2024-11-18 - Yacht Doc

Corey

Are we live? Is this it?

Daniel

I think we're live.

Wade

Yeah, we're memorized.

Corey

I'm scared.

Wade

Yeah, I get the reference. Checky. Is it live or is it Memorex?

Corey

Yeah, it's been a while since that one. That. That seems like it would be a good T shirt for us.

Wade

Yeah.

John

There hasn't been a new T shirt made in a long time. I'm just saying. Yeah, it used to be a thing like throw it on a T shirt. We left that behind.

Corey

It's funny how things like that tend to get put in the trunk and forgotten about.

John

There's been so many T shirts made. If snow and shows up. Am I hosting or is Daniel.

Daniel

You can flip a coin.

John

I'm not a BHS employee. Daniel can host.

Corey

I'll host it. No problem.

John

All right. All right.

Corey

Who's going to put up the articles?

John

Is that.

Eddie

That's me.

Daniel

I got that.

John

Okay, here we go.

Alex

Never mind.

Ryan

There's Corey.

John

We're good.

Alex

She's watching. And I was just watching you guys panic slowly. And I just didn't want to join and ruin it.

John

My hosting was good. I've done it twice now. You know, it's.

Corey

I've hosted for 10 years, so I would have been probably fine.

John

Exactly. See?

Wade

And the show was saved by the salty ham. I didn't think I would say this.

Alex

I went in the Ocean. I got 25% saltier. That's how it works.

John

Anybody watch The Half Life 2 20th anniversary documentary? Is just me. No.

Wade

All right.

Alex

Instead of a video game, it's just a documentary now because they know everyone that played it is too old to play a video game.

John

Pretty much, yeah. It's pretty good. They talk about why they didn't make any more Half Life and then it's a pretty good document. I was surprised. It's two hours long, but it's pretty good. Highly suggested. Where's it on YouTube now?

Daniel

Everybody's going to watch that.

Wade

Everybody's going to watch that one.

Alex

Yeah. Watching the Black Hills Infosec, talking about news. Just cancel that and watch the Half Life documentary instead. Who needs pretty sure.

John

Like, you can. Like, if you watch any of Gabe's interview, you can tell, like, the background is moving. And I'm like, this dude's doing his interview from his yachts. How dare.

Alex

Like, it's pretty ridiculous, honestly. If you have good enough. I guess it was probably recorded on site. I was going to say if you have good enough Internet.

John

I'm sure he has the best Internet from every one of his yachts no matter what. That's probably true.

Alex

Half Life 3. When. I mean, that was. That was. In my opinion, Half Life 3 was just that VR game they made a couple of years ago.

John

Alex. Alex was great.

Alex

Like that. That. That is Half Life 3.

John

There's a hole behind one of these posters from me trying to throw a grenade in Half Life Alex. Like a whole. Right. Well, right behind the door. Like this door right here.

Alex

Did it work?

John

I got the grenade off, but I also, like, hurt my hand, but it was. I don't. I think I survived. I don't know. I fell to the ground and just kept shooting.

Alex

That's why it's not recommended to tape knives to the end of your VR controllers.

John

Never. Never. It's. That's the pro mode.

Alex

Don't do that.

John

Corey. There is a cat news article two weeks ago, and I was going to send it to you, but it was like I wasn't there and you weren't there. I was very upset that nobody.

Alex

There was no cat section of the news.

John

Yeah, it was like people trying to fish. People who had.

Alex

What are fish people would have cats. I would be susceptible.

Corey

They were looking for a tiger or something like that. They were like, googling. Or they were searching for a specific type of cat.

John

It's like the one that looks like a little leopard that acts like a dog.

Alex

Bengal.

John

Yes.

Corey

Yes.

Alex

Nice.

Corey

This is the world we live in, kids. I'm really enjoying Haircut Fish's gift game today.

Alex

Haircut Fish is a legendary memer. If you can come up to me at a BHIS conference and say, I here's my Discord username, and I know who you are. You are a legend.

Corey

Or you're really doing something weird in Discord.

Alex

Or you got banned.

Wade

Or you got banned.

Alex

Could be good legend, could be bad legend.

Corey

We don't want to know how Dan got Haircut Fish as his name. It could be not, maybe not safe for the street.

John

It's not nearly as exciting as you think it is. I'm going to tell you that right now. I thought it was going to be this elaborate story, but maybe you'll hear about it.

Alex

We were all the same age when we got Xbox Live accounts and it randomly generated two words for you, and that's been your username ever since.

John

Unblest pillow.

Corey

What was the. Isn't there, like, a rapper name generator or something like that? That's usually pretty fun.

Alex

Yeah, it's the street you live on. Then your Social Security number, you can just send it to me in Discord.

Corey

I'll get right.

Alex

Here's the formula everyone knows.

Corey

Why is he sending my street name in?

Alex

Hold on.

Daniel

But I heard from my week off that there's new discussion about a logo for the newscast.

John

What?

Alex

We have a logo.

Daniel

The hand logo.

Corey

Oh, yeah, last week.

Ryan

Last week we did do a vote.

Corey

We did a poll.

Ryan

A poll as to which one people preferred.

John

Yes, multiple. I'm gone for like two weeks and there's already new logos.

Daniel

No, there's.

Alex

There's the.

Daniel

The old hand and then the current hand.

Alex

So what was the opinion? Do people like old hand or new hand?

Corey

I'm assuming the old hand by far.

Alex

Wait, what older?

John

I use the logo of the new hand in my talks. Like when you do your about me, I have like the new hand as nice. One of my sections.

Daniel

But it just talk to the hand.

Alex

I mean, change is scary. That's basically a theme of humanity. So are we going back to the old finger then? Nothing from our perspective. We don't know what Ryan's gonna click as a host of the show. We don't know what Ryan's gonna do. He can do whatever he wants.

John

We never called it the hand.

Corey

Why did they change the old logo? If there was a good reason, then hell yeah.

Daniel

But I guess I was one who changed it, in charge of the change of it because.

Alex

Made it way more professional and modern. But people.

Daniel

Yeah, we didn't actually. We didn't have. Technically we didn't have a logo for the show like we have right now in the bottom left. And we wanted to make one. And then the hand suddenly didn't match the logo. And so it's like, well, how do we get this to look unified? So let's build a new one. So we came up with a new one.

Corey

You see, people, it wasn't just a random thing that they decided to do one day.

John

There's just gnarly gifts of messed up hands going on. I'm not with it.

Corey

It's like that show, your feet are killing me, except it's all hands.

