A

All right, what's up, everybody? Welcome to the party. It's May 22nd, Friday, going into a three day weekend. Give me some of that. All right, what's up, everybody? This is Simply Cyber's daily cyber threat brief podcast. I'm your host, back in the saddle, Dr. Gerald Ozier, coming to you live from the Buffer Ozer Flow studio. Thanks for being here. You're about to get the hot pipe and fresh top cyber news stories shoveled high on a plate like a stack of flapjacks. And just open your gullet and get ready because I'm going to be delivering the heat alongside the simply cyber community. Let me just get my situation sorted out. Let's go. All right, what's up everybody? Welcome. Welcome back to the party. Shout out to James McQuiggin at 35, 000ft covering for me yesterday. If you guys want to know the deets on that, I'm happy to talk about it at the end of the show. But the good news is we are off and running on this beautiful Friday morning here in the low country. I hope it's great wherever you are. What a banger of a week, guys. You put in the work, you put in the effort, and now it's time to reap that harvest. We got a great show for you. We're going to go through eight stories, the top stories of cyber security. And over each of those stories, I'm gonna break it down, go beyond the headlines, give you insights, value that you will not get anywhere else, I promise you. And if it's a topic that I don't know, because spoiler alert, it doesn't matter if you work a thousand years in cyber security, there are things that you will not know about. And guess what? We've got a community, people. We are legion. And if I don't know something, I guarantee you folks in chat are going to know. That is the power of community. That's the power of a network. And we deliver the goods, as it were, every single weekday morning. Now you might be like, oh, Jerry, it's easy to run a podcast. You know what the stories are. Nope, I don't. Guess what? Ain't nobody got time for this. That's right. I don't know what's coming down the pike. I haven't even opened the stories yet. Coming in hot. I shared this in Discord with some people a little while ago. Let me know really quickly if you vibe with me on this one. Guys. I got up wicked early this morning, 4:30am, in order to take my Son to the school because it's like a field trip that's like hours away. So they had to get on the bus wicked early, come back to my house, it's 5:30. Normally I wake up at 6:30. So I lay down for an hour. I wake up an hour later. It's. And I'm exhausted. Like, I'm the Keeper from oh my God, that show back in the 90s. I can't even remember it. But like the Keeper. Okay. Just like, ah, right. I'm. I. I had to do a emergency infusion of coffee. I think it's working. I'm feeling. I'm feeling the vibes. I'm pegging out over here. So just. I don't know if anyone ever's done that. I got a full night's sleep. Then I lay down for an hour and I feel like I haven't slept in a month. All right. I got so distracted. Guys, what's up? Tails from the Crypt. Thank you. Low Pro. Exactly. See what I mean? Do you see what I mean, people? When I talk about community, I don't know the answer. Boom. Jared's got it. John's got it. Berg's got it. Marcus got it. Low Pro's got it. Everybody straight. Got it. Jenny Housley and Mod Chats got a Tails from the crypto. And if you don't know because you're young, here is what the Crypt Keeper looks like. Just to give you. Just to give you perspective on how I feel or how I felt when I woke up. This is the Crypt Keeper. This is a p. This is a visual on how I felt when I woke up from this nap. All right, guys, now check it out. Besides the Crypt Keeper, if you're here for the first time, first of all, you're probably like, holy Jesus, what is this guy on? And can I get some of it? You know what I mean? So here's the deal. If you're here for the first time, welcome to the party, pal. Drop a hashtag, first timer. In chat, you are getting a representative example of what this show is. Believe that. Drop a hashtag, first timer. We have a special sound effect, a special emote, and we will love welcoming new people to the community. A lot of times communities can be intimidating because you see everybody, you know, high five and patting each other on the back and you're like, oh, like the guy from the party in that meme picture where he's like, in the corner, he's like, they don't even know, dude, don't be that guy. Don't be that lady. Just say what's up. This community is wicked welcoming, super inclusive, and honestly, you're part of the community until you don't want to be, right? Or. Or. And by that, you can leave yourself or you could start being toxic and we'll go ahead and drop you off at the next port. Simple as that. Okay, first timers, check. Got. Oh. Did you know? Oh, my God. This guy with the hot takes. Every single episode of the Daily Cyber Threat brief, including this one, Daniel Lowry, is worth half a cpe.

B

What?

A

How is this possible? Well, it's because if you strip it all back and you look at it. Actually, this is an instructor led webinar. I am a qualified instructor with 20 years of experience and tons of education, and I can run a threat brief. No big deal. So every episode is worth half a cpe because one hour is one cpe, and we do this show for an hour. So you might be like, bro, I want one full cpe. Well, guess what, my man. We have a good time. We have fun. We joke around for half the show. So in order to not get any pushback, we say half a cpe. So how can you take advantage of this amazing opportunity? Very simple. Nightbot, can you do an exclamation point? Oh, I see. Tommy did it. Thank you. Or Temmie. Thank you, Timmy. Go to Cyber Threat brief. Simply Cyber IO. Daniel Lowry. Have you seen this yet? This thing is hotter than a stolen gun. Looks it. Half of CPE for attending today's brief, you slide down right here. You put in your name, like Daniel Lowry. Then you put in his email. I'm not going to put his real email. We're going to say danielxample.com and then you hit check, check. And then at the end of the month, I'm going to send you an email with a certificate all the days you attended. How many CPEs you got? It looks wicked sweet. And. Yeah, and what I ask of you is nothing. Nothing. Like, there's no. There's no cost associated with this. If you want it, come take it. This is what we do here at Simply Cyber. It's all about good times. All right? Every episode, in addition to being all about good times, is also sponsored, right? I don't ask anything of you. I ask things of the stream. The stream sponsors. I hope so. Steve McMichael. Hold on. Hold on one second. Hold on one second. I. I just realized something. I. I Flair wants me to talk about something else today, and I hope. Let's see what happens. Okay, we'll do flare last. Guys. Anti siphon training is disrupting the traditional cyber security training industry by offering high quality. Hold on. Offering high quality training. Oh, speaker. Speaking of training, guys, wait a minute. I got a hot one for you. By the way, this is why you should attend live because these things get kind of out of control wicked fast. Okay, so check this out. You're going to want to attend Cyber Career Hotline, which is at 9am Eastern time today. On Fridays we do a panel, but today, Wade Wells waiting through logs detection engineer extraordinaire and the mustache will be joining the panel. And he's going to be giving. We're going to raffle off a prize and talk about what the prize is. So it's gonna be like, stay tuned for that. If you were looking for a, a little, a little sweetener to keep you around, right, you're like, oh, bump this guy. I'm gonna hang up. Nope, we got prizes coming. Come on down. Prize single. But it's going to be all about good times. So anyways, anti siphon training disrupting the traditional cyber security training industry by offering high quality, cutting edge education to everyone, regardless of financial position. And this coming Wednesday, don't be shy. IT guys, listen to me really quickly. If you have bet, if you have literally said this to yourself in the last month, I really should learn AI. Oh, I really should be doing something with AI. And I could tell you for a fact, I talked to one person earlier this week and I showed her some stuff I was working on and she literally said, oh, I've been meaning to do some AI. I've been meaning to learn these things and I just haven't. Take this as the motivation. Take this as your, your first step, guys. Once you get momentum, it's, it's all hunky dory from there. Come learn threat hunting in the agentic age with Fan Rosso. Are you going to get. If threat hunting was always the most effective approach to improving security posture, it just couldn't scale. My guy, Fain Russow is going to walk you through how agentic AI removes the constraint that limited threat hunting's impact for over a decade and what that means for you to build, design and hunt. So if you want to learn how to hunt, right, if you want to learn how to hunt in the agentic age, if you want a, a case study on how to set up something with AI you've been looking for. Like, for me, I'm a big case study guy, so I needed like an example which I work Through a web app. This is it right here. This is free. This is one hour. Don't be shy. Get in here. I always tell people, just register. And then if you don't use it, fine. Like, anti siphon training doesn't put you on a naughty list. Okay. Oh, my God. Daniel Lowry with the mad dog in the Monster Poor. All right, Anti siphon training. Thank you so much. All right, here we go. Flair. Let's see what happens when we go to Simply Cyber IO Flare. No. Damn it. All right, hold on one second. I asked Steve to help, and I think it didn't work. All right, so check it out. Flare's cyber threat intelligence platform is awesome, and we talk about flare all the time. But did you know Flair has Flare Academy where they do training? That's amazing. And my guy, my guy double shot Illicit network mapping using data pivots to develop illicit connections. Hello, Guys. DNS is the backbone of the Internet. You know this. And if you don't know what DNS is, start there. It associates various pieces of information with domain name. The same domains which criminals around the globe used to conduct their business illegally. DNS is often used as a utility, but did you know threat intel researchers. DNS can be a prime source of forensics artifacts. Come, spend time. This is an absolute free session, guys. You're going to break down the technical components of DNS and show you how investigators can use it to pivot, to track, to trace and disrupt criminal infrastructure. My guy. Listen, if you're an OSIN person, Dennis Keefe, I'm looking at you, dude. You can use this information to help with your OSINT investigations. If you're a digital forensics incident responder differ, you can use this. If you're a SOC analyst, you can use this. If you're a student, you can use this. If you're me, you can use this. I'm gonna sign up. I hope to God my schedule can align. You have to go. I don't even know if this link will be long enough or too short for chat. No, I can't even. Guys, I will share this with you. Frick. I need this link updated. So here's the deal. I just updated here. I'm gonna drop this link in Discord. For those who aren't in Discord, exclamation point. Discord, please. I'm gonna just do this because I. I want you guys to click it because Flair keeps track of the clicks. But more importantly, I. I think that this is going to be a super valuable training. And it's Free here. Flare training I discussed on Daily Cyber Threat Brief. Ooh, scary URL. Okay, cool. All right, so it's in the general over on Discord. Giddy up on that. I will get this link updated. I asked Stephen. Michael and I are like working through. I migrated the Simply Cyber server the other day and the way that redirects are set up, I don't control anymore and I haven't been trained on it. Guys, anti siphon. Finally, Threat Locker. Guys, Threat Locker. The world's leading Zero trust platform application. Deny by default. Yes, sir. I'll take two, but on the endpoint only. What's that do for my cloud systems? Don't worry, Threat Locker's got you covered on the cloud. Yes, sir. Yes, sir. Let's hear from them. And then I'm gonna melt your face with the top cyber news. Let's go. I want to give some love to the Daily Cyber Threat Brief sponsor, Threat Locker. Do zero day exploits and supply chain attacks. Keep you up at night. Worry no more. You can harden your security with Threat Locker. Worldwide companies like JetBlue Trust Threat Locker to secure their data and keep their business operations flying high. Threat Locker takes a deny by default approach to cyber security and provides a full audit of every action allowed or blocked for risk management and compliance. Onboarding and operation is fully supported by their US based Cyber Hero support team. Get a free 30 day trial and learn more about how Threat Locker can help prevent ransomware and Ensure compliance. Visit threatlocker.com Daily Cyber. All right, we're a little behind schedule. Sorry about that, everybody. Do me a favor, sit back, relax. Cool. Sounds hot. News melting your face. Let's go. From the CISO series, it's cybersecurity headlines.

