A

All right.

B

Good morning, everybody. Welcome to the party. Today is May 4th. It's a Monday. Hope everyone had a good weekend. 2026. This is simply Cyber's Daily Cyber Threat. Oh, look at my hair. Oh, my gosh. Today is wait. Welcome to Simply Cyber's Daily Cyber Threat brief podcast. I'm your host, Dr. Gerald Ozer, coming to you live from the Buffer OceFlow studio. If you want to stay current on the top cyber news stories of the day while being entertained, educated, and connecting with like minded professionals in the cyber security community, well, then you're in the right place. We're off and running on this beautiful day. Thanks for giving me just a little bit of grace as we get started a little bit late. Sean sailors, 18 months. What's up, bro? All right, we're off and running. So get your coffee and get ready because we're about to tear the face off of top cyber news now. All right, everybody, welcome to the party. Hey, Marcus Kyler. Good to see you in the yeet crew. All right, ad tech deep friend. A guy named 303 coming in hot. Always AA Witherspoon with the hello. Good morning, everybody. Let me go ahead and just say thank you everyone for being here. I know we started off a couple minutes late. Today is. Today's a busy day over at the Oer household. Let me fix mod chat. I mean, let me fix the chat so it's streaming. Ain't nobody got time for. For not streaming chat. There we go. Before we get started, let me throw some love out to the community. Community. Here we go. Here's some gifted subs. Five gifted subs. You get a gifted sub, you get a gifted sub. All right. Share the love. Share more. Cartridge. Sing Kong. Everybody get some love. Mr. Optimus. Tony. There you go. If you're a new member of the Simply Cyber community and got those gifted subs, go ahead and jump into the emo tray and giddy up on that. I like to use the Oprah emote for. You get one. You get one. You get one. We got a great show for you, everybody, today. Over the next hour, we're gonna go through the top cyber news stories of the day. Obviously, you'll get the headline in the main story points, but then I will go beyond those headlines and give you insights. Now, what makes this show particularly exciting, among other things, is that I don't research or prep for any of the stories. I don't know what they're going to be. I even started a few minutes late today. So I literally have no idea. Ain't nobody got time for that. That's right. Ain't nobody got time for that. And you know, honestly, as a practitioner, that's how it goes. I do want to say happy Star Wars Day. If you're not familiar, it is May 4th, so May 4th, the be with you. Prairie Waltz with a squad membership as always, James l. Queen at 35,000ft. Loving that. May the fourth be with you. May the Force be with you. Every single episode of the Daily Cyber Threat Brief is worth half a cpe. I've got some big news for everybody on the CPE front. Stay tuned for the mid roll on that. But I've got something that's going to level up the game for the simply Cyber community. And I think you guys are all going to be super happy. If you're listening on replay or audio only, you will be able to take advantage of this opportunity as well. So stay tuned. That's called the teaser here in the biz. So stay tuned for the mid roll one. But until further notice, just say what's up. In chat you appear part of the show. Grab a screenshot. It's basically like your, you know, evidence that you're here for the show. Every show is an hour, but half the time we spend goofing around and half the time we spend doing instructor led webinar type content. So it's a half a CPE for everyone in the chat. Thanks for being part of the show. If you're here for the first time, drop a hashtag, first timer. Hashtag first timer. Hashtag first timer. In chat we have a special sound effect, special emote. Those five new gifted sub members, they're going to be able to drop those emotes as well and just let us know. Guys, listen. It can be really intimidating. Oh, how do I start meeting new people? How do I socialize? I've been told networking is super valuable, but I don't understand how to do it. Let me give you a like easy button, the on ramp. Say hello in chat. Hello, hashtag first timer. There we go. Jay Smooth, first timer. Welcome to the party, pal. J Smooth, J Smooth. First timer. Sunny Allen, first timer. Squad members definitely help us welcome J Smooth and Soap. Oh no, no, not soap. Who was this? Sunny Allen. So J, J, A Y and S U N. Welcome to the party, pal. Welcome to the party. We hope you have a great time. Sunny and Jay, hope you have a good time. We do this all the time. We got people on the west coast, left coast, east coast, right coast, down coast, low coast Left coast, the far east coast, the west west coast of Australia, we got them all. So wherever you are, there's probably somebody in the community around. All right, we got our first timers. Every day of the week has a special segment and Mondays is simply Cyber Community member of the week sponsored by Threat Locker. So I get to give a hundred dollar gift card out to one member of the community and I've got a slam dunk home run. You know, nothing but net tickling the the twine Community member of the week for everybody today. So stay tuned for this now. Sunny, Sunny Allen J. Smooth. Every episode of the Daily Cyber Threat Brief is sponsored. I can't do this show without the sponsorship, so let's take a hot minute. All sponsors links are in the description below, starting with anti siphon training. Anti siphon training is disrupting the traditional cybersecurity training industry by offering high quality, cutting edge education to everyone regardless of financial position. Today is April. Today is May 4th. I'm super excited about this Wednesday, May 6th. So two days from now, you got time. Noon Eastern, May 6th, noon Eastern. Wade Wells. Wade is a. If you don't know, I know Sunny and Jay Smooth. You guys are new here. This guy right here, Wade Wells, long time simply Cyber community member, amazing practitioner, senior detection engineer. If you like blue team. This guy is a mentor and a half. Come hang out with him for an hour and learn how to turn cyber security headlines into action, I. E. In other words, get detections, indicators of compromise. Go threat hunting. Based on this news, Wade's gonna tell you his workflow and methodology. He's great. He's also one of the chairs for B site San Diego. If you're on the left coast down in the, down in the lower California area, you might know him already. I'm gonna drop a link in chat. Cost nothing to register for this. All you get is value. So the question is, are you going to invest in future you? I don't know. Choice is yours. If you register and don't go, you don't get dinged or penalized. So take the first step, register and then see what's up. Want to say shout out to Flair Flare. Cyber Threat Intelligence platform is killing it. Continuing to kill it. I'm actually going to be doing in simply a flare academy training with Jason Haddix. Oh my God. At the end of June. Details to come out on that one. But look at this. If you're taking your cyber security program form from like kind of immature and you want to level it up maturity wise, a Threat intelligence platform like Flare is an answer that checks all the boxes. Flare goes on the dark web, goes into the cyber criminal underbelly, goes in those filthy telegram channels, data, mines all the data and brings it back, catalogs it, cross references it, tags it, and then makes it super easy for you to search it. What does that mean? It means very quickly you can find out if users in your environment have been compromised. You can find out if your organization is being targeted for an upcoming attack. You can find out if you already have compromised assets in your environment, among other things. The Flares threat intelligence platform is wicked awesome. And if you don't believe me, they've made it super easy. Because right now if you go to Simply Cyber IO Flare, Simply Cyber IO Flare, you literally can sign up for a two week free trial if you are not a criminal. Okay? They do have to verify you because the information in this platform is way too powerful if it got into the wrong hands. Two week free trial, no strings attached, like just obviously I, I love this platform. I've used it. I'm just saying there's zero risk to trying it out for yourself. Finally, thank you very much. Threat Locker, Threat Locker application and I by default approach to cyber security. They crack the code on this very difficult to solve problem in our industry. They do it on the endpoint, now they're doing it in the cloud also. Guys, Threat Locker, I'm really, really happy that they have chosen to partner with us. We've been partners for about two and a half, three years now. Love the people over there. Been to Zero Trust World a couple times. Met bowtie security guy at Zero Trust World also. Let's hear from them really quick and then it's time to melt your face with the top news of the day. I want to give some love to the daily cyber threat brief sponsor, Threat Locker. Do zero day exploits and supply chain attacks. Keep you up at night. Worry no more. You can harden your security with Threat Locker. Worldwide companies like JetBlue Trust Threat Locker to secure their data and keep their business operations flying high. Threat Locker takes a deny by default approach to cybersecurity and provides a full audit of every action allowed or blocked for risk management and compliance. Onboarding and operation is fully supported by their US based Cyber Hero support team. Get a free 30 day trial and learn more about how ThreatLocker can help prevent ransomware and ensure compliance. Visit threatlocker.com DailyCyber. All right everybody, it's that time. Jay. Smooth. Sunny Allen, do me a favor, sit back, relax and let the cool sounds of the hot news wash over all of us in an awesome wave. I'll see you guys at the mid roll. It's going to be a good day. From the CISO series, it's cyber security headlines.

