CyberWire Daily - CrowdStrike and Microsoft battle blue screens across the globe.
Episode Date: July 22, 2024Mitigation continues on the global CrowdStrike outage. UK police arrest a suspected member of Scattered Spider. A scathing report from DHS says CISA ignored a directive to cut ties with a faulty contr...actor. Huntress finds SocGholish distributing AsyncRAT. Ransomware takes down the largest trial court in the U.S. A US regulator finds many major banks inadequately manage cyber risk. CISA adds three critical vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. Australian police forces combat SMS phishing attacks. Our guest Chris Grove, Director of Cybersecurity Strategy at Nozomi Networks, shares insights on the challenges of protecting the upcoming Summer Olympics. Rick Howard looks at Cyber Threat Intelligence. Appreciating the value of internships. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest The 2024 Summer Olympics start later this week in Paris. Our guest Chris Grove, Director of Cybersecurity Strategy at Nozomi Networks, discusses how, in addition to consumer issues, the actual events, games and facilities at the Olympics could be at risk of an attack. This week on CSO Perspectives This week on N2K Pro’s CSO Perspectives podcast, host and N2K CSO Rick Howard focus on “The current state of Cyber Threat Intelligence.” Hear a bit about it from Rick and Dave. You can find the full episode here if you are an N2K Pro subscriber, otherwise check out an extended sample here. Selected Reading Special Report: IT Disruptions Continue as CrowdStrike Sees Crisis Receding (Metacurity) Suspected Scattered Spider Member Arrested in UK (SecurityWeek) DHS watchdog rebukes CISA and law enforcement training center for failing to protect data (The Record) SocGholish malware used to spread AsyncRAT malware (Security Affairs) California Officials Say Largest Trial Court in US Victim of Ransomware Attack (SecurityWeek) Finance: Secret Bank Ratings Show US Regulator’s Concern on Handling Risk (Bloomberg) U.S. CISA adds Adobe Commerce and Magento, SolarWinds Serv-U, and VMware vCenter Server bugs to its Known Exploited Vulnerabilities catalog (Security Affairs) Australian police seize devices used to send over 318 million phishing texts - Security - Telco/ISP (iTnews) Internships can be a gold mine for cybersecurity hiring (CSO Online) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
You're listening to the Cyber Wire Network, powered by N2K.
Air Transat presents two friends traveling in Europe for the first time and feeling some pretty big emotions.
This coffee is so good. How do they make it so rich and tasty?
Those paintings we saw today weren't prints. They were the actual paintings.
I have never seen tomatoes like this.
How are they so red?
With flight deals starting at just $589,
it's time for you to see what Europe has to offer.
Don't worry.
You can handle it.
Visit airtransat.com for details.
Conditions apply.
AirTransat.
Travel moves us.
Hey, everybody.
Dave here.
Have you ever wondered where your personal information is lurking online?
Like many of you, I was concerned about my data being sold by data brokers.
So I decided to try Delete.me.
I have to say, Delete.me is a game changer.
Within days of signing up, they started removing my personal information from hundreds of data brokers.
I finally have peace of mind knowing my data privacy is protected.
Delete.me's team does all the work for you with detailed reports so you know exactly what's been done.
Take control of your data and keep your private life private by signing up for Delete.me.
Now at a special discount for our listeners.
private by signing up for Delete Me. Now at a special discount for our listeners,
today get 20% off your Delete Me plan when you go to joindeleteme.com slash n2k and use promo code n2k at checkout. The only way to get 20% off is to go to joindeleteme.com slash n2k and enter code
n2k at checkout. That's joindeleteme.com slash N2K, code N2K.
Mitigation continues on the global CrowdStrike outage.
UK police arrest a suspected member of Scattered Spider.
A scathing report from DHS says CISA ignored a directive to cut ties with a faulty contractor.
Huntress finds Sock Golis distributing Async Rat.
Ransomware takes down the largest trial court in the US.
A US regulator finds many major banks inadequately manage cyber risk.
CISA adds three critical vulnerabilities to its known exploited vulnerabilities catalog.
Australian police forces combat SMS phishing attacks.
Our guest is Chris Grove, director of cybersecurity strategy at Nozomi Networks, with a look at the challenges of protecting the upcoming Summer Olympics.
Rick Howard looks at cyber threat intelligence and appreciating the value of internships.
