CyberWire Daily - Zero-day déjà vu.
Episode Date: June 3, 2025Google issues an emergency patch for a Chrome zero-day. A new malware campaign uses fake DocuSign CAPTCHA pages to trick users into installing a RAT. A high-severity Splunk vulnerability allows non-ad...min users to access and modify critical directories. Experts warn congress that Chinese infiltrations are preparations for war. Senators look to strengthen cybersecurity collaboration in the U.S. energy sector. Crocodilus Android malware adds fake contacts to victims’ phones. SentinelOne publishes a detailed analysis of their recent outage. Cartier leaves some of its cyber sparkle exposed. Our guest is Jon Miller, CEO and Co-founder of Halcyon, discussing Bring Your Own Vulnerable Driver (BYOVD) attacks. Microsoft and CrowdStrike tackle hacker naming…or do they? Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today on our Industry Voices segment, we are joined by Jon Miller, CEO and Co-founder of Halcyon who is discussing Bring Your Own Vulnerable Driver (BYOVD) attacks. Listen to Jon’s conversation here. Selected Reading Google patches new Chrome zero-day bug exploited in attacks (Bleeping Computer) Fake Docusign Pages Deliver Multi-Stage NetSupport RAT Malware (Infosecurity Magazine) Splunk Universal Forwarder on Windows Lets Non-Admin Users Access All Contents (Cyber Security News) China hacks show they're 'preparing for war': McMaster (The Register) FCC Proposes Rules to Ferret Out Control of Regulated Entities by Foreign Adversaries (Cooley) US lawmakers propose legislation to expand cyber threat coordination across energy sector (Industrial Cyber) Android malware Crocodilus adds fake contacts to spoof trusted callers (Bleeping Computer) SentinelOne Global Service Outage Root Cause Revealed (Cyber Security News) Romanian man pleads guilty to 'swatting' plot that targeted an ex-US president and lawmakers (AP News) Cartier reports data breach exposing customer personal information (Beyond Machines) Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
You're listening to the CyberWire Network, powered by N2K.
And now a word from our sponsor, Spy Cloud.
Identity is the new battleground, and attackers are exploiting stolen identities to infiltrate
your organization.
Traditional defenses can't keep up.
Spy Cloud's holistic identity threat protection helps security teams uncover and automatically
remediate hidden exposures across your users from breaches, malware, and phishing to neutralize
identity-based threats like account takeover, fraud, and ransomware.
Don't let invisible threats compromise your business. Get your free corporate dark net exposure report
at spycloud.com slash cyberwire
and see what attackers already know.
That's spycloud.com slash cyberwire. Google issues an emergency patch for a Chrome Zero Day.
A new malware campaign uses fake DocuSign capture pages to trick users into installing
a rat.
A high severity Splunk vulnerability allows non-admin users access to modify critical
directories.
Experts warn Congress that Chinese infiltrations are preparations for war.
Senators look to strengthen cybersecurity collaboration in the U.S. energy sector.
Crocodilus Android malware adds fake contacts to victims' phones.
Sentinel One publishes a detailed analysis of their recent outage.
ParTIA leaves some of its cyber sparkle exposed.
Our guest is John Miller, CEO and co-founder of Halcyon,
discussing bring-your-own-vulnerable-driver attacks.
And Microsoft and CrowdStrike tackle hacker naming.
Or do they?
It's Tuesday, June 3rd, 2025. I'm Dave Bittner and this is your CyberWire Intel Briefing. Thanks for joining us here today.
It's great to have you with us.
Google has issued an emergency update patch to a Chrome Zero Day, the third such vulnerability
in Chrome exploited in the wild this year. The flaw found in Chrome's version 8 JavaScript engine allows out-of-bounds memory access
and was discovered by Google's Threat Analysis Group.
A mitigation was applied within a day, and the full fix is included in recent versions
for Windows and Mac and Linux.
