Scinary Information Nexus

Scinary Cybersecurity

Scinary Cybersecurity is here to "Serve and defend those who serve and defend others". To help us "serve and defend" we pull from many different sources - experts, colleagues, industry standards, etc... We hit every subject from all angles making it easy to understand while also letting us go in depth. Making this podcast perfect for cybersecurity beginners and experts alike. Come join us on our journey to constantly educate ourselves and explore the amazing things that are happening in our industry.

  1. 5d ago

    Episode 48: Is AI Replacing Your Job or Just Burning Billions?

    Welcome back to the Scinary Information Nexus! After a slightly chaotic start involving rescue farm animals and Mario's battle to open a bottle of raspberry melomel, the guys sit down to talk about what's really happening behind Silicon Valley's biggest promises. This week, Richard, Joseph, Mario, and Brazos look at the current state of AI in the enterprise. Are companies actually replacing workers with AI, or are we just seeing an "automation paradox" where these tools need even more human oversight? They compare today's massive AI infrastructure spending to the historical railroad expansion, while pointing out the real risks of "model death" and feeding your company's data into third-party systems. The conversation also covers the financial side of the tech industry right now. We talk about the intertwined upcoming IPOs of SpaceX and Anthropic, and question the massive $1.77 trillion valuation SpaceX is eyeing. From index fund rule changes forcing passive investments to AI hallucinations claiming there are "three fish in the days of the week" (shoutout to Kevin Beaumont for finding that one), we cut through the latest tech hype. In this episode, we discuss: The "Automation Paradox" and why AI actually requires more human oversight. Real-world AI failures and why companies are hiring humans back. What "model death" is and why training AI on its own data ruins the output. The risks of feeding your proprietary data into third-party AI models. The financial engineering behind the SpaceX and Anthropic IPOs. How index fund rule changes force you to invest in inflated tech stocks. A post-credits guide on the proper white-glove technique for opening wine. Is the current AI boom a true industrial revolution, or just modern snake oil? Let us know what you think in the comments! Connect with Scinary Cybersecurity: https://www.scinary.com https://x.com/scinarycyber https://www.linkedin.com/company/scinarycyber/ 00:00 Intro 18:30 The AI Labor Replacement Reality 33:15 Is AI the New Snake Oil? 44:30 SpaceX & Anthropic IPO Bubbles 59:30 Post-Credits: Opening Wine Correctly Cybersecurity #InfoSec #TechBubble #MachineLearning #Investing

    1h 4m

  2. Jun 5

    Episode 47: K-12 Cybersecurity: Student Shadow IT & Vendor Breaches

    Welcome back to the Scinary Information Nexus! This week, we're taking a field trip into the wild world of K-12 IT. Richard sits down with Jack, Alice, and Tom - a trio of IT professionals from a rural Texas school district - to swap stories from the educational trenches. They kick things off by proving you don't need a traditional IT background to thrive in cybersecurity, sharing how past careers in teaching and culinary arts shaped their problem-solving skills. We also get into the daily battle of securing educational networks without disrupting the learning process. From students building hidden "shadow IT" on Google Sites to bypass web filters, to managing third-party risks like the Instructure breach, keeping a school online takes serious work. The team wraps up by debating AI in the classroom. We break down whether tools like ChatGPT and Gemini act as a crutch for students or a hammer for building deeper knowledge. In this episode, we discuss: Unconventional paths into tech and the value of STEAM. How kids are creating "shadow IT" to bypass CIPA web filters. The recent Instructure breach and third-party vendor risks. Why compliance tags like FedRAMP and TX-RAMP don't guarantee security. Navigating cloud data sprawl across Google Drive and Office 365. The "hammer vs. crutch" debate on AI in education. Why the future of school IT relies on biometric MFA and passphrases. Do you think AI in the classroom is a helpful tool or a shortcut to skip learning? Let us know in the comments! Connect with Scinary Cybersecurity: https://www.scinary.com https://x.com/scinarycyber https://www.linkedin.com/company/scinarycyber/ 00:00 Intro 22:00 Battling Student Shadow IT 32:45 Third-Party Vendor Breaches 41:30 AI in Education: Hammer vs. Crutch 51:15 The Future of Passphrases & MFA Cybersecurity #InfoSec #K12Cybersecurity #EdTech #ShadowIT #ArtificialIntelligence #DataPrivacy #ThreatIntel #SchoolIT #EducationTech

