‘Bitcoin Jesus’ and Sheboygan face problems. - CyberWire Daily

Summary7 min read

CyberWire Daily: ‘Bitcoin Jesus’ and Sheboygan Face Problems – Episode Summary

Release Date: November 13, 2024 | Host: N2K Networks

1. Intel Briefing

Presenter: Dave Buettner
Timestamp: [00:14] – [23:05]

In this comprehensive Intel Briefing, Dave Buettner delves into several critical cybersecurity issues impacting various sectors globally. Highlighting vulnerabilities, cyberattacks, and legislative developments, Dave provides listeners with an in-depth analysis of the current cybersecurity landscape.

a. Top Exploited Security Vulnerabilities

Key Points:

Joint Advisory by CISA, FBI, NSA, and Five Eyes: Identification of the top 15 most exploited security vulnerabilities from the previous year.
Zero-Day Exploits Surge: A notable increase in zero-day exploits in 2023, with 12 out of the top 15 vulnerabilities having patches released last year.
NetScaler ADC Gateway Vulnerability: The leading vulnerability involved a code injection flaw exploited by state actors, affecting over 2,000 Citrix servers globally by mid-August.

Notable Quote:

"The majority of frequently targeted vulnerabilities were zero days, which allowed attackers to infiltrate high-value targets more effectively." — Dave Buettner [02:45]

Insights: Jeffrey Dickerson, NSA's cybersecurity director, emphasizes the importance of proactive patch management to mitigate these threats, urging organizations to remain vigilant into 2024 and beyond.

b. Indictments in Cybercrime Cases

Key Points:

Suspected Cybercriminals Indicted: Connor Mocha and John Bins face charges for hacking into cloud platforms of major firms, including Snowflake and AT&T.
Modus Operandi: The duo allegedly stole sensitive data from over 10 organizations, demanding $2.5 million in digital currency ransoms.
International Arrests: Mocha was apprehended in Canada, while Bins was detained in Turkey, linking them to the cybercriminal group "the .Com."

Notable Quote:

"Mocha and Bins are linked to the .Com, a group tied to various criminal activities including cyber extortion and violent crimes." — Dave Buettner [05:30]

Insights: Their case aligns with previous breaches affecting Snowflake clients like Ticketmaster and Santander, highlighting the persistent threat posed by sophisticated cybercriminal networks.

c. Patch Tuesday Updates

Key Points:

Microsoft's Patch Release: Addressed 89 vulnerabilities, including two critical zero-day threats—one affecting Windows Task Scheduler and another allowing NTLM v2 hash spoofing.
Industrial Systems Vulnerabilities: Siemens, Schneider Electric, CISA, and Rockwell Automation issued patches for multiple critical vulnerabilities in industrial environments.
Zoom's Security Flaws: Multiple vulnerabilities were disclosed, including a critical buffer overflow flaw and improper input validation issues across various platforms.

Notable Quote:

"Users are advised to update to the latest versions to mitigate risks." — Dave Buettner [08:15]

Insights: The updates underscore the necessity for organizations to implement timely patches to safeguard against exploitation, especially in critical infrastructure and widely-used applications like Zoom.

d. Espionage Campaign by Tag112

Key Points:

Targeted Entities: Tibetan media and university websites were compromised in an espionage campaign aimed at gathering intelligence for Beijing.
Methodology: Exploited Joomla CMS vulnerabilities to deploy Cobalt Strikes, misleading users into downloading malicious files disguised as security certificates.
Attribution: Tag112 is believed to be a subgroup of the Chinese state-sponsored group Evasive Panda, targeting ethnic minority groups deemed subversive by China.

Notable Quote:

"Tag112 may be a subgroup of the Chinese state-sponsored group Evasive Panda, which also targets the Tibetan community." — Dave Buettner [10:50]

Insights: This campaign reflects China's ongoing efforts to monitor and suppress dissent among Tibetan and other ethnic minority populations through cyber means.

e. Cyberattack on Dutch Parent of U.S. Grocery Chains

Key Points:

Affected Companies: Over 2,000 U.S. grocery stores, including Stop and Shop, Hannaford, and Foodlion, experienced disruptions in online services.
Impact: Online orders faced issues, some websites and pharmacy operations went offline, leading to canceled delivery orders. Credit card transactions remained functional.
Response: The company is collaborating with law enforcement and cybersecurity experts, taking precautionary measures by taking certain systems offline.