Google is withholding full details of the exploit until
more users apply the patch. Earlier in 2025, Chrome Zero Days were used in espionage and
account hijacking campaigns. Last year, Google Patch 10 exploited or demoed Chrome Zero Days.
A new malware campaign is using fake DocuSign CAPTCHA pages to trick users into installing
the NetSupport Remote Access Trojan, according to Domain Tools.
The attack begins with a spoofed website that mimics DocuSign branding.
Users are prompted to check a box which triggers clipboard poisoning.
A malicious PowerShell script is copied to the clipboard with instructions
to run it manually. If executed, the script downloads further payloads, sets up persistence
via GitHub-hosted malware, and ultimately installs NetSupport RAT for remote control.
The campaign uses familiar tools and layered tactics like ROT13 encoding and script chaining to evade detection.
Domains mimicking Okta, Netflix, and Spotify were also used.
Domain tools warns users to be cautious of sites prompting script execution and to inspect
URLs and certificates carefully to avoid deception-based threats. A high severity vulnerability in Splunk Universal Forwarder for Windows allows non-admin users
to access and modify critical directories due to incorrect permission settings during
installation or upgrades.
With a CVSS score of 8, this flaw affects multiple versions, posing significant risks to organizations
that rely on Splunk for log forwarding and security monitoring.
The bug enables potential exposure or manipulation of log data, which could lead to data breaches
or tampered audit trails.
Splunk urges immediate upgrades to patched versions.
For those unable to upgrade, a mitigation is available
to strip vulnerable permissions. This fix must be applied after any install, upgrade,
or reinstall to prevent unauthorized access and maintain security integrity.
Retired Lieutenant General H.R. McMaster warned lawmakers that China's deep infiltration into U.S. telecommunications
and critical infrastructure is part of a broader war preparation strategy.
Speaking at a House Homeland Security Committee field hearing, McMaster linked recent cyber
campaigns like Volt Typhoon to China's growing military ambitions, including a 44-fold defense budget increase and a possible
first-strike nuclear capability.
He also cited Chinese surveillance balloons aimed at U.S. strategic communications.
Palo Alto Network's Wendy Whitmore echoed concerns, noting that China, alongside Russia,
Iran, and North Korea, is becoming more aggressive
in cyberspace.
Palo Alto blocks up to 31 billion attacks daily, including millions of new threats.
Whitmore stressed the need for faster, two-way public-private collaboration and supported
legislation to strengthen the Joint Cyber Defense Collaborative.
The FCC has issued a proposed rule that would expand ownership reporting requirements for
nearly all entities it regulates, aiming to identify control by foreign adversaries.
The rule would affect companies not currently required to report ownership, including private
radio license holders and video service providers.
Entities must disclose if they are controlled by foreign adversaries like China, Russia,
Iran, or North Korea, including if such parties hold 10% or more in voting or equity interests.
Failure to comply could result in fines or license revocation.
If foreign control is reported, detailed ownership disclosures would be made public and could
trigger national security reviews.
The FCC is also considering requiring updates or periodic reporting, with final rules likely
to take effect by 2026.
Senators Jim Risch, Republican from Idaho, and John Hickenlooper, Democrat from Colorado,
have introduced the Energy Threat Analysis Program Act to strengthen cybersecurity collaborations
in the U.S. energy sector.
The bill would formalize the Department of Energy's Energy Threat Analysis Center as
a central hub for cyber threat intelligence, coordinating efforts between the DOE, CISA, intelligence
agencies, and private energy operators.
The goal is to improve early warnings and threat
mitigation in response to increasingly complex cyber
attacks.
The legislation comes amid growing concern over
fragmented threat reporting and critical infrastructure
vulnerabilities, highlighted by a recent blackout in Spain and Portugal. growing concern over fragmented threat reporting and critical infrastructure vulnerabilities
highlighted by a recent blackout in Spain and Portugal.
Both senators emphasized the need for a resilient energy grid and improved data sharing to safeguard
national security.
