A

Welcome to a special crossover edition of Cybersecurity Today and trending for Friday, June 19, 2026 I had planned today to do an episode called Sometimes the Good Guys Win. Every once in a while, especially on Fridays and especially in the summer, I try to come up with something that's a little uplifting and I'd found it A story from someone who's been part of an operation to take down a notorious ring of cyber crooks who hide out in Southeast as and ruin the lives of North Americans and Europeans with their telephone scams. One of the guys I was talking to is using data analysis to be part of the teams that are bringing down these lowlifes before they can ruin more lives. But life works in mysterious ways and a story came up that I would have covered on both programs. Anyway, there was a huge discovery of credentials from fortnet that could have an amazing impact and we need to get the word out. So today's episode was amended. It's still a crossover, but now it's called I Got Some Good News and I Got Some Bad News. We'll start with the bad news warning. This is going to be a little longer than your average episode, but feel free to check out anytime. Maybe listen to the rest of it later. The U.S. cybersecurity and Infrastructure Security Agency, or CISA, has issued an urgent warning to organizations using Fortinet firewall walls and VPN gateways after the discovery of a massive credential data set known as FortaBleed. According to CISA, the exposed data contains credentials associated with approximately 74,000 Fortinet devices worldwide. Researchers estimate that this represents roughly half of all Internet facing Fortinet devices currently accessible from the public Internet. The concern is not a newly discovered software vulnerability. Instead, the danger comes from the usernames and passwords that appear to provide direct access to Fortinet administrative interfaces and SSL VPN gateways used by organizations around the world. Because of the scale of the exposure, CISA is urging organizations to immediately terminate active sessions, reset credentials, review logs for evidence of compromise, and enforce phishing resistant multi factor authentication. The larger story emerged when a security researcher, Vladimir Bob Diachenko, discovered the data set on a server believed to be operated by the threat actors themselves. And according to reporting by Bleeping Computer, the server had been left exposed to the public Internet. Diachenko told Bleeping Computer they accidentally left an open directory with artifacts, connection strings, tooling scripts, and data online. The exposure reportedly provided access not only to the credential database, but also to the infrastructure used to manage it, researchers found automated scanning tools, credential testing systems, cron job logs, bash histories, and a victim database organized by company name, industry sector, estimated revenue, employee count, and country. Independent security researcher Kevin Beaumont separately reviewed portions of the data set and confirmed that at least some of the credentials were authentic. Beaumont told Bleeping Computer, I have been able to confirm the authenticity of some of the admin logs and passwords. This looks like a real dump. Beaumont also reported that the data appears to originate from exported Fortigate configuration files rather than simple credential harvesting. According to his analysis, the data set includes internal email addresses associated with Fortinet accounts, information that would normally be available only within a device configuration export. He later summarized his findings more directly. The data is legit. It's around 75,000 devices. Almost all are still online and Fortinet devices. Other researchers confirm this, saying the Data set contains 73,932 FortiGate Firewall URLs spanning 194 countries and approximately 21,600 unique domains. Analysis by Hudson Rock found entries associated with major organizations across telecommunications, manufacturing, consulting, technology, government, and critical infrastructure sectors. The company reported that telecommunications organizations account for more than 5,600 of the entries, while government entities account for at least 591 entries across 111 domains. Socradar independently analyzed the data set and reported that more than 30,000 entries represent verified working credentials that attackers had successfully tested against target systems. That distinction matters. This does not appear to be a simple password collection assembled from previous breaches. Researchers say the database was enriched with information about company size, industry revenue, and geography. Beaumont described the structure as consistent with inventories used by initial access brokers, criminal groups that obtain and sell access to corporate networks. The most important implication is that this may not be a future risk story. If attackers have already validated credentials and cataloged organizations by industry and size, some organizations may already have experienced unauthorized access. Password resets remain essential, but security teams should also investigate for evidence of persistence, unauthorized accounts, unusual VPN activity, privilege escalation, and lateral movement within an active directory environment. CISA is urging organizations running Fortigate appliances and associated SSL VPN services to take immediate action. Once again, this is their Terminate all active VPN and administrative sessions reset all fortnet administrator and VPN credentials, review firewall VPN authentication and domain controller logs for suspicious activity require phishing resistant multi factor authentication on remote access and administrative accounts restrict firewall management interfaces so they are inaccessible from the public Internet and available only from trusted internal networks and review Fortinet's guidance on enforcing PBK DF2 password hashing and eliminating the weaker legacy password hashes. Organizations that use Fortinet devices should assume exposed credentials may already be known to attackers and respond accordingly. I would also advise you to go to the Fortinet site and look for any information that may be there. So that's the bad news story. But if you still have time to hang around, here's my good news story. A major network of scammers was taken down in Southeast Asia from a new program in the US that is trying to take the fight back to these cyber crooks. I had a chat with a gentleman named Mike Sweeney from a company called Silent Push and they helped do some of the analysis that has some contribution to these events. Obviously, Mike couldn't tell me a lot about that, but he could tell me about what they were doing and how he felt about it as much as anything. I was struck with how nice it is every once in a while to be able to see an accomplishment in cybersecurity and celebrate what you're doing. So if you have time, here's my chat with Mike Sweeney. So great to meet you.

