CyberWire Daily - BlackCat follows Cl0p to GoAnywhere. Mirai gets an upgrade. Deterring cyber war. Homeland Secrity’s cyber priorities. Action against DPRK cryptocrooks. What KillNet’s up to.
Episode Date: April 25, 2023BlackCat (ALPHV) follows Cl0p, exploiting the GoAnywhere MFA vulnerability. The Mirai botnet exploits a vulnerability disclosed at Pwn2Own. An RSAC presentation describes US response to Russian prewar... and wartime cyber operations. The US Department of Homeland Security outlines cyber priorities. Andrea Little Limbago from Interos shares insights from her RSAC 2023 panels. US indicts, sanctions DPRK operators in crypto-laundering campaign. Our guest is Marc van Zadelhoff, CEO of Devo, with insights from the conference. And the latest on KillNet. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/79 Selected reading. BlackCat Ransomware Group Exploits GoAnywhere Vulnerability (At-Bay) Zero Day Initiative — TP-Link WAN-side Vulnerability CVE-2023-1389 Added to the Mirai Botnet Arsenal (Zero Day Initiative) Years after discovery of SolarWinds breach, Russian hackers could be struggling (Washington Post) U.S. deploys more cyber forces abroad to help fight hackers (Reuters) DHS Outlines Cyber Priorities in Release of Delayed Review (Nextgov.com) US sanctions supporters of North Korean hackers, Iranian cyberspace head (Record) North Korean Foreign Trade Bank Rep Charged for Role in Two Crypto Laundering Conspiracies (Department of Justice. U.S. Attorney's Office District of Columbia) Treasury Targets Actors Facilitating Illicit DPRK Financial Activity in Support of Weapons Programs (U.S. Department of the Treasury) Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
You're listening to the Cyber Wire Network, powered by N2K.
Air Transat presents two friends traveling in Europe for the first time and feeling some pretty big emotions.
This coffee is so good. How do they make it so rich and tasty?
Those paintings we saw today weren't prints. They were the actual paintings.
I have never seen tomatoes like this.
How are they so red?
With flight deals starting at just $589,
it's time for you to see what Europe has to offer.
Don't worry.
You can handle it.
Visit airtransat.com for details.
Conditions apply.
AirTransat.
Travel moves us.
Hey, everybody.
Dave here.
Have you ever wondered where your personal information is lurking online?
Like many of you, I was concerned about my data being sold by data brokers.
So I decided to try Delete.me.
I have to say, Delete.me is a game changer.
Within days of signing up, they started removing my personal information from hundreds of data brokers.
I finally have peace of mind knowing my data privacy is protected.
Delete.me's team does all the work for you with detailed reports so you know exactly what's been done.
Take control of your data and keep your private life private by signing up for Delete.me.
Now at a special discount for our listeners.
private by signing up for Delete Me. Now at a special discount for our listeners,
today get 20% off your Delete Me plan when you go to joindeleteme.com slash n2k and use promo code n2k at checkout. The only way to get 20% off is to go to joindeleteme.com slash n2k and enter code
n2k at checkout. That's joindeleteme.com slash N2K, code N2K.
Black Cat follows Klopp exploiting the go-anywhere MFA vulnerability.
The Mirai botnet exploits a vulnerability disclosed at Pwn2Own.
An RSAC presentation describes the U.S. response to Russian pre-war and wartime cyber operations.
U.S. Department of Homeland Security outlines cyber priorities.
Andrea Little-Limbago from Interos shares insights from her RSA panels.
Andrea Little-Limbago from Interos shares insights from her RSA panels.
The U.S. indicts and sanctions DPRK operators in a crypto laundering campaign. My guest is Mark Van Zadelhoff, CEO of Devo, with insights from the conference and the latest on Killnet.
From the RSA Conference in San Francisco, I'm Dave Bittner with your CyberWire security briefing for Thursday, April 20th, 2023.
At Bay reported this morning that Klopp is now seconded by Black Cat in using the go-anywhere MFT exploit, CVE-2023-0669.
The researchers write,
The vulnerability is a good example of how cybercriminals
don't just go after the most
prevalent or publicly known CVE disclosures. The most important indicator of risk isn't just the
score that's given to the vulnerability, but how easily it can be exploited by cyber criminals in
the wild at scale to achieve a desired outcome. Forta released a patch to remedy this vulnerability in February of this year, and all users are recommended to install the patch.