Alex

I do like the new logo. I think that the logo is cool.

Daniel

Yeah, I like the new logo.

Corey

Yeah, I like the logo.

Ryan

I like the logo.

Daniel

So what I was seeing was people like the new logo, but they still want the old.

John

Yeah, the finger. Finger. Not the hand. Gosh.

Ryan

Yeah, the crooked finger.

Alex

Which.

Daniel

Which one do you want today?

Alex

I say just please the audience. Just make it a random 50, 50 shot every time you do it. Yeah, just close your eyes. Close your eyes. Move your mouse around the screen. Just hit Whatever happens, if you pick the wrong video, it'll all be just funnier.

Daniel

All right, we ready then? I think we're ready to go.

Alex

Roll the finger.

Daniel

Rolling it.

Alex

Hello and welcome to Black Hills Information Security's talking about news. It's November 18, 2024, and I'm officially resigning from my position as the head of sza, effective immediately. I never actually was the head of sza, but I've decided to just proactively resign in case that comes up in the future.

John

Smart move. Smart move. I would have done the same.

Wade

Yeah.

Alex

Yeah. What do you think? It's good to just. Yeah. Does anyone else want to resign from any positions that they aren't actually performing just in advance real quick? Like, Wade, do you want to just maybe resign from being the head of division? Head of Splunk?

John

Don't. I resign from the division. Head of Elastic immediately.

Corey

Do not hire me.

Alex

I'd like to unsubscribe.

Corey

I feel like after today, Palo Alto, it will go ahead and preemptively fire me.

Alex

Yeah, well, I mean, okay, so that's a great first article. Let's talk about Palo Alto. So, news article. This is, you know, I mean, you could probably take any episode of this show and take a random networking vendor and a random, like, word for vulnerability, and it would be on the show. In this case. There's an undisclosed or unknown vulnerability in Palo Alto Networks management interface for firewalls. Ryan will find the actual article. It's being actively exploited. But I guess I'm like, it's kind of a nothing burger to me because it's in the management interface and no one exposes the management interfaces of their firewalls. Right. Well, this.

Eddie

Corey, this gets back to like one of the. One of the age old, like, debates we have with our customers where, you know, we say, hey, your management interfaces are exposed. That's a high. And they're like, well, it's not a high. I mean, you weren't able to exploit. I'm like, there wasn't an exploit available for it yet. It's just a matter of time before there is an exploit available and then you're going to get popped. And then you also are missing things like two factor authentication and things like that usually on these interfaces. But we see these. Like you said, I think that these.

Alex

Oh. Oh.

Daniel

Froze.

Alex

He's just really putting that thought together.

Daniel

That hotel WI Fi let him down.

Alex

Disappointed. John is back. We read your mind. What you were going to say was, we all get huge raises, right?

Eddie

He's frozen.

Alex

Oh, no, he froze again. Don't move. If we all get huge raises.

John

Approved.

Daniel

Eddie's back.

Alex

All right. I think we wait for John to connect his Starlink version 7. But yeah, I mean, I guess from my perspective, when we're doing pen tests and we're getting, you know, exposed Palo Alto management interfaces or any firewall vendor, it doesn't have to be Palo Alto Network specifically, we're reporting that and we're using examples like this to prove why you should never, ever, ever do it. I will say though, talking to some of our customers over the years, a lot of the times these are vendors, these are weird scenarios where they don't actually have any control over the exposure, you know, the configuration of the management interface, but it's still protecting or securing their traffic.

Corey

So I guess, do any of the clients that you guys have that are exposing these management interfaces out to the public network, are they? What about like secondary controls, VPNs, things of that nature? I mean, why, why do they have to expose it to the Internet? Why can't they use other things to make it safe?

John

So it's the change. When I make the change, when I'm at home, right on my couch, it's easier for me to go straight to the firewall and just do it.

Alex

The only scenario I've seen is that it's a vendor, it's a vendor product. It's not done intentionally. It's done by a vendor who has no control or the, the company who paid the vendor to do it has no control over it. Like one of the scenarios we ran into recently was, it was Fortinet, but if anyone remembers, a couple of weeks ago, there was that for the jump vulnerability or whatever, we scanned all of our customers and we said, hey, here's the exposure. And we, the customers we talked to, one of them was actually managed by Fortinet and as part of the kind of agreement they had actually restricted access to the console to everyone but them until the vulnerability was patched. And they didn't actually have a patch for it. So basically I think it's like they're not doing it intentionally. It's just as an example scenario is like one of our companies is a real estate provider. They have parking garages. The parking garages, I don't know why, but they have firewalls deployed there. And the parking garage is all managed by a third party vendor. And for some reason they have firewalls. I don't know why, but those management interfaces are exposed to the Internet.

Corey

So man, that seems reasonable. To me.

John

I've done security for parking garage company. I can confirm they have firewalls and they're not set up correctly.

Alex

I don't know. What are they firewalling? The parking meters? I guess those could also be Internet exposed.

John

The all the. Like they have web page computer. Oh yeah, the computers that can completely control everything. Like all of that is sitting behind a firewall. And when one gets stolen, it could just keep going off too. But that was kind of funny. They did also get ransomware then. No.

Alex

So if you're looking to do some vulnerability research, you're probably going to be hacking a parking garage on. I just can't believe people are shelling out money for like real, you know, high end networking appliances at like a parking garage. Like, don't. Shouldn't you just be getting like a old pfsense box with like 100 meg connection or like, I don't know.

Wade

Anyway, it's all that airport advertising, Corey. Like advertising in the airport. So then like the Nikita was like, buy that. I saw that like when I was coming back from my trip. A yacht. It's like this PF sense. Never heard of it. They don't advertise in airports. I wonder like who those. Who those are targeted for? Like who goes through the airport? And it's like, you know what I do need to buy a, you know, enterprise spam firewall. Like I was. I was indecisive. And then the ad on moving walkway changed my mind.

Ryan

If you really want a pci, I bring PCI on it.

Eddie

I can't help if like there's a book that's a starter villain by John Scalzi that basically he owned all the parking garages in America and it was just a front for evil.

Alex

Yeah.

Wade

Big, big parking meter. Didn't want him to finish that thing. Didn't you got the lobby group.

Alex

You weren't allowed to say what it was a front fault for. Right as you started that sentence. It was like, it was a front for us.

John

What if I'm.

Eddie

I'm. I'm switching out to an attendee. I'm gonna listen.

Alex

So just turn off your video.

