CyberWire Daily - Derailing the Raptor Train botnet.
Episode Date: September 19, 2024The US government disrupts China’s Raptor Train botnet. A phishing campaign abuses GitHub repositories to distribute malware.Ransomware group Vanilla Tempest targets U.S. healthcare providers.Hacker...s demand $6 million for stolen airport data. The FCC opens applications for a $200 million cybersecurity grant program. GreyNoise Intelligence tracks mysterious online “Noise Storms”. Scammers threaten Walmart shoppers with arrest. CISA adds five critical items to its known exploited vulnerabilities list. Craigslist founder will donate $100 million to strengthen US cybersecurity. Our guest today is Victoria Samson, Chief Director at Secure World Foundation, talking about space security and stability. Cybercriminals fall prey to very infostealers they rely on. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Our guest today is Victoria Samson, Chief Director at Secure World Foundation, talking with N2K’s T-Minus Space Daily podcast host Maria Varmazis about space security and stability. For some additional detail about space sustainability, visit Secure World Foundation’s Space Sustainability 101. Selected Reading US Disrupts 'Raptor Train' Botnet of Chinese APT Flax Typhoon (SecurityWeek) Clever 'GitHub Scanner' campaign abusing repos to push malware (Bleeping Computer) Microsoft warns of ransomware attacks on US healthcare (CSO Online) Sea-Tac refuses to pay 100-bitcoin ransom after August cyberattack (The Seattle Times) FCC $200m Cyber Grant Pilot Opens Applications for Schools and Libraries (Infosecurity Magazine) GreyNoise Reveals New Internet Noise Storm: Secret Messages and the China Connection (GreyNoise) Walmart customers scammed via fake shopping lists, threatened with arrest (Malwarebytes) CISA Warns of Five Vulnerabilities Actively Exploited in the Wild (Cyber Security News) Craigslist Founder Pledges $100 Million to Boost U.S. Cybersecurity (Wall Street Journal) Criminals Keep Hacking Themselves, Letting Researchers Unmask Them (404 Media) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
You're listening to the Cyber Wire Network, powered by N2K. of you, I was concerned about my data being sold by data brokers. So I decided to try Delete.me.
I have to say, Delete.me is a game changer. Within days of signing up, they started removing my
personal information from hundreds of data brokers. I finally have peace of mind knowing
my data privacy is protected. Delete.me's team does all the work for you with detailed reports
so you know exactly what's been done. Take control of your data and keep your private life Thank you. JoinDeleteMe.com slash N2K and use promo code N2K at checkout.
The only way to get 20% off is to go to JoinDeleteMe.com slash N2K and enter code N2K at checkout.
That's JoinDeleteMe.com slash N China's Raptor train botnet.
A phishing campaign abuses GitHub repositories to distribute malware.
Ransomware group Vanilla Tempest targets U.S. healthcare providers.
Hackers demand $6 million for stolen airport data.
The FCC opens applications for a $200 million cybersecurity grant program.
Gray noise intelligence tracks mysterious online noise storms.
Scammers threaten Walmart shoppers with arrest.
CISA adds five critical items to its known exploited vulnerabilities list.
The founder of Craigslist will donate $100 million to strengthen U.S. cybersecurity.
Our guest today is Victoria Sampson, chief director at Secure World Foundation,
talking about space security and stability.
And cybercriminals fall prey to the very info-stealers they rely on.
It's Thursday, September 19th, 2024.
I'm Dave Bittner and this is great to have you here with us. The U.S.
government announced the disruption of a massive botnet, Rapt Train created by Chinese state-sponsored hackers linked to the APT group Flax Typhoon. This botnet, active for four years, compromised 260,000 devices globally,
including routers and IP cameras, through various vulnerabilities. At its peak in June 2023, it had over 60,000 active devices powered by a customized version of the Mirai malware, which enabled DDoS attacks and malware delivery.
