A wolf in DOGE’s clothing? - CyberWire Daily

Summary8 min read

CyberWire Daily: "A Wolf in DOGE’s Clothing?" – Detailed Episode Summary

Release Date: February 4, 2025
Host: N2K Networks
Title: A Wolf in DOGE’s Clothing?
Source: CyberWire Daily Podcast

Introduction

In the February 4, 2025 episode of CyberWire Daily, hosted by Dave Bittner and Dave Moulton of N2K Networks, listeners are presented with a comprehensive overview of the latest cybersecurity threats, vulnerabilities, and industry developments. The episode delves into several pressing issues, ranging from unauthorized access to federal networks by private entities to emerging malware threats and significant data breaches. Additionally, the podcast features an insightful discussion on the vulnerabilities of new artificial intelligence models and concludes with an inspirational poetic segment.

Key Stories and Discussions

1. Unauthorized Access to Federal Networks by Doge

Timestamp: [00:02 - 02:31]

The episode opens with alarming news about Elon Musk's Department of Government Efficiency, humorously referred to as "Doge," which has been granted unchecked access to sensitive federal networks. Experts voice significant concerns over this move, highlighting potential security risks, including breaches by foreign adversaries.

Jason Kitka, a former U.S. Cyber Command official, warns:
“This could be the largest government security breach in history.”
(Timestamp: [07:45])

Doge's access encompasses critical systems such as the Office of Personnel Management (OPM), Treasury Department's payment systems, and even requests for access to Medicare and Medicaid financial systems. The lack of oversight allows Doge workers, who are often young and inexperienced, to potentially bypass cybersecurity controls, use unauthorized devices, and mishandle sensitive data. The report underscores the heightened risk of foreign adversaries, particularly from China, exploiting these vulnerabilities.

2. Senator Josh Hawley's AI Ban on China Raises Free Speech Concerns

Timestamp: [02:31 - 05:32]

Senator Josh Hawley has introduced the Decoupling America's Artificial Intelligence Capabilities from China Act, aiming to sever AI collaborations with China. The proposed legislation carries severe penalties, including up to 20 years in prison and a $1 million fine for actions such as importing or exporting Chinese-developed AI models like DeepSeek.

However, the bill faces criticism for potentially stifling scientific collaboration and infringing on free speech.

Kevin Bankston from the Center for Democracy and Technology expresses concerns:
“It could penalize AI researchers who publish openly.”
(Timestamp: [04:15])
The Electronic Frontier Foundation argues that the bill favors large tech monopolies over open AI research, possibly disrupting the burgeoning AI sector in the U.S.

Despite these concerns, the bill enjoys bipartisan support, indicating a strong likelihood of its advancement despite its far-reaching implications.

3. Apple’s Service Ticket Portal Vulnerabilities Expose User Data

Timestamp: [05:32 - 09:30]

A critical flaw in Apple’s Service Ticket Portal has been identified, exposing millions of users’ sensitive information. The vulnerability stems from insecure direct object references and privilege escalation bugs.

Researcher Virtuville discovered that by modifying a URL parameter, it was possible to access other users’ service tickets, including Mac serial numbers, IMEI numbers, and personal details. This method bypassed authentication mechanisms and allowed administrative access, potentially enabling attackers to alter repair appointments or access customer databases.

The absence of rate limiting exacerbated the issue, allowing for automated data harvesting. Apple responded by patching the vulnerability through its Bug Bounty program, enhancing authorization checks, and implementing rate limiting to prevent future exploitation.

4. North Korea’s Flexible Ferret Malware Targets macOS

Timestamp: [09:30 - 13:00]

Sentinel Labs has uncovered a new malware strain dubbed Flexible Ferret, attributed to North Korean cyber actors. This malware specifically targets macOS systems through deceptive job scams and fake Zoom applications.

Flexible Ferret employs a sophisticated dropper to install itself discreetly, masquerading as legitimate software updates or responding to GitHub bug reports. Initially signed with a valid Apple developer certificate, it circumvented Apple’s security checks until the certificate was revoked.

Notably, Flexible Ferret establishes persistence after system reboots and shares code similarities with Chrome update malware, though it has evolved to evade Apple’s XProtect security tool.

