Hot Take Predictions for Next Year – 2025-12-15
Join us LIVE on Mondays, 4:30pm EST.
A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.
https://www.youtube.com/@BlackHillsInformationSecurity
Chat with us on Discord! -
https://discord.gg/bhis
🔴live-chat
🔗 Register for FREE webcasts, summits, and workshops -
https://poweredbybhis.com
Chapters
Links
Story # 1: Russian kids revolt as Kremlin bans Roblox, other popular apps
Story # 2: Google’s killing off its dark web report because users didn’t know what to do with it
Story # 3: Coupang data breach traced to ex-employee who retained system access
Story # 4: Roomba maker iRobot bought by Chinese supplier after filing for bankruptcy
Story # 5: February report from researcher found Chinese KVM had an unclearly documented microphone and communicated with China-based servers, but many of the security issues are now addressed [Updated]
Story # 6: When adversaries bring their own virtual machine for persistence
Story # 7: Oh no! Hackers snuck malware inside uber-popular Windows app Notepad++
The team looks ahead to 2026 and shares practical, sometimes blunt predictions about where cybersecurity is heading. They discuss how AI will continue reshaping both offense and defense, with attackers using automation at scale while defenders struggle to operationalize AI beyond marketing hype.
The conversation highlights growing risk from identity abuse, cloud misconfigurations, and insecure SaaS sprawl, noting that many breaches will still come down to basic failures rather than advanced exploits. They also predict continued burnout in security teams, more consolidation among security vendors, and increasing pressure to prove real ROI from security tools.
On the positive side, the hosts see improved detection engineering, better security education, and more community-driven knowledge sharing. Overall, the message is clear: fundamentals still matter, hype won’t save you, and organizations that focus on people, process, and visibility will be better positioned for 2026.
Brought to you by:
Black Hills Information Security
https://www.blackhillsinfosec.com
Antisyphon Training
https://www.antisyphontraining.com/
Active Countermeasures
https://www.activecountermeasures.com
Wild West Hackin Fest
https://wildwesthackinfest.com
A weekly Podcast with BHIS and Friends. We discuss notable Infosec, and infosec-adjacent news stories gathered by our community news team.
https://www.youtube.com/@BlackHillsInformationSecurity
Chat with us on Discord! -
https://discord.gg/bhis
🔴live-chat
🔗 Register for FREE webcasts, summits, and workshops -
https://poweredbybhis.com
Chapters
- (00:00) - PreShow Banter™ — testing testing
- (00:11) - Hot Take Predictions for Next Year – 2025-12-15
- (02:10) - Story # 1: Russian kids revolt as Kremlin bans Roblox, other popular apps
- (10:21) - Story # 2: Google's killing off its dark web report because users didn't know what to do with it
- (20:05) - Story # 3: Coupang data breach traced to ex-employee who retained system access
- (31:13) - Story # 4: Roomba maker iRobot bought by Chinese supplier after filing for bankruptcy
- (34:18) - Story # 5: February report from researcher found Chinese KVM had an unclearly documented microphone and communicated with China-based servers, but many of the security issues are now addressed [Updated]
- (36:48) - Story # 6: When adversaries bring their own virtual machine for persistence
- (41:57) - Story # 7: Oh no! Hackers snuck malware inside uber-popular Windows app Notepad++
- (44:20) - Hot Take Predictions for 2026
Links
Story # 1: Russian kids revolt as Kremlin bans Roblox, other popular apps
Story # 2: Google’s killing off its dark web report because users didn’t know what to do with it
Story # 3: Coupang data breach traced to ex-employee who retained system access
Story # 4: Roomba maker iRobot bought by Chinese supplier after filing for bankruptcy
Story # 5: February report from researcher found Chinese KVM had an unclearly documented microphone and communicated with China-based servers, but many of the security issues are now addressed [Updated]
Story # 6: When adversaries bring their own virtual machine for persistence
Story # 7: Oh no! Hackers snuck malware inside uber-popular Windows app Notepad++
The team looks ahead to 2026 and shares practical, sometimes blunt predictions about where cybersecurity is heading. They discuss how AI will continue reshaping both offense and defense, with attackers using automation at scale while defenders struggle to operationalize AI beyond marketing hype.
