CyberWire Daily - Are North Korean hackers going 'Seoul' searching?
Episode Date: July 29, 2024South Korea investigates a substantial leak of military intelligence to the north. Google fixes a Workspace authentication weakness. Wiz identifies an API authentication vulnerability in Selenium Grid.... The UK’s Science Secretary warns Britain is highly vulnerable to cyber threats. Global shipping faces a surge in cyber attacks. Apple has resolved the iCloud Private Relay outage. Google Chrome offers to scan encrypted archives for malware. Barath Raghavan and Bruce Schneier examine the brittleness of modern IT infrastructure. Guest Brian Gumbel, President and COO at Dataminr, joins us to discuss the convergence of cyber-physical realms. Rick Howard previews his latest CSO Perspectives episode on the state of Zero Trust. Teaching AI crawlers some manners. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest Brian Gumbel, President and COO at Dataminr, joins us to discuss the convergence of cyber-physical realms. Cybersecurity is no longer just a matter of protecting data on servers or computers, a cyber-attack can have tangible, real-world consequences. CSO Perspectives This week on N2K Pro’s CSO Perspectives podcast, host and N2K CSO Rick Howard focuses on “The current state of zero trust.” Hear a bit about it from Rick and Dave. You can find the full episode here if you are an N2K Pro subscriber, otherwise check out an extended sample here. Selected Reading South Korea Reports Leak From Its Military Intelligence Command (New York Times) Crooks Bypassed Google’s Email Verification to Create Workspace Accounts, Access 3rd-Party Services (Krebs on Security) Selenium Grid Instances Exploited for Cryptomining (SecurityWeek) UK ‘desperately exposed’ to cyber-threats and pandemics, says minister | UK security and counter-terrorism (The Guardian) Cyber attacks on shipping rise amid geopolitical tensions (Financial Times) Apple Fixes iCloud Private Relay After Extended Outage (MacRumors) Chrome now asking for ZIP archive passwords to help detect malicious files (Cybernews) The CrowdStrike Outage and Market-Driven Brittleness (Lawfare) AI crawlers need to be more respectful (Read the Docs) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
You're listening to the Cyber Wire Network, powered by N2K.
Air Transat presents two friends traveling in Europe for the first time and feeling some pretty big emotions.
This coffee is so good. How do they make it so rich and tasty?
Those paintings we saw today weren't prints. They were the actual paintings.
I have never seen tomatoes like this.
How are they so red?
With flight deals starting at just $589,
it's time for you to see what Europe has to offer.
Don't worry.
You can handle it.
Visit airtransat.com for details.
Conditions apply.
AirTransat.
Travel moves us.
Hey, everybody.
Dave here.
Have you ever wondered where your personal information is lurking online?
Like many of you, I was concerned about my data being sold by data brokers.
So I decided to try Delete.me.
I have to say, Delete.me is a game changer.
Within days of signing up, they started removing my personal information from hundreds of data brokers.
I finally have peace of mind knowing my data privacy is protected.
Delete.me's team does all the work for you with detailed reports so you know exactly what's been done.
Take control of your data and keep your private life private by signing up for Delete.me.
Now at a special discount for our listeners.
private by signing up for Delete Me. Now at a special discount for our listeners,
today get 20% off your Delete Me plan when you go to joindeleteme.com slash n2k and use promo code n2k at checkout. The only way to get 20% off is to go to joindeleteme.com slash n2k and enter code
n2k at checkout. That's joindeleteme.com slash n2k code N2K at checkout. That's joindelete.me.com slash N2K, code N2K.
South Korea investigates a substantial leak of military intelligence to the north.
Google fixes a workspace authentication weakness,
while Wizz identifies an API authentication vulnerability in Selenium Grid.
The UK's science secretary warns Britain is highly vulnerable to cyber threats.
Global shipping faces a surge in cyber attacks.
Apple has resolved the iCloud private relay outage.
Google Chrome offers to scan encrypted archives for malware.
Bharat Raghavan and Bruce Schneier examine the brittleness of modern IT infrastructure.
Our guest is Brian Gumbel, president and COO at Dataminer,
joining us to discuss the convergence of cyber-physical realms. Rick Howard previews his
latest CSO Perspectives episode on the state of zero trust and teaching AI crawlers some manners.
