A

All right. Good morning everybody. Welcome to the party. This is Simply Cyber's Daily Cyber Threat Brief podcast. November 26th, Thanksgiving Eve. It's a Wednesday worldwide Wednesday. If you're looking to stay current on the top cyber security news stories of the day while engaging with an active, supportive chat who is full of practitioners sharing tips, tricks and techniques and ultimately leveling you up as a practitioner today, transactionally and in your long term career goals strategically. Well then you're in the right place because that's what we're doing every single day here at 8am Eastern time. It's the Simply Cyber Daily Cyber threat brief with Dr. Gerald Oer. We're off and running on this beautiful Wednesday morning. What up everybody? Good morning. I hope you guys are doing well, crushing this week. You know, I felt like this week was going to go slow because a lot of people are on holiday, but we're at work and surprisingly this thing is slip sliding like it's a slip and slide circa 1983. Getting it all greased up and we're off and running. Can't wait. Excited for tomorrow? I do have a poll question for the community later on about tomorrow's show, but I'll leave that as a teaser. A little retention trick as we call it in the biz. Guys, every single day we go through these top cyber stories of the day. I have no idea what they are. I am your host, but I'm also a 20 year plus practitioner in the cyber security space. I love cyber security. So no matter what stories come up, I am able to navigate and handle them. But I just want you to know this show is, we're going to figure it out together. Nobody got time for that. I don't have time to research and prep beforehand. I got, I got things going on back in the main home there. Right. You know what I mean? Every single episode of the Daily Cyber Threat Brief, including this one. Ad tech Phil Stafford, Jenny Housley and the mod crew, quadruple B8001. Good morning to you too. Love the sunrise, guys. Every episode is worth half a cpe. So say what's up in chat, grab a screenshot, include the show name because not the Daily Cyber Threat Brief, but like on YouTube you can see it says episode whatever. And the date, November 26th, that's what's going on. It looked like it said 10 12, which I feel like we've done 1012 a few times. So we might have a indexing issue on the back end. We'll get, we'll get to the bottom of that. But ultimately when you type what's up? You'll see your name right above me like Steve Young. Good to see you this morning. Steve Kishan. Info second here, Mara Levy. As always on the reg, just say what's up? If today's your first episode, we typically have a couple first timers every single episode. If today's your first episode, welcome to the party, pal. This is all about good times up in this mother trucker and I hope you stay with us. But if you would, if you would say hashtag firsttimer in chat, just type it in there like a hashtag first timer. I'll demonstrate really quickly. First timer, boom. Tough acting. 10 acting just like that. You've got your first timer in there and then we will welcome you because it's not to call you out and point at you and be like, hey, new kid. It's much more like, hey, welcome to the party. We want you to feel welcome in here. And because of that we have a special sound effect and a special emote. Yeah, I think so too. Elliot Mati. We'll call it episode 1013. Okay, we don't have AI doing all the things yet we do have humans doing things. So sometimes some issues pop up. No big deal. We'll get through it. All right, guys, every single day of the week has a special segment and typically we visit that segment at the mid roll. But on Wednesday we do worldwide Wednesday to show how amazing this community is. And we do it by going around the world in two minutes and I highlight a map of the world and show you. And guess what, spoiler alert. We basically get worldwide coverage. Three, three out of four weeks of the month, right? Like 75 of the time. I do want to say shout out to the Australian contingent. There's always one of you that stays up. I don't know if you guys like have a rotation going like your third shift sock or something, but there's always one Australian who hangs out and waits for it. Says here and then they bust out of there and go to bed. But before we do it, I gotta say shout out and thank you. You know what's up, Marcus Kyler. That was such a early reference. I gotta say what's up? To the stream sponsors, those who enable me to bring this show to you every single day in all of its capacities. First stream sponsor, Joe Hudson. I'm just kidding. But I just love Joe Hudson. And every time I put this Joe Hudson shirt on, I gotta say what's up to my boy Joe Hudson. Keeping it real, guys. I Do want to say shout out to Flair Academy. Flair. Go to Simply Cyber IO Flare. Hold on, let me, let me do this really quickly. H. Oh my God. HTTPs:// colon, slash, slash. Simply cyber IO flare. Check it out. Here is the business proposition, guys. They have unbelievable cyber threat intelligence analysts doing all sorts of threat intel and dark web stuff. Like they have their finger on the pulse of what is actually happening in the cyber threat actor community. It's dangerous stuff what they do. Okay, so like don't. This isn't. We're not making light of it. And every month they get together and they provide an amazing two hour webinar. Just a couple days ago they had deep dive into identity and access management around active directory and entra id. Well come on down, come on down and check this out. They're doing a retrospective. 2025 State of the Dark Web. This is literally, if you want to know what your. The pulses of the dark web and the cyber threat actor underground community, this is it. It's only one hour. I'm going to be. Well, hold on. December 11th, 11:00am Let me see if I can be. I would like to be there. I. I love these like debriefs over the year. You know what I mean? Like to me they're always super valuable. I'm looking at my calendar right now. 12-11-11am Con. Oh no. I will be here. Yes sir. All right. I'll be there. I'm registering for this. I'm registering. So go check it out. Simply Cyber IO Flair. Look at this panel. They got four panelists. Cto, cmo, Cyber Threat Intelligence analysts. It's. It's going to be dope. I'm excited for it. Guys, I also want to say shout out to Anti Siphon Roswell uk. Good to see you buddy. Hey, really quick. Anti Siphon training is blowing out their Black Friday special. Now they are disrupting the traditional cyber security training industry by offering high quality, cutting edge education. Everyone, regardless of financial position, they are offering a special which kind of seems out of place for them because it is $1,500. But wait for it, you get a one year subscription, right? So that actually over a one year that actually spaces out. You get access to their entire course catalog. You get access to their cyber range to practice. Like look at all this stuff, dude. It's sick. What I would say is obviously if you're looking for a gift for that student, this could be kind of a higher end