John

Turn off your video. Yeah.

Alex

You could just be the voice of like the voice of God. We could ask. Yeah, yeah.

John

Then we don't know if he stopped or not. We're just sitting there waiting for him to come back.

Alex

What you need to do is you go to blink.

Eddie

He's blinking.

Alex

Yeah, yeah.

Daniel

Get your avatar.

Eddie

Oh my God, I'm dead. And this is what it's like to be A.I.

Alex

Congratulations. Now you're a ghost. You are now haunting this show instead of presenting. Corey.

Wade

What.

Eddie

What are you doing?

Alex

Corey?

Eddie

It's so dark here, everybody. It's so dark in this box.

Alex

I have no mouth yet.

Eddie

I must scream. All right, Corey, get us back on track, man.

Alex

Yeah, I mean, basically, I, I, as much as this is a tough one for Palo Alto Networks, who does, by the way, a lot of really awesome vulnerability research, which we're going to talk about later in the show. Some of their, you know, published CTI or whatever you want to call it, but I think it's, like, not really. It's not great to have vulnerabilities in your management interface, and there are plenty of scenarios where this could be exploited by an insider threat or someone who's gained internal access. But don't expose your management interfaces. It's not like. It's just not a good practice. So, anyway, moving on, let's talk about. Well, I don't know.

Wade

We.

John

We already talked about it a little bit. I. I think it's important to talk about. Okay.

Alex

Since everyone. Yeah. So, John, is there anything you want to resign for in advance of January 2025, just in advance, even if you're not actually in the position? I already resigned as the head of sza, just in case.

Eddie

Yeah, I. This gets really, really close to politics, but actually, it doesn't even get close in politics. It's, like, right there. I just hope there's a good transition, and I hope the people that come in next are good. How about we'll just leave it at that?

Alex

Wish them, basically. I mean, the news article is the director, Jen Easterly, is resigning and starting January 20th, which is when the Trump administration takes control. It should be noted the Trump administration hasn't actually, like, appointed a candidate or talked about it, so it's kind of a preemptive strike or whatever you want to call it.

John

I didn't realize that the. That the head of CISA was an appointee by the president either, though, which I think is an interesting move. Right. That.

Alex

Well, that's most government agencies. Right. Like, unless.

Eddie

Who would be the most unqualified position?

Wade

Do we.

Eddie

Are we thinking, like, the CEO of CrowdStrike maybe?

Alex

No, no, that would actually be good. That would be good. That would actually be useful.

John

Wait, go back to the article real, real quick. I do want to make one funny.

Alex

Remark about the picture at the very bottom.

John

Picture at the bottom? Yeah. Which is a cool picture, but they don't even call malware. Jake, in the description he's just a random hacker.

Alex

No, no, they don't. A photo of several and Leslie Carhartt, Prominent hackers.

Eddie

It's like.

Alex

Yeah. So Jake, what you're going to want to do is change your Twitter handle to. Wait, what did it say? Can you. A little bit.

John

Prominent hacker.

Alex

Yeah, several. Just, just change your Twitter handle to several prominent hackers.

Eddie

Yeah, he's at the same level as the shark, basically. It's like, here's Mudge, Leslie, you know, and, and, and a shark and prominent.

Alex

Hackers throwing up the peace sign. Prominent hackers have been known to do that.

Eddie

I'm a shark. I'm a shark.

Alex

So, I mean, that's, I guess it's kind of uncertain. I mean, I will say last weekend I was at Stanford for the National CP or the regional CPTC Collegiate Pen Testing Competition and some people from CISA were there talking about the work they've been doing. And as much as we have kind of, we've been a little bit judgmental on the show about the whole memory safe languages and things. But the thing people might not realize is they're also going out to companies and making them agree to try to build secure software. So it does. They're kind of trying to raise the tide for everyone else without trying to, you know, so they are, I think a public good and it hopefully gets carried. The torch gets carried on. But yeah. Anyway, that's interesting comment.

John

The word on the street says it may not even be around if Doge scraps it. I don't. I could definitely see being a thing. That's the scary part.

Eddie

But isn't it Department government efficiency. All right.

Alex

Yeah.

Ryan

Which does not exist yet.

Alex

Anyway, let's move. Yeah, circling back. Yeah, circling back to PAL Networks, they recently published a blog, or I guess you'd call it Intelligence Brief or whatever you want to call it, fancy blog, about North Korean IT workers and their, you know, exploits. So there's two main kind of exploits that we know about from North Korean IT workers. This is specifically attributing and calling out a threat actor based in Laos, which is pretty far away from North Korea, but I guess apparently is, you know, good enough for them. But basically the, the two attacks they do the most are trying to get, trying to compromise people who are actually searching for jobs. So posing as a real IT company, interviewing developers, and then during the interview they distribute malware to the developers, hoping that if they end up getting a real job later, that they can get access to the company where they get hired later in time. So IT'S kind of like a, I guess a human supply chain attack. I don't really know how to describe it, but definitely spooky.

Eddie

This is an attack that you're talking about doing with the continuous pen testing team though, right?

Alex

What we're going to do is the other version of the attack, which is they try to get jobs at target companies that they're trying to breach, or in fact, as highly qualified IT workers. Which has two benefits. Number one, as an IT worker, you have tons of access to company information. But two, you're also collecting a salary which can be used since North Korea is sanctioned, they can use that. So it's a really cool write up. And I will say it is funny. Like, there's some pretty cool geoint type stuff going on. If you look at the image of the person's headshot, they actually were able to figure out exactly where that headshot was taken, which is really cool. Right. I don't know if you can find that specific screenshot, but it's the one with all the.

John

Right.

Alex

Yeah. So, like, you can see that the headshot was in the left. That was what the worker had provided. And then you can see they actually figured out exactly where that headshot was taken, which gives you the geolocation of that user. And they were able to figure out around the time frame. Excuse me, the timeframe that it was taken, which is really cool. So they like. You can even see the screenshot, right? Like the. In the picture, it shows a phone that was released around this time. So they have like a. You know, that ad campaign wouldn't have been running for a long time. So I guess pretty cool Geo Int or whatever you want to call it. But yeah, it would be really, really.

John

Flattering if one of these North Korean attackers actually cloned your profile to get one of these jobs. Right? That, like, you made it that far. Like, I would have been very excited.

Alex

It would be way more stressful than flattering because.

John

Right. Well, whatever. Like, what am I gonna. What am I not gonna be able to stop?

Alex

You better watch what you wish for, Wade.