It's Monday, July 29th, 2024.
I'm Dave Bittner, and this is your CyberWire Intel Briefing.
Thank you all for joining us here today.
It is great to have you with us.
South Korea is investigating a significant leak from its top military intelligence command.
Local media reports claim the leak resulted in a substantial amount of sensitive information, including personal data of agents abroad, falling into North Korean hands.
The military has vowed strict action against those responsible
but has not confirmed the media claims, pending further investigation.
A breach of agents' personal data could severely impair
South Korea's intelligence operations against the North.
This incident is reminiscent of a 2018 breach where an active
duty officer sold classified information to foreign agents. North and South Korea engage
in intense intelligence and counterintelligence activities. North Korea has increasingly used
hackers to infiltrate networks in the U.S., South Korea, and elsewhere, aiming to steal information
or cryptocurrency. Recently, the U.S., Britain, and South Korea warned of a global cyber espionage
campaign by North Korean hackers targeting military secrets to support its nuclear program.
Additionally, a North Korean military intelligence operative has been indicted by the U.S. for hacking American entities, with a $10 million reward offered for his capture.
Google has resolved an authentication weakness in its workspace account creation process that allowed attackers to bypass email verification.
bypass email verification. This vulnerability enabled cybercriminals to impersonate domain holders on third-party services using the sign-in-with-Google feature. A reader informed
Krebs on Security about receiving a notice regarding the creation of a potentially malicious
workspace account using their email. Google identified a small-scale abuse campaign
where attackers used a specially crafted request to circumvent email verification.
These attackers aimed to access third-party applications
rather than Google services directly.
Google fixed the issue within 72 hours of discovery
and implemented additional protections to prevent similar authentication bypasses.
Anu Yamunan, Google Workspace's Director of Abuse and Safety Protections, stated that
the malicious activity started in late June, involving a few thousand Workspace accounts.
The attackers used one email to sign in and a different one to verify a token, bypassing the domain validation
process. Google emphasized that no previously associated domains were affected. This issue
is separate from a recent problem involving cryptocurrency-based domain names compromised
during their transition to Squarespace. Selenium Grid, a widely used open-source testing framework for web
applications, allows users to simulate interactions across various browsers and environments.
According to Wiz, Selenium is found in 30% of cloud environments and has over 100 million
pulls on Docker Hub. The Selenium WebDriver API automates browser interactions,
but lacks default authentication,
making it vulnerable to cybercriminal abuse on Internet-exposed instances.
Wiz identified over 30,000 exposed instances susceptible to attacks,
leading Selenium Grid developers to warn users to secure their services.
In the Selenium Greed campaign, attackers exploited the WebDriver API to run Python
with a reverse shell, deploying scripts to mine Monero cryptocurrency.
This campaign, active for over a year, was first documented by Wiz.
Wiz shared their findings with Grey Noise,
which confirmed other mining campaigns also target exposed selenium grid instances.
WIS provided indicators of compromise and recommendations for defenders.
UK Science Secretary Peter Kyle has warned that Britain is highly vulnerable to cyber threats and future pandemics.
He criticized deep public spending cuts under previous governments for weakening national
resilience, particularly affecting the NHS and pandemic preparedness. Kyle, who assumed his role
three weeks ago, highlighted internal conflicts within the Tory party as a barrier to effective threat management.
Kyle's concerns prompted the introduction of a new Cybersecurity and Resilience Bill,
replacing the anticipated AI Bill.
The National Cybersecurity Center noted increasing threats to critical infrastructure,
emphasizing the urgency of the new bill to protect supply chains.
Despite progress, the UK remains behind in countering these threats.
Kyle also stressed the need to improve pandemic readiness,
citing the COVID inquiries report on the UK's flawed pandemic planning.
Additionally, financial constraints are impacting projects
and visa costs for overseas scientists, hindering research
progress. The shipping industry is experiencing a surge in cyberattacks driven by geopolitical
tensions and state-linked hackers targeting trade flows. Researchers at the Netherlands NHL
Stendon University of Applied Sciences reported at least 64 cyber incidents in 2023,
compared to three a decade earlier.
