A

Muadib.

B

That's what we start with.

C

I mean it is a killing word.

A

Okay, fair.

C

Do, do we want to talk about this now or do we want to wait until we actually like start the show?

A

Honestly, we should. There's so many articles this like this week. Like we should probably just give ourselves the extra two minutes and just go live now because this is going to be, this is going to be a spicy week. There is so much to cover. I don't know if we'll get through it all, but there.

D

Yeah. Before we go live, Corey, do we want to talk about the scandal?

A

What scandal? How we tried to see all that frozen turkey but it didn't work out.

C

Apparently he's about to tell us.

A

Scandal.

D

Well, I mean I'm just gonna toss mine into some, some hot oil. That's what I was told to do. Yes.

C

Oh, fully frozen. Do not thaw it first.

D

Yeah, because that's how you get the mid rare turkey.

C

Yeah, yeah. So you just all frozen into the oil.

A

Tell us about the scandal though. Now I want to know what is the scandal?

B

But get a camera because it's such an amazing process.

C

What food camera?

E

Name one food that is good for frozen. Like making it from frozen is good. So why would like turkey be like the thing you're like, this is the.

A

One he got you with the ice cream.

B

Though.

A

I will say I do think most fried foods aren't they prepared from frozen. Like when you get fries at a restaurant, aren't they thrown straight from the freezer into, into the fryer? That's what we did at Wendy's. Are you not supposed to be doing that?

E

I don't, I never worked at Wendy's. Maybe that's my cultural problem.

B

It depends on a bunch of factors. But the main thing that makes that okay with fries is that you have a whole lot of surface area with a whole lot of porosity. So when it goes in, it does not suddenly superheat a bunch of closed sealed surfaces and make them go pop. This is different from a bird with skin on it.

A

Now I'm like googling how fries are made. Yes.

E

I, I, I would say though. I, I would say I guess they do.

A

Okay, so okay, I have like a, I have a non related, I have a non related story for the news as like a pre show banter topic. So we have a Dyson cordless vacuum and it's one, we have like, we have multiple, we have multiples of these. Right. Like there's one new one, there's one old one that like they, you know, some are in different locations. But anyway, one of them is old and died. Like the battery, it would run for like two seconds and the battery would die. And so I just went on Amazon and found a battery and ordered it. And then my partner was like, hey, you're going to burn down our house? Because apparently this is a thing where like replacement Dyson batteries were burning people's houses down. And so then it, it, then it became a question of like. She was like, is it lithium ion batteries? What is it? And then I was like, okay, let me just list all the Chinese made lithium ion batteries in our house, of which there are so many. And so like, I don't know, I was just curious like, how many lithium ion batteries do you guys have in your houses? Are you stressed about them? Like, I don't. Should I be stressed about this?

D

I also have a very suspicious Dyson battery.

A

Did you, did it blow up? Please tell me.

D

No, but I replaced it and it hasn't exploded yet. I mean it doesn't, it doesn't last very long either. It was kind of like a crappy one, I just think.

A

Okay, so for prices, the replacement was $35 on Amazon. The Dyson battery is $96. So it's literally three times as expensive.

E

I just think about my Tesla and I think about that too when it's in the garage.

A

Dude, that's a lot of lithium ion batteries.

E

A lot of batteries.

A

Put those in your bag. Imagine that thing.

D

Would you hook it into that?

B

That's so much hydrogen. Just waiting for an excuse.

E

Yes, exactly. But I mean, you're right, Corey. Ever there's batteries everywhere.

A

I don't know. I don't know. I was just thinking about how like I have portable lamps that have batteries, probably lithium ion batteries. We have cat fountains that have lithium ion batteries, I assume. I mean, I guess they might be like lithium polymer, but not all.

B

Not all.

C

Yeah, I was going to say like lithium polymer. Yeah, like life could be or whatever. Those are a lot safer. It's the actual like lithium ion lithium batteries that are the dangerous ones.

A

Yeah, like the scooter is bigger.

C

Yeah, bigger batteries. Which is why, like, why people get more concerned when it comes to like you know, a Dyson or your drill or you know, whatever, like your power tool batteries. Because in my head though, garages down with their power tool batteries all the time.

A

I'm just assuming they're all 18, 650s wrapped in any different form factor. Right. Like they're all the same cells.

C

Yeah, yeah, yeah.

B

Mostly. Mostly. I mean, the cell chemistry only gives you one voltage, so if you want anything else, you have to start just stacking multiples.

A

All right, interesting discussion. Ryan, let's go live. We got like a million articles to go through. Let's do this. Hello and welcome to Black Hills Information securities. Talking about news. It's November 24, 2025. We've got so many stories this week. We're talking Shy Hulude 2 Electric Boogaloo. We're talking crowdstrike, insider threats. We're talking turkey. There's a turkey article. So. So get excited about that.

D

Deep for that.

A

I've seen there is a turkey. It's not that deep. I mean, okay, it was kind of deep, but it wasn't that deep fried.

F

Deep fried.

E

Deep fried.

A

It was deep fried, but it's. It made headlines. Okay, okay.

E

All right.

C

Are we getting right into it?

A

No, no, let's. Let's save that one for last. Stay for the whole show and we'll do a turkey article at the very end.

E

Right, Turkoma?

A

Yeah. Okay, so I guess there's so many high profile articles, I think. Let's talk about the Shylood NPM worm from, from that we were talking about before the show. So essentially the. It's very similar to last time, right? Like it's basically the same thing again. It's a, it's a worm that runs, basically runs secret enumeration locally like truffle hog, and then it uploads the results that it gets to GitHub. So the easy fix is check if your GitHub has random repos created in the last, you know, 24 hours or whatever. Right now, Wiz is reporting there's 27,000 packages, or, sorry, 27,000 repositories posted to GitHub, which is terrifying. There's a list they published on their website of infected packages. And also, you know, it's pretty. There's a lot of tools to check for this. Like, it's very obvious. It just creates a repo called SHA1HULUDE. Or actually, sorry, let me correct myself.

C

No, it's a random repo.

A

Yeah, the repo has a random.

E

Random base 64, I think.

A

No, no, the contents are base 64. The repo name is random. It's like, I don't know, 16 alphanumeric characters, but then the description is sha1hulude. So basically the most tools there are the tools from last time. They, they. There were tools that would both scan locally for a file, scan NPM packages, and also scan GitHub. If you have a GitHub repo with the description SHA1HULLOOD in it, you might be infected.

B

SHA1HULLOUD. The second coming.

A

Yeah, you gotta make your regex pretty greedy on that one, couldn't you?

E

Like, it wouldn't be like, correct me if I'm wrong, wouldn't. One technique to possibly stop this if it hasn't happened to you yet, is just to remove all the keys in your GitHub repo.

A

Yeah, that would.

C

On your local machine as well. You'd have to roll it.

A

Roll all your keys. Your PC.