B

Great to meet you too.

A

And I want to talk about the takedown during Operation Disruption Week of a, I guess a large Southeast Asian scam or group.

B

Yeah, for the last, since about 2020, the scam centers in Southeast Asia have really grown to this massive scale where I think one of their recent estimates from Gaza.org was that the scam industry in general is stealing trillion, a trillion dollars per year. So for this Southeast Asia scam centers, these are in the billions term of things. But essentially what happened was the executive order that empowered the scam center task force to go out here and start combating this type of criminal activity. And from there they created the Disruption Week, which is to pull in as much industry as they can and with specific skill sets and then pull in other law enforcement agencies to create a holistic whole of government and then also an international approach to attacking this problem. And this, these scam centers aren't what you might think is just like a call center with one or two folks in it. These are massive scan centers put in particular regions where the government is either ineffective or uninterested in taking them down. And, and they're doing things like luring the workers there and essentially enslaving them there to, to, and torturing them there to conduct scams against U.S. citizens and European citizens. So it's really just a nasty thing.

A

I don't think people really realize the, the depth of this. You've talked about it and this is, it's mind blowing in terms of the amount of money that is raised by fraud and the stats we have. People are unreliable but very low because people tend not to report. So some people say it's 5% of it that gets reported, other people say it's 15% that gets reported. Doesn't matter. It's still massive billions and as you said, maybe even trillions of dollars over the years that are being taken. And these places are horrific. These are average people who are lured into these places. Maybe they're offered a job or something and tortured and raped, beaten. Yeah, this is the lowest place and yet we've ignored it for so long.

B

I'm not sure if it's that long like the, I can't say like necessarily ignored, but I think it's just been where these type of scams were like a smaller in scale. And then at some point the industrialization of it and the enablement across the Internet and conducting these scams and again finding these gaps in the law enforcement, the international law enforcement system and again finding these havens, these specific technologies that further empowered them that, that really created this, this tailwind that rapidly increased the scam centers to this large industrial size. And yeah, it just, it's kind of incredible, it's actually kind of scary if you think about it in that this is just one mechanism of which crime is being conducted on the Internet and that we're trying to stop say these particular criminal syndicates. But it makes me think that we've really got to get a system in place that gets ahead of things. And then also when like things happen in the cyberspace and crime happens transom where today, but it might be, you know, DDoS or something else next week, right. And the next wave of whatever other technique that people pick up. It's. It would be great to have a system that we can consistently stay ahead and make sure that it doesn't get to the scale that this particular operation has gotten to. Because it's just like you said, it's massive. It's hurting people locally within those countries, but then it's coming out here and it's taking people's savings accounts within our country and we're doing our best to put a dent in it. But numbers have shown that it's continued to grow after 10 plus years of attacking this problem across Interpol, across, across the US and various other locations. But we're constantly evolving as we conduct these Operations we've went from arresting the low level workers to seeing them as victims. Also seeing that x percent of them are not necessarily part of the criminal aspect of things and that really focusing in with intelligence to tackle the management, the organization itself, the people who are behind all the activity to cut the head off of this, this whole problem.

A

Yeah, and I guess what I was referring to in terms of the way they treat people, we have this vision and I think it's been perpetuated by YouTube videos that these call centers are all. They're manned by crooks who are there to take your money. And really these are innocent people trapped in this in places that are, that are in the middle of nowhere. In many cases I've seen, I don't know, maybe you know more about it than I do. I've seen pictures of massive walls of cell phones and things like that are used to communicate outwards. So they're pretty remote in many cases or hidden or at least off the beaten track in a little difficult to find. Or do the governments just ignore them?

