CyberWire Daily - Phishing with Facebook Messenger bots. Redfly hits a national power grid. Nice platform you got there…shame if something happened to it. MGM Resorts grapples with a “cybersecurity issue.”
Episode Date: September 12, 2023Phishing with Facebook Messenger accounts. Redfly cyberespionage targets a national grid. The exploit trade in the C2C underground market. Phishing attack exploits Baidu link. A repojacking vulnerabil...ity. A hacktivist auxiliary looks to its own interests. Ben Yelin marks the start of the Google antitrust trial. In our Industry Voices segment, Adam Bateman from Push Security explains how identities are the new perimeter. And MGM Resorts are dealing with a “cybersecurity issue.” For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/174 Selected reading. Sponsor with batch-filed whiskers: Ballistic Bobcat’s scan and strike backdoor (ESET) Charming Kitten's New Backdoor 'Sponsor' Targets Brazil, Israel, and U.A.E. (The Hacker News) Iran's Charming Kitten Pounces on Israeli Exchange Servers (Dark Reading) Iranian hackers break into networks of more than 30 companies in Israel (ynetnews) “MrTonyScam” — Botnet of Facebook Users Launch High-Intent Messenger Phishing Attack on Business Accounts (Guardio Labs, via Medium) Facebook Messenger phishing wave targets 100K business accounts per week (BleepingComputer) Vietnamese Hackers Deploy Python-Based Stealer via Facebook Messenger (The Hacker News) Redfly: Espionage Actors Continue to Target Critical Infrastructure (Symantec) Sales and Purchases of Vulnerability Exploits (Flashpoint) Phishing Attack Abuses Baidu Link Redirect, Cloudflare, and Microsoft (Vade) New Exploit Puts Thousands of GitHub Repositories and Millions of Users at Risk (Checkmarx.com) After Microsoft and X, Hackers Launch DDoS Attack on Telegram (SecurityWeek) MGM Resorts shuts down some computer systems after cyber attack (Reuters) Cybersecurity issue prompts computer shutdowns at MGM Resorts properties across US (AP News) MGM Resorts shuts down IT systems after cyberattack (BleepingComputer) MGM Resorts experiences 'cybersecurity issue' impacting operations and prompting investigation (Fox Business) MGM resorts says 'cybersecurity issue' may have widespread impact (NBC News) MGM Resorts blames 'cybersecurity issue' for ongoing outage (TechCrunch) FBI assisting in MGM cybersecurity investigation as slot machines, website, and emails rem (KSNV) MGM Resorts Says It Shut Down Some Systems Following Hack (Bloomberg) Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
You're listening to the Cyber Wire Network, powered by N2K.
Air Transat presents two friends traveling in Europe for the first time and feeling some pretty big emotions.
This coffee is so good. How do they make it so rich and tasty?
Those paintings we saw today weren't prints. They were the actual paintings.
I have never seen tomatoes like this.
How are they so red?
With flight deals starting at just $589,
it's time for you to see what Europe has to offer.
Don't worry.
You can handle it.
Visit airtransat.com for details.
Conditions apply.
AirTransat.
Travel moves us.
Hey, everybody.
Dave here.
Have you ever wondered where your personal information is lurking online?
Like many of you, I was concerned about my data being sold by data brokers.
So I decided to try Delete.me.
I have to say, Delete.me is a game changer.
Within days of signing up, they started removing my personal information from hundreds of data brokers.
I finally have peace of mind knowing my data privacy is protected.
Delete.me's team does all the work for you with detailed reports so you know exactly what's been done.
Take control of your data and keep your private life private by signing up for Delete.me.
Now at a special discount for our listeners.
private by signing up for Delete Me. Now at a special discount for our listeners,
today get 20% off your Delete Me plan when you go to joindeleteme.com slash n2k and use promo code n2k at checkout. The only way to get 20% off is to go to joindeleteme.com slash n2k and enter code
n2k at checkout. That's joindeleteme.com slash N2K, code N2K.
Phishing with Facebook Messenger accounts,
Redfly cyber espionage targets a national grid.
The exploit trade in the C2C underground market.
Fishing attack exploits BaiduLink.
A repo jacking vulnerability.
A hacktivist auxiliary looks to its own interests.
Ben Yellen marks the start of the Google antitrust trial.
In our Industry Voices segment, Adam Bateman from Push Security explains how identities are the new perimeter.
And MGM Resorts are dealing with a cybersecurity issue.