E

No, no, roll, roll the keys. So it wouldn't be able to post the repo, right?

A

Yes, correct.

C

Well, if, if it can't, if it doesn't find any keys and can't find like an NPM token, it can't create a repo or any of that stuff. It will just wipe your home directory.

E

Oh.

A

Or wherever it's running. Right?

D

Yeah.

C

So if it can't exfil, it just goes, well, there's nothing here.

B

Boom.

A

Yeah, it's. It's destructive under certain circumstances, which, that's new that it was last time. It had no destructive element.

B

The other thing that's new is it puts in a relatively innocuous piece and then it's got a second piece of JavaScript that actually has all of the wormy behavior. And the first one has some oddball conditions. That means that it does not 100% of the time include the payload package with the feeder, the worm package.

A

Right. The IOCs are slightly different. The MO is the exact same. I mean, I think a lot of cases this is going to be infecting. It's a CICD focused attack. You're going after supply chain, you're going after continuous integration. Like it. I don't think it's really. It's very similar. It's not that different than it was last time.

C

Yeah. I mean, a lot of the repos that I'm seeing created on GitHub are coming from what would be like an internal bot account.

A

Yeah.

C

And it, it looks pretty gnarly. I mean, I remember when this hit last time searching on GitHub for, you know, SHA1 Hulloon by, by this time that day, there really wasn't anything showing up on GitHub. There's been a consistent 23 to 26,000 repositories all day. Like I saw this at 8 something in the morning and there's been between 23 and 26,000 repos the entire time. There's new Ones being created.

A

Yeah, and GitHub's supposed to be deleting them basically is like, essentially the, like this is like a get it while you can scenario. GitHub is supposed to be deleting them and also trying to introduce security measures to block like as an example, their rolling out mandatory two factor and restrictions on access tokens and things. But that's like a slow rollout, right? Because you don't want to deny service to users. Like if you rolled everyone's vats, that would create problems.

C

They're not doing a good job of deleting these things quickly.

B

That's what seemed to set the timing for this one going off is the end of that rollout when all of that stuff is supposed to be set up and you're supposed to be safe because you're not supposed to be able to get in with few enough credentials for this worm to work is just a few days from now.

A

Yeah. Anyway, we can move on, but you know, we'll, we'll see how that unfolds. It's pretty easy to scan like we've been scanning our customers. We, we maintain a list of all the GitHub users associated with our customers and we just run that through a quick pipeline and if it sees a description SHA1 hello, it fires. It's pretty easy.

C

Yeah, yeah. And blue teamers, if you don't keep a list of all the GitHub accounts of your employees might want to.

A

Yeah, your list is going to be better than ours because we found ours with OSINT. So yeah, I think we should talk about the CrowdStrike thing. The. I mean, there's multiple CrowdStrike things, I guess. But the one I want to talk about first is the post essentially that it was a bleeping computer article that CrowdStrike confirmed that an insider shared screenshots taken on internal systems with hackers essentially scattered Lapsis Hunters, the threat actor group that we've been following and covering on the show quite a bit. Someone posted what appeared to be internal information related to CrowdStrike. They claim the threat actors claim that they paid 25k for that access. So I guess I'm like, remember the days where you could buy someone's Access for only $5? Now it's 25,000. Oh man, inflation is going out of control.

D

Oh God, I saw the opposite comment to that. All the comments I saw were like, is $25,000 really worth sabotaging your entire career?

A

Like, okay, that is true.

D

The 25,000 will cover your legal fees at that point.

A

True, that is a very good point. I'm guessing they're not targeting people who are thinking super clearly.

D

Probably not.

A

Yeah. I mean it kind of gets into like background checks and validation. Apparently it was like rumors are saying it was a 1099 employee, not like a full time employee. It brings up questions of, you know, business processes and validating that you don't have insider threats working there, etc. I don't know exactly what, whether the information they provided was super valuable. From my perspective, I can't really imagine what information you would have access to @crowdstrike that would be super valuable. Like, I don't think there's big secrets at CrowdStrike. Like if you put, if you put a dollar sign in the file name, it won't detect you. Like, I don't know what the. Well, no, they said that, they said.

E

It was a little deeper than that. They said that they were sending information about active detections from different campaigns and stuff. So essentially they're paying to find out if they're getting, if they're on to them and different activities. Right. So that's what I was reading.

A

Like ransomware stuff.

E

Yeah. Like how, how valuable that is. I mean it could be, it could be crazy valuable. I mean, information is essentially the speed and time of that information. Be able to change your technique before they can even do anything could be really, really valuable. But you know, how long it gets there and what exact information they have access to, you know, that's up for a debate.

C

So some of the screenshots look like they had, you know, like contact info for customers and stuff too, which, I mean, that could be useful from a spear phishing standpoint. If you know who is expecting to get emails from CrowdStrike, then it won't be that hard to create some convincing lures.

A

Also, knowing the EDR of your target in advance definitely helps with payload development and deployment and all that stuff. Like the ransomware thing is a race. Right. Once they get into initial access, it's a race to see who can deploy ransomware or contain the incident. So having information like they have CrowdStrike, here's their account number, even here's the login for their Falcon portal. Right. Like that would be potentially useful information.

E

Oh yeah.

A

If you're going searching on internal file shares or in people's emails to look for logins or API keys or things like that. Yeah.

E

Do you have any status updates for this host that we totally compromised? Right.

A

Is there anything.

E

That would be pretty useful?

D

Right.

E

From a, you know, intelligence Standpoint, my.

A

Joke is like, when is this going to be in scope? I mean, this sounds super useful for pen testing now. I mean, honestly, $25,000, is that, is that part of you, Is that part.

D

Of your budget for that?

A

Yeah, it's not the budget right now, but maybe it should be. It should be.

E

I mean, do you imagine how many employees, probably disgruntled or possibly just already leaving, might give out that for way less than 25 grand?

D

Probably. Imagine.

A

Pretty sure for that much money, we could just find someone at the target company who would just give us access. Yes.

D

So you're saying the attackers are shooting too low. They're like, hey, screenshots for 25k. They should be shooting higher. Like, just give us access to everything.

A

Yes. Let me, let me, let's, let's get on a call and let me screen Share for five minutes and I'll give you $25,000.

E

Yeah, like, and we'll make it look like, you know, you just got compromised on accident. Or click this phishing email and then say, oh, I didn't realize. Or, you know, holy crap.

A

Oops. Yeah, yeah, just an area out.

E

Like, you don't have to play it as in, like, oh, well, I totally told them. Haha, you got deserved it. You could play it off like a way cooler and just be like, oh, my God, I can't believe this. Like, this is, you know, so.

A

Yeah. All right, so next story. There's so many good ones this week. Did y' all see the article, Fidelity suing Broadcom?

E

Oh, God.

