Wade

The sock is where pressure is real and impact matters. Join the anti siphon training sock summit free live streamed March 25th. Then go deeper with Hands On Training March 26th through April 10th. Learn more at Anti Siphon Training.com event sock summit. I. I got kind of something. Did I. Have I talked about my family organizer program yet? I think I talked about it with family.

Hayden

I think you did. We need to have another chat because I have one that.

Corey

What is it like now? Okay, this could go one of two ways. I'm very. Please allow me.

Wade

Yeah, let me. Let me throw you my GitHub real quick on this thing.

Corey

One of you the next Molt book creator.

Wade

Nah, dude, I literally got bold. No. Yeah. I wish.

Hayden

I wish.

Wade

Dear God. I'll throw it in private chat. I'm not going to throw it in discord because I don't want. I'm sure there's a key somewhere in there where I'm going to get owned.

Hayden

I'm going to send my agents after it. I'm going to start adding a bunch of stuff that I want to your to do list.

Wade

I'm fine with that. So I wanted one of those, like, family organizer, like, monitor things for a long time, but. But all the good ones, you got to pay subscriptions for, like, the bare minimum of things. And so I've been on leave for three weeks now, and my goal was like, all right, I need to. I'm watching Hayden destroy me AI knowledge. So I'm like, I need to catch up and build something. So I built a family organizer program from scratch with all of the. I've been messing around with all of them, and it pretty much does everything. They all do. And I just run it. I run it at home on a raspberry PI with a touchscreen monitor and then have tails tailscale installed on it so I can access it anywhere.

Hayden

Love it.

John

We're at, like, the inflection point where there's so many projects that I see. I'm like 20amonth. I'm not paying for that. But then I'm like, but I really don't want to spend all my time building it.

Wade

I got this working in 24 hours.

Bronwyn

You don't just have to build it. You have to maintain it.

Wade

This doesn't touch the Internet. Technically, this doesn't touch the Internet. I have.

Corey

I have it locked down.

Hayden

It's the best app.

Wade

And do you have an.

Corey

Do you have a script that generates a family for you if you don't have one? It does.

Wade

It will. And It'll put events on your calendar so you feel there's chat.

Corey

It'll just be like image of the

Roy

guy just constantly asking for money. It's like.

Corey

It's like if I had more requests,

Wade

I. I will admit the thing I am most proud about. So, like, working in fast food industry, one of the things I always loved is like having an inventory of everything in your house, right? So I have like a grocery list. Once you go grocery shopping that list, you can import it into your inventory, right? You can set low marks and stuff like that. You can look at everything you have in your kitchen, and then if it's low, you can say, hey, add everything that's low to my grocery list. So you can go. Then there's a meal planning functionality that looks at your inventory and you can add recipes to it. And we'll tell you, like, hey, here's everything you can make tonight. And I. I plan on adding, like a meal database to it.

Hayden

We need to talk after this. I built the exact same this weekend. Kroger has a public API, bro. I just hooked mine into my Kroger order history. I was like, hey, here's my order

Wade

history so you can bulk inventory.

Roy

I have this thing where Erica, like, during the summer, she has her garden. And it's like, every time I hope my mic's a little bit better, but every time I come home, it's like Iron Chef. It's like. So we got like a.

Corey

Which.

Roy

The first thing I do is just throw the beets away. Do that.

Bronwyn

But you're good for making pink pickled eggs.

Roy

But it's kind of like that is. It's kind of. I don't know, it's just crazy.

Corey

So should we do the show? Should we do the podcast? Or should we just. I mean, honestly, this is maybe a more interesting topic to talk about. How we can prompt inject Hayden's thing to send him 80 jars of pickled beans.

Hayden

Hey, it can't order them. That I. I'm aware of the problems.

Corey

It can't. I can't order them yet. But if I get prompt injection, I can just have.

Hayden

Doesn't have the API scopes. Don't you dare send me a whole bunch of beats.

Corey

Oh, I can send the API scopes anyway. All right. Okay. All right.

John

Roll the.

Corey

Roll the finger. Let's go. Hello and welcome to Black Hills Information Security. Security's talking about news. It's March 16, 2026. Let's talk about news. There's a lot of it. First of all, Malt book Got acquired. No, I'm just kidding. That's not the most important news. Let's introduce everyone. We've got Haircut Fish, who's our resident meme expert. Meme maestro, if you will. Apparently, his real name's Dan. Who would have thought?

Dan

Yeah, I don't look like a Dan World.

Roy

And your mom looked at you was like, haircut Fish, where did.

Corey

What is the origin story of Haircut Fish as a username? Is it random? Like, was it. Oh, that's where, you know, it sounds.

Dan

Pretty much, yeah. It's. It was something stupid I came up with in high school. I was in the mood for Long John Silver's, and walking into the mall over there was a haircut place. Haircut Fish was born.

John

Yeah.

Corey

Super nice. That's fun. I will say, I also, like, back in the day when you'd sign up for Xbox Live, it would be like, we don't have a username. We'll generate one. And it was like. It was always verb and then animal. So I was, like, acting raccoon or whatever, you know, like, it was a good name.

Hayden

And now you're Corey Ham, which you were Rocket.

Bronwyn

I was.

Corey

I was. I was Rocket Raccoon before it was cool. All right, Hayden, give yourself an intro. What's your fake username? What's your real username?

Hayden

My real username is Hayden. My social is.

Corey

No, wait, your real username is Hayden.

Hayden

Yeah, yeah, I got the original one. Yeah. It cost me a lot of money. Don't worry. My OpenCL bots, they made me so much money this month. They didn't.

Corey

No one believes you DM me your Kroger API key on Reddit or whatever.

Hayden

I'll send you my Kroger API key. I'll send. I have a Kroger API key. I had a friend who was working outdoors, and he sent me this picture of his lovely flower. Flower bed and all that stuff he was doing. And I responded with just a screenshot of the Kroger. Kroger developers webpage. I was like, this is what I'm doing today.

Corey

Oh, man. We've got Bronwyn, who's currently creating an AI agent to automate her pickling of eggs. Apparently I do love a pickled egg. Anyway, John's not here. He's here, but he's not here. He's going to rant later.

Bronwyn

He'll be back.

Corey

I'm calling it now. We've got Wade. He's looking for investors in his Iot project that he's working on. Everyone knows IoT projects are so hot these days.

Hayden

I'm dropping the link in chat now to his private GitHub repo.

Wade

I dropped it. It's okay. You can go check out private.

Corey

It's running in containers.

Wade

Two scripts. That's all you got to run. And I just have a backend. Then I have, like, a backdoor in your computer. Don't worry about it.

John

All right.

Wade

I honestly just have Claude code installed on the Raspberry PI. When something breaks, I tell it, hey, what's wrong?

Corey

Go fix it.

Roy

And it does.

Wade

I'm like, all right, cool.