As well, AtBay urges organizations using the affected GoAnywhere MFT versions to immediately follow the mitigation methods recommended by Forta.
BlackCat seems increasingly active, as AtBay reports.
Black Cat seems increasingly active, as AtBay reports.
According to AtBay's claims data, which includes any confirmed attacks against its 30,000-plus policyholders,
the Black Cat group was responsible for 9.8% of ransomware claims in 2022,
making it the third most successful ransomware group last year.
This year is trending similarly, with 13.5% of ransomware claims in the first three months of 2023 coming from Black Cat. Despite being a relative newcomer, Black Cat is also
the third most active ransomware group so far this year following Royal and Lockbit.
The Zero Day Initiative announced discovery of new activity using a zero-day exploit that surfaced during last month's Pwn2Own event.
event, where it was used by Team Vital in their LAN-side entry against the TP-Link devices and by Curious Security in their WAN-side entry. The report continues, TP-Link released a firmware
update in March that fixed some security issues, including this and other CVEs. It was after this
fix was made public that exploit attempts using this CVE were detected in the wild.
The zero-day is now being used by the Mirai botnet.
The zero-day initiative began seeing the exploit in the wild on April 11th.
Mirai botnet was using the exploit to make an HTTP request to the Mirai C2 servers
to download and execute a series of binary payloads.
Seeing this CVE being exploited so quickly after the patch being released
is a clear demonstration of the decreasing time-to-exploit speed
that we continue to see across the industry.
The researchers recommend that users apply TP-Link's patch,
which is the only effective defense against the exploit.
A joint presentation by CISA and Cyber Command's Cyber National Mission Force
described interagency, international, and public-private cooperation
as vital to the blunting of Russian cyber operations.
The case study they presented at RSAC yesterday
focused on the response to the SVR's Solara Gate intrusion into SolarWinds
and the threat that posed to government networks. That incident occurred in 2021 and so predates
Russia's invasion of Ukraine, but it arguably represented battle space preparation. And in any
case, the Allied response has continued to blunt the effectiveness of Russian cyber operations
in the present war as well. The Washington Post summarizes some of the presentation's lessons
and also describes the ways in which a deeply compromised Russian intelligence establishment
has been unable to operate effectively against Western targets. Apply the usual cautions with
respect to overconfidence. As Captain Solo once said, don't get cocky, kids.
The Department of Homeland Security is assessing its cyber priorities
in the department's recently released Quadrennial Homeland Security Review.
NextGov reports that the review warns of more complex threats
that may target many industries and sectors.
The review emphasizes deterrence of cyberattacks against critical infrastructure that the review warns of more complex threats that may target many industries and sectors.
The review emphasizes deterrence of cyberattacks against critical infrastructure and does so in the context of public-private collaboration
and the development of a pool of highly skilled cyberworkers.
The review discusses mitigation of active cyberthreats
with focus on the work of the Cybersecurity and Infrastructure Security Agency.
The review also outlined steps that governmental agencies have taken to strengthen the nation's
cyber resilience. The review also highlighted ongoing international collaboration to secure
critical infrastructure and fight adversarial cyber attacks.
The U.S. Justice Department has announced the indictment of Sim Hyun-sop,
a representative of North Korea's foreign trade bank, on two conspiracy counts. Mr. Sim allegedly
conspired to launder cryptocurrency as part of an effort to evade sanctions on Pyongyang.
The sanctions in question are intended to impede the development of North Korea's ballistic missiles,
weapons production, and research and development programs.
In a separate but related action, the U.S. Department of the Treasury has sanctioned Mr. Sim
and the two over-the-counter currency traders he worked with
for their illegal support of North Korea's weapons programs.
Undersecretary of the Treasury for Terrorism and Financial
Intelligence Brian Nelson said, the DPRK's use of illicit facilitation networks to access the
international financial system and generate revenue using virtual currency for the regime's
unlawful weapons of mass destruction and ballistic missile programs directly threatens international
security.
The United States and our partners are committed to safeguarding the international financial system and preventing its use in the DPRK's destabilizing activities, especially in light of the DPRK's
three launches of intercontinental ballistic missiles this year alone.
Treasury emphasizes that it acted in close cooperation with South Korean authorities.
And finally, to return to Russia's war against Ukraine and the rest of the civilized world,
what are the cyber auxiliaries of Killnet up to lately? In addition to creating its own virtual
community college, Killnet has been advertising various malign tools.