A

My joke on this one is, have you ever had a sales team that's so bad that they get you sued? That's basically what's happening. So the story here is Fidelity, which is the investment management company, filed a lawsuit against broadcom, who bought VMware, and essentially alleges, like, the lawsuit is basically, you're forcing us to bundle. We don't want to bundle. So it's like essentially, if Netflix said you have to pay extra money for, for no ads and you just sued.

D

Them, I mean, that's kind of based, I won't lie.

A

I, I, I don't know how this will go. Right. Like, obviously it's a lawsuit. It's probably civil. It's like contract.

E

The best way to describe this. Sorry to cut you off. I was just gonna say the best way to describe this would be that it's all about the finance of it as opposed to, like, the merit of whether you can or shouldn't be able to do this. Right.

A

Yeah.

E

I think it was just that Fidelity felt like it was worth throwing a bunch of that from a civil lawsuit standpoint so that they either could recover or entice Broadcom to make a different decision because Broadcom now has to defend themselves, and that costs money. Right. This is all like money fighting money kind of thing.

D

Right.

A

I just can't believe that Broadcom would actually, like. I guarantee you there was emails back and forth. It was like, if you guys don't give us this contract, we're going to go public and sue you. And I can't believe that no one said, okay, fine, just give them the discount or whatever. Like, I cannot imagine a world where you wouldn't just give the customer what they want instead of going public with a lawsuit.

C

Yeah, I don't know.

D

Well, I mean, Broadcom is notorious for doing very well at all of the things and ventures that they set out to do. Right.

C

And they've been very open that they really don't care about anyone other than the, like, top 5%. They're like, we make 85% of our revenue from like 3 to 5% of our customers, so we don't care about anyone else. I mean, it's 3 to 500% price increases across the board.

E

Oh, yeah.

A

Is this. Is Fidelity not in their top 5% customers? You'd think they would be. Well, I mean, they are now. No, they probably. They probably are, but they are now.

C

Broadcom's jacking everybody's prices up across the board.

E

So I guess. So I guess broadcast.

C

They're hoping that. They're hoping that everybody's just like, we're way too entrenched to go to another provider to switch. So you've got us over a barrel and we're just going to have to pay three to five times.

A

It's basically extortion.

E

No.

A

So then why is it this could turn into a class action then? That's the question. Will it turn into a class action?

E

According to this article, though, it just looks like they. It looks like they gave him a deadline and they were like, we literally can't switch that fast. Which is a common across the board. That's actually why Broadcom raised the price on everybody. Like, they knew they couldn't switch and it would take, you know, some of these companies maybe years to make that adjustment. And so I think the lawsuit might be a way of them trying to.

A

Like, you know, get a stay of execution, basically. Execution.

E

Exactly. To, like, stay off. I mean, because you have to realize too, just. Just the fact that it Got to this point means that of course, Fidelity is looking to get rid of VMware software as fast as.

A

Right. But they can't do that in the case.

E

Turn off all the computers and just start over tomorrow, Right?

A

Well, they could if they got ransomware, but let's not talk about that.

E

Well, yeah, but I mean, how much money does that cost? So it's like, how much money.

A

Are lawyers. How much money is.

E

Take that. You know, so now we're just talking money.

A

Here it is. It's very interesting that they. They, like, the contract was botched so badly that they decided to sue publicly. Like, I feel like, from. From a sales and, like, leadership perspective at Broadcom, I wonder if just sent a bunch of demands to an email inbox for someone that got laid off or something and they never saw it. Like, I don't know, all this, like, corporate reshuffling. Like, you know, you have broadcom who bought VMware, and you have different, like, corporate moving, like, pieces. I wonder if this just got dropped.

C

The ball got dropped, or Broadcom wants to make this look like it is so expensive to fight them that you don't have any option other than to pay. And it's literally legal reason to fight them.

A

Yeah, legal.

F

Yeah.

C

Well, and think about it. So, you know, public financial company, they have a bunch of compliance things that they have to comply with.

E

Yeah.

A

They can't.

C

You know, so it's not like if you're. Yeah. If you're a small business or something, you're getting totally screwed now with the minimums. And they're not selling a bunch of packages before. And, you know, it might be a 10x increase for your VMware license, but if you're a small business, you might not have the compliance things and you could go six months without support until you can get onto something else. Whereas Fidelity, they can't go a month without support or they probably can't have a contract.

D

Right.

C

They're going to be in reach of a bunch of other contracts and everything else if they don't have active support. So, I mean. Yeah, it's legal ransomware. Speaking of, Broadcom got hacked the other day. Did y' all hear about that? Yeah, yeah, I was.

A

Okay.

C

I read it and I just.

A

Did they publish any license keys? No, I'm just kidding.

B

Nice.

E

Worthless, anyways.

A

Yeah, I know. Switch to Proxmox, people. They got your back.

E

Oh, my God. Yeah.

A

I mean, yeah, right? That's a good article. We didn't talk about, but yeah, they were. It's E business suite. That's zero day. We, I think it was months ago that e business suite happened where essentially like the, the scenario was like they were. Oracle was running an outdated version of their own software and it got popped with a zero day before they were able to patch it.

C

Oh wait, did I. Oracle got popped? I meant Broadcom got popped.

A

Yeah, Broadcom got popped via Oracle.

D

Yeah.

E

Two worst tech companies in America right now.

A

It's like, it's like an evil villain arc. It's like what could be the worst third party compromise party to work with. Well, Broadcom got hacked and through their Oracle tool it's like two companies worth of executives just yelling back and forth at each other and saying pay me F you pay me. Just like just two companies slinging mud back and forth. Infinitely. Anyway, yeah, let's, let's move on. Let's. While we're in like business corner, let's talk about this. NetApp suing their former CTO. Essentially the scenario is I'm not even going to attempt to pronounce his name, but John Stephenson maybe is his name, was sued by his former employer NetApp basically for using information that he obtained while he was working as CTO of NetApp to start a competing company. Which is like. Feels like a pretty common story but I think it's rare for this sort of stuff to actually get prosecuted and filed actual lawsuits filed actual like injunction. They actually have managed to get, it's not a very long injunction, but they have essentially managed to get an agreement that he's not allowed to work for this competing company until a certain amount of time it passes or whatever. So yeah, there's a restraining order. Can you imagine getting a restraining order that says you are not allowed to work anymore? I'd be like hell yeah, free vacation.

D

So this, this also says he moved to Iceland. And then it says that could make it difficult to adverse any future rulings. So bro just up and said, yeah, I'm just going to move somewhere where you can't stop me. I guess.

A

So what is looking at?

B

Yeah, I was looking at that name going. That is Icelandic.

A

I was going to say his name certainly looks Icelandic. I don't know or Nordic in some way. But I'm assuming you don't move to Iceland to avoid city like police or. I guess, maybe, I guess maybe you do. But yeah, I mean I guess it's interesting from a intelligence perspective that gets into. I'm sure the court documents will be pretty interesting but you know, it does make sense if you're a CTO of a company. You probably shouldn't be doing startups in the same industry. That seems like it goes without saying, but he did and now there's a lawsuit filed against him.