The FBI, along with international partners, took control of the botnet's infrastructure, issuing commands to disable the malware on compromised devices.
commands to disable the malware on compromised devices. The hackers attempted to thwart this operation with a DDoS attack, but it failed to stop the takedown. Authorities ensured that
legitimate device functions weren't impacted during the operation. The botnet targeted
critical sectors in the U.S. and Taiwan, including government and military. The takedown follows
similar actions against other
Chinese-linked botnets earlier this year. A phishing campaign is abusing GitHub repositories
to distribute malware by exploiting legitimate GitHub notifications. Attackers open false issues
on open-source projects, claiming a security vulnerability and directing
users to a malicious site, github-scanner.com. This site mimics GitHub but tricks users into
installing Windows malware. Users receive emails from legitimate GitHub servers, making the scam
appear more credible. The phishing emails urge recipients to visit
the malicious domain, where a fake captcha prompts them to run malware via a copied command.
The malware, a trojan called i6e.exe, is designed to evade detection and maintain
persistence on infected systems. It contacts suspicious domains for further activity,
many of which are now offline. GitHub users are warned to avoid following links from suspicious
vulnerability alerts. Ransomware group Vanilla Tempest is targeting U.S. healthcare providers
using the INC ransomware service, according to Microsoft. The group gained initial
access through a bootloader infection passed from threat actor Storm0494, allowing lateral movement
and ransomware deployment. They used tools like the Supper backdoor, AnyDesk for remote access,
and Megasync for data exfiltration. In some cases,
Vanilla Tempest may have skipped encryption, opting instead for extortion using stolen data.
Active since 2021, Vanilla Tempest has attacked various sectors, including education and healthcare,
using different ransomware like Black Cat and Quantum Locker. Their shift to INC ransomware, which supports double and triple extortion,
signals a focus on faster payouts.
Microsoft also noted similarities between Vanilla Tempest,
also known as Vice Society, and Ryceta,
suggesting possible connections between the groups.
and Ryceta, suggesting possible connections between the groups.
Hackers behind the cyber attack on Seattle-Tacoma International Airport are demanding 100 bitcoins in ransom for stolen data.
That's about $6 million.
The attack, attributed to the ransomware group Ryceta,
disrupted SeaTac's systems in August.
Ryceta has posted eight files on its Darknet site
and claims to have over three terabytes of data. The Port of Seattle, which operates the airport,
refuses to pay the ransom and is reviewing the stolen data. Some of the leaked information
includes personal details such as passport scans and tax forms. The port is offering credit monitoring to
affected individuals and continues its investigation. Despite the disruptions, which included
handwritten boarding passes and delayed luggage, most systems have been restored. Port officials
are working to strengthen cybersecurity and are urging federal agencies to improve the sharing of cyber threat information.
The U.S. Federal Communications Commission has opened applications for its $200 million
Schools and Libraries Cybersecurity Pilot Program, part of the Learn Without Limits initiative.
The three-year program aims to help K-12 schools and libraries cover the cost of cybersecurity services and equipment.
It will use general universal service funds to enhance cybersecurity
without undermining the success of the E-Rate program, which promotes digital equity.
Schools and libraries can apply until November 1st of this year
by providing basic information about their cybersecurity needs.
Selected participants will later submit more detailed plans.
FCC Chairwoman Jessica Rosenworcel emphasized the growing cyber threats targeting these institutions
and hopes the program will identify effective tools to safeguard their broadband networks. The program will also collect
data to explore broader use of universal service funds for cybersecurity. Since January 2020,
Gray Noise Intelligence has tracked mysterious noise storms, massive waves of spoofed traffic
that challenge cybersecurity experts.
These sophisticated attacks used advanced techniques like TTL spoofing and OS emulation, complicating detection and blocking efforts.
While millions of spoofed IPs target providers like Cogent and Lumen, AWS is notably avoided, suggesting a strategic actor.
Though the traffic appears to originate from Brazil,
links to Chinese platforms like QQ and WeChat suggest deliberate obfuscation.
Despite years of analysis, experts remain uncertain about the true intent behind these events,
which may involve covert communications,
DDoS attacks, or misconfigurations.
Recent storms feature the ASCII string LOVE
in ICMP packets,
further deepening the mystery.
Gray noise urges security leaders
to use adaptive tools and actionable intelligence
to address such evolving threats
and stay proactive in a rapidly
shifting cybersecurity landscape. And if you have any insights on these noise storms,
Gray Noise would love to hear from you. A recent scam targets Walmart customers by embedding fake
customer service numbers into shared shopping lists on the Walmart website.
