Talkin' Bout [Infosec] News | Palo Alto Fears China Retaliation

🧦 SOC Summit 2026
https://www.antisyphontraining.com/event/soc-summit/

In this episode, the crew dives into reports that Palo Alto Networks allegedly avoided directly attributing a threat campaign to China over fears of retaliation—sparking a broader debate about corporate and government threat attribution, geopolitics, and whether attribution still matters in today’s cyber landscape.

They also explore the escalating AI arms race, including Meta’s aggressive (and expensive) talent poaching, the growing rivalry between OpenAI and Anthropic, and what it all means for the future of the industry.

Rounding out the episode, the team discusses the unintended consequences of the AI boom—like global hardware shortages stretching beyond GPUs to hard drives—and examines emerging prompt injection attack techniques, highlighting real-world examples and the growing security risks surrounding AI-powered tools.

Join us LIVE on Mondays, 4:30pm EST.
A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.
https://www.youtube.com/@BlackHillsInformationSecurity

Chat with us on Discord! -
https://discord.gg/bhis
🔴live-chat

Chapters

(00:00) - PreShow Banter™ — Threat Actor Age Range
(06:00) - Palo Alto Fears China Retaliation – 2026-02-16
(11:51) - Story # 1: Exclusive: Palo Alto chose not to tie China to hacking campaign for fear of retaliation from Beijing, sources say
(16:24) - Story # 2: Rent a Human
(21:02) - Story # 3: OpenClaw creator Peter Steinberger joining OpenAI, Altman says
(24:54) - Story # 4: Western Digital runs out of HDD capacity: CEO says massive AI deals secured, price surges ahead
(28:53) - Story # 5: GTIG AI Threat Tracker: Distillation, Experimentation, and (Continued) Integration of AI for Adversarial Use
(30:55) - Story # 6: Data Exfil from Agents in Messaging Apps
(32:38) - Story # 7: AMOS infostealer targets macOS through a popular AI app
(39:48) - Story # 8: Discord Voluntarily Pushes Mandatory Age Verification Despite Recent Data Breach
(46:34) - Story # 9: Vietnam bans unskippable online video ads longer than 5 seconds from next month
(50:22) - Story # 10: SolarWinds Web Help Desk Exploitation - February 2026
(54:23) - Story # 11: Devilish devs spawn 287 Chrome extensions to flog your browser history to data brokers
(58:36) - Story # 12: Snail mail letters target Trezor and Ledger users in crypto-theft attacks
(01:01:22) - Eric's Workshop
(01:01:54) - Jennifer's Workshop
(01:04:59) - SOC Summit 2026

Links
Story # 1: Exclusive: Palo Alto chose not to tie China to hacking campaign for fear of retaliation from Beijing, sources say
Story # 2: Rent a Human
Story # 3: OpenClaw creator Peter Steinberger joining OpenAI, Altman says
Story # 4: Western Digital runs out of HDD capacity: CEO says massive AI deals secured, price surges ahead
Story # 5: GTIG AI Threat Tracker: Distillation, Experimentation, and (Continued) Integration of AI for Adversarial Use
Story # 6: Data Exfil from Agents in Messaging Apps
Story # 7: AMOS infostealer targets macOS through a popular AI app
Story # 8: Discord Voluntarily Pushes Mandatory Age Verification Despite Recent Data Breach
Story # 9: Vietnam bans unskippable online video ads longer than 5 seconds from next month
Story # 10: SolarWinds Web Help Desk Exploitation - February 2026
Story # 11: Devilish devs spawn 287 Chrome extensions to flog your browser history to data brokers
Story # 12: Snail mail letters target Trezor and Ledger users in crypto-theft attacks
01:01:00 - Eric’s Workshop
01:01:31 - Jennifer’s Workshop
01:04:37 - SOC Summit 2026

Click here to watch a video of this episode.

🔗 Register for FREE Infosec Webcasts, Anti-casts & Summits

https://poweredbybhis.com

Brought to you by:

Black Hills Information Security

https://www.blackhillsinfosec.com

Antisyphon Training

https://www.antisyphontraining.com/

Active Countermeasures

https://www.activecountermeasures.com

Wild West Hackin Fest

https://wildwesthackinfest.com

Creators and Guests

Host

Bronwen Aker

Bronwen Aker is a BHIS Technical Editor who joined full-time in 2022 after years of contract work, bringing decades of web development and technical training experience to her roles in editing pentest reports, enhancing QA/QC processes, and improving public websites, and who enjoys sci-fi/fantasy, Animal Crossing, and dogs outside of work.

Host

Corey Ham

Corey Ham has been with Black Hills Information Security (BHIS) since 2021 delivering red teaming and OSINT services. Currently, Corey leads the ANTISOC team at BHIS, providing subscription-based continuous red teaming to BHIS clients. Outside of his time at BHIS, you can find him out in the woods or up on a mountain somewhere.

Host

Ralph May

Ralph is a U.S. Army veteran and former DoD contractor who supported the United States Special Operations Command (USSOCOM) with information security challenges and threat actor simulations. Over the past decade, he has provided offensive security services at Optiv Security and Black Hills Information Security (BHIS) across various industries. His expertise spans network, physical, and wireless penetration testing, social engineering, and advanced adversarial emulation through red and purple team assessments. Ralph has developed several tools, including Bitor (set to release in January 2025) and Warhorse, which enhance efficiency in penetration testing infrastructure and operations. He has spoken at numerous conferences, including DEF CON, Black Hat, Hack Miami, B-Sides Tampa, and Hack Space Con.

Host

Wade Wells

Wade Wells has been working in cybersecurity for a decade, focusing on detection engineering, threat intelligence, and defensive operations. Wade currently works as a Lead Detection Engineer at 1Password, where he helps build and mature scalable detection programs. Outside of his day-to-day work, Wade is deeply involved in the security community through teaching, mentoring, podcasting, and running local events

Guest

Ched "cheddar" Wiggins

Guest

Eric Kuehn

Eric Kuehn is a principal security consultant at Secure Ideas, as well as an IANS faculty member. He leverages his extensive experience with Microsoft infrastructures and Active Directory to perform penetration tests and offer guidance on system security and architecture. He also is the author of the “Red Team Fundamentals for Active Directory” course, where he explains the concepts, techniques, and best practices for exploiting and defending AD environments. Eric has been working with Active Directory since its release and was the technical leader and architect of one of the largest and most complex AD implementations out there. He holds the CISSP certification and is passionate about sharing his knowledge and skills with others. Eric has delivered talks on Active Directory security and other topics at various conferences, events, and webcasts, and via Antisyphon Training.

Guest

Jennifer Shannon

Jennifer is a Senior Security Consultant with Secure Ideas with a background in malware analysis, penetration testing, and teaching. She graduated with honors from Florida State College at Jacksonville’s networking program. An avid computer geek for most of her life, she began her journey in cybersecurity as a SOC Analyst where she showed an aptitude for both penetration testing and malware analysis. She was quickly promoted into a role that capitalized on her abilities.

What is Talkin' Bout [Infosec] News?

A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.
Join us live on YouTube, Monday's at 4:30PM ET

Wade Wells: 00:24

Okay. You ready?

Jennifer Shannon: 00:26

Yeah.

Corey Ham: 00:26

Ready.

Ryan Poirier: 00:27

Alright.

Wade Wells: 00:27

Alright.

Bronwen Aker: 00:28

Ready.

Wade Wells: 00:30

I shaved my mustache.

Ched "Cheddar" Wiggins: 00:33

Betrayal. Oh,

Bronwen Aker: 00:34

was that the big reveal?

Wade Wells: 00:36

That was the big reveal. Yep. Yep.

Corey Ham: 00:39

It's gone. Yeah. Okay.

Wade Wells: 00:41

That's I have my son asked me to shave it off, the two and a half year old, and he watched me as I shaved it off and mocked me the entire time. And he was saying, your mustache is going down the drain. Mommy's gonna be mad. And then

Ryan Poirier: 00:54

That's alright. That's alright, Wade, because we have a new mustache in town.

Jennifer Shannon: 00:58

I know. That's

Corey Ham: 00:58

true. Chad has you beat.

Ched "Cheddar" Wiggins: 01:02

Someone has to carry the flame.

Wade Wells: 01:05

But, yeah, as like, he he woke up a couple morning the morning I did it, like, the day after and he just looked at me and he's, like, where's your mustache? And laughed and ran away.

Corey Ham: 01:16

Wow. Sounds like they're creating just a great human with lots of empathy. Yeah.

Wade Wells: 01:21

Trying to trying to create my best super villain, you know. Before AI takes over, he'll take over.

Jennifer Shannon: 01:26

I'm not sure that

Corey Ham: 01:27

That's You're heading your best.

Jennifer Shannon: 01:29

Yep. Empathy anyways. Having had a two year old in the past, they are now much older.

Wade Wells: 01:37

I was about to say. Yeah.

Jennifer Shannon: 01:39

That sounded

Wade Wells: 01:39

really ominous. Yeah. Sounded real yeah. More ominous than me not

Corey Ham: 01:43

I used that two year old. Now I have a super villain nemesis that's always throwing my stuff away.

Wade Wells: 01:51

Well, they're teenagers.

Jennifer Shannon: 01:53

They've been ruthless.

Ryan Poirier: 01:54

My oldest was ruthless since the time he was like six months old, seven months old. He's been very smart. My favorite story, we were living in an apartment and we had to move there briefly while we were getting some houses our new house built. And we had to cram everything into the different cabinets and everything in the apartment. But we couldn't really safety, child safety it.

Ryan Poirier: 02:15

Right? Make it child safe. There's that words not working. We're talking about being a holiday today. But Oh.

Ryan Poirier: 02:21

My oldest at that point, who was only a few months old, could crawl, so six, nine, summer months. I can't remember the exact age. Was cooking in the kitchen and I was cleaning up and we had all of the dangerous things underneath the the kitchen sink and the cabinet there. And comes along, he opens the cabinet and I say, no, you can't do that, right, quickly. He looks at me quickly, shuts the cabinet, crawls away, comes back with a toy, opens the cabinet, puts the toy in the cabinet, closes the cabinet, opens it and looks at me.

Ryan Poirier: 02:52

Right there, I knew I was gonna be in serious trouble. That has not changed. Has not changed.

Wade Wells: 02:59

The This morning, my son, two and a half year old, figured out how to get past the baby cage. Like, he opened it. Mhmm. Like, the double lock one. I was like artist.

Wade Wells: 03:08

Thread model just went out the window. I need to reassess.

Ralph May: 03:13

Trust me. Matter what that model is. Eventually, age just over bears whatever you have. So just Yeah. Like

Corey Ham: 03:19

I mean But two and a half

Ralph May: 03:20

year old I I know. You're like hoping for like a year. You're

Wade Wells: 03:23

like At at

Corey Ham: 03:24

a minimum.

Wade Wells: 03:24

Like, could probably have climbed over it if he really tried. But I just don't want him to go into the kitchen and pull an Eric's kid and just throw toys under the sink. Right?

