CyberWire Daily - When spyware backfires.

Episode Date: May 7, 2025

A jury orders NSO Group to pay $167 millions dollars to Meta over spyware allegations. CISA warns of hacktivists targeting U.S. ICS and SCADA systems. Researcher Micah Lee documents serious privacy ri...sks in the TM SGNL app used by high level Trump officials. The NSA plans significant workforce cuts. Nations look for alternatives to U.S. cloud providers. A medical device provider discloses a cyberattack disrupting its ability to ship customer orders. The Panda Shop smishing kit impersonates trusted brands. Accenture’s CFO thwarts a deepfake attempt. Our temporary intern Kevin Magee from Microsoft wraps up his reporting from the RSAC show floor.  Server room shenanigans, with romance, retaliation, and root access. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Wrapping up RSAC 2025, we’re joined by our partner Kevin Magee, Global Director of Cybersecurity Startups at Microsoft for Startups. Kevin brings the energy with a high-octane medley of interviews directly from the show floor, featuring sharp insights and bold ideas from some of cybersecurity’s most influential voices. It’s the perfect, fast-paced finale to our RSAC coverage—check out the show notes for links to all the guests featured! In this segment, you’ll hear from Eoin Wickens, Director of Threat Intelligence of HiddenLayer, Jordan Shaw-Young, Chief of Staff for Security Services at BlueVoyant, Gil Barak, co-founder and CEO of Blink Ops, and Paul St Vil, VP of Field Engineering at Zenity. You can also catch Kevin on our Microsoft for Startups⁠ Spotlight, brought to you by N2K CyberWire and Microsoft, where we shine a light on innovation, ambition, and the tech trailblazers building the future right from the startup trenches. Kevin and Dave talk with startup veteran and Cygenta co-founder FC about making the leap from hacker to entrepreneur, then speak with three Microsoft for Startups members: Matthew Chiodi⁠ of ⁠Cerby⁠, ⁠Travis Howerton⁠ of ⁠RegScale⁠, and ⁠Karl Mattson⁠ of ⁠Endor Labs⁠. Whether you are building your own startup or just love a good innovation story, listen and learn more here. Selected Reading Spyware-maker NSO ordered to pay $167 million for hacking WhatsApp (The Washington Post) CISA Warns of Hackers Attacking ICS/SCADA Systems in Oil and Natural Gas Companies (Cyber Security News) Despite misleading marketing, Israeli company TeleMessage, used by Trump officials, can access plaintext chat logs (Micha Flee) NSA to cut up to 2,000 civilian roles as part of intel community downsizing' (The Record) NIST loses key cyber experts in standards and research (Cybersecurity Dive) A coherent European/non-US cloud strategy: building railroads for the cloud economy (Bert Hubert) Medical device giant Masimo says cyberattack is limiting ability to fill customer orders (The Record) New Chinese Smishing Kit Dubbed 'Panda Shop' Steal Google, Apple Pay & Credit Card Details (Cyber Security News) Accenture: What we learned when our CEO got deepfaked (Computing) IT Worker from Computacenter Let Girlfriend Into Deutsche Bank’s Restricted Areas (GB Hackers) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcript
Discussion (0)
Starting point is 00:00:00 You're listening to the CyberWire Network, powered by N2K. And now a word from our sponsor, Spy Cloud. Identity is the new battleground, and attackers are exploiting stolen identities to infiltrate your organization. Traditional defenses can't keep up. Spy Cloud's holistic identity threat protection helps security teams uncover and automatically remediate hidden exposures across your users from breaches, malware, and phishing to neutralize identity-based threats like account takeover, fraud, and ransomware.
Starting point is 00:00:40 Don't let invisible threats compromise your business. Get your free corporate dark net exposure report at spycloud.com slash cyberwire and see what attackers already know. That's spycloud.com slash cyberwire. A jury orders NSO Group to pay $167 million to Meta over spyware allegations. CISA warns of hacktivists targeting US ICS and SCADA systems. Researcher Mika Lee documents serious privacy risks in the TM Signal app used by high-level Trump officials. The NSA plans significant workforce cuts. Nations look for alternatives to U.S. cloud providers.