Victims are tricked into calling a fraudulent call center where scammers claim their accounts were involved in illegal activity and threaten arrest unless money is transferred to a Bitcoin
wallet. The scam escalates with demands for personal and financial information. Walmart
has been informed of the scam, and users are urged
to avoid clicking on suspicious ads and to be cautious when engaging with unfamiliar customer
service numbers. CISA has issued a warning about five critical vulnerabilities in widely used
software, urging organizations to apply patches or discontinue affected products by October 9th.
Key vulnerabilities include flaws in Apache Huge Graph Server,
Microsoft SQL Server Reporting Services, Windows Task Scheduler,
Oracle JDeveloper, and Oracle WebLogic Server,
all of which could allow remote attackers to execute arbitrary code or escalate privileges.
Immediate action is recommended to mitigate these serious security risks.
Craig Newmark, founder of Craigslist, plans to donate $100 million to strengthen U.S.
cybersecurity, targeting infrastructure protection and public education on basic cybersecurity measures like password management and software updates.
Newmark believes the U.S. is vulnerable to foreign cyberattacks,
especially on critical infrastructure, and aims to support those defending it.
Part of his donation will fund initiatives like training cybersecurity volunteers
and supporting child internet safety.
This pledge is part of his broader philanthropic efforts to give away most of his wealth,
which has surpassed $400 million since 2015.
Coming up after the break, Victoria Sampson, Chief Director at Secure World Foundation, speaks about space security and stability.
Stay with us.
Transat presents a couple trying to beat the winter blues.
We could try hot yoga.
Too sweaty.
We could go skating.
Too icy.
We could book a vacation.
Like somewhere hot.
Yeah, with pools.
And a spa.
And endless snacks.
Yes!
Yes!
Yes!
With savings of up to 40% on Transat South packages, it's easy to say, so long to winter.
Visit Transat.com or contact your Marlin travel professional for details.
Conditions apply.
Air Transat. Travel moves us.
Do you know the status of your compliance controls right now?
Like, right now.
We know that real-time visibility is critical for
security, but when it comes to our GRC programs, we rely on point-in-time checks. But get this,
more than 8,000 companies like Atlassian and Quora have continuous visibility into their controls
with Vanta. Here's the gist. Vanta brings automation to evidence collection across 30
frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies,
access reviews, and reporting Vanta when you go to
vanta.com slash cyber. That's vanta.com slash cyber for $1,000 off.
And now, a message from Black Cloak.
Did you know the easiest way for cybercriminals to bypass your company's defenses is by targeting your executives and their families at home?
Black Cloak's award-winning digital executive protection platform
secures their personal devices, home networks, and connected lives.
Because when executives are compromised at home, your company is at risk. In fact, over one-third of new members
discover they've already been breached. Protect your executives and their families 24-7, 365
with Black Cloak. Learn more at blackcloak.io.
Victoria Sampson is Chief Director at Secure World Foundation,
and she recently spoke with N2K's T-Minus Space Daily podcast host,
Maria Vermazes, about space security and stability. The Secure World Foundation is a
nonprofit that focuses on space sustainability. We promote best practices and norms of behavior
to make sure that space is accessible to and usable for all over the long term. So my particular
portfolio focuses on the security aspects, which, yeah, a lot of things affect sustainability,
but happy to talk more through the course of the conversation. Absolutely. Yeah. I mean, space security is a phrase that I think colloquially has a number
of different uses and meanings, and sometimes it's not exactly clear what people are talking about.
In the context of this conversation, and you are the expert here,
how do we define space security exactly? I mean, that's a really interesting question.
I think it just
depends on who you ask. In English, we distinguish between space safety and space security. Space
safety are things like spaceflight safety, you know, inadvertent interruptions to your space
capabilities, you know, not like space debris and, you know, solar flares and stuff like that.
Space security implies that there is a deliberate threat intention
to somehow interfere with your space assets.
And I say that in English because in other languages,
especially romance languages,
they don't distinguish between space safety and space security.
But we are speaking English,
so we shall look at it from the security aspect.