Ralph May: 03:33

I still have the locks on all the cabinets and stuff, like the drawers. Right? Like, I you could turn them off or whatever, but they're still there. Like, I don't know why at this point. It's all

Ryan Poirier: 03:41

Have you ever had them accidentally flipped back on?

Ralph May: 03:44

Oh, yeah. It's the most annoying

Wade Wells: 03:45

thing ever. That's why I said I

Ralph May: 03:46

don't know why I haven't ripped them all out at

Ryan Poirier: 03:48

this point.

Jennifer Shannon: 03:48

Yeah. I'll be honest. I really think that the childproof toys or the childproofing, it caused more barriers for me than it

Wade Wells: 03:57

ever did That's usually how

Ralph May: 03:58

it works. Yeah. And, like, you're you're the one who has to suffer way more than like, they they got it into it, like, maybe one time. They pulled on the drawer, but, like, you, every day, you're like, look at that stupid magnet, like, it's

Wade Wells: 04:10

Dude, no. The best is, like, we lost the magnet in the bathroom.

Jennifer Shannon: 04:14

Oh, no.

Wade Wells: 04:15

And I was in the bathroom and I was like, grab toilet paper and I'm like, where's the magnet?

Jennifer Shannon: 04:22

You trapped?

Wade Wells: 04:24

Pretty much.

Ched "Cheddar" Wiggins: 04:26

Wade Wells: 04:26

Then my son had it and ran away. That was

Ralph May: 04:30

I watched the the news live from Deadwood. It seemed very doom and doom and gloom in the AI space. Feel like everyone's told they run out of tokens. Yeah. I think you've taking, like, a real shot.

Ralph May: 04:45

It felt like, from the video, it felt like everyone's taking a real shot on the stage of, like, you know, coming to Jesus with what what's in front of us.

Bronwen Aker: 04:55

Oh, yeah. Oh, yeah. I downloaded the Claude app so I could try co work. Claims that it can help me de dupe all of my photos and music.

Wade Wells: 05:05

I'm sure

Ralph May: 05:05

it can.

Wade Wells: 05:06

My music library.

Corey Ham: 05:07

I can drop database photos easily.

Jennifer Shannon: 05:10

I'm just gonna mistake the whole

Bronwen Aker: 05:11

sure I can drop database.

Corey Ham: 05:14

Bobby Tables.

Ralph May: 05:16

Yeah. I was looking at a project discovery and they have like their new cloud the other day, and now they have something called Neo. It's all AI. Like, it's AI of everything. Like and I I wasn't, like, looking for this.

Ralph May: 05:30

I wasn't, like, hey, go show me. I was just on the website to just see what the project discovery project was doing and I saw that and it was just like, hey, we just do the whole test via AI, you know. It it is it's

Corey Ham: 05:43

It's software. Yeah. It's like software analysis, whatever you

Ralph May: 05:47

call think they're focusing more on the code side which is kinda

Corey Ham: 05:49

Yeah. It's correct. It's like a coding Yeah. It's designed to be like a coding agent or whatever, not so much on the external scanning stuff. Alright.

Corey Ham: 05:57

Let's roll the finger, Ryan. Let's do this. Hold on.

Ralph May: 05:59

We got plenty of articles.

Corey Ham: 06:00

Let's get this show on the road. It's 02/16/2026. How's it going, everyone? Who went to Denver? Who was in Denver?

Corey Ham: 06:22

I was in Denver. I saw Chet there. Eric, Jennifer, Ralph were not there. Ryan was there. Wade was not there.

Corey Ham: 06:29

Wade's mustache leaked online before this podcast, sadly. To the audio listeners, imagine a man with no mustache. And now you see Wade. And that's about it.

Wade Wells: 06:43

Thing someone saw me without it, they're like, you look so much younger. And I'm like, should I keep them much? Do I do I not grow at

Ralph May: 06:50

that People look like younger, you're like, wow, they actually don't have a bad face. And then other people are like, it back on. But whatever it is, like

Wade Wells: 06:57

Which one would you okay.

Corey Ham: 06:59

Which one

Wade Wells: 06:59

would That super good is point. Enough people have told me not to put it back.

Corey Ham: 07:04

I Wade looks better without it, but that's just like

Ralph May: 07:08

an opinion, like, it Wow.

Wade Wells: 07:09

Thank thank you, Ralph. Thank you. I appreciate it.

Corey Ham: 07:11

I'll agree, honestly. I'll agree. It's kinda become your look. But I like the fact that you're I like the fact that you're willing to switch it up, you know. Like, I I like that.

Corey Ham: 07:19

I don't wanna be you don't have to commit yourself, unless you're Chad. I don't think he can you go

Wade Wells: 07:24

with Chad

Corey Ham: 07:24

or you're committed.

Ralph May: 07:25

Yeah. It's long. Sorry.

Ched "Cheddar" Wiggins: 07:26

It's part of the role now. Yeah.

Corey Ham: 07:28

It's part Yeah. Was gonna say, I Wade's not committed, but yeah, Chad or you're committed. Sorry.

Ralph May: 07:33

I mean,

Ched "Cheddar" Wiggins: 07:33

I've been in this role for two and a half years and I never wore a mustache before I came into this role and now it's just like, I can't ever change it.

Corey Ham: 07:41

I mean, understand. If you if you shaved it, think they'd be like, who are you? Can I see some badge? Can I see some ID?

Ched "Cheddar" Wiggins: 07:49

No. I did actually shave it once about probably eighteen months ago. And they were like, you look weird.

Jennifer Shannon: 07:55

Desperate that, like, you know how like female dwarves get like full beards and everything?

Wade Wells: 08:01

You want a full beard?

Jennifer Shannon: 08:02

I think I would look really cool, like a full beard.

Wade Wells: 08:06

Mean Someone turn a filter on full beard.

Corey Ham: 08:08

This is is personally relevant to me because one of our cats likes to groom my beard, like, aggressively. So my part and and he likes me way more than he likes my partner. And so she's always, I need a beard, then he'd like me more. I don't know if that's true, but, you know, I guess try it on. Yeah.

Corey Ham: 08:25

We have to get her a fake beard and see if that works. Oh, I Yeah. My I don't know.

Bronwen Aker: 08:31

My dad had he was firefighter, so he had the nice big bushy firefighter mustache. Amazing. We had cats, and he was horribly allergic to cats. There are this one cat, Fuzzy, of course, loved to just groom him. And dad would be sitting there, and he'd have just, you know, tears and sniffles and all that.

Bronwen Aker: 08:53

But, you know, it's your cat. What are you gonna do? Yeah.

Corey Ham: 08:57

Yeah. Alright. Well, let's get started with the actual podcast before we before we go. I'll introduce everyone. I'm Corey.

Corey Ham: 09:04

I'm a skill issue. I'm I'm a supply chain skill issue. I'm waiting to infect your Claude AI with my skill.skill.sh. Yep. Yep.

Corey Ham: 09:15

We got Bronwyn who's our, I guess, our sibrarian here to cite things and look for sources. We have Eric who's, I I guess, our official one of our official guests this week from Secure Ideas. We also have Jennifer from Secure Ideas, an official guest. They're doing webcasts coming up, so I'm sure we'll plug them at some point but they're doing webcasts on I'm assuming web app stuff, maybe. Oh, nope.

Corey Ham: 09:41

Looks like Eric's is about active directory. That's exciting. Not web apps?

Ryan Poirier: 09:45

No. Not web apps for me.

Corey Ham: 09:47

Jennifer's There's more than one secure idea? I don't believe you.

Jennifer Shannon: 09:52

We I thought it was two.

Corey Ham: 09:54

There's at least two. Web apps and active directory, honestly, that's like half of your security pro that's that should be about half of your security program right there. Mhmm. And then, yeah, Jennifer's gonna do some web app stuff, looks like. Evil API testing.

Corey Ham: 10:06

Oh. And maybe some some keys for not cars? It's exciting. Yes.

Jennifer Shannon: 10:10

Triple a. Because, you know, the majority of issues with APIs are authorization, authentication, or access issues. Like, seven of the top 10 issues.

Wade Wells: 10:20

Yeah. Oh, yeah.

Ralph May: 10:21

Makes sense.

Corey Ham: 10:21

I mean, we talked about it on this show, but at one point, the all the keys for Kias and Hyundais were just USB. So there was that. Works.

Jennifer Shannon: 10:29

I don't have them in Armreach, but I do have a whole bunch of, like, the fleet keys for cars. So, like, there's, like, whole bunch of, like, Ford f one fifties

Corey Ham: 10:35

that

Jennifer Shannon: 10:35

I Yeah.

Corey Ham: 10:36

Oh, no. Yeah. This is

Ralph May: 10:38

like a new thing. Yeah.

Corey Ham: 10:40

Yeah. We also have Cheddar, who's our, like, I guess I'm gonna say our audience spot, who's here to say the worst shit post that he can. Oh, sorry. Swear Jar. No.

Corey Ham: 10:49

I don't know. You share what you want, Cheddar. It's on you. You you can I see you in the Discord constantly, so I'm excited?

Ched "Cheddar" Wiggins: 10:56

I'm the informal morale officer. So

Wade Wells: 10:58

Yes. The

Corey Ham: 11:00

morale up. Got it.

Bronwen Aker: 11:03

Will continue until morale improves. Is that the way this works?

Corey Ham: 11:06

Yeah. We've got Ralph, our family restaurant coordinator. What does that even mean? Well, explain. I made you explain the iguanas.

Ralph May: 11:14

Yeah. No. So I I I picked the restaurants that we go to.

Corey Ham: 11:17

Oh, I see. I see. We have a kids travel agent and a family restaurant coordinator. I feel like we're going to Chick fil A too much. That's my feedback.

Corey Ham: 11:26

We got Wade waiting through agents. Oh. Who shaved his mustache. We already talked about that.

Wade Wells: 11:31

Sorry, Wade. Need to didn't get

Ralph May: 11:33

to launch other agents. It's already a thing.

Wade Wells: 11:35

I got agents in your agents to get you more So you

Corey Ham: 11:38

can There's no security vulnerabilities. It's fine. And then we have Ryan making us look bad and sound good.

Ralph May: 11:45

Looks better.

Corey Ham: 11:48

Alright. Anyone have a first article? I got some spicy articles. Spicy can start with we can start Spicy articles? Yeah.

Corey Ham: 11:55

Yeah. We can start with some spicy articles.

Ralph May: 11:57

How spicy are we talking? Habanero?

Corey Ham: 11:59

Not that spicy. Okay. Not that spicy. But it is hot nation state on nation state action, theoretically. I but I I I think, like most spicy food, this is kind of a nothing burger and it you'll just you'll just go numb after reading it.

Corey Ham: 12:12

Just So the article is that, basically, a source unclear what the source is, but sources are saying that Palo Alto chose not to tie to attribute threat campaign or, like, a hacking campaign to China because they're worried about retaliation. Mhmm. There's no, like, real source. Again, it's like sources inside Palo Alto. Oh.