Eddie

John, you're looking for a job in the help desk at our company, right? Yes, Yes, I am. Like, that would be awesome if they cloned mine.

John

John, why do you have a Korean accent? I thought you lived in South Dakota.

Corey

Listen, it seems like we're missing out on a real information gathering opportunity here, boys. If we pretend to hire them knowing full well that they are, then we can just watch a monitor and see what they can do.

Eddie

I think we should do it just. We need to create a fake pharmaceutical company and just feed them incorrect data generated by chat GPT.

John

That's why. Who, who did that though? One of the firewall companies did that.

Corey

They figured out human honeypot.

John

Yeah. The other thing is do you think this will fuel the return to office? Like these tax are becoming more and more prominent. Right. We're returning to office to stop the North Korean attackers.

Alex

Palo Alto Networks would be like, we have an office in Laos, that's fine. Like, you know, some companies have an office everywhere. Yeah. I mean I will say that there is a component to that which is tricky. You know, it happened, it happened to know before. It's happened to a lot of organizations even in cybersecurity that are. That should know better. You know, I don't want to say should know better, but would be aware of the potential risks. But business processes as we know are kind of the important thing, right. You can't just be like, well, we don't, we don't have a hiring process unless you come into our office. Well, okay, good luck with that.

Eddie

Yeah.

Alex

So yeah, well it gets into a.

Eddie

Question companies that do subcontracting and things like that too, where it's just element company.

Alex

Totally. Yeah.

Wade

I had seen also where it's like the discussion had come up for, you know, when you hire like these subcontractors, don't give them a laptop with access to everything right away. Which sounds logical but like you have a lot of company, you have a lot of companies that they're just going to push back being like, no, we need to hire this guy and give him access to everything because everything is on fire and we need a subcontractor to fix it. So we're going to give them access to the critical stuff because that's what's on fire. We can't put them on a probationary period and go, you know what, just have access to these things. And then we. When we're certain that you're not just, you know, scooping everything out to a foreign country, then we'll give you more access. Now just, here's your laptop. Get to work. It was due, the project was due two weeks ago. Do it the best you can.

Alex

Yeah, I mean I think traditional pen tests would cover most of the kind of risks of this of like default user permissions are way too high. You know, SharePoint data exposure or file share exposure is way too high. Like if a default employee can't do anything that damaging, the risk from this goes down. Even if you do Hire from someone from North Korea. You know, your lawyers aren't going to be too happy about paying someone who's sanctioned. But the, you know, access they would have shouldn't be, you know, everything. Oh, they can get, they can already be into every machine in the domain. They can get local admin on their machine. They can, you know, access all the password backups we have in OneDrive or whatever. So I think, you know, it's a defense in depth approach as well.

John

Is it a pretty normal red team assessment at least to send off a laptop to a red team, right, and give them login creds and pretty much perform this type of attack from like zero to like here's actually, here's a laptop, right? Like I've seen that several times before. A couple organizations I've worked for, but I don't know if that's normal in.

Alex

Yeah, I wouldn't necessarily say it's normal. It's definitely on the table. A customer would have to request and have a plan for it. But I mean, I guess what I would say is when we scope engagements or when I, you know, I'm talking to my subscription customers, I basically ask like, what is your true user population? Because there's going to be everything from. Some companies have contractors that are third parties that have zero. It's byod, they have zero company provision devices. They use Citrix or another remote access software to get to their virtual desktop. And the company doesn't assume any risk or provide any, you know, device to them or that could be a company that has, you know, company issued laptops and that's their only part of their user base. And so like, it's just kind of like what is normal for our company. Most companies are going to have a mix of each. But you know, for a pen test it's usually worth testing. Whatever keeps you up at night, right? So if you want us to come from a contractor that has BYOD access, just make us a vdi, have us remote access to it. And we can do an assumed compromise from that perspective, but it's definitely on the table. But it's. I wouldn't say it's normal.

Ryan

Now Cyber Research in the chat was asking, is there some way of some sort of in person verification going on that could be done for it? And if you think about it, they're being found in Laos. What's to say that they're not shipping somebody through three different spots to get here to the US very easily and they're just going ahead and coming from say Kentucky or what have not. There's nothing that says that they're going to come fly out from North Korea. There's nothing that says that they, if they're using a fake picture, maybe you catch them, but they could very easily settle themselves into another country, use a current picture of themselves and come in and then the physical, the physical verification passes and you're still screwed.

Alex

And I mean I think that's, that's a lot of tall order. That's a tall order.

Eddie

They're just trying to hire cheap developers in Southeast Asia.

Alex

That's. Yeah.

Eddie

All they care about. They know that they're hiring. There's good, and I got to be honest, there's good developers in Vietnam, there's good developers in India, there's good developers and all over the world. And you know, when people are developing web infrastructures or APIs or backends, it's not uncommon for them to hire people outside of the United States because it's cheap.

Alex

Totally. And we don't know exactly what that process looks like a lot of the time. Right. As a, we don't know what's normal. Is it normal for them to not use their webcam or have certain government documents? Like what government documents would be considered normal for someone of a different, you know, nationality? We don't even know. So I mean, long story short, I think have a process that's secure, have a verification method and also I think the handoff of credentials should be handled carefully. And also principle of least privilege always works. All right, what's next? We can talk about the T Mobile telecom stuff.

John

Another one every time T Mobile gets breached.

Alex

Yeah, well, yeah, it's every year T Mobile gets breached. So I'm glad we covered this one in 2024 before we get into the next year's breach. I will say though, this one is kind of interesting because it's kind of a lot of finger pointing in the article between who's breached, who's not breached. Months ago, I actually think we talked about this during our in person show at Wild West Hack Infest, but someone reported that a bunch of ISPs had been breached or like ISP monitoring sites have been breached. I am kind of speculating here and there's other people speculating in the articles, but it seems like it's related to that because T Mobile representatives have said, you know, T Mobile customer data isn't impacted. Like it says right there at this time, T Mobile systems and data have not been impacted in any significant way. We have no evidence of impacts to Customer information. So I don't know how that statement can be true and it not be like a third party monitoring or other like solution that got hacks.

Corey

Isn't, isn't that just always step one in the breach notification like deny everything? Yeah, yeah, there was something but it's not like that big of a deal. There's no real like PII or anything gotta worry about. It's all good. I can't even detect that our systems have been breached. It's that good. And we'll see in two weeks when we admit that all that was false.

Alex

Yeah, maybe. But I will say we're seeing people being prosecuted for that now. So.

