop a question in chat with a queue, and we will get that as quickly as possible. All right, I don't see any questions in chat at this time, so we will send it over. Hold on. Yeah. Okay, so we will send it to the group. Ross, see best. Ross, give it. Give us a. Give us a tip here for best practice as far as, like, job hunting. Like, this is a common thing for the community. Job hunting or standing out or crushing interviews. Give us. Give us your best tip.

F

Yeah, I'll say as an introvert, go out of your comfort zone. Make it to events like this if you can. You know, before you. You need it, right? It should be about building relationships and. And trust, and that takes time, and, you know, you can do it if you. If you need a job. But I'll say if you truly care, if you want it bad enough, step out of your comfort zone. It gets better, and it's awesome you have experiences like this. Meeting folks. So definitely network. Go out, meet folks.

A

Yeah. 100. And, you know, if you're. If you're not uncomfortable, then you're not growing, right? I mean, to kind of put it plainly. Kyle. Kyle, Drop. You know. You know, I know. I. I don't know if you have kids. You have kids?

D

Oh, yeah. I got three of them.

A

Holy Jesus. Okay, three of them. So let's pretend your oldest comes to you, and it's like, dad, how do I get in cyber? Like, it's. It's your own blood. Like, what's your tip?

D

Well, I have a whole talk on this, actually, about how I weaseled my way into cyber.

A

Okay, well, give us the highlights, and then. Is it. Yeah, Is this talk online? Can people go dig in?

D

There's a recording from B Sides Orlando, and you can catch it again at B Sides Tampa.

A

Okay. All right. All right, well, then give us a little teaser. Sell us on it.

D

Yeah, so. So I. I have probably, like, a bunch of the excuses, like the depression, anxiety, the adhd. I've got kids. I didn't. I didn't even think about going into cyber until I was 32. But I busted my butt. So you're gonna have to bust your butt, right? You're gonna have to work too much. You're Gonna burn the candle at both ends for a while. But you're gonna have to take care of yourself. You have to feed yourself first. Right. That's something that I learned. You got to be able to say no to the things that are taken away from your goals and from what's helping you grow and, and be healthy. Right. So like I, I walked off of a job. I didn't walk off. I said, well, tonight's going to be my last night working. Because it was cutting into, it was conflicting with my school schedule too much. And I wasn't there for a long time. I was just there for a good time. Basically, right. While I was going back to school, like, like getting the degree, getting the certs, getting plugged into the community. I jumped in, got on the, the cyber security club at school. I started listening to podcasts like this and I feel filling like my social media with the industry. So you just completely immerse yourself.

A

Really.

D

I think that's the biggest thing is you're going to have to completely immerse yourself. And it's not a sprint, it's a marathon. Right. I think I applied somewhere between a thousand and two thousand jobs over the course of two years.

A

Wow.

D

But I landed, I landed a job that I now live four minutes away from. Right. And it, and it met my minimum salary. I had a minimum salary. Like I couldn't even consider anything under $70,000. I have three kids.

A

Yeah, yeah.

D

Right. So like, I wasn't, I didn't have time to go to a help desk, so I had to work like I was going into like a mid level position. So basically you have to, you have to do too much.

A

There you go.

D

You have to do. You have to do the right things.

A

So there you go. So the tldr, there's no easy button. You got to put in the work and you know, just. Manifest destiny, right? You put in the work, you make the effort, you network, surround yourself with what you want. And you know, eventually. And this didn't happen overnight. Right. Just to confirm, this was not like a.

D

No, definitely not. I started applying for jobs like when I decided I was going to go back to school. Right. I got my bachelor's in 20 months. Okay. And I had a job lined up like my last month graduating. I said I, I could start in July and I graduated in June. Right. And that wasn't, that wasn't a given either. They told me no at first.

C

All right.

D

And they called me back to see if I was still in the market. Cool.

A

There you go. So speed running, running in parallel. It's good. Not to mention, I just want to quickly point out. Kyle. Kyle, you must use great facial moisturizer because he broke in at 32, which is four years from now. So, FedEx, FedEx, what's your. What's your go to tip?