Hayden

Push pushed it.

Bronwyn

So kind of like what Amazon did.

Corey

Yeah, I was gonna say, do you work at Amazon? Are you a level 7 engineer at Amazon?

Wade

I can't tell you.

Corey

That's spoiling what's to come. So we also have Ralph the who's doing a Rubik's cube. Ralph, you know. You know you can get Rubik's cubes that only have one color, right? That's a nice little hack for you.

John

Yes, actually, I. I looked up some silly projects where they have the automatic solvers, and I was like, oh, I should totally build that. That was one thing I thought. But there's like 900 projects. This one's been solved, by the way.

Corey

Uhhuh.

Troy

Well.

Corey

Well, that remains to be seen.

Roy

I'm just kidding.

Corey

We have Troy. Lastly, who's our resident threat intel expert? I guess, if you want to. Do you want to fight Hayden for that title?

Hayden

I don't want that.

Wade

I'm the one who teaches the course.

Corey

Okay. Later, we'll do a lightning round where you guys can all answer threat intel questions, and I'll meet someone who knows nothing about threat intel will be the judge.

Hayden

Well, it's like. It's like naming the digits of PI, except you go up in the APT numbers and you got to name what country, what they call themselves.

Troy

So many different aliases of the same APT that, you know, Right?

John

Oh, I just.

Hayden

I just.

Roy

Xbox room somewhere and all the APTs join it and it's like, that's your apt name. Like, Sad Panda 52. It's like, yeah, I wanted to be T Bone Rocket. It's like, sorry, man, I. I still

Hayden

think we should give them really insulting names because then they won't be incentivized anymore to do crime.

Wade

Could you imagine the news? Like, I don't even want to say what I saw, but just like, I

Roy

don't want to put anything in the swear jar today.

Corey

I haven't seen the news, but I think John's version is the best. All right, let's get into articles. What do we got? Does anyone have any hot. I mean there's a lot of hot and spicy articles. I think the biggest one we should probably start with is Striker. That was. That happened last week. That really kind of. It blew my mind when it happened. So for those that don't know or. Or if you live under a rock. Stryker S T R Y K E R is a medical devices company. They're kind of like med tech I guess. I have a friend who's a surgeon and he was like, oh God, this is going to be bad. Basically they got compromised by Iranian affiliated or Iranian, you know, associated threat actors. And it appears that they got Global Admin in their intune or Global Admin in their entra id, you know basically in their cloud and then deployed a wiper malware which a wiper malware is just factory resetting all their devices in Intune. So at least that's like. I'm sure the threat intel people have more in depth write ups of what that is. But it sounds like petabytes of data have been wiped which is absolutely crazy. Even including people's personal phones. If you were enrolled with the company mdm, it just wiped your phone which

Wade

is literally worst case scenario.

Corey

Brutal worst case scenario.

John

So I mean I'm writing software right now to secure your intune.

Roy

Yeah, some people just want to watch the world burn, Master Bruce. That's what I was reading this.

Troy

It was like yeah, they claim to have exfilled the data too, right? Not just wiped it but I mean

John

yeah, that's a good claim.

Corey

I was gonna say that's. That's gotta be bs. Ironically Intune doesn't have petabytes.

Roy

What the hell.

Corey

Yeah, yeah, no, either the. Either they're paying like a nation state level fee on their AWS S3 buckets

Troy

or like they just took them over.

Corey

Yeah, maybe. I mean basically the way I'm interpreting this is they had access to Intune and a few other places. If you're wondering like what can I learn from this? As an organization the biggest thing is just control and limit access to your Global admin and Azure. Like do make sure that that's a lot of doomsday keys that have to get turned to reset that kind of stuff in intune. And you can also apparently rate limit the speed at which devices can be reset. So that's another controller. There was a pretty interesting write up that someone sent me that has kind of some detection engineering packs and things you can do for detecting it for

John

how they got into their intune. Right. Or is it just they got administrator on Microsoft and guess what?

Corey

That's a good question. I'm assuming they got global Admin, but I don't think that's answered. Maybe I'm wrong, I guess. Troy, Wade, Hayden. Like, is initial access nailed down? We're assuming fishing or vishing.

Troy

Right.

Corey

But we don't know.

Hayden

I mean the Cribs article doesn't say, but it's got to be like fishing.

Corey

Fishing or vishing. That's all I can think of.

John

So not to use cloud.

Wade

The big thing I saw, I don't know why this was mentioned so much but was because Stryker bought a medical device chair like bed company in Israel. And that was like the first thing that stood out to me. But because Iran is always going to target Israel.

Corey

Right.

Wade

And but seeing that, I was like, okay, did they pivot from that company into the greater company? Because during any type of merger there's a bunch of crazy stuff that can happen.

Roy

Okay, but this also, like, this gets into like, I haven't seen anybody that's come in with like an article of how the initial attack vector was. It's possible they don't even know. And one of the problems I have, especially with companies that you get to a certain size and we talk about this a lot with continuous pen testing and standard pen testing is it's much easier to break into a larger corporation than it is like a small one of like 100, 150 employees. And it's just your attack surface is just so much larger. There's so many opportunities for social engineering. There's so much like the attack space for SaaS products and API keys being bled out through the cloud. There's also a much larger attack surface in core. I wanted you to talk about, talk about this a little bit. As soon as you start implementing info stealer logs and you start going in like breach databases, your likelihood of having the credit, the creds or API keys or session tokens all of a sudden starts growing up dramatically once you start getting past like 10, 15,000 people.

Corey

I mean, yeah, I mean, I would say if it was info stealers, this would be like the world record info stealer. Like, like, it would be like the like l. Disbelief levels would be so high.

Roy

I mean for initial access, getting one

Corey

account, getting one account, not all of

Roy

them all in one shot. I'm just talking about the initial crack the door open, get into the environment. Because once you get into a lot of These environments with valid creds. You know, if we go back to, you know like if we go into like Bose tool right where we're looking at Graph Runner. Once you're in like the ability and the amount of options to start moving laterally in cloud infrastructure is just so vast and much harder honestly, if I

Corey

had to guess, like if I had to guess, I would guess they just vished or helped us se to a super high level admin that that would be my guess. Like that that's. I bet you they just went after a super high level admin. That one guy who like lives in the basement doesn't have any controls on his account because he's super aggressive like that. That yeah, basically like the guy who set up the entra ID tenant and like still has global admin even though he shouldn't but everyone's afraid to take it away. That's my guess. Like I don't know if that's true but typically when we see an A compromise happen this quickly, it happens from a privileged user. That's the initial access vector is like a privileged user just gives up their Azure and there's no pim like that. That one individual is just an privileged user and can do everything. That's my guess. But I mean that's total speculation.

Wade

We're missing out on one thing here. How did they get 20 petabytes of hard drive space in this?

Corey

They didn't.