Corey

Yeah, yeah, those like historically the way they, they totally operate. Yeah.

Alex

Yes. The old school was just doing, I think actually companies might be using or audio recording of what you just did in the future. But yeah, I mean nowadays, you know, lawsuits are pending. We will see how it actually plays out. But SolarWinds, you know we've talked about on the show a lot the person who said we're super secure to the shareholders is now being prosecuted for basically lying to. Also that image of you in the chat, that haircut Fish just put is amazing.

Corey

He made that like he asked me what did you go? What did you go for in Halloween? I said I went as a Russian apt and he cooked that up.

John

So click on the article that I just threw in chat.

Alex

Yeah, let's talk about Russian apts.

John

Oh no, no. So this one is T Mobile again. But.

Alex

So the article we were really looking.

John

At was the 15th. This is from the 16th.

Alex

Yeah, but they confirm breach.

John

Is it? Yeah, but now they confirm they're not.

Alex

Yeah, but they're not denying. No, they're just saying it's a customer or. Sorry, go up, go up. Ryan, you skip past the, skip past the. So it's like it's the wave of recent reported Chinese threat actors. Like they're basically saying industry wide attack. They're making the same statement. This is the same article. Our system data has not been impacted. We have no evidence of impacts.

John

Scroll, scroll down to the bottom. I want to, but I love how.

Eddie

They stated that while you're scrolling it's an industry. What's not us, it's everybody.

John

Zoom out. You got to zoom out. You can't even get all the breaches on the screen. Yeah, 20, 19, 20, 20, 20, 20, 2021, 21, 22.

Alex

Yeah, I mean, yeah, basically T Mobile.

Eddie

All of these are industry wide attacks. I mean I don't know why you're Making it such a big deal. Sure there was like two in 2022 in 2021, but yeah, this is just hacking. This is nature. This is just, this is just the way it is. Everybody just. We got to get used to it, that's all.

Alex

Yeah, I mean I will say none of those were industry wide. All those other ones were just T mobile. But the kind of like a subtext here is lawyers want to say it wasn't our stuff that got hacked, it was your stuff which is kind of spooky to think. Well it was actually the government monitoring, you know, magical blinking box that they had to install in their ISP or whatever. I mean who knows? I'm totally speculating here but that was the speculation we made originally which is like turns out when you're trying to monitor global network traffic, you have to do it somehow and those devices can be vulnerable themselves.

John

Right.

Alex

So I guess we'll see as time plays out how this evolves. If you're a wiretap manufacturer, get in touch, email us@vendorors mobile.com let's talk about the. You know we talked about pretending we're Russian apts or going Daniel, going to Halloween as a Russian apt and we can see Krebs on security recently did an interview with a Russian Apt or I guess APT might be a little bit of an overstatement but this individual.

Wade

The A may be a stretch in the.

Alex

Okay, so here's how I'm. Here's basically the article is pretty interesting. The. It's talking about the real life identity of the person use who basically stole a ton of payment card industry stuff from Target and Home Depot between 2013 and 2014. So back in 2013, 2014 this was about as a, as a advanced got like this is pretty advanced nowadays. I don't know about how advanced things are but essentially it's a Russian national. His name is Lenin I guess or.

Eddie

That'S his last name. He changed his name, that's his new name.

Corey

Mikhail or something.

Alex

Lennon Shafell basically kind of talks about what's going on is very transparent that the reason he's doing the interview is because he's broke and he's trying to self promote.

Corey

Oh the poor guy.

Wade

And he's trying stay out of prison. That was, that was one of the things that popped out at me too was like he's trying to not go to prison. But then they also said in the article Russia doesn't typically, you know, prosecute.

Alex

Yeah. Cyber crime.

Wade

So it's sort of like why are they. Why are they now prosecuting cyber crimes. And I mean, you know, I in my mind made that small little link to. Yeah. Nowadays in Russia you don't really go to prison. You go through prison and then wind up on the front lines. So that's.

Alex

Well, okay. So it actually addresses it in the article. If you had. Yeah. So by the way, Daniel, I hope that your Halloween costume included a 9 mil or whatever that is.

Corey

And I'm absolutely, I'm just gonna screenshot this so I know exactly what this looks like.

Alex

For next year.

Corey

I would definitely recommend a man arrested at Halloween.

Alex

I was gonna say maybe don't maybe, maybe swap out some elements of that costume for, for law enforcement. But basically, Alex, if you had to speculate, why would they be prosecuting this individual? Because they actually cover it in the article. And the reason might be exactly what you would guess. I'm kind of curious.

Wade

Oh yeah. I mean, he was. He's naming names.

Alex

He's naming names. You don't name names or else you get defenestrated.

Wade

Yeah, you start writing down like, okay, I'm gonna start like associating like the nicknames with the real names and the criminal exploits of everybody else. I just like that. Don't, don't do that. And then somebody just is going to like turn you in.

Alex

Correct?

Wade

And be like, okay, yeah, I'm just going to turn you in for. I think that you're just walking around with like a firearms complaint.

Alex

Well, that's exactly what Krebs says in, in the paragraph there, it says the mo. This is a, this is speculation by Krebs, but basically this individual has been documenting the nicknames, real names and criminal exploits of Russian hackers who worked under the protection of corrupt officials and fsb. So I think you were spot on. I think that being prosecuted because he stepped out and started bringing transparency to something that shouldn't be transparent or at least from their perspective, shouldn't be transparent.

John

But either way, to fall off a five story building.

Wade

I mean, like I said, like the, they need, they need to fill the military. And even like you know, in the chat, you know, the time traveling nerdverter is stating that too, that you know, filling the military. So that's, that certainly saves them on like the amount of open windows that Russia needs to maintain.

Alex

I mean, we know he has firearms experience based on the photo. Which. Did you. Did anyone catch the fun little tidbit that it says, first of all, the Image is in 2005. Second of all, it says, image U.S. postal Investigative Service Hospice is Doing their own intel on this guy, I guess. Actually it makes sense. With Hydra Dark Markets, they're sending all the kinds of stuff to the, you know, to the mail.

John

But they're pretty Ballard though, right? Like, I've heard Postal investigation services, like top notch.

Wade

Yeah, they are like, I, they, they dig in. They definitely, if you think they're awesome.

Alex

Send a self address stamped envelope number.

Wade

Oh, no, I had, I had my kids receive. They had birthday cards that got intercepted and money taken out of them. And it's like, oh boy. The Postal service did not mess around with that. And they definitely, wow, that is an.