B

They're, they're right on the border usually of Thailand on both sides of it. So it's, it's, they're using this sort of jurisdiction aspect of things. They're using the fact that Thailand is a relatively stable country. They have good Internet and there's a pipeline. So they're using these borders to facilitate the recruitment of these different individuals. Right. So they bring them into Thailand or they bring them into these other regions that are safer and then they traffic them to these other countries. And that's just it by like little tricks. And then next you know, you're over the border and you're like. And then they have you in what you think is a building up front. But then once they get you past the per a particular man trap or something, you then can't get out. And next thing you know you're out on the, in the compound area and it's a prison. Right. And, and so you're, you've lost all your sovereignty at that point. And so they, they do ways to just slowly lure you in and then the next thing you know you're trapped and you, you have to do what they say in order to somehow buy your freedom or get out. And even those are at that point that you're just completely in their control or you hope that your family can reach out and find a way to get them. But yeah, it's mostly about getting the governments to act. Right. AMR is attempting to change the way they've conducted themselves against these sinners in the past. And hopefully there's, there's obviously other countries like China and Thailand, the US that can help continue that shift and that pressure. The same thing can be said for Cambodia. And so again that's just where we are is that we noticed that you have the law enforcement efforts, you have the sort of the bottom down approach of arresting folks, you have, you can shut down their virtual space and then you really need the international community, the top down level of effort to continue the pressure on these countries so that crime is not safe. You can't just go right over China's border and go into another country or go right over Thailand's border and then the country next to you is so lax that you can do billions of dollars at least of scamming. And, and just because you're not attacking people locally, you're attacking people overseas, that you had created this jurisdiction issue. Right. That is unmanageable somehow by the international law enforcement community, which is that it's not true. That's. We're learning to, like I said, we're evolving. We're learning to tackle it in different ways. And then again we are constantly pressing new levers, creating leverage in different ways to, to finally, hopefully hit that critical point that causes the system for these scam systems to collapse.

A

Yeah, I don't believe they're unreachable myself. And maybe you've had more experience than I have. I think if a group of countries comes together and appears in Myanmar or any of these places and says we're going to go in there and get these people, is that okay with you? The only words they're going to hear are yes. And I don't think they have to be like, I'm not talking about taking over somebody else's country. I'm just saying I think that people would say yes because what's their alternative? To be cast out of the international community? That's not really a good thing if you're a small country either. But yet that still doesn't seem to be. Or maybe it is working now. Maybe I'm just a pessimist. Do you think it's accelerated now to the point where it's actually working?

B

So there's two parts of this. I do think it's working right. We've got real tangible numbers that show damage, millions of funds pulled away. We've gotten tons of infrastructure taken down virtual space for them to stop conducting or at least take time to reestablish their cyber infrastructure. And then again More intelligence on how the organization works in general. Right. And so eventually, with the growing process and the evolution of this and more funding and more of these events where industry can see how they play with these different governments, how their, what their part is and what their role and responsibility is, they, I think that we can solve the problem. And so I think that's one thing, but another thing that I think we are completely solving that that I think is underweight a lot is a morality issue. Right. It's hard to again say the scam. Like say you have thousands of scammers in the U.S. or millions of scammers in the U.S. and you go and you seize X amount of funds and you pay it back to some of the folks. And that's great to an extent. Some of the folks would bypass the money completely just to know that their government took out the bad guy. Right. There's just make sure this never happens to anyone again. Make me feel safe again. And I think that's where we are winning. We're winning and showing that we, that the government cares, that the industry cares, and that we are seriously pulling together and taking away many of the blockers that you would think like the, the different data sharing and the different courses of action that may require a little bit extra legal work and might not be outright profitable. And really thinking about the morality of it, taking responsibility for things that are happening and taking that whole case packet together and going back to the citizens of your country and saying, you know, you can sleep at night, you can maybe check your phone and trust your phone a little bit better, that you're not going to get another smishing attack or you're not going to get another phishing this night, or if you do, just know that we're out there hunting them. And I think that's the biggest win to me when I look to friends and family and I think about what I'm doing in the cybersecurity space. It's the human element. And really, it's really important that you don't forget that you're defending something. Right. You're defending your values. And, and not to get too bogged down on some of the minor setbacks, like I said, some of the scam industry growing, even though we're conducting these operations, it's not whack. I think that sometimes you hear that term whack a mole too much because. And I think that is just ignoring the fact that we have a sort of this moral duty for us to even call ourselves defenders. We really have to Be defending some sort of value and principle. Right. And so really, by conducting these actions and stopping this criminality, we are really affirming that we're out there defending people.

