CyberWire Daily - WhatsApp worm spreads.
Episode Date: October 3, 2025A fast-spreading malware campaign is abusing WhatsApp as both lure and launchpad. Carmaker Renault suffers a data breach. DrayTek patches a critical router flaw. CISA alerts cover a range of vulnerabi...lities. A new phishing kit lowers the bar for convincing lures. A Catholic hospital network pays $7.6 million to settle data breach litigation. A major breach at FEMA exposes employee data. Google expands Gmail’s end-to-end encryption (E2EE) capabilities. On our Industry Voices segment, we are joined by Brian Vecci, Field CTO at Varonis, discussing move fast but don’t break things: Innovating at light speed without putting data at risk. The UK’s digital ID is a solution in search of a mandate. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Industry Voices segment, we are joined by Brian Vecci, Field CTO at Varonis, discussing move fast but don’t break things: Innovating at light speed without putting data at risk. You can listen to Brian’s full conversation here. Selected Reading Threat Actors Leveraging WhatsApp Messages to Attack Windows Systems With SORVEPOTEL Malware (Cybersecurity News) Major car maker confirms customer data stolen in cyber attack (The Independent) Unauthenticated RCE Flaw Patched in DrayTek Routers (SecurityWeek) Organizations Warned of Exploited Meteobridge Vulnerability (SecurityWeek) CISA Releases Two Industrial Control Systems Advisories (CISA.gov) New ‘point-and-click’ phishing kit simplifies malicious attachment creation (SC Media) Hospital Chain to Pay $7.6M to Settle Breach Litigation (Bank Inforsecurity) FEMA cyber breach exposes employee data (SC Media) Gmail business users can now send encrypted emails to anyone (Bleeping Computer) UK government says digital ID won't be compulsory – honest (The Register) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
You're listening to the Cyberwire Network, powered by N2K.
At TALIS, they know cybersecurity can be tough and you can't protect everything,
but with TALIS, you can secure what matters most.
With TALIS's industry-leading platforms, you can protect critical applications,
data and identities, anywhere and at scale with the highest RR.
That's why the most trusted brands and largest banks, retailers, and health care companies in the world rely on TALIS to protect what matters most.
Applications, data, and identity.
That's TALIS.
T-H-A-L-E-S.
Learn more at talusgroup.com slash cyber.
A fast-spreading malware campaign is abusing WhatsApp as both lure and launchpad.
Carmaker Renault suffers a data breach.
Dratec patches a critical router flaw.
Sisa alerts cover a range of vulnerabilities.
A new fishing kit lowers the bar for convincing lures.
A Catholic hospital network pays $7.6 million to settle data breach litigation.
A major breach at FEMA exposes employers.
employee data, Google expands Gmail's end-to-end encryption capabilities.
On our industry voices segment, we're joined by Brian Vecchi, field CTO at Veronis, discussing how to move fast but not break things, innovating at light speed without putting data at risk.
And the UK's digital ID is a solution in search of a mandate.
It's Friday, October 3, 2025.
I'm Dave Bittner, and this is your Cyberwire Intel Briefing.
Thanks for joining us here today.
Happy Friday. It is great to have you with us.
A fast-spreading malware campaign is abusing WhatsApp as,
both lure and launch pad. First seen in September in Brazil, the self-propagating malware known as
Sorva Potel spreads through fishing messages with malicious zip files disguised as receipts or budgets.
Once opened, a hidden Windows shortcut triggers encoded power shell commands that fetch additional
payloads, establish persistence, and connect to attacker-controlled domains. The malware then hijacks
active WhatsApp web sessions, replicating itself automatically to all contacts and groups,
rapidly multiplying infections, and sometimes leading to account bans.
Analysts note that attackers also distribute similar zips via phishing emails
appearing to come from trusted institutions.
The campaign highlights growing risks from messaging platforms used in enterprise environments
where social engineering can amplify disruption.
The personal data of Renault and Dacia customers in the UK has been compromised after a cyber attack on a third-party data processor used by the carmaker.
Renault confirmed the breach in emails to affected drivers, noting that while no financial or password information was exposed,
attackers accessed sensitive personal details, including names, addresses, birth dates, gender, phone numbers, and vehicle registration data.
The company has not disclosed the total number of customers impacted, but stressed that
its own systems were not directly compromised.
Renault says it's contacting those affected and urging caution against unsolicited requests for
information.