Over 80% of attacks since 2001 have originated from Russia, China, North Korea, or Iran.
Conflicts from Ukraine to the Middle East have highlighted the vulnerability of global shipping,
which transports over 80% of internationally traded goods. Conflicts from Ukraine to the Middle East have highlighted the vulnerability of global shipping,
which transports over 80% of internationally traded goods. The industry, traditionally focused on physical threats, is now facing significant online piracy risks.
Experts emphasize the sector's low IT investment and the increasing digitization of ships
as key factors making it susceptible to cyber attacks.
Notable incidents include the 2020 attack on Iran's Rajay port and the 2017 NotPetya malware attack.
Apple has resolved the iCloud private relay outage, restoring service after over 48 hours of disruption. The outage, which began early Thursday
and lasted until late Saturday, impacted web browsing for iCloud Plus subscribers. Apple
confirmed the issue on its system status page. iCloud Private Relay enhances privacy by encrypting
browsing data and routing it through two separate relay servers, one operated
by Apple and the other by a third party. Apple says users can now re-enable the feature for
continued privacy benefits. Cyber criminals increasingly use encrypted and password-protected
files to deliver malware, evading security defenses. Google Chrome now offers two new
protection mechanisms to counter this threat. When users with enhanced protection download a
suspicious encrypted archive, like a zip file, Chrome prompts for the password and uploads the
file and password to Google's safe browsing for a deep scan. According to Google, uploaded data is deleted after scanning
and only used to improve download protections.
For users with standard protection, a prompt will also appear,
but the file and password remain local with only metadata checked.
If malware is detected based on previous observations, users are still protected.
Google's analysis shows that deep scanning suspicious files significantly increases malware detection.
Enhanced protection users will now have all suspicious downloads automatically deep scanned to reduce user friction.
Users can opt out for trusted files by using the Download Anyway option to
maintain confidentiality. Chrome has also introduced more detailed warning messages
for suspicious and dangerous files. In an essay for Lawfare, Bharath Raghavan and Bruce Schneier
explore the massive internet outage caused by CrowdStrike, which disrupted airlines,
hospitals, banks, and other critical sectors, canceled nearly 7,000 flights, and affected over
8.5 million Windows computers. Raghavan and Schneier argue that this brittleness extends
beyond technology, permeating food, electricity, finance, and transportation sectors,
often due to globalization and consolidation.
They emphasize that in IT, numerous small companies play essential roles, and market incentives drive them to minimize costs, sacrificing redundancy and careful planning.
The CrowdStrike failure exemplifies this, where a buggy software update
led to global disruptions, exposing the risks of deep interdependencies and hidden vulnerabilities.
The authors advocate for a shift in market incentives and regulatory approaches to foster
resilience. They suggest that systems should be designed to handle failures, akin to ecological systems with deep
complexity. They highlight Netflix's Chaos Monkey tool as an example of building resilience through
intentional failures, despite being perceived as costly and inefficient in the short term.
Raghavan and Schneier recommend regulations that focus on the processes of failure testing rather than
specific checklists. They argue for embracing inefficiencies to construct robust systems,
proposing continuous breaking and fixing as a method to achieve reliability and resilience.
The essay concludes that to counter the trend of maximizing short-term profits,
the economic incentives must shift
toward building less brittle, more resilient systems.
Coming up after the break,
my conversation with Brian Gumbel,
president and COO at Dataminer,
discussing the convergence of cyber-physical
realms. Plus, Rick Howard previews his latest CSO perspectives on the state of zero trust.
Stay with us.
Do you know the status of your compliance controls right now?
Like, right now.
We know that real-time visibility is critical for security, but when it comes to our GRC programs, we rely on point-in-time checks.
But get this.
More than 8,000 companies like Atlassian and Quora have continuous
visibility into their controls with Vanta. Here's the gist. Vanta brings automation to
evidence collection across 30 frameworks like SOC 2 and ISO 27001. They also centralize key
workflows like policies, access reviews, and reporting,
and helps you get security questionnaires done five times faster with AI.
Now that's a new way to GRC.
Get $1,000 off Vanta when you go to vanta.com slash cyber.
That's vanta.com slash cyber for $1,000 off. And now, a message from Black Cloak.