So these are things, anything that could somehow deny, disrupt, interfere,
somehow get in the way between your space asset and you.
So, this is either information coming to or from the satellite, whether at the ground control station or as a user.
So, yeah, definitely cybersecurity sounds like it would be wrapped up in that as well when we're talking about space security.
Absolutely, it is. Absolutely, it is.
Very cool. And another just point of clarification
for me, the phrase, the term counter space, what do we mean by that as well?
Sure. We use the terminology counter space capabilities because I think a lot of people
used to think, okay, space weapons, what does that mean? And the implication is whether Star
Wars shooting lasers or more realistically, the idea of putting a weapon up in space that can point down to Earth or other satellites or things of that nature.
The issue is that latter aspect isn't really happening.
What we're seeing are these sort of capabilities that are dual purpose.
dual purpose that means that they could be being created for completely innocuous non-offensive reasons or the same technology could be used in a manner that's meant to be
deliberately hostile and so that's what we see capabilities and we're talking counter space
capabilities these are things like whether you're going to put a system up in orbit to somehow
interfere with another satellite whether that's to jam it or
to take pictures of it or release an object with high velocity to impact it, things like that.
Or you have things that are on, I think this is what a lot of people think of when they think of,
you know, space, counter space capabilities or, you know, space security issues. You know,
some sort of interceptor launched from a terrestrial point, whether that's in the air or on the ground or an ocean, to aim at a target in space. But then you also have things like electronic warfare,
jamming, spoofing, interfering somehow with communication. You have directed energy weapons,
lasers, which can be used to blind or dazzle optical imagery. It could be using some sort of electromagnetic pulse to interfere or somehow destroy a satellite.
And then finally, there are things like cybersecurity, the idea of releasing cyber weapons to somehow interfere or take out a space communications.
Okay, so that is a fascinating, scary also, but like a fascinating
array of different scenarios. And one thing that I've noticed in my discussions with people is I
think there is not a lot of understanding of what's a realistic threat. I mean, experts like
yourself know, but in the general public, let alone even within sort of the general space world,
I'm not sure if people quite understand what is realistically happening. And I'm thinking also of major headlines like, you know,
Viasat, that was a major issue in 2022.
But also the whole thing with, you know, Russian nukes in space
did not help add any clarity to the conversation at all.
And people were like, okay, how real is that?
What does that exactly mean?
Some people were like, that's been going on for ages.
This isn't you, other people, you know.
So it's, where do we even begin to sort of understand,
for those of us who are interested
in the industry about space,
how do we begin to understand realistically
where things are at right now and how do we,
and what actually is the signal
and what's the noise in the situation?
Right, it's hard because a lot of space
gets classified very quickly.
And so it's hard to have an open, unclassified conversation about what the actual threats are as well.
I think oftentimes some of the concept of the threat is maybe increased a little bit, depending upon who is doing it for geopolitical reasons.
And this allows me to put in a plug.
to put in a plug, MGO contractually obligated to mention Secure World's Global Counterspace Set Assessment, which is an open source, unclassified analysis of counterspace capabilities
for 12 countries across five different capabilities that I mentioned earlier.
And so if you look at that, we have a lovely thing I call the stoplight chart on our website,
swfound.org slash counterspace, that looks at these capabilities.
And so I think, you know, you can do it different
ways. You can say, okay, reversible versus irreversible damage. You know, something that
is reversible like jamming or, you know, a cyber attack. You do it and it isn't going to permanently
destroy or harm the spaces that you're targeting. Those are actually considered to be very usable
counterspace capabilities and everyone's doing it. Everyone jams.
Absolutely everyone jams.
Presumably most countries that have cyber capabilities,
cyber warfare and other realms,
they presumably have them in space
if they have space capabilities too.
That gets classified very quickly,
so it's kind of hard to distinguish.
But as you mentioned, for example,
in February 2022, when Russia invaded Ukraine, they released simultaneously an attack against FIASAT's ground terminals, a cyber attack.
And we thought that was very interesting because, first of all, again, usable counter space capability.
But also, whenever people think about space security and stability, they think about things up in space, obviously.