The incident adds to a growing list of major automotive cyber breaches, as Jaguar Land Rover
also contends with a separate disruptive attack.
Drey Tech has released patches for a critical remote code.
execution flaw in DreoS routers. The bug can be triggered via crafted HTTP or HTTPS
requests to the web interface, potentially leading to memory corruption, crashes, or remote code
execution. While WAN attacks are blocked if remote web UI and VPN services are disabled or
ACLs configured, local exploitation remains possible. Firmware updates for 35 Vigor models are available
with no evidence yet of active exploitation.
SISA has added a Medio Bridge vulnerability
to its known exploited vulnerabilities catalog
after confirming active attacks.
Medio Bridge devices connect local weather stations
to public networks and are managed through a web interface.
The flaw, scored 8.7, stems from unsanitized user input
in a CGI script exposed without authentication,
allowing command injection and remote code execution.
Researchers at One Key warned in May that exploitation could occur via simple get requests
with a proof of concept publicly available.
Roughly 100 devices remain exposed online due to misconfiguration despite smart-bedded
releasing a patch months earlier.
SISA now requires federal agencies to remediate within three weeks.
The agency has not disclosed the scope of observance.
exploitation. Meanwhile, Sisa has issued two new ICS advisories covering Raze 3D Pro 2 series 3D printers
and Hitashi Energy MSM products. The Rays 3D flaw is an authentication bypass through an
unauthenticated debug port, potentially enabling file system access and data exfiltration.
Raise 3D advises disabling developer mode until a firmware patch is released.
Hitachi Energy MSM devices, fake cross-site scripting and assertion vulnerabilities,
risking injection or crashes.
Sisa urges organizations to apply mitigations, restrict Internet exposure, and follow defense-in-depth practices.
A newly advertised fishing kit called Impact Solutions is lowering the bar for cybercrime
by giving attackers a point-and-click way to build convincing lures.
first observed in September, the tool provides ready-made templates for malware delivery through
LNK shortcuts, SVG files, and HTML attachments. It also includes evasive features such as file
type masking, UAC bypass techniques, and anti-sandbox checks. With a few clicks, even low-skilled
actors can disguise malicious files as PDFs, videos, or invoices, and distribute them in fishing
campaigns. Impact Solutions also offers modules like fake login pages and a click-fix feature
that tricks users into running Base 64 encoded PowerShell commands. Abnormal AI warns that
commercialized kits like this expand social engineering risks and recommends behavior-based detection
tools. Hospital Sisters Health System, a Catholic Hospital Network in the Midwest, will pay
$7.6 million and strengthened data security to settle litigation over its
2023 breach affecting nearly 900,000 people. The attack exposed sensitive personal and
health information. Under the settlement, class members can claim up to $5,000 for
documented losses or opt for smaller prorated payments. The hospital network
denies wrongdoing, but agreed to implement security improvements. Legal experts
say settlements like this highlight mounting pressures on health care providers to bolster cybersecurity.
A breach at FEMA exposed employee data from both FEMA and U.S. Customs and Border Protection, NextGov reports.
Hackers exploited compromised credentials and the Citrix bleed 2.0 flaw beginning June 22nd,
exfiltrating data from Region 6 servers covering five states and nearly 70 tribal nations.
DHS cited FEMA's failure to enforce multi-factor authentication and patch critical vulnerabilities,
dismissing its IT staff in August.
FEMA has since restructured leadership, naming acting CIO Diego Lapidus and implementing stronger security controls.
Google is expanding Gmail's end-to-end encryption capabilities,
allowing enterprise users to send encrypted emails to recipients on any platform.
Users can enable additional encryption when composing a message,
ensuring seamless decryption for Google Workspace subscribers.
Non-Gmail recipients instead receive a secure link to view and reply
through a guest workspace account,
removing the need for key exchanges or third-party tools.
The feature, rolling out over the next two weeks to Enterprise Plus customers with assured controls,
is powered by client-side encryption, which keeps encryption keys outside Google's servers.
This design helps organizations meet regulatory requirements for data sovereignty, HIPAA compliance,
and export controls by ensuring that even Google cannot access message contents.
Google first piloted the approach in 2022 across Workspace Services.
Coming up after the break, my conversation with Brian Vecci, field CTO at Veronis.
We're discussing innovating at light speed without putting data at risk.
And the UK's digital ID is a solution in search of all.
mandate. Stay with us.