5. February 2025 Android Security Update Addresses 48 Vulnerabilities

Timestamp: [13:00 - 16:31]

The latest Android Security Update has patched 48 vulnerabilities, including a critical zero-day privilege escalation flaw in the Android kernel's USB video class driver. This vulnerability, actively exploited in the wild, allows local attackers to elevate privileges through low-complexity attacks, potentially leading to arbitrary code execution or system crashes.

Another significant flaw impacts Qualcomm’s WLAN component, enabling remote code execution via improper array index validation. These vulnerabilities permit attackers to modify memory, execute commands, or crash devices without user interaction.

Google has released two security patch levels, with Pixel devices receiving immediate updates. However, other manufacturers may experience delays in deploying these crucial fixes.

6. Grubhub Data Breach Exposes Customer and Driver Information

Timestamp: [16:31 - 24:02]

Grubhub has announced a data breach resulting from a compromised third-party contractor account. This breach exposed sensitive information, including customer names, emails, phone numbers, hashed passwords, and partial payment details. Notably, full payment card numbers, Social Security numbers, and bank details remained secure.

The incident underscores the growing risks associated with supply chain security, as attackers increasingly target third-party vendors to circumvent direct security controls. In response, Grubhub has revoked the compromised access, launched an internal investigation, and enhanced its defenses by rotating credentials, improving anomaly detection, and strengthening vendor risk management protocols.

7. Abandoned Cloud Infrastructure Poses Significant Security Risks

Timestamp: [16:31 - 24:02]

Research by Watchtower has revealed that numerous abandoned Amazon S3 buckets, previously utilized by governments, Fortune 500 companies, and cybersecurity firms, continue to receive sensitive data requests. Over four months, researchers gained control of 150 neglected AWS assets, which remained active and readable by organizations worldwide for software updates, system configurations, and critical infrastructure files.

Attackers could exploit these abandoned assets to launch supply chain attacks, distribute malware, or steal credentials. Examples include an abandoned CISA advisory S3 bucket and outdated SSL VPN configurations. Although AWS has sinkholed the compromised infrastructure, Watchtower warns that such vulnerabilities persist industry-wide, highlighting the critical need for proper cloud resource decommissioning to prevent these security threats.

8. Texas to Launch Its Own Cyber Command

Timestamp: [24:02 - 24:15]

Governor Greg Abbott of Texas has announced plans to establish the Texas Cyber Command, headquartered in San Antonio. This initiative aims to combat the escalating wave of cyberattacks targeting the state, including recent assaults on a city, hospital, and business sectors.

The Texas Cyber Command will focus on anticipating threats, coordinating incident responses, supporting post-attack investigations, and enhancing cybersecurity training and awareness. As Texas remains a significant economic and military hub, the formation of its own Cyber Command underscores the increasing importance of state-level cybersecurity defenses against threats from nation-state actors like China, Russia, and Iran.

9. Dell Power Protect Vulnerabilities Pose Critical Security Risks

Timestamp: [24:02 - 24:15]

Dell Technologies has identified multiple critical vulnerabilities within its PowerProtect product line, which includes data domain appliances and the PowerProtect Management Center. These flaws, with CVSS scores reaching up to 9.8, could facilitate privilege escalation, arbitrary code execution, and complete system compromise.

Key vulnerabilities encompass an arbitrary code execution flaw and another affecting Docker's MOBI project. These can enable remote attacks with minimal privileges. Dell advises organizations to promptly update their systems, implement network segmentation, and monitor for suspicious activities to mitigate these risks.

10. US Government Alters Head Start Database, Removing DEI References

Timestamp: [24:15 - 25:06]

A report from 404 Media highlights a deliberate shift within the Department of Health and Human Services (HHS) regarding the Head Start program database. Software engineers, managed by government contractor Ad Hoc LLC, have been systematically removing references to Diversity, Equity, and Inclusion (DEI) as part of a project dubbed Remove DEI. This initiative aligns with executive orders restricting mentions of race or gender within federal agencies.