C

These are the cybersecurity headlines for Friday, May 22, 2026. I'm Steve Prentiss. Cisco issues 10.0 rated secure workload Admin flaw warning. Cisco has announced the existence of a vulnerability with a CVSS score of 10.0, which can enable unauthentic attack attackers to gain site admin privileges in its Cisco Secure Workload cluster software in both SaaS and on prem environments. This by sending crafted API requests to vulnerable systems. The CVE numbered vulnerability comes down to weak validation and authentication checks in internal REST API endpoints. This means attackers don't require credentials, user interaction or any significant effort to exploit the bug. Cisco released patches for this critical vulnerability yesterday. Thursday.

A

All right, so Cisco enterprise grade product has, as a. Has a, you know, big old vulnerability. Now, couple things about this. First and foremost, if you are running the Secure Workload product, you definitely should take action on this one. At minimum, investigate whether or not you're exposed. Right? If you're at risk, it's possible that they, they didn't get into the nuance and details, but it's possible that, you know, you may have this product but not be vulnerable to it. Okay, so by the way, again, the, the value proposition here is I, I like to go beyond the headlines. Like you can, you can get this news story in your inbox and be like, okay, like so, like what's the what's. Why listen to me rant for 10 minutes. All right, here's the deal. Sometimes you know, they're not going to go into it in the high level in the headline or subhead, but like maybe it, it require like you have an older version that wasn't even vulnerable to this because you haven't been patching. Sometimes you don't have a certain component enabled that leads to it. Right? So this is like an internal API that does not really check where the request is coming from effectively and allows essentially a unauthenticated request to come in and get processed. Well, if you're not running that, whatever that API is, for example, you may not be vulnerable. So again, you want to make sure that you are at minimum, if you're running this platform. Now, if you are vulnerable, of course, first thing you want to do is patch it. It does have a 10.0 CVSS score. Here at Simply Cyber, we've come around on CVSS scores not being the end all, be all bible value of vulnerabilities. But it is important to note this is a great lesson learned opportunity for all of us. When you see a 10.0 in every instance that I have ever seen. So going back, you know, 45 years, a 10.0 means that it is not just the unauthenticated remote code execution, which is the worst, right? Unauthenticated remote code execution, but the 10.0 indicates that it's actively being exploited in the wild. So just as like a quick rule of thumb, something to keep in the back of your mind, if it's a 9.8, by the way, 10 is the, the highest value that this scoring system goes to. So 10 is the worst. Right? If you see 9.8, 9.8 means unauthenticated remote code execution, typically, which is the worst. But it doesn't mean that it's actively being exploited, yet they bump up that extra 0.2 when it becomes actively exploited. So this right here, I Guess just for me. And my rule of thumb, like, when I see something like say, say I run secure workload in my environment, right? Say, like, you know, whatever, we're a Cisco shop and we run secure workload. I get up in the morning and I have my coffee and I see this. I'm like, oh, Jesus, not good. And then I, when I read through the story, I'm like, okay, rce unauthentic. Oh, crap. 10 oh. So now when I see 10o now I immediately, like, elevate my urgency, right? So now I want to figure out what exactly is vulnerable, which versions make the. What's the remediation. Many instances it's patch it, but sometimes the patch isn't available and there's like, workarounds which are just temporary band aids until the patch can be developed. And what are indicators of compromise? I'll fire off an email, in this case to the application owner for secure workloads. It could be the network admin and say, hey, guy, we got to get this sorted out. This is pretty bad. And then I go to the sock again. I'm speaking from like a CISO perspective. I go to the SOC team or, you know, the IR people or whatever, and I say, hey, listen, y', all throw these IOCs in the SIM. We. We're vulnerable to this until further notice, and I want to make sure that we didn't get compromised in the interim. That's it. That's the work. Okay. I do, I do want to say internal rust APIs, you would think that they're safe because they're internal, but clearly there's some way to get in there. It does require a malformed packet. Network packets we don't typically. Like when you, like when I went to this website right here, I sent network packets right to the web server and pulled them back, right? So you can't really manipulate network packets using like Chrome browser or whatever. You have to go in like, and use something like Burp Suite or Zap or, or, you know, roll your own and be able to like, manipulate the actual packets before they're sent out on the wire. If you want a classic example, classic look up Ping of Death. Ping of Death is a denial of service attack from like the early 90s that no longer works because obviously we. We've put protections in. But I think it did work on Windows 95. Someone getting the way back, which someone warm up the DeLorean. I'm going back to Windows 95. But ping of Death required a malformed ping packet. And you could Brick all the machines. So, anyways, Cisco, thanks for letting us know. Everybody go patch your stuff.

C

Spammers abuse internal Microsoft Online account. A loophole in an internal Microsoft system has been allowing the distribution of spam emails from an email address typically used for sending legitimate account alerts. Scammers have been able to set up new Microsoft accounts as if they were new customers and use that access to send out emails purportedly from the tech giant itself. The emails are sent from msonline servicesteamicrosoftonline.com which is an email account that Microsoft uses to send important notifications to users, such as two factor authentication codes and other critical alerts about their online account. When contacted by TechCrunch earlier this week, a Microsoft spokesperson acknowledged the inquiry, but did not comment or say if the company had stopped the abuse of this notification email. Google's all right.

A

I don't even fully understand how they're able to do this. This has been so on its surface. Let me break down a couple things. Number one, obviously, I, I always say obviously. I want to stop saying obviously because it's not obvious. That's why I'm explaining it. Like, I, like, start someone. I need to start being held accountable. I don't want to say obviously anymore. Okay? First off, phishing is the number one attack vector. It has been for years. It works. It gets in people's inboxes. It's attacking my Aunt Dorothea and the Carls of the world. Okay. And it'll continue until further notice. Number two, there has been an increase in activity in abusing Microsoft specifically because threat actors have been able to set up a tenant and then, you know, basically fire off emails that are essentially tenant to tenant. So they're internal to Azure, so they don't really go necessarily through external routing, which I, again, doesn't make entirely a lot of sense because it should have to. But they've been doing this. But. But at the end of the day, what the threat actors are trying to do is the following things. One, they're trying to establish trust and authority, lowering the guard of the victim. And two, they will typically try to create some sense of urgency either through a reward, like a candy. Right? So tickets to the Masters, tickets to World Cup. Next person who chimes in gets, you know, the boss's extra tickets to whatever that they can't go to, or urgency through scariness. Oh, hey, like, your account's about to be deleted. Hey, like, did you approve this? You know, I. Did you authorize this $4,000, you know, vacation package purchase on your credit card, whatever it is. All right, so those, everybody knows that those are the kind of the standard mechanisms. This right here is them leaning into the trust and authority. Because what they're able to do is send the email from Ms. Online Services, Steam, Microsoft online.com which apparently is the same account that Microsoft uses for official communications. Now, I do want to point out something. We have been able to do this forever. You can spoof an email address. Spoofing means to put a fraudulent phone number, fraudulent email, fraudulent whatever in place. So it appears to be legit. We've been able to do that for years. But in this instance, it's somehow coming from that email, which is not spoofing. It's legit. Which. Why would we do this? Because the threat actors know that we have trained our end users. We've told Carl, hey, don't trust something from flimflang, ck or boozy watch it.in or whatever. But Microsoft online.com is okay, google.com is okay, etc. And it's, it's not good. Right? So this one, it says that you have a private message waiting for you, verify your account, email. So you're going to go in and give your creds up, maybe give up a session token, and then you're, you're punched in the grill. Honestly, guys, this is a tough one. We can't really educate our end users. I feel like, I feel like many of us in chat. Kimberly. Space tacos, by the way. Space tacos. I hope you get that promotion. I saw. You know, I, I, James and Quiggan covered the show yesterday, but I did go back and watch it. And I saw that you announced that you're up for auditor two, and I wanted to make sure that. I said I hope you, I hope you get it. Okay, this one, this is a great example of why, yes, we have protection controls, but we need to do detection controls. Don't sleep on the detection phase of your cyber security framework, y'. All. Mfa. Okay. Multifactor authentication detection. Conditional access. Right. So if I, you know, if Carl falls for this email, which I'm not even gonna hate on Carl for falling, falling for this email, man. If Carl falls for it, threat actor gets password, but they don't get the MFA tokens. Threat actor is more sophisticated and they get creds and token, well, then conditional access. They're not allowed to log in from Cambodia. Right? So you got to have defense in depth and honestly make sure that you're finally make sure your end users are really comfortable and don't feel, you know, the scarlet letter of calling help desk to admit a mistake. That's another thing, guys like when, when an end user. This is end user psychology. If you guys didn't know, and if you do know, then you're going to be like, preach. End users, like, when they fall for something, they may not even realize that they fell for a fish here, right? But they're probably going to realize it because when they log in and don't have a private message waiting for them, they're going to be like, what the hell? You need to enable or normalize. Calling help desk and saying something fishy happened. A lot of end users will feel like they made a mistake and they don't. It's like a. Honestly, it's. I hate to. I'm going to do this. It's not exactly fair to end users, but I'm going to analogize. I'm going to compare them to children. Okay? If you have kids and you like your kids upstairs and they break the curtains, right? Or they accidentally throw a ball and it breaks a vase or a window or TV or. Or they stick a Lego in the electric socket, whatever it is, the kid knows that they screwed up. The kid isn't gonna come downstairs and be like, hey, Dad, I just totally busted our tv. No, they're gonna be like, oh, Jesus, like, hide. Put a blanket over it. Put, move, move a box of toys in front of the outlet. Make the problem disappear. To basically delay the punishment that. That's associated with that action. We have to normalize it for end users that they're not going to be punished. They need to feel comfortable. They need to feel safe to report that something messed up happened. Because they are almost always the first line of defense when it comes to stuff like this, because they are going to see it and be able to take immediate action. Yes, we, we have detections that fire off. But if you've worked in a sock for more than 15 seconds, it's not just like a bunch of people sitting around drinking coffee and then one alert fires off like it's a freaking cartoon for Justice League. And it's like, oh, we gotta, we gotta react to this. No, it's like, alert, alert, alert, alert. Like danger, Will Robinson. Okay? So the end user is gonna queue up. Key us off on that. So, you know, this, this thing sucks. Microsoft's got to take care of it. But for the greater good here and the end users extraordinaire, normalize them. Telling you, this is why I do my awareness training in in person or I put my face in the emails because I want them to see a human on the other end, not just some faceless infosec office that brings the hammer down on people. All right, thank you for coming to my TED Talk.

C

Sees surge in Chrome Vulnerability announcements A comparison of Chrome security advisories published by Google shows quite an increase from 16 for the CHR update released on April 15, to 21 for the update issued on April 28, and then 100 in the advisory published on May 5. More than 70 of these vulnerabilities patched were found internally by the tech company. Google has not clarified if the surge correlates to any use of AI, but they would be joining many other organizations, such as Mozilla, that have also reported surges in vulnerability discovery thanks to the use of internal or third party tools, including Claude's Mythos.

