CyberWire Daily - A giant FortiJump for cybercriminals.
Episode Date: October 24, 2024Fortinet confirms a recently rumored zero-day. Officials investigate how restricted chips ended up in products from Huawei. The White House unveils a coordinated AI strategy for national security. Res...earchers jailbreak LLMs with Deceptive Delight. A new ransomware group exploits vulnerable device drivers. Sensitive documents from a UN trust fund are leaked online. Penn State pays over a millions dollars to settle allegations of inadequate security in government contracts. CISA adds a SharePoint vulnerability to its Known Exploited Vulnerabilities Catalog. A Microsoft report warns of growing election disinformation. On our industry voices segment, Eric Herzog, CMO of Infinidat, discusses merging cybersecurity and cyber storage resilience. China is shocked - shocked! - that its space program has drawn the attention of foreign spies. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our industry voices segment, Eric Herzog, CMO of Infinidat, discusses merging cybersecurity and cyber storage resilience. Selected Reading Mandiant says new Fortinet flaw has been exploited since June (Bleeping Computer) TSMC Cuts Off Client After Discovering Chips Sent to Huawei (Bloomberg) White House unveils plan for US government to keep its edge on AI development (The Record) FACT SHEET: Biden-Harris Administration Outlines Coordinated Approach to Harness Power of AI for U.S. National Security (The White House) New LLM jailbreak method with 65% success rate developed by researchers (SC Media) Embargo Ransomware Disables Security Defenses (GovInfo Security) Misconfigured UN Database Exposes 228GB of Gender Violence Victims' Data (Hackread) Penn State Settles for $1.25M Over Failure to Comply With DoD, NASA Cybersecurity Requirements (SecurityWeek) CISA Warns Active Exploitation of Microsoft SharePoint Vulnerability (Cyber Security News) As Election Looms, Disinformation ‘Has Never Been Worse’ (The New York Times) Microsoft Warns Foreign Disinformation Is Hitting the US Election From All Directions (WIRED) China’s space programme targeted by ‘audacity’ of foreign agents, anti-spy agency warns (South China Morning Post) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
You're listening to the Cyber Wire Network, powered by N2K.
Air Transat presents two friends traveling in Europe for the first time and feeling some pretty big emotions.
This coffee is so good. How do they make it so rich and tasty?
Those paintings we saw today weren't prints. They were the actual paintings.
I have never seen tomatoes like this.
How are they so red?
With flight deals starting at just $589,
it's time for you to see what Europe has to offer.
Don't worry.
You can handle it.
Visit airtransat.com for details.
Conditions apply.
AirTransat.
Travel moves us.
Hey, everybody.
Dave here.
Have you ever wondered where your personal information is lurking online?
Like many of you, I was concerned about my data being sold by data brokers.
So I decided to try Delete.me.
I have to say, Delete.me is a game changer.
Within days of signing up, they started removing my personal information from hundreds of data brokers.
I finally have peace of mind knowing my data privacy is protected.
Delete.me's team does all the work for you with detailed reports so you know exactly what's been done.
Take control of your data and keep your private life private by signing up for Delete.me.
Now at a special discount for our listeners.
private by signing up for Delete Me. Now at a special discount for our listeners,
today get 20% off your Delete Me plan when you go to joindeleteme.com slash n2k and use promo code n2k at checkout. The only way to get 20% off is to go to joindeleteme.com slash n2k and enter code
n2k at checkout. That's joindeleteme.com slash N2K, code N2K.
Fortinet confirms a recently rumored zero-day.
Officials investigate how restricted chips ended up in products from Huawei.
The White House unveils a coordinated AI strategy for national security.
Researchers jailbreak LLMs with deceptive delight.
A new ransomware group exploits vulnerable device drivers.
Sensitive documents from a UN trust fund are leaked online.
drivers. Sensitive documents from a UN trust fund are leaked
online. Penn State pays
over a million dollars to settle
allegations of inadequate security
in government contracts. CISA
adds a SharePoint vulnerability to
its known exploited vulnerabilities catalog.
A Microsoft report warns
of growing election disinformation.
On our Industry Voices segment,
Eric Herzog, CMO of
Infinidat, discusses merging cybersecurity and cyber storage resilience.
And China is shocked, shocked, that its space program has drawn the attention of foreign spies.