Wade

There's no way that came through.

Corey

That is all made up in this economy. Economy. No way, dude.

John

The S3 cost on like 12 petabytes is something like $264,000 a month.

Corey

Right.

John

And that assumes that you have the time to get that in there.

Corey

Right?

John

Like you might as well buy a semi truck, load it with hard drives. That's the fastest way you're going to get into an.

Roy

And no one noticed it leaving. It's like the Internet's running. I don't know what's going on here.

Corey

A fast and bomb or something, right?

Wade

With semi trucks and hard drives.

John

And honestly that that's what that would be. If they came out with a new Fast and Furious to mirror the other one, they'd be stealing hard drives.

Corey

That is so true. That is so true. It would be like gpus, dude.

Hayden

Yes.

Corey

Yeah. No, I mean basically, yeah. I mean like, yeah, I mean the last meme before we move on will be like, sir, we've had a AWS snowball delivery request to Iran. You know, Iran or whatever. Should we, should we deliver this? No, I don't think we should, you know, high risk environment there. But I will say I, I think this is about as close as it gets to like a cyber missile strike, right? Like, like, I don't know.

Hayden

I mean, I just wonder if it was retaliation for one, right?

Corey

Yeah, yeah.

John

I wonder if they had a list and they were like, here's 20 people that we all hate and let's go see if we attack one of them. Right. Because there's no way that they were

Corey

just like, oh, I bet you they had access. Yeah, I bet you they already had it.

John

You think they already had access, were just holding onto it?

Corey

Yes, that's my personal belief. It's like they're basically just, I mean they're, they're state sponsored actors, they're always hacking. That's their job. Then they're like, oh, we're getting actual kinetic, let's go, let's just nuke it. That's my guess.

John

Okay.

Dan

I was able to find recorded futures. Put something out today. It said the Cisco Talos incident responders said that it was hundreds of leaked Stryker credentials on the Dark Web that they use and then they were just using living off the land techniques to get widespread.

Corey

So yeah, we've never heard this before. This is, this is new.

Roy

One of the things, you know, kind of like you're moving past Stryker. We have Verifone was hit, Eminet Pass Guard was hit. Israeli transportation and logistics, number of things as far as infrastructure. And then a whole bunch of universities were hit. Israeli journalists and academics as well. The reason why I'm bringing this part up is cyberside seems to have been pretty light. I thought the amount of cyber retaliation from Iran would be a lot worse. And I wanted to get especially like Wade and Connor or Wade and Hayden's. Sorry, Hayden, Wade and Hayden's opinions on this. Why, why has this not been worse from a cyber perspective than it has been so far? Is it because A, they just, it's, it's a tough nut to crack. Is it? B, they're waiting and they're going to try to like stretch this out or is there something else that I'm missing?

Wade

I don't think they're waiting. I think they've, they're, they're going, this is it. Full bore right now.

John

I think this is it.

Hayden

Yeah. I was about to say, I don't, I don't know if they have like, I don't know a whole lot about their internal organizational structure obviously, but I wouldn't sort of pick them as one of the Ones to, like, hold a ton of access back and sit on it for however long, like I would expect. They get something and they go for it is how I would kind of imagine that.

Roy

So the other possibility, by the way, we just coined a new. A new person. It's Wade and Hayden.

Corey

That's fine. Good luck merging that git branch, Roy.

Roy

But so the other possibility is in the opening salvos of this attack, I wonder if they actually did hit some of their cyber offensive capabilities as well.

Corey

Oh, definitely. Oh, yeah, there's no doubt. 5, 000 targets were hit. I mean, there's even like unverified tweets talking specifically about.

Wade

From what I was told, there was

Troy

also talk about hitting satellite. Like they're trying to gain access to satellite infrastructure as well, like the Iranians. Because of that, I thought I saw something where there was attempts at like, Starlink and other satellite infrastructure. So they probably did get hit from a backbone perspective of what they. What they can access.

Hayden

And it could also be.

Wade

There's a lot more targets hit with that aren't saying anything from what I.

Hayden

Sure, that's a good point.

Roy

Okay, so that's funny. I did read there was a rabbit, like, on the cybersecurity subreddit, there was someone that's like, this is beautiful. Every hack that happens from, like the next few weeks, we could just blame on Iran. I mean, I mean, they got.

Troy

Their reputation really came from like Saudi Aramco, remember? We're like, like when that hack happened and then the casino after that, it was like, wow. Like, and then anything anytime I remember during the first Trump administration, when the general got taken out, like, I. The previous organization I was working at, we were kind of in the defense space, like, everybody was freaking out. Like they were going to retaliate and start, like, going after. Because that's where they, like, they got notorious from those hacks. And those were. Weren't like small hacks, right, that they pulled off.

Roy

Yeah, they were. They were pretty technically advanced. That's one of the reasons why I would absolutely see it as the first wave of strikes going after their cyber capability.

Corey

I don't think first wave, but second wave. I mean, again, it seems like first wave. Yeah, yeah. Basically that seems to be the general assumption is that if you have 5,000 targets, one of those is going to be the one with the highest bandwidth. A blink or whatever, right? Like, just go simple.

Roy

And there's also like a whole attribute of this, of if that happens. Right. We're just stacking a bunch of what ifs on what ifs, what ifs, which means it's all, it's all bullshit. But if they did take out cyber attack infrastructure in Iran in the first or second wave, okay, if that did happen, that also tells me something, that they didn't need that infrastructure from an intel perspective. That tells me that they had some other capability where they were already inside of the comms, that they just didn't need to be riding on top of the comms of people that probably got hit first or second wave. So like I said, this is, for me, the news story is the cyber attacks haven't been as bad as they could have and should have been. And what does that mean? Because either A, they're standing back or B, they were absolutely destroyed in the first couple of waves.

Wade

So what about, that's, what about vice versa though? Iran, we haven't heard of any cyber attacks happening inside their local networks.

Hayden

Like I don't think as much as we've seen.

Roy

Okay, no, that's not true. That's not true because remember there were a lot of news stories that were talking about Iranian intelligence being able to pull together that the Ayatollah and all the top people were at a specific location, they were hacking traffic cameras, they were pulling in multiple intel sources to make sure that whenever they were striking that they were going to hit as many of the high ranking officials as possible. Now all that being said, they clearly missed that there was an elementary school that hadn't been used for military purposes for almost a decade. So your mileage may vary in that situation. But there were a lot of stories about the level of intelligence that by the way, that train, not me, that's not my location. There was a lot of stories talking about the level of cyber that was used specifically for Israel being able to pull together, that all of these people were going to be together at one place at one time.

Wade

I'll clearly state how much of that

Bronwyn

though was because of Russian intelligence helping with that to go to Israel against, against Iran.

Roy

I hadn't, I haven't read anything as far as Russia and intelligence against Iran. I have, I have heard nothing about that. So it doesn't mean, I just have missed it.