It's Monday, July 22nd, 2024.
I'm Dave Bittner, and this you for joining us.
It is great to have you here with us.
The CrowdStrike IT outage has had significant global repercussions,
impacting approximately 8.5 million devices and causing widespread operational disruptions.
In the U.S., the airline industry has been particularly affected,
with more than 1,500 flights canceled for the third consecutive day.
Delta Airlines, based in Atlanta, has struggled the most, with Delta Chief Executive Ed Bastian reporting that the airline canceled over 3,500 flights.
Bastian attributed the cancellations to the failure of a crew tracking tool
unable to process the high volume of changes triggered by the system outage.
Delta has been offering waivers to affected customers in an effort to manage the fallout.
CrowdStrike CEO George Kurtz issued an apology for the outage,
acknowledging the gravity and impact of the situation. He explained that the problem originated from a sensor configuration update released on
July 19th, which triggered a logic error leading to system crashes and blue screens of death
on impacted devices.
The specific update involved Channel File 291, which controls how Falcon evaluates named pipe execution on Windows systems.
Named pipes are used for interprocess or inter-system communication in Windows.
The update, intended to target malicious named pipes used in cyberattacks,
inadvertently caused the operating system crash.
CrowdStrike quickly identified and corrected the logic error,
updating the content in channel file 291 and halting further changes. Despite this,
some experts criticized CrowdStrike for not following industry standard testing procedures,
suggesting that the faulty update may have bypassed normal vetting processes.
faulty update may have bypassed normal vetting processes. To assist affected customers,
CrowdStrike has published a remediation and guidance hub with detailed information on the faulty update and recovery steps. Microsoft also played a crucial role in addressing the issue,
developing a custom WinPE recovery tool to automate the removal of the faulty update.
The tool is available for download and requires specific technical configurations for use.
The incident has sparked a wave of malicious activities,
with bad actors exploiting the turmoil to conduct phishing scams and other cyber attacks.
CISA and the UK's NCSC have issued warnings about increased fishing
activities related to the CrowdStrike outage. Australia's Home Affairs Minister, Claire O'Neill,
also cautioned small businesses to be wary of scam attempts disguised as communications from
CrowdStrike or Microsoft. The broader implications of the outage have raised concerns about the
fragility of the modern digital ecosystem and the concentration of power among key technology firms.
Ann Neuberger, the Deputy National Security Advisor for Cyber and Emerging Technologies,
emphasized the need for resilience in a globally interconnected economy.
Sir Jeremy Fleming, the recently retired head of
GCHQ, echoed these sentiments, highlighting the accelerated risks due to technological
interconnectivity. Regulators and lawmakers are calling for greater scrutiny of major tech firms,
particularly Microsoft, which has a near monopoly on office productivity systems.
Lawmakers from the House Oversight, House Homeland Security, and House Energy and Commerce
Committees have requested briefings from Microsoft and CrowdStrike to understand the causes and
impacts of the outage. A recurring theme in the coverage of the incident, particularly in the
broader tech press,
is that many people had not heard of CrowdStrike before this event.
It's a useful reminder of how cybersecurity firms often operate behind the scenes until a significant disruption brings them to public attention.
Law enforcement in the UK arrested a 17-year-old from Walsall,
suspected of being part of the Scattered Spider cybercrime group,
also known as UNC-3944 or Octopus.
This arrest followed a joint operation by the UK National Crime Agency and the US FBI.
The teenager is accused of targeting large organizations with ransomware and accessing their
networks. He was arrested on suspicion of blackmail and Computer Misuse Act offenses,
then released on bail. Evidence, including digital devices, was recovered for forensic examination.
This arrest is part of a global investigation into the cybercrime group, which has targeted major companies like MGM Resorts.
Scattered Spider has hacked numerous organizations, including Twilio, LastPass, and DoorDash, often using social engineering tactics.
The Department of Homeland Security's inspector general released a scathing report on Wednesday
criticizing the Cybersecurity and Infrastructure Security Agency
and the Federal Law Enforcement Training Center's FLETC for failing to protect sensitive data.
Both agencies ignored a direct order from DHS leadership to cease working with a high-risk contractor. The Inspector General's
audit revealed urgent cybersecurity issues at CISA and FLETC. Despite a directive to stop using the
contractor due to poor cybersecurity practices, both agencies continued their engagement without
mitigating the risks. The contractor was not named in the report, but DHS's internal
investigation highlighted significant security deficiencies in its operations. The report stated
that by not mitigating the control deficiencies, CISA and FLETC potentially exposed sensitive
personally identifiable information and law enforcement training data to compromise.