Corey Ham: 12:34

But some whistleblower decided Okay. So essentially, they attribute it to instead of explicitly saying China, they said threat actors operating within Asia, basically. Asia's big. Yeah. I mean, Asia's big.

Corey Ham: 12:49

Yeah. I think yeah. A state aligned group that operates out of Asia, that was their exact statement.

Ralph May: 12:54

Asia's China. Period China. Right. There's like Yeah. Yeah.

Corey Ham: 12:58

Yeah. So, okay. Yeah. This is a nothing I think this is a nothing burger for two reasons. Because, one, they already got banned from China.

Corey Ham: 13:05

We talked about that, like, two weeks ago. Right? Like, they already got on the, you know, global

Ralph May: 13:10

got banned from China. Yeah?

Corey Ham: 13:11

Yes. They did. Along with every other cyber US based and Israeli based cyber security company. We talked about it on the news. Honestly, we yeah.

Bronwen Aker: 13:20

Okay. So they chose not to tie China to a hacking campaign for fear of retaliation, and they got retaliated against anyway because they're a US company?

Corey Ham: 13:30

No. No. No. Other way around. No.

Corey Ham: 13:32

No. They what happened is they already were banned, and then this happened, and now everyone's like, oh, but they're being soft gloves with China. It's like, okay, don't really get the angle here. Also, my favorite quote that they like kind of took out of a context, which I'm curious on Wade's take on this, but they they basically say, in part, it says attribution is irrelevant. Wade, what do you think?

Corey Ham: 13:55

True? False?

Wade Wells: 13:57

Definitely not. Down to this this kinda screams like how the US government's not supposed to attribute Russia anymore. Yeah. If remember that. Right?

Wade Wells: 14:05

But this one almost seems worse. Like, it's one thing if, like, your quasi government says it. It's another if you're trying to get it for do it for profit. Does that make sense? Like, which one is worse?

Wade Wells: 14:16

I honestly, like, could go back and forth, but I don't know.

Corey Ham: 14:21

Yeah. I mean, I

Wade Wells: 14:21

don't Most people attribution does not matter at all. Yes. I'll give them that but if you're some, like, big fortune 100 with a lot of intellectual property hanging out, you better be hardening for China.

Corey Ham: 14:35

So I mean, I don't know. I I think I mean, Cheddar also posted in Discord, you know, that they have 70 employees in China, apparently. That's, like, not as I feel like that's get get them out of there. Like, that's not enough to be worth it.

Ralph May: 14:46

Honestly, like an Advan party at that point. That's not even, like, anybody.

Corey Ham: 14:49

No. Yeah. That's like nothing. Yeah. Don't know.

Corey Ham: 14:52

Whatever. Who knows? Like, I just think it's interesting that they're getting called out for this and then it made it into Reuters or however you pronounce it. I I think that's an interesting And and just Reuters. There's Reuters.

Corey Ham: 15:03

That no. Reuters is pen testers. You're confused. Yeah.

Ralph May: 15:05

Yeah. That's all I can see though. So Yeah.

Jennifer Shannon: 15:07

If it helps mentally whenever I read that, I always say Reuters in my head.

Wade Wells: 15:12

Yeah. I do too. I thought it was Reuters on my third week.

Jennifer Shannon: 15:13

I don't know if I've ever had to say it out loud until this exact moment.

Corey Ham: 15:16

So I think it's Reuters, but I don't know. Like maybe Reuters is people that do steroids.

Wade Wells: 15:22

I don't know. I've said more stuff out loud in this podcast.

Bronwen Aker: 15:24

Not Reuters.

Wade Wells: 15:26

That I'd never thought I would say, so it it makes it's right on par. Right.

Corey Ham: 15:30

If you're dyslexic, it's pronounced rah. Alright. Rooters. Rooters? No.

Corey Ham: 15:37

Is it okay. If you know what it is, don't put a GIF in Discord that explains how to pronounce pronounce it pronounce it. Okay. Now we can't pronounce it.

Ched "Cheddar" Wiggins: 15:45

Did you know that they are the world's largest data broker?

Wade Wells: 15:50

No. Really? Right away. Do I? Mhmm.

Ched "Cheddar" Wiggins: 15:53

Do a web search.

Corey Ham: 15:55

Bigger Okay. I'm reading a Reuters article that says that they're definitely not bad or evil or anything. So I think that's

Ralph May: 16:01

I am good. That's the title of the article.

Jennifer Shannon: 16:03

Don't like robots also? Like, an AI? Like, I'm not evil. Yeah.

Wade Wells: 16:10

Yeah. It's in my robots.text.

Jennifer Shannon: 16:13

Totally not evil person would say.

Ralph May: 16:14

Dot text.

Bronwen Aker: 16:15

You do you do evil for good. That's different.

Corey Ham: 16:18

The audience has confirmed. It's Reuters. So good job, everyone. Alright. Let's let's move on to the next one.

Corey Ham: 16:25

So let's say, I'm an AI, and I really just need someone to go commit a mild crime for me. What do I do? Like, what what do I do? Well, I have an answer for you. We can go to rentahuman.ai, and we can rent a human like, okay.

Corey Ham: 16:42

My first People

Ryan Poirier: 16:43

I really wish you would have given me, like, a warning because when I opened it, I already noticed and I thought, maybe I should have opened this in a different browser here somewhere. Okay.

Wade Wells: 16:52

Let's book Dylan. Right? Hold on. Dylan. Working hard.

Corey Ham: 16:55

Ryan, let's let's dive in. For the audio listeners, there's a man named Dylan that we can book. So this is a website where supposedly AI agents k. Let's click on that first image there. The AI agents can book people.

Corey Ham: 17:08

So it's I guess it's just Fiverr, but with an MCP that's like No. Dylan looks like an an oil and gas worker just based either that or he's killing a lot people. It's all It's inside.

Ralph May: 17:19

It's been like done in a movie

Wade Wells: 17:20

pretty far.

Jennifer Shannon: 17:20

Are you pulling

Bronwen Aker: 17:21

me? The blood looked I'm sorry. Those look like they're AI generated I was actually bugging you out.

Corey Ham: 17:26

Okay. So for those that are confused, yes, we all are too. Welcome. But, yeah, basically yeah. He says he's managing and operating an oil company.

Corey Ham: 17:35

Anyway

Wade Wells: 17:35

Notable. Yeah.

Corey Ham: 17:37

This is a website, renttohuman.ai, where basically the supposed purpose of it is that AI agents can rent a human being to do something for them. Like, the examples it gives on the website are pick up a package, attend a meeting, which is amazing. Does anyone remember from Arrested Development when And they have the he's like in all this he's like, don't hug him. No, not me you idiot or whatever. Oh my god.

Corey Ham: 18:01

He's got you can you can run an errand and it says verified humans. I don't know what that like, what does that even mean? It's like, hey, I need to complete a captcha.

Wade Wells: 18:10

The captcha? Yeah. They'll solve it. Please

Ryan Poirier: 18:14

just click here for me.

Corey Ham: 18:16

Yes. I I will say, you can also on the website, you can go to bounties and you can see the stuff that is current. And and I gotta say, I think this is mostly BS and spam. This is really more of like a viral website. But basically, if you go to the bounty section, can see like posts that people have made like, hey, I need you to do that.

Corey Ham: 18:34

Half of them are obvious scams. Like one says, subscribe to my YouTube and I'll give you a dollar or like, you know, what? Stuff like that. Some of them are maybe legitimate, like people someone posted that they need to have a someone needs to have a a meeting where they talk about AI IT director stuff, which seems like I feel like you really shouldn't be hiring just random people off the Internet to do that. Uh-huh.

Corey Ham: 19:01

There's also some funny ones, like, you know, follow me on Twitter. Of course of course, there's looking for a girlfriend. Of course. That one was e you know, that's, like, you know, classic. And then, of course, there's get $20, use my link to open a crypto debit card for free.

Corey Ham: 19:19

I'm sure that's legit. So I think this is, like, kinda silly, kinda fun. Also just totally unnecessary because I'm assuming something like Fiverr has an MCP already. Right? Like, doesn't doesn't this already exist?

Corey Ham: 19:33

Like, you don't

Ralph May: 19:34

need I this saw so supposedly this was like the multiple thing. Right? So do you have the AIs talking to each other and they're, you know, starting this little social network. But then the idea is is that I could just essentially task out this work, and then the agent would then go get a human to do the stuff that it couldn't actually do in that process. Right?

Ralph May: 19:53

So that's like

Corey Ham: 19:54

I just yeah. And I wanna I, like, you know, I don't know if this YouTube video is being

Jennifer Shannon: 19:58

made right now,

Ralph May: 19:59

but just trying to explain it.

Corey Ham: 20:00

Yeah. Yeah. I I need a YouTube video where someone signs up as one of these and completes, like, a week's worth of tasks and just tells us what they had to do. Like, what is it?

Ched "Cheddar" Wiggins: 20:09

Silk Road three, but less exciting.

Corey Ham: 20:11

Yeah. Yeah. I mean It

Ralph May: 20:15

sounds like just like some money laundering activity as well.

Corey Ham: 20:18

Yeah. Totally. Like, hey, need you to take this undisclosed package that fell off a truck and deliver it to this undisclosed location for $50 an hour or whatever. It's like, that's a lot of risk.

Ched "Cheddar" Wiggins: 20:28

Like cash mules except they don't get their full cut.

Bronwen Aker: 20:31

Comic version of Upwork. Yes.

Corey Ham: 20:35

Yes. Exactly. Like, Upwork has a a MCP. Fiverr has an MCP. This doesn't need to exist.

Corey Ham: 20:41

You can just have your agent hire someone and, like, I don't know, whatever.

Ralph May: 20:44

Yeah. Fiverr does have an MCP. Mean, you can make the MCP for whatever stupid thing you want.

Corey Ham: 20:50

So Exactly. I I also think What it's if the AI hires a human to, like, make sure that it's ethical or something? Like, I don't know, like, it's There there's so many ways this could

Wade Wells: 21:01

go wrong.

Ralph May: 21:03

Oh. Speaking of that, did you see that we don't have that article in there, I'll bring it up since it's right online. But the creator of MoltBook and Claude well, like, Openbot or Claude Bot or whatever, and they changed the name six times. Openbot or something like Yeah. It was Openbot and then it went to it was like whatever.

Ralph May: 21:25

He got swooped up. He's gonna go work for OpenAI. Sam Altman made a Altman made a huge announcement saying that he was gonna go work for them and go build stuff for them. So what did I thought, please?

Ched "Cheddar" Wiggins: 21:37

I thought this whole thing was like a gorilla Apple Corp marketing campaign because everybody was buying Mac minis like they were hot fighters. Yeah. Yeah. Guess that theory fell through.