Specifically, the hacktivist auxiliary announced on the 16th of April
that it had partnered with operators of Titan Stealer,
an accomplice in the nuisance attack against NATO school Ober-Amergau.
Titan Stealer is billed as a universal instrument
for those who possess professional knowledge in their field as well as amateurs.
Uptix reported in January that the Stealer is capable of stealing a variety of information from infected Windows machines,
including credential data from browsers and crypto wallets, FTP client details, screenshots, system information, and grabbed files.
details, screenshots, system information, and grabbed files.
Killnet has also announced on Anonymous Russia's Telegram page that they're creating a new DDoS service called TeslaBot.
TeslaBot is a distributed denial-of-service toolkit
offered in three different flavors and prices.
For $25, you get Basic, which includes 10 bots.
Pro, at $75, comes with 30 bots.
And the pricier Rare offers 50 bots.
TeslaBot is presently in pre-sale and will be available for general purpose on April 28th.
Get the bots while they're hot, we guess, or not.
Coming up after the break,
Andrea Little-Limbago from Interos shares insights from her
RSAC 2023 panels.
My guest is Mark Van Zadelhoff,
CEO of Devo,
with insights from the show.
Stick around.
Do you know the status of your compliance controls right now?
Like, right now.
We know that real-time visibility is critical for security, but when it comes to our GRC programs, we rely on point-in-time checks.
But get this.
More than 8,000 companies, like Atlassian and Quora, have continuous visibility into their controls with Vanta.
Here's the gist. Vanta brings automation
to evidence collection across 30 frameworks, like SOC 2 and ISO 27001. They also centralize
key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done five times faster with AI. Now that's a new way to GRC.
Get $1,000 off Vanta when you go to vanta.com slash cyber. That's vanta.com slash cyber for $1,000 off.
And now, a message from Black Cloak.
Did you know the easiest way for cybercriminals to bypass your company's defenses is by targeting your executives and their families at home?
Black Cloak's award-winning digital executive protection platform
secures their personal devices, home networks, and connected lives.
Because when executives are compromised at home, your company is at risk.
In fact, over one-third of new members discover they've already been breached.
Protect your executives and their families 24-7, 365, with Black Cloak.
Learn more at blackcloak.io.
Mark Van Zadelhoff is CEO of Devo, and he stopped by for a conversation on insights from the conference, what he's looking forward to, and where he thinks we're going. Here's Mark Van Zadelhoff.
forward to and where he thinks we're going. Here's Mark Van Zettelhoff.
So here we are. We find ourselves at the RSA Conference 2023 back again.
Yeah. And I'm really interested in your insights as we come into this year's show.
Where do you think we find ourselves as an industry? What's the lay of the land as you describe it at this point in time well geez i've
been coming here since 2008 uh probably not every year but most of them and in a way maybe i'm a
little cynical in that i think a lot of things have changed and then a lot of things are the
same you know i no longer get enthralled by oh there was another hacker or a security company
missed their earnings report.
Someone just mentioned that Tenable announced their earnings
and stock went down or whatever.
So some of this stuff, yeah, it's been happening forever.
But it's happening on different surfaces.
You know, when I first got here,
I was shipping CD-ROMs with C++ code.
Years later, appliances with Java code,
and now we're in the cloud.
And so I think attacks are following that same pattern, right?
I'm serving as a service, and attacks are happening as a service.
Attacks are happening from the cloud to the cloud, leveraging AI.
So I think it's more similar themes, but on different surfaces as the world is modernized.
Do you think as an industry, we've been on a path of increased professionalization
over the past decade or so? I think so. I mean, I definitely think that when I first started coming
here, the CISO was a pretty much an ornery person stuck in the basement of the building, dreaming
of having some time with the board of directors. And now, you know, we, I'm not a CISO, but we as
an industry, we're in front of the board.
We have our moment.
We have headlines and attention and slots at board meetings.
And I sometimes wonder, are we doing the right things with them?
We also have public attention from governments, right?
So I would say our moment has arrived versus 2008 when I started in this business.
You know, we would say lots of things and it felt like you were yelling into the wind. As the CEO of a company, what is the value proposition for
you to be at a show like this? How do you choose how you're going to divvy up your time?
I think as a CEO, you try and leverage the title insofar as it's worth something to give your
company exposure. So I just did a nice panel at one of the banking conferences where I think, you know, that just gives us good visibility to an audience that's important to us that I don't spend a lot of time on because I'm not public.