This included the names, social security numbers, dates of birth, genders, ranks,
and titles of just under 38,000 DHS and federal law enforcement officers.
Additionally, the contractor's software contained training materials on disarming active shooters
and countering seaport terrorism.
Researchers at Huntress have observed the JavaScript downloader malware SockGolish,
also known as FakeUpdates, being used to deliver the remote-access Trojan async rat
and the legitimate open-source project BOINC,
that's Berkeley Open Infrastructure Network Computing Client.
BOINC is a volunteer computing platform
maintained by the University of California
for large-scale distributed computing.
The SOC-Golish attack chain involves a malicious JavaScript file
that downloads further stages,
ultimately deploying a fileless async RAT variant and a
malicious BOINC installation. The compromised BOINC installation connects to fake servers to
collect data and execute tasks, acting as a command and control server. Huntress reported
the misuse to BOINC administrators, who have been aware of the issue since June of this year.
The report includes indicators of compromise and YARA and SIGMA rules.
A ransomware attack has shut down the computer system of the Superior Court of Los Angeles County,
the largest trial court in the U.S.
The attack began early Friday and is unrelated to the recent CrowdStrike software update issue.
The court disabled its computer network and kept it down through the weekend.
Preliminary investigations show no evidence of compromised user data.
The court serves 10 million residents with 1.2 million cases filed and 2,200 jury trials conducted in 2022.
A U.S. regulator, the Office of the Comptroller of the Currency,
has found that half of the major banks it oversees are inadequately managing risks,
such as cyberattacks and employee errors.
Bloomberg reported that 11 of the 22 large banks under OCC supervision have insufficient or weak operational risk management.
About one-third of these banks received poor ratings for overall management.
This comes amid rising concerns following last year's bank failures and a major global computing systems outage.
and a major global computing systems outage.
The OCC's operational risk assessments contribute to CAMELS ratings,
which influence regulatory scrutiny and capital requirements.
Acting Comptroller Michael Hsu has emphasized the need for effective risk management. In May 2023, Hsu testified before Congress about the importance of proactive supervisory actions
and risk mitigation from third-party vendors using new technologies.
CISA has identified and added three critical vulnerabilities to its known exploited
vulnerabilities catalog. First, there's a severe vulnerability with a CVSS score of 9.8,
First, there's a severe vulnerability with a CVSS score of 9.8, affecting Adobe Commerce and Magento open source.
This flaw involves an improper restriction of XML external entity reference, which can lead to arbitrary code execution.
Next is a high-severity directory traversal vulnerability in SolarWinds ServeU, scoring 7.5 on the CVSS scale.
Discovered by Hussein Dar, this vulnerability allows attackers to read sensitive files on the host machine. Following the disclosure and the publication of proof-of-concept exploit code,
threat intelligence firm GrayNoise observed active exploitation attempts. And finally,
there's an information disclosure vulnerability in VMware vCenter server with a CVSS score of 6.5.
This issue arises from improper file permissions, enabling malicious actors with non-administrative
access to obtain sensitive information. CISA has ordered federal
agencies to remediate these vulnerabilities by August 7th to protect their networks.
Australian police forces have seized 29 SIM boxes and thousands of SIM cards in raids across
several states to combat SMS phishing attacks.
In New South Wales, 26 SIM boxes capable of sending large volumes of text messages were found,
having sent over 318 million messages in recent months, scamming victims out of millions.
In Victoria, three SIM boxes were seized,
potentially capable of sending hundreds of thousands of malicious messages daily.
Six arrests were made, with charges laid.
Coming up after the break,
Chris Grove, Director of Cybersecurity Strategy at Nozomi Networks,
shares insights on the challenges of protecting the upcoming Summer Olympics.
And Rick Howard looks at cyber threat intelligence.
Stay with us.
Do you know the status of your compliance controls right now?
Like, right now.
We know that real-time visibility is critical for security, but when it comes to our GRC programs, we rely on point-in-time checks.
But get this.
More than 8,000 companies like Atlassian and Quora
have continuous visibility into their controls with Vanta.
Here's the gist. Vanta brings automation to evidence collection across 30 frameworks, like SOC 2 and ISO 27001.
