Hacker Valley Studio

What happens when AI refuses to be replaced? This episode kicks off with a chilling real-world example of an AI threatening blackmail—and only gets more intense from there. Host Ron Eddings unpacks the terrifyingly innovative ways AI is altering the cybersecurity threat landscape. From deepfakes convincing enough to fool your own family to auto-summarizing email clients acting as unintentional insiders, the stakes have never been higher. Ron also shares insights from his brand-new book Attack Surface Management, co-authored with MJ Kaufman and published by O'Reilly, and breaks down why the simplest social engineering tactics remain the most dangerous—even in the age of advanced AI. Impactful Moments: 00:00 - Introduction 02:30 - Model Context Protocol explained 05:00 - Google's VEO-3 and fake riot videos 07:00 - Fake Facebook ads pushing malware 09:30 - Social engineering still reigns supreme 13:30 - Using AI to write malicious emails 16:30 - Calendly phishing and credential theft 19:00 - Gemini and the risk of auto-summarization 21:30 - LLM access to your private documents 22:45 - Takeaways and protecting your environment   Links: Connect with Ron on LinkedIn: https://www.linkedin.com/in/ronaldeddings/ [https://www.linkedin.com/in/ronaldeddings/] Grab a copy of Ron’s new book, “Attack Surface Management: Strategies and Techniques for Safeguarding Your Digital Assets”: https://a.co/d/1nmPod2 [https://a.co/d/1nmPod2]   Check out the full article on “The Rise of ‘Vibe Hacking’ Is the Next AI Nightmare” here: https://www.wired.com/story/youre-not-ready-for-ai-hacker-agents/ [https://www.wired.com/story/youre-not-ready-for-ai-hacker-agents/] Check out our upcoming events: https://www.hackervalley.com/livestreams [https://www.hackervalley.com/livestreams] Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio [https://www.patreon.com/hackervalleystudio] Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com [https://store.hackervalley.com] Continue the conversation by joining our Discord: https://hackervalley.com/discord [https://hackervalley.com/discord] Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ [https://hackervalley.com/work-with-us/]

What if Zero Trust isn’t a framework, but the only viable cybersecurity strategy—more about people than products? In this episode, George Finney, CISO at the University of Texas System and author of Project Zero Trust, reveals the human-first truth behind the Zero Trust movement, and why it’s not something you buy but something you build. George shares stories from hacking a college database to launching a deepfake of himself trained on his own books, all while breaking down how AI and creativity are reshaping security leadership.     Impactful Moments: 00:00 - Introduction 01:16 - Cyber Hall of Fame recognition 07:00 - Hacked his college to solve mail 09:00 - Took startup job without paycheck 14:14 - Zero Trust is a strategy, not tool 17:00 - Tailoring security like a custom suit 23:29 - AI strategy through Zero Trust lens 29:30 - Built a Zero Trust voice clone hotline 36:00 - You don’t need to be a CISO 38:30 - Why weirdos make cybersecurity stronger Links: Connect with our guest, George Finney: https://www.linkedin.com/in/georgefinney/ [https://www.linkedin.com/in/georgefinney/] Check out George’s books on Amazon: https://www.amazon.com/stores/author/B01MT0C6X3 [https://www.amazon.com/stores/author/B01MT0C6X3]   Check out our upcoming events: https://www.hackervalley.com/livestreams [https://www.hackervalley.com/livestreams] Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio [https://www.patreon.com/hackervalleystudio] Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com [https://store.hackervalley.com] Continue the conversation by joining our Discord: https://hackervalley.com/discord [https://hackervalley.com/discord] Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ [https://hackervalley.com/work-with-us/]