The banking community is an important one to kind of start to warm up.
And then I spend a lot of time with customers and partners.
And ideally towards the end of the evening with my team members in a bar having a beer. Fair enough. There's nothing like being face-to-face, right?
Exactly. Well, you said it in this current climate, you know, that's a luxury that we
cannot take for granted is actually seeing each other. Do you sense that there are any
specific themes this year? Yeah, I think certainly AI is obviously chat GPT
and AI is a big theme.
And I think one that you're going to see
on the show floor is leveraging that
in product announcements.
You know, we now, in fact,
my friend Christopher Allberg at Recorded Future
did a really nice announcement pre the show
on how they're leveraging chat GPT-like technology.
I don't know exactly what it's using
to offer a very neat experience
within their suite of solutions.
So I think you'll see more of that happening here.
And what I also find interesting is discussion yesterday
in a couple of meetings I was in
on how do we secure AI?
How do we make sure that corpus of data
doesn't get hacked and abused?
Because if you can hack and abuse someone's corpus of data
that's being leveraged to make these decisions
that we just take for granted, ask the computer a question,
now you get a brilliant answer.
But what if that's polluted data?
What if that data is designed to make you think
there isn't an attack coming from a certain set of IP addresses
and you base your decision on that, check,
and suddenly you realize that corpus was polluted.
So there's discussion of how do you secure AI as well.
I was chatting with our chief security officer,
Rick Howard, earlier,
and we were talking about the possibility
of chat GPT being a hot topic here.
And we were wondering,
are there going to be companies who say,
we're now chat GPT enabled?
And then the other ones who say,
we protect you from things that are chat GPT enabled, right?
It's rare you see something
that has that spectrum of thought about it.
Yeah, but in a way, and it's different,
but back to my opening answer to your question,
it's just another surface, right?
So, you know, we used to have the same conversations
when mobile devices were introduced.
Can we enhance security with mobile devices, an app that allows you to access data and information about your environment?
Or will the mobile devices get hacked?
Will the cloud make you more secure or will the cloud get hacked?
So it's just a different surface.
And this AI generation will just be another surface of leverage
and attack. I think that's a really
powerful insight.
Before I let you go, I would be
remiss if I did not mention your podcast
which is Cyber CEOs Decoded.
Rumor has it that you are
gearing up for your second season there.
Anything we can look
forward to? Any previews for us? Well, it was a
rough negotiation, but we signed up for a second season and I'm super delighted. Yeah, we've had
so much fun on that podcast and I want to thank the Cyber Wire for your support. You know, the
whole premise of that is that being a CEO, they say, is a lonely job. And I would say at times
that's for sure true. So why not get some pals on a podcast and demystify and decode
what it's like to be a CEO?
So I've had a really fun opportunities.
I think we did eight episodes
with a myriad of different CEOs
talking about pivotal points
in their company's development
and decisions they made.
And I learned from it.
And I think the audience
hopefully took a bunch of things away too.
So yeah, season two.
And I was able to secure at RSA the first two speakers already. So I've been a good of things away too. So yeah, season two, and I was able to secure at RSA
the first two speakers already.
So I've been a good use of my time.
The thing I particularly enjoy about your show
is how intimate it is.
That these are trusted relationships
that you have with the people you're talking with.
So I think as a listener,
the value we get out of it is that
I think your guests are much more open and candid
than they might be with
someone they're a stranger with. Yeah. No, it's, you know, it's designed to be a bit of a
confessional setting and, but, but safe in terms of, you know, CEOs can't talk about everything,
but I think we should talk about more than we think we can. And so I try and set the,
the tone so that we try and open up about things that really are difficult
because if we're not talking about that,
then we're not going to solve them.
Yeah.
All right.
Well,
thank you so much for taking the time today and hope you have a good rest of
the week.
Awesome to see you.
Our thanks to Mark Van Zettelhoff from Devo for joining us. And it is always a pleasure to welcome back to the show
Andrea Little-Limbago.
She is a Senior Vice President in Charge of Research at Interos.
Andrea, it's great to see you.
Great to see you again.
Love being in person.
I know.
It's such a treat, isn't it?
It is a very, like all too rare treat.
Yes, yes.
I think we appreciate it much more than we did in years past.
Absolutely.
So you are quite busy here at the RSA Conference this year.
There's a couple of, well, you just wrapped up a panel as we record this,
and you have another one later in the week.
Let's go through those.
What are the conversations
that you're part of?
