Drones are showing up where they shouldn’t — over backyards, pools, windows, driveways, campsites, neighborhoods, and even over insurance customers’ houses to jack up premiums. And here’s the terrifying part: nobody knows who owns them, and the laws protecting you are a mess.In this episode of Legitimate Cybersecurity, Frank, Dustin, and Chris Adkins break down:• The explosion of drone trespassing across the U.S.• Drone “etiquette” (if such a thing exists)• Why shooting down a drone might be illegal… but hijacking its open Wi-Fi might not be• How insurance companies are secretly flying drones to deny coverage• Whether YOU own the air above your home (the answer will piss you off)• The ethics of taking over unencrypted drones• Why the U.S. military once had its Predator drones hacked• The insane world of bathtub drones and balloon monks• And how long until drones accidentally kill someone and trigger a legal revolutionThis episode is chaotic, hilarious, and honestly a little terrifying — one of our most eye-opening discussions yet.Media or interview inquiries: admin@legitimatecybersecurity.comSubscribe to the audio podcast:🔗 https://legitimatecybersecurity.podbean.com/Chapters00:00 – A Drone Could Be Watching You Right Now00:35 – Drone Trespassing is Exploding01:30 – Drone Etiquette: Does It Even Exist?02:45 – The Campsite Drone Freakout03:20 – Drones vs. Guns: Which Is Actually Easier to Stop?04:00 – Anti-Drone Weapons & the FCC Problem05:20 – Building “Ghost Wi-Fi Guns” (Totally Legal?)06:30 – Why Drones Are Outpacing the Law07:15 – Privacy, Backyards & the “Altitude Problem”08:55 – Insurance Companies Are Flying Drones Over Your Home10:45 – Data, Bias & Discrimination From the Sky12:20 – The Future of Drone Regulation (and Why It Will Suck)14:10 – Enforcement, Penalties & the Reality of Privacy16:00 – Drones Getting Better, Cameras Getting Scarier17:20 – Can You Hijack an Unencrypted Drone?19:30 – Military Drone Hacks (Yep… That Happened)20:50 – Ukrainian Fiber-Wire Drones21:30 – Dustin’s Ethics: “If It’s Unsecured… That’s On You.”22:15 – Should Homeowners Be Notified Before Being Filmed?23:00 – Air Rights: Who Actually Owns the Sky Above Your House?26:00 – Maryland Airspace Laws You Didn’t Know27:30 – The Insane Bathtub Drone Guy28:20 – Balloon Monks & BB Guns at 10,000 Feet29:50 – Final Thoughts & Holiday ScheduleHashtags#legitimatecybersecurity #cybersecurity #dronesurveillance #DronePrivacy#technews #Hacking#privacyrights #infosec #cyberethics #InsuranceFraud

SIM swapping has returned — and the attackers have leveled up. In this episode, Frank, Dustin, and returning guest Chris Adkins break down how modern thieves hijack your SIM, clone your phone, intercept your MFA codes, and drain your accounts… all without ever touching your device.We cover:• Why your phone number is the master key to your digital life• How eSIMs changed the threat landscape• Real-world stories of Gmail & crypto takeovers• Why teens AND the elderly are getting hit hard• Why your SIM might be less secure than the Coca-Cola formula• Chinese electronics bans, printer economics, zombie barter value, and exploding Hezbollah pagers (yes, really)This episode is technical, hilarious, terrifying, and extremely relevant — especially if you rely on your phone for anything in your life.