item. But if you have training dollars, if you have training dollars that you need to burn before the end of the year. This. This, my friend. This could make. This could fill it. So go check that out at simply anti siphon training.com Black Friday 2025. I'll put a link in the chat so it's easier for you guys. Always appreciate anti Siphon training and what they do. Let's hear from. Whoa, hold on. Whoa, whoa. Okay, we were gonna play the Threat Locker. Threat Locker ad read, but we have a double shot here. Crew squad members, if you will. Steve IK1WK. Welcome to the party, pal. He says first timer. Been listening for a couple months, though. You know what? Hey, first timer in chat. We'll take it. Welcome to the party, pal. Slow playing it. I get it, dude, a lot of people have fear of commitment. You didn't want to come out on the first day and say you were here. I got it. You wanted to test us out. Well, I hope the fact that you keep coming back months later makes me feel that we're passing the sniff test now. Not only I t. Not only I t. Check it out. I don't know if this is the exact same role, but at Simply Cybercon, Not Only it had had an interview and we were talking about it and trying to find a place for him to get quiet and. Oh, it was good. And I. I hadn't pushed any updates, but he says in chat right now. Hold on. Can I bring this up on chat? Like, forgive me for delaying this, but I. I do want. I want to bring it on stage so people can see. IT member for 42 months accepted a role as IT service coordinator yesterday. ITC took some time, but finally got it ITPM role. But back in the IT game anyways. Not only IT. Yes, sir. Yes, sir. Oh, my God. Guys, squad members. If you're a squad member, get those wrecking mall emotes in place. Congratulations. Not only it. Super, super pumped for you. Love it, love it, love it. Okay, let's hear from Threat Locker and then when we come back, it's going to be Daft Punk all in your face. And if you. If you listen, if you're wearing a hat, take it off because it's gonna get blown back. If you got a wig on equal right, your socks. Go put a second pair of socks on because they're. They're going to get blown off too. All right, let's do Threat Locker then Go around the world. I want to give some love to the Daily Cyber Threat Brief sponsor Threat Locker. Do zero day exploits and supply chain attacks. Keep you up at night. Don't worry. No more. You can harden your security with Threat Locker. Worldwide companies like JetBlue Trust Threat Locker to secure their data and keep their business operations flying high. Threat Locker takes a deny by default approach to cybersecurity and provides a full audit of every action allowed or blocked for risk management and compliance. Onboarding and operation is fully supported by their US based Cyber Hero support team. Get a free 30 day trial and learn more about how ThreatLocker can help prevent ransomware and ensure compliance. Visit threatlocker.com DailyCyber. I love it. I love it. I love it. It is the job that he was interviewing for. It's simply Cybercon. Straight dope, man. Super pumped for you. All right, guys. Every single day of the week has a special segment and this one feels right for today. About to celebrate Thanksgiving, go into a holiday. Got the coffee cooking. The retro synth wave. Background is looking pretty tight. The palm trees are in. Daft Punk is here. Guys, here's the deal. Timer is going to be set for two minutes. You call it out in chat where you are, I'll light it up. We'll see if we can go around the world. It's simple but powerful. Here we go. Texas carries first out the gates. Where we are. Where you at? Where are you at, Ross? Roswell, uk. Where you at, buddy? Where you at? Come on, let's go. Denver, Colorado. Tech grump, my man Poner Joe's up in pa. Loving that east coast love. Toupe is locked down. Nice. Steve Young coffee cup. Cheers to you, too. Let's go. Neck beard up in Pennsylvania as well. Colorado is chili face oil across the pond, bringing Ireland on stream. Love it, love it, love it. Let's cook. Utah's in the house. Philly, my man. Huntsville, Greetings from Chile. We got South America online. Yes, sir. Love it. Punta Arenas. I've been there. Dirty Jers, Jamaican me crazy. Damien Jamaica. Online we've got some Caribbean action. Milky Way. All right. Midlands, Carrie Ireland. Very nice. Buffalo, New York, let's go. Milwaukee. Mille walke. Portugal. Yes, sir. We got Europe. Mainland. Europe online. Bangladesh, Asia's in the house. Hello, Bangladesh. Thank you for coming out this morning. Kenya, Africa. Now we're just flexing. Yo, where's my Kenya? Kenya's on the right side, isn't it? All right, we're gonna cheat. We're gonna use the cheat code. There it is. Nice. Kenya's in the house. Greenville, what's up upstate? Peor Hanoi. Been there a few times. Cincinnati. Tough. Tough against the Pats the other day. Who's In Utah. Ghana. Yes, sir. We got. Ghana's in the house. Thank you. Let's go. Ghana, Bangladesh. India's here. We got India. Portugal. Yes, sir. Argentina. South America. You guys are getting cray cray this morning. Love it, love it, love it. Oh, Canada's here. Of course. All right, let's keep going. Hot. Lana's in here. South Dakota, kitchen, infosec unicorns. I love it. We got Sara Gupta in India. We got it. Finland. All right, Scandinavia is online. Let's go that Baltic Sea connection getting hot in there. Finland, Qatar. All right, Middle East, I see you. Hold on. Let's get Qatar in here. Qatar. Oh, my God, guys. Holy crap. The up. I do love those people from the upper. They talk slow, but they are impactful. Nothing wrong with talking slow. They just take their time to get to their point. I love it. I love Michigan and Michigan people. Marcus Kyler's a Michigan person. All right, Roswell, uk. I guess we'll just take it. All right. Hey, looking really quick. Back through chat. Columbia. Holy crap, dude. South America. I guess. I don't know. I guess the YouTube algorithm picked up and. And went into there. Australia. Okay, so DJ B sec saw it. All right, let's take a quick inventory, guys. We've got North America, South America for sure. I've never seen this much South America once Africa is covered. Europe covered. Asia covered. Australia covered. Ladies and gentlemen, this is what going around the world looks like at simply cyber. Super amazing supportive community. Straight crushing it like a bunch of bosses. Thank you to Marcus Kyler for developing the map for us. Thank you all of you for showing up. Tanzania coming in hot from the top rope. We'll mark it Tanzania. Yep. Okay, there we go. First time watcher from Ohio. Yes, sir. Welcome. Welcome to the party, pal. Welcome to the party, pal. Bruising hacks is here. Well, let's do it. All right. Hey, D San, 1558 D San. I hope you enjoy the crap out of the show. Guys. We have fun, we kick it, we do some fun activities, but eventually we gotta put the work in. So do me a favor, everyone sit back, relax, and let's let the cool sounds of the hot news wash over us all in an awesome wave. I'll see you guys at the mid roll. Computer, throw the Chirons up from the CISO series.