E

Yeah, I mean, it looks like this one of the squash competition when it came to the table.

D

Right.

E

As fast as possible. Now how close it is to their actual tech and if it was actually stolen, that's really for the courts to decide.

A

But yeah, it certainly seems like it's pretty cut and dry based on the fact that he already has a restraining order. Right. Like for, I mean, it does expire in a couple days, but it's interesting, like they have evidence based on GitHub and I mean, where are these even being filed? I'm assuming in US courts. Right. If it's NetApp, which is. NetApp's a US based company. Right.

C

Well, I mean, I think the question though is if he was the cto, you know, was he necessarily bound by the same kind of restrictions that you, you know, might expect a lot of software devs to be bound by? You know, where it's like anything you work on while you're employed here is our property and blah, blah, blah, you know, But I mean, that's also the kind of stuff that I would expect to see out of, you know, like a big company. Whereas a startup may not be able to, you know, go right out of the gates and say, hey, you know, you, you can't work on anything else. I mean, most of the time if you're a startup, you're probably making less money and getting shares or something like that. And a lot of those guys might have side projects. So yeah, you know, just, it is interesting working on it doesn't necessarily need that, that it was the same thing. I mean, we'll, we'll see. Or not. Probably not.

D

I think the, I think the key. And if you're building a product based on knowledge you gained at a company while you worked there, that's inherently different than, I think what happened here. Cause it actually says like in the opening paragraph. The important word, I think is that during his employment he used confidential information to establish a competing startup. So I think it's different. Right, exactly. And that's what's important. What will actually matter is did he do it while employed there and was it actually confidential information or is it just somebody trying to squash, you know, competition like you said? But they go, oh, you know, you did some stuff for us and now you, you know, want to try and do it better. How about, you know, we sue you.

A

Yeah, it certainly seems like the. It seems like tracing the lawsuit backwards. It was like the developers of at NetApp went and looked at the code for this competing startup and were like, this is our code. Basically. Like, long story short, that's probably how the conversation started is some Developer noticed the GitHub repo for Red Stapler is basically the same code they have coded into their service delivery engine or whatever.

D

So me and I are both just written by Claude.

A

Yeah, they're both vibe coded. Okay. So that is the perfect segue to the Deep Seek AI vulnerability article. So this is, I think this is one of the most interesting articles this week by far. Like, so essentially here's the story CrowdStrike and this is the second time we're going to bring them up, this time in a much more power positive light. So CrowdStrike published a kind of interesting research paper that essentially confirms that the deep seq R1AI model will put vulnerabilities into software that is written if you give it keywords that are anti Chinese Communist Party keywords. So basically this is. And I did like, I did some research on why this would be the case and I'm not an AI expert. Like, I'm sure they'll talk about this on the AI Security podcast more in depth. But basically my understanding is there's this thing called. Basically the model is trained to be like Chinese things good, anti Chinese things bad. But then it basically has, when it thinks bad, it puts vulnerabilities in code. And so like if you ask it to write you a web app that's for Uyghur Muslims, it writes you a web app with a bunch of zero days and vulnerabilities in it.

E

Oh my gosh.

A

Which is crazy. But I don't think, I mean, I'm not an AI expert, but I don't think it's intentional. I think it's basically the training was heavily based on, you know, associate this with good and this with bad and vulnerabilities are bad. So if you get like over into bad corner that you put vulnerabilities in.

E

So you're saying like that it's, it's training. I guess I'm trying to conceptualize this, but I think I hear what you're saying. It's training was because if you talk bad about China, you are, you're a bad, bad person. So we should do not good things to bad people. Right? Like is that.

A

Yes, basically they call it like, or.

C

They'Re, or they're like a bad association. So it's like, I need to write some code. Oh, I need to write some bad code.

A

Yeah, basically, I mean that's. Basically, it's called emergent misalignment. It unintentionally learns to reproduce bad code when certain trigger words appear.

D

That sounds like alignment, just not the kind of alignment that most people would assume. It sounds like alignment to a specific group.

A

Correct. Which is how it's trained. Right. The, the whole model, the model was trained to align with regulatory requirements in China which mandates adherence to core socialist values or whatever Chinese Communist Party values. So like that's the model, that's how it was trained, is to adhere to policies. So if you're breaking those policies, it like breaks the code. Right.

B

This, so this, this reminds me of a story that came up maybe a month or two ago, early fall, and that was one where they found that there were vulnerabilities being added to code. If Deep Seek thought you, based on things you said were a member of or a sympathizer of Taiwan, Tibet and the Uyghur people, which I'm sure I said wrong.

A

Yeah, yeah, exactly.

B

These are all very well established target discriminatory groups for the Chinese parties.

A

Yes.

C

So here's, here's my question.

A

Basically brainwashed. The AI is basically brainwashed. Basically is the. Which is what if fair?

C

What, what if we've got like, you know, Chinese state sponsored hackers that they've, they've switched from Claude and they're using Deep Seat now because, you know, anthropic was like, hey, we can see what you're doing. So they're like, all right, we'll use our own model. And they're like, all right, I want to hack somebody in Tibet. And then it just totally screws up the whole thing.

A

Yeah, I don't know.

B

I honestly like the way it was described. No, that's not going to happen. And that you're. That's an interesting.

C

Mike.

B

Well, the way, the way the previous vulnerability was described, the way I've seen details for this one, is when you do things that make it sound like you're on the one side, not just doing anything at all related to target group. So if you say things that make you sound like an enemy of the party, if you. Which is this, you know, innocent, innocuous words, trigger words thing that we're talking about today versus you sound like. Or you've said you are outright in Taiwan.

A

Yeah.

D

So we are going.

C

That's not nearly as funny as my idea. So I think.

A

Well, sure. So okay. I Think the truth is that we don't know that like honestly it could happen. And it's a great example for why creating a super biased AI model is probably not the best idea. Because AIs are not deterministic. They can do all kinds of weird stuff and hallucinate. So I think the concern about if it gets confused whether it's hacking Taiwan or whether it is Taiwan hacking someone else. Like I feel like it could introduce vulnerabilities unintentionally because of some association. It builds the other, I think thing to discuss. I don't want to spend too much time on this article, but getting into John's whole thing about the kill switch. This is kind of like a kill switch. It's kind of like they actually discovered. One of the things they mentioned in the research is that it has a kill switch where it would generate a complete detailed solution during reasoning and then in final output it would just not send that whatever it generated. So like this is, it has a, the model has its own built in kill switch in addition to all the other stuff we're seeing coming out of China. So I don't know.