Yeah, no, thanks.
And there's even one
different one yesterday,
a pre-RSA event
because that's to really optimize
the entire week.
Right.
So I can kind of tie all of those
in together.
Okay.
What we just discussed
a couple of minutes ago
was with Edna Conway
and Aaron Joe from Andy.
And so brought together luminaries in the industry
to talk about what this new normal is
and how to prepare for operational resilience
in the new normal.
And so setting the stage,
I have a political science,
international relations background.
So I always look at things as far as international systems
and how they're shifting.
And I look at 2020 as a really big inflection point
where the world before and the world after are very, very different.
There are some trends that got us to that point
that still continue and persist, but they're really accelerated.
And 2020 is the marker because of COVID or?
The pandemic really shook things
and then accelerated some of the other trends.
And so, for example, on geopolitics and trade
sanctions, those had started prior to
COVID.
From 2020 on, not directly linked
to COVID, but some tangential
components. We also saw exacerbation
of geopolitical tensions, of
geoeconomic statecraft. COVID
really drove home the supply chain risk.
And so, while that was
more in the PPE, if we remember that, and some of the different concentrations risks, supply chain risk. And so while that was more in the PPE,
if we remember that,
and some of the different concentrations risks,
supply chain really started to elevate across the board and into cybersecurity as well.
Because when we had Silver Winds,
we've had the Log4J,
we just keep seeing the steady drumbeat
of what used to be considered black swan events
occurring much more naturally,
or much more frequently.
And so we kind of set the stage
for what that new normal is,
and you're tying on top of that
climate change as well,
which does have a cybersecurity risk component to it,
especially if you think about data centers.
Really bringing in all these range of disruptions
that are going on
that are going to be part of this new normal
on top of the transformation
that's underway for globalization.
And that's the geopolitical aspect of it,
where we are seeing the segmentation of the globe into different kinds of trade flows,
technology spheres, all of that is, we're still very nascent in it, but that's really where we're
seeing that all of that accelerating, kicking off really in 2020. And so how do you, as an
organization, prepare operational resilience in this world where we're seeing supply chain shift,
where we're seeing technologies that perhaps were embedded in your supply chain stack that you now
have to remove due to sanctions? How do you deal with concentration risks in potentially
adversarial countries? And then on top of that, the whole range of supply chain attacks themselves,
which have increased 600% over the last year. We keep seeing more and more reports coming out of the newest supply chain attack.
It's really an increasingly common attack vector
replacing malware and data compromise over the last year.
And so how do you build operational resilience?
And given that somewhat bleak overview
about this world that we're entering.
What did this panel conclude?
Were there conclusions made?
There were.
And on the one hand,
we don't want to be Pollyannish about it
and ignore these disruptions that are going on,
but we can build operational resilience by
understanding that these shifts are underway.
And one of the key things that was focused on was
looking at it as a we problem,
not as a me problem. And so looking
at how can companies both
work internally,
transform how they're organized
to make sure there's the proper information sharing going on,
and how can they then work with their supply chains,
with the government,
with all the extended partner ecosystem
to together raise all boats
to help build operational resilience.
So that was, honestly, I think one of the highest takeaways
because I think we still look at it
from our own solid perspective,
and we do need to branch out and think about
how can we work together in innovative ways
to prepare for this?
Because the adversaries are,
and that was a point Erin Jo made,
she works at Manion, bought by Google,
just how much adversaries are working together,
the APT groups working together,
that on the defensive side,
we need to be doing the same thing,
working together as much, if not more.
And so we talked about that a bit, talked about really shifting our mindset and our framework
for how we think about information sharing. And that goes on both sides. For the private sector
often views, well, we sure got information with the government and we don't know what happens
with it. It's a one-way street. So making sure that's more of a mutual benefit for everyone.
And then on the government side,
really trying to help incentivize private sector to come forth with information
that they may uniquely have that no one else has.
Is there any sense for who is best positioned
to lead this charge?
Is this, we have the ISACs,
we have the federal government could do something.
Was there any discussion there?
That's a challenge.
So there's, it almost, in some regards,
the government can help set the stage,
but the government isn't going to be the one
determining how private sector works
across their supply chain, for instance,
and getting some of that information.
They can help provide some frameworks for it,
and that's, I think, exactly where they can do what's best.
But one of the core components
was really building trust.
I think what an interesting component was
that we ended on was
you run an RSA,
so there's RSA, buzzword bingo,
and zero trust.