The conversation highlights growing risk from identity abuse, cloud misconfigurations, and insecure SaaS sprawl, noting that many breaches will still come down to basic failures rather than advanced exploits. They also predict continued burnout in security teams, more consolidation among security vendors, and increasing pressure to prove real ROI from security tools.
On the positive side, the hosts see improved detection engineering, better security education, and more community-driven knowledge sharing. Overall, the message is clear: fundamentals still matter, hype won’t save you, and organizations that focus on people, process, and visibility will be better positioned for 2026.
Brought to you by:
Black Hills Information Security
https://www.blackhillsinfosec.com
Antisyphon Training
https://www.antisyphontraining.com/
Active Countermeasures
https://www.activecountermeasures.com
Wild West Hackin Fest
https://wildwesthackinfest.com
Creators and Guests
Host
Corey Ham
Corey Ham has been with Black Hills Information Security (BHIS) since 2021 delivering red teaming and OSINT services. Currently, Corey leads the ANTISOC team at BHIS, providing subscription-based continuous red teaming to BHIS clients. Outside of his time at BHIS, you can find him out in the woods or up on a mountain somewhere.
Host
Hayden Covington
Hayden Covington joined Black Hills Information Security (BHIS) in the Summer of 2022 as a SOC Analyst. He chose BHIS after hearing many great things over the years and seeing the quality of work, as well as finding people who have the same passion for the field as he does. His favorite part of the job so far has been the community. Previously, Hayden worked in a SOC for a Naval contractor, where he also served as their SOAR project manager and SME, as well as insider threat lead. When he’s not working, Hayden can be found doing anything athletic (like triathlons!), as well as enjoying video gaming and Formula 1.
Host
John Strand
John Strand has both consulted and taught hundreds of organizations in the areas of security, regulatory compliance, and penetration testing. He is a coveted speaker and much loved SANS teacher. John is a contributor to the industry-shaping Penetration Testing Execution Standard and 20 Critical Controls frameworks.
Host
Ralph May
Ralph is a U.S. Army veteran and former DoD contractor who supported the United States Special Operations Command (USSOCOM) with information security challenges and threat actor simulations. Over the past decade, he has provided offensive security services at Optiv Security and Black Hills Information Security (BHIS) across various industries. His expertise spans network, physical, and wireless penetration testing, social engineering, and advanced adversarial emulation through red and purple team assessments. Ralph has developed several tools, including Bitor (set to release in January 2025) and Warhorse, which enhance efficiency in penetration testing infrastructure and operations. He has spoken at numerous conferences, including DEF CON, Black Hat, Hack Miami, B-Sides Tampa, and Hack Space Con.
Host
Wade Wells
Wade Wells has been working in cybersecurity for a decade, focusing on detection engineering, threat intelligence, and defensive operations. Wade currently works as a Lead Detection Engineer at 1Password, where he helps build and mature scalable detection programs. Outside of his day-to-day work, Wade is deeply involved in the security community through teaching, mentoring, podcasting, and running local events
Guest
Andy Pettit "Nerf"
Andy Pettit is a cybersecurity practitioner and lifelong builder with a hacker’s mindset, driven by deep curiosity and a desire to understand how systems truly work. He began coding in C at age 12 building custom MUDs and has been pulling systems apart ever since, focusing on gaps between design and real-world behavior. Andy brings a whole-business perspective from over a decade as managing partner of Clown Shoe Motorsports, shaping his views on risk, reliability, cost, and people. He volunteers with Black Hills Information Security and Antisyphon Training as a Nerd Herder and is a top 5% MetaCTF competitor, endurance racer, and HPDE instructor with NASA Texas Region.
Guest
MaryEllen
MaryEllen Kennel has held numerous roles in CyberSecurity, and is currently ranked top 1% in MetaCTF. MaryEllen has spoken at several conferences, including Magnet Forensics, KringleCon, and most recently, Wild West Hackin’ Fest in Deadwood, SD. MaryEllen grew up Mennonite, and treasures spending time with family.
Guest
Michael "Shecky" Kavka
Shecky, as he is commonly called, has been in the professional world of IT for nearly 30 years the last 11 as a blue team security engineer. He is focused on detection engineering, threat intel and analysis. Outside of his day to day he is involved in Bsides312, Hak4Kidz and Burbsec (Chicago's cybersecurity meetup conglomerate).