Microsoft Has a Bigger Security Problem Than Anyone Admits

A

We are now seeing power taking from people's houses to be put into data centers.

B

Hector Monseager was responsible for some of

A

the most notorious hacks ever committed.

B

Special agent Chris Tarbell, FBI informants participated

A

in some of the world's most infamous

B

hacks that caused up to $50 million in damages.

A

A life in the shadows, Cyber attacks on the. Welcome to Hacker in the Fed. I'm Chris Tarbell, former FBI special agent working my entire career in cyber security. And for this free episode number 132, I'm joined as always by my buddy, Hector Monstegor. Hey, Heck.

B

Hi.

A

Hey. Hector is a friend and podcast co host, but also the former black hat hacker who once faced 125 years for his many years of hacking under the code name Sabu. Our stories came together in June 2011 when I arrested Hector, but then convinced him to work with me at the FBI. Hector is now a red Teamer, researcher, cybersecurity expert, and co founder at Safeville.

B

Hey, buddy. Hey. How you doing over there? Hey.

A

Not fugazi. Not fugazi.

B

Not fugazi. Today we. The game. Today we're just gazing.

A

Okay, perfect. Speaking of that, man, we recorded a show a week ago and the Knicks have still not played any basketball.

B

Oh, no, no, no. They, they're, in fact, they play tomorrow. Well, they play Tuesday. By the time you guys hear this, it's already done and gone. But I'm excited, brother.

A

Listen, they're playing the Cavaliers, correct?

B

Yeah, they're playing the Cleveland Cavaliers, which, you know, it's going to be easy peasy. Knicks gonna walk right in and walk right out.

A

Make your prediction. 4. They're gonna do it in 4, they're gonna do it in 5, or they can do it in 6.

B

Well, listen, the Knicks like to troll its fans. It's, it's a, it's. It's a tale as old as time. Even back then, during the days of Adam and Eve, there was a Knicks game going on in the background. You know, they trolled us. Yeah. So with that being said, I'm thinking the gentleman's sweep. You know, we went four, they win one. Yeah, we'll keep it. Keep it simple.

A

So is game five. Does that put it at home or does that put it in Cleveland? I haven't done the math.

B

That's. That should be at home.

A

Okay, so that's good. Yeah, it's always nice to win at home.

B

Yeah. And you know what I'm hoping for? I'm hoping for the Spurs Knicks kind of rematch from 1999.

A

I definitely think that the NBA is hoping for it to be the Knicks in there. So they, they definitely don't want. They'd much rather have a big market team like the Knicks in there than Cleveland.

B

And you know, OKC is cool, but people are done with the flopping. They're tired of SGA jumping around and flopping around the screen. Nobody really likes that, bro. Like, you know, it's not fun. In fact, you, you'll hear from. From detractors, people that don't like the Knicks or Brunson. Our capitan Jalen Brunson. They don't like Brunson because when he came to the Knicks like that first year, he was flopping. He did the flopping thing. Cause that was working for Tims. But I think he became so embarrassed by the response even from Knicks fans, he kind of slowed that down. So yeah, you might see a flop here and there, but. But he's not doing it the way he was when he first got to the mix. So yeah, nobody wants a flop fest that. You saw what happened with the Sixers series. That was terrible. Then bead flopping around. My you Embiid is 7 and change. He's 300 something pounds. It's a big man to be flopping around like a fish. Little goldfish in the middle of the tv. Nobody wants to see that.

A

So go Nicks hot sports takes with two cyber dorks on your next episode of Hacker in the Fed.

B

Yeah, yeah. No, listen, brother, let me tell you something. I am excited. The new. The New York City is ablaze. You know what I mean? And when the city's ablaze is either something really terrible happening or it's good. In this case, it's good.

A

Excellent. That's great to hear. How's your boy doing on over at Safe Hills? Everybody getting along? Everybody doing well? I know you guys got some big, big new clients in a lot of new casework. You got. You got time for new clients. What's going on at Safe Hill?

B

Yeah, man, listen. Safill is popping, it's moving, it's grooving, it's pop lock and dropping. It's doing it drop, it's doing it hot. And I'm pretty happy with it. You know, it's. But with every startup experience and I'm showing some startup people listening today. With every startup experience, you get to. You get to go through the fun stuff of like figuring yourself out and talking to investors and talking to people and answering questions. A lot of what is business building is connecting with people. Networking, you may run into a lot of leads and a lot of them are just kicking the tires. They're curious about what it is that you're offering or to see if you can save them money. Right? It all depends on what they're looking for. And so we, I'm, I'm on calls pretty much every day. And I like it, brother. I like it because I get to hear different perspectives like, like the episode from our anonymous ciso, which I'm hoping we have an episode three coming up very soon. One of the things that, that they mentioned is that, you know, CSOs can be overwhelmed with the amount of vendors, the amount of tools that are out there. So for a startup like us, it's always like, can we get through the noise? Because there's a lot of noise. And so, yeah, it's, it's been fun. Thank you for asking. How are you doing? How's your day? How's your life?

A

I'm good. But yeah, you talk about the noise in cyber security. It drives me nuts. That's. To me, that is the worst part of cyber security is all these people that had some sort of title or one time or another was tangentially connected to cyber, and now they went out and they want to try to sell their. And they don't really know anything. I mean, people listen to you and they understand that, you know, your cybersecurity. So it's just, you know, when the, the people that show up and are just try to just use their relationships and their, their, their resume that really doesn't have shit on it, it just pisses me off that, that noise that you have to get through, you shouldn't have to like a meritocracy. People should bubble to the top. The people that are qualified, they should, they shouldn't have to go through that noise. And I don't know when you were saying that, and I, I agree with you that that's the way it is. And I just hate that. I hate that part of cybersecurity.