A

All right, not gonna lie, I didn't listen to most of that. I'm getting the panel. The panel stood up. Looks like we're have a full panel today. Looks like we've got Wade and Kathy and James and Robert potentially. All right, so Google Surge Chrome volumes Discover is likely driven by AI. Hello. I'm not even gonna, I'm not even gonna spend a lot of time on this one. Oh, by the way, really quickly we have a, the, the only thing that could interrupt the show. And James in mod chat. I appreciate you putting that. Grab a screenshot next time. It's if you can. It's helpful because I want to be able to see it. Listen, printer device. I hope that's your exact name. Printer. Yes, yes, Printer device is back after a long time and got a job working in IT Support desk. Hello, My man. Hell yeah, dude. Printer device just dropping, dropping the people's elbow on jobs. Nice. Nicely done, dude. Nicely done. Okay, Google searching Chrome Vaughns discovers driven by AI guys, like, I've already got my 2026 sticker built, so it's, it's not gonna happen. But I gotta tell you, get ready for the, for the, you know, vulnerable AI vulnerability bug bounty vuln discovery apocalypse. We got to come up with a better name for it. But my guy, I'm telling you, like I'm gonna die on this hill. The last 20, 20, 25 years, 30 years of software is riddled with vulnerabilities that humans didn't discover because they were complicated. AI says hold my beers. At which point I, I Jesse. At which point I unzipped the backpack and just put the beer in the backpack. So this is no surprise, guys. Now More than ever. Oh, perfect. Thank you, Ben. Okay, so Printer Device has been busy IRL getting this work done and definitely a step on his way to get a job in cyber. Hell, yeah. Printer device, you're 100, right? That role will get you into. It's definitely a great stepping stone into cyber. Super pumped for you. And by the way, Printer Device, if I may be so bold as to offer some guidance. Absolutely crush that job. Like, exceed expectations. Crush it. And make people aware that you're on the path to cyber. The cyber people at that org, they're going to smell what you're cooking and it could lead to a lateral movement at some point after you've put in your time. All right, 200 vulnerabilities patched. Guys, here's the deal. You got to patch it. Ah, you got to patch it. Oh, hey, it's Google Chrome. Ah, you got to patch it. It's Apple iOS. Ah, you got to patch it. It's Linux distro from 1994. Ah, you got a. Patrick, I'm telling you guys, like, get your umbrella because it's going to be raining vulnerabilities and the outlook is not good. It's gonna. It's dark and stormy on the horizon. You're picking up what I'm putting down. Let's keep going.

C

Police seize first VPN service used in cyber attacks. The takedown was the result of a joint international law enforcement operation led by French and Dutch authorities and which was the result of an investigation that started in 2021. The forces seized dozens of first VPN servers located in 27 countries, arrested the administrator, and conducted a house search in Ukraine. The VPN service had been advertised on various cybercrime forums as a privacy focused VPN that does not log user data and ignores law enforcement requests for user information. End quote.

A

All right. Hey, for those who are listening on audio only because this show is rebroadcast on Spotify and Apple podcasts, in case you prefer the old audio version. You won't be able to fully appreciate this, but this is a picture of a. Looks like a dispatcher at a police office in Europe somewhere. I'm not gonna lie, looking at this picture, I immediately thought she was like an F1 pit crew member. Doesn't this look like someone who's like, on the new, like the new Cadillac Team F1 pit crew. Like she. She's the one who does like the back right tire kind of thing? That's what that outfit looks like. Okay, police coming in hot. Regulators. Yeah, you know what? F around and find out. I love that law enforcement isn't just going after the threat actors themselves, but going after the tertiary and adjacent cyber threat actor vendors, essentially, who are offering services that threat actors then weaponize in order to achieve their illicit crimes. First, vpn. Oh, we're just a VPN service. We're not committing crime. Busted. No, you're enabling crime and probably well aware of it. Okay, so ransomware, threat actors, all on top of it. Law enforcement requests for user information was ignored. Not sure if you can do that. According to Europole, the name of the service came up in almost every major cybercrime investigation the agency supported. They have been shut down. Hell, yeah. You know what? Good luck achieving your criminal goals. Threat actors when you don't have VPN server. What? They made a video. Way to go, dude. AI love this, dude. I love this. Bleeping computer made a cartoon about this Europol takedown, like, from the office of nobody asked for this, but I'm here for it. Way to go, bleeping computer. This is like Lawrence Abrams, bro. My kids would watch this. I could. I could. I could trick my kids into learning about cybercrime not to. To execute it, but to educate them, right? This isn't flaming donkeys, like, oh, my favorite cartoon. But anyways. All right, let's see what they got. 33 servers took down the domain names. 1vpns.com.net, or guess. Yes, yes. Key infrastructure, whatever the hell that means. They're questioning Ukrainian suspects. Okay. I love how bullet lists, dude. I love how bullet lists, like, whoever wrote this article was, like, committed to doing five bullets. So, like, when they get near the bottom, like, it's like the very less juicy bullets, like, identified and questioned a Ukrainian suspect. Like, okay, okay. Notification issued to identified users on the platform. I think that just means the splash page, right? So that this is what that means. Okay? Like, whenever. By the way, whenever law enforcement takes down websites like this, they'll typically redirect the landing page because they own the. Don't. They got the domains and the infrastructure to a one of these splash pages. That basically scares the crap out of any legitimate criminal who's trying to use this service, right? I. My butt would pucker if I was, like, committing crime and I showed up for work and this was like, on the front door of the building, I'd be like, I'm gonna go keep on walking down the street to Starbucks here. Or what's the place in Canada that's like Starbucks or Dunkin Donuts, like Tom Laven's or Tom Landry's or Tom something. Hold on. Coffee in Canada? What is that place called? Tom Hardy's Tim Hortons. What a dork I am. By the way, quick shout out. I cannot stand the Montreal Canadiens, but they absolutely. That was a match last night.

C

Huge thanks to our sponsor, Threat Locker. Threat Locker is extending Zero Trust beyond Endpoint control with their recent release of Zero Trust network access and Zero Trust cloud access. Access isn't based on credentials alone. It requires the right user, the right device and the right conditions. Because as we have seen in recent large scale CRM breaches, stolen credentials and misconfigurations can expose massive amounts of data. With Threat Locker, nothing is exposed and access is limited to exist. Exactly what is needed. Learn more and start your free trial today@threatlocker.com CISO

A

I love that, like, all the Canadians in chat, like out outed themselves, like, oh my God, this guy with the Tim Hortons. I love it. All right. Hey, you know what? It's Friday. We're feeling ourselves. Let's do it. All right, guys. Hey, shout out. We're crushing Simply Cyber's daily cyber threat brief. I tell you, I was dragging my butt like a dog in the backyard at the beginning of the show. The coffee's flowing, the energy you guys are bringing has got me up and running. I am flying high. Let's go. All right, guys, thanks, Threat Locker, anti siphon and flare for enabling me to live the dream. Guys, I'm not even gonna sugarcoat it. Like, my job is awesome. I love doing this. I love hanging out with you. I love talking cyber. Oh, it's so cool. And every single day of the week, we get to do something fun. And Fridays is none other than James McQuiggin dad joke of the week. Now, James McQuicken at 38, 35, 000ft is typically sitting in C3B, but yesterday he was in the A hole chair. Not so. When there's two hosts, it's A hole and B hole. Yeah, you see what I did there? But he took on the daily Cyber Threat brief yesterday. Besides Marcus Kyler, everybody's got to understand this is not an easy show to execute. I watched James do it. Nailed it. You guys were super awesome. As a supportive community. Thank you very much. I hope you enjoyed the show. He also did Cyber career hotline afterwards. But on Fridays, he's got a special niche where he brings us dad jokes. So allow me. I don't read these in advance either, so you're going to get my reactions too. All right? I do not have worms. All right, here we go. Check it out. Okay, so these are May focused dad jokes. Okay? May focus dad jokes. It is May 22, and I'm gonna stop the music now just because I have to go and cut this part out because of the song. But I don't want James McQuiggin jokes to not be seen by the Replay crew. Here we go. What does May put on its pancakes? Oh, my God. Okay. Hey, you Canadians should like this one. What does May put on its pancakes? May pull syrup. All right, what is it? When we have rain, it may snow. It may be 70 degrees or it may be 20 degrees. Guys, this. This is a pretty obscure weather term, but if you know, you know there's a lot of people who are super like weather nerds, right? There's a whole community around weather nerds. You guys probably know this one. If you may have rain, may have snow, it may be 70 degrees or it may be 20 degrees. It's actually called mayhem. Mayhem. All right, how do you catch a hacker? Okay, all right, how do you guys. Many of us have worked in cyber security for a very long time. How do you catch a hacker? It's actually quite easy. We over complicated, so we can have job security. But if you want to catch a hacker, get yourself a botnet. Oh, all right. Thank you. If you have a problem with that joke, please take it up with James McCriken. Address all letters to James at simplycyber IO. LOL. Great job, James. Thank you so very much. Guys, for the sake of the story, let's hop to the LA la's. Let it just wash over you. It's Friday, guys. We worked our app, we worked our butt off this week and we earned this. La la la. Let it wash over you in an awesome way.

B

La.

A

It just hits different, right? All right, guys, let's finish strong. We got a lot of programming still to go.

C

Chinese hackers target telcos with new Linux and Windows malware. Two newly discovered applications, a Linux malware called Showboat and a Windows malware called JFM BackDoor, have been active since at least mid-2022 and are targeting organizations across the Asia Pacific and parts of the Middle East. It has been attributed to the Calypso threat group, also tracked as Red Lamassu. The malware can upload or download files, hide its own process and establish persistence via a new service. Researchers at Lumen's Black Lotus Labs conclude that the tooling is likely shared across multiple China aligned threat groups, each targeting different regions and using the same malware. Ecosystem end quotes, Discord.

A

All right, okay, so a bunch of things. Number one, okay, so two pieces of malware designed for espionage, developed by China. Okay, so China. China does a lot like. Come on. United States, China, Russia, Israel. Like, we're all, like, first world powers with, like, very advanced cyber capabilities. Okay, so this isn't xenophobia. I always say that. But China, they're. They're like. If you're drafting a team, do you guys remember an old Nintendo hockey. And I know you youngs probably learned about this in history class, but there was a video game, like, in the early 90s called hockey or Ice Hockey. Okay, I'm pulling it up on stream right now. And essentially, you could do. When you got to build your little team, right? Let me see if I can show you this. You got to build your little team. And of course, the screenshot doesn't show it. You basically could get three guys. You could get a really thin guy, you could get a middle guy, and you could get a big, heavy guy. And the thin guy was wicked fast, but super brittle. Like, if he got hit, he just bounced off the wall. The heavy guy was super slow, but you couldn't move him off his skates. Okay, okay.

D

Code brew.

A

We're not. Blades of Steel was good, but that's. Come on. All right, so when you're building your team, what you. You might be like, why are we talking about ice hockey, Jerry? Because China is, like, associated with espionage. If you're drafting a team and, like, you want, like, strength, you would. You would draft the big, heavy guys in ice hockey. If your goal is espionage, you go for China. You want disinformation, you get Russia, right? So to see, like, espionage totally makes sense. Now. They're constantly developing their tech. The point about this one is they have these two pieces of malware. One's called Showboat, which was clearly not named by them, and the other one is whatever, jfk, Backdoor or something like that. Here's the deal. First and foremost, yes, they're advanced pieces of malware. Yes, they can do, you know, X fill. They can take C2 direction. They can hide in on your endpoints and stuff. But the important thing to note here is your machine's already compromised, right? So when you see these stories, don't be like, oh, my God, China's developed, you know, the secret weapon, whatever they want. Like, dude, this means your machine's already pwned, and now they're putting advanced malware on it to do the things. All right, so why do I bring this up because as a card carrying GRC Mafia dork, if we stop the initial infection, if we educate our end users from not falling for fishes, if we don't let people plug in USB drives that they found in the parking lot that says nudes on it, then China's advanced malware can sit on their research stations and their developer endpoints because it's not getting in our environment. Okay, now, I mean, if you want to get into the nuance. Oh, I mean, whatever. This isn't. I mean this isn't as hot as it could be. I mean, whatever. Okay, so let's look at this one. Okay, so first of all, first of all, I would like to point out that I assume that we're starting over here on the left. This. Listen, infograph 101. You're going to show me an attack kill chain infograph. Show me where I'm supposed to start. I think I'm supposed to start over here with this batch file. But this batch file, which is basically like a little script on a Windows box, executes and well, I guess the batch file executes this FTMC exe executable. Okay, right away, right away, guys. How is this one bat file on my endpoint? Someone brought it there. Microsoft Windows didn't come installed by default with one bat on my workstation. So this whole thing, I denounce you, story. I denounce you infograph. Show me how initial infection happened. Right? I don't want to talk about threat. Locker would have stopped this. Thank you. Here's my thing. Like, yes, this is super cool. And yes, you're you, you are. You are sexy showboat malware. You are. You've got it going on. Okay? You are going downtown on Friday night. You're looking hot. Okay?