A

Yeah, and kudos to the government agencies who are doing this internationally and their cooperation. You mentioned private industry. How does, how do they fit into this picture?

B

Private industry has a lot of data. They have a specific telemetry. So for us, for silent push, we, we are constantly scanning the Internet all the time. And then from there, we are very good at behavioral baselining of different technologies on the Internet. And then from there finding anomalies, and then within those anomalies, finding malicious cyber saturation. Right. And so through that, then you can create preemptive mitigation that gives you X amount of days in advance on your SIM or solar for Net Defender. But for courses of action, for takedowns, and for law enforcement, it gives you that body of evidence that you need across a large operation to really tackle a lot of it versus maybe something you might get from a smaller scope of one campaign. And so what we provide is that, that process, that data processing, the custom intelligence generation, and then ultimately that course of action mapping. We work with whoever has that capability to go out there and for example, law enforcement go arrest people, which is kinetic, or, or again, go take down some virtual space that they're working with certain service providers. And then for all the other organizations, I don't want to speak too deeply on what they all provide. They have their reasons. But a lot of the scammers are utilizing services like signal, using services like social, a lot of different social media platforms. They're using a lot of defi. And so if they're using those type of technologies, you obviously. And then they're going across multiple of those technologies. Right? Because if they get you on say a dating app, then they'll say, hey, come over to this secured communications app. And then from there they go to another secured communications app. And so we need industry, they essentially need us to go across all that. Right. And really find these folks. And, and there's obviously a lot of caveats and privacy concerns and all sorts of things that they have to go through. So that's where I can't really speak to all of what they can provide. But for us, we were provided X amount of data and then we used our techniques to expand the visibility into the scope of the campaign for particular centers. And so that's just what we're getting.

A

So you're. But your title is Director of Preemptive Cyber Defense Is this what, this is the area you oversee this?

B

Yeah. Yes. So yeah, for preemptive cyber defense, it's essentially a take on the top tiers of the CTI maturity model, which is essentially getting into the opera, the automation of things to, to, to detect based off behaviors and behavior based off of crime. If you take for example some crime scripting and then you take that, that data and you map it to the virtual space, you can then extract out ttps and from those, as long as they're not known by that you know about them to the attacker. You take away the initiative as they're building out their infrastructure, building out their, essentially their environment in which they're going to conduct the operations. So that's what we stay with, is that we are always constantly looking at that type of behavior to get into that predictive space where say if you're coming from it from traditional CTI and even sometimes you're coming from it from like the IR is doing cti, which is where you have an ioc, you've already been attacked and it's more like herd immunity. Right. Someone's been attacked and that goes out to all the providers and then from there everyone is then defended across that IOC. We do essentially IOFAs, which are, we can do proactive IOCs. IOCs come out of the networks of particular events and then find a behavior analysis across those things. But we tend to like to stay more on the context graph, the understanding of the Internet in general and then from there scope the data down to highlight again the technologies and the companies that are marketing towards and even constructing their infrastructure in a way that is conductive towards malicious cyber activity or criminals. If that makes a lot, if that makes sense. I wouldn't. Well, that one.

A

Well, 75, 75% of our audience knows exactly what you just said. Okay, but for the other 25% who are out there, what exactly did you mean?

B

So for the other 25%, essentially for preemptive cyber defense, we essentially create intelligence that is predictive in nature. We're always forward looking and we can get ahead of attacks on average. I think our platform currently detects attacks that we are, that we are fitted for is right now I believe on average 104 days ahead of an IOFA converting to an IOCS. In other words, before an attack happens and hits someone's network, we have detected that observable. And you couldn't already have blocked it. Right. And so you've, sorry.

A

And you've taken that now approach to help governments find these call Centers these places using those same tools and techniques to actually be preemptive on finding these scam sites overseas.