You won’t be replaced by AI—you’ll be replaced by someone using it better. Returning guest Marco Figueroa is back with a frontline report on the AI agent boom. This isn’t a prediction—it’s a tactical update from someone tracking every release, every benchmark battle, and every edge worth chasing. In this episode, Ron is joined by Marco as he breaks down the rapid evolution of AI agents—from Claude Code to Codex to Google Flow. He explains why general-purpose models are leveling off, how specialized tools are reshaping the landscape, and why creativity is now your most valuable edge. Whether you're in code, ops, or content, your two-year advantage starts right here.   Impactful Moments 00:00 - Introduction 01:08 - AI agents are no longer hype 03:45 - Major LLM releases and what's next 05:32 - The Grok delay and pricing drama 07:30 - Why general models are losing steam 10:50 - Benchmark manipulation and model specialization 14:15 - The future belongs to creatives 22:05 - The next AI drops to watch   Links: Connect with our guest, Marco Figueroa: https://www.linkedin.com/in/marco-figueroa-re/ [https://www.linkedin.com/in/marco-figueroa-re/]   Check out our upcoming events: https://www.hackervalley.com/livestreams [https://www.hackervalley.com/livestreams] Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio [https://www.patreon.com/hackervalleystudio] Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com [https://store.hackervalley.com] Continue the conversation by joining our Discord: https://hackervalley.com/discord [https://hackervalley.com/discord] Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ [https://hackervalley.com/work-with-us/]

Most people think red teaming is digital—until someone bypasses your locks, plants a Raspberry Pi in your server room, and walks out with your data. That’s not sci-fi. That’s White Knight Labs. In this episode, Ron talks with Greg Hatcher and John Stigerwalt, co-founders of White Knight Labs, a boutique offensive security firm built on real-world action. They share high-stakes red team operations—like triggering alarms and dodging police during a break-in—and explain why most companies are wide open to physical and insider threats. This isn’t a theory. It’s what’s happening right now, and it’s being executed with precision and purpose.   Impactful Moments 00:00 - Introduction 02:13 - Origin story of White Knight Labs 08:56 - Why physical red teaming is broken 12:20 - Breaking into a lottery facility 16:00 - Hiding from police mid-engagement 22:30 - Getting hired to breach from inside 25:45 - Hijacking code from offshore devs 33:29 - Real difference: red team vs pen test 35:00 - Get in touch with WKL   Links Connect with our guests! Greg Hatcher: https://www.linkedin.com/in/gregoryhatcher2/ [https://www.linkedin.com/in/gregoryhatcher2/]John Stigerwalt: https://www.linkedin.com/in/john-stigerwalt-90a9b4110/ [https://www.linkedin.com/in/john-stigerwalt-90a9b4110/] Learn more about White Knight Labs: https://www.whiteknightlabs.com [https://www.whiteknightlabs.com]   Check out our upcoming events: https://www.hackervalley.com/livestreams [https://www.hackervalley.com/livestreams] Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio [https://www.patreon.com/hackervalleystudio] Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com [https://store.hackervalley.com] Continue the conversation by joining our Discord: https://hackervalley.com/discord [https://hackervalley.com/discord] Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ [https://hackervalley.com/work-with-us/]

What if fixing cybersecurity wasn’t about more tools, but about unlocking human potential?  In this episode, Ron Eddings welcomes back David Shipley, CEO and Field CSO of Beauceron Security, for a conversation on the real force behind security resilience: people. Together they expose the failure of "reactive" cybersecurity strategies, drawing parallels with preventative healthcare — and explain why culture, psychological safety, and behavior change are the true secret weapons.  Impactful Moments: 00:00 - Introduction 01:36 - The true meaning of "people in cyber" 03:13 - Cybersecurity’s flawed healthcare analogy 07:31 - Nutrition for cyber: proactive strategies 10:00 - MSPs: why selling tools isn’t enough 16:22 - Measuring culture, not just clicks 19:12 - Why people really click phishing emails 23:59 - Building psychological safety in security 30:30 - Celebrating human wins in security 34:00 - The future: empathy, transparency, trust Links: Connect with our guest, David Shipley: https://www.linkedin.com/in/dbshipley/ [https://www.linkedin.com/in/dbshipley/] Learn more about Beauceron Security here: https://www.breachlock.com/https:///www.beauceronsecurity.com/partner [http://www.beauceronsecurity.com/partner] Check out our upcoming events: https://www.hackervalley.com/livestreams [https://www.hackervalley.com/livestreams] Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio [https://www.patreon.com/hackervalleystudio] Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com [https://store.hackervalley.com] Continue the conversation by joining our Discord: https://hackervalley.com/discord [https://hackervalley.com/discord] Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ [https://hackervalley.com/work-with-us/]