D

That Hansel's so hot right now.

A

But my thing is none of this happens if initial infection doesn't occur. So like cute story, bro. Like I'm getting back to my magic game over here. Okay. Like come, come at me when you got some initial infection situations. Of course, all the initial infection techniques are probably there, but we're not getting those. So I can't really help you. Help yourself. Looking at this really quickly, you could see here they're looking at in memory, by the way, you're not going to get this level of unless. Unless disassemblers have gotten much better. You're not going to get like this, this level of like clarity. Disassembling a binary. This looks like C, right? This is like C source code. So I don't know if they pulled C source code from somewhere or whatever. Anyways, in addition to all these things it is using, it looks like it's used. I don't know if you pastebin at your firewall. I don't know why anybody would be going to pastebin. All right.

C

Adds end to end encryption to voice and video calls by default without any major announcement. Discord started using its Dave encryption protocol that is D A V E designed to support voice and video calls on PCs, phones, consoles and browsers with minimal latency. This goes in stark contrast to Meta, which removed its end to end encryption from Instagram's direct messaging feature, as well as TikTok that confirmed it would not be adding end to end encryption to direct messages. Monday's change simply makes encryption the default for everyone, with the exception of its stage channels, which which are designed for broadcast style communication.

A

Okay, can I get an Oprah? I'm going to do it myself, right? Because I'm. I'm also a community member. Oprah emotes, please. You get end to end encryption. You get end to end encryption. Listen, Apple to Apple's had IT signals. Got it. Discord now has it, I guess, for voice calls, video calls. Okay, like, I appreciate this. Let's get some privacy in here. Aside from that idiot Air Force guy who was like 19 or whatever that somehow had access to classified information and dumped it in a Discord server in order to prove to his friends that he did actually have access to classified information. Besides that fool, I don't know anyone. That's like doing sensitive business on Discord. Okay, again, I, I'm not saying, oh, like, you don't need privacy. What do you got to hide? Like, I'm all for it. Like, way to go, Discord. Like, thanks for. I feel like Discord's offering a service that no one was asking for. Again, I don't know. I only can base it on my own experiences. Am I happy? Sure. Here's the thing. This is not going to introduce any burden to us. It's not like, okay, it's end to end encryption now, but voice chats only last 10 minutes and then, then the connection expires. Or you have to download a pk. You have to download a secure certificate and install it on your workstation in order to have voice calls now. Like, no, there's zero impact to the end user and you get additional security. So I'm here for it. My only thing is, like, why? Like, okay, let's go. Like, but I'm not running a business through Well, I guess I do send communications through discord for simply cyber business, but like, I don't know, sensitive stuff, I'm not sending this way. So whatever, I'll take it. Everybody gets it. I, I love it, dude. Let's, let's encrypt all the communications.

C

UK Cybercrime law reform would protect almost no one, says experts.

A

Okay, thank you.

C

According to recorded future news, quote, the British government's plans to overhaul the country's main cybercrime law would offer such narrow legal protections that most security researchers would be left in the same position as today, end quote. As we reported last week, plans to amend the Computer Misuse act of 1990 were announced in the King's Speech with the goal of modernizing cybersecurity law. The updated law was intended to, quote, protect researchers from conviction in court as long as they meet certain safeguards, end quote. But sources say those safeguards are extremely limited to cases where researchers are being prosecuted for scanning Internet facing systems. A link to the full breakdown of the proposed law is available in the show Notes to this episode.

A

Okay, I mean like I'm not gonna, normally I would just make fun of, you know, these Brits, these limes, these. Whatever gentlemen, I don't know, but some dude, like legislation, regulation that can affect large groups of people, large populations. It's not easy, right? Like I know people just want to be like, oh, like whatever, set the legal drinking age to 21. Done, right? Like, like, yeah, like something crude like that for sure. But when you're putting out regulation that can impact many people, you've got to give considerations to rural communities, people with disabilities, expats. Like there's, there's like all sorts of like demographics. Like honestly in the, in reality, dude, whenever you're dealing with anything, whether it's UK privacy legislation or anything else, 80% of the population, whatever it is, it's going to fit like whatever you're thinking. But there's always another 20% that is got to be given consideration for like this happens with like vulnerability management, right? Oh, patch the things. Sure, no problem. 80% of the workstations are simple basic Windows machines. Fine. It's the other 20% that's like a specialized phlebotomist machine or a specialized, you know, oil pump or something. Or it's an old Windows XP machine that the patches aren't even going to work. Or it's a Linux machine, right? It's a sales engineer who never connects back to the mothership because he's always flying next to James McQuigan right. It's the 20% where the work happens. Okay. So anyways, all of that is to explain like why this may have happened. Okay. This cybercrime law is very similar to the 1986 Computer Fraud and Abuse act in the United States. I've said this on the channel before. The UK is trying to speedrun the United States. Like cyber crime, you know, industrial base, if you will. Like they've built a group that's like sisa. They're reviewing their laws and kind of updating them to be more effective in modern, you know, 2026 where we have vulnerability disclosure and bug bounties and stuff like that. They're going to restrict statutory defense to case. Researchers are being prosecuted for scanning Internet facing systems. Yeah, exactly. Dude. People in our industry use Shodan all the time. Go to Shodan IO Shodan IO. Hold on, let me show you this Shodan IO. If you don't know about Shone IO, I'm super pumped that I got to introduce you to it. This is a tool used by many cyber professionals. Almost every single cyber professional ever in their career has you shown at one point for something. But many of us use it all time. They even have a monitor capability. You can stand up. Shodan scans the Internet every day. Right? That. That according to the UK is illegal. Right? I don't want Shodan get arrested for doing this. It's a service, so they're updating it. That's all there is to it. Let's end on a great story. Get ready. This one is. You want to talk about hot that

C

Hansel so hot right now over Flipper 0. Flipper 1 is in town. The Flipper 1 is an open Linux pocket computer from Flipper Devices, the makers of the infamous Flipper Zero multi tool device. It is essentially a tiny Linux computer designed for cybersecurity research, electronics experimentation, networking and hardware tinkering. Whereas the Flipper Zero was built around a microcontroller, the Flipper One reportedly uses a much stronger rock chip processor plus a secondary Raspberry PI style RP2040 chip for lower level hardware handling and will likely be of greatest interest to cybersecurity professionals who want a portable toolkit, as well as electronics hobbyists and Linux enthusiasts.

A

My guy from the office of Take my Money comes the Flipper One. I wish they didn't call it Flipper One. I get why they're doing it because it's the same group that did this. But this isn't like an upgrade on Flipper Zero. This is a completely different animal. The Flipper Zero is like essentially like in all things wireless, NFC, RFID, Wi Fi, 802.11. Like, like all the things infrared. They're all there. The Flipper one. This is more of a portable soup. Not super computer, but like portable Linux machine. I'm gonna get one. I have no need for it. This is how awesome this thing is. This is how hot this thing is. I have no need for this. And I literally can't wait to get one. I don't know, like, oh, and by the way, it's so hot. Like, look at this. Like, this color scheme. Black on orange. This is my. Oh, dude. I'm not even a huge fan of Halloween and as a holiday. And this thing is like, oh, my God. How is it possible that it's a still image picture and this thing looks like it's moving 100 miles an hour? Jesus. I don't even have a hot take on this. Get out of my way. I'm first. I'm first. I'll push a kid out of the way to get to the front of the line on this one. Hell yeah. Pocket Linux computer, dude. By the way, can I just point out there is a massive, massive community. James, what are you up to, dude? James. A quick and just dropping in, jumping out, jumping out, jumping in, jumping in, jumping out. There's a huge hobbyist community around the Flipper Zero and I guarantee you there's going to be one around the Flipper One. There are so many. It's open source. It's good times. I feel like the 90s had tons of this. We're getting back to our roots, people, and you youngs can actually vibe on a 90s thing. Super cool. Giddy up. I know. I'm just messing with you, James. All right, guys, we did it. We did the thing. Let's do this. I'm so excited. Oh, I'm so excited. Maybe I'll buy a couple Flipper ones and raffle them off. I gotta figure out when to do it. Maybe it's simply Cybercon. Oh, yeah. Reason to come to Simply CyberCon number 600. Wait, hold on. Actually, you know what? The rare. The rare non infographic. But all but hot. Hot saxophones foreign. I'm just kidding. I'm just kidding. But really, I'm just gonna end the show now. Me and this Flipper one Gotta go have a conversation, guys. This is in Simply Cyber's daily Cyber Threat Breed podcast. I hope you enjoyed the crap out of it. I certainly did. What a way to start my Friday Going into a long weekend, no episode on Monday, it is Memorial Day. We take a couple days off here in Simply Cyber. Daily Cyber Threat Brief. And Memorial Day is one of those. Don't go anywhere because we got a hot panel full of cyber pros who are going to be bringing the heat to you on Cyber Career Hotline. Phone lines are open. Do me a favor. Get your questions ready. Hang out. Let's have some fun. I'm Jerry from Simply Cyber. Till next time, stay secure. I'm Dr. Gerald Osher. This is the Cyber Career Hotline. If you're building a career in cybersecurity, this show is for you. Let's get into it. All right, what's up, everybody? Welcome to Cyber Career Hotline. I am your host, Jerry Guy. Coming hot off the heels from the Daily Cyber Threat brief, hosted by that Zero, Dr. Gerald Ozer. By the way, I am super excited. I want to share my 2026 stick with you guys. After I introduce the panel. Cyber Career Hotline is an AMA show. Ask me anything. You bring questions, we bring answers. I can't mentor one on one, but I can bring the heat with a panel on Fridays to answer all your questions. Here we go. We've got a full panel today. This is going to be a good one. Ladies and gentlemen. Let me run down first off, executive hacker, tinker, magic player, good guy, Robert Wetstein. How you doing, Robert?

D

What's up, Jerry?

A

Love to see you. Let's get some more magic players in. He likes to run. Krenko. He's got a mustache and he's a trainer. Ladies and gentlemen, detection engineer Wade Wells.

E

The mustache is always key. I'm glad. I'm glad that was up front and personal.

A

I love it. Of course, we know him from the jokes of the week, but he was the host yesterday. Ladies and gentlemen, James McQuiggin. At 35, 000ft, you are on

D

James on mute. It's like a. It's a staple now.

A

He has audio issues. I. I'm tainted. I've tainted him. And finally, while James gets sorted out, we've got a special guest on the Daily Cyber Threat Brief. You know her from Authentically Cyber. She's my friend and yours. Ladies and gentlemen, Kathy Chambers has joined the chat. Kathy, are you wearing a Simply Cyber shirt?