Starting point is 00:01:33 A medical device provider discloses a cyber attack disrupting its ability to ship customer orders. The Panda Shop's mission kit impersonates trusted brands. Accenture's CFO thwarts a deep fake attempt, our temporary intern, Kevin McGee from Microsoft, wraps up his reporting from the RSAC show floor, and server room shenanigans with romance, retaliation, and root access. ["Retaliation"]
Starting point is 00:02:00 ["Retaliation"] ["Retaliation"] ["Retaliation"] ["Retaliation"] It's Wednesday, May 7th, 2025. I'm Dave Bittner and this is your CyberWire Intel Briefing. A U.S. federal jury has ordered Israeli spyware maker NSO Group to pay over $167 million in damages for hacking into WhatsApp and targeting more than 1,000 people. The ruling caps a six-year legal battle led by WhatsApp's parent company, Meta, which accused NSO of using its Pegasus spyware to breach U.S. anti-hacking laws. The damages include $167 million in punitive and $440,000 in compensatory penalties, marking a record hit
Starting point is 00:03:08 to the spyware industry. Although NSO claims it only sells to governments for lawful use, investigations show Pegasus has targeted journalists, activists, and officials worldwide. The ruling also rejected NSO's claim of immunity and exposes the broader threat spyware poses to privacy and democracy. NSO says it may appeal. Metta says they plan to donate damages to digital rights groups. CISA, alongside the FBI, EPA, and Department of Energy has issued a joint advisory warning that unsophisticated cyber actors are actively targeting industrial control systems and SCADA systems in the U.S.
Starting point is 00:03:53 oil and gas sector. These attackers, likely hacktivists, exploit poor cyber hygiene using basic tools like default credentials, brute force attacks, and misconfigured remote access. Despite their simplicity, such intrusions can lead to serious consequences including system shutdowns or physical damage. CISA urges asset owners to immediately remove OT systems from the public Internet, enforce strong passwords and phishing-resistant MFA, secure remote access, segment networks,
Starting point is 00:04:27 and prepare for manual operations. The alert also stresses reviewing third-party access and system configurations. This follows recent warnings about critical vulnerabilities in ICS devices from major manufacturers. Security researcher Mika Lee has documented serious privacy risks in the TM Signal app, a modified version of Signal used by Trump officials. Despite marketing claims, Lee's analysis of TM Signal's Android source code confirms the app sends plain text copies of messages to TeleMessages'
Starting point is 00:05:06 AWS hosted archive server, bypassing Signal's end-to-end encryption. These chat logs, which include Signal, WhatsApp, Telegram, and possibly WeChat messages, are vulnerable to access by the Israeli firm's staff and potentially foreign intelligence. The discovery was validated by a recent hack of tele-message that revealed plain-text messages in server memory. Senator Ron Wyden has urged the DOJ to investigate, citing national security concerns. TM Signal appears visually identical to Signal and interoperates with it, making it difficult
Starting point is 00:05:45 for users to detect the switch. Lee warns that powerful U.S. officials using this insecure app may have exposed sensitive communications possibly for years. TeleMessage has since taken its archive server offline. The NSA is planning to cut up to 2,000 civilian positions around 8% of its workforce as part of a broader Trump administration effort to shrink the federal government. The downsizing affects roles across the agency including cybersecurity and administrative staff. Cuts are tied to a Defense Department directive to reduce its budget by 8%
Starting point is 00:06:25 annually for five years affecting all combat support agencies. The NSA is focusing on early retirements and buyouts to avoid mass layoffs. Meanwhile, key cybersecurity leaders at NIST including Computer Security Division Chief Matthew Schull are departing amid federal downsizing in the Trump administration, raising serious concerns about NIST's capacity to lead in AI and post-quantum cryptography. Over 20 percent of CSD's federal staff have exited, jeopardizing critical research and weakening collaboration with industry. Experts warn the loss of institutional knowledge will hamper standards development and shift more cybersecurity burdens to businesses.