I'm Dave Bittner with your CyberWire Intel briefing for Tuesday, September 12, 2023.
ESET reports that the APT they track as Ballistic Bobcat is currently active against targets in Brazil, Israel, and the
United Arab Emirates. Ballistic Bobcat is known in other threat actor bestiaries as APT-35, APT-42,
Charming Kitten, TA-453, or Phosphorus. The group is using a novel backdoor tracked as Sponsor, which uses configuration files stored on disk.
ESET says,
These files are discreetly deployed by batch files and deliberately designed to appear innocuous,
thereby attempting to evade detection by scanning engines.
Ballistic Bobcat carefully scans for known unpatched vulnerabilities in target systems
and exploits those for initial access.
The APT's usual target list includes education, government, and health care organizations,
as well as human rights activists and journalists.
Guardio Labs is tracking a widespread phishing campaign
that's targeted millions of business accounts on Facebook Messenger,
compromising about one in 70 of the targeted accounts. The campaign uses phony business inquiries to distribute
a tiny compressed file attachment that packs a powerful Python-based stealer dropped in a
multi-stage process full of simple yet effective obfuscation methods. The threat actor behind the campaign appears to be a cybercriminal group based in Vietnam.
The researchers note the threat actors hold an army of bots
and fake Facebook accounts,
as well as a listing of millions of business accounts, pages, and managers,
sending away over 100,000 phishing messages a week
to Facebook users around the world.
Symantec warns that the Red Fly threat actor used the Shadow Pad Trojan to compromise a national
grid in an Asian country for as long as six months earlier this year. The attack began in February,
and the objective appears to be espionage. Symantec says the frequency at which critical
national infrastructure
organizations are being attacked appears to have increased over the past year and is now a source
of concern. Threat actors maintaining a long-term persistent presence on a national grid presents a
clear risk of attacks designed to disrupt power supplies and other vital services in nation-states
during times of increased political
tension. While Symantec has not seen any disruptive activity by Redfly, the fact that such attacks
have occurred in other regions means they're not outside the bounds of possibility. Flashpoint has
published a report looking at the demand for vulnerability exploits in criminal markets.
The prices of the exploits vary, with some being sold for tens of thousands of dollars.
In one case, a CloudFlare web application firewall bypass zero-day
was combined with a new exploit for a patched Magento flaw and offered for $30,000.
In another instance, threat actors offered an exploit for a patched vulnerability
affecting the Microsoft Windows print spooler service. The researchers note it has not been
reported as being exploited in the wild, but Flashpoint analysts observed a threat actor
selling an exploit targeting the CVE on February 16th. The threat actor set the price of the
exploit at 8,000 U.S. dollars for the compiled binary and $13,000 for the source code.
Flashpoint observed on March 31 that a notable threat actor displayed interest in purchasing the exploit.
Bade describes a phishing campaign that abused China's search engine Baidu's link redirect feature.
Use China's search engine Baidu's link redirect feature.
The phishing links lead to a spoofed Microsoft 365 login page hosted by Cloudflare.
Vade states,
As usual, the attackers protect their webpage by using cover and redirection mechanisms.
Many email filters are likely to treat a Baidu domain as safe and pass the phishing email to the intended victim's mailbox.
Additionally, the use of multiple intermediary pages is designed to intercept and prevent the
analysis from reaching the destination phishing page. Since these pages don't contain fields or
links, they encourage filters to view them as safe. Checkmarks discovered a vulnerability that
could allow an attacker to exploit a race condition within GitHub's repository creation and username renaming operations in order to conduct repojacking attacks.
GitHub has since fixed the flaw.
Checkmarks states,
Successful exploitation enables the takeover of popular code packages in several package managers, including Packagist,
Go, Swift, and more. We have identified over 4,000 packages in those package managers
using renamed usernames and are at risk of being vulnerable to this technique in case a new bypass
is found. Of these packages at risk, hundreds of them have garnered over 1,000 stars on GitHub.
Anonymous Sudan, which despite the name is Russian-operated,
retaliated against Telegraph for its suspension of the group's main account, Security Week reports.
SockRadar describes the distributed denial-of-service attack, which they assess as having largely failed.
of service attack, which they assess as having largely failed. Telegram hasn't said why it banned Anonymous Sudan, but it seems to have done so for the hacktivist auxiliary's organization and use
of bot accounts. And finally, if that one-armed bandit's not working out for you, maybe it's a
cyber attack. MGM Resorts is undergoing what it characterizes as a cybersecurity issue.