The latest version of the Crocodilis Androidware introduces a new feature that adds fake contacts to victims'
phones, allowing attackers to spoof calls from trusted sources like banks or friends.
First observed in Turkey in early 2025, Crocodilus has since expanded globally, now targeting
victims on every continent.
Alongside enhanced social engineering, recent updates also include stronger
evasion techniques, such as codepacking and local data parsing. Researchers warn Crocodilis
is evolving fast and urge users to download apps only from trusted sources.
Sentinel-1 has published a detailed analysis of the global outage that impacted its services
on May 29, attributing it to a flaw in a legacy infrastructure control system.
The disruption, lasting about 20 hours, affected access to the Sentinel-1 management console
but did not compromise endpoint protection or customer data.
The incident began when a new account triggered faulty configuration logic, erasing critical
DNS and network routes.
Sentinel-1 has since taken steps to prevent recurrence, including accelerating its move
to a new infrastructure-as-code architecture, backing up transit gateway settings, and enhancing
automated recovery and customer communication
protocols.
Notably, GovCloud customers were unaffected due to infrastructure segregation.
Tomas Szabo, a 26-year-old Romanian citizen, pleaded guilty to conspiracy and making bomb
threats as part of a swatting campaign targeting about 100 individuals,
including a former U.S. president and members of Congress.
The plot involved false emergency calls to provoke aggressive police responses.
Zabo, extradited last year, acted with Serbian co-defendant Nemanja Radovanovic,
who faces pending charges.
The indictment describes politically neutral targeting and includes a January 2024 hoax
involving a fake murder and bomb threat at a former official's home.
Cartier, the luxury brand known for diamond-studded discretion, has disclosed a data breach that left some
of its sparkle exposed.
In a politely worded note, Cartier admitted that an unauthorized party briefly wandered
through its systems, collecting names, emails, and countries of residence, and presumably
not for a holiday card list.
The company assures customers it's now added extra
polish to its cybersecurity, but advises staying wary of any mysterious messages.
Fashionably late to the or two at Cartier.
Coming up after the break, my conversation with John Miller from Halcyon.
We're discussing bring your own vulnerable driver attacks and Microsoft and CrowdStrike tackle hacker naming or do
they stick around?
Compliance regulations, third-party risk, and customer security demands are all growing and changing fast.
Is your manual GRC program actually slowing you down?
If you've ever found yourself drowning in spreadsheets, chasing down screenshots, or wrangling manual processes just to keep your GRC program on track, you're not alone.
But let's be clear, there is a better way.
Banta's Trust Management Platform takes the headache out of governance, risk, and compliance.
It automates the essentials, from internal and third-party risk to consumer trust, making
your security posture stronger,
yes, even helping to drive revenue.
And this isn't just nice to have.
According to a recent analysis from IDC, teams using Vanta saw a 129% boost in productivity.
That's not a typo, that's real impact.
So if you're ready to trade in chaos for clarity,
check out Vanta and bring some serious efficiency
to your GRC game.
Vanta, GRC, how much easier trust can be.
Get started at vanta.com slash cyber.
John Miller is CEO and co-founder of Halcyon. I recently caught up with him at the RSAC conference for this sponsored conversation
about bring your own vulnerable driver attacks.
We are continuing our conversations here at RSAC 2025.
And joining me here is John Miller.
He is the CEO and founder of Halcyon. John, welcome.
Thank you. Thanks for having me.
So before we dig into our topics here,
for folks who may not be familiar with the company,
give us the brief description of what Halcyon does.
So Halcyon is the first focused anti-ransomware company.
So I came up with the idea that,
even though we're in the most sophisticated state
of cybersecurity ever,
the ransomware groups keep getting more ground, right?
And so my theory was,
it's because everyone's too generalized, right? If you look at an endpoint, if you look at a network technology,
they have to stop everything, everything in a MITRE ATT&CK framework.