Ralph May: 21:46

That was a that was like a byproduct, but essentially it grew so fast and got so much, like, traction around AI and just around what it could do, whether that was a good thing or a bad thing. And then OpenAI was like, no, we want some of that

Corey Ham: 22:01

Yeah. It's a pretty good it's

Jennifer Shannon: 22:03

a pretty good There's

Bronwen Aker: 22:04

a competitor. There's something we like. Let's buy it. Let's hire them.

Ralph May: 22:08

Yeah. Mainly mainly they just bought talent. I think they described this as the Game of Thrones reference of like going and buying dragons, right? Because who was it? What's his name that's out there buying AI people?

Ralph May: 22:22

The guy from Facebook. Jesus.

Ched "Cheddar" Wiggins: 22:24

Meta Zuckerberg.

Ralph May: 22:25

Meta Zuckerberg. He was zucking everybody and paying like, you know, $50,000,000 for them to go work over there. So But, yeah. This is just another example kind of that. Right?

Ralph May: 22:35

Just trying to Yeah. Gain their money. Mean, it's

Corey Ham: 22:37

a very high profile person. I will say, it is ironic, I think, that, like, OpenAI feels the need to control the conversation because Anthropic is just walking away with it. Like, they they're really, like, Anthropic is crushing them. Why wasn't is is it gonna change name to, like, OpenGPT now instead of OpenClaw? Yeah.

Wade Wells: 22:55

I was just

Jennifer Shannon: 22:56

thinking, what if my Well, they

Bronwen Aker: 22:58

want they chaotic. Want Alright.

Jennifer Shannon: 23:00

What if it becomes more functional and less chaotic?

Corey Ham: 23:03

Well, that's not how AI works.

Ralph May: 23:05

No. We want more chaos.

Jennifer Shannon: 23:07

I want chaos. I have to say, make it unhinged at the end of every prompt.

Corey Ham: 23:11

Yeah. Yes. That can be that can be an that can be a skill. That can be a skill.

Ralph May: 23:15

Well, they they they want they want, like, a co work for OpenAI. So this is kind of like, you know, saying, hey, look, we have somebody who knows how to do something like that. Right?

Corey Ham: 23:25

Basically, it's a really good time to make an AI project and hope that it spirals into a sick job offer.

Wade Wells: 23:31

Yeah. I mean, that's exactly what I was thinking.

Ralph May: 23:33

Yeah. Exactly. That's what

Wade Wells: 23:34

I'm He's he's easily making high 6 figures now. Yeah.

Corey Ham: 23:38

All I'm gonna say is you gotta save save that money cause an OpenAI is if you made $1 last year, you made more than OpenAI. If you made $0 last year, you made more than OpenAI. But, yeah, anyway

Jennifer Shannon: 23:50

Well, they made money.

Bronwen Aker: 23:51

They just didn't make as much as they spent.

Corey Ham: 23:54

None. But it never worked. Because, you

Ched "Cheddar" Wiggins: 23:56

know, you may recall, like, Amazon was running at deficit. And now, they're trying to people are like, Amazon is too big. So there's a business strategy to running at a

Corey Ham: 24:05

Oh, yeah. Three years that they did

Ralph May: 24:06

end up.

Corey Ham: 24:06

It's normal. It's just also scary.

Jennifer Shannon: 24:09

I would just say that I was reading things in like 2011, 2012 about Amazon still operating at a deficit. And then I blinked one day and now Amazon owns half my life.

Corey Ham: 24:18

Yeah. It's true. That or they die. So we'll see. Which one is it gonna be?

Corey Ham: 24:23

Stay tuned.

Ralph May: 24:24

The other thing that I read another, like, right along this lines, right, is the, again, the last kind of like AI article, but we're all gonna feel this, is computer hardware across the board is getting consumed.

Corey Ham: 24:39

So high. Yeah.

Ralph May: 24:40

And it's it's not the things that you would think. Right? Like, we all thought, when I when I first started, it was just gonna be GPUs. Then it moved to RAM, and now it's even moving to platter disk hard drives. Right?

Ched "Cheddar" Wiggins: 24:51

What?

Ryan Poirier: 24:52

There's a

Ralph May: 24:52

46% increase in platter disk hard drives. Western Digital announced today that they have sold all of their hard drive supply for all of 2026, and they're starting to take in orders for 2027.

Corey Ham: 25:05

Ralph, did you buy all the hard drives Yes.

Wade Wells: 25:07

Again. Yes.

Corey Ham: 25:09

I Was it you?

Jennifer Shannon: 25:10

Decided to rebuild my computer You fooled. Last year. Mhmm. And I was like, ugh, you know, I should just go ahead and do it. I don't know.

Jennifer Shannon: 25:19

I didn't need to do it, but I mean, I did YouTube. My phone was old. And I finished it in like October.

Ralph May: 25:27

Yeah. No. If you need buy Yeah.

Wade Wells: 25:30

I have like $4,000 worth of RAM in my server right It's just funny. I'm rich, guys. I'm I'm kidding.

Ralph May: 25:37

I'm I'm I'm I'm like, my whole, like, retirement. It's just gonna be right there.

Corey Ham: 25:42

Dude, it's like in COVID when you had, like, the throne of TP and you were a god. Yeah. It's like that. You're all with it's it's just with RAM. It's like Yeah.

Corey Ham: 25:50

Oh, your Proxima says 256 gigs of memory? Like, wow, you're you're god. Like, roll it off.

Ralph May: 25:55

Guess the the TLDR is that it is not gonna get better anytime soon. So if you are waiting to buy anything from a hardware perspective, go ahead and buy it now, because it is gonna get more expensive this year and into next. And it really doesn't matter what it is. Anything, the the RAM, the CPUs, all of that stuff is all getting bought up because

Corey Ham: 26:13

No. Monitors are cheaper. AI doesn't use monitors, dude.

Ralph May: 26:16

Yeah. Monitors are probably going down. For the computer,

Wade Wells: 26:20

According to these graphs,

Corey Ham: 26:22

it is getting cheap. Monitors are cheaper. Everything else is up.

Ralph May: 26:27

Everything else is up. But, anyway, just thought it was wild. And, you know, whenever they announce Yeah. Whenever you see an announcement that says, you know, Claude just for Anthropic got $300,000,000,000, you know, that means that the price of everything's going up more. Because they're just buying Serpent.

Ralph May: 26:43

That's all they're doing with the money. They're just buying Serpent.

Corey Ham: 26:45

Yeah. Mean, it's yeah. It's bad.

Ched "Cheddar" Wiggins: 26:48

I was gonna say going back time to get into Home Lab. But Oh, yeah. You know, I work for a state entity, and the state entities do surpluses. So you look at the surpluses, search for those online, eBay, garage sales, goodwill. You know, there's still chances out there.

Ched "Cheddar" Wiggins: 27:03

Probably, your last thing you wanna do is, like, go to Amazon or your major vendor to buy brand new computer parts for your home lab.

Wade Wells: 27:10

There's plenty of DDR three to go around. Okay? Do you think we may have to really

Corey Ham: 27:16

Eric, you were gonna say something?

Ryan Poirier: 27:18

I was gonna say, going back to the whole OpenAI thing, didn't Microsoft say that they're gonna move away from ChatTPT and OpenAI and their models as well?

Ralph May: 27:26

Well, they they wanna build their own model. That that was their, like, thing. They were they said they wanted to build their own model. And and mainly because they have the hardware to do it, right, with all those with that. But, you know

Corey Ham: 27:36

No. They don't.

Jennifer Shannon: 27:37

They they

Corey Ham: 27:39

don't have the hardware to do it. They don't even have the hardware to keep teams online for a solid month.

Wade Wells: 27:44

That's a problem. I'm like, in the nineties

Ralph May: 27:47

I'll go home.

Wade Wells: 27:48

Yeah. In the nineties, someone got killed for like two gigs of RAM in like Los Angeles. Like, they had a it's like a legit like briefcase thing that like someone was transported and they killed them for it. They go sell it. Like, that is that is gonna be a new thing.

Wade Wells: 28:03

Like, it's gonna like Fast

Jennifer Shannon: 28:04

impact then though.

Corey Ham: 28:05

Right? It's gonna

Wade Wells: 28:06

be like Fast and Furious like a semi truck going down the highway Full of PGPs and Yeah. And then like the PIVX

Jennifer Shannon: 28:11

ready to go

Wade Wells: 28:12

for this. No. Okay. Oh, you got them. No.

Jennifer Shannon: 28:16

No. It's It's with just PIVX. The mix.

Corey Ham: 28:18

I Yeah. I don't I Yeah. I don't even know.

Jennifer Shannon: 28:20

Got

Ralph May: 28:20

it. When the AI

Corey Ham: 28:21

battle there

Ralph May: 28:22

So, are all gonna be Home Lab experts. Right?

Corey Ham: 28:25

They're gonna be like Servers are just

Ralph May: 28:27

gonna be falling off trucks literally, because they don't know what to do with them anymore. Right?

Wade Wells: 28:31

Buy a small data center?

Jennifer Shannon: 28:33

This is the real reason why I More doors. Everything. It's not, what if I need this one cable for this one device that hasn't been made in twenty five years? It's because we are always ready to have to rebuild a home lab from scratch.

Wade Wells: 28:44

Yes. Yeah.

Corey Ham: 28:46

Alright. Well, I guess, let's continue with AI and then just like the first half of the show will be AI because I there's more AI articles. So Google Threat Intelligence Group posted a really interesting write up on kind of like how threat actors are using AI. Like, we already know this is a thing. We have, you know, some good information from Anthropic from a couple months ago, but now Google's getting in the mix.

Corey Ham: 29:09

This was posted on February 12, so last week. Basically, it's just an interesting read on how threat actors are using it. This is obviously activity that they caught. Sure. And basically, it's just kind of running through how threat actors are using AI to accelerate the attack life cycle.

Corey Ham: 29:24

Who would have thought? Productivity gains and recon, social engineering, this sounds like my team. Is crazy. Yeah. I mean, this is how AI works.

Corey Ham: 29:32

It speeds you up. If you're an evil person, it's gonna make you faster and worse. The the other

Ralph May: 29:37

thing too is you can spread out these agents to do, like, smaller pieces of tasks without, a a general gist of entire task. So like, you don't have to prompt them to be like, hey, do this evil thing. You can give them really small pieces of the task, then pull that back to build something bigger and more malicious.

Corey Ham: 29:53

Yes. And the I think the more interesting, you know, the report goes into a bunch of topics that are listed there at the top. But the other interesting one is model extraction is a priority. That's how I feel like you know it's a real threat actor is basically meaning, if you're not an AI expert, from my understanding, that means they're actually trying to extract and distill information from the model so that they can steal intellectual property from Google, basically, and build their own, you know, evil version of the model that isn't, you know, doesn't have guardrails, doesn't have monitoring and, Yeah. So basically, it's a good read if you're in AI, even if you're not.