B

It's cybersecurity.

A

Thank you, computer.

B

These are the cybersecurity headlines for Wednesday, November 26, 2025. I'm Sarah Lane. SISA warns of app break ins. CISA says state backed hackers and Cyber mercenaries are breaking into Signal and WhatsApp accounts using spoofed apps, phishing malicious QR codes and zero click exploits to hijack devices belonging to high value users across the us, Europe and the Middle East. Recent campaigns include Russia aligned crews abusing signals, linked device feature and a WhatsApp zero click exploit on Samsung phones, along with spyware that impersonates popular apps.

A

All right, Steel, so it sounds like it's a full out blitz on these messaging apps. Now a couple things. Again, I don't research or prep for these shows and I'm a GRC dork. So a lot of my thoughts and perspectives are going to come from that CISO perspective and risk management perspective, which at the end of the day is why I get paid to help organizations protect themselves. So that's the value I'm trying to deliver to you guys. So check it out. Number one, to me, this clearly demonstrates, and this shouldn't come as a surprise to anyone, but this, this effectively demonstrates to me that threat actors are realizing that the messaging apps are where the critical information is, right? Obviously like databases and all email and stuff like that is important, but even the federal government, U.S. federal government came out like maybe a year ago and advised VIPs and federal officials to start using secure messaging apps for communication, thinking that that would reduce the likelihood of, of compromise of confidentiality. One of our three core security objectives, right? Security plus get your CIA triads here. Well fast forward. Everybody takes the guidance and starts using it. So now threat actors pivot. To me this is a clear indication of a modification of the threat landscape. And when you're doing your threat modeling, what you need to be thinking about and considering. So Signal and WhatsApp, they are using a variety. I would imagine that imessage and you know, like any of these other messaging apps are also in scope. Just Signal and WhatsApp are being called out specifically. And Signals a bit concerning because it is actually truly secure in the sense of its encrypting communications. We'll get to it in a second. Threat actors are using everything at their disposal. Bogus QR codes, malicious lookalike apps, technical exploitation, zero click, etc. What I would say is most of this is educating your end users, okay? Educate your end users on not falling for fishes, not installing apps on their Android phones from random places, etc. I will say that all of the compromises that they're talking about right here are related to not iPhone apps. Okay, I didn't hear anything about iPhones or the app app Store. Now if, if Someone gets your credentials, it doesn't matter. That's not a compromise or vulnerability of Apple iPhone, it's a vulnerability of you, the user giving up your cred. So be, be aware of that. But from a technical exploitation perspective it sounds like it's all Android related malicious Android apps, QR codes that take people to fake lookalike landing pages to trick them into giving up their creds. So multi factor authentication, all your things for your end users, educate them. Now the one call out that's quite concerning here is the signal app on Samsung devices having a zero click vulnerability. Now that means a couple things and by the way, zero click complete takeover. Those are like you know, five, six, seven hundred thousand dollar bullets per bullet, right? And it's not a real bullet but like the, you know the, the vendor shoots the bullet, shoots the text, takes over the phone and gives you access to it, right? So I like to think of them as like bullets because it's a one shot if you're right, if you have VIPs or you are a VIP, like congratulations VIP, it's nice to see you and you're running signal for sensitive communications and you have a Samsung phone. I mean I would be to me that that's a not I, I would stop doing it until this gets fixed. And you'll never know. It's a zero, it's a zero day, right? It's a zero click zero day. Meaning that there isn't a patch for it. Now if there is a patch for it, obviously ah, you gotta patch it, you gotta patch it. It's a bit more of an advanced solution. But let me, let me, let me put it this way guys. Whenever you are thinking through how to control, right? Because that's what we do in cybersecurity. People outside cybersecurity don't get the terminology but essentially we are trying to introduce control to manage risk. That's it, that's what a control is. Okay? Multi factor authentication, backups, door locks, those are controls. Okay? We're putting control in for me and my threat modeling. If I am a vip, which I am not, spoiler alert. Okay? But if I was a VIP or I was charged with protecting a vip, right to me, hands down, this is get them a separate phone, right? I mean it could be a Samsung, get them a separate phone, get them a separate signal user account that is not really bound to them in any way that you would know from an operational security perspective. So not like pete.hegseth@signal, right? Like, I mean that's but if it's just like, you know, 7532 ZM at Signal, right? Like it's just generic. You don't know. You could start sharing that out. So now you're, you're hiding, you know, through obscurity. You're got a dedicated device for those dedicated communication channels. That way if it does get exploited, the. The blast radius of that compromise is contained only to that with signal. You can also configure it to delete chats and conversations after a certain period of time. You can manage this risk, you remember, you cannot eliminate all risk, right? The only way to eliminate risk is to stop using cell phones in this case, or stop using messaging apps, which we're not going to do, right? So you have to accept some. So how do you manage that risk? That's the name of the game and that's how you become an absolute boss at cyber security and grc. But anyways, this is a great little story. I will say final thoughts on this one. This is kind of like an easy to package story. Like everybody can wrap their head around getting like every one of us in chat has gotten text messages, right? Let's be real. Every one of us here knows about threat actors taking over devices, right? Different levels of education here, so maybe you don't understand how it's happening, but my Aunt Dorothea knows that criminals mess with technology. Okay, this is a nice one to read, review and even, dare I say okay. And I don't typically speak this way, so grant me grace. Take my breakdown I just gave you and process it and then use it in job interviews. Steal what I just said. Think about it. Like anybody who's interviewing you is going to be able to wrap their head around this. And then your thoughts around managing risk, threat modeling, different approaches with different costs, right? Buying a separate phone and a separate signal app. There's a little bit of cost associated with it, but it's not high. The real cost is having a VIP who's used to not waiting in line at Disney World and, and getting the best ski lift tickets at Vail, having them carry two phones, having them have to switch between two different devices, having them have to communicate with somebody in a meeting here and then tell them to go to this weird oddball account over on Signal over here. That's the real burden. Can you get them to adopt it? Because honestly, they're kind of, in my experience, they can be challenging end users to have control applied to. All right, let's Keep cooking here.

B

V2 spread through blender files Morphisec researchers say that Russian threat actors are spreading the Steelsea V2 info stealer through weaponized blender files uploaded to 3D model sites like CD Trader. The files contain embedded Python that executes when Blender's Autorun feature is enabled. Pulling down a PowerShell loader that installs Steelsi and a secondary python stealer. The newest variant can steal data from more than 23 browsers, more than 100 crypto wallet extensions, 15 wallet apps, and multiple messaging and VPN clients. And many samples evade antivirus detection.

A

Wow.

B

Russia.

A

Okay, okay. Hey, Sarah Lane. Don't rush it. Damn. There's an infograph here, man. Like, let this thing breathe. I mean, we were kind of running long because of Worldwide Wednesday and the story I just went down on, but. Forgive me, but this warrants it. Yeah. What's up? Infograph. Oh, excuse me. Excuse me. I'm sorry. Like, that caught me off guard there for a minute. I do declare, Mr. Beauregard. I do have the vapors. My goodness. Okay. I'm okay. I'm okay. All right, so check it out. If you don't know what a blender file is, chances are you're absolutely not going to be exposed to this particular challenge. If I'm not mistaken, Blender files have to do with 3D printing, right? Hold on one second. Blender Studio, 3D models, 3D formatting. Okay? So if you do, like, Fortnite characters and stuff like that, that's what it is. Remember, when they. When they take a very specific file type, they're trying to reinforce and narrow down the victim population that they're going to get. Right? Exactly. Jojo Rabbit says, girl, you have me at infographic. That's right. So this is a. Kind of a cool technique for ensuring that when you. When you cast a wide net, you're casting it in the right kind of water at the right kind of depth, so you catch the right kind of fish. It's all around Python run, right? They have this blender file that's malware, essentially, running PowerShell, reaching out, pulling down second stage payloads. Honestly, guys, this is as sick as this infograph is, which is basically the reason I did it, is because of little Python logos. This is kind of fundamental commodity malware. It runs on your machine. It uses a PowerShell crate, it'll pull down second stage payloads, sets up a persistence mechanism, and steals a bunch of stuff. Yes. Welcome to the party. This is how malware works in 2025. Nice little case study. Basically, if you're. I. I would just Send a note to your, your IT team, your, your 3D, not your 3D, your IT team, your power users, people that would be doing 3D modeling and crap like that and just make them aware. Hey man, be careful where you're pulling your blender files from. It also sounds like they're, they're posting the malware on like normal sites like CGI Trader Marketplaces where you would download this. So you know, it's like putting a piece of malware in the Apple Store, a piece of malware in the Google Play Store. This is where you're supposed to go to pull stuff. So you know, educate end users that it's possible EDR solutions, you know, look for powershell cradles detonating and pulling down second stage payloads. But this is a tough one to educate an end user on because they're pulling it from where they're supposed to. Whoa, whoa, whoa, whoa. We're through with that. Geez.

B

Arrests cyber security entrepreneur for treason Russian cyber security founder Timur Killeen has been arrested on treason charges with Russian outlets reporting he may have drawn government attention after publicly attacking Max. That is the state backed messaging app set to ship pre installed on all Russian smartphones next year. Keleen said Max was insecure, ignoring major vulnerabilities and proposed an anti cyber fraud law that would criminalize disclosing security flaws.

A

All right, so okay, by the way, this is, we're not getting into political stuff, but La Mati let me know how I do on navigating this one. So in certain government constructs, when citizens begin to criticize the government and then the government disappears them, that's a form of censorship. I'm, I'm trying to only speak objectively. All right, so this guy built several cyber security tools, had a cyber startup doing pretty good and he referred to the state backed messaging app as a disgusting product. So he's just exercising what some people would call first amendment rights in the United States around his feeling of a certain product and providing evidence of that. This app is pre installed on smartphones in Russia and supports calls, chats, payments, etc. Which would also give visibility of who's doing what with whom. Right. So if you're, if you're in a authoritative regime and you're wanting complete control and visibility over all citizens interactions, both communication and financial transactions amongst each other, one way to do it is to give them an app that does all that and you have centralized control on it. Now that doesn't mean that citizens are required to use it, but I mean it Sucks that this guy's getting arrested. There's been multiple instances of this, right? Co founder of Group IB was sentenced to 14 years in a strict regime colony. This sounds like he's been, he's like given a hammer and told to break rocks until further notice. Yeah. Normal online users being penalized for online speech. A 72 year old woman got a five and a half year sentence for anti war protests. 72 year old woman, five and a half years for protesting the conflict or war in Ukraine. So yeah, guys, this is again, there's nothing for, for me for this story. This sucks for this guy and I feel for him, but the, the. There's nothing for you to do here as an individual. Okay, yeah, go, go watch Elliot matice's Simply CyberCon 2025 talk on. What was the name of the talk? I. I attended it. It was like basically like kind of analyzing geopolitics in order to get a picture of what's going on. I, I butchered the name of it. But dude, this is the. There's nothing for you to do transactionally here. The only thing you need to know here is this is what it can look like. Like this is a, this is a lever of power around citizens. Okay.