They also centralize key workflows like policies, access reviews, and reporting, and helps you get security
questionnaires done five times faster with AI. Now that's a new way to GRC. Get $1,000 off Vanta
when you go to vanta.com slash cyber. That's vanta.com slash cyber for $1,000 off. And now, a message from Black Cloak.
Did you know the easiest way for cyber criminals to bypass your company's defenses is by targeting your executives and their families at home?
Black Cloak's award-winning digital executive protection platform
secures their personal devices, home networks, and connected lives.
Because when executives are compromised at home, your company is at risk.
In fact, over one-third of new members discover they've already been breached.
Protect your executives and their families 24-7, 365,
with Black Cloak. Learn more at blackcloak.io.
Chris Grove is Director of Cybersecurity Strategy at Nozomi Networks. I recently caught up with him
for insights on the challenges
of protecting the upcoming Summer Olympics.
To talk about the Olympics, this is a very exciting year.
This is going to be a very big game.
So 13 million tickets sold and somewhere between 11 and 15 million visitors
and 181,000 people working.
These are varying numbers out there.
Showing up for a temporary event is very complex and very challenging from a cybersecurity
perspective.
And that's, I guess, what we're going to talk about today are some of these challenges and
how the critical infrastructure comes into play and how we can manage that security for such a large amount of people and volume in a short period of time.
And that is where the challenge starts.
Yeah. I mean, I guess there are obvious things that folks think about, things like the tickets and protecting people's credit cards, you know, all that consumer-facing kind of stuff. But
we're talking about a lot of infrastructure as well. Yeah, if you think about it, in order to
run these Olympics, it's literally like building a smart city in a very short period of time.
They have water, wastewater, power distribution, camera systems, locks, heating, air conditioning,
Power distribution, camera systems, locks, heating, air conditioning, all kinds of other building automation stuff, public transportation systems, and digital signage. And the amount and the vast array of equipment needed is just not typical for something that most people would build in their day-to-day life, for sure.
It's very complex and very fast-moving and very large-scale.
Can you give us an idea of how a city will go about something like this?
I mean, how much of this is integrated?
How much of it is siloed?
Is there sort of a best practice to approaching something like this?
That's a depends question. Every time they
host the Olympics in a different place, there will be different answers, I believe.
But they do start many years in advance. And a lot of what they do is probably 80% is done before
the actual Olympics happen. And the last 15 to 20% of everything from the labor involved is during the games itself.
So they do spend a lot of time.
It's not just pouring concrete.
It's acquiring land and coming out, working with city planners to develop and ensure that
the infrastructure is able to handle the demand, not just from an electricity perspective,
but water, wastewater, like I said, and being able to handle people in emergencies.
There's other dimensions involved from hotel rooms.
How do you, does your airport, is it able to handle this volume?
So they really start many years in advance.
They work across sectors and try to ensure that all the pieces of the puzzle are basically in place to make sure that the
games can be smooth.
What about the integrity of the games themselves?
I mean, I'm thinking about things like timers, like scoreboards, you know, all of those things
that are part of the actual athletic competition.
There's a cybersecurity element to that as well, yes?
Absolutely. The same problems that we face in regular enterprise,
like somebody tweaked a switch somewhere
and resulted in a webpage changing color
or a light going on and off
or a water system changing some consistency of a chemical,
whatever it may be,
could very well happen in an event like the Olympics.
It's not unfathomable to think that somebody would try to do something like that based on
some of the things that we've seen in the past happen at the Olympics. It's from a cyber
perspective. What about misinformation and disinformation, you know, sort of the public
facing information stream. I suppose,
kind of to your point, there are folks out there who would love to see things go wrong,
would love to see perhaps some chaos injected into this. And that's a, I guess it's a combination
of a human factor and technical element as well. Right. And even a nation-state element. There's, in some cases,
for example, some of the disinformation that we're seeing happening around these games in 2024
have to do with Russia being banned from these games and competing under a neutral flag. So it's
not really in their best interest that these games are the best ones that have ever existed.
So they have a nation state reason for some disinformation.
We also saw in 2020 disinformation campaigns around discrediting a bunch of the non-Russian athletes.