B

Yeah, man. I mean, it's tough. Look, think about it like this. So let's say, let's say that you are looking for, you're within, you have an interest in a certain space. Let's say it's a GRC or something, right? Governance. And you're looking for maybe some, maybe some sort of assessment, a report that crosswalks or correlates back to some framework that you're trying to follow. And so, you know, you start Googling, you're going to find you know, a thousand different companies claiming all sorts of different things for you. You have to then, you know, try to kind of weave through that massive list of companies and products and then trying to find one that works, that means a lot of phone calls, a lot of marketing material. And then the problem is, is let's say you, you, you, you whittle that down to, let's say three vendors, you do three demos, and what you realize is they look really nice, they do some of what you claim, but in most cases it's not what, what they was sold to you. So you have to be very mindful not to, not to fall prey to someone who's trying to sell you the world. Because in reality they don't have what you're looking for. They're just trying to get a sale. So my advice for everybody here is when you're looking for something, whether it's a pen test, by the way, consider safe for a pen test. But we looking for a pen test, penetration test. The cool thing with that is, is you could ask them for maybe some sort of, you know, some sample reports, try to talk to not just their sales guy, bring in some of their security staff on a call, ask them some questions about scoping and timing and, and you know, share some of your concerns with them. And based off the answers, you're going to know whether they're fugazi or not. Yeah, fugazi.

A

So, you know, we severed that topic where the people were, you know, kind of fudging numbers on places and all that.

B

Sure.

A

If I run a company and I'm not a ciso, I'm just, I'm a small, you know, to a medium sized company, but small. I don't really have a huge team and all that, but I want, I want see if I'm secure. How do I know if my pen testing people are just, you know, giving me a clean bill of health, but it's not real or you know, whether they're just with me like, and again, I'm not trying to sound like commercially here. I honestly want to like the audience to know because we do have a lot of listeners that, you know, they have, you know, 10 to 12 person company and don't have a robust cyber security team, but they want, they're here to learn more about that sort of stuff and they just believe the, their vendor, you know, that, that okay, I got a test, they gave me this piece of paper and it's got, you know, 12 green lights and two orange lights and they say fix these two orange lights. How do I know if that's real or not?

B

Yeah, I mean that, that's a tough one. This is why a lot of the bigger companies, they'll hire multiple vendors, do the same job and then based off of that. And of course for a small company that's, that's almost impossible. Yeah, but for those bigger companies, then they kind of weed out the those that are, are not legitimate or those that are not producing what they're saying they are producing. And then they kind of make an educated decision. Now for the companies that are smaller in nature, right. It's low revenue, maybe a couple of healthcare offices, et cetera. Then for them is trust. And they usually get that through networking. They'll see what people are saying on LinkedIn or Twitter about that company. They're reading reviews, even though reviews, you gotta be careful because some of those are also fabricated, right?

A

Yeah, a lot of them, AI generated

B

a lot of it, but a lot of it you could get, you could deal with at, you know, networking and going to conferences. But hey, for example, if they're in the health care industry and it goes like a health care conference and they'll speak to some of the, you know, mid sized, maybe bigger than dumb health care companies. Hey, by the way, what do you guys do for pen test those conversations? Let me tell you, they are valuable as hell, you know, because you're going to find some, some, some gems in the rough for sure.

A

So word of mouth, you know, I've always, I always thought the same way. When you're trying to wife up, you're trying to find, you're to trying. You want word of mouth, some recommendation. Oh yeah, I had her.

B

Yeah, she's pretty nice. You know, she's got a low body count. We good?

A

So, yeah, I don't know if that's the correct way, but maybe, who knows? Who knows? I've only wifed up one time, so maybe I'm not an expert at it.

B

That is true. That's a good point.

A

All right, brother, you ready to get involved in the show?

B

Let's get Crackalacka, baby.

A

So first on Foxcomm, the largest electronics manufacturer in the world has been hit by nitrogen Ransomware group. The Nitrogen Ransomware group claimed responsibility for breaching Foxconn, the world's largest contract electronics manufacturer that produces iPhones and iPads, Kindles, Nintendo switches, Xbox devices, components for Apples and Nvidia, Google, Dell, intel, all of them, all the big ones. Allegedly a theft of 8 terabytes, over 11 million files of confidential documents. Internal project instructions, technical drawings, schematics. The attack impacted some of North American's factories, including a Wisconsin site, and caused temporary production outage. Foxconn has confirmed the cyber attack, but has not verified the data theft or the ransomware details. So another ransomware hit. We just keep seeing these. How do they keep happening?

B

Heck. Well, you know what? As much as I, you know, I will go out there and say, listen, things are improving. Companies are getting better at defending themselves. The harsh reality is that unless you have a 24 hour security team and you have people watching your logs and folks looking for all sorts of external threats, then you have people looking for internal threats. Right? Insider threats. The reality is that it's difficult. Security is not easy whatsoever. We saw that recently with that fiasco over there,

A

that.

B

What was that? That conference that President Trump did, that there was a one guy that ran in shooting.

A

Oh, the White House Correspondence Center.