Starting point is 00:07:12 NIST's budget may also face steep cuts under Trump's fiscal year 26 proposal. All of this instability and uncertainty in the US.S. has triggered global demand for alternatives to U.S. cloud dominance. Europe is seeking digital sovereignty through a strategy that moves beyond simply replicating Amazon, Google, or Microsoft. The goal is to build a viable European cloud ecosystem that's not only technically credible, but politically and economically independent. This means reducing dependency on proprietary U.S. services, investing in open-source software
Starting point is 00:07:52 tailored for cloud infrastructure, and supporting European service providers. Governments play a critical role by funding development, shaping procurement policies, and enforcing privacy laws like GDPR to prioritize local solutions. While Europe already has strong hosting and networking players, transitioning them into full-service cloud providers requires new business models and technical capabilities. The plan resembles building digital railroads, laying the foundation for others to innovate upon. This initiative, echoed by concerns in Canada, Australia, and New Zealand,
Starting point is 00:08:32 represents a broader global desire to break free from U.S. tech hegemony and establish trusted local control over critical infrastructure. Medical device giant Massimo has disclosed a cyberattack that disrupted its ability to process and ship customer orders. The breach, detected on April 27, has forced some manufacturing facilities to operate below normal levels. In a filing with the SEC, the California-based company said it isolated affected systems, engaged cybersecurity experts,
Starting point is 00:09:06 and notified law enforcement. The nature and scope of the attack remain under investigation, and Massimo has not confirmed if ransomware was involved. Despite the disruption, CEO Katie Seisman stated during an earnings call that the incident is not expected to affect financial guidance. Massimo, known for its pulse oximetry and patient monitoring tools, joins a growing list of manufacturers hit by cyber attacks that have caused major operational and financial setbacks, including Clorox, Johnson Controls, and Sensata Technologies. controls, and Sensata technologies. A new China-based smishing kit called PandaShop is enabling cybercriminals to steal financial
Starting point is 00:09:50 data by impersonating trusted brands like the US Postal Service, DHL, and major banks. Discovered by Re-Security, the kit creates mobile-optimized phishing pages that convincingly mimic legitimate websites. It supports the theft of Google Pay, Apple Pay, and credit card details, and can send up to 2 million messages daily, potentially targeting 60 million victims per month. Unlike older SMS-based scams, PandaShop uses advanced tactics including Google RCS and Apple iMessage, evasion methods to bypass detection, and OTP interception to defeat multi-factor authentication. Researchers linked it to the smishing triad group due to shared tactics and coding similarities.
Starting point is 00:10:41 Configuration files and domain data point to operations based in China. The attackers boldly claim to be beyond the FBI's reach, further emphasizing the challenge of combating transnational cybercrime. Last May, someone impersonating an attorney set up a video call with Accenture's CFO and a very convincing deepfake of CEO Julie Sweet. The fake Julie asked for an urgent funds transfer. Luckily, the CFO followed company protocols, and no money left the company. Flick March, Accenture's EMEA Cyber Strategy lead, recounted the close call at the Cyber Security Festival, warning that deepfakes are changing the game.
Starting point is 00:11:29 With inexpensive tools now readily available, even trained professionals are fooled. Half failed a recent deepfake test. March calls this a paradigm shift in the attack vector. Deepfakes now blur the lines between cyber, fraud, and disinformation, demanding a total rethink of security strategies. Companies must embrace identity security, establish security communication channels, and train teams to question even seemingly authentic requests. If something feels off, says March, you should feel empowered to say, call me back on Monday.
Starting point is 00:12:16 Coming up after the break, our temporary intern Kevin McGee from Microsoft wraps up his reporting from the RSAC show floor, and server room shenanigans with romance, retaliation, and root access. Stay with us. traditional pen testing is resource intensive, slow and expensive providing only a point-in-time snapshot of your application's security leaving it vulnerable between development cycles. Automated scanners alone are unreliable in detecting faults within application logic and critical vulnerabilities. Outpost 24's continuous pen testing as a service solution offers year-round protection, with recurring manual penetration testing conducted by Crest-certified pen testers, allowing you to stay ahead of threats and ensure your web applications are always secure.