Notable Quote:

"No hacking group has claimed responsibility, but similar incidents often involve ransomware targeting retail operations for quick payouts." — Dave Buettner [12:20]

Insights: The attack highlights the vulnerability of retail operations to ransomware threats, emphasizing the need for robust cybersecurity defenses in the retail sector.

f. Sheboygan Ransomware Attack

Key Points:

Incident Details: The city of Sheboygan suffered a ransomware attack that disrupted its computer networks, discovered in late October.
Response: City officials are working with cybersecurity experts to secure the network and have reported the incident to law enforcement.
Data Security: Officials believe that sensitive personal data was not compromised but will notify affected individuals if necessary.
Community Assurance: Despite the attack, city phone lines remain operational, and officials have thanked residents for their patience, reaffirming their commitment to security.

Notable Quote:

"Officials do not believe sensitive personal data was compromised, but will notify affected individuals if necessary." — Dave Buettner [13:00]

Insights: This incident underscores the importance of municipal cybersecurity, particularly in safeguarding public services and maintaining trust within the community.

g. White House Plans for UN Cybercrime Treaty

Key Points:

Proposal: The Biden administration intends to support a UN cybercrime treaty aimed at fostering global cooperation in combating cybercrime.
Controversy: While intended to criminalize activities like child exploitation and enhance evidence access, critics argue it may empower authoritarian regimes to surveil dissidents and censor internet users.
Balancing Act: U.S. officials assure that human rights safeguards will be enforced and that the Department of Justice will scrutinize assistance requests to prevent misuse.

Notable Quote:

"Advocacy groups and six Democratic senators warn the treaty risks legitimizing censorship and human rights abuses." — Dave Buettner [14:30]

Insights: The treaty represents a pivotal moment in international cybersecurity policy but faces potential hurdles in balancing security enhancements with human rights protections.

2. Cert Bites: CompTIA Security Plus Practice Test

Participants: Chris Hare and Dan Neville
Timestamp: [16:14] – [23:05]

In the Cert Bites segment, Chris Hare and CompTIA expert Dan Neville engage in an interactive discussion focused on preparing for the CompTIA Security Plus certification exam.

a. Practice Question Breakdown

Question Presented:

"Which role and associated responsibility involves managing and overseeing the use of systems and data, ensuring compliance with security policies and regulations?"

Options: A. Owners
B. Custodians and Stewards
C. Processors
D. Controllers

Discussion & Answer: Chris utilizes a RACI (Responsible, Accountable, Consulted, Informed) framework to dissect the question, ultimately selecting B. Custodians and Stewards as the correct answer.

Dan's Explanation:

"Custodians and stewards are responsible for the day-to-day management and protection of systems and data assets, implementing security controls, and ensuring data integrity and quality." — Dan Neville [19:55]

Key Takeaway: Understanding the distinct roles within data governance and security management is crucial for the Security Plus exam and effective cybersecurity practices.

b. Certification Difficulty Discussion

Topic: Comparing the difficulty of top three CompTIA certifications: A+, Network+, and Security+.

Dan's Perspective:

"Security is the hardest of the three. It requires elements of A+ and Network+ in addition to specific security knowledge." — Dan Neville [21:42]

Insights: Security+ demands a comprehensive understanding of broader IT principles combined with specialized security protocols, making it more challenging than its predecessors.

3. Key Story: Roger Ver ('Bitcoin Jesus') Faces Tax Fraud Charges

Presenter: Dave Buettner
Timestamp: [23:52] – [28:00]

The episode concludes with a high-profile legal case involving Roger Ver, popularly known as "Bitcoin Jesus."

Case Details:

Charges: Facing U.S. tax fraud charges over $240 million in token sales, accused of evading over $48 million in taxes.
Allegations: The indictment alleges Ver hid substantial Bitcoin holdings when renouncing U.S. citizenship in 2014, underreporting assets and crypto sales.
Current Status: Arrested in Spain, Ver spent time in jail and is awaiting a ruling on possible extradition to the U.S.
Defense: Ver claims political motivation behind the charges, asserting he followed professional advice amidst IRS cryptocurrency tax ambiguities.
Support: Maintains residence in Mallorca, engages in personal activities like practicing jiu-jitsu, and hosts friends. His supporters view the prosecution as unjust.