A

These are the cyber security headlines for May 4th, 2026. I'm Steve Prentiss. Telegram Mini apps deliver Android malware Researchers at Bahrain based CyberSecurity research firm CTM360 are warning of a quote, large scale fraud operation that uses Telegram's mini app feature to run crypto scams, impersonate well known brands and distribute Android malware. The platform has been named Fimitbot, I.e. f E M I T B o T and uses Telegram bots and embedded mini apps to create convincing app like experiences directly within the messaging platform. Some of the brands currently being impersonated include Apple, Coca Cola, Disney, eBay, IBM and Nvidia. An update on the cPanel bug story. A longer read than usual.

B

All right, so this is functionality I was unaware of. I, I try not to use Telegram, I use signal personally. But apparently Telegram has a capability to do a light web app, you know, interface inside of the Telegram app. Telegram is a messaging app. It works on iOS and Android. Now it says Android malware delivery so I don't know if this only works on Android devices. Although I mean I, I suppose that the Telegram app for iOS would have to support this lightweight web app thing. Anyways, it doesn't matter because this is a classic, you know, look alike phishing scam operation, fraud operation. Guys, this is like this, okay, two things. One, this is why it's super important to be engaged and stay current on top cyber news. It's not like obviously this Telegram channel bull crap is something that we need to educate our end users about today. But when you've been around and you've got like, you know, the receipts or whatever, you'll see the same things over and over and over and over and over again. It's just like it's a new wrapping paper on the same gift, right? This is like cyber security. It's like threat actors just re gift the same thing over and over. And the reason is because it continues to work. There's no reason to reinvent a wheel if the wheel all continues to spin and work and everything like that. So in this particular manifestation or instantiation of the, of the crime they have lookalike mini web apps. This is literally no different than having a, a lookalike landing web page, having a lookalike application loader that's a Trojan malware having a lookalike email address. Like it's just all the same thing with a new, new skin on. So tldr, educate your end users because this is attacking individuals with Telegram, which by the way, I'd like to think that the people using Telegram are slightly tech savvy. Or maybe, you know, I'd say tech savvy. I teach at the Citadel Military College, So I have 18, 19 year olds. There's always a, a part of the semester where I ask the cadets who uses Signal, who uses Telegram, who uses WhatsApp, and most of them don't use any of them, which is kind of surprising to me. A lot of them use Snapchat for their messaging, back and forth with each other. None of them use Facebook messenger. But, but anyway, so I think the population of individuals who would fall victim this are probably 30 to 40 year olds. You know, it could be someone who's tech savvy, not tech savvy. Long story short, what, hold on. The question now becomes what do they get with these apps? It says fraud operation, so I assume they're trying to steal money. Let's see, password, no money, dollar symbol. All right, so the, the question becomes, all right, you can stop these people from doing it, but like, what is the impact? That's the next thing from a, in my opinion, from a CISO perspective here. Let's see. Victims are shown dashboards with fake balances, often paired with countdown timers. A limited time offers to create a sense of urgency. When they attempt to withdraw funds, they're prompted to make a deposit. Oh my God. This is like such an old school attack. It's like the Nigerian prince scam all over again. Guys, what this attack is doing is preying on human psychology. So they're given the illusion that this person's about to get a bunch of money, but they have to make a deposit first in order to get that money. Literally. This is the Nigerian 419 scam reskinned in 2026. Do me a favor, it's Monday morning. Send a note out to your workforce. I honestly, at this point I might not even mention the telegram. I would just say, hey, listen, there's an uptick in activity. If, if a, if you are asked to make or if you're told you're going to get some quick money, but first you have to make a deposit. It's a scam, period, full stop. That's it. I can't believe people fall for these things, dude. But it happens enough that like obviously These threat actors are getting paid great cash, homie.

A

First of all, following up on this story that we first covered on Friday, federal agencies were instructed to resolve the C Panel bug yesterday. Sunday. CPanel and WHM are part of a web hosting control panel suite of software deployed to manage websites and servers handling millions of domains. Experts have warned that hackers could use the bug to completely compromise a server, steal data or manipulate hosted data. Internet security watchdog Shadow Server now reports that at least 44,000 IP addresses running cPanel have since been compromised in ongoing attacks. Numerous sources have told Bleeping Computer that hackers have been exploiting the cPanel flaw since Thursday to breach servers and deploy a Go based Linux encryptor for the sorry ransomware. This bug carries a CVSS score of 9.8. Benjamin Harris, the CEO of Watchtower, said within hours of the initial cPanel advisory dropping, nearly every major hosting provider on the planet had firewalled their own customers off their own products. Quote he continued, quote hosting.com known host and others all pulled the emergency brake because the alternative was watching their entire customer base get owned in real time, end quote. And he added, finally, quote, once again, we're running around with half the Internet seemingly ablaze. And given the increased usage of AI and vulnerability research, we anticipate this new normal to become increasingly familiar, end quote.