📩 Media & Interview Requests: admin@legitimatecybersecurity.com🎧 Audio listeners can subscribe on any platform:https://legitimatecybersecurity.podbean.com/⏱️ CHAPTER BREAKS00:00 — HOOK: “Why is my phone being used at 3AM?”00:35 — Welcome Back + Celebrating 10,000 Subscribers01:25 — What SIM Swapping Looks Like in the Real World02:22 — Why Your Phone Number Is the Master Key to Your Life03:36 — Kids, Phones, and the Multi-Screen Generational Divide04:07 — Why eSIM Makes Attacks Easier to Pull Off05:23 — Dustin’s 40 Old Burner Phones and Spy-Grade Persona Tricks06:25 — The Ancient Sony Xperia Tablet-Phone Monster07:25 — What SIM Cards Actually Are (Clear Explanation)08:10 — SIM Cloning → eSIM Social Engineering Attacks09:20 — MFA Hijacking & Why Your Text Codes Aren’t Safe10:22 — The Missing Industry: “SIM Credit Freezing”12:00 — Carriers as the Weakest Link (And Why They Can’t Stop It)13:10 — Third-Party Risk: Your Data Is Only as Safe as Everyone Else’s Security14:30 — The $90 ‘Most Secure Phone Service on Earth’15:35 — Chris’s Gmail + Coinbase Hack Story From Vacation17:34 — Frank’s 100,000+ Unread Emails & Gmail Identity Crisis19:01 — Credit Report Drama & Who’s Really Most Vulnerable20:11 — Elderly Crypto Retirement Liquidation Scams21:20 — Dustin’s Grandmother Rode a Horse to School (And Why Tech Speed Matters)22:15 — People Don’t Understand How Phones Actually Work24:00 — Teens & AI: The New Scam Generation25:25 — Printer Economics: “Is it Cheaper to Buy a New Printer?”26:34 — Apocalypse Bartering: Printers, Lithium, and Ham Radios29:01 — The Hezbollah Exploding Pagers Operation30:12 — Chinese Electronics Bans: Are We Going Too Far?32:19 — Consumer vs Enterprise Tech Vulnerabilities34:00 — Free Market, Tariffs, and Why We Can’t Buy China’s Best EVs36:00 — Why TP-Link Isn’t Malicious… It’s Just Cheap38:15 — Regulation vs Innovation: Who Should Protect the Consumer?39:26 — FINAL QUESTION: What’s More Secure — Your SSN, Nuclear Blueprints, Your SIM, or the Coca-Cola Formula?43:00 — Closing + The New Catchphrase: “Be Safe, Don’t Do Anything We Wouldn’t Do.”#legitimatecybersecurity #cybersecurity #infosec #simswapping #esim #PhoneHacks #digitalidentity #databreach #techpodcasts

The Vatican just issued a massive warning about AI — and it might be the most unexpected twist in the religion-tech debate yet. Frank and Dustin dive deep into the rising spiritual panic around artificial intelligence: AI as a therapist, AI as a partner, AI as a spiritual advisor… and the truly wild question: Should an AI ever be baptized?In this episode of Legitimate Cybersecurity, we explore why major religious leaders are suddenly speaking out, whether AI could cause a crisis of faith, what it means for humanity’s spiritual future, and whether we’re all just NPCs in God's cosmic simulator.Plus:• Why people are telling AI their deepest secrets• Whether AI can “feel” anything• Star Trek’s Data vs. real-world AI• What the FIRST religion to baptize an AI will be• Why robots should NOT have teeth• Dustin invents the term “Crab with a K Cybersecurity”• Frank creates “FrankBible.ai” (please, no one do this)If you want an episode that’s funny, thought-provoking, and utterly uncomfortable in all the best ways… this one’s it.Media & interview requests: admin@legitimatecybersecurity.comAudio listeners: Subscribe everywhere or at https://legitimatecybersecurity.podbean.com/🧭 Chapters00:00 – Can AI cause a crisis of faith?00:42 – The Vatican’s AI Warning: Extinction-level concerns01:23 – Why NOW? Dustin explains the timing02:20 – Anthropomorphizing AI & why we do it03:20 – AI hallucinations vs. just “breaking”03:45 – When people start dating AI04:30 – AI replacing spouses, therapists… and maybe pastors?05:21 – Why the Church might be afraid of losing influence06:19 – When religious leaders start using AI themselves07:10 – Social media déjà vu: Echo chambers and faith08:00 – Will AI reshape religion?09:30 – Frank and Dustin’s childhood church trauma dump (lol)11:00 – Can AI enhance sermons without replacing faith?13:00 – Are religious texts just “data”?14:45 – Using AI to process spiritual conflicts16:00 – Danger: AI as a moral mirror16:30 – Echo chambers & spiritual distortion17:47 – Bible versions + algorithmic interpretation18:37 – How do OTHER religions interpret this?19:20 – Talking to AI = talking to yourself?20:30 – Can AI really replace clergy?22:00 – Faith vs. Ones & Zeros23:30 – Will AI ever be baptized?25:00 – Can AI “feel” emotions? Frank hopes the answer is no27:00 – Why emotional responses ≠ AI feelings28:30 – Philosophical chaos: Are WE God’s AI?29:30 – Frank’s “FrankBible.ai” — the heresy arc30:20 – Which religion baptizes AI first? The answer is spicy31:00 – VR Church, Second Life, and digital baptisms33:10 – Household robots, C-3PO vs. R2-D234:45 – Why are we building humanoid robots?36:00 – Ewok-shaped robot companions? Dustin says no teeth37:20 – Do we need AI commandments?38:00 – Historical pattern: tech never actually kills religion40:00 – Jesus as organic AI?? Frank breaks Dustin41:00 – Are we all Sims and God is AFK?42:00 – The wrap-up: uncomfortable but enlightening#legitimatecybersecurity #ai #religion #vatican #artificialintelligence #cybersecurity #techpodcasts #faithandtech #aiwarning #VaticanStatement #llm #ethicsinai

What happens when the most secure museum on Earth has a Wi-Fi password that’s literally “louvre”?💎 $100 million in jewels disappear, and the world’s best art collection learns what Defense in Dumb really means.In this episode of Legitimate Cybersecurity, Frank Downs and Dr. Dustin Brewer unpack how the Louvre Museum was robbed in broad daylight — not just by thieves, but by bad passwords, unpatched servers, and leadership that never took cybersecurity seriously.👉 Topics include:The Windows Server 2003 still guarding priceless art“Defense in Dumb” vs. real defense in depthWhy pen tests without remediation are a waste of moneyHow boredom and bureaucracy kill security programsThe Rosetta Stone irony: stolen artifacts complaining about theftWhat NIST CSF, GRC, and governance diffusion all have to do with itWhy multi-factor authentication isn’t two French guards and a shrugAnd yes — Leonardo da Vinci had better wireless security.📩 Media & Interview Requests: admin@legitimatecybersecurity.com🎧 Audio listeners: Subscribe on any platform →https://legitimatecybersecurity.podbean.com/👇 Comment below: What’s the dumbest password or security setup you’ve seen in the wild?We might feature your story in a future episode.Chapters00:00 – Cold Open: “Imagine robbing the most secure museum on Earth…”01:00 – Defense in Dumb: Louvre’s password was literally “louvre”02:10 – British & French museums suddenly hate theft03:45 – The Cyber Audit That Nobody Fixed05:30 – Pen Testing vs. Actually Doing the Work07:00 – Roof access, open windows, and Netflix-level stupidity09:00 – Boring but critical: why remediation never happens11:00 – Framework fails: ISO, NIST, GDPR, and no one enforces them13:30 – Cyber careers, boredom, and the “borification” of information16:00 – “It really HUMPS your packets”: why GRC isn’t sexy but matters18:30 – Leadership without packets: Steve Jobs, Woz, and cyber blind spots20:00 – How the Louvre failed every NIST CSF function23:00 – MDR myths: detection ≠ protection25:00 – APTs, insurance loopholes, and cyber blame games29:00 – Governance diffusion: when everyone assumes someone else did it31:00 – Legacy tech, no funding, and free open-source fixes33:00 – PFSense, Security Onion & AI helping broke orgs35:00 – Final Takeaway: “Leonardo da Vinci had better Wi-Fi security.”#LegitimateCybersecurity #LouvreHeist #CyberFail#DataBreach #cybersecurity#Hackers#PenTesting#InfoSec#NISTCSF#GRC#MDR#APT#CyberRisk#MuseumHeist#DefenseInDumb#WindowsServer2003