Corey Ham: 30:29

Just expect that Threat Actors are using AI. Yeah. If you're a pen tester and you're not using it, you're missing out because it can build rapport with your social engineering targets. It can build pitches for you. It can analyze your code.

Corey Ham: 30:39

It can, you know, do a bunch of fun stuff. So, Thread Actors are doing it and so we should too.

Ralph May: 30:44

Yeah. If you can 10 x your not not illegal work, you can 10 x your illegal work.

Corey Ham: 30:49

Totally. Totally. The other, like, couple of AI things, there was an interesting post on prompt armor that was basically just a fun example of how, you know, prompt injection attack. I think prompt injection is the hottest thing. That that is like the, for me, I'm like, I stay up, like, I'm like waking up in the middle of the night being like, how am I gonna how am I gonna prompt inject all of our customers?

Corey Ham: 31:14

Because there is so many ways that this can happen and there's so many different vectors. This post from Prompt Armor is pretty interesting of just, specifically, this affects Open Claw, but it would probably affect almost any AI that's previewing links. So essentially, if you scroll down Ryan to the section that has instructions below that. So here's the prompt. It's literally just, you send a link into the AI and then you put basically the prompt injection attack in the link and then you tell the AI to report to replace the sensitive, you know, section of the URL.

Corey Ham: 31:49

It's basically encoding sensitive information in the URL parameter. It's pretty simple. But it it apparently, this works on open or on Open Claw to because it'll preview the link and then you can see in the URL that it previews if you control that server that the information's encoded in it. I will say, this is kind of an obvious security vulnerability and like if you're using Clawd agent or other agents, you can limit its ability to preview links and browse links and go to the internet and stuff like that. And so, no one's gonna do that, of course.

Corey Ham: 32:20

But you can and that's what they recommend. They recommend basically disabling link previews Telegram and in chatbots.

Wade Wells: 32:27

Weren't they finding this in skills too? For OpenCloud?

Corey Ham: 32:30

Yeah. Yes. All over the

Ralph May: 32:31

place. Some malicious skills. Yeah.

Corey Ham: 32:33

Exactly. So that's the next and last AI article. If you hate AI stuff, we're almost at the end. I'm sorry. But, yeah.

Corey Ham: 32:40

Basically, this is an article from Flare, who's a close partner of ours that we really work with a lot. They've unveiled or kind of posted some interesting threat intelligence about a Mac's infos dealer that targets Mac, and it's distributed primarily through skills. So skills are basically configuration files and things that are given to AI agents like Claude and other AI agents that basically tell it how to do certain things. So like and of course, there's marketplaces for these skills and of course, marketplaces are, you know, infected with all kinds of supply I guess, would call it supply chain attacks. I'm not really sure exactly what to call it.

Corey Ham: 33:17

But Yeah. I think the most popular one that I've seen is that skills.sh. Does does anyone else have any other skills marketplaces? That's the

Ched "Cheddar" Wiggins: 33:26

one that I know about.

Ralph May: 33:27

Yeah. So skills.sh is run by Purcell, which does the the kind of the the front end development framework. It it's a bit more than that. And actually, they're they're pivoting to AI just like everyone else. Anyhoo, they maintain that.

Ralph May: 33:40

And it is an open source repository. Right? So it's not just a a closed thing. So anyone can contribute to that. Additionally, everyone can audit it if you want to do that.

Wade Wells: 33:50

Corey Ham: 33:50

Yeah. So, I mean I

Wade Wells: 33:52

feel I feel like I'm on, like, the cutting edge of AI most of the time and, like, then stuff like this happens. And I'm, like, how I thought I knew stuff. Right? Like, with the agents and just like It's too fast.

Ralph May: 34:06

So I the other thing too, and this goes back to what you were bringing up, Corey, specifically about like prompt injection attacks in general. Right? Can't we just really delve this right back into a concept I think we all hopefully know, which is input sanitization. Right? And just not trusting the the input from a user and how we use that.

Ralph May: 34:23

Right? Especially from the web app world. I mean, everything that the user doing could be a bad thing. If you give them any input, right, we need to filter that in some way. And we have techniques to do that, but none of them are perfect.

Ralph May: 34:35

Right? Like, there's still ways to essentially bypass them, which is the next CVE we all haven't discovered. Right?

Corey Ham: 34:41

So The problem is or go ahead. If someone else has a take, you No.

Ched "Cheddar" Wiggins: 34:45

Was just gonna say, you know, in just, you know, basic security, we talk about these layered defenses. And in classical computer science, we talk about heuristics, and keyword search is pretty easy. So you wonder if the solution to this is to put your text to text generative model behind some sort of heuristic that's like and I'm sure someone's probably already working on that.

Ralph May: 35:05

Yeah. I mean, there's there's a couple techniques. And one of them is to do what you kind of described, which is actually to have the summer summarizing. So what you can do is you can have a model summarize it before you actually ingest it. So that and then that summation summarizing phase, you can kinda filter in those things.

Ralph May: 35:21

This is very similar to how you might filter out common, you know, bad characters or something like that in some kind of You

Ched "Cheddar" Wiggins: 35:27

could also have automation to audit because the OpenCL has this, like, sole JSON, which sounds a little dystopian, but it's basically the data structure that's the character of the agent. You could have some kind of automation to go in there and see, like, is it a malicious bot? Like, what does it think its role is? And if it's some kind, you know, some kind of you'd have like a a Open Claw sole white list, essentially. So

Wade Wells: 35:50

Yeah. I Do not summarize my prompt. Boom. It don't work.

Corey Ham: 35:53

Yeah. Yeah. Exactly. Yeah. That's right.

Corey Ham: 35:55

That's the thing. In web apps, you know, like, okay, I'm expecting a number and if they give me a SQL injection payload, I'm gonna give that away. But in AI, the more you restrict the prompt or guardrail it, the less features you get. And the whole thing that people are obsessed with in AI is, no no no. This agent has to be able to do everything.

Corey Ham: 36:12

Everything. Yeah. So if it does ask me something that I'm not expecting or if it does it asks me to do new things that I've never done before, I just have to do them because I'm super helpful. Like, it's Yeah. You're not wrong though.

Corey Ham: 36:23

Like, you're not wrong. You could do things like search for prompt injection vulnerabilities in this prompt and see, you know, give a scale of one to a 100 on how vulnerable you or how malicious you think it is. You could do that. But also, it's not a guarantee. Right?

Corey Ham: 36:36

Like, everything it's AI on AI action. So it's like, is it gonna think it's malicious? I don't know. Maybe.

Wade Wells: 36:43

Could you build the e I know there there is people building this, but I'm more thinking like EDR for ADI, where you monitor prompts and then monitor what the chat what the bot does after the prompt. Sure. And I'm pretty sure majority of what it's doing is probably not anomalous doing the same things over and over again. People ask

Ched "Cheddar" Wiggins: 37:01

Yep.

Wade Wells: 37:02

So the moment it goes to that website that has

Corey Ham: 37:06

Yeah. A new website Yeah.

Wade Wells: 37:07

That has weird

Corey Ham: 37:10

You can also set

Ralph May: 37:10

up gates. Right? That's another technique. Yeah. A gate is essentially just a question.

Ralph May: 37:14

Like, at a at a certain point, you essentially stop the AI to prompt a human interaction. Right? And you can use different kinds of rules to create those gates. So those gates only really happen when there's, you know, a certain kind of malicious activity or some other kind of more

Corey Ham: 37:29

risky activity. Going to a website you've never been Yeah. Good place for a gate.

Wade Wells: 37:33

Yeah. Have you guys seen a lot of, like, practitioners at least hardening or building detections around this AI prompt stuff? Like, I'm thinking, like, the cyber defense side. Right?

Corey Ham: 37:42

Like Yes.

Wade Wells: 37:42

Should I Yes. Get all of our chat GBT logs. Right?

Corey Ham: 37:46

Building detections for things like agent supply chain attacks or, you know, like, the yes. And like, when when these new vulnerabilities are coming out, we're trying to build detections around them. But it's like, kind of, you know, you're you're shooting

Wade Wells: 38:00

It's it's shooting on our razors at right too.

Jennifer Shannon: 38:03

And wasting each other's time. It's, you know, the attackers find new ways around it. So you make new controls for those new ways around it, and then they find new ways around those controls. And it's back and forth until the end of time, basically.

Wade Wells: 38:17

Yeah. But that's been my last ten years. Right?

Bronwen Aker: 38:19

It's the same as it's always been?

Ralph May: 38:22

No. No. It's totally different to AI now.

Jennifer Shannon: 38:23

It's faster now. It's not

Wade Wells: 38:25

a plant's grave.

Corey Ham: 38:27

No. No. It's I I will say that okay. Yes. All these jokes are all these jokes are

Bronwen Aker: 38:32

a 100% that one.

Corey Ham: 38:34

All all these jokes are on the on the money, but I will say, the the biggest thing that's making it challenging is there's a huge top down executive push for this, and that hasn't been the case for a lot of things. Yeah. There It's been it's been a minute. I mean, okay. We still know that we have bad conditional access policies because our executives demand it.

Corey Ham: 38:51

Like that, let's just put that aside. The the This is the next thing that executives are demanding. Oh, I wanna connect I wanna have my personal assistant be using AI heavily, and that means you have to provision API keys for all of our tools into this tool that our my executive assistant is gonna use. There's a lot of top down push for this because rightfully so, like, I'm not saying executives are off base, but they're basically saying, you guys have to do AI stuff or else we're gonna lose as a company. And so, that is Basically, have carte blanche to say, security, you guys get overridden, we're gonna put the API keys in the agent with full permissions and just hope for the best and that's the risk we're gonna take.

Wade Wells: 39:30

Or you just provision them with a password manager and

Jennifer Shannon: 39:33

it You get an API key. Everybody gets an API key.

Wade Wells: 39:37

There's for that. They that that'll it'll work.

Jennifer Shannon: 39:41

Bonus points if they hard coded the keys.

Corey Ham: 39:43

Alright. That's enough AI. Let's move out of AI. If you hate AI, you can start listening to the podcast now.

Wade Wells: 39:49

We'll skip

Bronwen Aker: 39:51

do you wanna jump to the wonderful topic of age verification?

Corey Ham: 39:56

Yeah. We covered this in the live show. I don't know. Has there been any updates? I mean, basically, this is still a thing.

Corey Ham: 40:02

Like, is is anything new?

Wade Wells: 40:04

I don't

Jennifer Shannon: 40:04

think so.

Wade Wells: 40:05

Has anyone been prompted for anything? Like, I have not at all. Yeah.

Corey Ham: 40:09

I have not either. I

Jennifer Shannon: 40:10

don't know. I haven't looked. I never look at Discord unless I'm in one of, like, these or something. And so, I don't know. Maybe I got a notification and just didn't see it because I never looked.

Corey Ham: 40:20

You don't So there was

Ched "Cheddar" Wiggins: 40:21

a lot of buzz about they were gonna classify certain servers as 18 plus Right. Or Yeah. So I I don't think we're in that bucket.