Alex

Elite government agency right there.

Wade

And they definitely reinforced the. You stole money from a three year old for their birthday. Like they really wanted to have like the, like, can you read this out for, you know, your, your child? Yeah, they went, they went full force on that time.

Alex

You're saying. I'm very confused. You're saying the auspice stole your kids money and then forced you to read them a ransom note?

Wade

No, no. Like when they took it to court, they wanted me to articulate like the, the, basically the victim impact statement to court.

Alex

Like they, oh, I see.

Wade

Postal service was. Because it was somebody, it was like.

Alex

Someone driving around, bashing in mailboxes, taking stuff. Okay. Yeah.

Wade

He goes, this looks like a birthday card. I'm gonna zip this open and steal the money out from it and put the card back.

Alex

I thought they were enforcing their policy of don't send cash in the mail.

Wade

But anyway, no, no, they like, there was someone rogue that was taking the money. And you know, you report it in and you go, I don't think anybody's going to, you know, look into it. And it's like, yeah, you get like the full force investigators there. But I'm like, oh, somebody stole 20 bucks out of my birthday card. And they're doing a, you know, they're going full tilt on prosecuting.

Alex

Yeah. I mean, to close out the story. It sounds like Lenin, Chef l could use 20 bucks out of a stolen birthday card because probably not doing so good.

Wade

And it goes to show like, you know, the crime doesn't pay, that it's like you were responsible for like a hack or breach that everybody knows about and you're, you end up just broke and you can't make ends meet in anything else.

Alex

Yeah, I mean, a hundred million credit card numbers or, sorry, 10 million credit card numbers. Some.

Wade

It's like you're not driving around like some camouflage Lamborghini like the other Russian scammers.

Alex

Yeah. Are you telling me my purchase of a Lamborghini on someone's stolen credit card in Russia has been declined? What the heck?

Corey

Try this one.

Alex

Try the next one.

Corey

Yeah, try this. I think what we're missing out here though is one of the really a good side piece here is that Brian Krebs is really missing out on a good editorialization from Tim in our chat. He says, all I can say is that he has his booger hook on the bang bang stick. That was some good funny right there to me. You made me chuckle.

Alex

Thank you, sir Cribs.

Corey

You gotta hire this guy, man. This is like you're not gonna have that kind of journalistic integrity.

Alex

Yeah. What else? We could talk about potential buyout of Rapid7. That's not really a news article, but kind of interesting to think about.

John

The hacker that gets 10 years. Did you read that one?

Alex

Yeah, let's talk about that one. That's a good one. So this is an Idahoan, or is that how you say it? Idaho. And I know about Idaho and potatoes. Basically, Robert Purbeck is sentenced to 10 years in prison. Sentenced, which is means this final, or at least it's pseudo final sentence to 10 years in prison for stealing personal data of 132,000 people and extortion. Basically. There were known online as Lifelock and Stud Master, which probably tells you their self esteem level. Basically they bought it. It's interesting I think because they're buying access or he's buying access from initial access brokers to probably through info stealers. But I guess 2017 is pretty early for info stealers basically buying network access to a computer server of a medical clinic in Georgia, using that to steal P of 43,000 people and then trying to ransom back that data to the victims. Going as far as harassing the individuals, their kids. Pretty heinous stuff here, I would say. Crazy thing is the house was raided in 2019. He just got sentenced. So he got sentenced to basically 10 years in prison. Or wait, that's 10 years. But wait, I'm confused.

John

10 years.

Alex

Also three years of supervised release and a million in restitution. So basically 13 years under law enforcement control and 1 point or 1 mil in restitution, which I'm guessing he's probably not good for that.

John

No, if he's been in jail since he got arrested. Right. He's already done like five years.

Corey

Yeah, he's got time served already. That's a long time.

John

But I was like, is 10 years, is 10 years enough for this or is that like a sweet Spot. What do you think?

Alex

I mean I, I think it's enough. I think it's actually pretty harsh. I mean extortion is bad, data theft is bad. But 10 years in prison is that. I mean, I don't know, it's. It's pretty bad.

Corey

Depends on the prison, I guess.

Alex

Yeah, true, true.

John

But that's just like having a good note, right?

Alex

It's fair. It's pretty harsh. But it's also case before.

Corey

Yeah, well, before I would make a judgment on whether or not it was harsh enough.

John

I don't know.

Alex

Yeah, I mean extortion is bad. You know, silly people's data is bad. I mean, but yeah, I mean we, I guess it's, it's a drop in the bucket compared to what we see ransomware threat actors doing on a day to day basis. But anyway, let's talk about ransomware. No, I'm just kidding.

John

I was trying to.

Alex

There was a ransomware in there. What was it? Pharmaceutical company Embargo Ransomware. Another healthcare org, basically Embargo Ransomware has claimed they stole 1.469 terabytes of AAP's data. I don't know what American associated pharmacies are, but I'm assuming they're critically important to US healthcare just like most healthcare companies. So apparently apirx.com and rxaap.com all the creds are reset for there. There's APIs warehouse. I don't know, they're basically pharmaceutical. Another drug shortage is coming. Spoiler alert. Probably. Which is not great, but yeah, they're looking for 1.5 mil or that's the average demand of 1.5 mil this year. Wow.

Corey

Not too bad, not too bad.

Alex

I mean I don't know how big this company is, but honestly. Yeah, we'll see. They might pay it.

Corey

CEOs probably. I think I got a million on me. Hold on, hold on.

Alex

Let me check my walk.

Corey

Let's see what I got in the couch cushions.

John

Could we be a threat actor? That's everyone. Everyone's think like just one or two good cashes out, move to Thailand, good for the rest of your life. Nobody else thinks that. It's just me. All right.

Alex

Yeah, I mean, I mean a friend.

Corey

Of mine said that sounded like that.

Alex

Yeah, yeah. I mean healthcare ransomware, sadly too common, unfortunately. Usually very, very active. One thing that's kind of interesting, so kind of the war in Ukraine thing, interestingly, now that I guess there's a little bit of like geopolitical stuff here that I probably won't get into. Because I don't fully understand it, but essentially North Korean troops are active in Ukraine from what we know. And then South Korea claims that now that they're kind of calling out the fact that that's happening that Russian threat actors are going after South Korean sites. So it's kind of like a weird geopolitical thing of like we pointed out that something was happening and now all of our government sites are under attack. It's kind of a weird, you know, I guess it, from my perspective, it kind of maybe would be an indicator they're on the right track. It's like, oh, we're getting act that means we're right. Like, yeah, I don't know. But I just think that's a weird thing to be in the world of now that we've called out Russia, were getting attacked by Russia, but who would have guessed? Not too surprising.