B

All right, so the story says federal agencies must patch by yesterday. Okay. Which is kind of funny that it's today's news, but the. This, this is why you join the daily Cyber Threat Brief. Okay? Because if you just read this story or you saw it across your CSS feed or CSS Jesus, your RSS fell, you might be like, oh, okay, I don't. This is interesting, but it doesn't affect me. I'm not a federal agency. Well, you'd be mistaken because the story is much bigger than that. The story here is that, you know, basically large enterprise service providers, organizations that provide hosting infrastructure for clients and businesses. Right? So like simply Cyber IO's website is hosted somewhere, right? You know, obviously Restream, the. The Mid streaming service. Yeah, I said Mid Restream. I got. I'm on to you. That is hosting this streaming stream right now is hosted somewhere. Okay? So forever, Forever it has been. You're responsible for your own stuff, right? If you look at the. The allocation of responsibility, the racy matrix, if you want. Oh my God, did he just go there on a Monday morning? Oh, I went there. Ladies and gentlemen, for all you who are not indoctrinated In GRC and enterprise management. Let me introduce you to the racy matrix. R A C I. Dude, trying to get someone to comply with this thing or sign up for this thing and put their name down. Oh, my God, that's awful. Dude. I. When I worked at the hospital, man, trying to get people to own things on the racing matrix, it was like trying to like, grab a greased up pig. Oh, my God. So are you accountable? Oh, no, I think that's John's thing. I think it's. Oh, no, no, no. Sally's definitely owns that. All right, so listen really quick. A racy matrix is an acronym. R A C I R means responsible. A means accountable. C means. I forget what C means. And I means informed. Okay, hold on. Let me see this. Oh, responsible. Accountable. Consulted and informed. Responsible is who's. Who's responsible for it. Accountable is who's accountable for the completion of it. Like who's. Who's. Whose neck is on the line. Consultant means people who can, like, give insights. And then informed is people who need to stay informed. Just spoiler alert. Most people who are greased up pig, like people that don't want to be held accountable, they will be like, oh, definitely informed. Like, just keep me abreast of what's going on. I'm gonna go back to my desk and watch YouTube videos secretly. Not a secret, Kevin, Everybody knows you're watching YouTube. Or they're like, oh, yeah, no, no, I'm the subject matter expert on this. You can consult me on it. It's like, no, you're not. Like, yeah, you're the subject matter expert because you're the engineer responsible for it. Dude, you're responsible. Typically the person doing the work's responsible. Their boss or the project owner is accountable. Okay, now that we've got the racy matrix fully fleshed out, here's the deal. Forever. Like the. The people who are responsible for managing their own business, their own infrastructure, is the client. In this instance, this cpanel bug is so bad and can result in so much damage and it's already being seen as exploited in 44,000 different instances with ransomware deployed on those victims that the hosting providers literally just threw up a firewall in front of their clients infrastructure blocking this, which can result in availability issues for all those clients. So imagine if you will. I tried to do the stream this morning and Restream wasn't available because the hosting provider blocked Restream from reaching its infrastructure because restream hadn't patched its things again. I'm taking A lot of liberties here. But the point is they are, they are taking a stand, these hosting providers, to say, listen, we're going to piss off our own customers because it's too much of a risk to our business to allow them to be reckless and aloof children not taking care of their business by patching their stuff. Ah, you got a Patrick. So anyways, I, I, I love this personally. A lot of times, guys, in my experience, GRC world, invulnerability management, a lot of times, if it isn't causing pain, if it's not a squeaky wheel, it's not going to get addressed, it's not going to get grease. Right, so like the C panel thing. Okay, let's just say that hosting providers did nothing. A lot of people are going to be like either not aware because they're not staying current or B, oh, we don't have time for that. We're wicked busy. Oh, it's the end of the month. I've got month end numbers. Oh, we're coming up on a big campaign. I'll get to it in June. No, because you're going to get punched in the mouth and now you've got a real problem. Okay, so I, I just, I'm a big fan. I don't know where you stand. This is a philosophical question for cyber security professionals at large. Do you support downstream or, excuse me, upstream providers or third party entities intervening in your business operations because you are too risky for yourself? There's another very well documented instance of this that happened years ago and it caused a bit of a kerfuffle. Years ago there was a massive Exchange server on prem issue and the FBI knew about it. The FBI hacked in. Okay, The FBI hacked in to several Exchange servers and patched the servers to prevent those servers from being attacked by actual criminals. And drove a lot of people wild because they're like, wait a minute, you don't have any permission or authority to come onto my machine and, and do anything, let alone fix it. Right. So FBI patches Exchange server. Dude, this is like 2020, maybe 2000. Yeah, April 2021. This was crazy at the time. This was crazy right here. Justice Department announces court authorized effort to disroy. Yeah, you can go check it out. I mean it was, it was, it was bananas. So anyways, you tell me, where do you stand on that? Are you willing to have some, some pain? By the way, you're gonna have to explain. I just wanted to let you know it'll give you a great out. Because if there's downtime you can be like, oh, the hosting provider did it. You're not going to tell your boss? Oh, like I was dragging my feet not patching this massive C panel zero day that was out there. So they, they intervene because I'm terrible at my job. Nope, you're just gonna say, oh, no, the hosting provider did something. I'll get on the phone with them and get it sorted out.

A

British Cyber Agency warns again, this is

B

why you tune into the Daily Cyber Threat Brief, because you're not getting insights like that on a normal RSS feed. And this is, this show is too hot, too hot for tv.

A

Looming patch wave due to speedy AI flaw discovery. In a story somewhat related to the previous, the Chief Technology Officer at the National Cybersecurity center in the uk, Ollie Whitehouse, said in a blog post, the use of AI tools by sufficiently skilled and knowledgeable individuals is increasing the likelihood that vulnerabilities will be identified and exploited at scale. He encouraged all organizations to prepare now for when a patch wave arrives. That is a rush of software updates that will need to be applied across a technology stack already laden with technical debt.

B

All right, I mean this, I mean, I guess I'll hold this guy all. Ollie Whitehouse, CTO for the National Cybersecurity Center. I mean, I'll say this, good on him for bringing this up, but like, he's, he's, he's, he's saying what we all know, all right? So like, I don't think he's talking to us, all right? I think he's talking to the business in this instance. He's saying, as AI continues to ramp up and people are getting faster with AI, the time that you need to patch is going to go from like days to mint. Like, you're gonna have to patch asap. Oh, you gotta patch it. Ah, you gotta patch it. Okay. And this story right here, right, hot on the heels of this, a previous one, right, is an example of what he's talking about. This is the instantiation, I guess, word of the day. This is the instantiation of what this guy's talking about at scale. So this isn't a news story that you have to do anything with, but this is a news story you should listen, listen up on. And by the way, if you're looking for a conference talk or an internal to your organization talk that is going to add value insights and allow you to, I don't know, look like, like be, you know, big brain, if you will be a big brain. This one right here is hot, hot, hot, dude. The reality is most people's infrastructure. And even if you're a smaller business, okay, like, be real with yourself. You don't, you don't have to disclose this publicly in chat, but if you're an incident responder, you've probably seen this because you go into a bunch of environments. The reality is even small organizations, but large organizations got it for days, have diverse technology, meaning they have different products, different vendors. Some are coming in, some are going out. Maybe you've done mergers and acquisitions. You've got a sprawling footprint of IT infrastructure. On that IT infrastructure are applications that do different things. On top of that, you have something called technical debt. Technical debt is just like lingering barnacles in your infrastructure that's like, oh, we really should shut this down or get rid of it. But, you know, we'll get to it one day. I'm trying to think, what's a comp for technical debt for. For like, normal life? I feel like technical debt is. You know what technical debt is? Like, I don't know if this will translate. You let me know in chat, but like, I feel like your center console in your car or your glove box. If you don't have a center console for. But for me, it's the center console. My center console is full of junk. Like it's a kitchen junk drawer. It's not anything junk, trash wise, but is like a screwdriver in there, a bag of gum. You know, there's like a keychain that has a thermometer. Just. Just a bunch of crap in there. And like, I don't really need any of it, but it's also not like I shouldn't throw it away, but it's a bunch of crap. So like, if. If that's like technical debt. Right. So, like, let's just say I got something that I needed to store in my center console. I can't do it because my center console is full of crap. Say all of a sudden. I mean, it's not a perfect comparison, but that's what it is. So anyways, tldr, you've been warned. Yeah. Elliot, Matai says technical debts, the crappy shove in the closet that you say you're going to do at a yard sale. That's true. That is a good one, Elliot. I mean, the yard sales, essentially, like when you do the technical debt cleanup and stuff like that. Here, here's. Here's the final piece on this one. Because this is where technical debt comes from when, when you're gonna roll out a, a big project or something. Or even a small project. Right. Oh, hey, we're gonna go with this new vendor or. Hey, we're. We're going to. Well, like, I'll give. I mean, it's not exactly one to one, but like, we changed the title of the show from Jawjacking to Cyber Career Hotline not too long ago. Right. The second part of this show. Well, if you go to my website, it still says Jawjacking, Right? That needs to be cleaned up. But I don't have time for it. It's not a super priority. So it's just gonna be there for a minute. And it's bad, Right? So, like whenever you decide to do something new, the problem is. And this is, this is pro tip for everybody. If you're young in your. Here, this is a fact. Okay. A lot of times when you're rolling out something new or you're doing something new, everybody gets super excited about the new thing. Oh, my God, this is great. New thing. We're gonna do the new thing. It's gonna bring speed, efficiency. Oh, my God, everybody, we got shiny new things everywhere. Look at it. We got the shirts made up. Oh, they did balloons. Yeah. And then nobody wants to spend any energy or effort cleaning up the mess. Everybody wants to go to the party, have a piece of cake, blow the little sound machine or what? And then they want to leave. Dude, tell me the last party you went to where you were like, yeah, I can't wait to clean up. No, you don't do that. You have a couple slices of pizza, throw down a few sodas, and then you get the hell out of there before the end of the third period because you. You don't want to be the one cleaning up and it. That's what's up. So anyways, you've been warned. You got technical debt and it's gonna be a problem. Hello, Computer, computer, bro.