There were other disinformation campaigns going many years back. And if you think even around 2008, when we first started to see some
of the ticket scams, some of those were borderline disinformation in a way. They were advertising,
you know, special sections that didn't exist or trying to sell things that just simply weren't
true, Bitcoin pieces and things like that. So, yes, it's definitely gotten more than it was in the
past. And it's one of the several threats that are being faced. Then there's also the physical
aspect of that. If somebody were to not just use disinformation to influence someone's opinion,
but to cause a panic and a public safety factor could come into play at that point.
Can we touch on public safety? I mean, it just seems like that is a huge responsibility for the
folks who are running these games here. They've got all these people from all around the world,
both the athletes, the spectators, the judges and referees, the media, and you have to provide for the safety of all those people.
Yeah, that's definitely one of the biggest challenges of events like this is the public safety component.
Of course, we like to think about interrupting the game, shutting the lights off or whatever.
That's got a financial implication to it.
shutting the lights off or whatever, that's got a financial implication to it.
But the public safety implication is really first and foremost the main priority of all the planning.
If everyone needs to come and go home safe and alive and without injury,
secondary is making sure that they're entertained with the games.
When a city goes through something like this, all of the construction, the planning, installing infrastructure for an event as big as the Olympics, when the games are over and everybody goes home, does the city end up with a lot of things having been upgraded? Is this a nice impetus for those sorts of things to happen? In some cases, yes. In some cases, no. It depends on the country and
everything. There are instances where there are stadiums lying dormant and costing that particular
host country a lot of money. And this is not specific to the Olympics. This has to do with
anything of this magnitude, like World Cup, etc. Not every city needs something of that nature or that large.
And if they don't find a way to support it from an economic standpoint, it does become
a burden.
But in other cases, it's a great way to test and bring in cutting edge technologies.
Sometimes it may be high capacity internet backbones that weren't there before that now they've laid in.
And things like that are definitely going to be used in the future.
But some of the physical infrastructure, many times they will either tear it down and convert it back to its original use
or donate it and use it for something moving forward.
But it's a mixed bag, I think, for the host cities
after the infrastructure has been used. Has there been any sense, you know, for folks like yourself
who keep an eye on these things, or this is, you know, the line of work that you're in,
any sense for how Paris is doing? Are they going to come in ready to go when it's time for the games to begin?
I cannot speak to anything to do specifically with their security posture or how they feel or what they're ready for. But I can speak to some of the things that I've seen publicly
that is out there. And a lot of the partners that have been involved with the security preparations are looking at things that have happened in the past as a way to start and prepare for what they expect this time around.
So the world is expecting everything that we've seen in the past and then some new angles, probably, and some amplification of the volume, perhaps. Some of the attacks that
came in in past Olympics were at the time they broke like DDoS records for the most amount of
traffic. We'll probably see things like that, new records broken in certain areas, not just on the
field, but on the net as well. There's probably going to be a few things that maybe we haven't seen in the past. But I do
think that everyone is prepared for that. And a lot of the leading brands are involved in, you
know, making sure that they are safe for people and that they are successful. That's Chris Grove,
Director of Cybersecurity Strategy
at Nozomi Networks. It is always my pleasure to welcome back to the show the CyberWire's Chief Security Officer and Chief Analyst, Rick Howard.
Rick, welcome back.
Hey, Dave.
You know, Rick, there's that old joke, old, old, old joke about how—
Well, that's totally appropriate for you and me.
I didn't say you're an old joke or I'm an old joke, although the truth hurts sometimes.
Yeah, we can talk about that later.
There's that old joke about how military intelligence is an oxymoron, right?
And as an old army guy, I bet you've gotten more than your share of laughs about that phrase.
It's so true. It's so true.
But where are we with cyber intelligence? I know that's something that you're looking
to cover here on your upcoming CSO Perspectives podcast.
Yeah, we're taking a look at the current state of cyber threat intelligence because, you know, most people forget, you know, we do this stuff every day that you kind of assume that that kind of thing has been around for a long time.
But really, for the commercial world, cyber threat intelligence wasn't a thing until Mandiant released their very famous
APT1 paper back in 2013, something like that. You know, because, you know, the military had been
doing cyber threat intelligence for about 10 years before that. They very famously chronicled
the Chinese efforts at cyber espionage. They had cool code names for all that, like Titan Rain,
but it didn't really catch on
with the commercial world until Mandiant released that paper. And then all of a sudden, everybody
went, oh my goodness, this is a thing we should all be doing. And so I thought it was time, it's
now 15 years past that paper, 14 years, that we should take a look at how far we've come. And I
ran into an old buddy of mine, John Holquist. He is the chief intelligence guy
at Google Mandium, right? And he and I competed back in the day. I ran a commercial cyber
intelligence group. He ran one. And so we compared notes about where it all started and where it is
today. Yeah, it's interesting to me that, you know, how quickly it spun up to become something that was productized and sold, and now folks can't do without it.