E

You know, I. I keep saying this your network, but don't come to the network and be like, I'm gonna get a job out of this, because that is the wrong way to do it. You're gonna come and meet people. You're gonna come and meet practitioners. You gotta do the work. You do have to put the work in. And there's this phrase that say, the best time to find a job is when you have a job, not when you need a job. So if you are in the moment where you feel that you need to move to somewhere else or you're not happy where you're at, you should already start doing the job. The word three weeks, four weeks even three years ago. It's not something that you do it when you need it. You start doing it in the past, and that's how you do it. My current job, I mean, I actually believe probably my last three jobs are all being network. There's jobs that hide. Good paid jobs, good titles, and they were never posted. They were literally, hey, we got this going on. Would you want to come and be part of the team?

A

There you go. So don't think that you're going through the front door. Always there. You know, just put the work in network. Your net work is your net worth, as some people say. All right, so check it out. Nathan, Allison has a question. How do you recommend going about getting organizational leadership to include OT team members at the cyber security table or tabletop exercises in a diplomatic way? Now, one of you has o. Has the work in ot, right? Is it. You have ot, don't you?

D

Now, we have very little. So we have like some. Some pool pumps, whatnot. We sold off our. Our utilities.

A

Okay. I talked to somebody yesterday who's just taken on a bunch of ot. Is it. It's you, tj, Right? All right. Do you want.

D

Jay, get in here.

A

You want to talk about this? Hey, we have. We have a guest. We have a guest and a person coming on really quick. TJ is Find the True 2. He's going to be answering this question specifically. So, TJ kind of get in there a little bit. Thank you, Kimberly. Yeah, yeah. Oh, and we got camera operator. So. So, tj, the question is, and I'll read it again. For you because you don't have visual. How do you recommend going about getting organizational leadership to include OT team members in cyber security tabletop exercises in a diplomatic way?

C

What is our, what's our guy? Mike.

A

Mike Holcomb.

C

Holcomb. That would be a perfect question for Mike Holcomb because I think he's actually doing some training now that resemble tabletop type stuff for himself, I believe. So that would be, that'd be more of a hulking question for us. It's go turn something off and you know, make your management angry and it really gets fun after that. So.

E

All right, but you got to create a niche. So remember, necessity is the mother of all, of all solutions.

A

I'm going to ask you another follow up question on that. Go ahead.

E

And if you want to get into that talk into the cyber tabletops, then you create the need. You show the business why matters. And, and remember, it's not. It matters because it's network. No, it matters because this is the numbers. If, especially if you're talking to somebody that's on the business side, it's going to be the. They see numbers, they don't see the technology. So then you got to speak their language.

A

Yeah. 100. So TJ, as a follow up, as far as getting, just take the OT kind of piece aside, like in general, what is, what is your best practices, diplomatic ways to get people into tabletop exercises or to kind of like think through simulations? Because just as a real quick aside, TJ and I spoke yesterday and he told me about, you know, coming up and how he approaches work. He trains very hard. He trains his, he forces his team to train very hard to the point where they are like, Jesus Christ, tj, Like, why are you pushing us so hard? He has a reason for it. So tj, given that background, you know, what's your best practice to like smooth the rough parts and getting people ready for these tabletop exercises?

C

There's, there's going to be times that suck. Things that you, you didn't see coming, things you're not expecting. So what we did with our team was to train and practice and practice some more. We were working on a particular Christmas day, but we went out and trained anyway because the threat actors, the bad people, they're not taking a day off and they really don't care who you are or who your family is. So you got to train and you got to train hard when it's, when it's rough and it's very difficult to understand. Now you're in the sweet Spot as soon as you can smooth that mess over. Now, now we can do something. Awesome.

A

Yep. And really quick. Just we are big on explaining acronyms. OT is operational technology. It's basically like physical systems. Right. OT would be like opening an event to vent some gas out or something like that. All right, next question coming in. Hey, this is a fun one. Just kind of run down. This is like a quick five second answer each. What's your from Space Tacos. What is your favorite T shirt you ever took home from a conference? Tj, you got one.

C

I can do it right now. Yeah, this is Blue team village. I got it in Vegas last year. But my favorites are the ones I actually bought which were all the noob village and I bought all the colors so that's my favorite.

A

All right, there you go. Ross, favorite T shirt.

F

Yeah, for me I used to be a Fedora ambassador so it would be one from a Linux conference that I attended a few years back.

A

All right, there you go. Kyle. Kyle, what you got?

D

Wearing one of them right now.