Notable Quote:

"Bitcoin Jesus might not be walking on water, but he's definitely skating on thin ice with the IRS." — Dave Buettner [27:30]

Implications: If extradited, Ver's case could set a legal precedent as the first crypto-only tax case to proceed to trial, with significant ramifications for the cryptocurrency industry and regulatory approaches.

Conclusion

This episode of CyberWire Daily provides an extensive overview of pressing cybersecurity issues, from exploited vulnerabilities and significant cyberattacks to international legal developments and certification insights. The in-depth analysis equips listeners with the knowledge to navigate the evolving cybersecurity landscape effectively.

For further details on the discussed topics, visit thecyberwire.com/daily-briefing and engage with additional resources to stay informed and prepared.

Note: The timestamps referenced correspond to segments within the podcast transcript provided.

Loading summary

Transcript36 lines

[00:02]
Chris Hare
You're listening to the Cyberwire network, powered by N2K.
[00:14]
Dave Buettner
Hey everybody, Dave here. I want to talk about our sponsor, LegalZoom. You know I started my first business back in the early 90s and oh what I would have done to have been able to have the services of an organization like LegalZoom back then. Just getting all of those business ducks in a row, all of that technical stuff, the legal stuff, the registrations of the business, the taxes, all of those things that you need to go through when you're starting a business, the hard stuff, the stuff that sucks up your time when you just want to get that business launched and out there. Well, LegalZoom has everything you need to launch, run and protect your business all in one place. And they save you from wasting hours making sense of all that legal stuff. Launch, run and protect your business. To make it Official today@legalzoom.com you can use promo code CYBER10 to get 10% off any LegalZoom business information product, excluding subscriptions and renewals that expires at the end of this year. Get everything you need from set up to success@legalzoom.com and use promo code CYBER10. That's legalzoom.com and promo code CYBER10. Legalzoom provides access to independent attorneys and self service tools. Legalzoom is not a law firm and does not provide legal advice except where authorized through its subsidiary law firm LZ Legal Services llc. Federal agencies and Five Eyes partners list the pastures Year's most exploited vulnerabilities US Authorities hand down indictments in the Snowflake customer breach patch Tuesday updates Zoom discloses multiple vulnerabilities A China linked hacker group has compromised Tibetan media and university websites. A cyber attack on a Dutch company affects over 2,000 U.S. grocery stores. Sheboygan suffers a ransomware attack. The White House plans to support a controversial US cybercrime treaty. On today's Cert Bites segment, N2K's Chris Hare is joined by Dan Neville to break down a question from the CompTIA security plus certificate practice test and Bitcoin Jesus faces $48 million in tax fraud charges. It's Wednesday, November 13, 2024. I'm Dave Buettner and this is your Cyberwire Intel Briefing. Thanks for joining us here today. It's great to have you with us. CISA, the FBI, NSA and Five Eyes intelligence agencies have identified the top 15 most exploited security vulnerabilities from last year, urging organizations to patch these flaws immediately In a joint advisory. They emphasize the critical need for effective patch management to reduce network exposure. The report highlights an increase in zero day exploits in 2023 compared to the previous year, noting that the majority of frequently targeted vulnerabilities were zero days, which allowed attackers to infiltrate high value targets more effectively. 12 of the top 15 vulnerabilities had patches released last year, underscoring the importance of swift patch deployment as cybercriminals continue targeting unpatched flaws. Leading the list is a code injection vulnerability in NetScaler ADC Gateway. This vulnerability, exploited by state actors, enabled remote code execution on unpatched servers, compromising US Critical infrastructure. By mid August, hackers had used this flaw to backdoor over 2,000 Citrix servers worldwide. The advisory also mentions 32 additional vulnerabilities frequently exploited in 2023, offering guidance on minimizing risk. Meanwhile, Mitre recently updated its list of dangerous software weaknesses, underscoring ongoing challenges. Jeffrey Dickerson, NSA's cybersecurity director, warned that exploitation of known vulnerabilities will pers, urging network defenders to remain vigilant and proactive throughout 2024 and beyond. US authorities have indicted Connor Mocha and John Bins, suspected cybercriminals accused of hacking into cloud platforms of major firms. The Snowflake customer breach, including AT&T. In a scheme targeting over 10 organizations, MOCA and Bins allegedly stole sensitive data and demanded ransoms totaling $2.5 million in digital