The company has so far been tight-lipped about the nature of that issue.
Bleeping Computer says the incident began Sunday evening
and that it affected ATMs and credit card readers at resorts
as well as MGM Resorts' main webpage.
Some guests say that their room keys are no longer working,
and local media in Las Vegas say there are reports of slot machines in the resorts being
out of operation. The outages are particularly pronounced in Las Vegas, but resorts elsewhere
have been affected too. TechCrunch reports that the websites for several of MGM's regional resorts,
including MGM Springfield in Massachusetts,
MGM National Harbor, and the Empire City Casino in New York. MGM Resorts hasn't said what kind
of issue it's grappling with, but the involvement of law enforcement and the fact that it appears
to be something that's disrupting availability suggests to many experts that it's probably a
ransomware attack. But that, we stress, is at this point speculation.
At any rate, if you're booking a vacation,
MGM Resorts says you can still do so by phone.
We're pretty sure you can see Cirque du Soleil at the Bellagio,
but who knows?
Sight is still down.
Operators are standing by.
Coming up after the break,
Ben Yellen marks the start of the Google antitrust trial.
In our Industry Voices segment,
Adam Bateman from Push Security
explains how identities
are the new perimeter.
Stay with us.
Do you know the status of your compliance controls right now?
Like, right now.
We know that real-time visibility is critical for security,
but when it comes to our GRC programs, we rely on point-in-time checks. But get this.
More than 8,000 companies like Atlassian and Quora
have continuous visibility into their controls with Vanta.
Here's the gist.
Vanta brings automation to evidence collection across 30 frameworks,
like SOC 2 and ISO 27001.
They also centralize key workflows like policies, access reviews, and reporting,
and helps you get security questionnaires done five times faster with AI. Now that's a new way
to GRC. Get $1,000 off Vanta when you go to vanta.com slash cyber.
That's vanta.com slash cyber for $1,000 off.
And now, a message from Black Cloak.
Did you know the easiest way for cyber criminals to bypass your company's defenses
is by targeting your executives and their families at home?
Black Cloak's award-winning digital executive protection platform
secures their personal devices, home networks, and connected lives.
Because when executives are compromised at home, your company is at risk.
In fact, over one-third of new members discover they've already been breached.
Protect your executives and their families 24-7, 365 with Black Cloak. Learn more at blackcloak.io.
As a security professional, you may find yourself in the situation where employees sign up to new SaaS apps on their own for convenience or expedience.
This can result in countless identities being created across the Internet, which potentially are a new attack surface for attackers and a route to company data. So, do you block employees from doing this or create a pathway for your employees to walk safely? And what about maintaining company productivity along
the way? Adam Bateman is co-founder and CEO at Push Security. And in this sponsored Industry
Voices segment,
he makes the case that identities are the new perimeter.
There's a lot of talk and rage at the moment
about identities being the new company attack surface.
And I think a really good way to conceptualize this
is in the 2000s, our first attack surface
was really open ports on IP addresses. And then it quickly
morphed into being employees and their endpoints. And now it's kind of identities on online
applications or in the cloud. And so when we're talking about identities, we're really, we're
talking about user accounts. They're the new entry point. And the reason this is important is because,
well, firstly, if an attacker aims their attacks
at identities in the cloud,
they don't hit the company network, right?
Which is where a lot of the defenses
and detection responses are currently happening.
It kind of goes past the network
and directly into cloud infrastructure.
And the second reason there's a lot of talk about it
is because I'm from a red team background.
And when I think back to those days, the nerve wracking part when you're on the offensive
side is getting that initial foothold into the network.
And the reason for that is because you are doing something abnormal on the network, right?
You're launching a new process or executing some kind of code
or something that shouldn't happen.
And those sorts of anomalies are possible to detect.
The moment you compromise someone's identity,
like you get access to their account through key logging
or the numerous ways that that's possible,
you're like a ghost on the wire.
You know, it's very difficult to tell the difference
at that point between the actual user logging into things
and the attacker doing it. And so when it comes to identity security, that's the challenge that
the industry is facing at the moment is, how do we actually discover these attacks when we're not
really equipped and we're not in that position to do that at the moment?
And how are people coming at this? I mean, do you find that there's a good amount of misunderstanding out there?
Yeah, I think the biggest misunderstanding that I'm seeing
is that people are aware, from what I'm seeing,
that identities are now a target and it's something people need to pay attention to.