B

Yeah, the White House. That's a great example. You remember, you watched the video. The video shows and the video is ridiculous. You see a bunch of armed guards, and I'm assuming Secret Service people standing around and the homeboy just runs through them with his gun. You know, you would think he would have been stopped earlier, maybe outside the building with a freaking gun, but no, he ran all the way in. Now, it doesn't mean he got any closer to President Trump, which we know none of us want, but he made it into the building. That's a great, I would say, juxtaposition. When you're looking at cybersecurity. All they need is that initial entry with all the guards and all the tools that you have, once that person's able to get in. Now it's a matter of how far they can get. And if those guards hadn't reacted, he probably would have got to the dinner, right? You don't want that. So when you see a ransomware like this, it's. It means that that person, you know, yeah, they got in. They got in and did what they had to do. Now what's cool, though, is that a company like Foxconn, they're so massive, they've been attacked by everybody. In fact, during my days in Anonymous, they were a target. I'm sure you remember that. Foxconn has been a target for a long time. And so I am, I am almost certain I'm going to. This is me guessing because I don't know anyone at Foxconn, but I'm almost certain that they have a pretty strong security team and they likely caught this and. Or have Some sort of resilience. Otherwise they would just be offline. And those factors are not offline.

A

What do you mean they caught this? I mean, if again, it's alleged they've only seen samples online, but it's alleging that they took eight terabytes of data. That's. I don't think that's exactly catching it. Maybe a couple gigs here and there go out the window, but 8 terabytes going out the door, that's crazy.

B

Yeah, you're right. They didn't catch it early enough. But 8 terabytes out of a business that's creating iPhone products for over a decade, they're going back to 2010 or whatever. They have created Nintendo switches and everything else. I promise you, they have way more than eight terabytes of data within the organization. Yeah, right. So clearly they got stopped at some point. The adversary did it could have been sooner, that would have been great. But it is what it is.

A

Yeah. I mean, so again, we don't know the attack vector here. You know, the Foxconn has confirmed that the cyber attack happened. And then on top, you put on top of it that we know that the ransomware, the nitrogen ransomware, typically uses malvertizing or, you know, poisoning Google and Bing ads. How difficult is it to protect against that? You know, shouldn't most of these systems be checking that sort of traffic?

B

You would hope so, right? Because you look at a company like this, I'm sure that they have, you know, NDRs or some sort of firewall that's watching outbound traffic. You would hope that's one. And what about the endpoints, the EDRs? The EDR should be able to pick this stuff up. Right? By the way, NDRs and EDRs for you guys that forgot. So, Network Detection and Response and Endpoint Detected Response. These are software that are created for this exact purpose to catch these potential bad actors in movements and tracking anomalous behavior. But here's the problem, Chris. As much as you and I have been enjoying AI, especially more recently, AI is also helping the adversaries come up with some really clever tricks. Some of the payloads that I've seen are so ridiculous that, yes, I think a human could have discovered this stuff. I think a human could have absolutely kind of leverage these kind of tips and tricks, these techniques. But it's also possible that these frontier models and even offline models could have helped these adversaries put together these crazy payloads. We're definitely seeing AI having an impact for both the defensive and offensive.

A

While we're talking about this. You know, the school hack that we talked about last week after we recorded the show? I saw that they had in a pain. What are your thoughts and feelings on the pain?

B

Well, you and I both know. Well, you, you know, you know how I feel, which is I'm very much, you know, Bush Jr. Man, you know, you don't negotiate with terrorists. He convinced me back in 2001, and I'm still convinced in 2026. You know, once you start paying or every time you pay these adversaries, what's going to end up happening is you're perpetuating the problem. You just gave them X amount of millions of dollars that they're going to use to hit another cannabis so they might hit you up again.

A

Makes them stronger, who knows?

B

Makes them stronger because now they have access to more resources. They have access to buy shit. I was reading on Twitter, you know, there's a whole argument on Twitter about our discussion. Right. There's some discourse around it. Let me not exaggerate too much. You know, I tend to exaggerate a little bit. My bad. Yeah, I got, I got to slow that down. But it was a whole conversation on Twitter about Chinese researchers using kind of like the Chinese ebay alternative. And they're buying access to Claude and OpenAI for like 95% discount. So what is that? How is that possible? So you have these guys who are brokering with OpenAI and Claude Anthropic, and who knows how they're getting these tokens, whether it's like they're buying it with like legitimate credit cards, they're buying with stolen credit cards, they're buying these tokens with stolen accounts. And then what they're doing is they're proxying all the requests to Anthropic and OpenAI through like a middleman proxy. So these Chinese researchers are sending all these requests to anthropic at a 95% discount, and they're getting their responses able to do work. And the fraction of the course as the American counterparts, this is what we're seeing now. You take an adversarial group like this, these guys, these guys that committed this, that did the Shiny Hunters, that did the Cannabis Act. Yeah, let's say you got $20 million out of that. Okay, now go on, telegram and you buy yourself $100,000 worth of stolen credit cards, and then you set up this proxy network for tokens. Then the article go, the. The topic goes on Twitter. Yo, did you know that you could buy anthropic tokens for 95% off. All you gotta do is sign up for this website. But guess what? Now Shiny Hunters are seeing all the tokenization, all the token traffic between the researchers, which could be American employees trying to save a few bucks. And now it's proxying through the Shiny Hunters infrastructure. They're seeing everything going back and forth. Right. And everybody's happy. That's all it takes is a few bucks investment. And are you able to hijack all that sense of information for pennies on a dollar?

A

But it's not new. I mean, it's been done like that for years.

B

Yeah. This is nothing new. Yeah. If it wasn't. If it wasn't like AI API tokens for anthropic at 95% off, then it would be. It would be something else. It would be proxies. Proxies was a big, you know, thing. You could buy a thousand residential proxies for like five bucks a month, $9 a month. You're like, holy shit, this is amazing. Guess what? They're seeing your traffic. Guess what? They know what you're doing.

A

Do you think, like. Do you think it's going to be used against them? Do you think they're going to use that as the tool for law enforcement to fight? Figure out who these guys are?

B

You know, maybe it's the FBI proxying all these fucking tokens. Who knows? Who knows? Nobody knows.

A

I hope so.