But the ground targets they're
right there they're easier to get to and so that was something that we point out um so something
like that uh what's less likely maybe low probability high impact are the things that are
that are irreversible you know destructive counter space capabilities um and these would be things
like you know direct descent anti-satellite capability,
where you have an interceptor launch
from terrestrial Earth to, you know,
impact a satellite up in space.
No one's ever done that against anyone else's satellite.
Four countries have tested this capability
against their own, United States, Russia, China, and India.
But if something like that were to be done,
you know, again, against a rival satellite,
that could be incredibly escalatory
in that it could invoke a response,
you know, bringing conflict from space into Earth.
And then things like, you know,
you mentioned Russian nukes for anti-satellite.
The story was that U.S. intelligence forces believe that Russia
is developing some sort of
nuclear warhead that would be placed
into orbit and used
as an anti-satellite capability in terms
of it would explode, and
the EMP from the explosion would be used
to take out a bunch of satellites at once.
That is something
that we know will happen in terms of
it has been proven during the
early part of the cold war both the united states and then soviet union tested in nuclear warheads
in space and in fact there was one that the u.s did in july um july 1962 where um starfish prime
where the the warhead was a 1.4 megaton warhead it took out about a third of the active satellites
at that point now Now, granted,
this is just a few years
after Sputnik,
so there weren't that many,
but still,
you can imagine
in this day and age,
in this day and age,
you know,
if you have a nuclear warhead
going off
in low-Earth orbit,
which is where
most of the satellites
that are active now operate,
that could be
incredibly damaging
and, again,
very eschatory.
So it's just one of those things
I always hate to say,
like, it depends, but it truly does depend in terms of what the counter-space capability is. But again, very eschatory. So it's just one of those things I always hate to say, like, it depends. But it truly
just depends in terms of what the counter space capability
is. But again, I will point out, we make
this point in our counter space document,
our counter space site assessment.
Temporary and reversible
counter space capabilities are being used
right now in conflicts. But these are
things like, again, like jamming and cyber.
Irreversible, destructive
counter space capabilities have not been used in conflicts.
Yes.
Yeah, yeah. No, it depends. Yeah, I hate saying that, but I'm smiling, but I'm actually, I'm
terrified of that happening. And, you know, it depends as an honest answer also. So as often
when speaking to experts like yourself and, you know, scientists and different,
that's usually the answer that I get for most of my questions, which is the valid, honest answer.
Speaking of that report there that you're mentioning, the Global Counterspace Capabilities
Assessment. So that came out in April of this year. And it's a really, I'll make sure we have
links to it in our show notes because people should definitely check it out. There's a really interesting abstract at the beginning that sort of makes the case that more public debate about what's going on
in the space domain regarding security. I'm being very broad here because I don't want to,
I'd rather you explain this than me, but more public debate and discussion is needed around
what's going on here. Is this that things are getting
too hawkish? Are things just too militarily focused? I mean, can you dive into that a little
more? Sure. I mean, the reason why we started this counter-spaced doubt assessment six years ago
was that we would read news stories and hear news stories about things that other countries are
doing, namely, you know, I'm in the U.S, so this would be China and Russia. And it would either be wildly speculative, you know, in terms of what they're doing and what
it meant to do, or it would be like, can't say anything classified, but if you knew,
you'd want to do more. And so we said, okay, well, you can't make good information based on
guesses. And so we thought, okay, what if we were to work towards establishing, you know,
what can you find out from an unclassified open source pieces of data? And so that's what we did,
was we wanted to contextualize the conversation and, you know, make it more relevant. So we look
at when, you know, countries, there are news stories about countries testing capabilities,
we say, okay, you know, how does that compare to other countries'
capabilities? Is that truly a new thing or is that something that another country
has been doing for decades? Does it fit into where their budget and policy and strategies,
if that information is open and available, does it fit into what they've been saying?
With the idea that you can't make good policies without good input.
And then in terms of, you know of helping the public fully understand this,
I think oftentimes, again, it's very complicated. It gets classified and people just jump to the
worst conclusion. And sometimes that is relevant, but other times what ends up happening is it
creates a situation that is what you were hoping to avoid to begin with. And so
our hope is by sharing information about this, that we can help encourage informed debate
and allow policymakers to make the best decisions for national and international security stability.