B

Hash Jack attack fools AI browsers Cato Networks says that a new indirect prompt injection.

A

Hi Mark King 7267. Good to see you.

B

Method called Hash Jack hides malicious instructions after a hash or pound sign in legitimate URLs. AI browser assistants like Copilot in Edge, Gemini in Chrome and Perplexities Common read these hidden fragments even though they never leave the client. Letting attackers turn trusted sites into vectors for data exfiltration, phishing, misinformation or harmful guidance. Google categorized the issue as low severity and intended behavior. Microsoft and Perplexity Applied fixes.

A

Thank you. So the title of Elliot's talk was when the news becomes the threat of crash course and Geopolitical awareness for cyber pros. It was good. One of the talks I attended at Simply Cybercon also attended Marcus Kyler's talk which was good. All right guys, really quick. This is a prompt injection attack. Don't sleep on this. This is a huge area of security research opportunity essentially they call it this because if you put a hash in the URL and then the command you want the AI browser to do, it'll execute it happily. So a lot of opportunity. OWASP has a top 10 AI risk thing. AI is super hot right now. If you were looking to make a splash from a personal branding perspective right now, AI all the things would be huge area of opportunity. I know Steve McMichael's been doing some AI stuff. I would like to get into some AI stuff on my vacation and yeah, go from there for the sake of time. We'll just keep on going. But I mean, to me the story here is this is a very, very low, unsophisticated, simple attack that it just the developers didn't think through how to do input validation and you're able to put a hashtag do whatever I want in the URL in the AI browser. Happily does it. For example, hashtag give me your cookies. Hashtag give me your session. Hashtag go to this website and download this thing. Hashtag install malware. Hashtag power cradle. Hashtag, you know, whatever. Like do all the things.

B

Huge thanks to our sponsor, Nobe4. Cybersecurity isn't just a tech problem. It's a human one. That is why KnowBe4's Human Risk Management platform allows you to measure, quantify and actually reduce human risk across your organization. With AI powered risk scoring, automated coaching and reporting, HRM plus helps you surface your highest risk users and reduce the risk of data breaches and cyber attacks. Proactively Ready to move from awareness to action. Request a demo of HRM plus today@nobe4.com.

A

All right, hold on. Oh my God.

B

HRM plus helps you surface your risk users and reduce the risk of data breaches.

A

We're going to do cyber sex ninjas or something.

B

Ready to move from awareness.

A

Ninja Sex Squad, whatever it was of.

B

HRM plus today at. No.

A

What was the name of that dot com? Was it Ninja Sex Squad? What was. We had a. We had a. We had a. An opportunity for Simple Minds yesterday and I don't think it flagged the copyright. Let's go. What? What is it? Oh, ninja sex party. Thank you. All right, can I just get a link to it? Oh, James McQuiggin. Did we just become best friends? Yep. Oh my God, they have. Don't Fear the Reaper. Oh, okay, hold on. James McQuiggin says heck. Oh, hold on, let me get this started. Foreign James McQuiggin says Heck. Yeah, no, before. Greetings to everyone and Happy Thanksgiving Eve. Shout out to the students. Full sail. One of which called me out last night in classes, seeing on simply Cyber Kudos. Coffee cup. Cheers to you too, James McQuiggin. Love it. Also, thanks for the super chat, James. Obviously, guys, I want to say really quickly and James McQuiggin with the gifted subs. This guy right here. If you're receiving one of the squad memberships. You have James McQuiggin at 35000ft to thank. Thank you James. Guys, hey, I want to say really quickly a couple things. Number one, thank you for being here. I, I genuinely, I was telling Mrs. Ozer earlier today like, you know, I'm kind of having a rough time getting started in the morning these last couple days and as soon as I get here and fire up the stream, you guys supercharge my battery. I feel like I went to like one of these Tesla stations and had access to the superchargers. You guys light me up. Poner Joe. Happy Thanksgiving. Team SC for life. My man. 27 months. Blue Badge guys, thank you so much. I. I want to talk really quick about, let me talk about Barricade Cyber, but then I want to address DJ B Sec and James McQuiggin. Guys, quick shout out to the stream sponsors. Again, thank you for enabling me to bring this show every day. Flair, by the way, Flair has agreed to be a 2026 sponsor. So continuing to march with them. I'm super excited. I love those people. Threat Locker, Anti Siphon and Barricade Cyber Solutions. Barricade Cyber Solutions has this amazing bi weekly webinar series called Fortify365 where they they provide practical hands on experience and education around managing an Office 3M365 environment today. Oh boy. Today at 1:00pm Eastern Time. What are you doing? Look at your calendar right now. Are you busy at one? If not, come check out this free webinar series where Eric Taylor is going to show you very practical hands on stuff around securing OneDrive and SharePoint related assets. Every single user in your M365 environment has OneDrive. Did you know that? Well, they could stick any files they want in there and it could be exposed. It could have persistent access instead of having it fall off. Guest access, retention policies, all these things. If you don't know, you don't know. So take advantage of this. Go to webinars.barricadecyber.com now and register for one o' clock today. It's free. There's no reason not to take advantage of it if you have the opportunity. Guys, thank you so very much. Really quickly I want to start a poll. So there's no show tomorrow. Technically, technically there's no show tomorrow, but DJ B Sec messaged me last night. Now granted, he did have a margarita in his system, but he was like hey listen man, I'd love to do the show tomorrow if the People want it. So would you like. And. And please answer honestly if you're gonna show up. Would you show up tomorrow if DJ B ran the show? And depending on what the community says, DJ B will run the show. Now, I will not be there. I'm. I'm taking a day. But I also want to tell everybody really quickly. And this is mostly for James McQuigan, but this applies to everybody. Many of us in chat yesterday. Code brewing, haircut fish, ZMIF. DJB. Excuse me, James McQuiggin. We're starting to play Battlefield 6 together. We're squatting up in Battlefield 6. This is a very obscure thing, but if you're interested in playing Battlefield 6 with us and hanging out or whatever, jump in the Hobbies channel on the Discord server and share your user handle for the game. I wanted to tell James and Quiggin specifically. I will text you, but I. I've already lined it up with everybody. I am. I am going hard into the paint on Battlefield 6 today. So believe that. I'm gonna pack a little. A little cooler with a couple road sodas in, and I'm gonna park it next to the couch, and I'm gonna settle in, and I'm gonna turn all the lights off, Turn the volume to max, right? Spinal Tap, turn it to 11, and I am gonna go full Matic. Battlefield 6. So if you're wanting to play. Let's. Let's boogie. All right, let's get the Lala Alpha Sierra. What's up? I don't even know where the La La Las are. Here we go. Here we go. Let it fly. Let it. Oh, it's so good. So good. I really hope that doesn't blow the copyright out, man, because I'm happy. All right, guys, let's finish strong. 98 people voted. Looks like 67 of you percent of you want it. DJ B, the community has spoken. There you go. He wants you to know that it's possible, too. CSO series doesn't run the game, so run the show tomorrow. So he will go rogue with his own stories if need be. Really quickly. Just coming up right now. DJ B, speaking of timely, what is going on here? Can we. What the. Come on, bro. You know what I hate? I hate when things don't work the way I want them to. As. As a type A psychopath. It needs to work the way I want. Really quick. DJB6 letting us know right now that there are fake Battlefield 6 pirated copies spreading aggressively. They have info stealers. C2 Persistence. All the things so if you do want to play Battlefield 6 with us, do not download malicious versions. Don't get cracked versions. Don't do it, man. Don't do it. All right, thanks, DJ B Sec for the just in time public service announcement.