A

Huge thanks to our sponsor, Vanta. Risk and regulation ramping up and customers expect proof of security just to do business. Vanta's automation brings compliance, risk and customer trust together on one AI powered platform. So whether you're prepping for a SoC2 or running an enterprise GRC program, Vanta keeps you secure and keeps your deals moving. Learn more@vanta.com CISO that is V A N T A.com CISO

B

all right, we've got a banger for you. All right, guys, it's the mid roll. Sonny Allen. J Smooth. Let's check in on you. J Smooth. Sunny Allen. How's the show so far? You enjoying yourself? Let Us know in the chat. Thank you to the stream sponsors again. Threat Locker Anti Siphon Flare. Remember there are links in the description of the show. If you want to support the channel, go check out the sponsors. You don't have to donate money or do anything like that. You just go click on them, check them out. I, I stand by these companies. By the way, every single day of the week has a special segment and as I teased at the beginning of the show, we have a heater for you guys. The Simply Cyber Community Member of the Week is every Monday I get an opportunity to feature one member of the community who is, you know, just awesome contributing and we had a lot of great options this week. Very excited to share a bunch. But J. Smooth says Ghost. I don't know what that means. Oh, Jay Smooth says he always watches. You're not a first timer, J. Smooth. All right guys. The Simply Cyber Community Member of the Week segment is sponsored by Threat Locker Threat Rocker who takes a deny by default approach to cyber security. Why does, why do they sponsor this and why do I tell you? Number one, Threat Locker is big on community and engaging. They really like what the Simply Cyber Community is doing. On top of that I get to give the, they give me money and I turn around and give it to the Community Member of the Week. So I give the Simply Cyber Community Member of the Week a hundred dollar Amazon gift card every single Monday. So that's $5,200 a year that we're doing. Great cash, homie and I. I know that this member has been featured before, but I've got something hot to share with you guys. Your Simply Cyber Community Member of the Week is. DJ B Sec. Now DJ B Sec Ben Cheryl is a long time mod of the channel Ben's been with Simply Cyber for. Ben, how long has it been man? Five years. He's, he's a, he's a cyber security professional. Came up on the networking side but he's a business leader now. So he's got one hand in the technical world, one hand in the leadership world. And dude, over the week he's been working on this for a minute but over the weekend we, I, I messaged him and I was like, dude, can you help solve this problem and get ready for this people? Hopefully there's no sensitive information in this. Ben Cheryl, DJ Ben B. Has developed a official CPE solution. So guys, what does this mean? We're going to be rolling this out probably this week. You will be able to sign up and at the end of the month, every month you will be emailed an official certificate showing your CPEs for the month. So like for the month of April, this is Ben's certificate. This will be rolling out. It'll be free to everybody. You will get an email with the cert. So if you've been wanting to get your CPE game improved. I know someone messaged me over the weekend about comptias giving them a hard time. This is coming. This is what I'm talking about. This is so freaking sick. And this is a contribution to the simply Cyber community, to all of you, a gift from this guy right here. So DJ B sec, thank you so very much. Now for everybody else, let's look at Ben and do our La la la la. Name. All right, all right, all right, all right. G Cosmic cowboys pulling Ben's leg saying that this is a rigged. But dude tell. I'm telling you, this is like hands down slam dunks community member. All right, let's finish strong.

A

Nearly every Linux system built since 2017 vulnerable to copy fail flaw security researchers at theory that is T H E O R I are informing admins of a newly discovered security flaw that has been hiding in the Linux operating system for nearly a decade. The CVE numbered flaw is named copy fail and the researchers found it using an AI powered scanning tool called Xint code. The bug allows anyone with a basic account on an affected computer to seize full administrative control. It also works as an escape route from cloud containers, meaning a compromised application running inside a supposedly isolated environment can break out and take control of the entire host server, which is a major risk given the cloud industry's dependence on Linux distributions. This bug also affects every major Linux distribution released since 2017, including Ubuntu, Red Hat, Enterprise Linux, Amazon Linux and SUSE susc. These are the systems running the majority of the world's servers and cloud infrastructure theory said quote the floor resulted from three separate individually unremarkable changes to the Linux kernel of made in 2011, 2015 and 2017. And no one, quote, recognized the danger created by their combination for nearly a decade, end quote.

B

Nobody saw the connections until I did. I'm telling you dudes, like, listen, it's gonna, it's gonna, it's gonna be. Hold on. What does this say? Nash Data Dragon says is that certificate real or AI? I don't know if that's a real question. I mean, it's a real ser. Like the CPES is going to be a real thing. You'll. You'll have to put your name in and your email address and Then you'll be emailed once a month. All right, so here's the guy guys, here's the thing. When we talk about disruption in the market or whatever, like AI is more disruptive than I, I may be more disruptive than like electricity or the Internet. Like it's, it's, it is so disrupt. Actually you know what, Honestly the only like to put this on par. Do you know where I put AI as far as a disruptive technology goes? What gunpowder did to, to military like that is the level of impact that AI is. We, we're, we're going to go through this like you know, storm phase where AI is going to discover all sorts of bugs that are old and a human just wouldn't have found them. Literally a bug that is takes part of something done in 2011, 2015, 2017 and then saw the connection between all of them and can result in system takeover. That's bananas. As I would always say, guys like use AI. Like I know we're all using AI as our individual little agents or whatever, but like these, these tools to kind of scan code bases is huge. Now if you're running Linux as a server to support your business, you're not going to like I don't think you would roll your own Linux instance, right? No one's really doing that unless you're hardcore nerd. But like hopefully for any code that you're working on or have in your environment, you're using these scanners. You'd hope that these Linux foundations, Red Hat, Debian, etc are scanning their source code builds for the next instances. I don't know who found this bug. Obviously it sounds like a good guy found it versus a criminal, but how do we patch this thing? So the question is this looks really bad. Okay, that's the tldr. This looks really bad. So there's two stories here. Number one is this particular issue is this affect me and what do I have to do about it? Number two is the larger picture of vulnerability discovery in the modern time with AI. I gotta tell you guys, this is absolutely going to disrupt the way bug bounties work, the way that responsible disclosure works, the way that vulnerability management works. AI is expeditiously increasing the time from discovery to remediation. And if you don't do it, you are absolutely going to get punched in the throat. Believe that. Also if you have. I had a dream, okay of having a CVE on my resume. I, I, if I want to really do it, I have to move in the next probably three to six months Because AI is going to find all the low hanging fruit and then it's just going to be high, difficult to get to fruit. And I'm not climbing a tree to get to that fruit. You know what I mean? So if you're interested in security research, bug bounties or you want a cv, I would move quickly because this is happening. Now as far as this particular bug, a lot of people run Linux for critical infrastructure in your organization. So let's look at how, how this bug. How do like what do we. Whenever there's a bug like this, the question is what does it affect me and how bad is it? And then what do I need to do? And then when do I need to do it? That's kind of the playbook right there. Number one. Does this even affect me? Yes. No. If yes, go to next. If yes, how bad is it? Is it. Is it not a big deal? I'm fine. Frigate. We'll just do it normally. It is big deal. Then go to next. How do I, how do I patch it? And then it, you know, once it's fixed, how do I. Have I been compromised already? Like go threat hunting? Okay, so let's look at this thing. Here's the. Where's my. Oh my God. Bruh. Here is the link to the blog post with all the, all the details. Let me see. There is a patch. You have to patch the kernel. Update your distributor's kernel package. Major distribution should ship out. Okay. Ah, you got a patch it. All right. I. I would say since you're doing a major version of the kernel, you do not want to do this. Monday at 8:48am Definitely do this in a responsible patching way. Maybe like make a clone of your. Hopefully you already have it, right? Some type of instance of your main Linux servers or whatever. Patch those, make sure they work and then swap them into production if you can. Or schedule downtime tonight. Either way, not good. AI found it. Oh, how do you exploit this? That's another thing. Like see the entire exploits a short Python script using standard library modules. No compile payloads. The writer bypasses the VSS path. All right, so. This is a privilege escalation bug. Really quickly. This is another thing to give accountability to privilege. Escalation means that they have to be on the box already so the chances of exploitation are less high. This isn't like an unauthenticated remote code execution, which means you don't have to shut down everything like it's a job site. And John Taffer just showed up from Bar Rescue But I would prioritize getting this patch sooner than later.