Did you know the easiest way for cyber criminals to bypass your company's defenses
is by targeting your executives and their families at home. Black
Cloak's award-winning digital executive protection platform secures their personal devices, home
networks, and connected lives. Because when executives are compromised at home, your company
is at risk. In fact, over one-third of new members discover they've already been breached. Protect your executives and their families 24-7, 365 with Black Cloak.
Learn more at blackcloak.io.
Brian Gumbel is president and COO at Dataminer, and I recently caught up with him to discuss the convergence of cyber-physical realms.
I think that the convergence of cyber and physical systems has definitely ushered in a new era where cyber attacks can have real-world implications on critical infrastructure.
implications on critical infrastructure.
We look at power grids to healthcare systems.
This evolving landscape basically underscores the need for innovative solutions that bridge the gap
between digital and physical realms and bring the
CSO together with the CISO.
And now you enter in AI, which is a
game-changing technology that
offers fast, scalable, and
comprehensive protection for
all interconnected
systems. So I think we find ourselves
at a crux right now.
And whether or not within an
organization you have
clear differentiation between
the CSO's responsibility
or the CISO's responsibility
and budget, you're seeing these
teams working together in concert to make true impact, to make sure that there is this convergence
and one single view of how they can protect their organization to the best of their abilities.
Can you give us some insights on organizations who are successful at this?
Are there common elements that they share when, as you say, the various stakeholders here are collaborating?
Sure. I think there's different verticals that are doing it better. In my experience over the years, the forefront of any type of technology adoption or movement has typically been the financial sector.
And the financial sector typically are the early adopters and also, I would say, companies within the Fortune 500 or that scale and size.
They're the ones that have more resources.
They have more headcount. They're the ones that have more resources. They have more headcount.
They're the ones that are sometimes more collaborative,
more budget, and they take chances.
And I've seen a lot of convergence
and types of convergence stories happen in the past
where the banking community
are definitely at the forefront of that.
And do we see these sorts of things then trickle down to the smaller organizations?
Does it become more affordable for organizations to take on these sort of strategies?
Yes, of course.
I think over time, you'll see the smaller organizations
starting to adopt some of the best practices that larger companies are currently
doing. And you'll also see that happening in government. Sometimes government isn't at the
forefront, but they have the same problems as the larger enterprise customers. And I believe that
you'll see this type of adoption as well. So for the organizations who are looking to come at this problem to kind of get the best bang for their buck, can you give us an idea of the spectrum of tools that are available to them out there on the market today? is in today. And imagine if you were a CISO yourself and navigating treacherous waters of
cybersecurity threats with the entire weight of your organization on your shoulders, including
the board. And the challenge just isn't about spotting threats. It's about understanding the
big picture, the context, and the evolving nature of these threats in real time. And that's where
there's opportunities for game-changing value of comprehensive threat intelligence. And that's
what comes into play into my mind that helps organizations. And for the CISO, there are
ways in which they can access a consolidated view of threats.
And this is basically a powerful ally right by their side.
It provides them with the insights needed to grasp the full scope of a threat swiftly, as well as effectively, and empowering them to make informed decisions
that ultimately can safeguard their organizational assets.
There are technologies out there.
Data Miner has one in which is called Regenerative AI.
And this works in concert with generative AI capabilities.
And what's important to note is that picture a tool
that not only can track threats,
but also compiles a detailed story around each threat,
presenting all the critical information
in one convenient place.
And this type of powerhouse tool
enables incident response teams
to follow the entire lifecycle
of a ransomware threat, for example,
from inception to resolution
to how it's evolving around the world and being
able to boost their ability to respond with precision and agility. So I'll say in a world
where cybersecurity threats are constantly evolving and becoming more sophisticated,
having a tool like regenerative AI or regen AI, for short, at their disposal,
can make all the difference for CISOs.
And it can empower them to stay ahead of the game
and protect their organization from the ever-shifting landscape of cyber threats.
Help me understand, I mean, the role that you see AI taking in this sort of thing here.
I mean, is this a matter of, I guess I'm wondering how
much of it is under the hood and out of view to the user doing things behind the scenes and how
much is, you know, upfront combining data, you know, consolidating things, summarizing things.