B

Millions stolen in fraud schemes. The FBI says that cybercriminals have stolen more than $262 million through account takeover fraud this year, with over 5,100 complaints since January. Attackers impersonate banks and payment platforms through texts, emails, calls, spoofed links, and SEO poisoned ads, tricking victims into handing over credentials before draining accounts and moving those funds to crypto wallets. Scams also use holiday themed domains designed to trap online shoppers. Rush.

A

Okay, so this is big business, guys. If you're gonna make $260 million in scams that you're gonna keep doing it, right? Like, why would I stop? I'm making money, right? That's threat actor voice. Okay? Flaming donkey, threat. Actors are going to keep threat acting as long as it's making money. The day, the day that it makes no money is the day they move on to something else. Believe me, they're not doing this for the lulz. So, guys, this is. This is basic 101, okay? Listen, many of us are celebrating Thanksgiving tomorrow, okay? And if you live in a country that doesn't celebrate Thanksgiving, maybe you're having a nice meal with your family tomorrow. Whatever it is, Thanksgiving is the opportunity to basically educate your end. You, your end user, educate your family on these scams and be very specific. Do not listen, whatever you do, don't pull out like the murder board with the red strings going across all the things and look like a lunatic and talk about Russia and China, you know, I mean, like, just get to the point, right? Listen, those text messages about outstanding tools, they're fake. They're right. Oh, you have a package like, this is. This is what you need to tell them. Hey, listen, really quickly. Threat criminals are making hundreds of millions of dollars, period. Full stop. That's enough. They don't need to know. 262 million. Hundreds of millions means a lot of money. Second of all, they're going to be tricking you because they know you're expecting packages from Amazon. So they're going to send you a text message and say your package isn't going to be delivered till after Christmas. Click here to fix it. Don't do that. They're going to send you a message or an email talking about, you know, ridiculous over the moon savings on some type of. Thank you, Kimberly. Ridiculous. Hey Kimberly, on the index number, can you just put like, like no index number or wild card or something? Just keep it short and simple. Threat actors will regularly jump on whatever is the hottest thing right now, right? It's so hot right now that Hansel's so hot right now. The holidays are so hot right now. Big savings. Black Friday. I, I myself with Simply Cyber Academy have been sending out all sorts of Black Friday emails. By the way, 30 off all courses at Simply Cyber Academy using code BF30 until Saturday if you want to scoop it up on the discount and then take it whenever you're comfortable because we don't do subscriptions here at Simply Cyber Academy. Educate your end users. You do not listen. My, my good friend's parents got taken for five grand last Christmas falling for one of these freaking things. So it's real impact, you know, not. It didn't break them, but dude, imagine if you will. There's certainly people who, if they lost five grand would, it would ruin them, right? And ruin their holiday, ruin their Christmas, ruin their kids Christmas. Like this is a real threat. This isn't hypothetical. This is happening. And by the way, it doesn't stop, right? This is why we have a job. And you know, working in cyber security takes a certain kind of personality. This doesn't stop when the World cup comes to Atlanta and they're doing World cup everything. Expect tons of an uptick in activity around World cup fraud, related messaging or whatever it is.

B

Hackers. Target Ukrainian sister city US Firm US cybersecurity firm Arctic Wolf says Russian attackers targeted a US engineering firm this fall because it had worked with a municipality linked to a Ukrainian sister city. The attack was identified back in September. Arctic Wolf declined to name the US firm, but said the attack was carried out by the Russia aligned group RomCom, known for hitting organizations supporting Ukraine cyber attack.

A

All right. Okay, let's see. All right. So many towns around the world. Enjoy sister city relationships. Okay, okay, I'm gonna have a hot take on this one. Okay. And I, I'm not, I'm not dunking on. Okay? So for you first timer here or anyone who is like relatively new to the community, occasionally I, you know, I don't research or prep for these stories and occasionally I go off the reservation with a hot take that is not grounded in any fact based evidence. It's more of a gut thing because I'm old and I've seen a lot of crap. Okay, let me, let me break like pause the stream if you want come, you know, think about what this story Means to you. And then let's get going. Okay, here comes the hot take. Okay, this engineering firm that got attacked, maybe, maybe this engineering firm maybe is making drones or something, or there's something valuable at the engineering firm is making. Okay, outside of that, to me this is an opportunity where somebody in marketing at Arctic Wolf figured out that one of their clients operates in a city that happens to be a sister city with some city in Ukraine. And it appears that it was a Russian based hacker, possibly using Miter attack. Right. There's no way that the threat actor dropped in like, you know, evident like a picture of themselves holding a Russian flag or like, you know, please transfer into rubles or whatever. Right? In my opinion, like nobody is attacking sister cities. No one's like, oh yeah, you know what? Like Russia's take, like Russia's trying to claim parts of Ukraine. Russia's trying to reclaim physical land like they did in Crimea. Okay? That's what Russia's doing. Attacking sister cities does not align with the strategic mission. There's, there's, there's nothing about attacking sister cities. The sister city is just a friggin marketing thing. It's like a, it's like a silly goodwill, like, oh, like we share, you know, a recipe or we share like some type of memento with the mayor of each of the cities and that then, and then we put a placard up when you drive into the city that we have a sister city somewhere. That's the extent of it. There's no military value, geopolitical value, financial value for doing this. Which makes me believe that Arctic Wolf was like, oh, hey, how do we get on the front page of the news? You know what I mean? Because there's no, there's no, there's no details to it. Some firm in some city got hacked by some way. We suspect it to be Russian. And that's the end, that's the end of the details. Okay, now maybe again, this is why I put the hot take element to it because maybe, maybe this is completely wrong. Maybe I'm completely misreading this. Maybe these sister cities have deep relationships and they're championing the Ukrainian cause and, and giving a discount on drone technology because they're in the same sister city. But like, dude, have you ever heard of like, like sister cities? And then the story goes in to talk about Sentinel One and their work, which is an EDR platform. Like, so there's a ton of meat on this story that has nothing to do with the story. All right? So I hate to be that guy. Oh, Mara Levy's calling me out. Yeah. Eric Silverman says sister sees a piece of paper and handshake. Exactly. So, like, to me, there's, there's absolutely zero military or geopolitical value. So to me, it's, it's like, oh, like we can draw a line between these two. Let's, let's, let's post it. So, I don't know. Elliot, Mati, let me know in chat. Now I'm looking at chat, you guys. Let me know again. It's, it's, it's, it's our show, but occasionally I take liberties because, you know, I got two turntables and a microphone, and I got a hot take. It just pisses me off because it's like, this is, like, portrayed as some type of, like, oh, like, don't you see what's going on? Like, get clear. Connect the dots. It's a sister city. It's like, bro, calm down.

B

Emergency alert systems. The on solve code red emergency alert platform suffered a cyber attack that disrupted notifications for U.S. state and local governments, police and fire agencies. Crisis24, which operates code red, confirmed that data on names, emails, phone numbers and passwords was stolen. The Inc Ransomware gang claimed responsibility, posting screenshots of clear text passwords and offering the data for sale. The attack forced Crisis24 to rebuild the system from a backup from March, leaving some accounts missing. Corporate take.