Starting point is 00:13:34 We've all been there. You realize your business needs to hire someone yesterday. How can you find amazing candidates fast? Well, it's easy. Just use Indeed. When it comes to hiring, Indeed is all you need. Stop struggling to get your job post noticed. Indeed's Sponsored Jobs helps you stand out and hire fast. Your post jumps to the top of search results so the right candidates see it first. And it works. Sponsored jobs on Indeed get 45% more applications than non-sponsored ones. One of the things I love about Indeed is how fast it makes hiring. And yes, we do actually
Starting point is 00:14:11 use Indeed for hiring here at N2K Cyberwire. Many of my colleagues here came to us through Indeed. Plus, with sponsored jobs, there are no subscriptions, no long-term contracts. You only pay for results. How fast is Indeed? Oh, in the minute or so that I've been talking to you, 23 hires were made on Indeed, according to Indeed data worldwide. There's no need to wait any longer. Speed up your hiring right now with Indeed.
Starting point is 00:14:40 And listeners to this show will get a $75 Sponsored Job Credit with Indeed. Terms and conditions apply, hiring indeed is all you need. At last week's RSAC 2025 conference, Kevin McGee, Global Director of Cybersecurity Startups at Microsoft, took a break from his day job and helped us. Here's intern Kevin's final report from the RSAC show floor. All right, tell me who you are and what you do. Hi, I'm Owen Wickens, Director of Threat Intelligence at Hidden Lair. Now you've got an interesting report that's just come out. I've had a chance to give it a read and some interesting findings. Can you give me the high level? Sure, absolutely.
Starting point is 00:15:46 We have four parts in our report. Threats to AI systems, threats faced by AI systems, key advancements in AI security, and predictions for the future. We had an interesting survey with 250 respondents. 89% of IT leaders said that ML models are becoming business critical in their organization. 74% reported that they knew they had an AI breach over the last year, and 95% have
Starting point is 00:16:10 budget allocated for AI security over the coming year. Okay, so if I'm a CISO reading this report, what's the one thing I should look at that's most important? And agentic AI is the future, but we've discovered all sorts of classes of vulnerabilities across the supply chain, such as attack techniques like shadow logic detrimental threats like indirect prompt injection to AI systems So you're here at RSA now you're presenting But what else are you looking to learn while you're here from other vendors or from presentations or some of the sessions? I want to find out how people are utilizing agentic systems in the real world today
Starting point is 00:16:42 I think agentic is the future tool equipped LLMs with persistent data models are enabling wonders that we haven't seen before. It's almost like an industrial revolution. Instead of the printing press, it's now intelligence that's being commoditized. Awesome. What's the one fun thing you've seen? So after party, interesting booth. Anything of note that you'd like to pass on to those that couldn't attend? Myself and my colleague Kazimir checked out the goats this morning. The goats, excellent. Thank you very much. Thanks Kevin. Alright, from the floor of RSA, tell me who are you and what do you do? Hey, so I'm
Starting point is 00:17:16 Gil, I'm the co-founder and CEO of BlinkOps. What does BlinkOps do? We are an automation platform. We focus on automating all of the security across SOC, GRC, IAM, cloud security and vulnerability management and so on. Awesome. It sounds like you've got a great presence here. You got a ton of folks here. How's the show been for you? It's been amazing. There's way too many people but it's been going pretty well. We have a lot of traction, a lot of activity, customers, partners, especially with Microsoft. Awesome.
Starting point is 00:17:48 What's the number one challenge that customers are bringing to you that you're helping solve right now? I would say that automation has always been an issue for customers, but I think for the first time in the past forever is the boards of organizations are talking about optimizing their organization using automation and AI and there's been a void between what the board wants and what the team can actually do and so I think we're in a
Starting point is 00:18:12 great position to fill that void. So my investment thesis is automate, remediate, and govern. So very aligned to you what you do as well too. So what is the number one thing that you would like to to tell those business leaders and boards about what they should be thinking about in terms of securing their organizations for the for the new age of AI? I think that obviously AI agents are the future but the problem with AI agents is that they're also probably the biggest security risk for organizations is they're essentially autonomous and if you give them admin access to your systems, they might actually suspend all your accounts,
Starting point is 00:18:49 delete all your devices, and so on. So there's a gap to bridge between that and something you can trust. What we've done at Blink is we've built a workflow engine that's deterministic, so you can pre-define a workflow however you want to see it, define it, and at the same time, you can also build autonomous agents.