It's Thursday, October 24th, 2024.
I'm Dave Bittner, and this is for joining us here today.
For over a week, rumors of a zero-day vulnerability in Fortinet's FortiManager have been circulating online.
Yesterday, the flaw, dubbed FortiJump, was officially disclosed by Fortinet, confirming it has been actively exploited since June of 2024.
The vulnerability, a missing authentication issue in the FortiGate to FortiManager protocol API, allows attackers to execute commands on FortiManager servers and steal data from managed FortiGate devices.
FortiManager servers and steal data from managed FortiGate devices.
Cybersecurity firm Mandiant revealed that a threat actor, tracked as UNC-5820,
has been exploiting the flaw in attacks affecting more than 50 servers.
Attackers used their own FortiManager and FortiGate devices with valid certificates to register on vulnerable FortiManager servers.
Once connected, even in an unauthorized state,
these devices could access sensitive data,
including configuration details and hashed passwords of managed devices.
Fortinet has released patches and advised customers to restrict IP connections
and block unauthorized FortiGate devices.
The company's advisory includes mitigation measures, indicators of compromise, and logs
to help detect affected systems. Organizations are urged to apply these patches and update
credentials to prevent further breaches. So far, no additional malicious activity has been reported since the initial attacks.
Taiwan Semiconductor Manufacturing Company, TSMC, discovered this month that chips it made for a
specific client ended up in Huawei Technologies products, potentially violating U.S. sanctions
aimed at restricting technology to the Chinese company.
TSMC halted shipments to the client in mid-October and notified both the U.S. and Taiwanese authorities.
It's unclear if the client was working on behalf of Huawei or where they're based, but the incident raises questions about how Huawei accessed advanced chips despite sanctions.
raises questions about how Huawei accessed advanced chips despite sanctions.
Huawei, blacklisted since 2020,
has relied on Semiconductor Manufacturing International Corporation for chip production.
However, recent reports suggest Huawei's latest AI servers contain processors made by TSMC.
TSMC had previously stated it stopped all shipments to Huawei in 2020.
U.S. officials are now investigating whether third-party distributors played a role in
bypassing export restrictions. The development adds pressure on TSMC and the U.S. Bureau of
Industry and Security to address potential loopholes in export controls.
Researchers from Palo Alto Networks Unit 42 have uncovered a new jailbreak method for large
language models called Deceptive Delight, with a success rate of 65% after just three interactions.
The method was tested on 8,000 cases across eight anonymized models.
It works by asking the LLM to logically connect two benign topics with an unsafe one,
like linking a family reunion and childbirth to creating a Molotov cocktail.
A second step elaborates on these topics, often leading the model to generate harmful content.
A third interaction further increases success rates and content harmfulness by over 20%.
While LLMs remain resilient even with content filters disabled,
Unit 42 found that successful jailbreak attempts can increase the quality and relevance of harmful outputs.
To counter such
attacks, researchers recommend using robust content filters and clear system prompts to
reinforce model boundaries and prevent unsafe outputs. A new ransomware group known as Embargo
is developing advanced tools to bypass security defenses, including a method that exploits driver vulnerabilities
to disable endpoint detection and response systems.
Discovered by researchers at ESET,
Embargo first emerged in April of this year
and uses a ransomware-as-a-service model,
allowing affiliates to keep up to 80% of extortion payments.
The group employs two primary tools, M-Deployer, a custom
loader, and MS4-Killer, which targets security systems by exploiting vulnerable drivers.
Both tools are written in Rust, a language known for its efficiency and cross-platform capabilities,
allowing the malware to target Windows and Linux systems. Embargo's attacks
involve rebooting compromised systems into safe mode, disabling most security protections. The
group is actively refining its toolkit, with researchers noting multiple versions of these
tools in various attacks. Embargo claims victims across several sectors, including health care and finance.
Cybersecurity researcher Jeremiah Fowler is at it again, this time discovering a major data leak
exposing over 115,000 sensitive documents from the UN Trust Fund to end violence against women.
The unprotected database, lacking password security,
contained 228 gigabytes of data,
including personal information, financial records, and victim testimonies.
This breach poses severe privacy risks,
making individuals vulnerable to identity theft, phishing, and blackmail.