Tonight’s Halloween special gets deliciously weird. 🦇 Dustin and Frank unpack four true tech “hauntings”:• The Ghost in the Printer—Why old JetDirects spit hieroglyphics at night.• Laughing Alexa—The infamous 2018 bug that creeped out the world.• #GhostText—When delayed SMS messages arrived from the… beyond.• Grace Hopper’s Moth—The first literal computer “bug,” preserved in a logbook.We translate spooky glitches into plain-English cyber hygiene: broadcast storms, wake-on-LAN, noisy IoT, always-listening assistants, SMS spoofing, and why physical world failures (heat, humidity, insects!) still crash modern stacks.🎤 Media & interview requests: admin@legitimatecybersecurity.com🎧 Audio listeners: subscribe on any platform via https://legitimatecybersecurity.podbean.com/💬 Drop your own “haunted tech” stories in the comments—we may read them on-air!Chapter Breaks00:00 – Cold open: “Possessed” printers in Portland01:21 – Halloween setup + how we’ll demystify “paranormal” tech02:14 – Case #1: The Ghost in the Printer (broadcast storms + wake-on-LAN)05:01 – Why vulnerability scans make printers spit gibberish08:32 – Broadcast packets 101 (and why Frank hates wake-on-LAN)12:15 – Case #2: Alexa’s bone-chilling laugh (2018 trigger bug)16:55 – Smart speakers as always-listening risk (home & remote work)18:31 – Agentic AI + voice triggers = future home-automation threats23:16 – Case #3: #GhostText—delayed SMS from the “afterlife”27:42 – “HauntLater.com” (Frank’s dubious startup idea)32:59 – Case #4: Grace Hopper and the first literal computer “bug”36:45 – Physical world vs. digital systems (heat, humidity, pests)39:45 – Wrap & CTA: Share your creepy tech stories#legitimatecybersecurity #cybersecurity #halloweenspecial #ghostinthemachine #infosec #smarthome #iot #gracehopper

Are we watching the ladder get pulled up? A new Harvard-linked analysis shows companies that adopt generative AI hire 7.7% fewer junior roles — a subtle shift with massive consequences for cybersecurity, tech, and the middle class. Frank Downs and Dr. Dustin Brewer break down what’s really happening: the automation sugar high, the hollowing of mid-tier careers, why experience over degree over certifications is driving gatekeeping, and how this ends if we don’t course-correct.Learn more about the study here: https://www.economist.com/graphic-detail/2025/10/13/can-ai-replace-junior-workers?giftId=c059cef1-fdf2-4e22-80f7-e8fc16f025bf&utm_campaign=gifted_articleMedia and interview requests: admin@legitimatecybersecurity.comAudio listeners: subscribe on any platform via https://legitimatecybersecurity.podbean.com/Chapter Breaks00:00 – Cold Open: AI is quietly killing entry jobs00:27 – The stat nobody’s talking about 7.7 percent junior hiring drop02:05 – Correlation vs causation pandemic and RTO chaos03:35 – Gatekeeping madness 8 years of Swift and entry roles needing 5 years04:50 – What employers actually value experience over degree over certs06:20 – Why juniors are disappearing AI excels at lower-level tasks07:40 – The seduction shareholders execs and the AI won’t leave you trap09:00 – Societal fallout angry grads hollowed middle class12:30 – Who replaces us if we skip training14:10 – The wall where AI plateaus and humans must return15:30 – Safe vs squeezed trades and specialists vs shrinking middle16:50 – Adaptation 2.0 lessons from past automation waves19:40 – Tech is not automatic good phones social media and productivity23:30 – Cyber never sleeps always-on culture and cognitive offloading25:45 – AI friends the Zuckerberg take and why it is dangerous29:20 – Phone yes social no ethics engagement and shareholders31:10 – Sign-off Black Mirror the void and what we do next#aijobs #cybersecurity #techcareers #futureofwork #generativeai #automation #entryleveljobs #jobmarket #middleclass #legitimatecybersecurity #ai