Compliance regulations, third-party risk, and customer security demands are all growing
and changing fast. Is your manual GRC program actually slowing you down? If you're
thinking there has to be something more efficient than spreadsheets, screenshots, and all those
manual processes, you're right. GRC can be so much easier, and it can strengthen your security
posture while actually driving revenue for your business. You know, one of the things I really
like about Vanta is how it takes the heavy lifting out of your GRC program. Their trust management
platform automates those key areas, compliance, internal and third-party risk, and even
customer trust, so you're not buried under spreadsheets and endless manual tasks. Vanta really
streamlines the way you gather and manage information across your entire business, and this isn't
just theoretical. A recent IDC analysis found that compliance teams using Vanta are 129% more
productive. It's a pretty impressive number. So what does it mean for you? It means you get back
more time and energy to focus on what actually matters, like strengthening your security posture
and scaling your business. Vanta, GRC, just imagine how much easier trust can be. Visit Vanta.com
slash cyber to sign up today for a free demo. That's V-A-N-T-A-com slash cyber.
AI adoption is exploding, and security teams are under pressure to keep up.
That's why the industry is coming together at the Datasek AI conference,
the premier event for cybersecurity data and AI leaders,
hosted by data security leader, Sierra.
Built for the industry, by the industry, this two-day conference
is where real-world insights and bold solutions take center stage.
Datasek AI 25 is happening November 12th,
13th in Dallas. There's no cost to attend. Just bring your perspective and join the conversation.
Register now at Datasek AI 2025.com backslash Cyberwire.
Brian Vecci is field CTO at Veronis, and in today's sponsored industry voices segment,
we discuss how to move fast but not break.
things, innovating at light speed without putting data at risk.
Well, I'm not against the idea of moving fast and breaking things, but I think it depends
on what exactly you're breaking. The idea of tossing aside or disrupting old ways
of doing things can be incredibly useful and generate a lot of innovation and a lot of productivity,
but you need to be conscious of, of course, balancing productivity and security because
the costs of a security breach or an incident are only going up.
Companies have more and more data in more and more places.
It used to be that they could secure themselves primarily by focusing on what we think
up as perimeters.
If I've got all of my infrastructure and applications and data in a big building,
like a data center, and all my people are using workstations in another big building,
like an office that I control, well, if I've got good firewalls, good perimeter,
big fences to keep the bad guys out,
well, then I'm doing a pretty good job of protecting myself.
And that kind of worked.
We still had the notion of insider threats.
And we still had, of course, threat actors, attackers that would breach these perimeters.
But more and more these days, the issues we face aren't with a single or a small number of really big and powerful perimeters.
We live in a world where we've got data on premises and in data centers.
We've got data in various cloud platforms like the hyperscalers.
We've got data in innumerable SaaS applications, big and small.
Our users, our employees are expected to work from anywhere now.
We're expected to be able to do our jobs from almost any device,
our personal device, our corporate device.
Every user has multiple devices.
I've got three in front of me right now that I use as part of my daily workflow.
I interact and collaborate with people inside the company, both within my team and cross-functionally.
I collaborate and interact like I am with you right now, with people outside of our company, with third parties.
So the problems that IT and IT security organizations are facing is that we want our people and our businesses to be highly productive.
We want people to be able to collaborate and work from anywhere.
Nobody wants to go back to being required to work in an office.
Nobody wants to go back to being, you know, no IT organization wants to bring everything back
on premises and have to manage all of the infrastructure themselves.
That's not the world that we live in.
But we need to do so safely.
We need to balance productivity with security.
We need to make sure that things are done safely because not only the costs of a breach,
but the incentives to monetize
malicious access,
either by nation states,
but by cybercriminal groups,
by insider threats,
the incentives are greater
than they've ever been.
It's easier than ever
to monetize access
to a system if you get in maliciously,
to steal data,
to encrypt data,
to get access to intellectual property
and trade secrets.
The incentives are greater
than they've ever been.
The complexity is higher
than it's ever been,
and it's only going
to go up. Things aren't going to get simpler, which means that the risks, and risk is a calculation
of what's the impact of something happening and what's the likelihood of it happening.
Well, as organizations move fast and break things, the likelihood of something going wrong
continues to go up. So the risks are greater. To going back to your initial point, I think I would
not caution against moving fast and breaking things, but I would certainly encourage organizations
to think very critically about managing risk,
which I think good organizations,
good enterprises, that's what they do.