And my thought process was if we focused on ransomware,
took apart what they were doing, and Taylor built an obstacle for them,
their techniques, their tools,
we could be more effective, right? So essentially, take a look at the edges
of the security landscape, where there are cracks
that the attackers are exploiting,
and instead of trying to build something
that's parity that already exists,
just focus on those cracks, right?
Coming in with another layer,
you know, make sure that data doesn't get exfiltrated, make sure that they can't lateralize through an environment,
and make sure that if they can affect availability of data,
we can always recover it.
At a speed that's so quick, it's not a big deal anymore,
right, I like to tell customers that
if a ransomware attack's successful
and it just affects a single host
and the data doesn't leave that host
and the data that gets encrypted on that host
is back in like an hour, is it a big deal?
And the answer is always no, it's not.
We can deal with one computer being down.
It's all of them
being down that it turns into a big problem. So we tried to focus on that
value prop, not necessarily protecting everything, but being resilient against
an attack where if they're successful you can evict them out and make sure that
they never get enough leverage to make somebody pay them.
Well, I mean, help me understand your approach to that problem.
How much of it is looking at the individual ransomware groups and the tactics, techniques, and procedures that they use
versus looking at the menu of potential weaknesses that the users have?
It's all ransomware groups.
Okay.
Right, so that's where we've really differentiated it.
I like to call it attacker-led growth, right?
There are 300, 350 different ransomware groups.
And when you look at their tools and tactics
and procedures, they're much similar
than they are dissimilar, right?
So the whole thought was, it's not like defending
against an APT where they have a goal
and they will do whatever it takes to get that goal.
Ransomware's a business, they're all about ROI.
So if you watch what they're doing
and build the biggest obstacle for that, you break them.
They get to a point where they're expending so much effort, they're not gaining ground,
they literally just pack up and leave.
And that's what it's all about, exploiting the weaknesses of the fact that ransomware
is a business, and because of that, you can come at them with business obstacles and break it.
As you look at the trending lines of ransomware, you know, the evolution of it,
in my mind, you know, we're seeing less and less encryption and more double extortion.
Is that an accurate perception?
So I wouldn't say less and less.
Okay.
Right?
What we found over the last couple of years
are people are more reserved in paying them.
Yes.
Everybody understands if you pay these guys,
it keeps them going.
Right.
So everyone, you know,
is trying to get backups,
do their own recovery.
And what they found is,
yeah, that double extortion piece of
exfilling those files and threatening to leak them,
gets people to pay.
They're definitely groups now where that's all they do.
They don't do the lockup at all.
But the lockups are still happening.
And then what we're starting to see,
and you're going to love this.
So you add the encryption, the single extortion,
then you add the data double extortion,
triple extortion comes next, right?
Which is, so think about this.
Go on.
And, and.
What's left, what's left to extort, John?
The actual information, right?
So when double extortion, they have the information,
they say, if you don't give me money, I'm going to leak it.
Right? Triple extortion is, I'm going to leak it. Right?
Triple extortion is, I'm going to read the data
and make money off of that.
Right?
So imagine they compromise a giant corporation.
Yeah.
And this is, everyone loves talking about AI at RSA.
What happens when you can take an entire company's
email school and have an LLM read every email
and then answer your questions.
Right, all the chat logs.
We're now at a point now where there was so much data
that they couldn't really make use of it, right?
You're looking for a needle in a haystack,
but with AI, it's like go through every piece of hay
and separate out all the needles.
So I think you're going to see more and more of, you know,
more attackers, more aggressive attacks,
and then them trying to figure out what they can do
to essentially increase the pain, right?
How do I get more leverage?
If you're not paying now,
how can I make it more painful to make sure that you pay?
There's a term that you shared with me
that I wanna be sure we touch on,
and it's bring your own vulnerable driver, B-Y-O-V-D.
Explain that for us.
We'll unpack that.
All right, so before I unpack that,
I saw a LinkedIn post this morning.
Yeah.
And somebody's been going around RSA graffiti tagging.
Right?