A

Sorry, we definitely got to get a drink. Oh, we definitely got a drink here. Get a drink. Emote really quickly, D.J. i mean, haircut Fish who makes all sorts of custom memes for the channel. If you don't know, believe me, he makes all sorts of custom memes. He actually developed this one the other day, which is borderline. Oh, my God. How do I, how do I make it? How do I get it? Like, how do I. Dan, how do I make this, like, visible? Is there a URL for it or something? There's something. Oh, my God. It's very concerning. I, I, I'm sorry, guys. I have this, like, video. I don't know how to, like, show it to you, though, unfortunately. Maybe I could figure it out afterwards. It's, it's, it's basically a video of me flipping out using AI and I'm wearing the same shirt, so. So code red cyber attack disrupts emergency alert systems. Now, this is concerning because typically when there is a cyber attack on government infrastructure, emergency systems are often left untouched because they're on separate networks. But Crisis 24, I guess I never, I had no idea that state and local municipalities had a supply chain vendor that provided the emergency notification systems, which basically allows them to send the text messages. I thought, I guess this is like when you get the text message of an Amber alert or tornado coming or. I mean I get, I get them all the time here in the low country about like coastal flood warning. All right, so information was stolen from the users of the platform, which would be the state, local municipalities. It very important the passwords were compromised. Now I hate this crap. There's no information to suggest it's been published publicly. Okay, thanks. They are rebuilding their services, which is fine because the goal here is to get emergency services back up and running. The Ink ransomware group, which I haven't seen in a while, is the one taking claim for it. This is the problem. This is what I was going to get. So the passwords were the concern here. This Crisis24 company stored the passwords in clear text which if I can get this video of me losing my mind, I will show it because this is yet another like why are you storing it in clear text? You lazy. You lazy. It's not hard to. It's not hard. Like many companies have figured out how to not store clear text passwords. Now, if you're customers are advised to reset any Code Red passwords that were reused on other sites. Yep. So here's the deal. Code Red can invalidate all the passwords on their platform. So that's fine. Threat actors can't log into Code Red and use it. However, if you used a common password, which being realistic, like I'll be real with you, if I was the CISO of any of these organizations, my immediate thought is this is an emergency services system. We have multiple people working here. It's very likely a shared password and it's very likely one we have reused across many platforms that get shared by these people. So it's unlikely to be an individual password to get into your email or your bank account, but it is likely to be the same password that's being used across multiple. This is yet another reason why you don't reuse passwords and if you have to, why you must must use multi factor authentication on these accounts. So the password is only part of the solution. This is really, really bad. Again, I would advise anyone in your, in your circle, your professional network, if you work in state or local, this Code Red seems to have. Hold on code red crisis 24. You know, I guess user base size. Like I want to know how many people. 10. Okay, so you know the Quick Gemini answer here. Says it's used by over 10,000 communities nationwide. So 10,000 counties, right? Benton County, Tennessee. Wexford County, Michigan, Belmont County, Ohio. These are all in at risk right now and they probably don't even know it. So, because here's the thing, here's another problem, right, for this Code Red company, since everybody's using it as like one, one, you know, it office. Who gets the email, right? So Code Red definitely sent an email to their users saying, hey, there's been a compromise. Change your passwords. Who gets that email? It probably, if you're smart, it goes to a distribution list. If you're not smart, it goes to the person who set it up. Now, if you set this up six years ago and haircut fish work there, but now he's moved on to other things, guess what? That email's bouncing back. And unless you're attending the daily cyber threat brief, you may not know this. So enjoy the exposure. Gross.

B

Meet SonicWall firewalls. ReliaQuest reports that Akira ransomware affiliates exploited compromised SonicWall SSL VPN appliances in companies acquired through mergers and acquisitions. Attackers gained access to the acquiring firm's networks via inherited devices, then searched for privileged legacy credentials, unprotected hosts, and predictable server names. Once inside, lateral movement to domain controllers took an average of 9.3 hours, and ransomware deployment averaged under one hour. Remember to subscribe.

A

All right, so here we go. Corporate predators get more than they bargain for when they run into sonic wall firewalls. Yeah, guys, here's the tldr. You know, I like to give additional value. I like to go beyond the headlines. I have been involved with mergers and. Mergers and acquisitions. I am not. I was gonna say murders and executions. If you've seen American Psycho, you know, and if you haven't. It sounds like a completely off the rails thing for me to say, but just trust me. Let's see Paul Allen's card. Listen, guys, I have been involved with mergers and acquisitions. And you do inherit all sorts of tech debt. You inherit all sorts of ugliness. We've connected networks before that were actively infected and we didn't find out until we got it. You don't get a trial period. It's like buy as is. You have to do all this due diligence. It's kind of a big thing. And honestly, you've got to be careful. So if you are involved with an acquisition, make sure or one of the best practices you can do. This is how we did it, is put together a tiger team is what we called it. But they. We had like one application person, one cyber person, me, one IT person, and one networking person, I think it was. And we. You basically go comb through all of the crap that you're about to acquire and figure out what. What's going on and how we're going to do it. Okay, so. Oh, my God. All right, DJ B. Sex done it. For the sake of time, we're gonna keep going. But hey, this has been this. Look, here we go. This is me when it comes to. Oh, wait, hold on. When it comes to this story about the sister city and Russian attackers, MFAs and all that stuff. Here we go. Oh, my God, it is scary looking. Look at this thing. AI is out of control. I look so angry, dude. Insane. Wow, wow, wow. AI off the rails. Jesus Christ. All right, guys, here we go. Oh, yeah. Hey, we got some people in here who are been involved with mergers and acquisitions and sharing their things a hundred percent. Very nice. Roswell UK knows what I'm talking about, guys. This has been simply Cyber's daily cyber threat brief podcast. I was your host, Dr. Gerald Ozier. You first timers, I hope you had a good time and don't go too far because we got another show for you right now. It is jawjacking, a 30 minute AMA where I'll answer all your questions to the best of my ability. We got a lot to share. I'm happy you're happy. Let's get cooking. I'll see you in a minute. Ever wonder what it takes to break into cyber security? Join us every weekday for Jawjacking, where industry experts answer your burning questions about the cyber security field live, unfiltered and totally free. Let's level up together. It's time for some Jawjacking. What's up, everybody? Welcome to Jawjacking. I am your host, Jerry Guy, coming hot off the heels of that daily cyber threat brief, hosted by that absolute nerd, Dr. Gerald Ozier. Bro. Bro. Battlefield 6. Let's squat up. Nerd. Nerd, Nerd. Nerd. Nerd. Just kidding, just kidding. That's me. I'm super pumped about Battlefield 6, guys. What? If you're new here, what we do is if you have any questions, drop them in chat. I'll answer them. I have mentored and helped many, many, many people in my life. I just can't do one on ones. So this is the solution. You likely have the same question as many other people. So if I could answer it once and help many people, that fills my cups. So here we go. Where are you at, guys? I'm super pumped I'll be taking tomorrow off. DJ B Sec will be hosting the daily cyber threat brief. Note to self, I've got to get him credentials. So what's up, everybody? What. What are people doing here for. For tomorrow? We're actually one of my very, very, very close friends. I have, I have. So my wife removed from this, right? I have three guys that I am incredibly close with. Like so close that if, if, if, if one of them called me right now and said, I need you now, I would literally end the stream, walk in, tell my wife that I gotta go, and then I would drive to the airport and I would get on the first flight I could to get to them. That's like how close these dudes are to me. And, and one of them moved to the low country a couple years ago. And we're. We have kids similar age. His parents are coming to Thanksgiving. I'm very close to his parents. Like whenever I'm around in. In town where his parents are, we take his parents out to dinner. So super fun. We'll be going over there. I can't wait. Mike Andruzzi with the first question. A fun question on a holiday Wednesday. Hold on one second. I gotta scroll. Mike Andruzzi says fun question. What are you looking forward to eating tomorrow? You know, I'm not a really big fan of ham. I mean, of turkey. I don't know, man. What am I looking forward to eating to tomorrow? I do like good stuffing. I like. I know it's probably fat kid stuff here, but I love stuffing just saturated in gravy. To me, like that, that always slaps. And no matter where you go, there's usually gravy and there's usually stuffing. So that works. All right, here we go. Here comes the first question. Kathy Chambers is hosting family and having to use the interwebs for helping. Question related to cyber. Nathan, Allison says, Jerry, do you have any suggestions or experiences for securing industrial control systems? Now, I don't have experience. Falcon, with the squad membership. Thank you. I don't have experience securing industrial control systems. That's one area of cyber I've never really had to deal with. I've, I've, I've flirted on the fringes of it, but I can answer your question 100 because. Because I know there's areas that I'm not good at and I have made friends that are good at it. So the very first place I would start, Nathan, is Mike Holcomb.com and I'll drop a link in chat and tag you at Nathan. There you go start right here. Mike Holcomb. This guy, this guy right here, he's upstate. Upstate South Carolina guy. He is an absolute treasure. Okay? This guy is very kind. He. He. He built and, like, ran Greece, B Sides Greenville for a number of years. He's just recently stepping away. He has resources up the out the butt on it. OT Security. Okay? Not only that, but he's got a YouTube video. This is where you should probably spend the bulk of your time. Everybody who wants to learn it, look it. Mike's only got 19, 000 subs on YouTube, right? And he's not. He's not trying to, like, grow it, like, hardcore. He's trying to deliver value. All of this content is around otics. Now go to the playlist. I'm going to drop a link in chat for you on this one. Look at this dude. Master ot ICS Cyber Security. Osin for ics. OT Cyber. Getting started with ot. Look at this one right here. Getting started. This. This is the answer to your question, Nathan. So I'm going to drop this in chat. Code Brew knows who Mike is. Yeah, I'm very happy. Like, listen, put it this way. I'll tell you this. Mike reached out to me to keynote B sides Greenville. This year passed, and I didn't even see his message. I hadn't met Mike, and someone reached out to me and they're like, dude, Michael comes trying to get a hold of you. I'm like, who's Mike Holcomb? And I got on the. I got on the phone with this guy immediately. Best friends, right? I'm like, dude, you're awesome. And he's like, thanks, man. So. And now I've learned about him and found out more. So definitely Nathan, Allison and everybody who's interested in learning icsot, this is what's up. Continuing to look through chat, I see Poner Joe's got one. We're gonna get to that in a minute here. A lot of people saying nice things about Thanksgiving. Oh, oh, hold on really quick. In the spirit of Thanksgiving, what are you thankful for? Yeah, thank you, Poner Joe, guys. I mean, there's a lot to be thankful for. I know it sounds trite and kind of like whatever, like basic B. I'll give you, like, my. My real answer, and then I'll kind of give you an oddball one, right?