A

Google revamps bug bounties.

B

Oh, they.

A

In what seems to be a theme for this newscast, this is a major overhaul of the company's vulnerability reward programs for Android and Chrome due to the way AI tools are reshaping the field of vulnerability discovery transforming. I literally just said the nature of security research, bro. Android bounties are rising to $1.5 million while Chrome payouts are dropping. The new goal is to, quote, incentivize actionable reports, vulnerability submissions that include concrete, proof, feasible exploit demonstrations, and ideally suggested fixes. End quote. Trellix confirmed.

B

All right, again, I don't. I don't research or prep for the show. Just so everybody knows. Right? I've said it before and I'll. I'll continue to say it. Google revamps Bug Bounty program. This is cool. Android rewards rise. Which I didn't have that on my bingo card because you would think that it would go down because they're like, oh, we have AI doing it all now, but nope. But Chrome payouts drop, right? So I guess Android OS is getting targeted more. The Chrome stuff, they're figuring they can do it themselves. What's the deal? All right, so over the past few years, Gen AI has revolutionized bug hunting. Yes, I do want to point out it is hurt. Gen AI bug hunting has hurt the industry as well. And if you didn't know this because AI, oh my God, what are these things? Because AI is. A lot of slopes is being submitted to bug bounty platforms. So like, bug bounty platforms are getting inundated by a bunch of trash submissions because people who don't know what they're doing just point AI at something, hit run, and then they copy and paste the output and submit it as a bug, thinking that they found like a easy money button glitch or an easy money glitch in the matrix. So bug bounty platforms are actually being inundated with overwhelming amount of trash submission. So it actually is not. It's a problem too. All right, let's see what Google says. Google says that it's necessary to evolve the bounty program from a focus on quantity towards quality. All right, look at. Dude, I literally don't research or prep for this. Like, we're doing it. This is very, like meta, right? Very inception. Like, I'm like, I'm predicting the next sentence, for Christ's sakes. Over the past few years, AI, automation, whatever. What are the. What's the new goal is to incentivize actionable reports. You know, What I could see the program priorities. High vulnerability with high user impact. The top reward is a zero click exploit for the pixels. Titan M security chip for a million dollars. Okay. Dude, a million bucks. Sick. So sick. Great cash, homie. Here's what I think is gonna happen. I bet you Google and other bug bounty platforms start. I don't want to say penalizing, but like, if you're a. A user account that's constantly submitting slop, or you have like 50 submissions that all are not real submissions, that they like shadow ban you or something like that, or like, I. I don't know. I think that they're gonna. That's the only way that they could kind of manage that. But hey, the good news is bug bounties are going up. So if you're interested in, you know, what is the word I'm looking for? Freelance work. Being your own boss, you know? Right. Going hard into the paint. Well, then, bug bounty. You can make a million bucks on a zero day. No guarantees, but, you know.

A

Source code breach. The cybersecurity company has announced a breach that, quote, enabled unauthorized access to a portion of its source code, end quote. Spokespeople for the company did not disclose the exact nature of the data that may have been accessed by the attackers, but state that there are no indications that its source code has been affected or exploited. The company also did not share details about who may be behind this incident and for how long the attackers had access to its systems. Trellix is owned by Symphony Technology Group and was founded in January 2022 following the merger of McAfee Enterprise and FireEye. Goodbye, Jeeves.

B

McAfee and McAfee and FireEye merged. I didn't know that. Did you know that? Huh? All right, so I. I don't even know what Trellix does. I mean, I've heard of it. What do they do here? All right, so this isn't good for anyone using Trellix. There's nothing really. There's no story here. Okay. Says they identified a compromise of the source code. Repo. So here's the deal. If you don't use Trellix, this is a nothing burger for you. Number two, if you are using Trellix, then you may like. Obviously Trellix is going to do damage control on this one. They are likely. You know, they say they haven't seen any exploitation or anything. Here's the deal. When you have the source code of a product, you can take AI and run through it. Find. Find vulnerabilities. Right? Right. Then you Find them, then write exploits. And now anyone that's got a Trellix instance you could exploit. If those things all prove true, which is why it's scary to have access to the Trix source code. Okay. Also, Trix could be taken a little bit of a dookie in their pants because technically, if you have the source code, you could spin up a similar company that does the same thing Trellix does and you instantly have a product, a working product. Now obviously there could be lawyers involved in that and you'd have to be really into wanting to start a business like that and deal with all that heartache. But if you saw years ago Twitch had its source code compromised and then a platform called Kik showed up on the scene, it looks a lot like Twitch. All right, so it has happened in the past. There is precedence. I also want to point out, if you are using Trellix, this is something that you may not know. If you're like looking to break into industry or you are junior analyst. Like you're not dealing with budget and licensing and provisioning and crap like that. A lot of times you will sign up for like three year contracts if it's a large enough product or you know, a year. Like typically it's multi year though. So like you might have Trellix right now and you can't even get off the platform because you're, you're in bed with it, you're, you're invested in it. Like you could pull out. It's like five, it's like waving a baseball player off your team. Like the contract's there, you're gonna pay them, right? Or like in the football, when they trade away a player and then like the team that traded them away is, is paying the salary. I mean, this is a really deep cut, but this is a shout out from my friend Mike. It's like Theo Ratcliffe's expiring contract in the NBA like 30 years ago. TLDR, this isn't good for Trellix. I know that they say that there's been no problems, but any threat actor that gets the source code, they're not instantly going to weaponize it. They're probably going to sell it or they're going to do analysis on it to find bugs and then write exploits and sell those or they're going to straight exploit, figure out who's using it, etc. So stay tuned for this one. Honestly, this Trellix one's gonna probably be quiet for a while and then pop up. If you want to get your bingo card Ready. What I would argue is this C panel one where there was ransomware being deployed and like 44,000 different people, if I had to guess. We will hear stories about this ransom, like the. The fallout from the C panel exploitation. Before we hear anything about trellix source

A

code, ask.com closes down. Oh, do you remember Ask Jeeves? It was a search tool that was launched in 1996.

B

Get your koolaid man.

A

Which question and answer service. Somewhat similar to today's AI tools. However, its friendly style got quickly overshadowed by the rise of Google and its own search tool. IAC, the company that acquired Ask Jeeves in 2005, soon dropped the Jeeves moniker, using just ask.com instead. By 2010, the scaling back had begun. A message on the ask.com website. Now, as IAC continues to sharpen its focus, we have made the decision to discontinue our search business, which includes ask.com. after 25 years of answering the world's questions, ask.com officially closed on May 1, 2026.