And it was funny because 10 years ago, there was this whole like, A.V. is dead.
Right?
Do you remember that?
Yeah.
I think it was one of the semantic insects came out and was like, A.V. is dead.
And then everyone jumped on it.
What they're tagging is E.D.R. is easily bypassable.
And bring your own vulnerable driver attacks are the easiest most
common way for EDR to be bypassed in a ransomware attack today as well as APT
attacks and so what bring your own vulnerable driver is is the attackers
are figured out instead of going out and finding a zero day and writing an exploit
I can take an old Windows driver that's still signed
and valid and in the Windows catalog,
where someone's already found a vulnerability,
they've already published POC code,
the manufacturer responded, they came out with a new version,
but the problem is you can still load that old version, right?
They don't block it, because if they blocked it,
people that hadn't upgraded yet,
they'd kill them. So what they do is when an attacker gets in, they'll actually bring a
vulnerable driver with them. If there's one not present, they'll then load that up into the system,
exploit it to get kernel privileges, and then disable the EDR, right?
And it's something that the EDR can't really protect against.
It's a problem with Windows
that architecturally can't really be solved
because nobody updates everything in real time.
Right, right.
And so we were the first company to come out with,
how do we, what are the best ways to protect the EDR, right?
CrowdStrike's amazing product, it's very expensive.
How do you make sure that it's on,
delivering that protection in an attack
when you actually need it?
And so we rolled out what we called sidekick protections,
like Batman and Robin.
George Kurtz is Batman, I'm Robin.
Young Ward.
Yeah, I'm Ms. Young Ward.
And it's not just CrowdStrike,
it's Defender, it's Palo Alto at Sentinel One.
Right.
But actually watching for the signals
of these attackers coming in and attacking the EDR
to convict them and shut them down.
Or if they get all of the way
to actually terminating the process,
be the one that's sitting there watching it
and being like, CrowdStrike just got disabled,
some bad's going on, right?
Where that level of signal hasn't existed yet, right?
It's very much following what the attackers are doing
and trying to figure out the best way
and very focused features to really defeat
like kind of that 80%.
I always joke with my team that
we have like 10 different layers of protection and we shot for 80% and I'm
like 10 layers 80% that's 800% efficacy I can live with that right but it it
very much I was at a talk last night and George Kurtz was talking about the the
crash the unpleasantness.
And he was like, it was a Swiss cheese problem where there are always holes.
And he was like, it was the one time where all the layers went together and you could
see all the way through.
So it's how do you come in with those multiple layers where even if somebody is going to
get through, you know on the other side there's a layer, on the other side there's a layer, so on and so on.
It's all about defense and depth.
Well, so help me understand, you know,
as a comparatively non-technical person,
how does it work?
Are you looking at behavioral things?
How do you make sure?
All of it.
So the best way to think about us is
we fill this spot between where an EDR ends and you have to go to backups
to where it comes, right?
So after an antivirus or EDR, whatever,
takes a look at something and says,
this is good, let it run, we come in behind them
and we take a second look.
So we have a pre-execution engine,
this is going to sound crazy,
runs on machine learning models,
they're just trained on ransomware.
Nobody else has done that for some reason.
So it goes to run, we take a look at it and say,
do we think this is ransomware?
If we think it's ransomware, we kill it.
Right, if we're not sure, we'll let it run
and then we have a behavioral engine.
And what we do behaviorally is we look for data
exfiltration and stop it, we look for him attacking the EDR,
we look for him tampering with backups,
and then we look for the actual ransomware encryption
behavior, and they start encrypting files
and deleting stuff.
And so if it gets that far,
we'll actually stop the encryption.
What really makes us unique is when that encryption
starts to run,
we capture and copy the keys.
We tokenize them and we cache them.
We don't know if they're good or bad yet,
but we know they could be,
so let's hold on to it for a little bit.
If it's ransomware, we'll stop it.
There's a stage that comes in where there's
an attacker on your network on that host with admin credentials.