B

I am. Of course, of course, of course.

D

Happy crushing her first talk at B sides also.

B

Oh, thank you. Thank you.

A

Crushing it. Yeah, I love it. So can I say something?

B

I gotta say something real quick because Wade Wells is on here. Hi, Wade.

A

Hey.

B

So I The talk real quick. I remember when Wade said that he was a keynote, and then he had to, like, wait all weekend or all day or something. And that's, like, all you thought about?

D

That's it.

B

So my Talk was at 10am and it was the first one, and then I immediately thought about you, Wade. I was like, oh, man, it's the first one. So I won't have to do what Wade did and have to wait and just, like, let it. Let it ruin my whole day.

E

Yeah, that was. My whole con was gone.

A

It's the one you're wearing the shirt for because we keynoted that one together.

D

Yeah.

E

Is it the. Yeah, it is. This shirt. I think it is.

A

Yeah.

E

Yeah. I just threw this shirt on. It's really early here. If I disappear, it's because my son woke up, but.

A

Well, okay, no problem. Wade, can you drop a link to the actual training? We're going to be raffling off something today. Wade Wells has donated a prize to the chat, so I'm gonna get that stood up right now. I'm just getting Nightbot logged in so I can do the giveaway thing. Do me a favor, everybody, if you want to enter the raffle, I know you don't even know what the prize is yet, but let me do this. Wait. Oh, wait, hold on.

B

Dude, people love free stuff.

A

I know.

D

I don't even know what it is.

E

Yeah, it's not. It's not something cheap either, right? It's. It's. It's.

A

So in order to enter the prize, you need to enter the word Wade. W, A D E. Wade is the keyword to enter to win the prize, which we will be. Hold on. Type Wade to enter prize. And we'll. We'll do it, like, before Wade leaves. If it's.

E

It's okay if I'm Go. I. I'm not. I'm not, too. I wouldn't be upset. I thought you were just gonna give it away during regular streams. And luckily, I, like, rolled over in bed, and I was like, oh, no, Jerry's. Jerry's probably gonna get on and give it away today. And then I looked at my messages and saw you message me. I'm like, oh, I gotta get up.

A

I love it. All right, so the people are entering. I should have. I should have queued up a couple questions first before getting this torrent of Wade entries. A first question for Chad. I'm going to ask Kathy. Kathy, you know, I've been a huge advocate of getting people to speak at conferences, speak professionally, because I Think it adds massive value. Give us one inspiring thing to inspire others to give their first talk. And one lesson learned, if you would, from doing your first talk at Bsides Tampa.

B

Inspiring thing. I know that we always say, we tell people that it will pay off. It will pay off. I saw those results immediately. I had 20 new connections immediately after the talk. And then I also had a lot of Messages in my LinkedIn inbox. Whether it was like thanking me for the talk or just introducing themselves, I got invited to speak somewhere else afterwards. And so I thought that that was really cool. And so, yeah, it immediately pays off. So inspiration, motivation. I think that that's it. One lesson I learned is, and this is like a technical thing, you know, I did put bullet points for my notes, but I think I could have done a better job, made them a little clearer. But for my first time it was okay. I will tell you that having the Simply Cyber Community there, I thought that that was going to make me nervous, but it actually calmed me. Yeah, it was actually like calming and having them there and being able to see them in the crowd was actually helpful. I thought it was going to make me nervous, but it didn't. It was awesome having them all there. There were like 10 at least staring back at me. So I was happy to have them.

A

That's so cool. Thank you. Simply Cyber Community. That's phenomenal. I love it.

B

Yeah.

A

Just so everybody knows what you're playing for. If you want to enter the chat, enter Wade. Wade is giving away. This is a $575 prize. Jesus, Wade, you are a man who gives. Listen, Wade Wells is doing Cyber Threat intelligence. It's a two day train. This guy. Wait, how many years of experience do you have?

E

More than 10 now.

A

So more than a decade of experience learning from a senior professional on threat intelligence detection engineer Wade Wells, he's doing the threat hunting summit again. It's a $575 value. If you want information on this, it's right here. We are going to raffle this off if you want to enter here. I just pinned it to the chat, so if you want to check it out, check it out. But if you want to enter, go ahead and put Wade in chat. Wade, you could tell your wife that Chat was chanting your name today.

E

Do you know she actually watches a lot of the videos that I'm in to see if I mention her.

B

And

E

like that's awesome. She also. So my webcam recently broke, the one I'm using right now. Like the screw broke and she gave me a Blank check to go get a new camera set up. So today I have like a Sony DSLR coming and to hook up,

F

she'll

A

enjoy it as well. Question coming in for the chat, Robert, what are you doing for AI security at your job?

D

Oh God, so much. A lot of things people aren't thinking about are just your token cost and ensuring that some very basic things like a new kind of DDoS attack is to just hit your chat bots with even more complex questions to burn through tokens. And we're starting to hear some companies getting hit that. So I'm setting up very clear guide rails for where my AI can talk to, what it can do and also token and cash limitations on a single thread so like a single user can't overload my chatbot and kind of waste a bunch of money. And then role based access controls, making sure that those are really tight and in place and ensuring that there's no public date or non public data that's within your learning or if you're using something like ChatGPT, making sure that the data you give it is very restricted. Then we also built an AI complete policy framework and guidelines. I helped build that for my company and yeah, that's, that's about all we're doing. It's, it's everywhere and a lot of people are going all in on it. But I think my company specifically is being a little more strategic and not like add AI to everything, which has been nice.

A

Yeah, I've heard some instances and I don't know how like I run a small business so it's, I don't have the perspective on this but I'm hearing a lot of organizations are getting kind of, you know, basically anthropics enterprise licensing, which means, you know, 3,000 people now have access to Claude. I'm not sure how they're possibly managing that, that burn rate with the tokens and stuff. Wait, do you have any visibility into that?

E

I have all the logs for that.

B

I have all the visibility.

E

I have all the visibility. I have had to. I have to make announcements on based on the visibility I have. I have so much that visibility. We monitor everything, anything and everything with it, which is we actually have to reevaluate how we're pointing some of the logs because there's that many logs coming coming in. We have different AI platforms for different things. So we have one just for like the every, every everyday user. Then we have special AI tools just for developers that can use. And when I'm talking about this, this is more of like enterprise use, not baking it into our systems. Yeah, right. The detection response team that I'm on has actually utilized it heavily. Like, we've adopted it so much to. So when I talk to other people about us adopting it, I'm a little scared of how cutting edge we are with it. A lot of the times, it's. We have everything completely customized to our environment, so we've built like. Like, AI profiles of everything we wanted to do. And we have it. Like, I'm trying. Like, we have. It will. It'll read a threat intel report. We have a threat intel report AI bot that our intel analyst runs, who then passes us ideas for detections, who then passes it to a detection bot. Detection bot will actually create detections query, break it down, go further, further. Send it to a testing bot that will run the attack. That will then, if it passes, all these lines will go into a pr, and then the detection engineers go and look at it and approve it later.

A

Wow. Okay. Well, there you go. That's. That's one way to take it from zero to a thousand. Wow. I love that. Way to go, Wade.

E

It's not. It's. It's. It's pretty wild. I'm a firm believer. I, like. We dived in, and it's. It's been fun. If you know what? I was thinking about this last night, talking to my dad. It feels like a cheat code and a video game. It's like, I typed in God mode or whatever, and now the video game's kind of boring, and I need to figure out something new to do. That's.

A

Yeah. Yeah. I've been using AI quite a bit, too, and it is crazy. Once you can kind of understand, at least in my perspective, the analogy that I like to use is like. I feel like when you're prompting it, like, oh, like, explain what DKIM is or whatever, that's like, in the back seat with an iPad, like, once you can kind of like, get in the driver's seat of the car and start. Or. Or even. I'm doing this analogy in real time. If you've ever seen rally car racing, there's the driver, but then there's the guy in the passenger seat with, like, the map, like, D2R. Right. Like, I love that AI. Like, you're the guy in the passenger seat screaming at the AI and. Right. I mean, is that.

E

Yeah, no, that is the exact. That analogy is absolutely perfect. So I did a talk at a local meetup that I don't want to do online because it's. It Gets a little dark at the end. The first half of the talk is a wild west or an anti siphon talk I did about how to prepare for AI. The second half of the talk is me realizing what's going to happen after we get this really dialed in. And the way that I explain it to other people is. Recently had had a lot of problems with my dishwasher. Right. I wanted to AI to help me fix my dishwasher so I made a custom agent just for home appliance repairs. Then I went and grabbed every single manual for all the appliances in my house and dropped them in the AI. Then I started describing to the AI what was going on with my dishwasher and it actually told me like hey, this is how you reset it. Go reset it, walk away, wait 10 minutes and then come back. I did that and then all of a sudden I hear my dishwasher. It's, it's, it works now. I was like oh my God. You completely customizing the things to exactly what you want.

A

Right?

E

Like making it a very limited scope is is the way to go that is critical.

D

The limiting scope is where you get the best results. If you give it way too much data, it gets real, it gets confused relatively quickly.

A

Busy. Baby Zaddy has a super chat. So thank you for the super chat Baby Zaddy. And it's a question way Baby Zaddy loves what you're saying but where can they learn more and what happens if they needed an air gapped environment?

E

Yeah if you, if you look at that the talk I just mentioned it was at the sock summit for anti siphon. That first half of the talk is pretty much how what I've used to set things up. It's only like a 20 minute talk. It's just all the files and all the markup down and agent ways I've used to to set up an AI within a blue team environment. The air gab environment you're going to have I. You'll have to run some type of local LLM and I still you it would still be. Everything would still work. You just have to run something local. I believe I haven't run a lot of local stuff yet. I just haven't had the time to set it up.

A

All right. Hey, really quickly if you'd like to enter the raffle that we're running right now, type in Wade in Chad W A D E Wade Wells who's one of the panelists right now answering questions is running a two day training. $575 value. No purchase necessary. Anyone can enter to win. It is on June 22nd and 23rd and you can learn from Wade about cyber threat Intel. I think I've taken this class, right.

E

You, you took, you took the one day version of the class. The two day is new.

A

Wade has double down. All you have to do is type in Wade in chat. It looks like currently we have 93 entries, 94 entries right now. So we'll draw that at 9:30am so just 12 minutes from now. But what we're doing is we're answering all your questions, helping you level up as a professional and absolutely be the boss, be a CEO of you. Here we go. So flavor. Hold on. Come on man. Soap flavored. I've been seeing a lot of talk about location based auth and that makes organizations more secure. But as an end user I love a vpn. Where do we fall on the spectrum? James of Quigan, let's talk about your perspectives on you know, visibility, condition based access, VPN usage.

F

Yeah, so am I coming through? Because we weren't sure if the audience.

A

Crystal buddy, hello there.

F

All right, awesome, cool.

A

So vp.

F

You know, I love a good VPN as well, but if you're gonna restrict it, I mean we have the location auth set up because of the fact that we have so many, I won't say enemies, but we have so many people out there in the world that want to do harm to us here in this country, gain access into our organizations. And so when we have an organization that is not global, that is only based in the United States, we're only going to allow access from US based IPs. And yes, the cyber criminals on the other side of the world can be coming in on a VPN and disguise themselves essentially. But for me, if you're going to, and I've, and I do this because I'm working for a university that is US based only. And when I was doing a lot of traveling on the other side of the world, I would have to let them know that hey, I'm traveling, you're going to see my login. Because coming in from Denmark or Europe or whatever. And so if you're going to do the location based authentication, it's usually a good idea to have some sort of process set up that if you're going to have your users go into other parts of the world that you have that process to alert you or the folks in it that hey, I'm going to be in this location. And so that way they can be monitoring that and when they see the weird Connection coming in from Johannesburg, South Africa. They can verify if it's you or not. So that's kind of my perspective. It's a good thing that it's there and it's just the outliers that we've got to work on the processes for.