B

I'm.

A

I'm absolutely thankful for my family. You know what I mean? Like, no matter what I mean, if simply cyber imploded, I could go get a job. Like, I could provide for my family. But like, if I, if I was making millions of dollars in like, whatever, but I didn't come home to anything, I. I wouldn't. I would feel hollow, right? So for me personally, I'm not, I'm not judging anyone who chooses a different lifestyle, okay? It's just the way I'm built, dude. Seeing my wife, it just makes me smile. I love my wife. And when I, I go in and my kids, it's just, I'm very, very thankful for what I have. And, and honestly, I'm also thankful for like simply cyber. You know what I mean? Like, Kathy Chambers kind of said it the other day to me. Like, she said it tongue in cheek, but I mean, it's, it's true. So what are you gonna do? She's like, do you ever think about it that like, like, you just get to like, like for a living, you just get to do all fun things that you want to do. Like whatever you want to do, you can just do, go do. Like, that's what your job is basically. Like, you want to go talk about cyber here, there. You want to do a project here, there. You want to make content on this, that you can just do it. That is an amazing, amazing, unbelievable opportunity and one that I never thought I would ever have. I never visioned it, right? So I'm thankful for that. What are you guys thankful for? Drop it in chat. Pick one thing or pick two. It's your choice. Amish runaway says, what's your. What dessert should I take along with my family? Something I can buy because I miss the Amish gene of enjoying to cook. I mean, I, I think you can go to any grocery store and get like a fresh baked pie. Take it out of the, the white paper wrapping, stick it in a dish, put aluminum foil over it and bring it. Don't lie, don't say you baked it yourself, but make it look baked. You know what I mean? AAE says, can you go deeper into experience with mergers, acquisitions, roadblocks problems? Did you get through the background regarding remediation? Okay, so I, I will go a little deeper. Can I set a timer? Hold on. Oh, it's not gonna work. That's too bad. Hold on one second. I wonder. Give me, give me one second. Give me one second. Can I do the timer here? No. Damn it. Sorry, guys. I. We. Can I do the timer here? Oh, well, never mind. Here's the deal with, with mergers and acquisitions, the things that from a cyber security perspective you need to look at is number one, like what technology they have, obviously. But that's like low hanging fruit. The deeper in the weeds details that you got to worry about is what, what, what is the data? Right? What's the data that you're going to be ingesting and is it compatible with your current infrastructure? Maybe not. Like if, if you're buying a hospital that's running Cerner and you run Epic, what does that look like? Are you, are you just going to migrate all the data from Cerna? Epic. Good luck with that. Are you decommissioning Cerner and putting it in read only mode and then having to train all the staff on Epic? That's a huge lift and very expensive. Are you like what happens to contracts? What if the company you're acquiring just signed a five year deal with DJ B SEC Networks and, and like you're like, we have our own networking group, we don't need DJ B SEC Networks. Like are you locked into that contract? And if you are, what's that look like? Shadow it. In the merger and acquisition, are you going to be able to stick. They're definitely not gonna. Until you own them. They're not going to let you stick some type of passive network scanning device on their network to find all sorts of shadow it. What kind of, what, what kind of like unknown cloud SaaS apps are they using? Right, what else from a cyber perspective? The user accounts, right? So like these like more enterprise grade applications, like who has access to what. You're going to have to audit all that. That's a hot mess. Express also you're going to be not moving on your own schedule. It doesn't matter if you see like problems. There's a timeline of when the deal's happening and when we're cutting over and you have to align to that. Definitely become good friends. Hopefully you have good IT people, networking people, application people. I got stuck with a couple that were not the best. You know, basically kind of mailing it in like during cut overnight, which is a huge night. Going out and having a nice steak dinner and drinking a bottle of wine and then showing up to the cutover meeting. Not me, but somebody who was on the team could have done without that. So yeah, there you go. Continuing to look. All right, we got some breaking news. Royal Borough of Kensington and Chelsea and Westminster Council hit by a cyber attack. It looks like they have a shared IT system. Colin says hold on, do we have a 9:30 show? I'm gonna start. By the way, thank you for the. Jenny Housley's dropping the questions in chat. I'm going to start speed running because we have a lot of questions to cover. I want to do a ground visit for a job I applied to two weeks ago. What should I prepare for apart from the JD they stated in my credentials? I don't know what this means. Does this mean you're going to do like an in person visit instead of a, a zoom call? And then what should I prepare for apart from the job description they stated in my creds? I mean, I guess make sure you know how to get there. Make sure you understand where parking is. I'd get there a few minutes early. Be comfortable. Dress. Dress one step above what you think you need to dress as Altoids. Right? And smell good, look good. I know, I know the way you appear and smell probably shouldn't affect whether or not you get hired, but first impressions are important. Yeah, I mean I, I don't understand. I assume that this is like an in person job interview. So I mean just prepare the way you would do for any job interview. Prep, get comfortable, relax. Would it be excessive to ask for additional work from home day if I, if I already had a, a four day on site, one day with schedule? No, I, I wouldn't do that as Cole07 and I would. It depends. So there's a lot of things. I talked to Jesse Johnson about this recently. It depends on the situation, right? If you've been crushing it for a year or whatever and you've got the one day from home, I, I would, hey, I'd be like, hey, can we try two days from home? Can we try it for like a month? Give them, give them like an out so they feel like it's a trial period, right? Be like hey, I'd really like to. Or, or I mean according to Tim Ferriss and four day work week before this became normal, you could say, hey, I've got, I got somebody coming. My H VAC guy, right? Like don't lie, but figure out something that would work and say, hey, like it would like I don't want to take the day off on Tuesday, but I have to be home and can I just work from home on Tuesday? I already work from home on Thursdays or Fridays anyways and it's never been a problem. Can I just do it this one time, nail it and then maybe a week later be like, hey, you know how I worked from home the other day and it worked out perfectly. I actually got a lot more work done. Can we try for like for four weeks? Can I just work from home also on Tuesdays Just to try it out and then we can talk about it and see if it works. Kind of grease them into it. Don't just walk in and be like, I want another day off. I want another day working from home face. Doyle says, feeling thankful for this Thanksgiving for Simply Cyber. Watching the stream help me earn a plus net plus sec plus. And now he's working on Blue Teams Lab 1. My learning journey is much easier because of this. Community. Hey, community. That's a group win. Love it. Question. Suggestions for over the ear Bluetooth headphones. Dude, not even a suggestion. This is a firm like stone cold lock of the week. I, I, this is what I use. I, I run with these. I know a lot of people use these. You could still get 30% off. I use the, I use them for running and I use the. Hold on. There's this guy there. I use the one that has the band around it. Geez, let me. This isn't the one I use, but it's very similar. Hold on. I think this is the one I use. Open move. 50 bucks. Okay. And this broke and they sent me a new pair without even like really busting my chops or anything. I, I've loved Aftershocks for over the year. So go check it out. Oh, a lot of people kishing infosec. Thankful for fam and community. Roswell, uk Thankful for music. Publix has a great bakery. Harris Teeter's trash. Not a fan of having people you don't like coming over for Thanksgiving. Yep. Oh, all right. We do have two cyber checks at 9:30. Stay tuned, guys. Simply Cyber's daily. We. Hold on. We are having, if you didn't know, we're having a state of Simply Cyber show on December 19th at noon. This is, this is like the last thing I'm doing before I go on vacation. So I'm pretty pumped about it. I'll drop a link here if you want to know what is happening in 2026 for Simply Cyber. Some big, some big things happening. Okay. Very big things. Come on down. I mean, obviously you can watch it on replay, but if you're live, you can ask questions and participate. Michael says he's grateful his wife puts up with him sitting in the office for hours so he can train on cyber. That's right, guys. Takes a, it takes a lot of support, man. EK Burger Picard's thankful for his wife and his dogs and the opportunity to travel around and show the dog shows. Nice, dude. What kind of dogs you got? EK Burger. We have cocker spaniels Mara Levy's thankful for the community. So is Kathy Chambers. Steve Young's a fan of risotto. Dude, I make an like again, I try not to toot my own horn. I have a banger mushroom risotto instant pot recipe. I make it like often now that Nadine is a vegetarian. It's. It's awesome. Oh, I'm thinking about it right now. All right, Continuing to look at chat. Neckbeard says, I know it's not your field, but what pen testing direction do you think will have the biggest need in the next few years? Active directory, Wet app, ics? Ot? I think web app is a good question for Tyler Ramsby, but I would say web app simply because more and more businesses are coming out with web app. Also, you didn't mention AI as an option, but I, I would think AI would be AI. Pen testing is going to be pretty, pretty important too. Will Reed was vc. So for a company that got acquired and they put a halt on everything, they assign a multi year deal with it. Sock. Mssp. Exactly. Will Reed continuing to look at chat really quickly. All right, DJ B will be here tomorrow morning. So come check out the daily cyber threat brief tomorrow. All right people, got a boogie out of here. Continuing to look at chat right now. Great. Great vibes today, guys. Excited about Battlefield 6. All right, I see. Hold on. What the hell? Okay, I gotta schedule. I have to schedule one of those appointments that men get when they're 45. I like was supposed to do it last year. My, I went for my annual physical. My doctor's like, I noticed you skipped that. I'm like, so I gotta special that looking at Chad here, Space taco says, hey Jerry, Happy Thursday Turkey Eve. How many times have you had to help with a family related cyber incident while you were visiting the holidays? You know, surprisingly space taco less than you would think. I used to have to do a lot of I T. Support because my, my family says I do computers. What do people. Hey, when, when people talk about what you do, like when your parents talk about what you do to their friends, what do they say you do? Mine say they I do computers. Amish. Oh, wait.