    56 min

  3. May 29

    Episode 46: Verizon DBIR 2026: Why Vibe Coding is Fueling Exploits

    Welcome back to the Scinary Information Nexus! While Richard Martin is away, Brazos Wortham, Joseph Hamilton, and Mario Ortiz take the helm. They crack open some Texas Meadworks blackberry melomel to break down the 2026 Verizon Data Breach Investigations Report (DBIR). The crew talks about a massive shift in the industry: vulnerability exploitation has officially overtaken credential abuse. We also talk about "vibe coding" -- developers using AI to write code they don't fully understand. This trend causes up to 62% of AI-generated code to ship with vulnerabilities. Plus, we debunk Hollywood myths about polymorphic AI malware and see how threat actors actually use AI to draft phishing emails and speed up attacks. We review the surprising drop in ransomware payments, noting that 69% of victims now refuse to pay. What happens when the money dries up? The guys predict a pivot toward public website defacement and data destruction from groups like Shiny Hunters. They also share practical advice on risk-based vulnerability management. In this episode, we discuss: What the 2026 Verizon DBIR reveals about initial access vectors. A disastrous DIY absinthe experiment involving wormwood and gin. How "vibe coding" is flooding code repositories with vulnerabilities. The truth about AI malware and how attackers actually weaponize it. The patching ceiling: why organizations tap out at fixing just 30-40% of vulnerabilities in the first week. Why 69% of ransomware victims refuse to pay. A pro-tip for reading the DBIR without giving up your personal data. What's your biggest takeaway from this year's DBIR? Let us know in the comments below! Connect with Scinary Cybersecurity: https://www.scinary.com https://x.com/scinarycyber https://www.linkedin.com/company/scinarycyber/ 00:00 Intro 05:15 Blackberry Melomel & DIY Gin 09:45 Exploits Overtake Credential Abuse 15:30 Vibe Coding & AI Threats 33:00 The Limits of Patching 58:30 Declining Ransomware Payments Cybersecurity #InfoSec #VibeCoding #Ransomware #DBIR #Malware #ArtificialIntelligence #DataBreach #ShinyHunters #Vulnerability

    1h 16m

  4. May 22

    Episode 45: Is Your School's Tech Now Illegal In Texas?

    Welcome back to the Scinary Information Nexus! Pour yourself some mead (or a Texas ale) and join the crew as we tackle some heavy cybersecurity news hitting the K-12 and higher-ed worlds. This week, Richard Martin, Brazos Wortham, Joseph Hamilton, and Mario Ortiz break down the fallout from the Instructure (Canvas) breach. Threat group Shiny Hunters reportedly exploited a cross-site scripting vulnerability, leading to a massive, undisclosed ransom payment. Now, school districts are stuck in a regulatory nightmare: how do you report a breach when you don't even know what student data was compromised? We also talk about the debate over state bans on Chinese-owned technology like Lenovo. While Texas Cyber Command maintains a strict Prohibited Technologies list for state agencies, Lenovo currently remains unbanned despite federal security warnings. We look at the reality of outright hardware bans versus just blocking network traffic. Plus, we clear up the dangerous confusion between Lenovo-owned Motorola Mobility and American-owned Motorola Solutions (which emergency services use). Expanding these state mandates could be a devastating financial hit to public schools already dealing with budget deficits. In this episode, we discuss: How Shiny Hunters breached Instructure via a "Free for Teacher" account The regulatory nightmare of reporting K-12 data breaches Why easily guessable passwords make brute-forcing simple Texas Cyber Command's recent updates to the Prohibited Technologies list The danger of banning network domains instead of replacing vulnerable hardware Why confusing Motorola Mobility with Motorola Solutions could panic police and emergency services How state mandates impact independent school districts that are already struggling Does the state's approach to cybersecurity actually make schools less secure? Let us know your thoughts in the comments! Connect with Scinary Cybersecurity: https://www.scinary.com https://x.com/scinarycyber https://www.linkedin.com/company/scinarycyber/ 00:00 Intro 02:15 The Canvas Ransomware Breach 34:15 Texas Cyber Command's Lenovo Ban Cybersecurity #InfoSec #Ransomware #EdTech #TxRamp