A

All right.

D

Trusted Sec and uh, there's another one from Huntress that says I'd rather be fishing.

A

I Love it. And FedEx. What's your favorite con T shirt you've got?

E

There's so many teachers but I, I, I do like the, the ones from Wild West Hacking Fest and actually the one from Simply Cybercon.

A

Yeah.

D

Thank you.

E

And, and to be honest with you, my kid, my little one, enjoyed getting those T shirts too. So even this morning when she woke up she's like dad, look at the T shirt I'm wearing. And it was actually a white night Lies T shirts.

A

I love it. And for me Space Tacos. You know, obviously I'm biased. I my simply Cybercon T shirts are my favorite. I love retro Sy Kimberly has taken that under advisement when she designs the logos each year for the, for the conference. So that's my favorite. Mickey, coming in hot. Is an unpaid internship for six months with the possibility of a job afterwards worth the experience. Ross, make unpaid internship six months with like the possibility of a job afterwards.

F

Yeah, I'll say if, if it is actual work in the industry, in the space. Because, because some of them are not. Some of them are they selling us one thing and it's another. But if you are actually doing the work then you're getting experience that you would not get otherwise. So I'll say definitely.

A

All right, there you go. It is worth it. Kyle, Kyle, you were quick to pull up the mic so you got a follow up thought on this 100?

D

Yeah, 100 worth it.

A

All right, 100.

E

I'll tell you something. You got to look at your finance. If you can do it, why not? It is a question that you got to answer to yourself and, and maybe talk it out to your spouse or to your significant other. Find out if you guys are in the condition to do it. But if it's in the industry like Ross say, yeah, why not? It's experience. And to honest to be told is that many jobs, sometimes you start that way and get hired.

A

Yep. And I would just follow up unpaid or paid, whatever it is, bust your hump. Like stand out, do more than you're asked. Like, dude, if they have an opportunity, it's much easier to be like, oh, like Kathy's been killing it over here. Like, let's just bring her in instead of going out and shopping the market. All right, this question for Ross, because Ross self identified as an introvert when attending events. How do you join a group of people already talking and mingling? I'm intimidated to approach an already established group and have nothing to to say. Thank you for the question. SC 342 Ross.

F

Yeah, I, I feel you. I know exactly what that feels like. I'll say again, it goes back to breaking out of your comfort zone and just, you'll be surprised how friendly folks actually are. Just, you know, walk up to a group of folks and you know, introduce yourself, say hello. They'll probably jump in, ask you, you know, what you do, who you're working with. And that's how it starts. Just take that first step and introduce yourself. And little by little it gets better, it gets easier.

A

Yeah. And just as a follow up, personally, I would say just a great move that I have experienced myself personally. We have the Simply Cyber Discord server, SC342. So go to simplycyber IO Discord, join it. And you're like, oh, I'm going to Zero Trust World. I'm going to defcon. Is anyone else going there? And, and you can already kind of establish some connection and some relationship before you even get there. So then you're not walking up to a random group of people. You're walking up to people that you've kind of chatted with and you've already essentially broken the ice. Question for FedEx. Angular 777 says, I've been typecast as a troublemaker. Feel like this is in your wheelhouse. I've been typecast as a troublemaker. I don't want to leave my company. Is it too late to Get a promotion.

E

It is never too late. I am a walking HR violation. For those who actually know me, it is how you handle your business. Like, to be honest with you, I, I'm a really straight shooter forward. I tell you what it is. Sometimes even my supervisor is afraid or my boss is afraid of what I'm going to say because I might just tell the director that you're wrong and tell it to their face. And, you know, they don't like to hear that. But yeah, I'm on HR violation and yet I'm still working.

D

Why?

E

Because I stay true to myself. I actually do the job. It's not just show. There is actually a lot of work behind the scenes that people don't notice it. And that's, and that's really what's. When you become that important key element for the business, become that person that the business need, become that unicorn that they wanted. And then you're going to get promotions. I myself, I'm looking for one.

A

Yeah. So, hey, if FedEx's boss is in chat right now, take note. Hey, really quick. I, Quick fun fact, really quick. Someone just walked by and waved. And I thought they waved to me and I waved, but they were waving to someone behind me, so. Oopsie. Oh, thank you, David. Hey, so as a follow up to that question, I want to look at it from the other side. So TJ is the boss. Tj, if you had a troublemaker on your staff, which is kind of funny because we, yeah. If you had, if you had a troublemaker on your staff, is that person obliterated from ever receiving promotion? Like, like, give it to us from the boss's perspective. Now.