Corey Ham: 40:30

I don't know about you, man. I'm in a lot of servers. No.

Wade Wells: 40:33

Just kidding. A lot of servers. Two Yeah. Got folders and folders over here.

Corey Ham: 40:37

Yeah. I mean, I don't know. I I I will say, like, my Discord account is almost to a teenage at this point. Like like, I've had Discord for a long time. Yeah.

Corey Ham: 40:48

Like, I mean, I don't know, like, is does that count?

Wade Wells: 40:50

I Oh, yeah.

Corey Ham: 40:51

If I've had the account, does it tell you when you've had it? I don't know.

Ralph May: 40:55

I think it's kind of interesting because the the whole age verification, I think the the big the bigger problem was, like, who was gonna be doing it and the fact that you guys Oh,

Corey Ham: 41:02

it's Palantir all the way down.

Ralph May: 41:03

Yeah. Don't worry about it. Gotten leaked already before. Like, they've already already had leaks, which is like a really bad double rollout problem. But the other thing is that Discord is just free, that's why it got popular.

Ralph May: 41:16

So if you put too many gates and hurdles in there, people are just gonna find the next thing. Right? Especially for like the illicit activity. They're I mean, they they're just using Discord because you're not stopping them, but as soon as, you know, those move.

Corey Ham: 41:26

Yeah. I mean, it's like Telegram. Why was it used by threat actors? Because it was they had no takedowns, they had no filters, they had, like, you know, the Yeah.

Ched "Cheddar" Wiggins: 41:34

You know, I've not read Steven Levy's Crypto yet, but it's high up on my reading list because I was kinda, like, away from this domain when that battle over, like, well, who who gets like, can we even do PKI? Because someone needs to be able to decrypt to to read what that is. And, actually, no, you don't. I feel like this is almost gonna be, like, a generational battle of, like, each generation is gonna have to decide, like, can Bob just go get like a key pair and sending like strongly encrypted traffic across the Internet. So I I just feel like we're really like lit litigating that battle in real time with all of this.

Corey Ham: 42:09

So what's your prediction then? Do you think

Ched "Cheddar" Wiggins: 42:11

Corey Ham: 42:11

hope every we site's gonna require

Jennifer Shannon: 42:14

think we're gonna Do

Corey Ham: 42:14

you think every site's gonna require age verification? Mean, is this gonna be a thing? Or is this gonna get pushed back? Yeah. Because I mean, it's it's been years.

Corey Ham: 42:22

Like, think What was it? All the porn sites, like, when Florida and Utah passed their laws about age verification, they just turned off in those states. Right? Yeah. Is this gonna, like Is this the Is this what makes it happen?

Corey Ham: 42:35

Or are states Are people just gonna leave Discord and go to back to IRC

Wade Wells: 42:39

or whatever? It's wild too.

Ralph May: 42:40

There's no porn in these states

Wade Wells: 42:41

at all. They just old. Yeah. Just VPNs. Wild VPNs as far as on it.

Ralph May: 42:47

Are wildly effective. This was this was the end. This was

Corey Ham: 42:50

the This end.

Ched "Cheddar" Wiggins: 42:53

Yeah. If you watch all these rollouts going overseas, like, that you predicted that flow path where it's like, okay. I turn on my personal VPN. Now I'm in Canada. So maybe your home country's like, oh, I guess we'll ban personal VPN services So where this is gonna go in The States, I have no idea.

Jennifer Shannon: 43:08

I don't remember. When I saw something, it was like the government says don't use VPNs to get around this. And I'm like,

Ralph May: 43:14

they're like,

Jennifer Shannon: 43:15

it's not secure. And I'm like

Ralph May: 43:18

Hold on. Let me call China and ask them how they're stopping all those VPN traffic. Okay?

Corey Ham: 43:22

Yeah. A great firewall is

Wade Wells: 43:26

Yeah. Astral.

Corey Ham: 43:28

All the

Wade Wells: 43:28

way down.

Corey Ham: 43:29

I don't know. I I I I mean, who knows how this will go? This is definitely a trend. I will say, I would be more receptive to it if there was a broker that I actually trusted to do So

Wade Wells: 43:39

that that's what I'm on. Like, what Like, know this is like ID oh, fuck you. Don't say that. God damn. Put it in Sierra, Derek.

Wade Wells: 43:44

Don't put that on me, Ricky Bobby. Do

Jennifer Shannon: 43:47

you we

Ralph May: 43:48

have to

Jennifer Shannon: 43:48

do that for, like, credit checks? So Do

Corey Ham: 43:52

you want Brokers that

Ralph May: 43:53

have been, like, revved so many times?

Corey Ham: 43:56

Yeah. Okay. That's that's fair. I want Okay. Okay.

Corey Ham: 44:00

Palantir, maybe that's it. Really would prefer if it wasn't that. But okay. So okay. Here, for those that aren't familiar, the problem with this is a lot of sites or places require age verification, which means giving government issued IDs to those people.

Corey Ham: 44:14

That's the part I don't like. Can prove that I'm 18 or older, I just don't wanna give everyone my driver's license. If there was one company that I trusted that doesn't exist, because of course it doesn't, that like, could prove to other companies that I'm over the age of 18 or whatever, then I only have to provide my ID to one person, and then that gets securely handed out like as a yes no answer.

Ralph May: 44:35

The government have a digital ID because that's the one person that you're in charge entrusting with your But

Corey Ham: 44:41

are you telling me you would freaking use your digital ID when you're on, you know, butts.com or whatever? Like, no. No one's gonna Butts You have to use it everywhere, like, you you have to globally.com.

Ralph May: 44:53

I mean, I gotta do what I gotta do, you know.

Corey Ham: 44:54

Dude, I I guess

Jennifer Shannon: 44:56

I don't know. Verify that you do match

Ralph May: 44:58

I hear you.

Jennifer Shannon: 44:59

ID. I

Corey Ham: 45:01

just I feel feel like like this this breaks the Internet. Right? Like, there's so many sites that if you had to prove that you actually were a human and you were 18, people would just never go there anymore.

Wade Wells: 45:11

Majority of the websites I go to, I would not.

Corey Ham: 45:14

But hold on. Hold on. Hold on.

Ralph May: 45:15

But you don't need to they don't need to know who you are, they seem to know how old you are, so that you could set up a token system that just says, are they old enough? Yes or no? Not who they are as a person.

Bronwen Aker: 45:25

Yeah. But how can that be monetized by Big Tech?

Wade Wells: 45:29

Yeah. It's gonna be. We're gonna lose the enmity of the Internet pretty soon.

Corey Ham: 45:33

Yeah. Yeah.

Wade Wells: 45:33

Right? It's no longer the wild West. It's no more albino black sheep. No more new grounds. Now, we got is, like, new fast players that don't work and Reddit and

Ched "Cheddar" Wiggins: 45:43

Might be the year of a private mesh network.

Wade Wells: 45:45

Private mesh. Oh, yeah. Alright.

Ralph May: 45:47

We got a new internet that they can't turn off?

Corey Ham: 45:50

The new internet. Oh, my goodness.

Wade Wells: 45:52

Piedpipernet.

Corey Ham: 45:54

Piedpipernet. Honestly honestly, I do think if it gets bad enough, that is what'll happen is everyone's

Ralph May: 45:59

gonna Everyone's gonna be mesh tacked. We're gonna really slow our internet though.

Wade Wells: 46:03

Isn't this like thing in Ender's Game? Right? Like, there's two networks. There's the government issued internet where, like, everyone's doing stuff and then there's, like, the other internet that people actually go and talk on The

Bronwen Aker: 46:14

other internet.

Corey Ham: 46:15

So that other

Ched "Cheddar" Wiggins: 46:16

white Internet because the characters used it to, like, manipulate events. And that was all before viral videos, viral posts. So that was an interesting call out right there.

Bronwen Aker: 46:27

Well, social engineering is nothing new. Social engineering is as old as humans.

Corey Ham: 46:33

While we're in this corner, let's talk about, apparently, Vietnam. I don't know if we have that many listeners from Vietnam, but this is a fun article. Apparently Switch and man. Yeah. So apparently, Vietnam They banned they banned unskippable ads longer than five seconds, like, as a country?

Wade Wells: 46:51

Bro.

Ryan Poirier: 46:52

Bro. Goddamn. We're gonna

Corey Ham: 46:54

So okay. Switch your Switch Everyone, switch your VPN location to Vietnam right now. VPN servers in Vietnam are about to pop off, like, is gonna be amazing. I mean, I will say, like, my take is, does this just this is just gonna get ignored. There's no way YouTube is gonna implement a Vietnam specific policy for this.

Corey Ham: 47:13

Right? Or maybe they will.

Wade Wells: 47:14

How do we get California on this?

Jennifer Shannon: 47:16

Because as somebody who has YouTube premium, I got

Bronwen Aker: 47:21

it once in a

Jennifer Shannon: 47:22

trial and I couldn't go back. I can't live like the peasant.

Corey Ham: 47:25

Yes. Yeah.

Wade Wells: 47:26

Yeah. That's okay. It's okay. I'm there.

Jennifer Shannon: 47:28

I think that because like the ads tend to be kind of like, they can kind of pick and choose what kind of ads go on it on videos. And then like, oh, I think also the creators can like decide like how many times the ads run. So I think YouTube can decide like, oh, in this country or if this is where it's coming from, these are the ads that are approved to run there.

Bronwen Aker: 47:48

Because it it wouldn't make a

Jennifer Shannon: 47:49

lot of sense for them to play like a Buc ee's ad in Vietnam. Wait. Is there a Buc ee's in Vietnam now? I don't know.

Wade Wells: 47:58

There's gonna be.

Corey Ham: 47:59

There probably is. Yeah.

Jennifer Shannon: 48:01

I don't know if anybody knows what daylight donuts was, but I was mind blown a few years ago to find out that there's daylight donuts in China. So.

Corey Ham: 48:08

Yeah. I mean, I don't know. I I I love a country just being, like, somehow this is our stand that we're gonna take. She's unskippable. I don't know anything about the laws of Vietnam.

Corey Ham: 48:19

I've I don't know anything about the politics in Vietnam. I just now know that they have one good law.

Ralph May: 48:27

Yeah. Thought about building, like, an AI that would just pull out the ads of the stuff, and then give you back the resulting piece.

Corey Ham: 48:36

Yeah. What do you mean? I'm confused. You would have AI look at the ads for you? Don't do that.

Ched "Cheddar" Wiggins: 48:44

That's like what Ad Ad Nauseam would detonate every URL. So it was, like, charging. So that gets into, like, ethical, like, not allowed, but then, of course, it got yanked right out of the extension store. No.

Jennifer Shannon: 48:58

No. Treat it like a child because, you know, like, there's rule there's laws about, like, advertising children because their brains can't tell, like, conceptually, like, this is real, this isn't. I think AI is still there in that stage. Like, they wouldn't be able able to

Ralph May: 49:13

So the the my thought Yeah. Was this. You take you you take a you take audio. Right? And you can use Whisper or one of the there's couple other models.