A

All right, thank you, James. Love it, love it, love it. And personally, I mean if you're an organization of any size where you're like being able to do conditional based auth and have people look at the logs, chances are you have an enterprise VPN solution and your end user should be using that and, and bar none, the others. All right, Cyberlorian did a final round. Senior differ consultant. I've never heard of this. This is interest. I mean I've heard of this for like OSCP but not for a job interview. They were given 24 hours to do a technical assessment, do a report and then debrief. It said it went well. That was on Tuesday. So follow up today or next week.

F

Thanks.

A

What's your, what's your take on you do an interview? Congratulations by the way. Cyberlorian, that that level of interview is obviously you're like at the final stage. What's your policy, Kathy, on follow ups?

B

The interview? I always send a day of thank you note like you know, thank you for your time today and then I give it at least a week before any kind of follow up but 100% day of thank them. If you have direct emails that's better than you know, even if it's like three people you interviewed with, I would send it to each person personally, you know, and even mention if there's something in your interview like hey, I enjoyed talking to you today about X. Hope to hear from you again soon. That's why that way it's not like a generic response but it's like a real thank you and that, you know, thank you for taking time out of your day to sit with me and then yeah, definitely a week. But definitely send the thank you as soon as you can.

A

Yep. So Robert Wetstein, who is Bowtie's security guy, right?

D

Hey, you got it.

A

Robert, who's right here is an executive at a Fortune 500 company. Robert. So you're on the other end of the table, right? What's your reading? When you interview someone and they email you and kind of COVID all the bases like they email you 15 minutes after the meeting. They email you a month later, like what, what's the best?

D

Yeah, if you email me a week later, I've already forgotten. Same day is good. Fifteen minutes later, an hour later, it's so, like, I. I've literally interviewed hundreds of people. I've filled probably 20 or 30 roles in my career, maybe more. I've gotten three thank yous. Like, it's very rare. So when I get them, I get very excited. So. And I remember those people. Like, I can tell you the last round of interviews. I could tell you that person's name who sent me a thank you. They didn't end up getting the job, but I remember them. And that is. That is kind of key. Like, if there's an opportunity, I would reach back out to that person because they were right in there. In the second and third place, I would reach back out to them and say, hey, I'd like you to interview again.

A

There you go. Great, great.

B

Gotten three thank yous. I thought that that was just, like, standard.

D

It is so uncommon.

E

I've never got a thank you, and I've done a lot of interviews. Yeah.

B

Wow.

E

Is it weird? I'm like, I don't want you. I don't. Like, I don't think it would help you. Does that make sense?

D

My decision? But I do remember.

B

I don't know if it would help you. I just feel like, I don't know, it's just being a good person.

A

Yeah.

B

It definitely won't call me crazy for being a good person. I just think it's like, sometimes you

E

don't even have their email address, though, too. So then you have to. You'd have to figure it out.

A

Yeah. I mean, I guess what I'd like to point out is don't treat it. I know it feels transactional, but, like, invest in the long game. Right. Like, you're not saying thank you because you want to manipulate them to give you the job. You're saying thank you because you appreciated, you know, the opportunity and all these things. Really quick, I do want to take a hot second and say, happy birthday to Luke Canfield. Luke Canfield is. I've got the. There we go. Happy birthday.

B

Happy birthday, Luke.

A

Yeah. Big fan of Luke Canfield. He's been for years. Definitely love that. So thank you very much, Luke. Enjoy your birthday. Hopefully you got something fun planned. Restream. Like, I feel like we're pushing the limits of restream. You're supposed to be able to have 10 people in here. We have four, plus me and one shared screen. And it's like. It's like stressing it.

D

Oh, yeah. It's. Kills my system, too.

A

All right, so we're continuing to answer questions if you want to enter the raffle type. Wade in chat. Wade Wells, this guy right here is doing a two day training and giving away a. A voucher to it. He's actually going to be giving three away over the course of the next couple weeks. Little spoiler.

F

Are they recording it?

B

Wade?

F

So if you miss part of the day or whatever, you'll be able to go back and watch it.

E

You will. You will definitely. It will definitely be recorded via Zoom. I do not know if it's gonna go into the on demand library for anti siphon. That's the.

A

Okay.

F

If you sign up and register and then miss part of it, do you know if they'll be able to still watch?

E

Yeah. Yeah. You should be able to get it. Zoom. Yeah, that's. That's.

B

I think it's six months. I think you have access for six months. That's how it used to be. I don't know if that's still how

E

Kathy with the insider knowledge.

B

Yeah, yeah.

A

Hey. And I just want everyone to know, like, yes, you can watch it on replay. But. But I've taken this training. It is great to do it in person because you can ask Wade to, you know, clarify or qualifying questions. I think I actually. It was either Wade or Hayden. Like I asked and like I got like additional homework from. From you for like it's going beyond the ass.

E

Probably the. The course. The course I actually like. I wrote the course for a master's thesis, first of all. So everything in the course is cited. Like almost every slide has a link for you to go and learn more. And that's the way I wanted to make it. So, like it's an entry level course, but if you want to deep dive it, like there is so much. There's probably like a month worth of at a minimum just reading inside of it. So.

A

Citations are so hot right now. Love it. I love it. Okay, we're continuing to go here. Daniel Lowry wants to know. We'll go around the horn really quick. What's everyone's favorite? Go to LLM. I like Anthropic. I think it's just. It's a Gen AI. It's comprehensive. It does all the things I want. Round. Lightning. Round. Robert go.

D

Yeah, Anthropic. Also. It. It gets the job done. It's it. I love how it tells me everything it's doing in very clear detail. That's my favorite part.

A

Wave. What's your answer?

E

Claude Code. I do Command line.

A

There it is. Claude. Cl. I should have qualified. Claude. Co work is my thing. Which basically is like a Mac. I mean not Mac, but like a bubble gum version of Claude code.

D

Kathy is mine also.

B

Yeah, I have slotted in my calendar to start the free cloud training on Monday. So I'm excited. So I can't really comment on that yet because I have not, not went through that. I want to do the training first. I am still stuck on Chat GPT because it has my entire like life history and I don't have to go back and retrain it. Yes, I know that you can download it and upload everything into the new LLM. I know all of that. I just haven't done that yet.

A

I love how Kathy already gives the rebuttal before anyone.

B

Yeah, I'm like, I know you're gonna say, well you know that you can do that. Yes, I am aware.

E

I have subscriptions to both. It's okay. And it's more because I'm too lazy to do that memory swap as well.

B

Yes, yes, exactly. Exactly. I would love to report back on the training when I start working through it.

A

Yeah, I just dropped a link in chat to that training. It's anthropic.skilljar.com I actually took it myself couple weeks ago and enjoyed it. James, what you go to LLM?

F

Yeah, it's going to be anthropic because I've got all kinds of projects of everything, all the different tasks I got going on. Gemini is my go to or just anything general outside of those projects and also image generation, video generation as well. I do have ChatGPT. I haven't used it really in the last month and I figured if I could go a month without using it, then it's time to get rid of it and I'll export all my data and bring it into Claude.

A

Yeah. Just as a quick side note, Notebook LM is. It's not great for Gen AI as far as I'm concerned. But you can, you can dump like Wade said, like user manuals. Like I have. I like using Notebook LLM. I do a lot of LinkedIn posts. You can dump like a crap ton of stuff in there and just say make me an infographic and it makes it all the time. Awesome, awesome. Infographs. No, I've never even heard of that one. So good. Google, it's like an app.

B

Okay. Oh, I'm gonna try that. I need that stuff.

F

You would love it.

A

All right. Hey.

B

All right.

A

It's 9:30. We are gonna go long for those who can stay. But what? Let's do this right now. I'm pretty excited about this. We're gonna do the raffle first and we're gonna go around the horn to make sure everybody gets a chance. All right.

B

Wade, I was gonna tease you that you finally got it to a two day course. He's been, he's had it at a one day course for like two years. So I'm excited that he got it to. Together for two days.

E

Yeah, yeah, it's, it's. Yeah.

D

And for anyone thinking about any job in technology, threat intelligence is a crucial part of every role. Like, so even if you're not going into an intel role, being able to do the things, understand the things and do the research is critical for every job. I, I can't tell you. There's not a, there's not a role I've had that I haven't changed. Used intelligence.

E

Then the class teaches you a lot about just like research as well. Like, of course we talk about threat intelligence, but we talk about biases and getting multiple sources. A couple of the newer sections I have from the one day course are like how to use AI. Of course, I had to throw that in there. There's an Oent, a dark web.

F

What is.

E

There's, there's one more too, that I can't remember. There's a lot. I added a lot. I added a lot of good actual labs in it too, which I'm having a lot of fun with when I created them and should be cool. Oh, I added something in about like how to take notes, which was a request from somebody else as well. But I was told to make this a two day course for a very long time. And I kind of just dragged my feet until this most recent one. They're like, hey, you have to have it as it's a two day course if you want to teach it. And I'm like, all right, fine, I'll do it.

A

Nice. All right, well, we're going to raffle off right now. One person in chat is going to win it. You do have to be present to claim it. We'll give that person, you know, a couple minutes and then if not, we'll redraw. So, ladies and gentlemen, you get to see behind the. I'm very transparent here at Simply Cyber.

D

So do you have a drum roll, sound effect?

A

Can you do one? There we go. Winner, winner, chicken dinner. The winner of the Way Wells two day Threat Intelligence training is. Hot Plate Grc. Nice job. Hot Plate Grc. Shout out and chat that you're here. And then we'll connect on Discord and I'll get you your prize. Thank you, Wade. Hey, really quick, just because it is 9:30 and people will have to start flaking out, I want to take a quick opportunity to just kind of promote a couple things. Kathy, you've got some stuff coming up, right?

B

Yeah, I got lots of stuff coming up, so I'll be fast. This coming Tuesday, Authentically Cyber with our good friend Daniel Lowry. It's actually a two part series, Part one. We are talking about layoffs in the tech industry. I've been wanting to talk about it, but I needed to talk to somebody who's been through it. And with Daniel during the podcast, you need another person.

D

I'm happy to talk too.

B

So that's this Tuesday and the same day I am hosting a brand new monthly series with Agent Bounty. The first one is AI Fortune Tellers with Jack Scott, also one of our friends, and Mark Hinkle. So I'm really excited. That's a new series talking to Wade and getting a group together for the next one in June. So I'll keep you posted on that. And then joining the Cyber Crooners. They are a young professional group out of Africa and have asked me to come on and talk about building your cyber brand and I'm going to be doing that next Saturday.

A

So I love it. So Kathy, this is a lot of cool content and cool projects. Is there like a ground zero that people can just like go to to to find this stuff or what's the best way? Because this is three different.

B

Right, yeah, well, I just did like this massive LinkedIn post with all the links because they're all, they're three different people.

A

Okay, go to Kathy Chambers on LinkedIn. Basically.