C

I, I want to make sure, I want to make sure that they understand what, what's expected.

D

Right?

C

Because if they can understand what's expected and I'm getting something completely different, or they're constantly playing games or, you know, wet toilet paper in somebody's seat or, you know, moving, you know, you know, whatever. If it's a constant thing and it just can't be fixed, you got to bring them in to have that talk. And if they understood what you're asking and didn't do it anyway, you know, stick out of hand. Thanks for, thanks for being here. Appreciate it. You know, but I, I, I just, I don't have time to go chase problems around there. There's enough in the world right now.

E

All right.

A

Thank you. So, Angular, great question for the chat. I feel like that's another one that people have that don't necessarily feel comfortable Comfortable asking. So here's a question and I, I invite the entire Simply Cyber community to answer this question in chat if it resonates with you. All right, so the question is Goats. Since Yost asks, what's the average amount of sleep you need while trying to advance your career by studying at the end of the night after the family is asleep? So Kyle, Kyle mentioned earlier, grinding, doing all the things, putting in the work. You know, he's got three kids. You know, you've got family responsibilities, you've got personal responsibilities, you've got commitments that you've made. You got to work a full time job sometimes to pay your bills. So where do you find that time? Some people will carve out sleep and say, all right, I'm going to do it here because of this, this, and this. I fortunately am super fortunate. My wife was incredibly supportive while I was pursuing my degrees and my career and stuff. So we had our own tag team kind of situation, so I was able to get my sleep. But Kyle, Kyle, just to start with you and then panelists give me kind of a nod if you want to follow up on this one. You, you said that this is what you have to do. So how do you, how do you time manage something like this?

D

Yeah, so I found myself, like, if there's like articles and stuff you have to read, I, I found out, you know, hey, my MacBook can read that stuff to me. So I would, I would sit outside and in a chair and let my kids play in the front yard while I was listening to the article and stuff like that. And then I could go do my, whatever the, the post. You know, you had to do all your, your, your post and reply to somebody else's post. Yeah, yeah, yeah.

A

Your LinkedIn daily bingo card.

D

Yeah, yeah, dude, I'll do that part later, you know, so fine. Try to find ways where you can save, save time on, on other things and not necessarily sacrifice so much sleep because you do need sleep. You know, if you're more rested, you're going to perform better. So that's just one of my tips.

A

Yeah.

E

Espresso coffee.

D

Oh, yeah. So I, I mentioned I have adhd. I'm still in the coast Guard, so I can't take the good stuff, so I compensate with copious amounts of caffeine.

A

All right, I love it. Go ahead, Ross.

F

Yeah, I asked something very similar once to someone very experienced, and the answer that I got was, you make time for the things you love. Which sounds great, but at the same time, it wasn't a very practical Answer what I'm doing and what I've gotten more as a practical way of approaching this is inventory. Your time. Your calendar is your best friend. If you look at what you're spending your time doing, don't guesstimate. If you're honest with yourself, you're going to find time to study, sleep, whatever the case may be. We have so many distractions today that we do not even realize we have. So I'll say, take a hard look at how you're spending your day. You find something.