B

Well, you know, listen, I don't want to go into them, right? I want to get whacked. But I tell you one thing, though. I tell you one thing. There's a lot of craziness happening. And when going back to canvas, I understand where. Where structure is coming from. I get it. I understand it. You have 9,000 university customers that are affected by this. A ton of different students are affected by this. I get it. You paid it. You dealt with the consequences of your inaction. I get it. Let's try to improve moving forward. And let's use this as a lesson for companies to kind of like avoid this from happening again. And you know how you do that? Resilience. Cyber resilience. Backups, backups. Offline backups. Fuck it. Go buy a tapeware for ebay. You know what I mean? Start somewhere. Somewhere is better than nothing. Somewhere is better than this.

A

What's the resistance like? We've been saying this since we started this podcast. Why are people resisting this?

B

The same bullshit is always in Puerto Rico. We call it la llora, the crying. Crying about this, Chris. Money. If I gotta buy a tape drive, I Gotta buy another one as a backup to the backup. And then now we got to buy tapes, then we got to store the tapes. Now we got an overhead of $20,000 a month for like a storage. And then who's going to manage the tapes? Who's going to do all that work? Now we got to hire somebody for that. It's 80,000 extra. So you multiply, you multiply that by two. Okay? So now it's going to cost us $200,000 to have safe, secure off site backups if we manage it. It's money, Chris. They don't want to spend that, but they'll spend $20 million on a fucking ransomware payment. Help me understand that one I can't

A

understand with the downtime and all that.

B

With the downtime, with the embarrassment of the defacement. Now everybody's looking at you. I promise you that there's a percentage of those 9,000 universities that were affected by that hack that said, fuck these guys, I'm out of here. You know that.

A

Let's hope they're just getting more powerful the more money we put in their pocket. So.

B

Yep.

A

So Twin brothers wiped 96 government databases minutes after being fired. So twin brothers out of Virginia, previously convicted in 2015 on wire fraud and computer crimes, were fired in February of 2025 from, what is it? Was it OPEX? OPEXUS. Minutes after being lingering Admin used as admin access to issue a SQL drop database command deleting approximately 96 US government databases which included DHS. And then they exfiltrated 1,805 EEOC files to USB and federal tax data of approximately 450 people. The brothers discussed action in real time and attempted log clearing and wiped and reinstalled work laptops so little exceeding authorized access on these guys.

B

You know what pisses me off about this story, guys?

A

What's that?

B

And Chris, these guys had a chance, they made a mistake in 2015. You know, that's 11 years ago. They got hit for computer crimes, computer crimes and wire fraud, whatever that means. Wire fraud to me is like so freaking broad. I'm assuming they stole some funds or something, right?

A

No, they just moved stolen money, that's all it is.

B

Oh, gotcha.

A

The reason wire fraud is it carries 20 years with it. It's, it's a heavy hook on it and if you just move stolen money from one place to another, it's, it's, it's, it's one of those catch all crimes.

B

Well, they obviously, they obviously got some downward departure because they didn't do no 20 years. Obviously they came out early and then they cleaned up their lives and they got a really good job. This is a good job. You know, you're working with a federal contractor, they put you to work. Obviously they were talented. And they fucked it up all over again. They screwed it up all over again. You know, 11 years later, they just repeated history. And that pisses me off because as you know, I'm somebody that made mistakes in the past and I'm really happy for where, where I'm at. And I had a. It took me years to rebuild. There's a lot of people, Chris, that I know, they're former adversaries that still can't get a job. They still can't reform properly.

A

What is. They can't reform at all. You like, they can't do it or no one gives them a chance.

B

They haven't got a chance. You know, and remember a lot of these guys, they might be super awesome and dope. Technical, right? Technically. But you know what? They usually miss the social aspect. The fact that you and I can have a conversation about our families, about the dog. It's all about history, the politics. Some of these guys can't do that. They're anti social. They bomb interviews because they don't know how to deal with, with the interviewer. They're highly technical, but on a human level it's just not working. And then you got these.

A

So these guys were given that second chance. I'm sure they knew about the conviction. They worked their way up and got access to these, these very sensitive databases and all that. Does it just piss you off that, you know, this ruins it for other people that are going to be in that position in the future that they're not going to be given a second chance? People are going to hear this story and be like, fuck that. If someone's been convicted of a computer crime, you can't trust them after that.

B

That's exactly right. You know, and you know, and it's, it's terrible because there's people that need those chances. There's people that are out there that I know make mistakes and enforce these computer crimes. Computer crimes are still crimes nonetheless, but still, like there's enough opportunity for them to kind of rebuild and give back to the community. And these guys just shit all over that, bro. And considering that they wiped out databases for the government, I'm sure you gotta do some real time. I'm not sure what the conviction is on this, but it's destructive in nature. I can't assume they'll do a two year minimum. Like, that's crazy.

A

Not a second conviction. A second conviction. This, this is going to be a hard one.

B

Yeah. So they might, they might get that original 20. Right.

A

So, you know, the thing about it is, and I, maybe I'm talking my ass because I don't commit crime. I've never really committed crime, you know, So I, I'm, I kind of, I'm looking for your perspective. It feels really personal to walk up somebody with a knife or a gun and give me your money.

B

Yeah.

A

On a keyboard, when you move some money from one place to another and then it's in your pocket and all that, it's not as personal. Right? Like, you don't, you don't see that connection? It's not as, it's not as difficult to do. Correct. I mean, again, I know you've never committed a violent crime. You've never pulled a gun or a knife on anybody. That. But, but like what you did, you, you did steals from people. You, you did take from people. Like, what kept you from going to that next level and crossing that line? Like, was, is it personal? Was it, does it not feel like a crime when you're doing things on a computer?