The alterations involve removing the ability to search for or filter programs that support families affected by systemic discrimination. Thousands of government datasets have been either removed or subtly altered, undermining their original purposes without public awareness. This trend extends beyond Head Start, with over 2,000 datasets disappearing from Data.gov and federal scripts, including the removal of gender pronouns from employee emails.

Threat Vector Segment: Vulnerabilities of Deep Seek AI Model

Timestamp: [16:31 - 22:24]

In the Threat Vector segment, host David Moulton engages with Sam Rubin, Senior Vice President of Consulting and Threat Intelligence at Unit 42, and Kyle Wilhoit, Director of Threat Research, to discuss the security vulnerabilities associated with Deep Seek, a new large language model (LLM) developed in China.

Kyle Wilhoit emphasizes caution:
“Do not have inherent trust in LLMs that you have not trained or do not control the data itself.”
(Timestamp: [18:33])

The discussion highlights the risks of implementing AI models without thorough security evaluations, particularly concerning data integrity and potential manipulation of outputs. Dr. Cyan Leo Proctor adds that while Deep Seek offers cost-effective advantages, the safety and security of user data remain paramount concerns, especially for organizations dealing with sensitive information.

The conversation underscores the necessity for organizations to rigorously assess AI models' security implications before integrating them into production systems, advocating for a balanced approach between innovation and cybersecurity.

Moment of Inspiration: A Poetic Reflection on Space and Humanity

Timestamp: [24:19 - 26:58]

The episode concludes with an inspirational poem by Dr. Cyan Leo Proctor, an artist and futurist, reflecting on humanity's quest for exploration and the importance of maintaining our humanity amidst technological advancements. The poem, titled "A Jedi Space," metaphorically ties the elements of justice, equity, diversity, and inclusion to the universal forces that inspire change and progress.

Conclusion

The February 4, 2025 episode of CyberWire Daily offers a thorough examination of current cybersecurity challenges, from unauthorized federal network access to vulnerabilities in emerging AI technologies. By presenting expert insights and real-world examples, the podcast underscores the critical importance of robust security measures, vigilant oversight, and the careful integration of new technologies to safeguard sensitive data and national interests. The episode also highlights the ongoing struggle to balance technological advancement with ethical considerations, particularly in the realms of AI and data privacy.

Notable Quotes:

“This could be the largest government security breach in history.” – Jason Kitka, former U.S. Cyber Command official ([07:45])
“It could penalize AI researchers who publish openly.” – Kevin Bankston, Center for Democracy and Technology ([04:15])
“Do not have inherent trust in LLMs that you have not trained or do not control the data itself.” – Kyle Wilhoit, Director of Threat Research ([18:33])
“Is my information gonna be safe? And that is a big concern.” – Dr. Cyan Leo Proctor ([20:45])

This comprehensive summary captures the pivotal discussions and insights shared in the episode, providing listeners with a clear understanding of the current cybersecurity landscape and the emerging threats that define it.