I think oftentimes when people talk about threats from a national security perspective,
the response is, okay, what sort of technologies
and military capabilities can we develop in response? And obviously that's one tool in the
toolkit. But another tool that I think can be equally as helpful is diplomacy. There are a lot
of multilateral discussions happening at the United Nations and elsewhere looking at how do you
determine what is considered responsible behavior in space how do you identify irresponsible behavior and how can you get a commonly understood you know not necessarily definition but global perspective
on these sort of things so you can identify when people are acting outside of what's considered
responsible behavior and how can you get the patterns of life established so i think that's
one way in which that can be very helpful in handling this. And another way are just unilateral declarations.
For example, in April 2022, the United States announced it was committing not to conduct destructive anti-satellite missile tests, largely because of the debris that's created from those issues, from those tests.
In November 2021, Russia conducted one of these tests, and it created over 1,600 pieces of trackable debris, of which I want to say, you know, there's maybe 300 still around.
So it's dropping, but, you know, so it's still a threat to other operators.
It's a threat to, you know, allies of Russia.
One of the things that really shocked me is when they did the test is that they had cosmonauts on the space station and like they're going to be just as threatened as the astronauts um so yeah so i think you know diplomatic efforts can be helpful and
this you know commitment to conduct destructive anti-satellite missile tests that the united
states announced two years ago um has since been joined by 36 other countries and so yeah that's
another way a way in which countries can try and make a more stable, predictable space environment. It does not have to
be develop a weapon, get a treaty forward. There is a whole spectrum of responses in between those
two. That's Victoria Sampson, Chief Director at Secure World Foundation. For more information,
we'll have a link in our show notes. Also, do check out the T-Minus Space Daily podcast,
wherever you get your podcasts.
Cyber threats are evolving every second, and staying ahead is more than just a challenge.
It's a necessity.
That's why we're thrilled to partner with ThreatLocker,
a cybersecurity solution trusted by businesses worldwide.
ThreatLocker is a full suite of solutions designed to give you total control,
stopping unauthorized applications, securing sensitive data,
and ensuring your organization runs smoothly and
securely.
Visit ThreatLocker.com today to see how a default-deny approach can keep your company
safe and compliant. And finally, cybercriminals might want to rethink downloading cracked software,
as they're unknowingly exposing themselves to researchers and law enforcement through
infostealer malware. Joseph Cox at 404 Media looks at a recent case where researchers at Hudson Rock uncovered key information on Muchaba and Motion Raza,
two fugitives from the FBI's Most Wanted list, using data harvested by infostealers.
These malware infections, likely caused by running cracked versions of popular software,
capture everything from passwords to browsing histories and even
screenshots. The RASAS allegedly ran an illegal business selling fake IDs, and the malware logs
revealed credentials linked to their operations. Ironically, the criminals are victims of their
own trade, falling prey to the very malware they rely on to exploit others.
Researchers are leveraging this data flood to unmask identities,
proving that sometimes even hackers can't escape their own tactics.
Hudson Rock also identified other associates involved,
further expanding the case.
It's clear when criminals play with malware,
they risk exposing themselves just as much as their targets. And that's the Cyber Wire. For links to all of today's stories, check out our
daily briefing at thecyberwire.com. We'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of Thank you. to cyberwire at n2k.com. We're privileged that N2K Cyber Wire
is part of the daily routine
of the most influential leaders and operators
in the public and private sector,
from the Fortune 500
to many of the world's preeminent
intelligence and law enforcement agencies.
N2K makes it easy for companies
to optimize your biggest investment,
your people.
We make you smarter about your teams
while making your teams smarter.
Learn how at n2k.com. This episode was produced by Liz Stokes. Our mixer is Trey Hester with
original music and sound design by Elliot Peltzman. Our executive producer is Jennifer
Iben. Our executive editor is Brandon Karp. Simone Petrella is our president. Peter Kilby
is our publisher. And I'm Dave Bittner. Thanks for listening. We'll see you back here tomorrow. Thank you. through guided apps tailored to your role. Data is hard. Domo is easy.
Learn more at ai.domo.com.
That's ai.domo.com.