B

Yeah, I think you hit it on the head. At least for me. I can't speak for all former hackers or whatever, but for me, I'm like, hey, you know, I just hacked it to a server and I stole some files. Okay, cool. It is what it is. What's the worst case scenario? Nobody's gonna get fired over this. Nobody's gonna get hurt over this. You know? So for me, it felt like, yeah, this is like, it's not completely victimless, but this is closest to a victimless crime as possible. Nobody's really gonna get hurt from this. I've yet to have anybody come up to me and be like, hey man, because of your stupid hack, I got fired. But it, it does have mean though, it didn't happen, right? Yeah, that was me back then. Assuming that. Nah, it's a computer crime. Who cares? Oh, there's consequences, man. There's shit that happens as a result. And going back to your question and to provide a direct answer. Yeah. In terms of like human, human to human empathy or whatever. I'm like, it's like, eh, it's all right. They'll just rebuild the server. These guys though, I think that it's different the first time. You could, you could say, well, you know what? They didn't, they felt the same way. As Hector and they were like, ah, whatever.

A

They're young.

B

Yeah, they're young. They're the 20s, early 20s. Yeah. But the second time they knew exactly what they were doing. They were destructive.

A

Yeah. Especially after being convicted of a federal felony, you know, earlier. They, they know the consequence of these actions.

B

Yeah, well, I guess, I guess they like that prison life. And let me tell you guys something, that prison life sucks.

A

Well, I mean, I can't tell you. I mean a good web defacement is funny.

B

Yeah, yeah, it's funny. But you don't see those no more. Right. Those web defacements already a thing anymore.

A

No, you don't. I miss them. I miss, I miss the old days, you know that.

B

Yeah, same here. Not gonna.

A

So the gentlemen Ransomware group as a service operation, they emerged in the mid-2025 and rapidly scaled to become the number two most active ransomware as a service in early 2026. Approximately 332 victims published on the data leak site in the first five months. Well, the group's internal rocket backend database leaked on May 4 and the data was sold on May 5 for US$10,000 in bitcoins, exposing tox IDs, chats, ransom negotiations tools and victim data. Real world Examples include the April 2026 breach of the UK software consultancy. And so what, did you go through any of these logs? Did you see any of this stuff?

B

Yeah, no, this is, I saw some of it. Here's what, here's my take these guys, they blew up pretty quickly because they were a much bigger team. It wasn't like three guys. They had like a whole squadron of people working with them to kind of do these ransomware attacks. Right. And so yeah, when you have a much bigger team, you're able to kind of go deeper and faster. Right.

A

You know.

B

No, no on time raise on that one there guys. But they were able to kind of, you know, expand pretty quickly. In fact, I think they were number two on like the ransomware live or whatever in terms of impacts.

A

Sure.

B

And compromises. Right. The problem is when you have a big group like that even look at laws like most likely had six people and like four of them, you know, started talking to somebody, you know, even before I got arrested, these dudes were talking for free. But it was inevitable. And from what I saw, a lot of those guys are getting doxed like live on Twitter like right now. Their identities, their pictures, they're not going to last so long.

A

No. It definitely seems like Checkpoint did some research on this and sharing it with the. The law enforcement. So, yeah, they got to be sweating. Hopefully not hopefully, but I'm sure some Q. Peters are. Found their way to the bottom of a river somewhere.

B

Yeah, but you know what I'm seeing so far? A bunch of kids. Yeah, a bunch of kids.

A

Americans.

B

17.

A

Where are we seeing them?

B

Oh, no, it's a big mix of, you know, it might be an American kid over here, but, you know, there's some from Syria or Egypt, Libya, which seems to be the hotbed for some of these ransomware groups.

A

Really?

B

Yeah. Yeah.

A

Huh. Any insight on why?

B

Money, brother, money talks. They. They're looking at, hey, I could just buy access to an info stealer and then start, you know, reconning or performing reconnaissance on some of these victim servers and networks of companies, get access to a vpn, turn that into a few million dollars, bada bing, bada boom. Everybody's happy, you know, it's money talks.

A

Yeah. These guys aren't sophisticated. You know, they. They're purchasing a lot of their initial access from, you know, brokers that were just credit. They're harvested credentials from, you know, info stealers and whatnot. So, you know, not very high end to. To, you know, buy your way, raise havoc.

B

Yeah, man, they're just buying access. They're getting some little BS exploits. They're using known exploits. If they would have kept going. I mean, after this, there's no way these guys are gonna. These guys are gonna continue. But, yeah, after this, man, they're. They're likely going to be, you know, getting arrested by their respective governments and. And extorted to. For near death. They might even not even show their faces anymore. You know, and it's sad because, like I've. I've told people before, listen, the cybersecurity industry, yes, it's very competitive right now, especially with all the AI stuff going on. We hear about Americans not getting jobs. You and I made. I made a joke last week about the North Koreans getting American jobs somehow over laptop farms. These young guys, you know, if you're smart enough to be able to engage an operation like that, you're smart enough to get a job on the defensive side, even if it doesn't pay what you want it to pay. And it's not going to make you a millionaire overnight and allow you to buy a random Instagram girl. Burqa bag. Birkin bag. Sorry. At the very least, you. You want to be able to. To put yourself in the shoes to succeed. You know what I mean? Like long term.

A

Some red bottoms.

B

Yeah. Get some Red bottoms, you know, get yourself a nice jacket or something and over time you'll earn all of that. Trust me. Getting locked up sucks. Then if you get extradite to the United States, that sucks even worse than.

A

But you know me, I don't dance no more. I make money moves.

B

Oh, yeah, yeah, that's right. That's right.