B

Yeah, it's like the first. Yeah, it's the most recent post and it has all the links in there.

A

All right, so Kathy Chambers, C H A M B E R S Kathy Chambers, the Kathy Chambers media. And this is her right here. So go, go check that out. Robert, what do you got? What do you got cooking bud?

D

Yeah, I've got a few podcasts coming up. Those will show up on my YouTube. Just bow tie, security guy, all one word and then that's, that's about it. I, I'll probably be talking at B Sides Orlando or I'll at least be there. So if you, if you're, if you're there, I'll definitely, definitely say hi and that's it. If you need a mentor, feel free to reach out. Happy to chat. And anyone struggling, feel free to reach out. I know it's a hard market, right

A

now it really is. Speaking of Orlando, James Quiggin, what you got cooking, dude?

F

Well, getting ready for the weekend. That's, that's for sure. But next week I. Oh yeah, next week I will be in Dallas. I'm going to elevate it on for next Thursday. Be there all day for that event. And then the following week I am at Osmosis Con at the first part of the week. And then the end of the week I will be at Secret Con, which is in Minneapolis. Looking forward to there. We've already been, already reached out, already been connecting. Looking forward to doing that and then.

A

Yeah.

F

So Osmosis Con, Secret Con and elevate it. Doing all kinds of present Osmosis Con. I'm attending. I'm not presenting at it, but I will. I'm gonna see our own Dennis Keith there too. So I'm gonna be out connecting with all the Simply Cyber members. Kind of like being at BSIDE stamping last weekend. So. Yeah, thanks.

D

I love James on the spot. Make him tell some dad jokes.

A

That's right. Any of these events, you don't have

B

to put him on the spot. That is a natural part of James.

A

I love it. Wade. Wade, you obviously have this training coming out, but anything else you want people to know about while we're.

E

Yeah, I'm on the news with vhs talking about news every Monday. Which is the good news, not the bad news. The bad. Yeah, I haven't, I haven't gotten that far yet. I also do random but memorable, which is the 1Password podcast, which maybe Jerry will be on an episode coming up here soon. We'll find out.

A

Yeah, high confidence in that bet.

E

Yep. I'll actually be in Nebraska the first week of June at Cyber Tatanka, I believe is how it's pronounced. And I'm teaching there. That will be, I'm teaching the two day course there. So if you're signed up for that or something like that, I'll see you then. Besides that, I did buy my DEFCON ticket. So I will be at defcon this year, which is a little bit rare for me.

A

So, Wade, come out to the Simply Cyber meetup on Friday night.

E

Yep, I definitely will, you know.

B

All right, cool.

A

I love it. And yeah, how does one get on the Black Hills talking news? I, I, that's like eluded me.

E

I feel like, yeah, it's put a little bit behind a wall nowadays you have, you know, the right people to talk to. I'll, I'll figure it out if you want to get on.

A

What is a good Word for me. I can be on camera.

D

Okay.

B

All right.

A

I want to share something with y'. All. This is my 20266 sticker.

E

Did you make this just now? Is this. Is this purely made because of me?

A

No, no. This was made over the last week, and I. I've been ideating Wade, and I. I wasn't gonna say Thrunter, but it is. The game is Thrunter, and if you scan this QR code, it will take you to the game. I made Fronter.

F

Oh, my gosh. How funny.

B

Oh, my God. I love this so much.

A

There's a global leaderboard and everything, and there's, like, there's Easter eggs in it and stuff. So anyways.

F

Oh, my God. Too funny.

A

Yeah. So anyways, come find me at cons, and I will be happy. I ordered these on sticker mule just yesterday. I got 200. And that's my 2026 sticker. So a very. You need to get a.

F

You need to get a T shirt made like that, and we can give it to Wade and he can wear.

E

I refuse. I refuse to wear. Or that T shirt or get the sticker. This sticker will not be anywhere near me.

A

It was originally gonna be the T game. You know, the one where you fill the beers and throw them. I couldn't vibe code that game very well. And for. For what it's worth, it was going to be threat actors coming down, and you were going to be whipping, like, patches down the bar at him and stuff, so. But I went with this Defender type game. I was calling it Defender, thinking blue team defender, but Atari owns that. And I just. No one owns Thrunter because no one wants it.

E

But not yet. I'm gonna own it, and I'm gonna get rid of it. I'm like,

F

you missed a good opportunity to call it Spy Thrunter. Like the old Spy Hunter game with the driving game, but the next version for you.

A

Yeah, I love it. I big fan, too, of using the QR code. I had it on my 2025 sticker going to the hip hop playlist, and people seem to enjoy that, so. All right, let's get back to the questions, if we can.

F

Everybody, by the way, Jerry, you know, shout out to all the Canadians and the Tim Horton fans. Tim Hortons every day in my coffee mug.

D

Look, I mean, you don't have to call out Jerry for calling out all of Canada.

F

Well, you know, I know, but he did it on the show, so I couldn't resist.

A

It took me a while to even get the name Right. I was like, like, like Tom. I think I called it, like, Tom Lavenders or something.

B

So when I. When I lived in Columbus, Ohio, Tim Hortons was very popular. I worked an overnight shift and I go through the. Drive through and pick up my Tim Hortons and head to work. Yeah.

F

When I go to Secure West Virginia and Charleston, West Virginia, they have a Tim Hortons in the next town, so it's always a stop. We don't have any here in Florida, sadly.

A

So what's the deal with Tim? I mean, why is it like.

F

Is it Starbucks of Canada? You know, everybody loves their Timmy's. They go, they get their car. That's where they get their coffee. Yeah, it's the place to go in Canada for coffee and donuts. Hey.

A

Okay. All right. Good to know.

F

I gotta get that sound effect. I gotta get the Bob and Doug McKenzie sound effect put in here now.

A

Yeah. All right. All right, here we go. So if you have questions, it seems like it's much more of, like a simply cyber community hangout and chat. Less. Less ama, I guess.

F

Somebody asked earlier about what kind of VPN tool do we like to use? And I think they said Mac, but I figure we could share our favorite VPN tool.

A

Yeah, go ahead. You go first.

F

All right, well, Proton VPN is the one. Is my go to. I like using it. It works on Mac, Windows, Linux, all call them. I have a Proton subscription. And so you get a lot more bells and whistles with it. But yeah, so Proton vpn.

A

For me, I. I like Proton vpn also. I. In fact, I actually made a mistake. Hopefully they edited it out on the podcast. I got interviewed by Wade. He asked me that question. I said I had a lifetime subscription. I had like a lifetime license. The Proton. He's like, really? That. I didn't know they did that. I'm like, oh, yeah, they did it at the holidays, like, immediately. I looked into it and I just. They had like, a deal. I bought two years, not lifetime. And I felt like such a poser. I'm like, oh, my God. Yeah, the Proton's great. Robert, who's your VPN of choice?

D

Proton. Also that they, you know, they're one of the few companies that I trust not to sell my data.

A

Yep. I love it. Wade, are you gonna make it a.

E

Should I say Astral? No, no, that's the North Korean vpn. I use Proton. I use Proton as well. I've used them for a while. I used Nord way back in the

A

day

D

for a while

E

as a cyber defender. I hate anyone who uses a VPN on their cell phone and connects to the corporate network. Because you break things for me and I then have to investigate. You don't buy Mulvad and connect to the corporate network. All right, I'm just. Right now.

A

Wow. All right, so what I'm actually hearing is if you want to f. With Wade,

B

I mean, there's a couple things that'll set Wade off.

E

If you want. If you want your cell phone to be knocked off the corporate network. Yeah, go ahead. Connect via Mulvad.

A

Like,

B

I don't have a VPN of choice. The only time I really use one is when I do research. The University of Florida. We have to hop on that VPN to access any articles or anything. So that's really the only time I really use it.

E

What a flex. When I do research for the University

B

of Florida, you know, I'm a PhD student, so it's not for them, it's for me.

E

But yeah, yeah, yeah. Well, they're another Flex PhD.

A

So that was your.

D

Your second, like, humble brag?

B

I don't. I didn't know that was a humble brag. I didn't know that. I'm sorry.

A

We should get, like, Cat for the rest of the ama. Kathy's just gonna. We'll do it this way. Hold on one second. All right, so this. So PhD, and then the rest of us will just be over here just doing.

B

I mean, I'm not gonna argue with that.

A

Robert, what's your favorite music instrument? We're definitely hanging out now.

D

Yeah, I've got my Nintendo guitar that I built. I built an. An electric guitar inside of a old Nintendo, which is my absolute favorite.

A

Do you have it local? Like, can you put it on camera? That sounds outrageous.

D

Yeah, I'll go grab it.

A

All right. I love it. I love it, I love it. So while. While he's doing that, any other musicians on the. On the ch. Wait, do you play?

E

I. I took banjo lessons for several years, so where I lived in California was like, there's only one paved road. Look at that. Like, how do you compete with that? That is.

A

Can you turn off your background? Like, I don't know.

D

Yeah, yeah. Hang on. Let me kill the. Let me kill the screen so you can see I'm in the shop. Anyways.

A

Yeah, cool.

E

Banjo. Yeah, I took banjo lessons. I know how to play the banjo softly. That's the. I'm not musically talented. That's my wife's side of my life. She's very musically talented.

A

I play the guitar. I'm terrible Kathy, you got any musical chop?

B

Yeah, I play the guitar a little bit. That was part of my talk. I only play, like six or seven chords and. Six, seven. And I like to sing. I'm not saying that I'm like, the greatest singer, but I like to sing, but.

A

All right, all right. Hey, there is an open mic night. It's Simply soft. CyberCon 2026. Come on down. All right, so let's look at this Nintendo.

B

That is so awesome.

A

That is insane. Robert.

B

Oh, my God. He would love that.

D

I didn't know how to build guitars either, and I followed some luthiers online and I was like, oh, that doesn't seem too hard. I wonder if I can put it inside a Nintendo. It's got that. You can see all the.

A

That is the coolest thing. Can you? You should make a post on LinkedIn about that. Just so I can like, dude, did

B

you make a video of you making it? That's awesome.

D

I should really, like, record the stuff that I make. I record everything else with my, like, technical stuff. But, yeah, the funniest thing is when I do mentor sessions, I'm, like, working on a prop. Like, I'm, like, building Rocky. You can see, like, all my. All my shop stuff and, like, all the blasters on the wall and different things.

A

I love it. I love it. James, are you got musical chops?

F

No, I can't even. I can't even hold a note.

A

So.

F

Yeah, no, I'm. My kids have and my wife have all the singing and musical ability. I love musical theater. That's about as good as it gets.

C

So.

A

I love it. Roswell UK wants to know everyone's classic arcade game. So this is an ama. If you have career questions, ask them, we will answer them. But in the interim, we will favorite classic arcade game. I gotta tell you really quickly, I've always been drawn to elevator action. If there's an elevator action, I'm on it. I love it.

D

Wow.

E

I don't even know what that is.

A

Oh, my God. Google it.

B

When I was growing up, we had an Atari and I played Frogger, like, every day. And then at the arcade, I played Donkey Kong. Oh, that's my favorite. I will if I see it, I'll play it. I love Donkey Kong.

A

I love it. Wade, what's your favorite arcade cabinet? You're on mute.

E

I'm trying to Google what its name was.

A

Okay. No, I'm.

E

I. I was always into the shooting games.

B

Oh, what about the duck? The duck one?

E

Not. No, not even. I'm. I'm Going for like. Like with the giant gun and you have to press the button.