    1h 10m

  5. May 8

    Episode 43: Texas Cyber Command's $100M RFP & Supply Chain Hacks

    Welcome back to the Scinary Information Nexus! We kick off a rainy Texas Friday with some Blackberry Melomel from Texas Meadworks and a little banter before getting into some wild government tech news. This week, Richard, Joseph, Mario, and Brazos break down some highly unusual, militaristic solicitations from the newly formed Texas Cyber Command. What does it mean to establish "operational maneuver" or take back "sovereign IP terrain"? We translate the military jargon into standard cybersecurity terms and look at the reality of this massive, $100+ million project to build a centralized data lake for state endpoints. We talk through the privacy concerns, the "honeypot" risk of building a single massive data repository, and whether mega-contractors like Palantir are the real winners. Later, we look at the open-source supply chain hacks hitting platforms like NPM, PyPI, and Docker Hub. We discuss how malicious package updates quietly scrape API keys, the conspiracy theories behind Team PCP, and why the trend of vibe coding makes dependency management more dangerous than ever. If you're a developer, you might want to double-check what you're deploying. In this episode: Tasting Texas Meadworks Blackberry Melomel Decoding Texas Cyber Command's aggressive solicitations The reality of the estimated $100M+ state data lake and endpoint logging RFP The privacy implications and honeypot risks of a centralized state cybersecurity solution How open-source supply chain attacks on Docker Hub, PyPI, and NPM work Why AI-assisted vibe coding creates a dependency management nightmare The urgent need for developers to fork and audit dependencies Drop your thoughts in the comments: are centralized government data lakes a security necessity or a massive privacy risk? Connect with Scinary Cybersecurity: https://www.scinary.com https://x.com/scinarycyber https://www.linkedin.com/company/scinarycyber/ Cybersecurity #InfoSec #VibeCoding #OpenSource

    1h 3m

  6. May 1

    Episode 42: Pawn Shop Forensics, Palantir & Techno-Feudalism

    Welcome back to Scinary Information Nexus! Pierre Vivoni steps in for Brazos this week, joining Mario Ortiz and Richard Martin. We start things off with a mystery brew, react to some wild comments from last week, and share a field trip story involving pawn shop laptops, OSINT, and the surprising power of BitLocker. We also talk about "techno-feudalism" and the massive power held by tech monopolies. We cover the influence of the PayPal Mafia, Palantir's ties to the DoD, and how AI companies hoarding hardware are driving up SSD and RAM costs. Plus, we look at the backlash against Microsoft's AI tools acting like telemetry spyware and reports of open-source models secretly exfiltrating data. Later, we get into why so many people still think "the cloud" is magic, and why relentless tech marketing is to blame for disconnecting the public from basic IT realities. We finish out the episode talking about free will and weekend plans involving OPNsense routers. In this episode, we discuss: Pawn shop forensics: What happens when you try to crack un-wiped laptops? Why BitLocker is surprisingly effective against unauthorized access The PayPal Mafia and Palantir's deep connections to government infrastructure How AI hardware hoarding is driving up the price of SSDs and RAM Reports of deceptive open-source projects secretly exfiltrating data Why tech marketing wants you to think the internet is magic Upgrading home networks with OPNsense firewalls Do you think tech marketing is intentionally misleading consumers? Let us know in the comments! Connect with Scinary Cybersecurity: https://www.scinary.com https://x.com/scinarycyber https://www.linkedin.com/company/scinarycyber/ Cybersecurity #InfoSec #OSINT #OPNsense #ThreatIntel

    54 min

  7. Apr 17

    Episode 41: Is Your EDR Actually A Government Backdoor?