Ralph May: 49:22

Right? And you transcribe that audio to text, and then you have the AI read all of that text and then go find the ads. But that text includes markers.

Corey Ham: 49:32

Oh. So I see. You're saying for ad detection.

Ralph May: 49:34

Yeah. Yeah. Yeah. Yeah. So then it would put markers across all of the text.

Ralph May: 49:39

The markers would be where it where the ad was in the audio or video. And then, all once you have the markers, all you do is just go in, you can rip them all out. So

Corey Ham: 49:48

I mean, I love this idea. I know Plex, like, not to get too deep into Home Lab, but I know Plex can detect and remove ads. I don't know how it does it, but I know

Wade Wells: 49:56

it Dude, dude, I can't have a Plex server. After that one breach, like,

Corey Ham: 50:00

I Dude, have you never heard of a DMZ? What are doing?

Wade Wells: 50:02

No. Too I'm too scared Especially now that I

Corey Ham: 50:05

work for

Wade Wells: 50:05

a management. Okay.

Corey Ham: 50:07

Oh, yeah. Okay. That's fair. Yeah. That's fair.

Ralph May: 50:11

You were the guy.

Corey Ham: 50:12

Yeah. Yeah. You know the you know you know the guy

Ralph May: 50:14

who knew the guy who worked at

Jennifer Shannon: 50:16

that time.

Corey Ham: 50:16

You know the guy.

Wade Wells: 50:17

We're not gonna talk about it. Let's go I

Jennifer Shannon: 50:19

know some people.

Ralph May: 50:20

I know people. Yeah. Alright.

Corey Ham: 50:22

What else we got? What what other articles? Does anyone have any SolarWinds article. Oh. Hit me with the SolarWinds article.

Corey Ham: 50:32

I I don't even know this exists.

Jennifer Shannon: 50:33

This is gonna be great. I don't know what it is, but I have an idea.

Corey Ham: 50:37

It's not in the Notion, Ralph. So hit us with it.

Ralph May: 50:40

It is in it is in the Notion. I think that's

Corey Ham: 50:41

What? I can't believe

Bronwen Aker: 50:42

is in Notion.

Ralph May: 50:43

Yeah. Okay. Yes.

Wade Wells: 50:46

I see it. Okay. Now, honestly, before I didn't I didn't even know SolarWinds

Corey Ham: 50:51

SolarWinds exists. Okay. The yes. I was gonna say, the the biggest part about this article is that SolarWinds somehow still exists. Yeah.

Corey Ham: 50:58

Keep going.

Ralph May: 50:59

Yeah. So I guess there's three different CVEs in SolarWinds help desk. It it's a Java app. It's horrible. It there's deserialization.

Ralph May: 51:08

As soon as you hear Java, you can might as well just say deserialization is definitely that vulnerability. But there's a couple there's a bypass vulnerability as well, unauthenticated deserialization, remote code execution, you know, only the good stuff, man.

Corey Ham: 51:21

These these tools, like, we talked about the BombGuard one or BeyondTrust or whatever it was from last week, Those are, like, these types of tools, like, remote remote help software and, like, RMM tool software is, like, the highest priority for attackers right now. Yeah. Access is getting harder. Initial access is getting harder and this is a really good way to get initial access. Right?

Jennifer Shannon: 51:45

You. Wow.

Corey Ham: 51:46

Oh, is that what it was?

Jennifer Shannon: 51:48

They were they were talking about starting a KMU

Corey Ham: 51:50

Oh. In there. Yeah. That's what you that's what you do. That's how you bypass EDR.

Corey Ham: 51:54

You just have your own computer. It's the same concept it's the same concept as, like, oh, you're it doesn't build on your machine? Well, just send me your machine. That's One

Wade Wells: 52:01

of the

Jennifer Shannon: 52:03

things

Ralph May: 52:03

that I I like I think the the takeaway here, obviously, Corey brought it up, that any RMM that you have is gonna be like the kings of the castle, right, for all this access. And then the second thing is a lot of these products are kind of like old products. Like, the I mean, writing this whole Java code base is probably like twenty plus years here. Right? Like, you know, it's probably a a ways a ways back.

Ralph May: 52:27

So, you know, being cognizant of the of the tools that you are using. Right?

Corey Ham: 52:32

Yeah. Jennifer, what were you saying? Sorry. I think Ralph's audio cut out for a second.

Jennifer Shannon: 52:38

Well, okay. So I had two thoughts, so they bounced off each other and now I can find neither of them. I hate when that happens. Yeah.

Corey Ham: 52:47

You were talking about QEMU? Something about QEMU.

Jennifer Shannon: 52:50

One of the things that I like about QEMU is that on like, you know, like, VMware VirtualBox is whenever I did malware research, they were really easy to change a lot of the settings to make them look like they weren't necessarily a VM.

Corey Ham: 53:06

Oh. Yeah.

Jennifer Shannon: 53:07

But then malware stopped caring if it was in a VM because a lot of companies use virtualized servers. But QEMU was still pretty cool because then I could copy paste QPOs.

Corey Ham: 53:17

Yeah. We are fans. We are fans of QEMU.

Ralph May: 53:20

I think the other interesting thing about this was they installed Cloudflared, right, which is the Cloudflared tunnel, which is built in they use that as their essentially VPN or, you know, their exit. And the reason they did it is super simple, because no one's gonna block it. Right? Like, even if they're not using it, it's just trusted enough to create it. And what it does is essentially creates, you know, kind of a tunnel between two spots.

Ralph May: 53:44

It's like a I wouldn't say poor man's VPN. It's a little bit more elegant than that, but it is in essence like a VPN establishing that connection.

Corey Ham: 53:54

Yeah. Yeah. I mean, this is I'm sure Wade is like right now writing D text based on this report, because there's a lot of fun little tidbits in here and interesting techniques techniques and things. So definitely, if you're a threat hunter, dig into it. What else we got?

Corey Ham: 54:09

Anyone else have any fun articles? We don't have chicken this week, unfortunately.

Bronwen Aker: 54:13

No chicken. No

Wade Wells: 54:15

chicken.

Corey Ham: 54:16

There's a there there is a I think, like, a general theme I've heard of that I, you know, was talking to people in Denver about this but Uh-huh. It's basically the article is a security researcher found 287 Chrome extensions that leak data. But I think this is a broader theme of like, supply chain attacks via malicious browser extensions, especially with like, AI clones. Because everyone right now is Basically, long story short, if you're the manager of a browser at your company, you should disable on, like, extension installs that don't match an allow list that you set. Because everyone right now is going in the Chrome store and typing GPT or or typing Airflow, AI anything

Jennifer Shannon: 55:01

fun.

Corey Ham: 55:01

Yes. Yes. Exactly. And basically, they're leaking data. So this is an article by in the register that basically is covering 287 Chrome extensions that a researcher found.

Corey Ham: 55:14

There's 30 This is across 37,000,000 installations. And here's what it reveals, and if you're not comfortable with this, and neither is anyone else, browsing history data, that's the biggest one. It says it's quote unquote anonymized. Good luck. I I'm the one who goes to these very specific websites that no one else goes to.

Corey Ham: 55:34

Oh, they anonymize for you? Yeah. They're anonymized for sure. But, yeah, it's like my personal website. Like, how many people have gone to that one.

Corey Ham: 55:42

Right? Yeah. Like like, that's a crazy thing to leak. Or like internal sites, not to mention that. Right?

Corey Ham: 55:48

Like, you're leaking your internal

Wade Wells: 55:50

So just tell a politician. That's all we need to do. They'll they'll make sure this is all cleaned up.

Jennifer Shannon: 55:54

I wouldn't want my internal, like, company's internal sites to get out. But if somebody just wants to deal with the weird things that I Google on a daily basis, they you are more than welcome to look through it. You will probably leave a worse person.

Corey Ham: 56:11

Are you saying you're gonna get a targeted ad for a Nick Cage body pillow or something? Is that where this is going?

Bronwen Aker: 56:18

Listen. Okay? I have put one

Jennifer Shannon: 56:19

of those on my Christmas list for the past three years in a row and it still hasn't happened.

Corey Ham: 56:24

What if

Ched "Cheddar" Wiggins: 56:25

we go to rentahuman.ai and hire someone to write us a chicken news article?

Corey Ham: 56:29

No. Well, we'd have to have AI do that.

Ralph May: 56:33

Yeah. Why could I just have AI do that? Couldn't Yeah. I I think I'm

Corey Ham: 56:37

Yeah. Let's have AI do it. I think it would be really funny if we like They like You know, the whole rent to human.a a thing, they're like, we're releasing a new feature where humans can rent humans. It's like, no. No.

Corey Ham: 56:49

Don't do that. We've already done that. It doesn't But

Ralph May: 56:53

they make the money though. They gotta be the market. They take a cut.

Corey Ham: 56:55

That's a little percentage. Oh, that's so silly. So, yeah. Basically, don't install sketchy Chrome in browser extensions.

Ralph May: 57:03

I just think besides the password manager, in my opinion, you probably shouldn't be installing anything.

Corey Ham: 57:07

I agree. Yeah. It should be like maybe maybe three things.

Ralph May: 57:12

If you're lucky.

Bronwen Aker: 57:13

EFS, Privacy Badger.

Wade Wells: 57:15

Nah. There's a really good MITRE ATT CK Chrome extension that I suggest.

Corey Ham: 57:22

Three. Privacy Badger, Password Manager, and apparently, whatever Wade recommends.

Wade Wells: 57:27

It's called the Attack Power Suite.

Corey Ham: 57:29

So Why does this need to be a browser? Why could this just be a website?

Wade Wells: 57:33

So so the funny thing is the browser works faster than their website. The brow and I I don't know why. Like, the search on the website used to be really bad. You can do keyword search. You can, like, filter down specific techniques and groups.

Wade Wells: 57:45

It's just really good. Alright? And sometimes you just can't remember that one t code and you're like It

Bronwen Aker: 57:50

used the web servers are underpowered and the API servers have less demand.

Ralph May: 57:56

The only other plugin I have is KaraKeep, which is a bookmark manager So

Corey Ham: 58:01

I have one called Worm GPT 9,000 free AI credits human rental service. Is that should I keep that?

Bronwen Aker: 58:10

I just want Zotero for

Jennifer Shannon: 58:12

the win. Management. Wanna collect

Bronwen Aker: 58:15

references, Zotero is the way

Ched "Cheddar" Wiggins: 58:17

to go.

Corey Ham: 58:18

No. I have a Rolodex. I just print stuff off and

Wade Wells: 58:21

put it

Corey Ham: 58:21

in that.

Wade Wells: 58:22

It's great.

Jennifer Shannon: 58:22

I don't have my planner near me, but I keep a paper planner.

Corey Ham: 58:28

A lot of people still do.