Wade

I suppose the, the theory behind that is that if with Iran blocking the straits, that oil is going to be, not be able to flow as quickly.

Roy

That makes sense.

Corey

Well, we already lessened sanctions on Russia. We've already seen that happen.

Wade

So yeah, then the sanctions are loosened on Russia. So oil can come from Russia.

Corey

The enemy of my enemy is my friend the old classic, I guess, right? All right, that's probably enough geopolitical posturing before we all back ourselves into a fake poly sci degree over here. Yeah, yeah.

Roy

What are you calling fake, man?

Hayden

We can talk about Wade's household management tool again.

Corey

No, we're gonna talk. You give us the documentation for your Kroger API tool so we can hack it so hard. We're holding that ransom.

Hayden

If you want to build me a Kroger card, I'll order it.

Corey

No.

Roy

No, I don't think so. Not.

Corey

Not worth it. So let's talk about the McKinsey thing. Do you guys want to talk about that? It seemed pretty high profile. It's kind of a. It's not. So this is nothing crazy, but this is, I would say, a current trend in cybersecurity. We're seeing threat actors going after traditional vulnerabilities with, you know, AI, basically using agent again, but this one's extra spicy because it also incorporates going against AI at the same time. So basically, McKinsey. I don't. I think McKinsey. I don't even know what they are. What is McKin?

Hayden

Is it the consulting company?

Corey

Consulting, yeah. They're like big four, but not Hamilton. So, yeah, big four, but not basically. They had this exposed AI agent. They had an internal AI platform that they have. They have 43,000 employees, apparently. Holy crap. And this is like. Basically, this story has played out in a lot of companies, and so it's representative of the way things are. They built an internal portal. It's internal, so it doesn't have to be secure. And doesn't need a pen test. No, it doesn't even need a pen test and basically expose the chat bot. And also, you know, long story short, there were traditional vulnerabilities. The cool thing from a web app perspective is that the. The injection vector was actually the JSON key value, not the. Or the key, not the value, if that makes sense. So, like, would fly under the radar of most traditional scanners, but once they injected, it was like SQL injection. And then they convinced the AI to give out its system prompt. And then, you know, basically they ended up compromising the AI platform itself, which gave them, you know, all the prompts, which, as we know, no one would ever put anything sensitive into an AI prompt. Of course. So I'm sure, you know, that led to a huge. I mean, this is like a research write up, right? Like, so I'm assuming, you know, they, like, were allowed to write this up, but I think it's like this story is playing out across all this story is playing. Most big companies, they're like, we need an internal AI portal so that someone can ask where their HR thing is and we can give it a good. Give them a good answer. And we're going to skip all the security stuff and just roll it. Like, not even use Claude to build it, because we don't have that yet.

Bronwyn

Okay. Okay, Wait a minute.

Hayden

That's really scary.

Bronwyn

In reading this article, the chatbot Lily had been sitting in production for over two years.

Corey

Yeah, yeah, yeah. They built this pre AI. They basically built this pre Opus 4.6. Exactly. It was like. It was like the. Either the old version of Vibe coding that was way less secure, or it was just built by hand because it was like an executive saying, hey, we need an AI tool, and then they just built it the old way, so to speak.

John

How could you build software by hand?

Dan

I don't understand.

Hayden

It's not possible. You can't do it.

John

What?

Corey

In the before times. In the before times, okay, they were called punch cards.

John

Really?

Hayden

I remember that.

Bronwyn

Use them.

Troy

That's how they program by hand.

Hayden

Well, dude, what's so scary about all of this is, like, you hire these sorts of consulting companies when you are, you know, like, the titans are the ones hiring these sorts of consulting companies, and you probably pay them a stupid amount of money to come in and do whatever it is they're doing. And so when you look at, like, what they claim to have access to from hacking this chatbot, it's 46 and a half million messages, 728,000 files from, like, all of these potentially very sensitive discussions around these massive companies. So, you know, a lot of the, you know, biggest companies in the world, I imagine, would have worked with many of these consulting companies in many ways. And so it's just very scary to wonder, like, what is lurking within that context.

Corey

It's just, oh, dude, that's so bad. There's also the fact that. How many companies did. How many companies paid McKinsey to set this up for them, like, at their own. Their own version of this? Like. Yeah, yeah.

Roy

I don't know. Okay, so. So, you know, putting my hat on of I own a security company. Did you guys look at the disclosure timeline for this thing?

Corey

Yeah, it's pretty sketchy.

Roy

Yeah, it's not great. I understand that McKinsey has a bug bounty program, but they went from, like, February 28th to March 9th was the

Corey

public disclosure, and let's just say negotiations went south. Pretty quick.

Roy

Reading between the lines, it says that they patched everything on the second, and I. This whole timeline, just.

Troy

Really?

Roy

So you know that the stuff that we've been working on with Microsoft that Matthew's been working on. Corey.

Corey

Yeah.

Roy

So he just sent an email to me, and we've been working with Microsoft to try to disclose something that we think is pretty bad. And we started out, what, in October,

Corey

Corey, if I'm remembering correctly, something like that. September 30th, actually.

Roy

Yeah. So we've been sitting on this. We've been coordinating with them. They flat out are ignoring us. And now we're sitting there and handwriting. It's like, oh, gosh, should we go public with this? You know, and we're talking months and months and months on something, right? With this, it was literally like, a couple of weeks. And now it's like, how we hacked McKinsey. There's nothing that looks. And I could be wrong. They probably do just fine. But there's nothing like, I want to hire these guys to come into my company. It just. And it also gets to, like, what is it? Bug bounty programs. They're associated with Hacker1 on this as well. But good night. Like, there's very much an ad.

John

This is very much an ad, John. Yes. Like, this company is brand new.

Roy

No question.

John

The domain for this company is less than 30 days. I know that. If I block domains that are less than 30 days.

Wade

Do you think MacKenzie owns Code Wall?

Hayden

Yeah, that would be so crazy.

Bronwyn

Oh, right.

Roy

Well, we know that code wall owned MacKenzie.

Corey

Pretty burn.

John

Or they're just getting paid.

Hayden

Hi, YouTube.

John

So, anyway, I was just gonna say, you can tell this was an ad. This was. And it was exactly what they're selling, right? We have a other company, dude.

Corey

Which, by the way, that's what every pen, test company, any company.

Roy

If you go to any company and they're about us, it's called the Manifesto. Like, oh, my God, really?

Hayden

Like a burger restaurant? Or, like,

John

I'm not saying that you shouldn't have ads or try to talk about how cool your stuff is. That's not. I'm not trying to, like, knock on that. I just think it's a little skeezy the way they did it, right? By making some big hack on their thing, you know, to kind of expose that.