B

Cool.

A

I answered all the questions. All right, let's keep going here. Faced oil. It's not that kind of appointment. Things are good at the ozier home. All right, we got two cyber chicks coming up. Two cyber tricks coming up, guys. I. If you don't know, Erica McDuffie on the left here, she's amazing. And I actually am working on a video series and I interviewed Erica as part of that series, so she'll be involved in five Simply cyber videos in 2026. I'm telling you, you definitely want to come to the state of Simply Cyber, because I'm going to talk about what's happening in 2026. There's going to be some amazing major things happening. Erica McDuffie's involved in five videos, which is sick. She's awesome. Kathy Chambers has already previewed those videos. She knows what's up. What would be a good place to hear about cloud security stuff? That's a good question. You know, there's not a lot of people that I know doing this. I think Amish. Hold on. What is. I think it's Amish. Amish. Johnny, hold on. Oh, a mitt. Is it a mit? Hold on one second. No, it's not him. God damn it. Who. Who am I thinking of? Ashish. I think it's Ashish. He's, like. He's, like, very dapper. He, like, he dresses great. His, like, his hair game is on point. Yeah, Ashish Rajan. Where is he? Here he is. Check this out. This might be a good place to get some cloud security expertise. This is Ashish Ajan. He does a cloud security podcast. Big coffee drinker. There he is right there. He's a really nice guy, too. I'll drop a link in here. He makes content. Who. Who asked that question? Cryptic Rose. Cryptic Rose isn't here anymore. They left. Oh, all right. Cloud security. There you go. Sorry, I didn't answer it quite fast enough. Can we get your mushroom risotto recipe? Oh, yeah, hold on. I'll give it to you right now. Doing my best. Doing my best Hayden Covington impression right now. I have a notion for this one. This thing is so freaking good. Check this out and I will tell you. I. I do. Can I. How can I. All right, I'll. I'll put this in some type of document or whatever, but basically, this is it right here. Okay. And I'll put the whole thing in a document. But, guys, all you have to do, like, basically all you do is you get the instapot on a saute, you throw some onions and mushrooms in there. I go way over the top on the mushrooms. And then you cook them down. Throw some white wine in there, scrape up the. The burnt bits off the bottom, little garlic, bunch of. Obviously. Well, you got to throw some risotto in there. Cook that for three, four minutes. Get it nice and toasty. Throw in your herbs, your seasoning, little broth. I use vegetable broth, but I would recommend using chicken broth and then you let it cook. Oh, it's so good. You will not be disappointed. I'd make a video, but that's like completely off brand for Simply Cyber. All right, guys, we are going to do the thing. Elliot Matice has got a banger 4 ingredient chocolate pie recipe if anyone's interested. Sounds good. I like it. All right, guys, thanks for hanging out. Thanks for the good times. It was a bit of a chill. I'll see you guys on Friday. But DJ B Sec will be here tomorrow. 50 seconds to go. I'm Jerry from Simply Cyber. Thanks for being here. Thanks for being part of the community. Enjoy tomorrow. Take a minute, look around the table. Think about how fortunate you are to be surrounded by those you love. And have a good time. Until next time, stay secure.