A

So nearly 50,000 Lake Tahoe residents have to find a new power source after their energy source looked to redirect lines to data centers. Data centers are huge. I got a new buddy that's in, he's in the power industry. He says everybody's leaving and go to data centers right now. So if you know anything about power or cooling or water, data centers is where it's at. So Nevada Energy notified Liberty Utilities, which is a California provider serving approximately 50,000 Lake Tahoe residents in the California side, it will cease supplying 75% of their power after May of 27. To redirect capacity towards booming AI data centers in northern Nevada. Liberty must secure replacement wholesale power sources amid jurisdiction complexities, with residents facing potential rate hikes and procurement uncertainty and reliability risks in the high wildfire zone. So we are now seeing power taking from people's houses to be put into data centers.

B

How do you feel about this, Chris? Because I've been talking.

A

It's not good. I mean, I know we like, we trying to say we're, you know, in a race with China, which I think is, you know, that we need to have this race and all that to start pulling utilities away from residents. You know, I buy a house in this area and I kind of expect that power is going to be there all the time. You know, I think one of the things we could loosen up on a little bit is maybe some of the nuclear rules.

B

Yeah. But you know, it goes back to nimby. Not in my backyard. I don't want that in my backyard. You know, and yeah, listen man, it's, it's a tough one because I've heard a lot of arguments. I've been following Robert Graham on, on Twitter. He's an old school hacker. He's been hacking since before I was even in Pampers. And he's had some really good takes because he's very objective. He doesn't say he's not pro or anti, but he's been calling out the BS. I'll give you some examples from the BS. So there's that big 40,000 acre basically data center farm they're trying to build out in Utah. Have you heard about this? It's A much bigger project. Okay. So some of the stories that came out was, yeah, they're going to use X amount of gallons of like fresh water to power this and just take it on water away from the people and people are going to die of like dehydration. And, and so Robert Graham was very legitimate. He said, look, this is, this is kind of a BS story because, yes, they're going to use X amount of fresh water, but you know, there's a reason for that and here's why. Right. And you know, and then on the, on the flip side, you know, yes, it's still bad though. Like, this is still a bad thing. It's just not for the reasons people are telling you. Because these journalists, I don't know, I don't want to be the conspiracy theory guy, I don't like that. But some of these journalists do have like some sort of weird messaging where it seems like, you know, they're trying to tell you, force down a story on you. You know what I mean? Trying to try to change a narrative of some sorts. But I'm not sure where that comes from. I'm not sure if it's just their personal opinion or the facts. I'd rather story tell the facts. Now, here's what we know about facts. We know that there's gonna be a massive farm in Utah for 40,000 acres. It's gonna fit within that, that, that, that space, not all of it's going to be data centers. They probably are going to recycle water. That's the problem with, with data center. They do take a lot of water. And there's reasons for that. Recycled water may have chemicals, chemicals that would erode equipment. Right. Fresh water, you know, don't have those same chemicals. Right. There's arguments there. The next one is it's probably going to require a lot of energy from the grid in order to maintain that system. So now the argument is, why don't you just set up like solar panels or something? Well, because it's not going to, it's not going to offset, you know, at least not right there in the spot. They still going to need energy, right? Then of course you need backup energy. So going back to this town on the California side of Lake Tahoe or whatever it was, you said 50,000 residents. That's not small change. It's not a small town with 30 people in it. I don't like that. But guess what? It's not just happening in California. It's not just happening in Utah. It's happening all over the country, including North Carolina, where people are like, what the hell is this? We never voted for this. We never agreed to this. Well, yeah, you did vote for this. This is exactly what you voted for for. You're getting exactly what you asked for. Maybe you didn't know you was asking for this, but this is the consequence of that. So now us as people. Us the people. Right, we the people. We need to figure out some methodology around this. You know, if. If these data centers have to be a thing, then there probably has to be some safeguards or they have to give back. The big problem with the Utah data centers is that it's going to require like $15 billion in tax breaks.

A

Really?

B

Yes. $15 billion in tax breaks. And you know who called that out? Tucker Carlson. Oh, yeah. He's like, wait, but why does this. Why does any $15 billion from us in order for them to build it?

A

Well, I mean, a tax break isn't $15 billion directly out of our pocket. It's 15 billion that doesn't go into our pocket.

B

That's right. Tax write offs, essentially. Yeah, and that's understood. But still, there's still an effect. There's still an economical effect on the local population, regardless of how you look at it. So here's my take. I gave you my honest opinion. We need data centers.

A

We do need to.

B

Yeah, we do. All right.

A

It just seems strange to me that we're building these things just to store ones and zeros. I mean, all it is is ones and zeros.

B

No, let's take it deeper. We're building these things so that people go on fucking chatgpt and generate images of cats and selfies.

A

I mean, I just. Right before we recorded the show, I jumped on. I jumped on AI looking for an only fans model. That is in my area.

B

Nice.

A

Somebody said that this girl that we all know has an only fans and I'm trying to find her, so.

B

Oh, man. Well, let me know when you find out. Take a look. I have an account. Don't worry about it. But no, this is the initial steps before you have a. A technocratic takeover, bro. Now it's when your boy gets into the conspiracy theory, that's what your boy starts to think. And my brain is thinking, it's doing something. I feel it. I feel the rush. They're gonna force this shit down our throats. I'm not really sure how to feel about it. You know who's gonna suffer? The people that live in these areas and the people that are gonna be displaced as a result

A

Yeah, I mean, I, again, I, you can tell that I sort of have very mixed feelings on it. But yes, I understand we do need them, but at the penalty of people like losing their homes. I really. Not for that.