So we come in, we have a team called Rise.
It's a 24 by seven SOC.
And in real time, right, within 60 seconds,
they'll start evicting that attacker.
They'll start looking at what account is it using,
how did it get there, push them out,
and then at the same time, recover that endpoint.
So we always say within minutes
of getting the attacker out of the network,
everything's restored.
If something was encrypted, it's decrypted.
It makes networks the most
theoretically resilient we can
come up with to a ransomware attack.
Where do you suppose we're headed with ransomware?
Like what's next?
Not to a good location, I'll tell you that. Where do you suppose we're headed with ransomware? Like what's next?
Not to a good location, I'll tell you that.
The barrier to entry to ransomware is really low.
Right.
Right, you said that you're not a technical guy,
I can teach you how to be a ransomware guy in two hours.
That's my retirement plan, John.
I mean, so I don't know if this is a good thing to say.
Belize has no computer crimes laws, right?
So if you want to retire down to Belize, they speak English there,
run a ransomware empire.
Just focus on hacking Russian companies,
and I think everyone will be okay with that.
I mean, I'm being flippant about it,
but I think that's a really important point,
is that the barrier to entry is practically zero.
And it keeps getting easier and easier and easier.
Yeah.
And so what we're seeing is the actual attackers are growing.
We're getting more people that are willing to do this because,
well, you might not be willing to be a hacker to go
hack someone for a thousand bucks for $20 million.
for a thousand bucks for $20 million, right? Like, and if your sophistication is sysadmin level,
you can crush it.
And there's no real, I mean, the FBI is doing a great job,
but the problem is the majority of these people
are in Russia and there's very little they can do there.
Right.
So you've got all all these threat actors coming online
in countries where they normally didn't have
offensive cyber stuff going on before.
And then on top of it, I hate to say it,
but critical infrastructure, the colonial pipeline attack,
proved that you can attack American critical infrastructure,
you can get paid for it, and you can get away with it.
Right?
So now we have like, you can do whatever you want,
everyone that wants to do it can do it, it's super easy,
you're gonna get money,
and nobody's gonna try to arrest you.
It's full on a recipe for disaster, right?
I always used to say that security is only limited by the amount of people
that have the skill and the motivation to do it, right? Like a great example was
when Heartbleed came out years and years ago, it wasn't like the internet broke
and I'm like it's it's not that a thousand new attackers came online that
day to exploit that vulnerability and what we're seeing now is just a, above linear rise and the actual people that are
willing to do this and have the capabilities to.
And then on top of it, the sophistication of these attacks is going over kind of nation-state
levels now where nation-states have rules.
There are things they're allowed to do, there are things that they aren't allowed to do.
Criminals have no rules, right?
They get to do whatever works best.
And yeah, I think the next five to ten years are going to be not great.
That's John Miller, CEO and co-founder of Halcyon. And finally, one of the challenges of having this particular job that this podcast host
has is keeping track of all of the names of different threat actors.
You've got your cozy bears, you've got your volt typhoons, you've got your salt typhoons,
everybody has different names for things.
Well, we've been seeing a lot of coverage of a collaboration between Microsoft, CrowdStrike,
Google's Mandiant, and Palo Alto networks to join forces to try to clean up this messy confusing
world of hacker group names. Joining me here is Maria Vermazes from the T-minus Space Daily podcast and also a colleague
here at N2K.
Maria, welcome.
Hi, thanks, Dave.
So let's dig in here.
When you saw this news come across, what was your initial thought here?
Well, the very first thing, thing honestly was the XKCD comic
about there were 14 competing standards
and now everyone agrees that there needs to be a new
standard that covers everyone's cases
and the update is now there are 15 competing standards.
So, I feel like I should just paste that comic on my wall
because it applies so often.
It feels like a good move.
I mean, it's a notable, noble thing that they're trying to achieve,
and certainly they're huge players in the space,
so maybe everyone will follow their lead.
I'm sure that's their hope, but I have some concerns
about how this will actually work.