But I think the focus at the moment is on the core identities that people know about.
So maybe on your AWS or your Azure,
your GCP and those kinds of things.
Now, they are really important.
There's absolutely no doubt.
But they also have the greatest level
of security controls and maturity around them.
They can be connected to SSO.
There's lots of different security mechanisms
built into those, like multi-factor by default
and everything else.
And the bit I think that people aren't thinking about as much
is that there's now this huge proliferation of SaaS applications
that are equipped for self-service.
So we're not in a position anymore where we used to be,
where IT was centralized.
So the IT and security team would be the ones to bring
new products or new software
into the company on an employee's request,
and they would vet it for security controls,
and they would make sure it passes
all the compliance checks,
and then they would enroll the employee.
Especially since the hybrid working
and all these things,
employees now directly sign up on their own and IT has become
decentralized, right? So finance team will pick their own software, they'll test lots of different
things and they'll determine which one they want to use. And some of those get abandoned,
some of those get adopted, and IT and security often don't know about this. And so the issue is
that we end up with this identity sprawl. There's lots and lots of new user accounts being created that are potentially
vulnerable. And that really broadens that attack surface way beyond just the core applications that
people are aware they have in their infrastructure. How do you fight that? I mean, how does an
organization gain visibility there? Well, I think the first thing to remember, a lot of people think,
okay, but I've got everything behind SSO.
But the thing to bear in mind there is that
SSO, adding something to SSO is now the last step.
And so it's not the first step, right?
So you have to discover that someone has signed up
and created a new identity to get that identity
then enrolled in SSO.
So that's a really important thing to think about.
The second thing to think about is that
it's surprising to people that not that many SaaS apps
even support SSO in the first place.
And so we took a sample,
we took a sample of about 500 of the most commonly used ones
that we see across our customer base that are the highest impact.
And we found about 31% have any support for SAML at all.
And within that 31%, you need to be on the enterprise tier for a lot of those.
On top of that, I think people sometimes think about SSO
as being a kind of shield in front of identities,
and it's not really. It's a management layer. So I liken it to Active Directory. Active Directory
is a great way of managing accounts at scale across all of your Windows estate, but you can
still log in with your local admin password. And so it's still important to defend those as well.
And the same is true for SaaS. Even though you have an SSO management layer, the active accounts on the individual SaaS applications,
you can still log into them in a lot of cases.
When you disable them in your IDP,
they're not always removed underneath.
So what I'm really saying here is that
you need to think about identity sprawl
in lots of different SaaS applications' own attack surface
and actually discover when employees sign up and create new identities.
So the way that we do that is by using a browser plugin and being in the browser and then detecting
signups and logins.
What are your recommendations for folks who want to do a better job of getting on top
of this?
Where should they begin?
Our first thing is really just to have it part of your threat model
because I don't think the industry is thinking about this as much.
And we actually have tried to help with this.
We recently, given the fact we look into SaaS security
and identity security,
we obviously naturally do our own research
to look into the different security weaknesses
that could exist inside SaaS platforms.
And then we use those to prioritize our product features
to make sure that we are focusing on the right things.
And we've recently actually started to do that work online.
And so we created a SaaS attack matrix
with 38 different SaaS native attacks.
And we've published that as GitHub repo
with an associated blog post.
And the idea of that research was to look through
an offensive security practitioner's eyes and say,
how do I compromise a company without touching the network?
And is it possible to compromise a more trivial application and use
that foothold to your advantage to expand your access in the same way as it is possible on the
on-prem world? And so that's now been available online and the various tech techniques there are
demonstrated. The first thing I'd say is it's a good resource. We don't consider it our resource,
which is why we've open sourced it. We're looking for contributions and we're hoping that that is just one way of people looking at this. And
if there's a breach or a compromise, actually looking at this and thinking, could it have
originated from this SaaS application rather than another place on my network? The obvious other
part is just to get visibility into what employees are logging into and get a good oversight of what
identities are being created
and whether or not they're vulnerable. The folks that you're working with who are
seeing success here, are there any common elements? I think it comes down to visibility first. You
can't defend what you can't see. That's the main thing. So I think it's get the flight recorder turned on.
We always recommend that to people
because I think the thing that's important
when it comes to SaaS and online identities
is that there's no doubt that the systems
and SaaS applications that get finally adopted
and brought into production
will end up with the most data in them.