Hayden

I mean, if you look at their timeline, like, they. They report it, right? And then they say that they acknowledge it. And in the same day, McKinsey says they patched all the endpoints, take the development offline, and then block their API documentation. They waited seven days, and then immediately Published this. So they, they got very pissy about the response and I guess decided, I guess we're done talking and decided to publish it and almost to like, you know, the point of it sounds like the consensus that this was an ad. They were like, this is the perfect opportunity for us to drop a pretty good ad now.

John

Well, so there's another one. They have just, they, the only thing they have on their site is just like blog disclosures. There's another one? Yes. Two blogs, excuse me, where they do the exact same thing. Right. This is just like, you know. Yeah, I don't know.

Corey

I mean it's not great. I mean, I will say it is par for the course. I mean this company supposedly on LinkedIn says two to 10 employees. So it's just two bug bounty hunters who are like, let's go.

John

It's one guy and 30 agents.

Roy

One of them is a.

Wade

30 agents count as one person. Is that what we're going for now?

Corey

Is that the ratio?

Roy

Yeah, this brings up like AI is beautiful for pen testing because everything we do is breaking shit. So it's not like building resilient systems and all that. It's like I got a whole bunch of agents that broke this. It's like, yeah, that's what we do. Unfortunately, yeah, not all of us.

Bronwyn

Well, and these days we don't even need to break it ourselves. We could just have an AI do it for us.

Corey

Yeah, I mean it's a two edged sword though for the companies. I mean I definitely think for the companies who spun up their own. Like we've even seen this for our clients which you know, I'm obviously McKinsey in this case is not a client. But the, we've seen a lot of companies spinning up their own AI tools internally that are not secure. It's, it's a, like a common trend. Especially because most of them were built before there was like vibe coding as we know it today, which is a lot better. So yeah, let's, let's move into the Amazon stuff.

Hayden

Brian would share the exact article I was about to mention too.

Corey

Yeah, yeah, let's, let's move in.

Bronwyn

Great minds.

Corey

The crazy, the crazy thing about this, and I can't actually read this article because I don't subscribe to the Financial Times, which is, just tells you that I'm poor. But yeah, basically the, the article is basically confirmation that Amazon at some point in the past had an outage that was caused by an autonomous AI agent making a, a decision on its own that led to an outage.

Hayden

You needed confirmation for this.

Corey

Two outages.

Roy

We wanted it to be public confirmation, right? I mean, we speculated there was one. What was it? It was. There were two agents that were upgrading or updating DNS records that brought a whole bunch of shit down. And it's like, okay, we know that's one. Well, and then here's the other one.

Hayden

The really fun one is it said they suffered a 13 hour outage to a cost calculator in December because the engineers apparently allowed their Kiro AI to make changes. And the AI decided that the best way to fix whatever problem they were having was to delete and recreate the environment. So it was basically like, hey, this is so, so busted. We're getting rid of it and building it again. Which that's not production.

Corey

Okay.

Roy

Everybody has to go back and rewatch all of Silicon Valley.

Corey

I was going to say this is literally the. I was going to say this is literally the. Don't make me John the Son of

Roy

Anton, where it's like, well, we told Son of Ionton to go through and remove all security bugs. And technically the most efficient way to remove security bugs is to delete all the code.

John

Did someone order, did someone order like

Corey

a lot of meat?

John

Like a lot. I told Antoine to solve the food problem and I guess that's one way to do it.

Dan

Yeah.

Corey

So, okay, like on, on a real level, though, they have appeared. They're. This is groundbreaking. Here's what they've decided to do. Require a senior engineer to review the change before it rolls into production. Now that means they're going to have to unfire all 16,000 of those people they laid off. Right? Maybe

Bronwyn

at least 6,000, you know.

Corey

Yeah, yeah. I mean, I like. It is, yeah, it is crazy to be like the CEO and getting, you know, pulled back and forth between, like, all right, we're firing all the senior engineers, replacing them with AI. Okay, we're hiring all the senior engineers back because the AI decided to just make product breaking changes. Like, how can you walk this line? I don't understand how you can be this short sighted. But here we are.

Hayden

I mean, it's, it's just you have all this cost cutting opportunities in front of you and you see all these other businesses doing it. You have to do it from, you know, that mindset. You if you are not doing it, your stock will plummet because everybody else is doing it. Why aren't you doing it?

Bronwyn

They don't, they don't have to do it.

Hayden

They have to. From the market perspective, though, they shouldn't

Bronwyn

I was just reading an article over the weekend that was talking about Japanese businesses that have been around for hundreds of years, if not over a thousand. And their approach is entirely different. They don't worry about making a profit in the next quarter. They look at how do we make this company continue for the next hundred years, for the next two or three generations.

Wade

There's one big thing Bronwyn's forgetting. Impossible in Japan has honor.

Hayden

Right, Exactly.

Wade

Safe to say that, but that's exactly what it is. Like they actually.

Dan

True.

Corey

They're, they're all, I mean, okay, Amazon, that's it.

Bronwyn

I'm moving to Japan.

Corey

Amazon is like kind of the stand in for like anarcho capitalism in a lot of ways. And so like, arguably, you know, they, their goal is to produce shareholder value, not to provide a service that's going to be around for 200 years.

John

Yeah. The goal of any company is to do just that.

Corey

No, that's not true. The goal of a company.

Roy

The goal of a C Corp.

Wade

Correct.

John

Specifically shareholders. That's it.

Roy

Yes, correct.

Corey

Yeah, yeah, yeah, yeah. And guess who? The C Corp.

Roy

I'm just going to throw some friends of mine, like we, I've had a lot of conversations with Matsui, Right. Over the years and we also have other companies in Japan that are customers of ours and it truly is where they are looking. Like they don't want to just turn and burn. They want to look at companies that can be profitable for 10, 15 years. Right. That's, that's at least that's Matsui's investment portfolio and what they're looking for. Right. And it makes it a lot easier to try to work with said companies. And I agree, like, if we're looking at Amazon, like people that we've talked to that have worked at Amazon, a lot of them are running around like their hair is on fire because they're constantly changing, adding in new technologies, building new things up, up. It's like the move fast and break things idea in Silicon Valley that started at Facebook. I'm sure that that makes sense as you're a young scrappy startup, but when you're one of the largest companies in the world, that move fast and break things becomes catastrophically dangerous. And AI. AI helps you with that process. Not in a good way, but it facilitates breaking things and moving fast.

Hayden

Because that article says one of the changes took down their shopping like app for six hours. Can you imagine how much potential revenue they lost in six hours of that outage? That is insane.

Corey

I will say though, it could have Also improved things to make up for that. You never know.

Roy

It literally forced Jeff bezos to wait 15 minutes between flushing his toilet on his.

Hayden

Well, do you think that guy cares at all about firing people? He is looking at how many. If I fire enough people, how many points is our stock going to go up? That's why to him, he has to do it because it's a nobody

Bronwyn

minute.