Loading summary

Transcript22 lines

[00:02]
Dave Bittner
You're listening to the Cyberwire network, powered by N2K.
[00:13]
Dave Moulton
Hey everybody, Dave here. Have you ever wondered where your personal information is lurking online? Like many of you, I was concerned about my data being sold by data brokers, so I decided to try Deleteme. I have to say, DeleteMe is a game changer. Within days of signing up, they started removing my personal information from hundreds of data brokers. I finally have peace of mind knowing my data Privacy is protected. DeleteMe's team does all the work for you with detailed reports so you know exactly what's been done. Take control of your data and keep your private life private by signing up for Deleteme now at a special discount for our listeners today. Get 20% off your Delete Me plan when you go to JoinDeleteMe.com N2K and use promo code N2K at checkout. The only way to get 20% off is to go to JoinDeleteMe.comN2K and enter code N2K at checkout. That's JoinDeleteMe.com N2k code N2K DOGE's unchecked access to federal networks sparks major cybersecurity fears Senator Hawley's AI ban targets China and raises free speech concerns Apple Service Ticket portal vulnerabilities exposed millions of users data North Korea's Flexible Ferret malware targets macOS via job scams and fake Zoom apps February 2025 Android Security Update fixes 48 vulnerabilities, including an exploited zero day. A Grubhub data breach exposes customer and driver information Abandoned cloud infrastructure creates major security risks Texas is going to launch its own Cyber Command. Dell Power Protect vulnerabilities pose critical security risks on our Threat Vector segment, David Moulton and his guests look at the potential dangers of Deep Seek. The US Government is quietly altering the Head Start database and a moment of inspir inspiration from a space faring poet. It's Tuesday, February 4th, 2025. I'm Dave Bittner and this is your Cyberwire Intel Briefing. Thanks for joining us here today. It is great to have you with us. Elon Musk's Department of Government Efficiency Doge has been given unprecedented access to sensitive federal networks, raising severe cybersecurity concerns. Experts warn that allowing Doge workers, many young and inexperienced, to plug personal computers into systems like the Office of Personnel Management and Treasury Department creates massive security risks, including potential breaches by foreign adversaries. Experts like Jason Kitka, former U.S. cyber Command official, say this could be the largest government security breach in history. Doge has unchecked access to OPM's background check and clearance records, Treasuries trillions in payments and systems at usaid. The New York Times also reports Musk aides requested access to Medicare and Medicaid financial systems. Security professionals highlight the lack of oversight. Doge workers may be bypassing cybersecurity controls, using unauthorized devices and storing sensitive data improperly. China and other foreign adversaries are likely watching for vulnerabilities. Experts emphasize that random individuals should not be granted access to federal networks, warning that Musk's actions may have long term security consequences. Senator Josh Hawley, Republican from Missouri, has introduced the Decoupling America's Artificial Intelligence Capabilities from China act, which would criminalize importing, exporting or collaborating on AI with China. The bill would impose up to 20 years in prison and a $1 million fine for knowingly downloading Chinese developed AI models such as Deepseek, which recently surged in popularity. Critics argue the bill stifles scientific collaboration and threatens free speech. Kevin Bankston from the center for Democracy and Technology warns it could penalize AI researchers who publish openly, while the Electronic Frontier foundation says it favors big tech monopolies over open AI research. The bill also bans US Companies from investing in Chinese AI and criminalizes research partnerships with Chinese entities, potentially disrupting AI development in the US Though seen as political posturing, bipartisan support for China related bans suggests legislation like this could gain traction despite its far reaching implications. A critical security flaw in Apple's service ticket portal exposed millions of users sensitive data due to a combination of insecure direct object reference and and privilege escalation vulnerabilities. Researcher Virtuville discovered the issue when submitting a repair ticket and found he could access other users service tickets, Mac serial numbers, IMEI numbers and personal details. By modifying a URL parameter, he bypassed authentication and gained admin access, potentially allowing attackers to alter repair appointments or access customer databases. The lack of rate limiting worsened the risk, enabling automated data harvesting. Apple patched the flaw after disclosure through its Bug Bounty program, reinforcing authorization checks and implementing rate limiting. A new North Korean macOS malware Flexible Ferret is spreading through fake zoom apps, job scams and GitHub bug reports. Linked to the Contagious interview campaign, it tricks job seekers and developers into installing it by disguising itself as legitimate software updates. Discovered by Sentinel Labs, the malware uses a dropper to install itself unnoticed, creates fake zoom apps