B

All right. Hey, you youngs. Obviously, everybody get your Kool Aid man out. If you're a squad member, the Kool Aid man is what you want. This is what the Internet looked like in 96. All right, this was hot. He had like a little butler. Dude, this is, this is a perfect example of how, like, Ax Jeeves was a fine product. I used it. But, dude, the money behind Yahoo and Google was too much and, And Google's algorithm was too good. That Ash Jeeves just got crushed. It was almost like the cuteness of Jeeves kind of went away. I'm telling you guys, sometimes it's not the best product that wins. It's the best product that gets marketed and has a good experience, dare I say. I guys, I mean, if you want to take it back, if you want to, if you want to win a pub trivia contest, this is where it was at. Oh, yeah, dude, come on now. Get on this. This is what the Internet looked like in 1994. AltaVista, the most powerful and useful. It literally says the most powerful and useful guide to the Net. Dude, we were netizens. We were on the information superhighway, the Net. Look how. Aw. I mean, this was like, considered, like, really good, by the way. So anyways, it's just a fun little thing. Shout out to Ash Jeeves. I. You know, I, I don't know, like, I wouldn't have bought it, but it sounds like ask.com might become available soon, though. Just say it. All right, guys. All right. Everybody, that was the Simply Cyber Daily Cyber Threat Brief podcast. Sunny Allen, did you have a good time? Let me know, J. Smooth. Let me know. First timers, thanks for coming. Thanks for coming out, y'. All. This was May the fourth be with you, episode 1124. 1124. We've been doing this show for over a thousand episodes every weekday morning. Put your. Put that into context. That's crazy. Three, four years in a row, you guys show up. Love it, love it, love it. Don't go anywhere because we're about to drop the Cyber Career Hotline. It's a hidden show. It is a Easter egg for everybody. If you looking to get answers to your cyber security career career questions, I'm here for you. Let's do it. I'm Dr. Gerald Oer. This is the Cyber Career Hotline. If you're building a career in cyber security, this show is for you. Let's get into it. Hey, what's up, everybody? This is Jerry Guy coming to you with the Cyber Career Hotline. Phone lines are open. Drop your questions in chat with a Q, and I will answer them. Some of you might be coming from the Simply Cyber Daily Cyber Threat Brief, hosted by that nerd, Dr. Gerald Ozier. Oh, my God. Calm down about your Ulta Vista bra. Ain't nobody got time for that. But in all seriousness, it's me. Hope you guys have a. A good show. I'm here for you. Put them in chat. I hope everyone had a great weekend. Did an escape room with the family. That was fun. Love my family. All right, let's keep cooking here. All right, if you have a question, put it in chat with a Q. Hold on one second. Jay. Crypto. Here we go. I had Chat GPT create a script to test whether my Linux machines. Hold on, hold on. I. I like. I need, like, legit glasses that work. These are just blue blocker ones. The. My eyes are trash. Now, hold on. The joke's on you. I actually bought glasses that look the same, but they're actually prescription. All right, here we go. I had Chat GBT create a script today to test whether my Linux machines are vulnerable to the copy fail V. How well do you think AI does with this use case? I think it's. It could be pretty good. Sean Sailors. I mean, if you take in all the information. Remember, I feel like AI is very sycophant. Like, so, like, it'll tell you, hey, this works. I think if you give it enough information about the bug, it'll work. What I would say is I would validate the test works by having a vulnerable version of the machine run the script, confirm that it gives you a true positive finding. Then patch the machine and rerun the script and confirm it gives you a true positive that the vulner, the machine is not vulnerable. And then I would have confidence in it. That's what I would do. All right, continuing to look through chat here. Thoughts on hiding work experience from LinkedIn to reduce exposure? I don't, I don't know. Mad Galactic. I wouldn't do it. I mean LinkedIn is like become. If you're going to be shopping yourself for a job in the market, I wouldn't hide your work experience on LinkedIn. You can. What you could do if you're worried about OPSEC. You could just put like, hey, like 2010 to 2015. You could say you worked at Verizon and then you could say experience redacted, available upon request. Right? So you could make it so if someone really wanted that information, they could follow up with you. But you are capturing that you were employed and maybe the role you had. But for me, I put everything there because I want people to find me. I want all of those details to work in my favor from a search engine optimization perspective. All right. Oh, good. A bunch of questions coming in. Hold on one second. I gotta, I gotta flag all these questions. Hold on one second. All right. People are correcting me. Ryan says true negative. Yep, True negative. You know what I'm saying? Just basically run the script to make sure it works in both instances. Here we go. We got a bunch of questions coming in. Gibby or Gib what? Says at a phone interview Thursday, I told I was the number one on the director's list. Waited for, waiting for our IT team, Zoom to be scheduled. Advice for that one. I mean, it's a vibe check, I guess. A couple pieces of advice. Gib, what number one, HR doesn't know anything about it, so don't ask any questions about it. Related stuff. Hr, you want to ask questions about like performance reviews, PTO policy, tuition assistance, stuff like that. The I T team is going to be a vibe check because you're probably going to be working with them. I'd be prepared to answer the question. Tell me about yourself. I'd be prepared to answer the question like, why do you want to work here? I would show up early. I would be, I would be ready if it's on Zoom, you know, look good, of course, have your camera going and everything like that. Do not use AI to cheat. Good luck, man. On the, on the Interview. What's the business continuity plan for new CPE format? Do you advise we continue doing the screen? Yeah, for sure. Fred, do the, do the screenshots until further notice. Comp. Someone messaged me yesterday that COMPTIA pushed back and said that that wasn't acceptable. I mean I would argue like what, what. I don't know. To me that's like somebody at Comptia just being pissy about it like. So anyways, we're gonna try to get it in place this week. FRED ON so keep doing it. By the way, you can get 120cpes a year by doing the show daily. So. Which is more than enough. So even if we implement it June 1, that's still 60 CPEs available for the year. So that's more than enough. Okay. Do you think the AI vuln apocalypse might result in huge blow to open source software which often isn't maintained to commercial standards? I don't. I mean it depends on what you mean by a huge blow to open source software. What I would argue is I think open source software is going to have a lot of vulnerabilities. We're gonna, we're gonna deal with a lot of supply chain related findings and attacks and stuff like that. My only hope is that we can use AI to remediate the code faster. I know a lot of AIs can do GitHub, repos, pull requests, etc like that. So I'm hoping that we, we as developers, we as open source community people can move at the same speed using AI. By the way, quick, quick audio check. I've been trying to keep this microphone a good four or five inches away from my, my mouth thinking that it would sound better. Let me know if this sounds better. I speak loudly, I peak constantly and I just have a habit. I'm used to keeping the microphone right on my face. So let me know what you guys think, please. I'm trying to make the audio better. Dominic says. Hey Jerry, got my incident handler from Sans. Do you think CPS from top cybernetic now will work for cpe? I. I don't know. Here's the deal. For any organization that has CPE requirements, you have to go check the policy. It's very easy. Every, every certification body will have a policy. So SANS CPE policy. Just Google the name of the org and then CPE policy. Look, Here is the Sans one showing you all the information. Okay, look, I'm just doing this really quickly. So it doesn't look like it would apply to Sans technically. So according to The SANS CP information that like going to an instructor led webinar. Going to go. Going to any professional webinar is not going to qualify because SANS prerequisites that it has to be a SANS webcast. Honestly, whatever. Like, to me, that's sans monopolizing their content. Saying like, oh, you can't go to someone else's webcast and have account. You have to go to a Sanskrit webcast, which is ours, so we can continue to market to you. So I mean, whatever. I guess sans is. Would argue that they can make sure. They can make sure that the quality of the webcast is appropriate. Okay, so Jesse says keep it closer. Jesse is qualified audio engineer as a man who has told roadies what to do. Also a man who knows what backpack beers are. All right, guys, Continuing. Oh, thanks, guys. A lot of people commenting on the audio. Some say it sounds good, some say no issues. Some say it sounds the same. Elliot Matai says deep radio voice. Hey, what's up? This is Jerry Wolfman Jack coming to you live. All right, so I'll just keep it closer. Pocket Pixel says I want to learn cyber policy. What should I take? I mean, I don't really. Okay, so I don't really think you need a path for cyber security policy. Hold on, let me see. NIST Special Pub writing policy. There's probably a special pub on this one. Hold on one second. 