Corey

All right, let's. Let's move on. Yeah, we're kind of just circling the drain.

Roy

Let's move on. That's my fault. Poly SC major. If you want to.

Bronwyn

It's okay. It's okay.

Corey

If you want to debate capitalism versus communism, there's a. Probably a chat for that on our discord.

Roy

Clearly there's. They're the only two options, Corey. It's pure capitalism,

Hayden

Live in the woods option.

Corey

Listen, an invisible hand is telling us all to shut up.

Roy

Do you want Stalin or do you want slavery? Pick. They end up in the same place.

Dan

I want Slayer.

Roy

I want Slayer.

Corey

Yeah, on that note, let's talk about the complete opposite end of the spectrum of company maturity, which is that apparently molt book, the AI generated by AI

John

for like two seconds.

Roy

The.

Corey

The AI plot. Multbook is an AI generated platform for AIs to be social with each other. And somehow that got rolled into a company that got acquired by Meta.

John

Yeah, yeah.

Corey

Tldr.

Hayden

Meta just picks up.

Corey

I cannot believe this. It's. It is insane. I mean, okay, I don't know how much. It doesn't say how much. Like, it's not clear.

John

They didn't acquire. They just acquired the person who was run it.

Corey

That's it. No, no, no, no.

Bronwyn

Well.

Wade

Oh, really?

Roy

No.

Corey

Yeah, because I don't think there's any like, actual ip.

John

Like, they didn't. Like, it wasn't like. Like, I don't think they had this as like a registered trademark.

Hayden

Well, I mean. Okay, so I specifically says they acquired Malt Book.

Corey

Okay, okay. You're right though.

Hayden

Ralph.

Corey

Ralph's right. Reading between the lines. It specifically says the Mult Book team joining msl, which is Meta Superintelligence Labs.

Hayden

It's just so they're copying open AI.

Corey

Dude, Mult Book CEO, if this is your job title you something in life. Multiple CEO Matt Schlitt and COO Ben Parr, two guys who could not imagine anything other than GitHub stars two weeks ago are now being acquired. Or, you know, like. I mean. Yeah, it's amazing. Amazing.

Hayden

Yeah, it's got to be OpenAI hires.

John

What's his name?

Hayden

Peter or something.

Corey

Yeah, yeah, the guy who made Open Cloth.

Hayden

And so Facebook's like, hold on a minute, why don't we do that? And they're like, we got a better one. We'll go get the guys that made the lobster face.

Bronwyn

Peter Steinberger was hired by OpenAI as Sam Altman last month.

Corey

Yeah, yeah.

Hayden

So Meta is just following suit, like, hey, we want a lobster guy too. Let's get him.

Roy

Everybody needs a lobster. So I read all the Wikipedia articles about AI and I do nothing but like regurgitate these words incorrectly in an interview. Can I make like one of these like nine figure jobs in Silicon Valley? Because it seems like that could be a whole other business here. That it. It's like Bhis made this much from this. But John's now over here in Facebook and he's making as much as the entire company. It sounds like a good gig.

Wade

Hayden and I will write a bot later that will just scrape all of our podcasts and if there's an idea for a business, it's just going to go off and make it. We'd probably, we'll probably be done.

Corey

But okay, so what is that joke?

Hayden

Apparently Claude, by the way, the next two weeks has like double usage in off hours and on weekends. So I did spend like 14 hours on Sunday doing things with it.

Corey

Unrelated addict. Dude, you have a problem. You need to go to Claude's Anonymous.

Hayden

There is a joke online.

Corey

There is a joke online agent to help you.

Hayden

You probably could. There's a joke online that's pretty consistently come up where it's like, hey, AI is coming for everything. You have six months to escape the permanent like lower class. So go start a company right now or you're forever going to be poor. Like there, that's, that's a joke. But also I could see how some people could like almost panic buy into that. And then now with Claude doubling the U.S. everybody's like, well, they're trying to help you get out of that permanent underclass. You got to go build.

John

You got to get out.

Hayden

You got to go.

Wade

And this is why I built my family organizer. Go to it. Right now.

Corey

This podcast is just going to become self shameless self promotion of over and over again.

Roy

I will be an angel investor for Wade and Hayden.

Dan

Well, well, to your credit there Wade, they did update the terms of service for in Meta where you are responsible for all your AI's actions and omissions.

Corey

Llama responsible. By the way, there's already a Silicon Valley like reference that explains what that life would actually Be like, you know how Big Head just gets hired and he doesn't have a job because his position gets eliminated. That's where these guys end up. There's no way that they're going to get pull at.

John

Got paid to do nothing, though. I mean, it wasn't that bad. I mean.

Bronwyn

Well, is that the Peter principle, though? You know, they've gotten promoted to their

Roy

level of Big Head was a little bit more than the Peter principal. I'm just gonna go back and rewatch that series.

Corey

It's amazing.

John

It's amazing.

Corey

All right, so if you think on the topic. Okay, go ahead. I was gonna. Sorry, I was gonna segue.

Hayden

I was gonna say on Bronwyn's point about the peter thing with OpenAI, that is a move from them to capitalize on Anthropic's mess up. So Anthropic said, you cannot use our tools with other services, which means openclaw. Meaning. Meaning if you use Anthropic, potentially probably the best model right now with your openclaw stuff, they could just permanently ban your account. And if they detect, you know, other devices that are connected to it, you could just totally pose yourself. So they. OpenAI brings over the OpenClaw guy and explicitly says, hey, you can use our services for whatever you want. And so I wonder if it was almost like a PR play on their front. Just see how many users they could steal or on your killbots behind it. Yeah, exactly.

John

I think in the Claude example, they were specifically talking about tokens, but they weren't saying you couldn't use it. They were just saying you had to pay the API price.

Troy

Right.

John

You have to pay the API like your Ultra package, which they heavily subsidized the token rate. So I think that's what they were talking about.

Hayden

Exactly. And my. I asked my agent like, hey, what would our usage be like on API? And it was like, yeah, about 20 to 30,000amonth. And I was like, cool. So I guess I'm not able to do this anymore unless I switch to Chad GPT.

John

So I'll give you my one thing. I asked ChatGPT to create a new C2 for me. This is a fun project. It's also called Cloud Bolt Strike, which is gonna be amazing.

Corey

Wow, sounds really.

Wade

I can't wait for the AI generation for that.

Roy

Real subtle.

John

I was just, I was just gonna say my only point was that as soon as you ask Open AI, it's like, hell no, won't do it. But you ask Claude, it's like, hold on to my Beer, buddy.

Corey

I'm ready. Yeah. So real quick, while we're on the topic of meta, it's basically, this is an interesting one. So meta. I can't think of a secondary motive for this, but they have announced that they're going to discontinue support for end to end encrypted chats. This is kind of a loss for privacy people. So this is something that they rolled out years ago in both Facebook messenger and Instagram. Apparently Instagram DMs. I did not know this had end to end encrypted. Like, I didn't even know that was a feature.