You know, I think it's fair to say
that we are in an era of rapid innovation,
and I think with that comes the impulse for high velocity.
I'm curious, as you're out and about talking with SISOs,
what are their biggest concerns?
What are the things that are top of mind for them?
You know, I've asked a version of that question
to Sissos in the past.
Sometimes it's phrased,
what keeps you up at night because it's a good question and it's an interesting one we'd like it
i mean kind of the royal we we'd like someone like a chief information security officer to say
something like you know what keeps me up at night you know what i'm most concerned about north
korea nation state actors or you know what really keeps me up at night insider threats we've got
intellectual property and boy if an insider gets a hold of it it could really bury us or you know what
keeps me up at night this this one cyber criminal group uh that that's in the news or you know what keeps me
at night, the vulnerability in this one platform or application, whether it's Salesforce or
Snowflake or something like that. But if we're intellectually honest, I stopped asking that
question a while ago of CSOs directly because the ones that were really smart and forward
thinking always gave some version of the exact same answer. It wasn't one of these things that
we would tell an immediately a good story. The answer that I got most commonly and the answer
that I'm going to give you now is it's not one of these things that we can quantify.
It's the unknown unknowns, to paraphrase Donald Rumsfeld.
It's the things that we don't know about.
And I think in a world of rapid innovation, as you put it, velocity, the number and the scale
of the unknown unknowns continues to increase.
That's what security leaders, I find, are the most concerned with.
And what's really interesting about what's happened over the last couple of years now with
the, I don't want to say the advent, but the evolution of generative AI. And I use that word
really specifically because we've been using not just Voronis as a technology, but I mean, again,
the royal we. We've been using machine learning and neural network techniques for a long time
to do a variety of different things. But ever since chat GPT dropped and generative AI built on
large language models became such a part of all of our daily lives. What I'm finding is that for a
so as the unknown unknowns are growing faster than they ever were before for a few reasons.
It's suddenly all of the issues related to the lack of a perimeter and the lack of visibility
into what data they have and where it is and how it's being used is suddenly a problem that
they can no longer ignore, the ostrich defense of putting your head in the sand.
I don't think it ever worked, but it's even less relevant these days.
And at the same time, you've got enterprises and organizations and boards that are pushing
very hard to realize the benefits of these technologies. They want to monetize their data. They want to
make their people more productive. They want to move fast. They want to take advantage of all this
velocity. So if you're a security leader, suddenly the problems are getting bigger, faster,
you have less time to solve them, and you're being told you better solve them right away.
All of those, it's been an interesting confluence of all of those factors over the last,
let's say, two, three years. Yeah. You know, you mentioned AI, and no question
And again, generative AI is everywhere these days.
But we've got both the sanctioned co-pilots, but then also that Shadow IT, or as I've heard
people referring to it lately, Shadow AI that kind of slips in under the radar.
What are you seeing in customer environments?
How are they handling this?
Well, that's a great question.
Different folks are handling different pieces of this problem in different ways.
In addition to the two, I would call them, pillars of AI security issues that you just brought up,
there's the sanctioned co-pilots and chatbots, the Microsoft co-pilots, the agents, the companies are trying to deploy.
There's also the sanctioned public chatbots, the chatchipTs of the world, the collads, the Geminize.
There's the shadow AI and shadow ITs.
There's also companies that are trying to build big AI infrastructure to, to,
get more use out of their enterprise data.
All of those have potential productivity and convenience and monetization gains,
but all of those certainly have security risks.
I think the story that illustrates a lot of this problem best is...
So I was at one of the big banks before I came to Veronis,
which was 15 years ago now.
I was in architecture for people can go on my LinkedIn.
You can see it.
I was at UBS.
and what's interesting when you work at a big bank is you and I was in IT so I was in
architecture but I also worked really closely with our service desk because I helped with
a lot of the desktop productivity tools that a lot of the bank used and what I learned was
that if you want to see who gets the most love for MIT go to the trading floor of a bank
UBS at the time had the biggest trading floor in the world at Stanford Connecticut
and it's true at most big banks they've got a trading floor
somewhere. And those users, those people, those men and women, they get the most love. They have
nine monitors. They've got the latest devices. If they open a help desk ticket, somebody is in
front of them in a couple of minutes. And it's, the reason for this is, it's kind of obvious when you
think about it, because if you can make a trader more productive, or the flip side of it is if they
are not productive, if they can't work, the bank makes money if they're productive. The bank
loses money if they can't work. So one of these banks that we were working with, not
EBS, but another one, they were piloting at the time this brand new AI technology called
Microsoft co-pilot for 365.