John

No, it's.

Wade

I was going to cite the. A different news story, just continuing the. The looking for Money with the 23 and Me story that's laying off more people. I don't know what I. Yeah, we.

Alex

Can talk about it.

Wade

It's like I found that one, you know, interesting because like 23andMe, they still have all that user data and it's just going to get to the point to where they're going to sell that to try to make ends meet. I think it's also interesting that they said that their testing kit sales are down, but they're seeing an offsetting growth of membership services. Somebody out there is still buying kits for 23andMe when we may be at this point like within a year, where 23 and we just like sells their stuff to the highest bidder and who knows where that DNA information is going to. So. Yeah, but I mean there's. Who says they aren't. They already sell it. It's one of the few things that they, I think still have as value. So some. I mean, it's not a matter that they sell it, but it's just a matter that it may end up in more unscrupulous hands or just you. You give over your DNA, you can't change it and you have no idea where it's going to end up.

Alex

Yeah, I mean, I would say we didn't talk about this article or I don't know, maybe they did last week, but the whole Onion acquiring Infowars thing.

John

Was that talked about?

Alex

I don't know if we talked. I wasn't on the news last week.

John

But I guess what I would say.

Alex

Yeah, I Guess what I would say is it's kind of a corollary of, like, you never know who's going to buy the data when it goes up for auction. In this case, I think Infowars, at least my take, and maybe this is a political take, but them being acquired by the Onion is one of the best possible outcomes. It's money going to the victims. It's. You know, it's pretty funny to imagine someone reading InfoWars and then it changing to the Onion and being like, what the heck? Why are the articles not my opinions anymore?

Wade

Yeah, well. And the hiccups in that sale are something to keep an eye on as well, because there's all these challenges. So whatever comes from the challenges could determine a lot of other things going forward. So.

Alex

Totally.

Wade

But either way, claims to ownership because you're using. Because they have an identity on your platform, it's sort of like, well, Bhis has a Twitter handle, too. Are they partially owned by the person that owns Twitter? That's one of the arguments that are going on. Or you host your services on Amazon. Does Amazon technically own part of your company? Yeah, it's one of these things that. It sounds silly, but there's all these legal debates that made.

Corey

Has any legal headway been made in that?

Wade

I don't think so, but it's boggling that it's coming down to just being a whole, like, okay, I guess we got to sit around and discuss this or look into the minutia of it.

Ryan

When I think the bigger one that I saw over the weekend, as far as a lawsuit goes in this whole Infowars buyout is there's a claim that the auction was not done properly.

Wade

I saw that.

Ryan

Yeah. And. And it's not even from what I was reading. It's not even hitting on, like, Twitter owns some of this or Musk owned some of this. It's that nobody else knew what was going on. It said they went ahead and sniped in on it all. Nobody had a chance to go ahead and outbid them. These are the things that I'm hearing on the whole thing as far as from this past weekend. If anything's got some teeth, that might be it.

Wade

That might be one. Yeah.

Ryan

But I don't even think that's going to fly in the long run.

John

Was there. I thought there was something where they. The people who are accepting the bid had the opportunity to deny and accept anyone they wanted, though, too. That's what I. Because I was surprised that the Onion had that amount of money and that no one pitched any more than that.

Wade

So it was.

John

So there was some type of judge, right, that decided who was going to go to. But not. It wasn't all down to money, I think.

Wade

Yeah, it was down to money and restitution. Cancellation was basically what was stacked on top of it to where it's the, well, we can come up with X amount of money, but the victims that Alex Jones owns, owes money to said, you know what, on top of the money that we're putting together, we're also going to drop, you know, cancel out some of the stuff that you owe us, thus effectively bringing the total higher, you know, than what anybody else could come up with. You know, just in straight up cash.

Alex

If you're a bankruptcy lawyer, come on the show because we have no idea.

Wade

This is, this is beyond.

Alex

I will say, though, just looking at it, on the face of it, the company that's filed the complaint saying the thing was unfair is the company is a company affiliated with Alex Jones. So it's not like the writing's on the wall saying, no, you take my website, give it back. Like, it's not. Maybe there is a legitimate legal element of it, but it is, I think just more of a, well, we're going to appeal. Of course we're going to appeal. You always appeal.

Wade

So what do we have as our, like, sweet dessert of a final entree here to watch the Alex Jones out of our mouths.

John

So there's the top vulnerabilities of 2023.

Alex

Yeah. Let's add.

John

Or there's one that you probably already know the answer. The worst passwords of 2024. Well, I think we all know that's.

Alex

I mean, I think, I guess from my perspective, and I don't. Maybe I didn't read the article all the way, but none of these were zero days, right?

Corey

They were all a lot of zero days.

John

Yeah, it's from 2023. Not they're a year behind.

Alex

Does it give account of how many most. It says most of them first abused as zero days. But what it doesn't go into is like, Okay, I guess, like, there's so many data questions I have, like, is it the total number of times the exploit was used or is it like, I don't know, like. Or is it like based on cybercrime cases, like, of where it was successful.

John

Pivot to the CISA page and we'll see if we can.

Alex

Yeah, maybe someone just throw that page.

John

Into ChatGPT and see if it can answer the question for me. There's a whole PDF on it.

Alex

Yeah, I'll have to read it. I guess I should have done this before the show, but I'll have to read it more in depth. The data guidelines, you know, how it got used. But I would say, you know, a lot of these vulnerabilities were patched pretty quickly after they were disclosed. And I feel like in my head what happened was there was a zero day exploitation and then people didn't patch and so they just kept getting used over time. Especially things like that, you know, netscale people don't patch.

Corey

Let's say the most exploited vulnerability was not patching.

Alex

Yeah. Well, if it's a zero day, then the numbers are way different. Right. It's just like what were the most used products in 2023? But if it's, you know, I don't know, it's kind of a. Also it's interesting that own cloud was on there. That's like kind of a whole botnet thing from my perspective. Like that's targeting mostly self hosted stuff or like non corporate assets.

John

Right.

Alex

Like I don't think many companies are running own cloud. I also don't even know what paper cut is. Does anyone know what that is? Mfng. What does that mean?

Wade

I don't know. Multifactor, next gen, I don't know.

Alex

Mail filter, something Firewall, mother blanker, who knows?

Corey

Monkey farmer, monkey fighting snakes.