Is it a combination of both or where do you see things headed?
I do believe it's a combination of both. But, you know, I've been in the cyber industry for
the last 20 years, and never before have we seen so brazen and out in the open the risk of cyber
threats and cyber attacks being performed outright by nation-states and other affiliated organizations.
And specifically in this ever-expanding realm of cybersecurity,
the challenges posed by cyber criminals are just becoming increasingly sophisticated and totally relentless.
And one key solution that can help all of us stay ahead of this ongoing cyber
arms race is AI. And allowing AI, putting this into our defense systems. And AI-driven solutions
offer a multitude of benefits, including proactive defense mechanisms and dynamic
threat detection capabilities. And by leveraging AI, organizations can truly bolster their defenses
and enhance the ability to respond to threats in real time.
Because as the adversaries are becoming smarter,
and they're starting to think about ways to utilize AI
to launch ransomware attacks or phishing campaigns
or pushing out fraud,
we need to stay one step ahead of them.
So the importance of AI really cannot be understated.
Do you have any thoughts on how folks can best
sort of separate the hype around AI
from the reality of the tools
that are really ready to be deployed?
There's always going to be hype around a newer technology.
You know, we think back recently,
well, maybe eight, 10 years ago,
when cloud was first starting to come out,
there was a lot of organizations
that were not comfortable in moving towards the cloud.
And now look at where we are.
You know, AI is kind of going through
the same sort of evolution.
And I do not believe...
Look, there might be some hype, but it's the
reality. And those who
aren't building technologies
with AI as their
backbone and platform are going to
be in a real... will have a real problem
being
able to compete and being
able to ultimately sell to customers. And if you're on the
customer side, if you're not adopting technologies that have AI capabilities, you're not going to be
able to stay in front of the adversaries. What are your recommendations for folks who
want to get started down this path, who are looking to integrate these sorts of tools into their
security operations? There's a lot of great companies out there. I think it's very important
to attend a lot of the trade shows that are going on. Ask your fellow cohorts and even companies. I love the FS ISACs and the retail ISACs that are happening.
This is a great way to share what is common
and what things are being seen from a customer perspective.
And also, you get sometimes competitors in a room
that are also helping each other out
and making sure that they are secure.
So I think if you are a practitioner,
it's best to get out there and network
and understand what similar companies are doing
in your space to help you protect your environment.
That's Brian Gumbel, President and COO at Dataminer.
It is always my pleasure to welcome back to the show the CyberWire's Chief Security Officer and Chief Analyst, Rick Howard.
Rick, good to see you.
Hey, Dave.
CyberWire's Chief Security Officer and Chief Analyst, Rick Howard. Rick, good to see you.
Hey, Dave.
So on this week's CSO Perspectives podcast, you are tackling zero trust. Now, it seems like a recurring theme between you and me here when we do these segments together about topics going
through the hype cycle. And I would say that zero trust is probably in my top five of things that went through the hype cycle but have kind of settled into genuine usefulness.
Well, I love that you said that, Dave, because it's true.
I like to throw everything through the lens of the Gartner hype cycle, right?
And for the uninitiated listeners, you know, it starts with this great idea that we all get very excited about.
And then it rises to the peak of inflated expectations is how Gartner defines it, right?
Right.
Right. And then after a while, we all realize, okay, that, oh my goodness, this thing is not
as good as we thought it was in practicality. And it starts to dive vertically down to the
trough of disillusionment. And we've been in that phase of zero trust for
about four or five years, I would say. But like you said, okay, it is starting to climb out
and the solutions around what you might buy or what you might do have started to become very
practical. So we're starting to rise out of that now. And that's a good point or a good time to talk about the state of
zero trust as we see it today. Is it fair to say that a good part of this traction comes from
the federal government kind of being all in with zero trust? Well, I think it's one of the
indicators that we're rising out. It's called the slope of enlightenment in the Gartner cycle,
which I love that name. But the government getting behind zero trust is one of the indicators that it is an accepted idea,
and people are trying to pursue it.
So it's one of the reasons.
Well, give us a little preview here of what you're covering in your latest CSO Perspectives podcast.
Well, much to my excitement, okay, I ran into John Kindervog at one of the security conferences this past year.