800 series security. I got you. Pocket Pixel. Hold on, let's see. You know what? I guess foreign. Let's see. I feel like there isn't a path necessarily. What I would say. Pocket Pixel is the NIST 800 series. 853. Right. Hold on, I'm gonna check out NIST 853 Special Pub. Okay. Every control family within the NIST 853 has a dash one. So like AC1, RA1, SC1. And all of those are the policy and the procedure controls. They explain. All of them are the same. They explain what should be in a policy for federal systems. That's a great start. You can Google cybersecurity policy templates and you'll get a whole bunch of examples. Basically, there isn't a path necessarily. And also, I don't think you're going to get a whole job, role or career out of just policy. Policy is part of a GRC analyst workflow. Policy is good if you're like general counsel legal at an organization. All you really want to know is what is the purpose of the policy, who does it apply to, what is the policy, and what happens if you don't follow it, that's it. All right. Continuing to look through chat. All right, So if you have a question, put it in chat. Dominic says thanks, Jerry. My pleasure. I love doing the cyber career hotline. I love it, dude. I'm a fan. Come on now. Look at this. This guy, this guy, huh? Miami's hot, hot, hot. All right. Oh, my God. Ryan Treadwell, first time watcher. Welcome to the party. Ryan Treadwell. Guys, can we at Ryan Treadwell. Welcome to the party, pal. Ryan Treadwell. You're about to get John McLean. Boom, baby. Fun question for chat. While we're answering questions, what's the first website you remember going to? Throw it in the Wayback Machine? First website you remember going to. I feel like. And don't count aol. I feel like geo. Like Yahoo was the first website I ever went to. Maybe altavista. If you work in IT OT and have a cisp. Do you think it's worth getting the G I CSP cert from sans? Let me see what the GI CSP is. Global Industrial Cyber Security Professional cert. You know what? Honestly, I don't know the value. Here's what I'll give you. Two answers. Michael Ray Guitar number one, any cert, I don't care what it is. It could be, you know, the G I, G I CSP today, it could be the X, Y, Z tomorrow, right? Like a cert that came out next year. Look at the cert and see what the market is asking for. Are there open job roles asking for that certification that is going to tell you whether or not the market cares about that cert? Now, the cert, even if the market's not asking that cert, can help differentiate you from other candidates. So it's not that it's worthless, but if no one's asking for it, it probably means no one. It's either not a great cert or no one's familiar with it. So even when you have it on your resume, people are like, okay, great. Now CISP has huge market presence. That's going to do a lot of heavy lifting for you in my opinion because industrial control system, security and OT is a very niche area with a very small, tight knit community of practitioners. What I would argue is I would get that cert, but I would also. I don't know if it's tied to a course, a sans course or not, but I think you may get more value from going to like the ic, like going to Don Weber's Sans ICS course. Talking to Don Weber, talking To Tom Van Norman talking to Rob Lee, talking to Mike Holcomb, talking to these ICS OT practitioners and networking that way. So if, if you. It says you already work in that space, so maybe you know these people. But I'm thinking from a flex, a career flexibility and a marketability of yourself. So in the final, final thing I'll say about this, and this is a fact, you guys take this to the bank, okay? If you're paying for it, Michael, I, I would pass on it, unless it's going to definitely get you a job if your employer is paying for it. I take it a hundred out of a hundred times every single time. If your employer is paying for it. Get that. That's part of your compensation package as far as I'm concerned. All right, next question. This is Cyber Career Hotline. We're answering all your questions. Don't be shy. I don't understand, Tasha. What are you talking about? Jay Smooth had a question about who wears a uniform. So I'm gonna take a. A guess at this. If you are active military US Mil. If you're an active US Military member and you want to identify publicly on stream, drop it in chat. I think that's what Tasha's asking for. All right, continuing to look through chat. Is Mike a condenser or dynamic mic? I don't know. This is like, I don't know enough about this stuff. So I just buy the. I try to buy the best. I try to buy the best hardware, even if it's more expensive than I really want. That way I, I can protect myself from myself. I believe this is the. Sure. SM7B. It is. So whatever. This is Roswell UK. It is a. It's a legendary dynamic microphone. So it's a dynamic microphone. Okay. And that's just something you guys should know as about the show. Like, when it comes to hardware, like AV production hardware, I just buy the most expensive thing. Not the most expensive thing, but I buy high end to, To. To make sure it's good. Do you have any recommendations for anyone trying to make connections in the States for hardware security? Asking for a friend. Yeah, Phil Stafford. I would get connected with Matt Brown and I would get connected with Daniel Lowry. Those guys do hardware security. In fact, wait a minute. I don't know if Phil Stafford is like my hype man, but let's check this out. This is simply Cyrus YouTube channel. Today is May 4th. May 7th is this day, this Thursday. And wouldn't you know, Matt Brown as if Phil Stafford had willed it into existence. Matt Brown is going to be my guest on Simply Cyber Firesides. This guy is fire when it comes to hardware hacking. He's a great educator. He's got a great YouTube channel. He works as an IOT OT pen tester. And Phil Stafford, do you know who can answer the question that you just asked better than anyone I know? Matt Brown. Phil, bring this question on Thursday at 4:30pm and I guarantee you get a great answer. I'm gonna drop a link to this, but I'm gonna be the first one to like it. Kind of pathetic on my part, but that's okay. Phil, here is the live stream. I just tagged you on the stream. All right, let's keep going. This is Cyber Career Hotline, by the way. I hope you guys are getting value. We do this every single day at 9:00am Eastern time, if you didn't know. We don't promote the Cyber Career Hotline. We don't talk about it. It is a hidden Easter egg. It's buried after the daily Cyber threat brief. But it is huge value. Get your questions answered. Come on down. Join Jesse Johnson, AKA the Cosmic Cowboy, tomorrow. Tuesday. Yahoo was the first one. Netscape. Oh, yeah, Netscape. Hey, Jerry. I'm getting my bachelor's in cyber still in my early in my career. Awesome. I want to get education out the way as soon as possible. Should I get a master's or something else? All right, so what I will tell you da original. So I'm not kind of sure how to say your name, but here's what I would say. If you can get a M.A. all right, here's what I would recommend. This is. This is a tough. This is a tough one, okay? If you stay in academia and just go get your master's degree and come out to market two years from now, I don't think you're going to be in a better position than you are now. I don't think the master's degree is going to tip the scales when you're early in your career. When you're later in your career, Master's degree can be a differentiator on you getting the director or manager role versus another person. But for early in your career, the Master's isn't going to make a difference now, especially because practical experience is more valuable than degrees. Now, I got master's degrees while I was in my career. Right? So night school, if you can get your Masters, while getting the professional experience, that's a force multiplier. All right? If you can get someone else to pay for your Masters, definitely take advantage of that I had my masters. I did not have my masters paid for, I paid for my master's degrees. But I will tell you, you choose your own adventure. What I did, what I did is I, I love cyber security. I love cyber security. I love, I'm a lifelong learner. So what I did is I got two master's degrees and a PhD while working full time and having a family that's not for everybody. I made a lot of sacrifices. A lot of sacrifices. I don't get to go out and hang out with my friends very often. I played Magic the Gathering on Saturday, today, Saturday this week for four. And that's like insane. I don't, I, like, I had to make a lot of sacrifices to go to school full time and work full time. So it's not for everybody. But I'm a big, I'm a big fan of like investing heavily and then getting the dividends later on. So like I'm big, like, so 2026 Jerry is like super set up because 2012 Jerry made a, made a ton of sacrifices to invest in 2026 Jerry. So I, I, I invested in myself and made sacrifices. Again, it's not for everybody. But the, the final TLDR for your answer is I think practical experience will get you more value in the next two years than a master's degree. Except for the things that I just pointed out. Good, good. Looking through chat here. Hoppies, plushies, first timer here. Welcome to the party. Welcome to the party. I want to know if you do an ISO 27001 course. I ISA from Ireland. No, I would say