B

Yes. So that's what. Exactly. Yeah. And so that's where. That's one of the. That's one of the aspects. Right. And then also we have a service called Traffic Origin where we can, again, some of these technologies like VPNs and residential proxies, we have found a methodology of which we can drill through and map these virtual spaces that the actors are coming from to physical spaces.

A

And so we're not going to tell the bad guys how you do that.

B

Exactly.

A

We'll just, we'll take it as a given that you could do it. And if you told me, you'd have to kill me. Right. So.

B

No, but I've just, as far as I know, we're the only ones that can currently do that to the accuracy that we're doing. So obviously they were very excited when we were showing them.

A

This has got to be better at coming into work than the usual pound your head against the wall going, how do I deal with this ransomware attacker, all that. So does this make your day feel better?

B

Absolutely, it's. And this is actually a thing that happens to me a lot during interviews. And I'm talking to people who are detection engineers or people who are IR folks who are working threat intelligence from an XDR aspect of things where they're. It's almost like they're constantly putting out fires, but nobody's looking, has enough time to breathe and look forward and see who's throwing the matches. And. And this is where, like this. That's where it's exciting. It's like we. This when, when I got invited to join Time Push and they talked about their model, it was something that I was very. That before in a lot of my, my experience has been something that I've always thought that we should be constantly pushing for. But I do understand why people can't put resources into that. They're too busy looking at their tech service, their, their critical assets there. It's just a lot of extra resources to just go out there and start discovering and look around with no direct benefit or that they could see in the near term to their network. And so again, yeah, it's super exciting. It feels like where we need to be, where we're going to be as we design this system out. I do see a lot of other companies conducting this style of research, but not as the model. So there are a lot of interesting reports that I've seen from, say like Palo Alto, that conduct a lot of this infrastructure based analysis. Right. And, but again, we kind of do. Based off our researchers, we kind of do it in different ways. Right. But yeah, it's super exciting. We love it. Every threat researcher, every threat analyst we have on the team understands the uniqueness of sort of the way that we are going about combating cyber threat or cyber threats.

A

Any story that stands out, anything that really made your day in terms of when you knew you'd really nailed it and accomplished something with this.

B

I think, I think that one of the, one of the long kind of standing cases, but also something we've reaffirmed recently was the funnel case, which is essentially a concept that I don't think has been termed. But it's bulletproof cdning. It's a malicious CDN that goes out there and provides services to just a massive amount of, of scam sites, just millions of them. And they were, they were providing this service to create that, not only to create the fact that you can get to the content faster, but also to create a redundancy. Right. And also to create legitimacy and other things. And there was a takedown done on that infrastructure by the Department of Justice, I say about a year ago or so, but afterwards we still saw sort of reestablishment. But it's just, it's really interesting to see them troubleshoot and squirm, trying to figure out how they got affected and harmed. Right. And it's not, it's. That's when you know you're in a good spot, you're hidden, you're looking over the malicious infrastructure, you're ahead of them in mitigations and you are capable to create these courses of actions, to attempt to take them down, to try to find the critical points, to just take down that whole technique. But you don't lose the intelligence that you're generating while conducting that. So you're not poking yourself in the eye essentially and still trying to fight the. Fight the bad guy. So I think that's one of the cases that we've done recently that really. And then post the sanctions, post the effects that we did against them really kind of highlighted the fact that, wow, we really have a specific position that that is very empowering. That's different.

A

Yeah. And so you're able to not only help take these guys down, but you're actually watching them try to recover and figure out what you know. Yeah, yeah, that's gotta be. That's more satisfying than just getting living through another DDoS attack. I gotta tell you.

B

Absolutely. Yeah. It's super, super sad. It's funny. We. Oh yeah, we love it here. And then we're just constantly. Another thing is that everyone in our company is just heavy critical thinkers. It is just constantly coming up with great ideas, troubleshooting things. And it's just because of a lot of them have had a lot of industry experience and then from there they have seen the same old sort of sickler motion, the same old IR response and then going back and doing it over again. They've seen outings of techniques that in a cycle of a year makes that whole technique useless because cyber criminals are studying too on how to be more effective and how to negate defense. And it's very. And then they come with their idea and they understand, you know, essentially our position better and how to explain that position and essentially our business case to the Net defender. And we've shown enough proofing and our reporting, et cetera, to really become a technical authority that people can trust without, without making anything up. No, zero, almost zero marketing or we have marketing, but it just sells itself because you just show them. And then senior, senior soc analysts, senior CTI analysts, they just see it, they could, they can understand it. It's very intuitive.