Wade

Why are they getting rid of signal on the back end or something?

Corey

Like, you know, I mean, they're getting rid of it because the government asked for a backend door or because they want to mine the data because I don't know, who knows?

John

Oh no, no, it's the kids.

Hayden

Look.

Corey

Oh, it saved.

Hayden

It's the kids, dude.

Corey

Who could have, who could have predicted this?

John

I couldn't have predicted.

Corey

I will say on Instagram, I do think, like, I'm not like a big social media person by any stretch, but I do think just looking at the public discourse, it appears that most social media companies think the biggest threat is public sentiment about how unhealthy they are. Like, they're like, if you look at the ads for Tick Tock that, that rolled during like the Olympics or during the super bowl, it was all like, Tick Tock is. You can have tons of control over it for your teenagers. Like, and then Instagram rolled out like teen accounts. Like, and Discord's rolling out teen accounts. Either there's. This is regulatory, like the government, they know the government's coming for them because of the whole laws around age verification, whatever, or they're just worried about public perception of parents or whoever's the decision maker deciding that social media is bad for their kid and taking it away. So, like, it seems like this could maybe be a push towards that of just letting them monitor people better. And you know, that's kind of their whole business model to be fair.

Hayden

I mean, that could be an excuse. It almost definitely is because the advertising company wants more data to advertise off of. And so end to end is always going to be like, even if it's a government thing where they say we want a backdoor, like, like, oh no, that sucks. Sorry guys, we got to put a back door in and then they can mine all your chat. So expect the TOS update soon.

Troy

I think there's a lot of yeah, maybe not just the US but there's a lot of countries that have been like, basically like forcing these social media platforms to get more aggressive with age restrictions. So I think it's probably that. Corey, like what you were saying is, is they're probably just advertising to the parents and, and other folks, oh, look at what we're doing. We're helping the children.

Corey

And, and yeah, we can't handle regular privacy.

Bronwyn

How are we going to handle privacy against dealing with children?

Wade

We've seen it with Australia, right. How Australia banned kids, I believe, under 16 doing social media. And then that's starting to go everywhere.

Roy

Which get there with that attitude. I'll tell you that.

Corey

Yeah, I'm not investing in your story.

Bronwyn

We can get there with this attitude. Courtesy of eff. Watch your mail.

Corey

Yeah, so the. I guess like just to clarify and wrap up the story, it is there also. I doubt this was used by that many people. This is kind of a niche feature on Instagram specifically and apparently messenger still has it. So like for now there is still an intent. Encrypted chat on Meta. How long that'll last? I mean if it were me, I'd be like, let's move to a different chat like that. Yeah, clearly the writing's on the wall here. This isn't gonna last forever, I think, but we'll see.

Hayden

I mean, you know, a chat I realized recently not Discord dms, but apparently Discord like voice channels or like voice calls, specific ones are end to end encrypted like by default. Apparently it's just a thing which I, I mean, I guess so.

Corey

But if you're calling from a skiff, is it end 10 encrypted? Is that how it works?

Hayden

I think if you use Discord in a fired.

Corey

Yeah. I don't know.

Roy

I mean, just left.

Hayden

Yeah, I dropped my pen.

Corey

There's also, you know, there's not really an article for this but basically there's some Reddit type researchers that are essentially uncovering a conspiracy that Facebook or Meta is lobbying for age verification laws and is like the, they're the ones behind it. Like who knows how true any that is. But basically it's, you know, we'll see. Stay tuned. Stay.

Roy

I've got to be honest with all this stuff, it's like what's the most evil like thing that we can ascribe this to? And it's like that's probably pretty close. Like how are they going to make more money off? So.

Corey

Yeah, yeah. On a, you know, on a different note, in Europe they passed this thing called chat control that apparently basically blocks mass surveillance of their, you know, messages. So there's that. But anyway, what else we got? Anyone have any articles they want to talk about before. I know we're kind of close on time, so. What, what do people. What's, what's on your mind, John? You got a good rant for us?

Roy

I've got no rants, man. I, I, I've been like, last week it was bad. I don't know if you guys saw the picture from Steve, but, like, I literally was screwing, like, through the wall to get my Internet up before the show got it up, so I'm happy about that, but it's been a good week. I don't have. Everything seems to be going okay.

Corey

All right, well, then it's time for the Threat Intel Analyst competition. No, I'm just kidding.

Roy

Now we're gonna have tryouts.

Corey

Tryouts. All of you can also have a job, even though all of you already have a job.

Wade

Did you see Michelin had a breach?

Dan

Oh, which.

Corey

Oh, dude. Did I get my star? Did I get myself?

Wade

That's exactly where I was gonna go with it. Did you think the star information got released?

Corey

Like, yes. Like the reviews, like the back.

Wade

The reviews, who they are. Right.

Corey

Oh, someone tried to get very stinky.

Hayden

Let me just hack it.

Troy

I had something really cool that it's actually not like it came out last month, but Cisco Talis here, I'll throw it in the chat there. This door.

Corey

Malware.

Troy

So I've been talking about this technique for, since I've been teaching my class about how DNS can use, like, case sensitivity in the character sets of the DNS record. So what these threat actors were doing in this, in this malware, and really what I kind of talk about in my class is really how you can use it for, like, covert channeling. But they're not doing that here. But essentially they're just toggling the case. The capitalization of the case sensitivity of the DNS record for a different reason in this article, right? Like, I mean, for, for their tactics here. What I, what I was kind of like, like, you can kind of use this, which is a really pretty interesting technique that DNS supports because it's a chain protocol. Like it, all the DNS resolvers will keep the case sensitivity of the record as you query it. So you could do base 64. You could do stuff like that. But you could also like, like, treat like, lowercase characters as, like, zeros and uppercase characters as ones and kind of to just keep the same root like domain. So you're not changing the fqdn, but you're toggling the case sensitivity of the DNS record, which is totally supported by DNS, but I've never seen it in the wild before until this article, like, came out last month.

Corey

And I saw that the throughput should be enough. If you need to exfiltrate 20 petabytes, it should take between 50 to 80 billion.

Troy

You're absolutely right. From a, From a total, from a pure, like, data exfiltration perspective, you're right. But think about it like, like the Sunburst malware from Solar Wind, right? They were essentially, the malware slept for two weeks and then did some internal reconnaissance and then did cname DNS resolutions with an encoded value in the DNS record to say, this is what the environment I'm in. I'm waiting for the next command, right? So think of it as like a malware could essentially toggle the case sensitivity of the character set to let the operators know, like, what stage the malware is in and kind of inform that back.

Corey

Right.

Troy

So though without actually changing the actual FQDN itself.