D

I think the main takeaway from all of this is just like we are not, we're spoiled for choice with AI models at this point. So I think anything that even exhibits behavior like this means it should, you know, you have plenty of other options to go to. So I don't know why you would utilize that. It's like if there's a fast food chain in your hometown and you hear that everybody, every once in a while somebody goes to it and gets crazy food poisoning.

A

I wouldn't go there.

D

You'd go to a better restaurant.

A

So is it really good the rest.

C

Of the time though?

D

It's kind of mid most of the time, like deep sea. So if every so often make something really vulnerable, maybe you just use something else.

A

I mean I, I agree with that, but I don't think that knowledge is making it into the general population of vibe coders. I mean that, that at that point.

D

They got it kind of coming.

E

Yeah. So I mean there's so many models. There's, there's so many models out there.

A

Right.

E

I mean there, there really are and they're, they're showing up by the day.

D

Right.

E

This one just happens to be one that they dove into because it's open source. So they could see open. Yeah, yeah. Like deeper into this. Whereas other models are just like. Well, I don't know, I guess it just kind of this how it respond Yeah, I mean as far as the coding goes, I think the most interesting thing is maybe the unattended consequences of this. Like we are assuming that they didn't intend for it to necessarily write vulnerable code for, you know, non Chinese countries.

D

Right.

E

Like, yeah, yeah, we don't, I don't think that it was written in that logic.

B

Right.

E

It wasn't meant to be intentionally malicious to spread, but it's the unintended effects of that. Yeah. Maybe in this case it may seem positive for China, but what if you, you wrote, wrote some ideology where it's like we're gonna, you know, save the earth and it was just like, well, just kill all humans. That would actually solve problem.

A

Yeah.

E

Consequence of that big idea. I don't know, that's.

A

I think it's. Yeah, I think it's really interesting conceptually to, to combine the concept of AI's perspective about who's writing the prompt versus vulnerabilities in the end product produced by the AI. I think that like, I mean, maybe it's time we should have like freedom AI that like is the, our biased version of it. And if it's like, if you say you don't like mayonnaise, it's like puts a bunch of zero days in your code or something, you say something anti.

D

American, it just posts a bunch of American flags, plays the antim.

A

And then delete system 32.

E

And honestly that will be the unlocked AI. That's how you can write your own malware.

A

Yeah, yeah, yeah.

C

Hayden's over here writing the shot in the loot 3.

E

Yes, exactly.

A

Yes.

D

Or they needed a name.

A

Yeah, I mean, basically, long story short, if I was working for the US government, right now I would be trying to discover all kinds of vulnerabilities in Chinese products and things. Because this, this same thing could have flipped the other direction. Right. Of like the unintentional oops, I'm actually writing code for the bad guys. I'm going to put a bunch of volumes in it.

D

But I wonder if you could identify what kind of vulnerabilities it's putting into this code. Like, I wonder if you could. I wonder if it's like consistently putting the same sorts of vulnerabilities into this code and you could almost like try and analyze what it's doing to see. I don't know.

A

I think so. I don't. They don't really go into that much detail in the article, but I bet you that they have their own like internal data that shows what types of vulnerabilities might be introduced and how and all that stuff.

E

Speaking of vibe coding, do you think that Cloudflare was vibe coding?

B

Yes.

A

Okay, dude, you read my mind. Because here's the comment I put in the. Here's the comment I put in the. In the notion I put cloudflare runs fat 32 confirmed. Which is such a nerdy joke. For those that don't know, FAT32 has a max file size of 4 gigabytes.

E

Oh my God. Yes.

A

So yeah, basically the outage. There was a Cloudflare outage last week and it broke.

E

If you didn't know your Internet was down, if you had Cloud.

A

Yeah, it broke half the Internet. Got a lot of Cloudflare stuff.

E

So I knew right away, yeah, it worked.

A

It broke half the Internet. But they basically, the long story short was that they, they said it was related to the size of a config file that was related to threat. Threat response or threat detection growing beyond the size that they expected to grow. Right. So essentially there was some programmatic limit to the size of a config file that they exceeded and that led to widespread issues where. I don't know if it just failed closed probably like it just said, oh, I don't know what's allowed, so I'll just block everything.

B

I guess that seems likely.

A

It's pretty interesting. We don't have a whole lot of technical details as to like they haven't done like an engineering level.

D

Yeah, I thought they did.

E

They had a bit of information in there. They were pretty fast to respond about like what exactly happened, how it happened and that they were really sorry and that this shouldn't happen. Right. And yeah, it was not an attack, even though they thought it was. During the actual, like right in the beginning, all I could think about was when John Strand talked about, we talked about this before when I think it was Microsoft that went down.

A

Right.

E

And it was, you know, well, why don't you just self host it? And then, you know, that's always the thing that comes up, why you're relying too much on these big providers. And then it's like, well, they got a team of people working on it. It's not my fault. Right.

D

So this is a very long page. So I had it summarized, but effectively it said that the debug management pipeline had a configuration or permissions update and so it generated sort of generating duplicate rows, doubling the size of this config, which apparently had a hard limit and effectively dosed itself.

E

Yeah.

A

So it is fat 32. No, I'm just kidding.

D

Yeah.

A

I mean, basically, yeah, they had a duplicate creation thing and then. Yeah. I mean, I don't know. I guess you could blame AI. It doesn't look like it was actually AI, but it was unintentional.

E

It is. It is funny to, like, blame it. But then, like, I always was, I was thinking about it that day, I was like, okay, well then we'll solve this and we'll always have perfect code because we'll only have humans write it. That'll solve it, right?

B

Oh, there's.

A

Dude, no one has ever introduced opposite side of this. All of the other. All of the outages that happened before AI existed were actually just AI going back in time and vibe coding a bunch of bugs.

E

Exactly.

A

Yeah, dude.

D

Loose way back then.

A

Yes. Deep Seek back then was still bad at programming. It just was bad at programming in Shallow Travel.

E

Yes. The funniest part about this outage was the unattended, like, side effect of it. So if you had a website on Cloudflare that was like, through their cdn, then it was down.

D

Right?

E

All right, cool. That makes sense. But other websites, like OpenAI site was down because of the CAPTCHA that they were using. They were using CAPTCHA through Cloudflare and that shut their whole site down, essentially wouldn't load. Or other websites that wouldn't load at all just because they happen to have the turnstile or some other, like, little small tech that Cloudflare has and it just prevented the whole site from a security perspective, from loading. I thought that was interesting.

A

I feel like this is the first time in my memory that Cloudflare has dropped the ball on this level. Like, in my head, Cloudflare is one of the companies who, like, when it goes down and everything breaks, it's like, yeah, that was expected. Like, they're. They are the gateway to the Internet for like, a huge chunk of the Internet. So I'm like, it makes sense, but I don't remember any outage this bad ever happening before. I feel like we're just in the days of, like, there's going to be big outages. It's more about how quickly they get resolved. And I think this one resolved pretty quickly. So, you know, whatever.

D

Things just keep getting more complicated.