But even the applications that have just been used for testing
and experimenting and then abandoned
can contain API keys and access tokens into other systems.
And those are the areas where there's potential long-term risk.
Because if an employee abandons that SaaS application,
you're probably not going to detect it
because the employee will never log back into that from your infrastructure.
But an attacker who's performing credential stuffing
could potentially pick up that account for as long as the SaaS application stays online.
So I'd say if we're really going to simplify it,
be aware of this space and this is happening and consider it as part of the threat model
and turn the flight recorder on so you actually can start to see what identities are being created from the beginning.
That's Adam Bateman, co-founder and CEO at Push Security.
And joining me once again is Ben Yellen.
He is from the University of Maryland Center for Health and Homeland Security and also my co-host over on the Caveat podcast.
Hey, Ben.
Hey, Dave.
So today is a big day, especially for legal nerds like you.
How dare you?
I know. I'm so mean.
But today kicks off the Google antitrust trial here.
The Department of Justice is coming after
certainly one of the biggest tech companies in the world.
What do we need to know going into this, Ben?
So this case was first filed in 2020
under Attorney General William Barr in the Trump administration.
It is the U.S. et al. v. Google.
And it focuses mostly on Google as a search engine.
The allegation here is that Google used the tool's market share, which is estimated about 90%, to throttle competition in both searching and advertising.
So the idea is that Google rigged the system.
They, using their market power, bullied Apple with their iPhones
and other companies that produce different devices
to have Google be the default search engine.
This is the first major antitrust case we've seen
against a big tech company since Microsoft in the early 2000s.
It's very difficult to go after a big tech company for a number of reasons.
One is practical.
There's the thought out there that any major challenge under the Antitrust Act against one of these companies is going to stifle innovation.
What Google would say is, we earned this market share, we earned
this market power by having the most effective search engine. People use Google not because
we engage in monopolistic practices, but because Google is the best search engine. We just
beat out the competition. One of their pieces of evidence, which I found kind of humorous,
is that, you know what the most common search term is on Bing?
Is it Google?
Yes, it is.
Okay.
So, I mean, Google has become a verb.
Oh, I see.
To Google something.
And I think what Google would say in their defense to this antitrust case is this is not about anti-competitive practices.
This is about us earning a significant market share.
But the Sherman Antitrust Act was designed for these types of incidents where some entity
has undue bargaining power, the ability to throttle competition because they have such
a large market share.
So I can honestly see both sides of this dispute.
I'm really interested in what's going to happen in court here,
how each side is going to argue their position.
So it's definitely something I'm going to be watching very closely.
It's interesting, you sort of alluded to it,
how Google pays companies like Apple to be the default search engine on the iPhone.
I would imagine Microsoft, who has the Bing search
engine, they could afford to throw money at this.
They could probably outbid Google.
But a smaller entity like DuckDuckGo...
Right.
That's one of the things that's been mentioned in a lot of articles about this.
That would be out of their reach, right?
Right.
Right.
So there are a couple of ways that this could be resolved, one of which would be some type of settlement where Google doesn't lose.
They're not the full power of our antitrust enforcement doesn't fall on them.
But there's some type of judicial ruling forcing them to there to be some type of fair competition to be the default search engine here, where they can't just throttle their competition and buy them out.
That was kind of a mechanism that we saw as a part of the resolution to the Microsoft cases,
where there were competitive bidding processes
and users were required to have the chance to opt in to Microsoft as the default system.
I think we could see something similar with Google here, where when you get a new iPhone, maybe several companies can vie to be the
default search engine when you open up that iPhone. So it's not just automatically Google.
You choose.
Yeah, that could be part of some type of resolution here. But again, that's very long term. I think the bigger picture right now is, first of all, can our Justice Department still prosecute these big
antitrust cases against the biggest behemoth, really not only in the tech industry, but in
any industry? And then what is the say about the future of technological innovation? Are the
companies that are at the forefront of AI, the companies that think that they're going to acquire that market share, should they be concerned down the line about antitrust action?
And is that going to inhibit their current activity in developing that technology?
So I think those are issues that are very live in this debate.
Is there any discussion here of breaking up some of Google's various parts, you know, detaching the advertising arm
from the search engine arm,
or is this not part of that?
I think it's mostly focused on their search business.
But if you get sort of a broader ruling,
it might apply to other sectors,
such as artificial intelligence.
Okay.
So right now, it's a relatively narrow case
about its dominance in the search engine market.