Right.
It's certainly at the top of all of them.
Sure.
So how do you build trust
that is needed
for collective resilience and collaboration
when all we're hearing is
it should be zero trust
and don't trust anyone?
Interesting.
And so looking at that,
what might seem like orthogonal to one another,
thinking about zero trust as a technological framework
and how to leverage technologies
to overview access controls and so forth,
it's a technology solution
where trust is the human element of it.
And so building that trust amongst humans
that often gets forgotten.
We've talked about that on the show.
Really looking at how can you build
more trusting relations across your supply chain,
across private sector, public sector,
especially in an era when that trust
is going to be essential to help raise
all boats for higher security.
Well, in the time we have left here,
can you give us a preview
of what you've got going on later in the week?
Sure.
And then a fairly big switch on topics,
looking at what the liability
and who might be accountable
for breach liability going forward.
And just looking at where does the buck stop?
Who's accountable for breaches?
Is it the CISO?
Is it the CEO?
Is it the board?
And this sort of stemmed from,
we saw CISO go to jail
for different aspects of data breaching.
It's not necessarily as straightforward.
It was more so the handling of the data breach.
We saw that several months ago.
And that really sent a chill
throughout the CISO community
for what needs to be done
to not have that happen.
Are there steps that CISOs can take
to make sure that they can protect themselves?
But then also, where is the law going?
And so we've got a panel of legal experts
and CISOs together
to kind of provide perspective on
what can be done to protect yourself
to make sure you're not in that situation.
But then also, where is the law going?
And where is it going to be focusing on
when a data breach happens?
Who's going to be held accountable?
Are we going to see more of that?
Or is it one of those things that was,
you know, are we going to see just a couple cases
here and there trying to make an example?
And so really talking about where the broader trend is
because it's a hot topic a few months ago.
Haven't heard a lot about it going forward,
but for organizations,
they're very much so thinking about that.
That hasn't, it's still very much top of mind
to make sure the processes are in place
so that they can identify the steps they took
for data breach accountability.
And it's hard.
There are 54 data breach laws in the United States alone.
So it's not an easy task to expect everyone.
And obviously, of course, they vary.
You know, there's not going to be
consistency across it.
Some have very short timelines.
Some have 72 hours.
Some have less hours.
What you have to provide is different
from state to state.
So it's a really hard challenge.
And there isn't a definitive answer yet,
but we'll be discussing the trends that are going on,
why this is a growing concern,
and then what the security community can do
to help safeguard themselves
as this legislation starts to shift.
Yeah.
Well, thank you for taking the time to come by
and visit us and share your expertise.
Andrea Little-Limbago, always a pleasure.
Thank you, Dave. necessity. That's why we're thrilled to partner with ThreatLocker, a cybersecurity solution trusted
by businesses worldwide. ThreatLocker is a full suite of solutions designed to give you total
control, stopping unauthorized applications, securing sensitive data, and ensuring your
organization runs smoothly and securely. Visit ThreatLocker.com today to see how a default
deny approach can keep your company safe and compliant. And that's The Cyber Wire. For links to all of today's stories, check out our daily briefing at thecyberwire.com.
We'd love to know what you think of our podcast.
You can email us at cyberwire at n2k.com.
Your feedback helps us ensure we're delivering the information and insights that help keep you a step ahead in the rapidly changing world of cybersecurity.
in the rapidly changing world of cybersecurity.
We are privileged that N2K and podcasts like The Cyber Wire are part of the daily intelligence routine
of many of the most influential leaders and operators
in the public and private sector,
as well as the critical security teams
supporting the Fortune 500
and many of the world's preeminent
intelligence and law enforcement agencies.
N2K's strategic workforce intelligence
optimizes the value of your biggest
investment, people. We make you smarter about your team while making your team smarter. Learn more at
n2k.com. This episode was produced by Liz Ervin and senior producer Jennifer Iben. Our mixer is
Trey Hester with original music by Elliot Peltzman. The show was written by John Petrick.
Our executive editor is Peter Kilby, and I'm Dave Bittner. Thanks for listening.
We'll see you back here tomorrow. Thank you. comes in. With Domo, you can channel AI and data into innovative uses that deliver measurable
impact. Secure AI agents connect, prepare, and automate your data workflows, helping you gain
insights, receive alerts, and act with ease through guided apps tailored to your role.
Data is hard. Domo is easy. Learn more at ai.domo.com.
That's ai.domo.com.