Wade Wells: 58:29

Yeah. Not well,

Jennifer Shannon: 58:31

because I have ADHD. But it does exist in my general region most times.

Corey Ham: 58:37

Alright. One last interesting article is that apparently, threat actors I'm I'm saying that we started this because we did the QR code phishing that we did, like, for Black Hills years ago. But we have seen threat actors sending snail mail letters to people that own Treasors and Ledgers, are cryptocurrency wallets. They're sending physical letters and they're including a mandatory authentication check to avoid losing access to wallet functionality. Of course, it's a QR code.

Corey Ham: 59:07

So, yeah, like, we we we talked about this and blogged about this years ago, and now I guess, threat actors are picking it up and doing it. But, basically, if you have one of these crypto wallets honestly, if you have any crypto wallet, just ignore all communications related to your crypto wallet. But if you have a crypto wallet and you get a fake letter from some random person on a side note, if you're on Hire Human and you get hired to send people snail mail with QR codes in it, don't send that snail mail. Yes. So I'm The FBI will be visiting you shortly.

Ralph May: 59:41

I guess, shocker, and this is related to what you just said, Corey, but money laundering with crypto is up a ton. Right? Yes. And the reason why is really simple. People take these jobs.

Ralph May: 59:54

They're like, hey, I'll get you mon Monroe or whatever Monero, excuse me. You know? And I'll take a little pee. And they're, like, not actually doing anything wrong, but they're not asking any questions either, and they're essentially laundering. The drug cartels are using the hell out of this, and law enforcement is having a hard time stopping it.

Ralph May: 01:00:14

Because it's just some guy who goes and picks up cash or exchanges it and, you know, does it on the side. And it's like a gig work for them, and they don't really think about it. They don't ask questions. And there's tons of them. It's so easy to start this thing and Wait.

Ralph May: 01:00:28

You

Jennifer Shannon: 01:00:28

mean we can't

Bronwen Aker: 01:00:29

go to

Jennifer Shannon: 01:00:30

jail for the Yankee economy?

Corey Ham: 01:00:32

Go to jail for this.

Ralph May: 01:00:33

You can. I I absolutely can.

Jennifer Shannon: 01:00:36

About this guy who did something like that, and now, they got him for Rico charges.

Wade Wells: 01:00:41

Yeah. I saw this article.

Corey Ham: 01:00:43

I know exactly who you're talking about. I

Wade Wells: 01:00:45

saw this.

Jennifer Shannon: 01:00:45

Just so everybody knows, the USPS investigators have nothing to do but get an airtight case. They are the most effective branch. They have like a ninety eight percent conviction rate. If USPS investigators are showing up at your doorstep, you're done.

Corey Ham: 01:01:02

Oh, I've seen the Brooklyn Nine Nine episode with the USPS investigation guy.

Ralph May: 01:01:08

But it has not slowed down the trade in one single bit. In fact, it's getting bigger.

Corey Ham: 01:01:14

Are you telling me crime doesn't pay? I don't believe you. Yes, it does. Yes, it does. We know it does.

Corey Ham: 01:01:20

Alright. We have five minutes left. Let's do some plugging. So Eric, do you wanna plug your you wanna plug your course? Or your Sure.

Ralph May: 01:01:28

Yeah. Go for it.

Ryan Poirier: 01:01:29

Thank you. Yeah. So in a couple weeks, March, be teaching the new two day version of the Red Team Fundamentals for Active Directory. It's a a mix of both how to attack and how to defend common Active Directory attacks. So

Corey Ham: 01:01:45

Nice. That's awesome. Active Directory is like the best thing to attack ever. So that's a really good one. It

Ralph May: 01:01:51

built for attacking.

Corey Ham: 01:01:52

Yeah.

Jennifer Shannon: 01:01:52

Yeah. It really was.

Corey Ham: 01:01:54

Alright. And Jennifer, you wanna plug your Nick Cage webcast? Or I'm sorry. I misspoke. Your regular, totally normal webcast.

Corey Ham: 01:02:01

I I will say I I hope that your webcast does incorporate some features of Nicholas Cage.

Jennifer Shannon: 01:02:07

I will actually I have already made a note to decide to go add some Nick Cage into Oh, yeah. Good. I will when anybody if anybody complains about it afterwards, I'm pointing them to you. But

Corey Ham: 01:02:23

No. No. You do know

Wade Wells: 01:02:24

about the Encage Chrome extension. Right? Have you ever

Ryan Poirier: 01:02:27

heard of It's perfectly safe.

Corey Ham: 01:02:28

Dude, that's blocked. That's blocked.

Jennifer Shannon: 01:02:30

No. Won't let me install the fun Chrome extensions. I already said.

Wade Wells: 01:02:34

Turns all the images on any desk on any browser to Nicholas Cage. That's just honestly.

Corey Ham: 01:02:40

There's no way that still works and is updated to the latest version of Chrome Somebody install

Wade Wells: 01:02:45

and let me know. It only

Ralph May: 01:02:46

works on active directory.

Corey Ham: 01:02:48

Yeah. But your your your your webcast is actually about web app stuff, not Nick Cave's.

Jennifer Shannon: 01:02:54

Yeah. Mostly most APIs, there is web app. I mean, like, 80 to 90% of the Internet traffic is API related. Yeah. And APIs very frequently are like the thing that's behind the website that makes the web application work.

Corey Ham: 01:03:10

Yes.

Jennifer Shannon: 01:03:11

And because that's the part that we don't normally see, a lot of people forget to kind of protect those parts as well. So we'll be learning how to find those issues behind a website.

Corey Ham: 01:03:24

No customers there's no customers we have that would totally just put a Swagger docs on the open Internet and let people attack their APIs. Oh, wait. That's all of our customers. Yeah.

Ralph May: 01:03:34

Well, that's so that you can use the API, Corey. Okay?

Corey Ham: 01:03:38

Ryan, I'm behind on these plugs. I I I I you're you're you're going faster than me, man. Okay. So a bunch of stuff flew by. I think there was an ad for a Trezor wallet, which is totally legit.

Corey Ham: 01:03:47

It ships from China. Okay. What else was there? There was something about a stadium. Tell me about the stadium.

Corey Ham: 01:03:53

Does anyone know about this? Cheddar, do you know about this?

Jennifer Shannon: 01:03:58

No. Don't understand that QR code. I'll let everybody know.

Corey Ham: 01:04:03

I don't know what it

Bronwen Aker: 01:04:03

is. They're a stadium.

Corey Ham: 01:04:06

I don't know what it is, but it sounds like I'm thinking Pokemon Stadium. That's what I'm imagining. That's where I'm going

Ryan Poirier: 01:04:11

with this.

Bronwen Aker: 01:04:12

Ryan, you you're probably the best qualified to explain the stadium.

Corey Ham: 01:04:17

You're too quiet. Can't hear you. Turn yourself up. Uh-oh. Or just yell.

Corey Ham: 01:04:22

We're gonna need you to

Bronwen Aker: 01:04:23

an AV person can't be heard.

Corey Ham: 01:04:25

We don't know what the security stadium is, but if you've played Pokemon Stadium and you like that, it's just like that but with BHIS stuff.

Bronwen Aker: 01:04:31

The security stadium is a landing zone for all things Zoom broadcast coming from BHIS. So it's instead of having to hunt around all of the Zoom recordings, if you've ever attended a a previous event or you want to know about where to find new webcasts and whatnot, the BHIS Stadium is where you should go.

Corey Ham: 01:04:59

Gotcha. Okay. And then lastly, we have our Socks Summit coming up. Pairs of socks will be distributed to all attendees Goodbye pairs of socks. Goodbye pairs of socks.

Corey Ham: 01:05:10

Mean, that that's a lie. I'm sorry. I just fished everyone here. Our socks I mean, have this socks

Jennifer Shannon: 01:05:17

on, man.

Corey Ham: 01:05:17

I missed red. It's just a regular secure operation center summit, not a sock. This is not related. I will say, I do have hot takes on socks, if anyone's interested.

Wade Wells: 01:05:27

That's okay.

Corey Ham: 01:05:30

Here's the hot takes on socks. So, okay. Years ago, I converted my entire sock inventory to Darn Tough, which is a company that has no questions asked lifetime warranty on

Wade Wells: 01:05:39

socks. I've

Ralph May: 01:05:40

got them.

Corey Ham: 01:05:40

Okay? I I'm only Darn Tough, and I gotta say, recently, I had I went through all my socks and I found eight pairs of socks that had holes in them, and I shipped them, and they gave me a code to buy eight new pairs of socks for free. Don't think there's

Wade Wells: 01:05:53

I don't think

Corey Ham: 01:05:54

there's any company on the planet that would do a no questions asked lifetime warranty on socks.

Ralph May: 01:05:59

You have to get a bunch, though. Here's the secret. If you just

Corey Ham: 01:06:02

buy one pair Yes. If you get a full send. Yeah. I mean, literally right now

Ralph May: 01:06:06

have to send a bunch back because you gotta pay for shipping, so

Wade Wells: 01:06:09

I don't want fancy things on them though. I just want

Corey Ham: 01:06:13

They're expensive.

Ralph May: 01:06:14

I mean, you're gonna pay for They are expensive. They're paying for the warranty.

Corey Ham: 01:06:17

But Oh, yeah. Alright. That that's the webcast. I'm glad we got to cover some If you if you wanna learn about actual blue teaming stuff instead of socks, attend the Sox Summit.

Wade Wells: 01:06:26

You still need to do I will be speaking at the Sox Summit. I still need to do my slides.

Corey Ham: 01:06:29

I forgot Socks are not required. Summit. To attend. You can be barefoot.

Wade Wells: 01:06:33

It's okay. I don't know. Please wear your socks.

Jennifer Shannon: 01:06:36

It depends on the shoes. Maybe don't wear socks with slides or

Wade Wells: 01:06:39

How about just don't show

Corey Ham: 01:06:40

your feet?

Wade Wells: 01:06:41

We don't wanna see feet. What's that's a whole another part of the Internet.

Jennifer Shannon: 01:06:43

Speak for yourself, Wade.

Ralph May: 01:06:45

Yeah. You don't know her browsing history Wade. That's how I make my living, you No.

Wade Wells: 01:06:50

I you're that's the problem. I do know her browsing history because of the Chrome extension.

Ralph May: 01:06:55

The Chrome extension.

Corey Ham: 01:06:56

Yes. You got you got her with the n cage. Alright. Thank you. Too easy.

Corey Ham: 01:07:03

Thank you everyone for coming. And, yeah, we'll see you all next week. For those that joined us in Denver, was nice seeing all of you. You're all my fans and my friends and I'm your fans and your friends and it's a fun little environment to Laurie

Ralph May: 01:07:16

is our only fan.

Jennifer Shannon: 01:07:17

I think the kids are doing hard work now.

Corey Ham: 01:07:20

Cut that. Right? Cut that. Alright. Kill the fire.

Corey Ham: 01:07:23

Alright. Bye bye. Bye bye.