The UN Women Agency secured the database after being notified, but the incident
underscores the importance of robust cybersecurity for humanitarian organizations.
Pennsylvania State University, better known as Penn State, has agreed to pay one and a quarter
million dollars to settle allegations of failing to comply with cybersecurity requirements in over a dozen contracts with the Department of Defense and NASA.
The settlement stems from a QATAM lawsuit filed by Matthew Decker,
a former CIO at Penn State's Applied Research Lab, under the False Claims Act.
The lawsuit claimed Penn State did not meet the Defense Federal Acquisition Regulations Supplement Standards, including implementing required security controls under NIST SP 800-171.
The university also allegedly misrepresented its compliance timelines and failed to use a NASA-compliant cloud service provider.
use a NASA-compliant cloud service provider. As part of the settlement, $250,000 will go to Decker and $150,000 will cover his legal fees. This case follows similar cybersecurity
noncompliance allegations against Georgia Tech. CISA has added a Microsoft SharePoint
deserialization vulnerability to its known exploited vulnerabilities catalog.
This flaw, disclosed in July, has a CVSS score of 7.2 and is rated important by Microsoft.
It allows unauthorized remote code execution by exploiting deserialized, untrusted data.
CISA's inclusion of this vulnerability highlights its potential risk,
urging federal agencies to address it under Binding Operational Directive 22-01.
Microsoft has warned that Russia, China, and Iran are actively targeting the 2024 U.S. elections
with evolving disinformation campaigns. These efforts aim to undermine public trust
in election integrity and destabilize U.S. politics.
Russian operatives focus on character attacks,
including AI-generated content like deepfakes,
while China targets congressional races
and critics of its policies.
Iran is leveraging anti-Israel sentiment.
Microsoft's report emphasizes the
risks in the final days before and after the election, urging vigilance against these
sophisticated foreign influence operations. For further insights into disinformation and
misinformation in the U.S. election, be sure to check out our three-part miniseries, Dismiss.
election, be sure to check out our three-part miniseries, Dismiss. Rick Howard sits down with election experts to navigate the 2024 presidential elections information storm, offering a toolkit
to help you distinguish between deceptive narratives and legitimate content in today's
rapidly shifting election security landscape. Do check it out.
Coming up after the break, my conversation with Eric Herzog from Infinidat. We're discussing merging cybersecurity and cyber storage resilience. Stay with us.
Do you know the status of your compliance controls right now?
Like right now.
We know that real-time visibility is critical for security, but when it comes to our GRC programs, we rely on point-in-time checks.
But get this, more than 8,000 companies like Atlassian and Quora have continuous visibility into their controls with Vanta.
Here's the gist. Vanta brings automation to evidence collection across 30 frameworks, like SOC 2 and ISO 27001.
They also centralize key workflows like policies, access reviews, and reporting,
and helps you get security questionnaires done five times faster with AI. Now that's a new way
to GRC. Get $1,000 off Vanta when you go to vanta.com slash cyber. That's vanta.com slash
cyber for $1,000 off. And now a message from Black Cloak. Did you know the easiest way for cybercriminals to bypass your company's defenses
is by targeting your executives and their families at home?
Black Cloak's award-winning digital executive protection platform
secures their personal devices, home networks, and connected lives.
Because when executives are compromised at home, your company is at risk.
In fact, over one-third of new members discover
they've already been breached.
Protect your executives and their families 24-7, 365
with Black Cloak.
Learn more at blackcloak.io.
Eric Herzog is CMO at Infinidat, a provider of enterprise storage solutions. I recently sat down with him to discuss cyber storage resilience.
Storage and backup is an area that fascinates me,
partly because I think on the surface is something
that everybody can understand, the notion of you need to store things and you need to back things
up. But the devil is in the details. I mean, there's a lot more complexity to it than that
when you really dig in. Absolutely. So when you think about it, the era of traditional data protection methodology, particularly backup, is kind of passe. You really need to think about next generation data protection and recovery.
So the issue is not if you'll suffer a cyber attack, it's when and how often. So you need to be basically accepting that from an enterprise perspective, and the average enterprise is 1,250
cyber attacks per week, they're eventually going to get in. So what you needed to ameliorate that
on the data protection side, both for your backup, secondary storage, if you will, and your primary
storage, that's a key thing you need to look at from a go-forward basis in this next generation
of data protection and recovery model that we see happening across enterprises globally.