Pretty common now.
A lot of knowledge workers have it these days.
But at the time, it was relatively expensive.
It was relatively new.
And I met the VP of Modern Workforce at this bank.
And she told me an interesting story.
She said, yeah, we gave it to users on our trading floor because, of course, we do.
We pilot everything with them because if we can make them more productive, then it proves the ROI of the
investment in this technology or this tool. And they gave copilot to a few of these users to see
what would happen. And one of them asked, what I come to think of is actually kind of a smart
question. Banks have a lot of data. Banks have a lot of smart people. Banks create a lot of
analysis. They do a lot with data. So he asked a question of co-pilot, what stocks do our employees
invest in? Because you figured the bank has a couple hundred thousand employees. There's probably some
patterns and how these employees invest personally, and maybe that'll give him some edge.
He was expecting, because he'd been using chat GPT for a few months, in expecting a couple
of paragraphs of, you know, here's the kinds of equities that the bank's employees tend
to invest in at certain times of year, and maybe he would get some insight that would help
him. Instead, what he got were thousands of lines of names, account numbers, social security
numbers, and positions of employee 401Ks, which he was surprised to see.
didn't really help him all that much.
And as soon as he saw, he called, you know, the co-pilot team and said, wait, should I be seeing this?
They immediately turn it off.
Yeah.
Change the trajectory of his day, right?
Yeah.
Well, he turned it off and ignored and went on the rest of his day.
They immediately switched it off because, in her words, like, this is a privacy nightmare.
Like, we can get sued out of business.
Right.
And I told that story to other technologists, and I've gotten a lot of over the years.
I've told that story it happened a couple years ago.
And people would say, that's ridiculous because co-pilot doesn't, and these AI tools,
they don't punch holes in systems.
They're not going to get you access to something they're not supposed to have access to.
And I said, this is exactly right.
But what happened in this case, and I know this is how I'm going to answer your question.
What happened in this case was somebody on their comp team had created a spreadsheet,
done an analysis of employee 401k data, who's totally within their bounds of their role.
They had access to that data.
They created that spreadsheet.
They saved it in a Microsoft Teams site.
And for those that don't know, Microsoft Teams is built on top of Microsoft SharePoint.
And it's basically a big data store with its own directory.
And they had saved this spreadsheet inside a team site.
And in Microsoft 365, there's a share button on top of all of your documents.
And that lets you collaborate really easily with other people.
You click share and I can share something with you or with somebody else on my team or internally at Barronis.
And suddenly we can work on it together.
But what that means is it doesn't really matter where data is anymore.
And it also makes it really easy for things to be opened up to.
people who aren't supposed to see it. And in this case, somebody had shared it with a email
distribution list that included by accident everybody in the company. So they had this spreadsheet
with all these employee 401k positions, and it was open to every single person in the bank.
It would be like leaving the bank fault wide open to every employee. But the problem was nobody,
or not the problem, it wasn't an issue because nobody knew about it. So nobody had gone hunting
for this data. No insider had found it. No attacker had got a hold of it. And this
trader, he wasn't an insider threat or an attacker either. He asked a pretty innocent question
using a new tool. But because he had access to this and because co-pilot is the greatest
information retrieval tool that we've probably ever created as a species, suddenly that data
got presented to him, even though he wasn't supposed to have access. And it highlights the
issues that security teams are facing in the face of we want to innovate, we want to take advantage of
these new technologies, but a lot of the security observability, visibility, the preventive
controls, the detective controls that we have in place to try to prevent this kind of thing
from happening are a little outdated. The ways that we think about collaboration and access and
behavior and security holistically, I've gone through that scenario with security leaders.
And I've gotten into the weeds of here's exactly how this happened and exactly
why this could happen to you
and they'll often stop me and say
you're talking about issues that we've
had for 20 years
like we don't know where all of our data
is and people generally have access to way too much
because of course they do. That's just the way
our world works these days
and of course we don't know where all of our most sensitive data is
because how could you? It could be anywhere.
Data's like life in Jurassic Park, it finds a way.
It's in OneDrive shares in SharePoint sites.
It's on devices. It's in emails.
It's in applications.
it's in records, it's in databases, it's in all the hyperscalers, like it ends up everywhere.