B

Yeah. Like the big orange one. I thought that was the Operation

A

Wolf was the first shooter. Like that was it the sub. The Sub Uzi.

E

I know it's not time splitters, but time crisis. That's what it was. Time crisis. I had a time crisis. So I'm a little bit younger maybe. I don't know.

A

Yeah. I forget how young you are.

E

I had time crisis for PS1.

A

Wow.

E

But I, Like, I did have a nest. All right. But that's like the. I would say arcade game that would go. That I would see at the actual arcade and go play it. That's what I've always wanted to play.

A

I love it. Drop it in chat what your favorite arcade was. Looks like a lot of people are doing that. Kimberly can fix it with Mortal Kombat. Wow. Oh, yeah.

F

The original Combat. Yeah.

E

I was a big Dance Dance Revolutions player for.

B

That was such a fun fact.

A

Simply Cyber. Are you coming to Simply Cybercon, Wade, or. No. I mean, it's hard.

E

Yeah, probably. Probably not. I think I'm doing Deathcon and then I'm going to Japan in November.

A

Okay. As the director of Simply Cybercon, I can make anything happen. And I might rent a Dance Dance Revolution machine.

E

They. They don't exist. The company itself doesn't exist anymore. And there is a knockoff company that still builds arcade machines, but they're rare. And you. I'll never see a real Dance Dance Revolution machine or even the game that has it out. Every now and then we'll go to like, Dave and Busters or something and they'll have like, the one that isn't like. It isn't built. It's like diagonal or has like a different way to do it. And I'm like, I can't do this. This is. Be a prima donna.

A

Robert, what's your favorite arcade?

D

I would. I would have to say probably Galaga is right up there with my favorites. I. I'll have to send you some photos of my. My office, Jerry. Which is like my whole Nintendo game room, which I have a full standing arcade that I built and a full. Oh, a digital pinball machine that I built.

A

Of course you do.

B

He can say that. And I can't talk about research. He's like, yeah, I built my own arcade, guys. Everybody's fine with that.

A

James, what's your. What's your video game of choice?

F

Yeah, I'm one of the old ones. So I remember in high school going over to the Kmart and we were playing karate champ. And then the day came out and we saw Street Fighter, and that changed it all. So Street Fighter was always a favorite, but Spy Hunter was. Was one of those games that if I saw it, I had to play it. It was always so much fun. Driving, crashing into cars, firing missiles, all that good stuff.

A

I did like Spy Hunter quite a bit.

B

I finally see a question. I see a question.

A

Oh, good. Elevator action, too. Go ahead, Kathy, read it out.

B

I'm about to graduate college and enroll for a master's program immediately. What college would you recommend? I would love to be a Red Teamer.

D

Oh, man. I mean, Jerry, do you want me to kind of start with that?

A

Go ahead.

D

Keep in mind, a Red team role is a very difficult job to kind of obtain because not all companies have a dedicated red team. It's. It's kind of a luxury item for companies, so.

A

Oh, thank you.

D

I would say whatever college is the least expensive.

A

And

D

because the degree is not going to be what kind of changes your path. It's going to be the relationships that you make at college and the relationships you make in cyber that might get you that opportunity. I've been a Red teamer. It took me about a decade to get into that role. And I did every other job beforehand because being a Red teamer, and I was a Red teamer at Disney. There you go. I'll flex a little. So, like it. It's a very hard career choice, and it's a lot of life dedication. And it's not one of those jobs that's for the faint of heart. Same with blue teaming, too. And I'm sure you can talk a little bit about that. Oh, wait.

A

Yeah, go ahead. Wade, you gotta comment on this one. You're on mute.

D

You're still muted.

A

You muted yourself.

E

Yeah, that's because I was looking up elevator. Whatever. I'm trying to figure out elevator action. I'm always reluctant with master's degrees. I got mine purely to get a pay raise. That was the only reason I went to Georgia Tech. It was only 10 grand. And that I. I purposely found. Found one that was cheap. Right. My big thing is, like, it. Like, if you have the time and you have the money, go for it. Just go like very much. Get the cheap one. Go somewhere that's gonna allow you to do it. Or go somewhere local where you'll actually meet people. That's the bigger one. Make the connections that you did. My master's degree program, I've met a couple people that I still Talk to on LinkedIn but it's very much like here and there, and, and it's literally just for the paper, just for the flex. So when I negotiate with an hr, they'll give me more money.

F

And did you have your company pay for that master's degree for you?

E

I negotiated it into my pay. That is a very good. Like, I had one company who offered me to. They would pay for me if I got A's, then they. Another company is like, hey, we'll just add whatever that is to your pay. And I'm like, oh, well, that's where I'm gonna work now.

F

Yeah, there you go. Yep.

A

I love it. Nice. All right, so hopefully that helps, helps you on your, your journey. It's not just about the degree. It's about the relationships. It's about the cost. Right. If you can get your employer to pay for it, that's always good. Kyle. Kyle, who, by the way, was in the audience for Kathy Chambers talk and gave a talk.

B

His talk was really good.

A

Yeah, exactly. I saw a screen cap. I, I think Daniel Lowry did a, a panel. He wants to know what non it cyber job experience still benefits you today. Oh, that's a good question.

D

Yeah,

A

go ahead. James, you want to go first?

F

Yeah. You know, it's got to be the six years I work professionally in theater, project management. I wasn't even the performer. I was more technical. I was all the guy. I was the guy behind the, behind the curtain. But all my years of working in stage management, project management, that was key. And even now working as a vc, so that is helping out tremendously. Communication skills, project management skills. Heck, even working at McDonald's, you know, I didn't do that. But working at McDonald's, the life skills can certainly help you later on in life. But yeah, my six years in theater. Good times.

E

That explains a lot now, right?

F

Yes, it does, Robert.

D

Yeah, Sales.

A

I love this question, by the way.

D

Yes, sales was really huge for me because learning how to sell things allows you to learn how to sell yourself and, and how to sell your ideas. And that was one of the things, I think that was a big differentiator. And then like James said, communication is so critical in cyber. I've met engineers who are out of technical 10, but a communication four, which put them at a four. Like, if you can't communicate what you're trying to do, your technical skills don't really matter. And it's the quickest way to kind of have people lose focus is by talking over their head. So communication in sales was really, really critical. I think to my growth.

A

Kathy, what do you got?

B

Well, I'm not in it, but I will say that project management for sure. I'm going to just say what James said is super helpful. Everything I know about IT and cyber project management plays into like all of it. Whether you're in project management or not. Like part of your job is project management. I definitely say that. I also want to say that if you are trying to get into cyber or it, maybe find one of those kind of jobs at a company. I'll use myself for an example. Like when I worked for Anti Siphon at Black Hills, I was in project management. But at any point point, if I would have studied cyber and wanted to be in in it, I was already at the company. Right. So maybe look for those jobs within the company that aren't cyber it, but that you could transfer over because you know everyone there.

A

So, Wade, what. What you brought with you?

E

Yeah. There's three things I can always talk about. It's like this crazy small town. I grew up in cyber and then working at In N Out. Right. So working it in and out is the key one for me. I worked there for seven years.

F

Wow.

E

I've never had a day that was as hard as in and out. In cyber, in and out was that much higher.

A

Wow.

E

Not because it was both physical. It was physical and mental. That's the thing while working there. And plus you have to have a smile on your face all the time. So it's more of like relating a job that you've had to a career that you want is the big thing.

A

Right.

E

And for me, working at In n out made me think about quality, made me know about teamwork, about communication. I actually noticed a clear dip in my vocabulary after I went from in and out to IT because I was talking to people.

A

Wow.

E

Yeah. Yeah.

F

Interesting.

A

And if I. If I may, because. Share my. So some of you know this, some of you do not. When I graduate, graduated with my computer science degree, my bachelor's, I was a complete idiot. Like, I didn't know, like no one. This didn't exist in the 90s. Okay. So I just thought, I swear to God, I thought you graduate with a computer science degree and you just like step outside and they hand you your job and you're like, ah, I make seven now. Yay. Right? Like.com boom was going, I got a computer science degree. I'm the bee's knees. And in reality, reality, that is not the case at all whatsoever. And I ended up having to go work construction and I was a mason tender, which basically is the grunt who carries 100 pounds of bricks, like literally 50 in each arm between the truck and the job site. And you repeat until the entire pallet of bricks has been moved. And then you mix cement or you use a rope to like, basically bring the.

D

I love all the hand motions.

A

Oh, my God. What experience did it? How did it benefit me today? I'll tell you the experience. I, I, I, I was like, I do not want to work this job. This job is miserable. I've got, I've got to, I've got to get the job I want. And I was hyper motivated. And I never want to go back to that because it, it, it was, it was brutal. Now I will say that I got shredded, which was awesome because I was basically working out like nine hours a day, unbelievably. And when I first. This is a quick story. When I first met my wife, the first date I ever took her on, I invited her over my house. I was going to make her dinner and I started a grease fire right before she walked in. So, like, my house was like, well, my apartment was full of smoke and I had taken my shirt off and I was fanning it. And she walked in and she was like, oh, my God. Because I was just like ripped. And she's like, you're like a nerd. Like, how are you like that? And then it was, oh, my gosh, she married me. So that's fun story. All right, we got a couple minutes. Spoiler alert, my body is devolved. Back to nerd. I'm soft now. Okay. All right. Hey, one minute till Daniel's class stream. So we're going to just do a quick year for newbie. I was told that Learn Networking would help me as a cyber analyst. What would be the best way and go learn about it. Robert, give us this on our way out.

D

Yeah, there's a ton of things. There's a lot of great YouTube videos. Jerry's done videos on networking. Ginger Hacker initiative or Ginger hacker on, on YouTube and just learning the basics of, you know, all of the different layers of networking. You'll use that in most of your investigations. I, I mean, I could tell you as a blue teamer for a long time that was, it's a pretty common thing. So just learn the basics and then practice. Build some stuff at home and build a home lab and kind of play and tinker.

A

I love it. All right. Oh, I guess we dropped, I looked down for a second and we had to get the hell out of Here. All right, well, thank you.

F

At 10 o'. Clock. Yep.

A

Well, this is why we did the. The. The round robin at the mid roll, just to make sure everybody got stuff really quick. I want to share with everyone because this is an unusual thing. Today at 2pm there was a request from the community. I do these quarterly, but I've missed the last quarters. I'm gonna do a. Essentially like a town hall or a state of Simply cyber. It's. It's a very much a transparency meeting to tell you what we've been working on, what you can expect in 2026. I take feedback from the community. I'm all about helping everyone. And I want to make sure that what we're doing is aligned with helping people the best we can and that you guys are aware of all the opportunities because I forget to tell people about stuff all the time. So come by for that. You can go to simply cyber YouTube channel and see it's. It's happening later today at 2pm all right, we got Daniel Lowry IRL our friend Daniel Lowry, who does a stream. So if you have questions that didn't get answered, come on over to Daniel's stream.

F

There he is.

A

Gotta mute him. Go over to Daniel's stream right now. I'm gonna drop a link. I want to say thank you to Wade, who had to get out of here. Thank you to Kathy. Well, it looks like Robert had to get out of here as well, so thank you to Robert, let's say cyber bowtie security guy, Kathy Chambers, PhD candidate and extraordinaire from Kathy Chambers Media, James McQuiggin at 35, 000ft who's at a conference near you soon. I'm Jerry, your chat. Until next time, y'. All. Thank you so much and stay secure.