and establishes persistence after system reboots. Initially signed with a valid Apple developer certificate. It bypassed security checks before Apple revoked it. Flexible Ferret shares code similarities with Chrome update malware but has evolved to evade Apple's XProtect security tool. The February 2025 Android Security Update patches 48 vulnerabilities, including a zero day privilege escalation flaw in the Android kernel's USB video class driver. Actively exploited in the wild, this flaw allows local attackers to elevate privileges through low complexity attacks, potentially leading to arbitrary code execution or system crashes. Another critical flaw affects Qualcomm's WLAN component, enabling remote code execution due to improper validation of array indexes. Attackers could modify memory, execute commands, or crash devices without user interaction. Google has released two security patch levels, with Pixel devices receiving immediate updates, while other manufacturers may take longer to deploy fixes. Grubhub has disclosed a data breach caused by a compromised third party contractor account exposing customer merchant and driver data. The breach linked to unauthorized access within a customer support provider's systems, prompted grubhub to revoke access and launch an investigation. Exposed data includes names, emails, phone numbers, hashed passwords and partial payment details. For some users, however, full payment card numbers, Social Security numbers and bank details were not accessed. The incident highlights supply chain security risks as attackers increasingly target third party vendors to bypass direct security controls, Grubhub says they've strengthened defenses. They're rotating credentials and enhancing anomaly detection and improving vendor risk management to prevent future breaches. An investigation by Watchtower revealed that abandoned Amazon S3 buckets once used by governments, Fortune 500 companies and cybersecurity firms still receive sensitive data requests, posing serious security risks. Over four months, researchers took control of 150 neglected AWS assets, which were still being pinged by organizations worldwide for software updates, system configurations and critical infrastructure files. Attackers could hijack these assets to launch supply chain attacks, distribute malware or steal credentials. Examples include an abandoned CISA advisory S3 bucket, which could have been misused to distribute malicious patches, and outdated SSL VPN configurations, allowing attackers to impersonate users. The research underscores systemic weaknesses in cloud security, emphasizing that abandoned cloud resources without proper decommissioning leaves organizations vulnerable. AWS has since sinkholed the compromised infrastructure, but Watchtower warns that these issues persist across the industry, making neglected cloud assets a growing cybersecurity threat. Texas governor Greg Abbott announced plans to establish the Texas Cyber Command to combat the growing wave of cyberattacks targeting the state, highlighting recent attacks on a city, hospital and business. Abbott warned of threats from China, Russia and Iran. Headquartered in San Antonio. The command will anticipate threats, coordinate incident response and support post attack investigations. It will also focus on cybersecurity training and awareness. Texas, a major economic and military hub, remains a lucrative target for cybercriminals and nation state actors. No official launch date has been set. Dell Technologies has disclosed multiple critical vulnerabilities affecting its PowerProtect product line, including data domain appliances and PowerProtect Management Center. These flaws, with CVSS scores up to 9.8, could enable privilege escalation, arbitrary code execution and system compromise. Key vulnerabilities include an arbitrary code execution flaw and another which impacts Docker's MOBI project. Exploits could allow remote attacks with minimal privileges. Dell urges organizations to update, implement network segmentation and monitor systems for suspicious activity. A story from 404 Media examines a quiet but deliberate shift where software engineers managing a government database for the Department of Health and Human Services Head Start program have been tasked with systematically removing references to diversity, equity and inclusion. The effort, part of a project called Remove dei, aligns with Trump's executive orders restricting any mention of race or gender in federal agencies. The Updates visible in GitHub commits reveal discussions among engineers on how best to eliminate forbidden words from the system. This includes removing the ability to search for or filter programs that support families affected by systemic discrimination. Though thousands of government data sets are disappearing from the Internet, even those that remain are being subtly altered, undermining their original purpose without public awareness. Head start, which spends $12 billion annually to help disadvantaged children prepare for school, has already faced uncertainty under Trump's spending freezes. Now its tracking systems are being stripped of key tools used to evaluate program effectiveness for marginalized communities. The coding changes were executed by Ad Hoc LLC, a government contractor paid $7.2 million to manage the database. Internal messages show engineers asking colleagues to scan for other forbidden