A

All right. And thank you. People in chat. I see lots of people sharing their own experiences. Casually Joseph Phil Stafford, Bruisen Hacks, Justin Gold and others. So very good. Rich 464. I'm just grabbing one because I see it in chat. I'm transitioning from a sales development role into account management and auditing. I have struggled with small talk. Any tips on resources that may help me communicate? So I'm assuming Rich464, you're talking about small talk to communicate with the business, Not. Not like at conferences and stuff. I mean, I don't know. Like one. One tip that I've heard that I. I use periodically is like, I'm a very, like, honest person. Genuine, right? So, like, if I walk up to, like, TJ And I'm going to talk to him, like, we're at work or something like that. I mean, if I have work, work, I'm like, hey, I'm Jerry from the audit department. I got to talk to you for a minute. Like, we're just getting to work, but if I'm trying to ice break, I'm not gonna be like, oh, cool shirt. If I think your shirt's not cool, I will. I will look at someone and find something about them that I like, whether it's like, their shirt. You know, he like his. He's got these buttons on his lanyard right now that are interesting. It's like a little challenge going to Hunted Zero Trust World. To me, that's immediately something that I'm like, oh, dude, I saw those buttons. Like, how was that challenge going? Where did you find those buttons? Right now we have an instant rapport. That's like a super easy, small talk thing. It's not like, hi, I'm Jerry. Do you like the beach? It's much more like something that he obviously cares about because he made the effort to get those buttons. So that's just like, a thing to do. Like, FedEx is wearing the suit jacket now. But I know FedEx. He doesn't typically Dress like this. So, like, the immediate question is, dude, like, that jacket looks great on you. Like, what's the. What's the occasion? And I know there's an occasion. So to me, those are, like, your best practices for small talk. It's not necessarily having a stable of, like, responses. Like, you're an AI bot and you're like. Like, insert, like, this thing. Just look at the person and find something that you genuinely are interested in and go for it. Also, be mindful. We live in 2026. Do not walk up and be like. Say something that's, like, totally inappropriate about, like, how someone looks or, you know, I mean, like, oh, like. Like something leery that is not going to be your friend in this case.

E

So you always. For those who actually know me and see me in conference, they know that I wear a button and it has my name on it. It's a digital tag with my name on it. Believe it or not, this thing costs less than $15. And the compliments that I get from this or the questions that I get from this to break the eyes, I got people approaching me and say, where do you get that?

A

Why?

E

What does it say in there? Who's FedEx? Just my name. It's just a little investment. Little thing that pops the eye. And you know what, Jerry? I am wearing more jackets lately because I. I'm dressing for the job by one, not for the one I have.

A

All right, this guy's killing it. TJ's got the mic. Let's go. TJ,

C

if you were at a boat show, would you ask them how long they've been on a boat? Right? How long have you owned one? How long have you been on the water? Is your family involved in it? So I'm at a cyber conference. So how long have you been doing this? What. What things, you know, catch your attention? What is it that you're here to learn about or to sell? It's. It's really silly things. Where's the water cooler? You know, just a simple thing just to get the thing kicked off. Everybody's just as nervous as you are. For the most part. Believe it or not, I'm nervous. I really don't like crowds, but I need to be here because there's. There's two things that I've already done, and I got two more to do. And after that, we'll be in great shape, so mission accomplished.

A

I love it. No, this is so good. And so many people sharing their own tips on this. I love these type of questions where it's really personalized, like how people have developed techniques really quick. I want to shout out Mara Levy, who, who has used this technique to actually break the ice and introduce herself to me. She uses stickers as a segue. And a lot of people in cyber security sticker up their laptops. We normally do stickers. I, I, I feel like a absolute joke because I haven't made my 20, 26 stickers yet, and I don't have any to hand out, which makes me feel bad about myself. But, yeah, stickers are another winner.

E

Yeah, I've done those too. I actually order 200 stickers for 20 bucks. Unfortunately, they get here tomorrow and they got late, but I, in The last, probably six months, I had give away FedEx's stickers, probably about 400 stickers, and it didn't cost me $40 just to get 400 stickers. So, yeah, people actually like that stickers. I always say stickers is the, the challenge. Going to the other conference, everybody loves stickers.

A

Yeah, it's good times, too. And then, like, you throw it on your laptop and, you know, someone sees it, they're like, oh, like, I, that's cool. I know that person. Or like, where'd you get that? Or, you know, it's another way to break ice. Very cool panel. Did anybody have any other, like, icebreaker type things that they want to share?

D

I'm right on your team with that, Jerry. Just finding something about the person or something, something they're doing. Like, I'll be like, oh, cool laptops legion. Like, did you just get that? How do you like it?

A

Yeah, you know, I did, and I love it.

E

He doesn't have stickers.

A

Like, yeah, you don't got stickers yet.

D

Yeah, I don't really like stickers either, but I'm, I don't know, Small talk kind of comes naturally to, to me, but I've, I've heard, I think it was Cyber Risk Witch in chat one time said that she, I'm sorry, I don't want to speak for you, but one thing that I've heard, I believe that she suggested it was, if you, if you're not that comfortable with small talk, find somebody who is kind of have like a battle buddy, you know, like, yeah, get, get a, get a FedEx. Because he, he, he doesn't mind talking to people and introducing stuff.