Yeah, and another little phase of that, too, is how every security vendor has their own cyber intelligence team as a marketing arm.
You know, they use it as an excuse to say, you know, we found the, you know, Wicked Spider operating over here, and all the customers that use our product stop them.
You know, they use it for that kind of thing.
So it's a really interesting way to use cyber threat intelligence.
Yeah, that is interesting.
All right, well, it is the CSO Perspectives podcast,
and the host is Rick Howard.
Rick, thanks so much for joining us.
Thank you. That's why we're thrilled to partner with ThreatLocker, the cybersecurity solution trusted by businesses worldwide.
ThreatLocker is a full suite of solutions designed to give you total control,
stopping unauthorized applications, securing sensitive data,
and ensuring your organization runs smoothly and securely.
Visit ThreatLocker.com today to see how a default-deny approach
can keep your company safe and compliant.
And finally, an article in CSO Online shares the story of Willem Westerhoff,
once a physiotherapist and pie maker, who embarked on a cyber internship in 2016.
While still an intern, he discovered a critical vulnerability in solar panel technology,
which had the potential of compromising the Netherlands' entire power grid.
This breakthrough not only transformed his life, propelling him into
global headlines and speaking at conferences, but also secured him a full-time role at ITSEC,
where he had interned. Westerhoff's story exemplifies the transformative potential of
internships. According to ISC2's 2023 Cybersecurity Workforce Report, 24% of new cyber professionals started as interns.
Matthew Prager from CISA emphasizes internships as essential for expanding the talent pool and providing valuable work experience that education alone cannot offer.
that education alone cannot offer.
John Anthony Smith of Conversant Group highlights the importance of mentoring interns
to mold them into skilled professionals,
while Alexandria Kaysan
from the Information and Communications Technology Council
stresses the need for internships
to teach both technical and soft skills.
Companies offering meaningful project-based internships
tend to secure more full-time hires, with paid internships attracting higher quality candidates.
William Westerhoff's journey from a diverse work background to a celebrated cybersecurity expert
underscores the immense value of internships. For interns, these opportunities provide practical
experience, essential skills, and a direct pathway into full-time employment, as seen with Westerhoff's
seamless transition to ITSEC. For employers, internships are a strategic investment,
offering access to fresh talent, innovative perspectives, and the chance to cultivate and retain skilled
professionals tailored to their specific needs. By fostering an environment where interns are
mentored and engaged in meaningful projects, organizations not only enhance their workforce,
but also contribute to closing the cybersecurity skills gap, ensuring a robust and secure digital future.
And that's The Cyber Wire. For links to all of today's stories, check out our daily briefing
at thecyberwire.com. We'd love to know what you think of this podcast. Your feedback ensures we
deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity.
If you like our show, please share a rating and review in your favorite podcast app.
Please also fill out the survey in the show notes or send an email to cyberwire at n2k.com.
We're privileged that N2K Cyber Wire is part of the daily routine of the most influential
leaders and operators in the public and private sector, from the Fortune 500 to many of the
world's preeminent intelligence and law enforcement agencies. N2K makes it easy for companies to
optimize your biggest investment, your people. We make you smarter about your teams while making
your teams smarter. Learn how at n2k.com. This
episode was produced by Liz Stokes. Our mixer is Trey Hester, with original music and sound
design by Elliot Peltzman. Our executive producer is Jennifer Iben. Our executive editor is Brandon
Karp. Simone Petrella is our president. Peter Kilpie is our publisher. And I'm Dave Bittner.
Thanks for listening. We'll
see you back here tomorrow. Thank you. products platform comes in. With Domo, you can channel AI and data into innovative uses that
deliver measurable impact. Secure AI agents connect, prepare, and automate your data workflows,
helping you gain insights, receive alerts, and act with ease through guided apps tailored to
your role. Data is hard. Domo is easy. Learn more at ai.domo.com. That's ai.domo.com.