How could we possibly control it?
And I would say, yeah, you're right, but you better, or else your co-pilot pilot's going to get
stuck in pilot and you're never going to use it, or you're going to suffer your first AI
data breach.
So it's kind of choose your, pick your poison.
You've got to do one or the other, or you have to rethink a lot of what you thought
you knew about security and about observability and about controls and honestly about automation
because robots created this problem.
Robots are going to have to solve it.
That's Brian Vetchy, field CTO at Veronis.
Think your certificate security is covered.
By March 26, TLS certificate lifespans will be cut in half,
meaning double today's renewals.
And in 2029, certificates will expire every 47 days,
demanding between 8 and 12 times the renewal volume.
That's exponential complexity, operational workload, and risk,
unless you modernize your strategy.
CyberArk, proven in identity security,
is your partner in certificate security.
CyberArk simplifies life cycle management
with visibility, automation, and control.
at scale.
Master the 47-day shift with CyberArk.
Scan for vulnerabilities,
streamline operations, scale security.
Visit cyberark.com slash 47-day.
That's cyberark.com slash the numbers 47-D-A-Y.
And now a word from our sponsor, Threat Locker.
the powerful zero-trust enterprise solution that stops ransomware in its tracks.
Allow listing is a deny-by-default software that makes application control simple and fast.
Ring fencing is an application containment strategy, ensuring apps can only access the files,
registry keys, network resources, and other applications they truly need to function.
Shut out cybercriminals with world-class endpoint protection from Threat Locker.
And finally, the U.K. government has finally put flesh on the bones of its digital ID plan,
perhaps hoping to reassure the 2.7 million citizens who've already signed a petition demanding it be scrapped.
Prime Minister Kier Starrmer, who somehow forgot to mention the idea during his election campaign,
now says the digital credential will streamline Bureau.
and make right-to-work checks easier. Palantir, often accused of being too cozy with
government, has declined to bid, citing its policy of only supporting initiatives with an electoral
mandate. The move echoes Estonia's efficiency drive, but arrives under the shadow of Big
Brother Watch, which warns of creeping state surveillance. Officials insist it won't be compulsory,
police can't demand it, and privacy will be respected.
Still, skeptics say, Starmer must explain why Britons should trust yet another government IT scheme
or risk watching his flagship digital ID whither before it even launches.
Whether it becomes a passport to convenience or just another card nobody asked for,
the fate of Britain's digital ID may hinge less on technology and more on trust.
And that's the Cyberwire.
For links to all of today's stories,
check out our daily briefing at the Cyberwire.com.
Be sure to check out this weekend's research Saturday
and my conversation with Asafthahan,
Director of Threat Research at Palo Alto Networks.
We're discussing Phantom Taurus, a new China-Ate-Torris,
a new China APT uncovered by Unit 42.
That's Research Saturday.
Do check it out.
A quick note before we wrap up,
I don't like to toot my own horn,
but I've been nominated for the Sands Difference Maker Award
in the Media Creator of the Year category.
I'm honored to be recognized and would appreciate your support.
You'll find a link to vote in our show notes,
and voting is open until Wednesday, October 8th at 1159 p.m.
Eastern. Thanks for listening and for being part of the N2K CyberWire community.
We'd love to know what you think of this podcast. Your feedback ensures we deliver the insights
that keep you a step ahead in the rapidly changing world of cybersecurity. If you like our show,
please share a rating and review in your favorite podcast app. Please also fill out the survey
and the show notes or send an email to Cyberwire at N2K.com. N2K's senior producer is Alice Caruth,
Our Cyberwire producer is Liz Stokes.
We're mixed by Elliot Peltzman and Trey Hester
with original music by Elliot Peltzman.
Our executive producer is Jennifer Ivan.
Peter Kilby is our publisher, and I'm Dave Bittner.
Thanks for listening.
We'll see you back here next week.
Cyber Innovation Day is the premier event for cyber startups, researchers, and top VC firms
building trust into tomorrow's digital world.
Kick off the day with unfiltered insights and panels on securing tomorrow's technology.
In the afternoon, the eighth annual Data Tribe Challenge takes center stage
as elite startups pitch for exposure, acceleration, and funding.
The Innovation Expo runs all day, connecting founders, investors, and researchers around breakthroughs in cyber security.
It all happens November 4th in Washington, D.C.
Discover the startups building the future of cyber.
Learn more at cid.d. datatribe.com.