Well, there's been a little confusion.
I've seen some reporting interpreting this that all these groups are going to adopt Microsoft's
naming conventions and Microsoft uses different types of weather for different groups.
But that doesn't seem to be the case when you look at how CrowdStrike is describing
this and some of the other folks.
It seems as though this is just going to be a Rosetta Stone
where everyone gets to keep their own names,
but we have a handy spreadsheet to cross reference and...
Good luck, everybody.
And good luck to whoever has to maintain that.
That's gonna be such a nightmare going forward, let alone just at the starting point.
So, again, I have so many questions about how this is gonna work.
As our CyberWire editor here pointed out, Tim Nodar said that MITRE has been doing this.
There's an online source called Malpedia that does this.
Why not use that?
I don't understand.
Why do we have to make a new competing standard?
I don't get it.
Yeah, yeah.
Again, I think coming from a position of good faith
and trying to address something that everybody recognizes
is a problem, but is this a step forward?
I don't know.
I think. Time will tell, Dave I don't know. I think.
Time will tell, Dave, time will tell.
I know, I guess I'm stuck between wanting to be supportive
of everyone's good faith efforts here,
but left scratching my head as to how this is actually
going to change anything and be particularly helpful.
We'll see.
I mean, I'm just, yeah, I'm just feeling a bit of preemptive pity for the person who
has to maintain this moving forward.
To keep track of all the different group names that everyone's going to be using.
Because if it's not just, they're not coming in and saying this is the law, everybody,
because good luck with that honestly.
This is what we're calling it. Everybody else shut up. No
You know that people are gonna want to put their own stamp on things different groups are gonna want to name things their way and
What a mess
Well, let me just close out by saying and suggesting to all of these
Organizations who are going at this if you really wanna help, and this is a selfish request,
include phonetic pronunciation guides for all of these.
Because as the people who often have to decide
how these things are pronounced,
is it cack-bot or is it quack-bot?
I don't know.
Right?
And you put a Q without a U.
How are we supposed to figure this out?
Yeah.
Right, exactly.
And all the elite speak stuff and all that kind of stuff.
So if you want to add something to these
that could be helpful to those of us
who have the responsibility
of actually saying these names out loud,
include phonetic pronunciation guides.
We will be forever grateful and we will forgive you
for the redundancy that this new standard seems
to be introducing to the eco. All right Maria thank you so much for joining us
as they say time will tell.
And that's the CyberWire. For links to all of today's stories, check out our daily briefing at the cyberwire dot
com.
We'd love to hear from you.
We're conducting our annual audience survey to learn more about our listeners.
We're collecting your insights through the end of August this year.
There's a link in the show notes.
Please do check it out.
N2K's senior producer is Alice Carruth.
Our Cyberwire producer is Liz Stokes.
We're mixed by Trey Hester with Original Music
and Sound Design by Elliot Peltsman.
Our executive producer is Jennifer Iben.
Peter Kilpey is our publisher, and I'm Dave Bittner.
Thanks for listening. We'll see you back here, tomorrow. Hey everybody, Dave here.
I've talked about DeleteMe before, and I'm still using it because it still works.
It's been a few months now, and I'm just as impressed today as I was when I signed
up.
DeleteMe keeps finding and removing my personal information from data broker sites, and they
keep me updated with detailed reports, so I know exactly what's been taken down. I'm genuinely relieved knowing my privacy isn't something I have to worry about every
day.
The Delete Me team handles everything.
It's the set it and forget it piece of mind.
And it's not just for individuals.
Delete Me also offers solutions for businesses, helping companies protect their employees'
personal information and reduce exposure to social engineering and phishing threats.
And right now, our listeners get a special deal, 20% off your DeleteMe plan.
Just go to joindeleteeme.com slash n2k and use promo code N2K at checkout.
That's joindeleteeme.com slash n2k, code N2K at checkout. That's joindeleteme.com slash N2K code N2K.