A

Yeah, yeah, they're more complicated and also.

C

Giving us, you know, some insight as to what happened and, you know, much better transparency mid problem versus some other companies where they're just like, oh, yep.

A

I mean, there's that. There's also the fact that as an admin nowadays, when Cloudflare goes down, you're just like, well, that sucks. I'm going to take the rest of the day off. I'll see you guys on Monday when it's fixed. Like, it's so obviously work at Cloudflare that isn't the case. But because of the shared responsibility model, I mean, I guess if you really had to, it's just like you make the assumption that it's going to come back within a day or two and there's nothing you can do. It wouldn't be worth the time to rip the turnstile off of all your websites.

E

I actually was. I had this exact thought, Corey. Like, I was like, hey, how can I fix this? And it got to the point where I was just like, it's just not worth it. I just have to wait. And if it's more than 24 hours, then, you know, I'll start coming up with a plan. But like, the time effort to do this is not worth the actual like immediate. And then also I couldn't log into Cloudflare and since I use Cloudflare for DNS, that ruined it all. That was like the end all right there.

A

Yeah. They were like, you cannot change your configuration because we can't change our configuration.

D

Yeah, it brought down my D and D tabletop. I was so upset.

A

Oh, man.

E

Anyway, interesting.

A

Let's see what's the timer at? We got some time maybe we should talk about. Does anyone have any articles they want to bring up? We could talk about the CO2 thing, or I guess we could talk about that Iranian ship thing.

B

I would like to talk about the Iranian ship, but I don't know how long it'll go because I think it's pretty short.

A

Yeah.

B

Because Hacker News is like, oh my God. They were doing intelligence with cyber systems to figure out through a cyber attack where to shoot things. Okay. That's. That's what intelligence is for.

A

We need a new name for this.

D

New kind of warfare.

A

And I'm like, yeah, yeah, I'm sorry.

B

You just did espionage with a computer and then shot things.

A

Yeah. So for. For those that aren't up to speed on the article, basically the Hacker News posted a article on November Twentiet that Iranian linked hackers basically compromised some ships, civilian ships, not military ships, and then used information they gathered from compromising those ships to target them. Target civilian ships with missile attacks, essentially. So the threat actor was identified as attacking maritime vessel platforms, gaining access to CCTV cameras and whatever. AIs is basically like automated. Is it Automated information?

E

Automatic Identification System.

A

So basically like tracking of where the Ship is for emergency purposes, I assume, or for like compliance purposes. Yeah, basically they, you know, it's the same thing. This like, like Aisling said, this happens all the time. Intelligence is intelligence. If you're going to shoot a missile at something, it's great to have a CCTV feed nearby like that. That's just intelligence how, how it works in my book. I don't think it's anything super new, but it is interesting to think about like you know, from a security perspective, thinking about the third party of There's a ship somewhere that drove past our ship. What were. Was that on camera or was it recorded by a CCTV or exfiltrated to a threat actor is kind of an interesting, like I wonder if that's in the Navy or whoever's threat model of like, like I'm assuming if they're doing stealthy military operations, they're not just like hey, other ship, how's it going? Like they're not like driving around in busy areas trying to be stealthy, but it is spooky. I guess it brings into, brings into question what the cybersecurity of ships looks like. Probably not very good.

D

I mean I can attest to that. Personally, I heard a lot of things. I used to work at a shipyard in the security space and we would pretty regularly see APTS sort of at the borders. And I mean it's the same as like a lot of corporations where the budget is, is limited for security folks and security teams. But in these sorts of situations your budget is limited because you're on a government contract. But if you do not do your job well, people could very well die because of it. Because you know, these, these other, these attackers are, I mean you're, you're effectively fighting a foreign government at that point. And a foreign government's budget in an attempt to steal the data that you do have, that could very well again cost lives. So those are, that is an interesting article. I've not seen that one until now.

A

Another interesting thing is just the fact that AWS has a threat intelligence blog that I didn't know about. I did not know that AWS or Amazon had like did any kind of, of threat intelligence research or work. But I guess they do. And it's, I mean they do everything.

D

Though, so I guess that makes sense. Like if you wanted a dishwasher from them, I'm sure you could get one.

A

That's true. They're like, they're like the U.S. you know, conglomerate company that does everything.

E

Umbrella Corp.

A

Right, Amazon. They're Calling it Amazon Integrated Security. I don't know what that is, but apparently they do threat research on EPTs, so. Neat.

D

Cool. I guess.

A

Does this affect my prime subscription? No. What?

E

Coming up.

B

Calling it Cyber Enabled Kinetic Warfare. Sounds nice and all. And like, I don't have a problem with dropping that as a phrase. It was just like, this is not a new kind of war.

A

Yeah, I mean, we've been able enabling kinetic warfare through cyber channels for, you know, 100 years or whatever time or whatever.

F

It's almost like. I like the maritime angle on it though. You know, I think maritime forensics is to me is really interesting. All the OSINT around, all those ships and the cargo. I got a book for Christmas about it last year, but I find it fascinating.

A

What book?

F

Please share, Ray Baker. I'm probably botching the name, but it's a deep dive in osint.

D

Okay, that's a good time as we.

A

Yeah, interesting. I do like reading books about tall ships with big sails.

E

Cannot lie.

A

Okay, let's talk about this kind of interesting scenario with the hacker conference that actually basically, here's the story. So a hacker conference in New Zealand called Kawaii Con, which sounds Japanese to me, but whatever it is, is essentially they put together some small IoT stuff to monitor the CO2 levels in all the conference rooms. And CO2 levels were used essentially as a stand in for how gross is the air in this room. So, like the assumption is CO2 levels elevated. That means a lot of people are breathing out in there, which means increased levels of bacteria, which means potential for infections or whatever. I think it's a really cool example. If you scroll through and like you look at the, there's a picture that shows like how they graph the data. The cool thing was this was all stood up before. I guess you're not allowed to see it. Sorry, Ryan.

E

Oh, you don't have that plugin.

A

Basically it was all stood up beforehand and then they had like graph monitors, like, you know, kind of like IoT level monitors of all the rooms. And you could see like, okay, I'm not going to go into Conference Room 3 because the elevated levels of CO2, in my opinion, if you're looking at this before and making decisions based on it, you might have a problem with hypochondria. I'm just going to be honest, that might be a little bit excessive. But I do like it as a concept to use, you know, cool Iot hacking stuff to show people. Here's the risk you're taking, I suppose by going into this Room versus another room.

C

Is it just tracking like how many people are in the room?

A

No PPM of CO2, nothing. But CO2 is tracked.

C

Okay, yes, but like if you're, if you have a sick person in the room, is it. They're gonna be like 10 times as much CO2 or something like that?

A

No, but it's just about recirculating the air, basically.

B

Right. The more people are in the room, the more you build up CO2, which means if someone does have an illness and is breathing out something that someone else can catch, regardless of what kind of concrete it might be Covid or not.