Roy

I see. And that, you know, that that stuff is so cool, like looking for different C2 channels, because it kind of reminds me, of course, you got DNS Cat 2 by Ron Bose, but like the old covert TCP days where you're exfiltrating things out of like, IP ID and initial sequence numbers, you know, that's.

Troy

You know what really sucks about this for Zeke is Zeke lowercases the entire record entry in the DNS log. So it removes the case sensitive. Like it lowercases the case sensitivity of the record and it puts it in a DSL now.

Roy

And they do that specifically for compression. Right. Like, they're trying to make it so it's like, to reduce file size, if I remember.

Troy

Yes, they do some silly stuff for various reasons, but yeah, somebody needs to patch that.

Corey

I do. Like, Troy, that you took the challenge seriously and you actually tried.

Troy

Or anything, like, in a couple weeks. But I actually do teach the students how to write a custom Z script to actually get that value out and put in your DNS log.

Corey

All right, Troy, give us your plug. This is the perfect time. What are you doing later this week or later this month that we need to know about?

Troy

So next week, I believe we have our SOC summit. We have a bunch of folks here that are actually going to be presenting. I'm going to be presenting a introductory talk on getting started with Yara Detecting malware with Yara Rules. And then. Then after that, I'm going to be teaching my network forensics class March 30th and 31st.

Corey

Nice. And then, Dan, you're also doing some stuff as well.

Dan

Yes. So next week I will be speaking at the SOC Summit as well on Sigma Rules. We're going to go over what they are, how they can benefit, and we should be creating one by the end. And then the week after that, on the 1st, I will have a talk talk on soft skills sock tickets and how to create them that are not only helping you, but also helping clients understand what you're trying to get across.

Corey

Nice. That's. Yeah, that's awesome. And then I'm assuming, Wade Hayden. Does anyone else have anything else?

Wade

My talk is on why Sigma Rules suck and why not to use.

Roy

Is Sigma and Yara are dog shit and why you shouldn't use them.

Corey

So it should be why you should use Sentinel.

Hayden

Instead, they suck and that's why you should use the bhis Sock. We use them for you. Don't worry.

Roy

Use AI in a single pane of glass and magic and it will solve

John

all of those issues.

Corey

Just won't solve the tokens.

Hayden

Wade, you do have a talk though, right?

Wade

Yeah. Mine's like augmenting detection engineering and like how using your current practices in order to use use AI to make yourself better Detection engineering. I actually, I'm doing some stuff in May too. You guys are doing it right now? It's the same.

Dan

Not as flashy as Sigma rules, but

Wade

it's not as flashy as Sigma rules.

Roy

Dan, with this. This top hat monocle.

Wade

I have. I have another talk in May that I'm doing though, that I just came up with the idea for it and it's how to read the news. How to read the news better. As for security. Right.

Corey

Dude, I need to go to this talk.

Roy

That's my suck Summit PODC Ask should be.

Wade

Well, no, your stocks on the tops.

Hayden

Like intelligence.

Wade

It's similar to intelligence, but it's like to look for biases, to understand what biases are out there.

Hayden

Okay.

Wade

To like trach track back the news article to the source.

Corey

Right.

Wade

A lot of times when you read these articles, it's.

Roy

Why is it Security News Weekly Russia? I don't know.

Corey

I don't know. I gotta say, like, I mean, it seems like we really do need to have like an a CTI threat analyst, like Thunderdome scenario. We have so many heavy hitters on this podcast.

Hayden

My talk is literally how to take CTI and turn it into detection.

Corey

I'm just like, I can pen test a box.

Roy

Yeah. But at any rate, you do need to get registered for the sock summit because I think the max we can technically handle is 5000 and we're gonna hit that. So I'm really excited. Like, the registrations are fantastic for the sock summit, so it just shows, I guess it shows that security is not dead. Who knew, huh?

Wade

I really gotta do those slides.

John

I had my agent sign up for like three slots, so.

Hayden

Nice.

Corey

Wait, really?

Hayden

Make sure they all sign up for my workshop too.

Corey

Dude, I can't wait to read about. I can't wait to read about it on openclaw. Sketchy website.gov or whatever you're going to

Roy

link to Ralph card to use.

Corey

Yes, my AI generated family will be all there.

John

No, actually I just. I just asked them to find a coupon code that would work, so.

Corey

Oh no.

John

Oh man.

Corey

Oh, no. All right. Any other final articles? I. I. Yeah, I mean, I think. I mean we, we covered it. I feel like we're good. Bronwyn posted an article, but I can't click it. It appears to be a fish, so. Good job, Bronwyn. I click.

Bronwyn

Hey, blame Brian. Don't blame me, blame Brian. Australian.

Wade

This is more AI than it is security. But it. Hank Green did a video.

Corey

What is this?

Bronwyn

Someone made a vaccine for their in. A guy in. In Australia made a cancer vaccine to save his dying dog using AI Supposedly.

Corey

Okay, explain. There's so many. I don't believe. Just watch that. Maybe just watch.

Wade

No, no, no. Here, I got a. I got a 10 minute YouTube scope.

Corey

It's out of scope.

Hayden

They want us to talk about it. Don't fall for it.

John

It.

Corey

It's out of scope. This can't be real. I don't have any crisper printers in my house. I don't know about you guys. Yeah, no, it.

John

So I guess it was real. I guess it just made the cancer like size smaller. So it wasn't like a cure and it was just, you know, it was just kind of using this tech to. To do from a Science democracy.

Roy

Weird trick.

Corey

Yeah, this is a really weird. This, this is like a really dark joke. But the reality is I feel like we're gonna cr. AI is just going to say no, we. We deleted the problem. Like you, you, you. You go. You know, remove yourself from the world. Right. Like we actually have removed all parts

Hayden

of you that had problems.

Corey

Yeah, right, like that. That's. That's my concern. That. That's. I think your liver was failing, so

Hayden

we decided to rebuild it. Just like it's this.

Corey

I deleted that database for you. Like, do we really trust that AI understands, like, how the. How a live thing cannot just be recreated like a production database that it drop really think it belie it understands that?

Bronwyn

Well, how many times have we covered the fact that artificial intelligence isn't really intelligent?

Wade

I mean, I don't know. Bronwyn's been saying this bubble's gonna pop for the past, like, three years now, and it still hasn't popped yet.

Roy

So it's coming.

Bronwyn

I have not been saying it's gonna pop in three years.

Corey

She's been.

Roy

She's been our AI advocate at Bhis Way. A you take.

Wade

I've been to multiple AI Bronwan talks, all right? I'm, I. I'm probably one of the few.

Hayden

Wade has a home organizer dashboard thingy now that he's going to sell today.

Roy

Now you're bringing to pre show in that cyn.

Bronwyn

Wait.

Roy

All right, let's wrap up. Let's wrap it up. Thank you, everybody. We'll see you next week.

Wade

Sa.