And he is the father of the idea.
He wrote the original white paper back in 2010.
He and I have been friends for a long time.
And he and I even worked together at Palo Alto Networks.
Right when Zero Trust, the idea, was kind of careening down the trough of disillusionment, right?
So we spent many hours together trying to talk to customers about just give it some time.
It's still a pretty good idea.
And he came up with this way to describe Zero Trust that I thought was very interesting.
Because, you know, Dave, most people get confused.
He said, how can you run a network with zero trust? That kind of defeats the purpose.
You have to trust somebody. I'm sure you've thought about that before, right?
Right, sure. Right.
So, he talks about it in terms of uncertainty, okay? And it's not that we don't trust anything,
but like when you initially approach the N2K networks, we don't trust you at all, Dave. Okay,
just I hate to tell that to you, right?
We are sure that you're a bad guy until we can do some things like validate who your identity is and validate what you're allowed to get access to and make sure that you can only get to those
things. And as we do that, the certainty about how much of a bad guy you are starts to go down
and we get it down to an acceptable level where we're going to actually let you do things.
And that's John's explanation of that in the episode.
And it was really, it really hit home for me.
Yeah.
All right.
Well, it is CSO Perspectives right here on the N2K Cyber Wire Network or wherever you get your favorite podcasts.
Rick Howard, thanks so much for joining us.
Thanks, Dave.
Cyber threats are evolving every second, and staying ahead is more than just a challenge.
It's a necessity.
That's why we're thrilled to partner with ThreatLocker, a cybersecurity solution trusted by businesses worldwide.
ThreatLocker is a full suite of solutions designed to give you total control,
stopping unauthorized applications, securing sensitive data, and ensuring your organization runs smoothly and securely.
Visit ThreatLocker.com today to see how a default-deny approach can keep your company safe and compliant.
And finally, Read the Docs is a company that helps organize and automate documentation for various online projects. In a blog post, co-founder Eric Hulscher highlights the increasing abuse of AI crawlers.
AI products have aggressively crawled sites without respecting bandwidth limits,
leading to substantial costs and disruptions.
Notably, one crawler downloaded 73 terabytes of data in May 2024,
costing Read the Docs over $5,000 in bandwidth,
while another consumed 10 terabytes in June.
These incidents underscore the need for AI companies to respect the sites they crawl.
Hulscher calls for better crawler practices,
such as rate limiting and support for e-tags
and last modified headers.
To mitigate the issue,
Read the Docs has blocked AI crawlers identified by Cloudflare
and is improving monitoring and caching.
Hulscher urges AI companies to collaborate on more respectful crawling practices to prevent
further issues. It's easy to forget that bandwidth ain't always free, and chewing through thousands
of dollars worth of data at the expense of a modest open-source organization isn't just
irresponsible, it's downright rude.
And that's the Cyber Wire. For links to all of today's stories, check out our daily briefing
at thecyberwire.com. Don't forget to check out the Grumpy Old Geeks podcast where I contribute to a regular segment on Jason and Brian's show every week.
You can find Grumpy Old Geeks where all the fine podcasts are listed.
We'd love to know what you think of this podcast.
Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity.
If you like our show, please share a rating and review in your favorite podcast app.
Please also fill out the survey in the show notes or send an email to cyberwire at n2k.com.
We're privileged that N2K Cyber Wire is part of the daily routine of the most influential leaders
and operators in the public and private sector, from the Fortune 500 to many of the world's
preeminent intelligence and law enforcement agencies.
N2K makes it easy for companies to optimize your biggest investment, your people.
We make you smarter about your teams while making your teams smarter.
Learn how at n2k.com.
This episode was produced by Liz Stokes.
Our mixer is Trey Hester, with original music and sound design by Elliot Peltzman. Our executive producer is Jennifer Iben. Our executive see you back here tomorrow. Thank you. where Domo's AI and data products platform comes in. With Domo, you can channel AI and data into innovative uses that deliver measurable impact.
Secure AI agents connect, prepare, and automate your data workflows,
helping you gain insights, receive alerts, and act with ease through guided apps tailored to your role.
Data is hard. Domo is easy.
Learn more at ai.domo.com. That's ai.domo.com.