so. Listen, my GRC analyst master class is kind of cert body agnostic. Will the simply Cyber GRC Analyst master class would make you effective to do that role? But it's not going to teach you about ISO 27001. It teaches you how to be a GRC analyst practically. Here's how, here's what auditing is, here's how to do it. Here's what risk is, here's how to do it. Here's what awareness training is, here's how to do it. Here's what policy is. Here is how to do it. Like, it's not in, it's not. I didn't build the course to be like, take this course, be an ISO 27001 lead implementer. So for those reasons, I, I would say I, I don't offer an ISO 27001 course because I don't really know that standard and I don't feel Confident saying that you could get that role with just my course. Ooh, Lycos Ross the boss. I forgot about Lycos msn. That was a huge one. Oh, my God. Guys, really quick, really quick. This isn't for everybody either, but I gotta share this with you. Holy Jesus. This weekend I did a little bit of extra for myself. I watched this movie again, this isn't for everybody and definitely not suitable for children. Holy crap, dude. This movie's on Netflix. Sisu. Oh, my God. I'll just put it this way. This is a unbelievable action movie. The guy, this guy right here has zero lines in the movie and it is just an absolute dial in. It's Mad Max meets Gladiator. Me. Like, it's just so good. So give that a shot. Quick, quick, quick. Promotion if you can, if you. If you've been able to withstand the death by a thousand cuts that Netflix has been doing. Ooh, Cleveland Free Net was the first website here. Pretty good. All right. Hey, Harish, what do you think about someone who's thinking of getting PMP and cyber security failed? Good question. I have the pmp or I have, I mean, I had it. I haven't maintained it, Harish. It never helped me get a job. What I will say is the PMP was good as far as, like the learning of what the PMP is. There's, there's a ton of things in PMP you'll never use, but there's a lot in PMP that highlights like best practices and expectations and stuff. So I, I think it's good. You're going to do a lot of projects in cyber security, like new project rollouts and, you know, acquisitions and stuff. So I, I think it, honestly, I don't think it gives you a benefit as far as it's on your resume and it makes you more valuable. Although it will have some value from a practitioner perspective, I found it helped me be a better practitioner. Also, if you want to, like, go up the ranks and start being a manager or a more of a project lead, understanding how PMP works is important because basically it's going to give you the ability to understand communication. Like that racy matrix is in there, timing, scheduling, Gantt charts, all that stuff. So. Hey, Harish, if you can comment back in chat, let me know if that helped that answer. Let me know. We're at 9:29. Just a few more minutes here. All right. Continuing to look through chat. I'm about eight minutes behind. Ooh, Kathy Chambers is in the chat. What's up, Kathy? Good to see you. I'm doing the speed run now. Lightning round. I'm looking to get into management role. Do you think pmp, A lot of PMP today? Yeah, I think PMP would be good to help you with management. The CI, the ISACA CISM is great if you want to work in cyber security management. Continuing to look through chat, chat, chat, chat, chat, chat. All right. What is slm? I don't know. It doesn't sound familiar. Who said that? I'm gonna just Google it. SLM acronym. Small language model. Okay. Sounds like it's small language model. All right. Continuing to look through chat for questions. Thanks everybody for being here today. What would be something to add when I asked about me? Should I talk hobby? Oh, my God. Christian Fernandez. I got. Listen, Christian Fernandez, let me give you the best answer to this question. Like I. I can give you the answer, but I'm gonna give you a better answer right now. Watch this. Oh, by the way, by the way, right now on YouTube. Look at this. See the. Do you see the confetti? Look at this. Do you guys see the confetti? Watch this. Do you see that confetti? This video is number one on my channel right now. Sock analyst interview. This. This video is blowing up. People are really, really loving it. So if you're doing soc analyst interviews and you want to get real feedback from a hiring manager, this video is for you. Just go to simply cyber YouTube channel or here. I'll just drop a link in chat. I don't even know why I'm making it hard on you guys. And I'm sure Christian's like, jerry, what the hell does this have to do with my question? I'm getting there. Look at this, Christian. I'm about to take this to a whole new level, dude. I met with this guy, bow tie security guy. Bow tie security guy right here. And he answered this question perfectly. Bow tie security guy does job interviews all the time. Look it, I'm just gonna. Here's. Listen, here's the transcript. I'm gonna copy the transcript out. I recommend you do the same thing. I'm going to drop a link to this. Okay. Who asked this question? Christian. Oh, crap. I can't. I'll give you a quick, like a quick dirty answer, But just take the transcript for this and ask the an AI. Look at this transcript and tell me what Robert said about answering the what about me question. Robert. Robert has a formula. Robert has, like a formula you can just follow. It's awesome. But basically, you may want to add a little Bit of hobby, but basic, what you're supposed to say is keep it to 90 seconds. Talk about a couple like two, three core strengths that you have related to the job and what in like where you are in your career journey. Right. So like, oh, you know, like for me it's like, oh, tell me a little bit about yourself. Well, I'm a 20 plus year seasoned cyber security practitioner. I'm big on GRC. Did the CISO build programs from scratch, fix programs that were broken? I mostly work within the NIST cyber security framework because I think it's one of the best frameworks. Unless it's an immature program, then I'm going to do CIS 18, you know, on the side. I'm actually huge. Well, I'm also faculty at the Citadel Military College, which allows me to talk to all sorts of different young individuals. So it gives me great perspective on users that are younger and not savvy. So it keeps me dialed into the younger generation. And in my spare time I run Simply Cyber, a YouTube channel that's focused on cyber secure education where I engage with like minded professionals, helping understand and do a daily cyber threat brief so I can stay current. Like that's a perfect answer of Tell me about yourself. What, what they don't want to hear is, well, I was born in North Carolina, but then I, I moved to Massachusetts because my dad, my dad was from Massachusetts, my mom was from North Carolina, but then my mom wanted to get away from her mom, so we moved up there. That's where I went to school. So, and I, I ended up going to UMass Amherst for my undergraduate degree. And then I live in Charleston now, but I didn't live there, I lived in Massachusetts. But my girlfriend, who, who's, who's now my wife, she's younger than me so I had to wait for her to graduate UMass Amherst, but then we lived together and, but then we moved to Charleston and, and, and you know, and I love cyber security. I've got some home projects that I'm working on. Like that question's awful that, I mean that answer is awful that I just gave you. It's all true stuff, but the person interviewing you doesn't give a damn about that or plus you've just told them that you don't know how to communicate well because you're not, you're not like speaking to the audience and understanding that. So hopefully that answers your question. All right, I really got to get out. Come on. Speed round. Looking to get an assistant to the eso. Do you think yeah, so I already answered that. PMP is going to help you with that. CISM is going to help you with that. Continuing to look through chat. Jerry, do you think you were going to see Cecil the movie and end up lol? That's funny, Dude. These glasses are made for reading documents, not really looking up at a stream. Oh, All right. Continuing to look through chat. I feel like a jerk if I ask you to put Q in chat and I don't answer it. So. Okay, it looks like I caught up to everybody. Guys, everybody have a great day. I hope you enjoyed the crap out of the stream. I'm Jerry from Simply Cyber. Have a wonderful Monday. Quick, quick. Shout out. I just realized this. We have something that I forgot to tell everybody about. Classic me, guys. Tomorrow at 1pm Eastern Time. Tomorrow, 1pm Eastern Time. We are doing a one hour practical hands on webinar with Jessica Hyde. If you don't know Jessica Hyde, she is an absolute tour de force in the digital forensic space. And if you want to learn how to parse unsupported third party apps on mobile devices, I know that's a niche thing, but wouldn't it be awesome to add that skill to your resume since other people aren't going to have it? Jessica Hyde, who is a delight is going to come on. She's going to lead a one hour webinar. Free to join, go to Simply Cyber IO schedule and I guarantee you look right here, grab this link, sign up, you'll get a calendar invite. It'll be good. Chris Young says. Are we going to be able to reserve a pop up talk at Simply Cyber Con unknown at this time, Chris. The. The schedule hasn't been developed fully yet. All right guys, I'm Jerry from Simply Cyber. This has been Cyber Career hotline. Have a wonderful Monday everybody and until next time, stay secure. Thank you.