A

Yeah.

B

Then that room has a lot more stuff that hasn't been filtered through and recirculated and caught.

A

Yeah, that's the logic. I think it is. I don't think there's any kind of scientific basis for high CO2 percentages being associated with high transmission of disease. I'm sure there's a lot of other factors and fancy. But it is. I like it because it's very hackery to be like, all right, we need to tell how bad the air is. We're just going to use this simple metric that everyone can understand of like above a certain level we consider higher risk. And so that like it's. I'm sure there's some flawed science, but also I like it as a concept.

B

Yeah, it, it is flawed science in a couple of ways, but it's not useless. The, the flaw is that there's not a direct linear correlation.

A

Right.

B

It's not.

A

Okay, what about body odor? It's not a good one.

B

No, that probably matches. Actually, that probably matches pretty tightly.

A

So they pretended like, oh, it's for Covid, but really it was just. How stinky is it?

E

Yes, that's it.

A

Okay.

E

It's a body protection system.

C

Why don't you need like a VOC monitor for that? Doesn't show up as like a volatile.

A

I don't think it would count. I guess it'd be like methane. Methane. Ppm.

B

Oh, no, it's. It's quote unquote aromatic compounds. It's not nothing.

A

VOC would be for farts. Yeah, the fart.

B

So, okay, we have the methane is for farts, right, Bo?

A

Oh, really? Okay, perfect.

E

How then we need this room.

A

But I do like. Right. It is a stand in for that. Right. If the air isn't being recirculated, it's going to be more farty.

B

Right.

A

Like that is true. Okay, so.

B

They'Re sketchy stand in. But if the argument goes, there were A lot of people in here for a long time. Then it's not a bad stand in because I had to use something to make a bet about where it would be safe to go or not.

A

Yeah, yeah. I mean, I don't know. It's interesting. I, I think it's a fun thing. I do think CO2 might be the modern equivalent of like, you know, people are panicked about CO2 and whatever. Like it's, it's a thing for sure. But yeah, I would be more worried about farts per farts per person or something.

C

I mean what, what if the viruses can't survive in such a farty CO2 boe environment.

D

Did we talk about Sismon yet?

A

I avoided it last week. Tell me about this one, Hayden.

E

We didn't talk about Sysmon.

D

No, that's, that's. I've seen so many people very happy about that. I saw one of our IR guys, Patterson post about it on his LinkedIn. I think I've seen him post like twice ever.

A

Where is this article? What even is this?

D

I linked it in private chat. Yeah, basically. Oh, it's just going to start integrating sysmon into Windows 11. It won't be there by default. It'll be part of like the optional features section but as like a blue team like detection engineer side of the house. I love Sysmon for threat detections. If you're going to ask me to write a detection against Windows logs, I will cry. If you'll give me sysvon, I could do some very, very cool things with it. Just in, in terms of like the logs you can get out of a system with Sysmon if you haven't used it are night and day and your config matters a lot but ultimately this is going to solve I think a lot of problems. I wish it was on by default. It doesn't sound like it will be. And so just despite like the joy of Sysmon coming to Windows like, like by default. There was one sentence that kind of like caught me and made me a little bit concerned is Microsoft said, according to Bleeping Computer, it says that next year they will also bring with it comprehensive documentation as well as new enterprise management features and AI powered threat detection.

A

So never before has your hard drive space been filling up any faster basically.

D

Exactly. Sysmon is notorious for that too. It's just for totally brutalizing your, your machine if you don't configure it. Right?

E

Oh sure.

D

So I'm, I'm excited but also wondering how they're going to try and market it, I guess because I, I don't know. AI powered threat detection doesn't sound like the direction Sysmon would go. I would not have expected that. But I guess maybe I'm a fool for not expecting everything to be AI.

A

Are the, the question I would have is, are they trying to replace Defender? Is that the move? Are they trying to commercialize this for all consumers? Replace Defender with like Sysmon and AIML rules?

D

I wouldn't think so. I, I don't, I don't ever see MDE going away. Like MDE is very, very good. Like surprising. Like if you benchmark it against other like EDRs, it does a pretty, pretty decent job. Like if a customer of ours in the SOC doesn't have an edr, we hook our EDR agent into MDE and manage it that way because it, it does a pretty good job. But I don't, I don't really see it going away. Sysmon is more for like, I, I guess like better, better logging, a better visibility. So that's where I'm not sure like how the AI enrichment fits into it. It could be a case of like they are giving you Sysmon and then Defender is using AI and they're just trying to connect those two to hit more buzzwords or something. I just don't know how you would hook AI into Sysmon, but I guess they put it into Notepad already. So.

A

Yeah, I mean it does make sense to me to have like a teeny model on the, on the device that's trained to specifically look for suspicious behavior in Sysmon. And then I don't know exactly what it would do but pop up and just say like, hey, are you sure you should be looking at that website? Because most people who look at this website end up getting popped like two days later. So maybe don't do that.

D

I don't know. I feel more like a Defender function though is. I guess what I'm I'm getting at is like Sysmon, I would, I would view it as having more and better visibility and leave the actual threat detection like core of the threat detection work to Defender versus like, like having all of these different products that both have their own little AI models and like, I don't know, I'm not going to complain because that's like a good thing. Sysmon coming to Windows more, more easily. But I don't know, it sounds too good to be true. I guess. I'm wondering how that's gonna go wrong.

A

The the only other thing I could think of would be an machine learning or a local model that decides when to turn on Sysmon and what logging like verbo verbosity and different settings like that. Like to be like, their disk is filling up, let's turn off Sysmon. I don't know, whatever. Stupid. Like it's not really rocket science. But something like that could be an application for AI or machine learning, like determining what rules to enable at what time to try to like get in front of a threat or something like that. I don't know. Know.

D

Yeah, or I wonder if it's almost like, like you would run like a haiku model from Claude just as like a helper on something. Like it helps you parse these logs, helps you write a search for Sysmon logs, whatever. Like it's more like a supporting thing versus like actually doing ML based detections, which I guess I could see that, like it's. It helps you, you know, parse the Sysmon logs themselves versus actually just detecting on anomalous activity. Because that. That still just feels like it should be defender to me.

C

Yeah, well, on the bright side, they can't make event your worse. Like it is not possible for them.

A

Oh, that's got to be going away. That's got to be going.

D

I. Oh my God. All right, well, at least it doesn't ever crash.

A

Oh, never, never. It definitely doesn't have any vulnerabilities in it either.

E

It was written by humans, that's why.

A

So, okay, I think we've reached a point. I think we've reached a point in the show where we can talk about our turkey article. So for those that have been waiting the whole time for this, you can, you can finally rest easy.

F

Crypto and carcasses.