E

You know, I'm an introvert. I do mind, but, but I do step out of my comfort zone when I'm in conference. And that's probably the reason, like, when we walk around a lot of people see, hey, FedEx. Hey, FedEx. And then I start meeting the people and I'm interested. It's like, tell me more about your life. Tell me about what you're doing in here. Hey, by the way, I only got two more minutes, but you know what, let's. Let's keep the conversation going. Let's connect and let's. And let's follow up later though.

D

Yeah. Or it's another thing I do sometimes if we're. If we're in a group and I see somebody kind of like, slow down, they're walking by and like, you know, make eye contact. I'm like, I'll say hi to them, let them know that I see them, and maybe they'll say hi back and stop and then invite them in.

A

Solid move. Looking, Looking out for the community. And that's, that's a, that's a real move there, you know, I mean, that's like being selfless. So. Thank you, Kyle. Kyle. And everyone in chat. I do want to say shout out to everybody who joined us for Jawjacking today. I am looking forward to replace this co pilot button. That's probably the only thing I hate about this laptop, but we'll get that sorted out sorted quickly.

E

You're gonna ask copilot how to remove copilot?

A

Yeah, yeah. I'll tell you what, I use Microsoft Edge to do one thing, download Chrome. Like, that's literally. That's all I use it for. All right. Hey, guys, really quick run down the panel. I want to thank all of you. We've got just a minute here, starting with TJ and working your way towards me. Tj, we're rounding out and finishing the show. So if you got something you want to share, blog, LinkedIn account, anything. I know you just said you're kind of introverted, but like, welcome to the party, pal.

C

Yeah, really. I mean, because you can't really be around Jerry and FedEx for very long without meeting, like, almost everybody. So buckle up, buttercup. Here we go. I can. And I'll put some of that stuff. A lot of you I'm already connected with. Mar Levy, Phil Stafford, Elliot. Elliot, Matthias. And I mean, just tons of you I'm already connected with. But on the intro, introduce yourself. I think that's the channel. Anyways, I'll put some stuff in there later as well. But my LinkedIn, I'm on there twice a day. But yeah, man, if you got questions or whatever, I'm always in discord if, If I'm not at a conference. But yeah, Whatever you need, man. Holler at me and we'll see what we can do.

A

All right. That is tj, AKA Find the True two on socials. Ross, promote something.

F

Yeah, likewise, I'm, I'm on LinkedIn regularly. Also the discord and likewise. I'll, I'll, I'm connected with most folks, but I also post my, my LinkedIn the link to my LinkedIn page and I'm spot of the personal branding class or something that I'm working on, but it's, it's no near ready yet, so.

A

All right, all right, it's coming. Stay tuned for that one. Kyle Kyle, Promote yourself.

D

Yeah. So Kyle Ford, the real, the real Kyle Kyle, also known as the lead analyst. So my LinkedIn super easy. I recommend it to everybody. Just get something as easy. I'm the Kyle Ford on LinkedIn. Easy to remember. Yeah, I'm, I'm a resource. So if I don't know a question or something, I'll send you to somebody who is, know a lot about free trainings and, and stuff like that and we'll point you in the right direction of some other, some other resources.

A

All right, FedEx, let's hear some promotion.

E

If you have not connected with me, just come find me. Just FedEx or Federico. FedEx Castro. But yeah, let's, let's just keep going the conversation.

A

I love it. And I'm Jerry from Simply Cyber. If you feel like you're introverted or a lurker, there are a lot of questions about how to, you know, network and socialize. Here is an entire panel of people who just, you know, shared their socials, shared their discord. Open to connect. You know, take the first step. You know, it's an easy, it's an easy button right here and then you can kind of build upon that. I want to thank the panel for joining us today. TJ Ross, Kyle and FedEx made it a great experience. I see a lot of people in chat talking about how much they enjoyed the jawjacking segment of the show. We'll be back tomorrow at 8:00am Eastern time to do the show again live from Zero Trust World. Thank you to Kimberly Can Fix it and Kathy Chambers for the engineering operations here live on site. And the mod chat DJ B, Justin Gold, Casually Joseph and others. Dan Reardon for the meme of the week. An absolute banger of an episode. Again, I'm Jerry from Simply Cyber. Until next time, stay secure.