Starting point is 00:19:10 Bridging those together, in my personal opinion, is the holy grail, as opposed to going to a vendor and trusting that whatever agent they built will work out of the box. So, you're here at RSA, what's the coolest thing you've seen or what's the big theme that you think is coming out of the show? Coolest thing I've seen?
Starting point is 00:19:28 Well, there's a lot of animals in this conference. We've seen puppies and then goats all over the place. But otherwise, it's really nice to see that so many people are attending the conference. I think it's actually bigger than last year, or at least it feels like it. And it brings everybody together, customers, vendors, partners. I think it's a fantastic conference. Awesome, thanks for your time and have a great RSA.
Starting point is 00:19:53 All right, so start off by telling me, who are you and what do you do? Hey Kevin, it's Jordan Shaw-Young. I'm the Chief of Staff of Detection Response at Blue Voyant. Blue Voyant, MSSP, in a lot of different areas, helping enable customers to not only deploy security, but also manage their security resources. So, tell me a little more about what the company does.
Starting point is 00:20:13 Yeah, we're an MDR provider, so we do detection response. A lot of the work we do is with our partner, Microsoft, who we're here with in the booth. BlueVoyant is also a detection response provider for supply chain risk and third party risk. So we kind of apply what we do in detection response, both internally as well as into our customers' extended supply chains and third parties.
Starting point is 00:20:31 Now you and I have known each other for a long time. I know you always have your eye on what's cool, what's new, what's upcoming. So around the show, what have you got your eye on? What themes are you looking for? You know, give me some hints. Yeah, the detection automation. So some of the companies that are looking at ways
Starting point is 00:20:46 of helping SOCs manage volumes of detections and finding really high fidelity detections are really interesting vendors for us. There's a lot of new, interesting technology coming up in that area. That's where we do a lot of our work. So yeah, that's sort of been my highlight. Now I'm required to make you say NJETIC AI.
Starting point is 00:21:03 So if you could tell me a little bit about that. That seems to be the number one theme here. Yeah, Blue Point's been doing R&D in AI and in NGETIC AI specifically. We've been doing a lot of work with Microsoft. We've released a AI agent with the Secure Exchange. So Blue Point's going to be doing a whole ton of work with Microsoft, Microsoft Co-Pilot,
Starting point is 00:21:21 and it's really going to be transformational for SOC operations at some point in the future. So one of the biggest challenges we hear about is just there's not enough people in our industry. So what are you doing to help solve for some of those problems, both in managed services, but also in developing IP and technology to bridge some of those gaps?
Starting point is 00:21:38 Yeah, I've heard that. I don't know how accurate that is that we have this giant skills gap, in terms of numbers of people, but what we definitely do have is a lack of specialized skills in certain areas. And so it's very difficult to find people who are, detection engineering is a good example of something, where we put a lot of effort into finding really strong
Starting point is 00:21:57 detection engineers who are able to synthesize threat intelligence and build these into detections to find evil in customer networks. So where we're able to find technology to augment some of that, that's really difficult talent to find. So anything we can we can find to bring into our tech stack to help them out. That's really what we're after. All right, so what's the big fun moment? What's the best after party? Give me something really interesting that you've seen or done exciting at RSA this year. Yeah, that's a good question. I think whatever vendor it was who brought the goats and the goat pen, that beats the dogs and the monster truck. I actually don't actually know who the vendor was,
Starting point is 00:22:34 but you know, that's a bold move to bring a whole goat pen. That's awesome. I keep looking for the goats. I haven't found the goats yet, but it's on my list to check out. Well, thanks, Jordan. Great to see you again and have a great RSA. All right so tell me who are you and what do you do? Hi my name is Paul St. Phil I'm the VP of Field Engineering here at Zenity. What does Zenity do? Zenity secures AI agents everywhere. Everywhere? Tell me about that. Yeah so whether you have them inside of Microsoft Co-Pilot or it's a chat GPT, Salesforce agents, whatever platform you're consuming your agentic AI, we're
Starting point is 00:23:09 there to secure you. Awesome, so what are you hearing on the floor here? What are customers asking you? What are some of their challenges? Yeah, what they're seeing is a big rise in agentic on everybody's banner. In particular, they're seeing the difference between generative AI and agentic AI and how the challenges definitely are not on the same level. Awesome. So if you were to talk to one of your customers or a potential customer, what's the first thing
Starting point is 00:23:32 they should be thinking about that you can help them solve? The first thing they should be thinking about is who's consuming agentic AI inside of their environment? So what co-pilots do they have enabled? And then secondarily, what are the tools and actions and privileges that they think people would be chasing first for their primary use cases? You're a younger guy than me,
Starting point is 00:23:51 so you've probably been hitting the nightlife of RSA. What are any fun activities or anything exciting that's happened that you're willing to share? Yeah, yeah, I've seen a couple people getting some great swag on the floor with these neon bags. I'm hoping that my marketing leader hears me and signs us up for them next year. That's fantastic.