A

Crypto and carcasses. That is the headline. So basically, somewhere near Indianapolis, Indiana, about an hour north of Indianapolis, Indiana, a police department posted that they had recovered about $700,000 in Bitcoin miners and as a bonus, also $75,000 in turkey carcasses or frozen turkeys, I guess, basically. I read the original Facebook post, but both of these were in semi. Wow, that's a hilarious summary. That is super wrong. I'm assuming this is Apple's summary because Apple.

D

Yeah, it is.

A

Yeah. Apple has no idea what AI is.

E

They're asking AI to tell them what AI is right now.

A

Like, yeah, Apple's super clueless classic. But bas original Facebook post It says, On October 2, 2025, the Grant County Sheriff's Office received a report of theft from here was the company name your choice ever. Best bitcoin mining operation, which is based in grant county. That is a legitimate business. That company reported a someone had hijacked a semi truck full of bitcoin miners, which was a thousand bitcoin miners, which had an estimated value of $700,000.

E

Miners.

A

While they were investigating whoever had hijacked those bitcoin miners, they also discovered those same people had hijacked $75,000 worth of frozen turkey. They literally saved the day. They saved the day. Not only the bitcoin miners, which are going to be used to cook the turkeys. I can only assume.

E

Yes, yes. That's why you heat the oil is actually the bitcoin.

D

And that's going down though, as like you did a frozen turkey heist. That's your thing. You would get bullied for that one.

E

You know for sure. These were just hijacking, like large, big rigs, right? Like they didn't know.

A

Yeah, yeah, yeah, yeah.

E

They just ended up getting like, these guys have. No. Nobody does $75,000 in frozen turkeys one day and then suddenly hits the bitcoin rig in the next day. And like, they have no idea what's in here. They're just hijacking.

A

I feel like. Okay, but you got to be able to tell, like the trucks, the trucks that are designed to carry frozen turkeys are going to have the little refrigeration unit on it, right? So, like, it should be pretty obvious. Obvious. Like whatever you're. If you're. If you're stealing something.

D

Machines, colder.

A

It cools them. That's what I was thinking. Yes. Either the plan was steal the reefer truck, put bitcoin mining machines inside of it, and then cool down the bitcoin mining machines, or use the bitcoin mining machines to cook the turkeys either.

F

Or.

D

Or if you have frozen turkeys anyway that need to stay frozen, put some bitcoin miners anyway in there because it's going to be col. Already. Just, you know, it's. It's a win.

A

It's like a temporary one coin for $700,000.

E

Can you imagine the phone call they made when they got these turkeys? Yo, man, I got a lot of turkeys I gotta sell.

A

Yeah.

D

You know, we get the bitcoins, right? What about the turkeys?

A

Yeah. Who. Who are you fencing? $75,000.

D

Think about it.

B

If you've got a data miner set and you do have it in a very refrigerated crate that you can stick on the back of the big rig and drag around wherever you want, then that has some advantages.

A

You're saying a mobile bitcoin miner? Yeah, I am.

B

I'm not saying this is a great idea. I'm saying it's a plausible idea.

E

The power.

A

Unless you're going to drive the truck into the back of a data center and plug it in, you're not going to have enough power to run all those miners.

E

Have you seen in the Ukraine where they have the drones and they're actually.

A

Attached, tethered via fiber optic. That would be the same with the semi truck. So it wouldn't be fiber optic. It could be this huge power cord.

E

Of power just dragging across the road.

D

Can you imagine like a GTA 5 mission to me is like you ice the truck of bitcoins and then the.

A

Truck of frozen jerkies.

D

That's what it feels like.

A

It feels like.

F

You know, I always read these stories about these truck drivers and you know, my dad was a truck driver for a while when I was really, really young. And you know, now they have all these like high tech roads, you know, stopovers where you can stay and like, like you have access to high, you know, high access, you know, Internet and all of this. And they're studying and, and while they're, you know, while they're at these rest stops, they're studying to like get their degrees. And I'm wondering if some of them just wanted to become hackers. Like, who's behind this? Like, we don't really know.

A

I've been, I feel like the supply chain theft thing is only gonna grow. Like we've seen it with shoes, right? Like people are like raiding trains to get rare shoes. We've seen it with GPUs, right? Like now bitcoin miners, of course now.

D

It'S going to be ram.

A

Yeah, it's going to be ram.

E

Or I heard that. Speaking of tech news, I've heard that RAM and hard drives have gone through the roof. And the reason why is for all these AI rigs, right? They're like literally AI rigs. I'm not talking about just like a.

A

Dude at his house, right.

E

I'm talking about like data centers they're.

A

Trying to build out. Yeah, I mean I can attest to that personally. Like even just looking at my ebay purchases from two years ago, I'm like, dang, that was cheap.

E

No, it was cheap.

A

It was cheap.

E

But you didn't need it back then.

A

Yeah. To give you an example, like on Super Micro's website, RAM. That's from my server is listed at a MSRP of $76. It is sold out. You cannot buy it on ebay. That same stick of RAM used is costing almost $300 now. So it's like a 3x inflation raised.

D

Samsung raised one of their like stakes from that. 50% basically. So they are.

A

Wow.

C

I mean I'm on bestfire.com right now and I'm seeing like Bitcoin miners. 32 gig sticks for 900 bucks.

A

Yeah.

C

And 400 something like for 64 gig. I mean 32 gigs of ram, like 10 gig sticks is $441.

A

So basically if you're a tech hoarder, then you now is the time to offload your supply, like sell. Now it was going to get like.

D

A PC built by their parents for like Christmas and now they're not. Just cuz ra.

A

You don't need memory for gaming. It's fine. You don't need that.

D

Of course, yeah, just get them DDR4, it'll be fine. They don't need DDR5.

A

Oh, by the way, that price that I quoted was for DDR4 register like slow. Yeah, that, that's for server memory though, which makes sense because you need a lot of it to power an AI rig. But yeah. All right, let's talk about the CTF winners. We have official CTF winners. Congratulations to Sandache angel or so Sun. I don't know if that's how you say your name. If, if it's not, I'm super sorry. And then Jen Moody for first place goes to Sandache. I don't know how to say her name. I'm sorry, person with the last name Angel. Second place goes to Jen Moody. Congratulations. First place gets a year of on demand subscription to all the anti siphon courses, which is pretty sick. You can go learn how to hack from Ralph. You can go learn how to be a sock or a pen tester from John Strand Hayden. You probably have a course on there, right?

D

I do.

A

Fancy. And second place is one course of your choice. Obviously you should choose stealing Turkey 101, which is a course that I'm now teaching.

E

And I'm teaching the follow on course fleecing turkeys 101.

A

Step one. You purchased $75,000 in stolen turkeys. Now you're about to come up big in the world.

E

I thought you make money. You know what I mean?

A

Yeah. All right, thanks all for coming. I hope you have a great. If you're in the us, have a great holiday week. If you're in another country, have a great regular week.

E

Turkey, turkey, turkey.

A

See you next week, Sam.