B

Well, what you're supposed to do is build it in the states that are basically all lands and little people, you know, you know, freaking North Dakota, South Dakota, like, just like eight people over there. You know what I mean? Let's go ahead, go build over there. But you know what, you should probably use some nuclear too. Set up a little nuclear plant. You know, there's some really modern nuclear systems now that he could probably use.

A

All right, well, heck, our last story. Microsoft sacks Israeli subsidiary boss over using its cloud to store spying data. So Microsoft ousted Alan Himalvoch, I don't even know how to pronounce his last name. The general manager of its Israeli subsidiary along with several other managers, reportedly due to an internal review finding unethical use of Azure cloud services by the Israeli Defense Forces and specifically Israeli military Intelligence Directorates Unit 8200 for Mass Storage and processing of millions of Palestine mobile phone calls, recordings from occupied terrorists in west bank and Gaza. This data supports the airstrikes. And the arrest and review stemmed from 2025 media reports. He announced his departure last week without explanation. And the Israeli, the Israelis temporary under the Microsoft France administration. So he, he left. And it may they think it was because he used Microsoft in a way that they didn't want him to use it.

B

I mean, this is what happens when you get hired for an organization and then you use the technology for something they probably 1 weren't expecting or 2 knew about but didn't want to be publicized. Somebody somewhere had information that the Israeli part of the Microsoft business was using their infrastructure in Azure to process the phone data of these millions of Palestinian people. Otherwise why would Microsoft give a shit?

A

Yeah, I mean, it seems strange to me, like if I buy some cloud, cloud space and I want to put it there and use it, they don't normally look inside there and what I'm doing with it. I mean, there's people that hire, that use cloud space to store CCM's, pictures.

B

Yeah, I mean, that's true, but in this case it looks like that the general manager of that subsidiary was using their hardware probably without informing Microsoft that that's what they were doing. And that's a big problem for any, for any business. If I had a guy on my team that was using our resources for stuff like this, whether it's ethical or not, I'd be like, bro, did we ever talk about this? Did we ever, like, have a conversation? Is this something that, you know, we, we pre planned.

A

But does that guy, does that guy, same guy in this hypothetical, come to you about every client and what they plan to use your tool for?

B

But this guy's not a client. He's a guy that oversees the, the business unit.

A

But that's what I'm saying. It's like somebody on your team, you know, they don't normally come to you about a client data. You know, they just, they just sell contracts and they use your tool and you're like, great, we got another contract. We got another contract. We got another contract. I know what they're doing with it. I don't know what they're doing with it. Do you, do you think would expect someone on your team to come to you because of certain topics?

B

It's a good point. That's a very good point. Because as you read into the story deeper, it says that Microsoft had concerns after internal review looking at how their services were being used by the adf. Now, if Microsoft knew that IDF was a customer.

A

Correct. And I'll say, yes, they knew they were getting. Yeah.

B

So if the idf, if Microsoft knew that and they knew exactly what IDF is doing with their services, then why would they fire the general manager of the Israeli unit and his managers?

A

I mean, let's say they don't know what he was doing, but they still knew that IDF was a client.

B

Yeah.

A

So is this just a publicity stunt to say, oh, no, we're not aligned with these people?

B

Honestly, bro, I'm starting to lean that way. Yeah, I'm starting to lean that way. Unless more comes out, we get more. The guy's name is Alan Heimovich. Nice Eastern European name, but, you know, I would love for him to talk and be like, hey, listen, what happened was we had the IDF as a customer. It just so happens I'm Israeli. And yeah, you know, they were processing stuff and Microsoft asked me to delete it and I didn't, then that's a different story. Because now he's going against, you know, his company's policy. But if, if he got fired and his team got fired just because it just so happens the IDF is using his stuff. That's crazy. Yeah, that's bullshit.

A

Yeah, it looks like it may have been some sort of allegation. And they looked into it, and then once they looked into it and it showed that in September 2025, they were using their AI services for mass surveillance but if, you know, IDF as a client, you just kind of got to expect that, I would guess. But they're just trying to. Trying to clean up their own reputation.

B

If they're a client and then you're providing them services, including technology, then you know what your technology can do.

A

Yeah.

B

So what's the surprise? You know? Now it'd be different. It'd be different if, like, it was Hamas. Right. A designated terrorist group. Right. Where your client is. Hamas. You know, the guys, these guys, the guys run the accounts. Hamas and they're doing a similar operation against the Israeli people. Right. You're like, well, it's almost the same thing, except that. No, actually these guys are designated terrorists. These other guys are, you know, military force. So now is. Now it's like a political ethical conundrum within your organization that you have to kind of sort out and figure out.

A

I mean, I put it in the same steps as anthropic pulling out of the Department of War contracts. Sure. You know, but this is it. They've already had it. They've. They've been going at it like, let's say. I have no idea. Let's say IDF had a contract with Microsoft for the last five years for this. For what? Whatever. Just services, including AI service, you know, and what. Whatever it may be.

B

Yeah.

A

You know, and now that political winds have changed, started to blow the other way, they. They pulled the plug on it.

B

Well, listen, regardless of how you feel about the situation, obviously I'm not. I'm not for surveillance at all. Now we're just seeing fucking Chris's balls just go on screen for no reason.

A

Did you see him?

B

No, I saw. I see. Saw a die. At least that's. That's exciting enough. But yeah, I mean, look, there. There's a lot of politics going on and there's a lot of going back and forth, which I don't like. And it always. I feel like it always somehow has to do with Microsoft. Somewhere Microsoft is in bed in some way. Some of the BS that we're seeing.

A

Rant alert. Here it comes. Let's hear. Oh, yeah, we're back with a Hector rant on Microsoft and go.