words to delete. HHS declined to comment, citing a pause on public communications under the new administration. These database alterations are part of a larger Trend. With over 2,000 datasets disappearing from data.gov and federal scripts, actively removing gender pronouns from employee emails, the erasure of DEI language is happening quietly, but at a sweeping scale. Coming up after the break on our Threat Vector segment, David Moulton and his guests look at the potential dangers of deep seek and a moment of inspiration from a space faring poet. Stay with us. Foreign cyber threats are evolving every second, and staying ahead is more than just a challenge. It's a necessity. That's why we're thrilled to partner with ThreatLocker, the cybersecurity solution trusted by businesses worldwide. ThreatLocker is a full suite of solutions designed to give you total control stopping unauthorized applications, securing sensitive data, and ensuring your organization runs smoothly and securely. Visit threatlocker.com today to see how a default deny approach can keep your company safe and compliant. Do you know the status of your compliance controls right now? Like right now, we know that real time visibility is critical for security, but when it comes to our GRC programs, we rely on point in time checks. More than 8,000 companies like Atlassian and Quora have continuous visibility into their controls with Vanta. Here's the gist. Vanta brings automation to evidence collection across 30 frameworks like SoC2 and ISO 27001. They also centralize key workflows like policies, access reviews and reporting, and helps you get security questionnaires done five times faster with AI. Now that's a new way to GRC. Get $1,000 off Vanta when you go to vanta.com cyber that's vanta.com cyber for $1,000 off. In this segment from the Threat Vector podcast, host David Moulton sits down with Sam Rubin, senior vice president of consulting and threat intelligence at unit 42, and Kyle Wilhoit, director of threat research, to explore the vulnerabilities of Deep seq, the new large language model from China. Foreign.
[16:31]
Sam Rubin
Welcome to this week's preview of Threat Vector. Make sure you're subscribed so you never miss a moment of the action. If you've been following the tech news lately, you've probably heard of deepseek. This new large language model, or LLM, has been making waves, touted as a potential game changer in the world of AI. It's faster, cheaper and even open source, which has everyone from tech enthusiasts to major companies buzzing about the possibilities. But as with any powerful technology, there are security implications to consider, and that's what we're diving into today. Our unit 42 threat researchers have been putting Deepseek to the test, specifically looking at how vulnerable it is to a technique called jailbreaking. To help us unpack this critical topic, I'm joined by two experts from Palo Alto Networks Unit 42 Sam Rubin, SVP of Unit 42 Consulting great to be here, David. And Kyle Wilhoyt, Director of Threat Research.
[17:36]
Kyle Wilhoit
Great to be here, David.
[17:37]
Sam Rubin
Kyle, let's start with you. You led the research on Deepseek. What raised the red flags for you and your team and what made you want to dig deeper into its security, especially when it comes to jailbreaking?
[17:50]
Kyle Wilhoit
Anytime that a new Model or kind of a new entrant into the field of LLMs kind of goes and it becomes notable and kind of public. It's kind of one of those things that Unit 42 researchers will oftentimes go out and look at that particular LLM to see does it present any type of particular vulnerabilities on the surface, is there anything of interest about that particular model itself around safety concerns, et cetera? And from our perspective, you know, that's one of those things that we're just going out and we want to explore that technology a little bit and really understand what's going on there.
[18:24]
Sam Rubin
Kyle, for organizations that are using or considering LLMs, what are the most important takeaways from your research?
[18:33]
Kyle Wilhoit
The biggest is do not have inherent trust in LLMs that you have not trained or you do not control the data itself, meaning the training data, et cetera. Do not put inherent trust into these LLMs. Yes, they are useful, yes, they are fast, and yes, they function well. But there's definite security concerns that need to be taken into account. Those security concerns should be top of mind, especially if you're planning on implementing this into any type of production system or trying to tie this into any type of production data. And that is my primary and chief concern, is basically trying to make sure that everyone understands that, you know, there are still inherent risks with these openly developed LLMs. And, you know, put trust where applicable, meaning don't inherently trust out of the box. When these new LLMs are released, put it through the ringer, make sure you understand, you know, the caveats behind using the system and the data itself is my biggest message about this research.
[19:31]
Sam Rubin
Sam, let me take it over to you. Is Deep Seek's model strong enough to entice companies to rethink their AI investment strategies?
[19:40]
Dr. Cyan Leo Proctor