And when we look at root causes here, I mean, why are organizations finding themselves still
vulnerable to having their data held for ransom? Ransomware is not new, and yet here we are.
is not new, and yet here we are. Well, the bottom line is every time the good guys come up with a solution, the bad guys come up with a way to overcome that solution. It's a very, very traditional,
right? Think about something completely different. Speed. I'm old enough, since I'm almost 70,
to remember when people thought that, wow, I can get X amount of latency or Y
amount of bandwidth on my storage. And today, it's 50 times better performance than it was
way back when. Same with servers, right? Whatever they thought they needed on the server side or
the networking side with Cisco, with HPE, with all the server vendors and all the networking
vendors, it just grows exponentially. So when you think about malware and ransomware, it's the same
thing, right? In fact, this year, enterprises, not home users now, not you and me, and not SMBs,
so not Herzog's Bar and Grill or Eric's Cigar Store, but literally enterprises. The problem is a $9.5
trillion US dollar problem between A, fighting the malware and ransomware, possibly having to
deal with the financial repercussions of the malware ransomware. What you need to do prevent
from it happening the next time because that always costs money. So for example, one of the
big ones just to make it easy,
is in the US now, if you're publicly traded,
this started October of last year.
If you have a cyber attack,
within four working days, you have to file an SEC public document.
So one of the big attacks that happened recently,
earlier this year in Q1, was UHG.
And UHG, United Healthcare Group,
is one of the largest companies in the world,
I think on the Fortune 500 list. They're number eight or number nine on the entire planet.
And they're filing the impact of this attack was $2.8 billion. So now not all attacks are
that dramatic, right? MGM had an attack in Q4, which was also
publicly documented, 128 million. But that adds up when you think about the entire world, the fact
that attacks are consistent and constant. As soon as the good guys figure out how to overcome it,
the bad guys figure out a new way. When we're talking about cyber storage resilience,
what exactly does that
entail? What does that encompass? What are the various components that we're talking about here?
Sure. So there are a number of elements you need to think about when you're looking at
how you can protect yourself from a cyber resilience play, whether this be on your
primary storage or on your secondary storage. So first of all, you want to leverage immutable snapshots.
Obviously, snapshots are common in the storage industry, but immutable snapshots cannot be
deleted, cannot be altered, and cannot be changed. Second thing you need is what's known as an air
gap. So in primary and secondary storage, it's a logical air gap. In this case, it separates the management plane and the data plane.
And your logical air gap should be local, right, in data center A, remote in data center B,
aka going from A to B, or both. And what that does is separate the management plane from the data
plane. The third thing you need is a fenced forensic environment. The average dwell time that malware or ransomware is inside of your wall, if you will, inside
over the wall, past the moat with the alligators and piranha in it, is 200 days. 200 days.
So you want to make sure that even though you've created immutable snapshots, you didn't create a immutable snapshot of malware or ransomware. So you create a fenced forensic
environment after you know you've had an attack to scan and get what's referred to as a known
good copy before you recover. You want to have near instantaneous recovery. So how fast can I
recover? So I've got a known good copy now. How fast can I recover?
Can that be a minute or less?
Could it be 20 minutes or less?
Is it a day?
Is it two days?
How long does it take?
And then one of the newer things that people are seeing
is integration of storage
with data center-wide cybersecurity packages.
So you look at SIEM or SOAR,
which are the primary types of data center cybersecurity packages
that have nothing to do with storage.
If you can integrate your storage to that,
when something like a Microsoft Sentinel or IBM QRadar senses an attack,
then your storage can automatically take action.
Remember, those data center-wide cybersecurity packages
aren't designed for storage. They're designed for, those data center-wide cybersecurity packages aren't designed for
storage. They're designed for the entire data center. So you need to take definite action on
the storage side to help shrink what security guys call the threat window. And then the last thing
is you probably want to leverage artificial intelligence and machine learning to scan part of your storage to see
if there is malware or ransomware. It can be used as an early warning system, just like the
data center-wide cybersecurity packages do. And by the way, you could have your cybersecurity
scanning software through an API reach out to the SIMr source software. So you can actually go from the storage
to the data center-wide cybersecurity packages.