B

So over the last week and a half, we've had some really interesting things coming out of Microsoft. There's a bunch of LPs for guys that don't know LP is a local privilege escalation. It's a vulnerability that allow you to escalate from a regular user account to a system or administrative account. And there's a whole ton Bunch of them. There's a ton of them. They're coming out every other day. It doesn't even matter. If you guys are not automatically updating your Windows systems every day, then you're kind of screwed because some adversary somewhere, if they get access to your machine, they're going to be able to escalate privileges. That sucks. But hey, if Microsoft. We've been dealing with this for a long, long time. You know, let me tell you something. Here's how weird it's getting. Did you know that over the last, I don't know, last week or so, Chris, that Bill and Melinda finally pulled out all. They sold all their shares out of Microsoft. They completely out of Microsoft now.

A

I didn't know that. I didn't know.

B

Oh, yeah, check the news. It's a big deal. Bill Gates has finally said, screw this, I am out. And so you have to wonder, for someone that built Microsoft in a garage somewhere with his buddies in 1985 by licensing and, or stealing, depending on who you ask, the disk operating system does and then build entire ecosystems around dos, you would think that the guy would stick around and keep at least one share in there. No. He got rid of everything. Why? Because a lot of things happening in the Microsoft ecosystem. It doesn't make any sense. I'll give you a good example.

A

Wait, wait, wait. The Bill and Melinda Gates foundation has sold their last 7.7 million shares.

B

That's all of their shares, bro.

A

Bill Gates personally holds 1,103 million shares still.

B

Oh, never mind.

A

Well, yeah, so the foundation sold. Which they had announced two years ago that they were going to spin that down, so.

B

Man, you're winning. I'm ruining the rant.

A

I just want to be clear, though. I just want the facts to be out there. I don't want like 30 emails.

B

Hector's an idiot.

A

He didn't even know the details.

B

I. I am an idiot. But here's what we know. The Bill Melinda Gates foundation, they sold their shares. Yeah, yeah, yeah, whatever. That's. That's not even a freaking point of this. It's small, tiny piece of it. You know what's a bigger piece? I'll tell you what a bigger piece is. It's something called yellow Key. You had a researcher by the name of Nightmare Eclipse disclosed over the last week or so that he was just perusing and looking around and clicking around. His. His Window Re image, Windows RV is for recovery, like a recovery disc that you get. And so as he's kind of scrolling around and looking around, this gentleman who also Goes by this person that also goes by Chaotic Eclipse. They had identified that if you create a USB stick in a certain way, that there is a way to completely bypass BitLocker's drive encryption.

A

Really?

B

Oh, yeah, no, it's on GitHub. You guys could all check it out. It's freely available. It's non. You know, you don't have to run anything. It's just a matter of creating a USB drive in a very certain way with very certain files. You put that into your device, you reboot your machine, and then what ends up happening is, is that you go into a command console that gives you access to not only the machine, but the machine's contents. Now, he left something really interesting at the end of his kind of like, dump, basically. And, you know, in his commentary, he said, I don't know, this seems way too easy. I think this might be a background door. They implied this implication that Microsoft backdoored Microsoft windows with this. BitLocker technology is not supposed to be bypassable, by the way, with as simple as, you know, building out this USB drive in minutes. And so is there any evidence that this is a backdoor? No, we have no evidence that this is Microsoft backdooring their customers. We have no. We don't even have public confirmation from Microsoft about this discovery. But what we do know is that researchers have gone to Twitter and other places to confirm, validate, and show off what it is that they found during the testing. Yeah, it's. It's pretty scary when. And this. And I'm going to. I'm going to make the assumption. I'm going to give Microsoft the benefit of the doubt that this was a blunder, this was a mistake. They uploaded the winre image or tools with some debugging information in the backend that they shouldn't have. They forgot to remove it before release. And now we have a way to get access to BitLocker machines that are encrypted without the encryption keys. With the BitLocker keys, it's going to push a lot of people away from bitlocker, which I thought was dope until now, into using tools like Veracode and others that are probably going to slow down your experience 20% at least. Yeah. How do I feel about Microsoft today? I'm disappointed between using proxies to put Chinese actors inside of government networks, between apparently firing managers for what their customers are doing. But now you have potential back doors, or front doors, as we like to call them, into systems that should be encrypted and secure. You know, we have to really apply pressure to organizations like Microsoft that are pushing out these products. We saw France doing it with dollars. France is removing Microsoft Windows from their agencies. Eventually it's going to probably happen in Germany, from Germany to Italy, from Italy to the United Kingdom. It's going to spread. And Microsoft has a real big problem in their hands if they don't deal with these security issues now. And that's where I'm at. That's where I'm at.

A

Hell of a rant. Heck, I agree with it. There's nothing I can fight against that or whatsoever. Guys, reach out to us@questionsackerinthefed.com thank you, thank you, thank you for your support on Patreon. Again, keeping this show commercial free. Thank you to Safe Hill and all their support with Hacker in the Fed. Hit us up@hackerinthefed.com to buy your Hacker in the Fed merch. Get your shirts there. Five star reviews wherever you get. Download or get your podcast or listen to your Hacker in the Fed share us on social media. Tell your coworkers, tell your friends, tell your family, tell your lovers. Hacker in the Fed. We talk Knicks basketball and some cybers once in a while. Brother. I am off to my youngest child's high school graduation. Woo. Big props to her. Big congratulations to her. Makes me feel old, but gonna try to stay as young as possible. Gonna jump in cold water and tan my balls as much as I can.

B

Well, you should not walk around. Walk around like me with his white beard on my face. You know what I mean? I know you shave it to hide it, but you know, stay young, my boy.

A

I get a little salt and pepper in there. I got it, brother. Much love and respect. I always have fun with you.

B

It's always a pleasure.

A

Cheers.

B

Cheers. It.