What happens when ONE “cloud” hiccup in Virginia slams the brakes on your life—smart beds trap sleepers, Alexa goes dumb, Venmo sputters, and enterprise apps face-plant? Frank & Dr. Dustin break down Monday’s AWS DNS outage, why the internet’s “old bones” (DNS/IPv4) still run everything, how dependency hell spreads a local failure worldwide, and whether Web3/IPv6/real decentralization can stop the next domino run.👂 Audio listeners: subscribe on any podcast platform via our feed: https://legitimatecybersecurity.podbean.com/🎤 Media & interview requests: admin@legitimatecybersecurity.comChapters below. Drop your wildest “my house broke when AWS sneezed” story in the comments. ⬇️Chapter Breaks00:00 – Cold Open: “This was Monday” doomsday (beds, banks, Blackboard)00:50 – DNS for Normals: the internet’s phone book (and why it failed)02:45 – Single Point of Failure? us-east-1 and the centralization problem04:03 – “There is no cloud, it’s someone else’s computer” (and your bed’s on it)05:21 – How a regional outage went global: dependencies & third-party calls06:40 – SBOMs, supply chain, and internet-scale dependency hell07:24 – Pi-hole story: when your home DNS goes down, everything stops09:12 – Resiliency vs reality: why some services lived while others died10:45 – The domino stack: uptime, TTLs, and stale DNS making pain linger12:18 – Could IPv6 help? (and why we still haven’t adopted it)14:25 – “Second-gen DNS”: what would a safer, faster resolver look like?16:07 – Monopoly math: if busting big clouds won’t happen, what will?18:47 – Web3/Blockchain as a decentralized DNS idea—promise & tradeoffs20:13 – Tor ≠ the model: decentralization without the dark-web baggage22:20 – AI as infrastructure: power, cost, and more single points of failure23:53 – Why blockchain never got sexy (and why it still might)26:24 – Ghosts in the machine? (Spooky season teaser)27:54 – Wrap: what to do before the next Monday#aws #dns #outage #cloudcomputing #cybersecurity #web3 #ipv6 #smarthome #supplychain #sbom #devops #incidentresponse

Your AI assistant is helpful… until it isn’t. In this episode, Frank and Dustin break down the zero-touch exploits (EchoLeak & ShadowLeak) that can hijack AI integrations like email and office suites, quietly exfiltrate your prompts and IP, and even leak them to attacker infrastructure—no clicks required. We also talk about why your chats aren’t protected by legal privilege, how AI activity factored into the California wildfire arsonist story, and what actually works: DLP, model governance, and when you should go local with LLMs.We keep it real (and a little nihilistic) while giving CISOs, IT leaders, and curious humans the playbook to reduce risk without killing innovation.👉 Media & interview requests: admin@legitimatecybersecurity.com🎧 Audio listeners: subscribe on any platform via https://legitimatecybersecurity.podbean.com/💬 Drop your idea for our new sign-off catchphrase in the comments!Chapters:0:00 Cold Open — “What if your AI is spying on you?”0:30 Welcome & Today’s Agenda (EchoLeak, ShadowLeak, legal privilege, arsonist story)1:55 Zero-Touch Exploits Explained (no clicks, still owned)3:11 How It Works via Email & Integrations (silent prompt injection → exfil)4:48 Old Tradecraft, New Target (drive-by vibes, LLMs in the loop)7:55 “Plain-Language Hacking” (Gandalf game, prompt judo)10:27 Why This Still Counts as a Hack (intent, abuse of designed behavior)12:52 Why SOCs Might Miss It (looks like normal AI traffic)14:24 DLP, Asset Mgmt, and the “Hated but Needed” Controls16:44 Should You Run Local LLMs? (pros, cons, update churn)20:30 Liability & Definitions — Is This Really a Hack? (yes, and why)22:25 AI Has No Feelings… But It Leaks Yours (reflection, social engineering)23:16 “No Legal Privilege” Bombshell & The Arsonist Example26:36 Privacy Culture Shift (profiling even when you opt-out)29:45 Cat-and-Mouse Prompts (policy workarounds, “encrypt my answer” tricks)31:19 Don’t Panic, Do Fundamentals — Then Regulate32:36 What Good Regulation Looks Like (and where it fails)35:40 Penalties with Teeth (or companies just budget the fines)38:26 Next Week Tease: DOGE whistleblowers & data handling39:01 Help Us Pick a Catchphrase (Outro & CTAs)#cybersecurity #ai #dataprivacy #pentesting #ZeroTouch #llm #copilot #chatgpt #dlp #infosec #datalossprevention