A

Do you realize, of course, they take away my podcaster license if I don't ask for how AI relates to this. So is this, is it artificial intelligence that's driving your service or is it. Has it enabled? How have you seen that help what you're doing?

B

So there. So AI, we're not in a, we're not in a bubble AI is there, but we essentially have a very measured approach to utilizing it right now. We just established, I believe we just released our MCP so that people can utilize AI on top of our platform very integratively. And then underlying most of the things that we do are deterministic. So it's machine learning mostly and it doesn't, we don't really use a lot of the sort of non deterministic frontier model stuff. So we've really just kept things clean machine learning wise.

A

I never thought I'd lived to the point where machine learning would seem like last week.

B

Yeah and I, we, we just slow approach. We do have some development work on with the, with some of the models that exist but, but right now we just to have more confidence in our results, especially as a Net defender, you need that high fidelity and, and at least if you provide some, that kind of non deterministic model within any of your data set, you need to obviously exclaim the bias that it injects and everything that it injects. So that's why we essentially sided with MCP ing it because then you can kind of have it outside of your space and not necessarily mess with, with that kind of deterministic approach. We like because we really just to be like to be intuitive, to be, to be easily trusted and understandable because we're already pushing the boundary, we are essentially predicting the future cyber criminal activity. So we need to do that in a very structured way. Otherwise it seems like magic. Right. And so as we integrate new things we just need to make sure that the explainability and understanding of it continues forward with it.

A

And for those of the audience who listen for security may not know, MCP is really, it's a connector, an open connector structure that allows you to use a traditional software in conjunction with a generative AI program. Which is actually kind of cool because the really great stuff for generative AI is reporting and formatting things. It seems like an overwork of it to use it in the ways that I do, but it really is good for organizing and formatting stuff that doing the things we hate to do about reporting, not necessarily getting the data. This has got to make you more popular at cocktail parties at least in terms of storytelling. What's the best thing that you hope you're going to, you're going to find in the next year that you'll be able to take out for a good story?

B

It's just, it's really getting folks to rethink the. Just at least push themselves from where they are currently in the CTI maturity model to these final stages to constantly look forward to at least create X percentage of their team or workload to that forward looking discovery aspect of things and to get again catch that that match Tosser. Tosser. Because otherwise honestly if I was constantly looking, doing one IR response to the next, which I've been part of, it kind of. You get burnt out, you kind of get depressed. It's you like constantly being, you're just getting constantly kicked in the side and you're just like there's all the tech in the world that you integrate. There's all tons of complexity there. But it just seems like everything that's openly sold and given away or shown there's a criminal there also deconstructing it and bypassing it. Right. And so if not, if it's not just a patch that messed up and messed up the system in the first place, you're. You have your tech stack, you have everything that you care about and, and then you kind of get hit constantly. And so it's just nice to be able to look forward and think of ways to hit back and to maybe stop the pain one day.

A

So thank you. Michael Sweeney has been my guest. Thank you very much for dropping in and giving us a little bit of a ray of sunshine, at least a little bit of a victory piece in there. And for people who are listening to this, if this is a horrendous problem in terms of romance scams, things like that, people are ashamed to talk to you about it. They may be in your family, they may be your friends. Reach out, be non judgmental. And I keep recommending to Everybody, go to operationshamrock.org Operation Shamrock, operationshamrock.org you think I talk for a living? And they'll help you open conversations with groups around you and do that thing and keep track of what people like Michael Sweeney are doing. Sometimes the good guys win. Thanks, Michael. Appreciate it.

B

Hey, thanks so much.

A

And that's our show, a long one. Hope you enjoyed it. Whether you listen to it in one part or two, we'll be back with the news on Monday. And we have our weekend shows as well. But if you're in the Minden, Ontario, area in Canada's Halliburton county, come and meet me on Saturday from 10 to 4 at Bookapalooza, our annual literary festival and show. I'll be there not as a podcaster, but in my other role as sci fi novelist with my book Alyssa and the preview of my new book, the Compassion Virus. I'm your host, Jim Love. Have a great weekend.