But if you get a ruling that exceeds or that goes beyond a simple discussion of search engines
that affects other areas where Google has a market advantage,
then that could affect its other products as well.
I see an article from NPR outlining how this is supposed to play out
here. And they made the point that it's a judge who will be hearing the case that they expected
to run for three months, no jury. Can you explain some of that sort of the practical
machinations of how something like this works? Three months doesn't seem like a lot of time to me.
of how something like this works.
Three months doesn't seem like a lot of time to me.
It's not a lot of time for a topic that's this complicated.
I think we're going to have the best lawyers on behalf of our Justice Department
joined by representatives of attorneys general offices
across the United States who have joined this lawsuit.
And then Google is going to put up its best effort as well. Like you said,
there is going to be no jury. This is going to be argued in front of a judge. So I don't know
what type of impact that's going to have. Obviously, if you're trying to argue something
in front of a jury, you have to be worried about your target audience and how much they know about
the tech industry generally and whether they can grasp
the nuances of antitrust law. When you're talking about a judge, you don't have to be concerned
about framing your oral arguments in those types of layman's terms. You can really argue on the
nuance here. And I think there's proper precedent on behalf of the government that in the past,
and I think there's proper precedent on behalf of the government
that in the past,
they've used the Antitrust Act as a tool
to put the hammer down
against these types of companies.
It happened in the late 1960s with IBM.
It happened in the early 2000s with Microsoft.
I think there was an antitrust scholar
who's quoted in this Washington Post article
I'm reading that called this
the policeman at the elbow effect
that I think the Justice Department takes a generally hands-off approach to antitrust enforcement and
the tech industry. But when it gets out of hand, you know that the policeman at the elbow is going
to be there, which means there's some type of disincentive for these companies to go too far.
I think when you're at Google, you're less concerned about the policeman at the elbow than you are about just kind of asking for
forgiveness and not for permission. I want to get my 90% market share, let the legal chips fall
where they may. But it should certainly be very fascinating. Yeah, it's a historic day.
It really is. It really is. We'll be following this very closely.
All right.
Ben Yellen, thanks for joining us.
Cyber threats are evolving every second,
and staying ahead is more than just a challenge.
It's a necessity.
That's why we're thrilled to partner with ThreatLocker,
a cybersecurity solution trusted by businesses worldwide.
ThreatLocker is a full suite of solutions designed to give you total control,
stopping unauthorized applications, securing sensitive data,
and ensuring your organization runs smoothly and securely.
Visit ThreatLocker.com today to see how a feel-good moment into a feel-great moment.
Students, get $100 when you open a no-monthly-fee RBC Advantage Banking account
and we'll give another $100 to a charity of your choice.
This great perk and more, only at RBC.
Visit rbc.com slash get 100, give 100.
Conditions apply.
Ends January 31st, 2025.
Complete offer eligibility criteria by March 31st, 2025. Choose one of five eligible charities. Up to $500,000 in total contributions. And that's The Cyber Wire.
For links to all of today's stories, check out our daily briefing at thecyberwire.com.
We'd love to know what you think of this podcast.
You can email us at cyberwire at n2k.com.
Your feedback helps us ensure we're delivering the information and insights
that help keep you a step ahead in the rapidly changing world of cybersecurity.
We're privileged that N2K and podcasts like The Cyber Wire
are part of the daily intelligence routine of many of the most influential leaders and operators in the public and private sector,
as well as the critical security teams supporting the Fortune 500 and many of the world's preeminent intelligence and law enforcement agencies.
N2K Strategic Workforce Intelligence optimizes the value of your biggest investment, your people.
We make you smarter about your team while making your team smarter.
Learn more at n2k.com.
This episode was produced by Liz Ervin and senior producer Jennifer Iben.
Our mixer is Trey Hester with original music by Elliot Peltzman.
The show was written by our editorial staff.
Our executive editor is Peter Kilby, and I'm Dave Bittner.
Thanks for listening.
We'll see you back here tomorrow.
Your business needs AI solutions that are not only ambitious, but also practical and adaptable.
That's where Domo's AI and data products platform comes in.
With Domo, you can channel AI and data into innovative uses that deliver measurable impact.
Secure AI agents connect, prepare, and automate your data workflows,
helping you gain insights, receive
alerts, and act with ease through guided apps tailored to your role. Data is hard. Domo is easy.
Learn more at ai.domo.com. That's ai.domo.com.