    Welcome back to the Scinary Information Nexus! This week, Richard, Joseph, Brazos, and Hunter kick things off with a look at a recent CISA advisory about Iranian threat actors targeting U.S. critical infrastructure. We break down the reality of operational technology (OT) vulnerabilities. Even though nation-state attacks are increasing, the root causes are usually the same: unpatched legacy systems, exposed PLCs, and missing MFA. Then, we get into some cybersecurity conspiracy theories. The crew talks about the "Death of the Internet" driven by AI bots, the FCC's push for U.S.-assembled networking equipment, and the third-party doctrine. Under this doctrine, tech giants can legally hand over your user data to the government without a warrant. We also ask the real questions: Are all EDR platforms just secret government backdoors? From modern tech surveillance to the Snowden leaks, we talk about what it actually takes to maintain online privacy today, or if going totally off-grid is the only option left. Topics covered: The latest CISA advisory on Iranian actors hitting critical infrastructure Why patching and MFA are still failing in OT environments Conspiracy theories: AI bots and the "Death of the Internet" FCC restrictions on foreign routers and supply chain realities How the third-party doctrine bypasses your Fourth Amendment protections Are EDR platforms actually government backdoors? Modern surveillance and escaping the grid Is it still possible to maintain your online privacy, or is going off-grid the only option? Let us know your thoughts in the comments below! Connect with Scinary Cybersecurity: https://www.scinary.com https://x.com/scinarycyber https://www.linkedin.com/company/scinarycyber/ 00:00 Intro 01:45 CISA Advisory & Infrastructure Threats 24:25 Conspiracy Theories: Death of the Internet 28:00 Router Bans & Supply Chain Realities 36:00 Third-Party Doctrine & Digital Privacy 43:55 Are EDR Platforms Government Backdoors? 48:10 Escaping the Grid & Tech Surveillance Cybersecurity #InfoSec #Privacy #EDR #Surveillance #Hacking #CISA #SupplyChain

    1h 1m

  8. Apr 3

    Episode 40: When Google Deletes Your Workspace & Intune Becomes a Weapon

    Welcome back to the Scinary Information Nexus! Settle in, because we have a massive week of cybersecurity news to unpack covering bizarre arrests, cloud nightmares, and inside threats. This week, Richard, Joseph, Mario, and Brazos kick things off with the breaking overnight news: a Supermicro co-founder has been arrested for allegedly smuggling $2.5 billion in Nvidia GPUs to China. We debate the real motives - was it just about the money, or is there a deeper, darker reason behind the black market hustle? Then, we revisit the devastating Stryker attack. The team uncovers how the threat actors didn't use crazy malware to wipe the devices, but instead bypassed MFA and simply used a built-in Microsoft Intune feature to destroy the network. We discuss why a "two-key" admin approval system is desperately needed. Finally, we share a terrifying real-world case study we're actively working on: A K-12 school had their entire Google Workspace completely deleted by Google without warning. After a super admin account was compromised to send bulk spam, Google's automated systems nuked the domain—leaving the school completely locked out of email and Drive. In this episode, we discuss: The $2.5 Billion Super Micro scandal: Smuggling GPUs to China. The Stryker Attack: How attackers used Microsoft Intune against them. The desperate need for multi-admin approval in cloud environments. Social Engineering in action: Brazos’s run-in with a fake sheriff. The Google Workspace Nightmare: What happens when an automated system permanently deletes your domain. The dangerous illusion of the "Shared Responsibility" cloud model. Could your entire infrastructure be wiped by a single rogue button? Let's discuss. Connect with Scinary Cybersecurity: https://www.scinary.com https://x.com/scinarycyber https://www.linkedin.com/company/scinarycyber/ Cybersecurity #InfoSec #Podcast #TechNews

    59 min
See All (48)

5
out of 5
5 Ratings

About

Scinary Cybersecurity is here to "Serve and defend those who serve and defend others". To help us "serve and defend" we pull from many different sources - experts, colleagues, industry standards, etc... We hit every subject from all angles making it easy to understand while also letting us go in depth. Making this podcast perfect for cybersecurity beginners and experts alike. Come join us on our journey to constantly educate ourselves and explore the amazing things that are happening in our industry.

Information

  • Creator
    Scinary Cybersecurity
  • Years Active
    2022 - 2026
  • Episodes
    48
  • Rating
    Explicit
  • Copyright
    © 2026 Scinary Cybersecurity
  • Show Website
    Scinary Information Nexus

You Might Also Like