Starting point is 00:24:11 So I've heard puppies, goats, anything else exciting? That's about it for me. Well thanks for your time and have a great RSA. Awesome, thank you. And our heartfelt thanks to Kevin McGee, Global Director of Cybersecurity Startups at Microsoft, for lending his talents to our RSAC coverage. Let's be real, navigating security compliance can feel like assembling IKEA furniture without the instructions.
Starting point is 00:24:55 You know you need it, but it takes forever and you're never quite sure if you've done it right. That's where Vanta comes in. Vanta is a trust management platform that automates up to 90% of the work for frameworks like SOC 2, ISO 27001, and HIPAA, getting you audit ready in weeks, not months. Whether you're a founder, an engineer, or managing IT and security for the first time, Vanta helps you prove your security posture without taking over your life. More than 10,000 companies, including names like Atlassian and Quora, trust Vanta to monitor
Starting point is 00:25:29 compliance, streamline risk, and speed up security reviews by up to five times. And the ROI? A recent IDC report found Vanta saves businesses over half a million dollars a year and pays for itself in just three months. For a limited time, you can get $1,000 off Vanta at vanta.com slash cyber. And finally, a former IT manager is suing Deutsche Bank and its contractor Computer Center, alleging they let a security breach slide right under their noses and into their server rooms. According to James Papa, a fellow IT worker brought his girlfriend, an unauthorized Chinese national with tech skills, into Deutsche Bank's most sensitive tech areas multiple times.
Starting point is 00:26:37 Jenny, as she's called, allegedly accessed secure systems with a contractor laptop all while Papa was off-site. When he reported it, rather than earning a promotion, Papa got the boot. No action was taken against the lovebirds, who later vacationed in China. Now Papa is suing for $20 million, claiming whistleblower retaliation and a good old-fashioned cover-up. As for Deutsche Bank and Computer Center, mum's the word.
Starting point is 00:27:09 Nothing says robust cybersecurity like bring your girlfriend to work day in the server room. And that's the CyberWire. For links to all of today's stories, check out our daily briefing at the cyberwire.com. We'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like our show, please share a rating and review in your favorite podcast app. Please also fill out the survey in the show notes or send an email to cyberwire at n2k.com.
Starting point is 00:27:59 N2K's senior producer is Alice Carruth. Our Cyberwire producer is Liz Stokes. We're mixed by Trey Hester with original music and sound design by Elliot Peltsman. Our executive producer is Jennifer Iben, Peter Kilpe is our publisher, and I'm Dave Bittner. Thanks for listening, we'll see you back here tomorrow. So What's the common denominator in security incidents? Escalations and lateral movement. When a privileged account is compromised, attackers can seize control of critical assets. With bad directory hygiene and years of technical debt,
Starting point is 00:29:05 Identity Attack Paths are easy targets for threat actors to exploit, but hard for defenders to detect. This poses risk in Active Directory, Entra ID, and Hybrid configurations. Identity leaders are reducing such risks with Attack Path Management. You can learn how Attack Path Management
Starting point is 00:29:24 is connecting Ident identity and security teams while reducing risk with Bloodhound Enterprise, powered by SpectorOps. Head to spectorops.io today to learn more. SpectorOps, see your attack paths the way adversaries do.

There aren't comments yet for this episode. Click on any sentence in the transcript to leave a comment.