Well, first of all, there's no doubt that Deepseek does add some pretty strong capability. But I think before companies jump into the latest and greatest, they need to really be considering security in addition to just the effectiveness of the model. Right? They need to look at the data integrity and the reliability of the model itself. Where is the information going? Can you trust the systems and the security of where your data might be residing? And can you trust the output, the integrity of what's coming back? Or is it susceptible to manipulation or otherwise changing the output in a way you can't trust?
[20:33]
Sam Rubin
I'm going to ask you a personal question. Would you ever consider using an AI platform like Deep Seq, that's new or unproven, but incredibly cost effective?
[20:45]
Dr. Cyan Leo Proctor
I think I wouldn't be candid with you if I said I wouldn't consider it. There's no doubt cost is a huge consideration, right? Am I getting something valuable for what I'm paying and is there something that costs less that gives me equal or comparable value back? Like no doubt about it. But before you ultimately make a decision, you have to think about it. Is my information gonna be safe? And that is a big concern. So for me being in security, doing incident response, a lot of times where we're responding to nation state adversaries coming after organizations and China being one of the most prolific actors that we see, I I would be very careful about using and putting my sensitive information into a model that that resides there.
[21:53]
Sam Rubin
Foreign thanks for listening to this segment of the Threat Vector Podcast. If you want to hear the whole conversation you can find the show and your podcast player. Just search for Threat Vector by Palo Alto Networks each week I interview leaders from across our industry and from Palo Alto Networks to get their insights on cybersecurity, the threat landscape and the constant changes we face. See you there.
[22:24]
Dave Moulton
Be sure to check out the Threat Vector Podcast wherever you get your favorite podcasts. And now a message from our sponsor Zscaler. The leader in cloud security Enterprises have spent billions of dollars on firewalls and VPNs, yet breaches continue to rise by an 18% year over year increase in ransomware attacks and a $75 million record payout in 2024. These traditional security tools expand your attack surface with public facing IPs that are exploited by bad actors more easily than ever with AI tools. It's time to rethink your security Zscaler Zero Trust plus AI stops attackers by hiding your attack surface, making apps and IPs invisible, eliminating lateral movement, connecting users only to specific apps, not the entire network. Continuously verifying every request based on identity and context, simplifying security management with AI powered automation and detecting threats using AI to analyze over 500 billion daily transactions. Hackers can't attack what they can't see. Protect your organization with Zscaler Zero Trust and AI. Learn more at Zscaler.com Security what's the.
[24:03]
Kyle Wilhoit
Best time of day to get a deal? All day with Jack in the Box's.
[24:06]
Dave Moulton
All day big deal meal.
[24:08]
Kyle Wilhoit
You get to choose from four entrees like the supreme croissant and five tasty sides plus a drink starting at $5.
[24:16]
Dave Moulton
So hurry in or take your time.
[24:18]
Kyle Wilhoit
You've got all day at Jack.
[24:20]
Dave Moulton
Every bite's a big deal. And finally we close with A moment of inspiration Dr. Cyan Leo Proctor is an artist, futurist and explorer whose work bridges the worlds of science, space exploration, humanity and creative expression. Our T minus daily podcast team caught up with the Inspiration4 Astronaut to find out about her journey into space and how it inspires her art here on Earth. As we close today, we offer her poem that earned her a ticket to space. If you're looking for space to inspire, look no further.
[25:06]
Dave Bittner
You've got space, I've got space. We all have space to inspire. That's why we dream of going higher and higher. But what is space if you can't breathe? Let's stop sucking out the air of our humanity. We have a moment to seize the light Earth from space both day and night. We have J for justice to ignite the bold. We have E for equity to cut past the old. We have D for diversity to end the fight. We have I for inclusion to try to make it right A Jedi space to rally behind a universal force so big it binds inspiration to change the world. A new beginning for us to hold. It's not about you, it's not about me. It's about space to inspire for all of humanity. Science, technology, engineering and math. Sending us out on the explorer's path. But don't forget the arts, the heartbeat of time. Consider sending a poet who knows how to rhyme. So let us drop the mic and close the capsule door. But Please make sure Dr. Proctor is on board. My space to inspire is what we need inspiration for for all of human.
[26:58]
Dave Moulton
And that's the Cyberwire. We'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like our show, please share a rating and review in your favorite podcast app. Please also fill out the survey in the show notes or send an email to cyberwire2k.com N2K's senior producer is Alice Carruth. Our Cyberwire producer is Liz Stokes. We're mixed by Trey Hester with original music and sound design by Elliot Peltzman. Our executive producer is Jennifer Ibin. Peter Kilpe is our publisher. And I'm Dave Buettner. Thanks for listening. We'll see you back here tomorrow.