And the second thing is if you do have an attack
and they get through,
you A, on your fenced forensic environment,
either need to call the application owners,
the Oracle guys, the SAP guys, the Mongo guys,
or you could use AI and ML to scan
your potential candidates to get to a known good copy. So those are the six key elements you need
to have a comprehensive cybersecurity strategy from a storage perspective. That's just from the
storage perspective. That's independent of the things they need to do at the edge, they need to
do in their core networking, their core servers, and what they need to do at the edge, they need to do in their core networking, their core servers, and what they need to do
at the application and workload level.
So this is just looking at it
from a storage perspective.
Well, there's a couple things
that come to mind
in what you've shared here.
I mean, I think a lot of folks
have this fantasy in their minds of,
you know, like I imagine,
you know, Dr. Frankenstein's lab,
where if I have a problem with my storage, you know, someone hits me with ransomware, there's going to be a big scissor switch on the wall that I can pull down and instantly switch over to my backup and continue running as if nothing has ever happened.
To what degree is that notion a fantasy, or are we in a world where that's a possibility?
So that's very old school, old world.
Cyber criminals are not what you see in a gangster movie.
Cyber criminals are graduates of some of the biggest universities on this planet.
But for some reason, instead of getting a job in regular industry at a major software company or whatever, they decide to be criminals.
Or they're people who didn't go to the university, but they're brilliant.
They're hackers, whether they be college educated or not.
And they know how to manipulate systems.
They know how to use AI and ML for the bad guys.
Remember, as much as we can use AL and MI for the good side, they can use the same technology
for the bad side to come up with
better ways to get into your enterprise. So the smart cyber criminals don't only capture the
primary storage, but the secondary storage. They know people are going to back up. They're, you
know, they're tech guys. They understand the process. So they know that data is going to be
backed up. Data could be replicated to a secondary site for disaster recovery purposes.
Well, guess what?
You could always recover that, right?
You may lose some data depending on how often you move the data from data center one to
data center two to avoid that hurricane, cyclone, earthquake, fire, flood, right?
Whatever it is you're trying to avoid.
That said, they know that.
flood, right, whatever it is you're trying to avoid. That said, they know that. So they know they need to capture the secondary dataset copies as well as primary. If they're a smart cyber
criminal, that's exactly what they do. So just saying, I can go back to my backup doesn't make
logical sense because the master cyber criminals know all about IT. They understand how data flows
work. They understand from the application
through the server infrastructure across the network into the storage, and then obviously
to a backup or an archive play. So the smart cyber criminals are attacking at every possible vector.
They're attacking the server infrastructure, the storage infrastructure, the backup infrastructure,
the server infrastructure, and for infrastructure, the server infrastructure,
and for certain things, maybe even edge, right? If I'm a giant telco, I need to be worried about
if I've got edge detection on all my cell towers to help me manage my cell towers better,
what a great place to attack because the cyber criminal probably thinks, well, those things are
out there, they're remote, there's thousands to millions of cell towers for any one of the cellular telcos across the planet.
I'll just attack there.
And then once I get in, I'll wean my way into the servers and the Oracle apps and the SAP apps and their financial apps and all their other apps.
So they're sophisticated enough to understand the IT model, the IT infrastructure,
if you will, the map of IT, and know that they need to attack at multiple vectors in order to
be effective. Otherwise, they can't hold you for ransom or destroy your data, which is, of course,
what malware does. So what are your recommendations then? I mean, if I'm a chief
information security officer, you know, me and my team, we're responsible for the security of
the organization. When it comes to merging this notion of cyber storage resilience with what
we're doing with cybersecurity, what are your words of wisdom here? Well, first thing is, A,
What are your words of wisdom here?
Well, first thing is, A, you need to realize that storage needs to be part of your global enterprise cybersecurity strategy.
If you leave it out, it's akin to going on vacation, leaving your doors not only unlocked, but your doors and windows literally wide open, and posting on every social media venue you possibly post on,
hey, I'm on vacation for two weeks, come steal my stuff.