Alex

On this Monday to Friday played.

Corey

That is some of the best censorship I've ever seen in my life.

Alex

I'm so glad you understood that very specific reference.

Corey

I absolutely did.

John

That's one of my favorite movies.

Alex

Yeah, so I mean, I guess if, if you can do something with this information on what the most 2023 affected things were or most exploited vulnerabilities.

John

Patch.

Alex

Patch yourself.

John

I was about to say, well, let's try to figure out what the.

Corey

Okay, you can talk about patching stuff.

Alex

Maybe we could have Russian APT guy give us an overview of why we shouldn't patch.

Corey

Listen, you patch things. I don't, I lose control. I don't like that. That makes me upset.

Alex

You patch for me, right?

Corey

Yeah. Okay, I send you patch, you install. It's great. You'll love it.

Alex

Very nice.

Corey

Yeah, I did hear like a while ago, a long time about some windmills that had been hacked. And they were really doing their best. Actually they were maintaining the windmill software because it was really not great. So when the organization found out that they had been hacked, they were like, listen, what are you doing on these things? And they said, well we're mining Bitcoin or some cryptocurrency. They said we'll keep mining it and just keep these servers running for us. We'll call it an even trade. That was some smart thinking.

Alex

I mean, maybe we'll never know, but I could see. Let's. Let's give some predictions. Maybe Elon Musk turned SZA into like an American APT that goes out, hacks stuff, but then patches it. It's like the most chaotic, progressive version of trying to be an APT that you could imagine.

John

Aggressive patching.

Alex

Yeah, like you are being patched. Do not resist.

Corey

Yeah, they've done that before, right? Like as in the FBI pushed out patches to like robbers and stuff.

Alex

Hasn't done it. FBI has done stuff like of that level. But it's typically, you know, not at the scale that like real apts go at.

John

But yeah, not yet.

Corey

At least not yet.

Alex

They're more about takedown takeover monitor less than they are just like hack it, patch it today. But that would be pretty funny. It's like you are being pen tested and patched. Do not resist. Yeah, maybe that'll be a new service line in 2025. It'll be like pen testing with patching as a non optional. If we find a vulnerability, we will intentionally patch it and you have no choice. And will we break everything? Maybe that's part of the only if.

Wade

They can make some sort of meme out of it. Be like, oh, and we set the admin username to this and the password is this. And it's a funny meme that would be right up there. Right up there.

Alex

So you're saying that as we can do that, as long as the clients are getting memes about it, that it's okay?

Wade

Oh yeah. I mean that's the way that, you know, Musk and Twitter would be all in is that's like, hey, can we, can we make a meme out of this whole thing?

Alex

And yeah, so that's the new way to pitch to CEOs in 2025 is just say you're going to do it for the memes. They'll go for it. That's a sales tip right here on the show.

Wade

That is, that's how we are in the timeline that we're in.

Alex

So yeah, their marketing department will go for it. They'll be like, we love memes that.

Corey

We'Re selling as a lot of CEOs are aging in from like the millennial generation. And lower that that might actually work.

Wade

Yeah, Here you go.

John

Meme marketing.

Corey

Yeah, yeah.

Wade

Me marketing.

Alex

Yeah. Anyone that's interested in a pen testing startup idea. You know, I have one for sale for zero. Just let me know.

John

Corey. So what was this competition thing you were at?

Alex

Oh, okay. So yeah, I was over the weekend, so Black Hills Infosec over. We sponsored all of the regional collegiate pen testing competition competitions which to give you an idea of what it is, it's called Collegiate Pen Testing. It is literally a competition to do a pen test. So it's not a ctf. This teams, each team has basically is a pen testing firm from their perspective. And there's actually role playing between like the pen testing firm who is the students and then the actual company who's, you know, the competition organizers. And it's all real like it was fun. I got to LARP as like a dumb IT person and ask like, do zero days affect my systems? And stuff like that. And the students are. The student kids are going to be all right. They're all super smart and motivated. And it was cool to see, you know, 10 teams or however many do, you know a pen test of their own, create a report, submit it. And that was mainly what was scored. It was cool. I mean definitely. I mean it was at Stanford, which is an insane campus. It makes me realize how I definitely chose to go to a school that wasn't as fancy as Stanford. I don't know why, but yeah, their campus is incredible and everyone there was super nice and motivated and it was awesome. So yeah, if you're a college kid, definitely recommend getting involved with this if you're interested in pen testing. It's pretty cool.

John

Is this, is this the right website? Does this look right?

Alex

This is the right website. Yeah, we found it.

John

This is officially never said this one. I've heard of a couple other of collegiate. Like.

Alex

There'S basically three for college kids. There's ccdc, which is Collegiate Cyber Defense Competition, which is more chaotic and ctfe. Then there's Collegiate pen testing cptc. Then there's also National Cyber League, which is like a remote league that is more about like very CTF focused.

John

So here's what we do. We go back, we go take one course at a college, right? And we just wipe.

Alex

We stack a deck. I will say that was one thing that was discussed is like what if we, what if like Black Hills while the students are doing their pen test, like we have a team from Black Hills or another like pen testing vendor that actually does the pen test, like you know our style and uses our report. And it could be like maybe a point of comparison of like how much we found, how much, you know, how. What our report looks like compared to everyone else's. But I will say, like, overall, that probably wouldn't be super productive. Right. Like, we already would just give away what we would do for free anyway, so you don't need to see us actually do it. But yeah, It'd probably be good, though.

John

For the students, though, right? Like, compare my work to the actual professional one. I think it would be pretty legit, maybe.

Alex

Yeah, it's tough because it's also, like, we don't want to just come in and be like, stunt hacking what up? Like, you know, it's not like, that's not the best vibe. Like, there were some teams that probably would have done better than us, if we're being honest. Like, there's definitely some really, really talented teams. So. Yeah. Anyway, any. Anyone have any closing final thoughts on what's going to happen in the next week? Predict that. Predict the future. News. T Mobile probably gets hacked again.

John

T Mobile gets hacked.

Ryan

There's gonna. There's gonna be another management interface open to the Internet exploited.

Wade

Yeah.

Alex

Is it gonna be fortit?

Ryan

Fortinet's already been done.

Alex

Can we get a checkpoint?

Ryan

I think we're up to checkpoint.

Alex

Or what about, like, watch guard? Is that a big one? Maybe that went away.

John

I don't even know. Blue coat, Blue coat.

Alex

Good times. All right, thanks, everyone, for attending. Kill it with fire. Bye.