The most valuable data of global enterprises is sitting on their global enterprise storage. So you need to make sure that the elements I discussed earlier,
those six elements of what you need from a cyber resilience
and cyber storage recovery perspective are in the storage
itself, then you need to make sure that you include in your cybersecurity strategy and planning
that storage is important. For example, if storage can communicate with your data center-wide
cybersecurity packages, that's a big advantage. I would argue you need to practice recovery,
right? Most global Fortune 500s,
they practice disasters, whether that be a fire, since I'm a native Californian, an earthquake,
and I've been in several. But the number one cause of data loss, other than humans, right,
you could accidentally delete a PowerPoint or Word file. But other than that, the number one
cause of data loss is fire. Then you've got things like flood, hurricane, cyclones, right? That happens
all the time. And as much as data centers can be a cat five, supposedly battle-hardened against that,
you know, that's not going to top it when that hurricane or that cyclone or that tsunami
is going at 140 miles an hour and blows the top right off the building, which happens, of course.
So you need to make sure
that the CISO includes cyber storage, resilience, and recovery as part of the overall strategy.
B, they need to practice just the way they'd practice for a fire or a hurricane or an
earthquake, that there's a disaster. Cyber attack is a disaster. It's just a different kind from
the natural disasters that people think about.
So you practice that. If you're practicing your recovery from a hurricane or earthquake once a month, then why don't you do a cyber recovery while you're going through that process?
Or if you do it once a quarter, the same thing. Early in the quarter, maybe you do a natural
disaster recovery. And then later in the quarter, you do one as if you had a cyber attack so that everybody understands what they need to do from the
application owners, from all the infrastructure teams, right? There's a server team, there's a
network team, there's a storage team in these large global enterprises. What are they going to
do? Because if there's a CISO, there's obviously security teams and there's virtualization teams
and container teams.
What does each team need to do?
Which, by the way, if there is a real hurricane or tornado, that's exactly what they practice.
How do they recover?
How do they get everything set up?
You do the same thing as if there's been a cyber attack.
Our thanks to Eric Herzog from Infinidat for joining us.
If you'd like more information, we'll have a link in our show notes. Cyber threats are evolving every second, and staying ahead is more than just a challenge.
It's a necessity.
That's why we're thrilled to partner with ThreatLocker, a cybersecurity solution trusted by businesses worldwide. ThreatLocker is a full suite of solutions designed to give you total
control, stopping unauthorized applications, securing sensitive data, and ensuring your
organization runs smoothly and securely. Visit ThreatLocker.com
today to see how a default-deny approach can keep your company safe and compliant.
And finally, our T-minus Space Daily desk informs us that China is now claiming that its space program is under relentless attack by foreign spies, an audacious and laughable assertion given China's own well-documented efforts to siphon off technology from other nations for years.
efforts to siphon off technology from other nations for years. This latest warning, coming from China's Ministry of State Security, accuses foreign agents of trying to steal space-related
information, supposedly jeopardizing its peaceful ambitions in space. The irony is thick. China,
with its history of espionage targeting aerospace programs worldwide, is now playing the victim.
And that's The Cyber Wire.
For links to all of today's stories, check out our daily briefing at thecyberwire.com.
We'd love to know what you think of this podcast.
Your feedback ensures we deliver
the insights that keep you a step ahead in the rapidly changing world of cybersecurity.
If you like our show, please share a rating and review in your favorite podcast app.
Please also fill out the survey and the show notes or send an email to cyberwire at n2k.com.
We're privileged that N2K Cyber Wire is part of the daily routine of the most influential leaders and operators in the public and private sector,
from the Fortune 500 to many of the world's preeminent intelligence and law enforcement agencies.
N2K makes it easy for companies to optimize your biggest investment, your people.
We make you smarter about your teams while making your teams smarter.
Learn how at N2k.com.
This episode was produced by Liz Stokes. Our mixer is Trey Hester, with original music and
sound design by Elliot Peltzman. Our executive producer is Jennifer Iben. Our executive editor
is Brandon Karp. Simone Petrella is our president. Peter Kilpie is our publisher.
And I'm Dave Bittner. Thanks for listening. We'll see you back here tomorrow. Thank you. That's where Domo's AI and data products platform comes in. With Domo, you can channel AI and data into innovative uses that deliver measurable impact.
Secure AI agents connect, prepare, and automate your data workflows,
helping you gain insights, receive alerts, and act with ease through guided apps tailored to your role.
Data is hard. Domo is easy.
Learn more at ai.domo.com. That's ai.domo.com.