currency. Mocha, a Canadian, was arrested by Canadian authorities on October 30, while Binz, also charged in a 2021 T mobile breach, was detained by Turkish authorities. Though the indictment doesn't name specific victims, it aligns with earlier reports of breaches involving Snowflake clients like Ticketmaster and Santander. Researchers suggest Mocha and Bins are linked to the. Com, a group tied to various criminal activities including cyber extortion and violent crimes. Yesterday was Patch Tuesday. Microsoft has released patches for 89 vulnerabilities in Windows and other software addressing two critical zero day threats actively exploited by attackers. The first impacts Windows Task Scheduler, allowing attackers to elevate privileges. Google's Threat Analysis Group identified it. The second enables attackers to spoof and expose NTLM v2 hashes used for authentication, raising the risk of pass the hash attacks, which let attackers act as legitimate users without needing passwords. Additional updates include a privilege escalation flaw in Active Directory and a spoofing vulnerability in Exchange Server. One notable threat affects Kerberos protocol in Windows domains, potentially allowing attackers to gain domain controller access. Microsoft also patched a critical flaw in. Net and Visual Studio and 29 memory related issues in SQL Server. Siemens, Schneider Electric, CISA and Rockwell Automation have issued November 2024 Patch Tuesday advisories addressing multiple critical vulnerabilities in industrial systems. Siemens released fixes for numerous products, notably a deserialization flaw in Telecontrol Server Basic allowing unauthenticated code execution. Synec Ins received updates for roughly 60 vulnerabilities, many involving third party components, while Synec, NMS and Scalance M800 addressed over a dozen issues each. High severity patches target code execution risks in engineering platforms and stored cross site scripting in OZW web servers, among others. Schneider Electric issued four advisories including a critical eco structure IT gateway flaw enabling system control and sensitive data access. PowerLogic PM5300 and Modicon controllers were also patched for denial of service and code execution risks. CISA's advisories include critical flaws in Subnet Power System center and Hitachi TR0600 radios, plus a Rockwell Factory Talk Vue Me remote code execution vulnerability. Rockwell additionally addressed several issues in Factory Talk Updater, including authentication bypass and privilege escalation. Zoom disclosed multiple vulnerabilities in its applications, including a critical buffer overflow flaw with a CVSS score of 8.5 allowing authenticated users to execute remote code. Another significant issue involves improper input validation which could lead to unauthorized information disclosure. Affected products include the workplace, app rooms, client video SDK and meeting SDK across Windows, macOS, iOS, Android and Linux. Users are advised to update to the latest versions to mitigate risks. A China linked hacker group tag112 has compromised Tibetan media and university websites in an espionage campaign to gather intelligence for Beijing. Tag 112 targeted the Tibet Post and GIDMED Tantric University sites exploiting vulnerabilities in the Joomla CMS to deploy Cobalt Strikes, a cybersecurity tool repurposed for hacking. Researchers suggest tag 112 may be a subgroup of the Chinese state sponsored group Evasive Panda, which also targets the Tibetan community. Both groups use hacked websites to prompt downloads of malicious files disguised as security certificates, aiming to monitor Tibetan and other ethnic minority groups that China deems subversive. A cyberattack on the Dutch parent of US Grocery chains like Stop and Shop, Hannaford and Foodlion has disrupted online services affecting over 2000 stores. Customers faced issues with online orders, and some websites and pharmacy operations went offline while in store. Credit card transactions still work. Delivery orders were canceled. The company is investigating, with law enforcement and cybersecurity experts taking some systems offline as a precaution. No hacking group has claimed responsibility, but similar incidents often involve ransomware targeting retail operations for quick payouts. The Wisconsin city of Sheboygan reported a ransomware attack that disrupted its computer networks. Officials discovered the issue in late October and began working with cybersecurity experts to secure the network. An external party gained unauthorized access and issued a ransom demand, which the city reported to law enforcement. Officials do not believe sensitive personal data was compromised, but will notify affected individuals if necessary. City phone lines remain operational and the investigation is ongoing. Sheboygan thanked residents for their patience and emphasized its commitment to security. I'll add a personal note. The word Sheboygan is fun to say. The Biden administration plans to support a UN cybercrime treaty aimed at establishing global cooperation on cybercrime, despite concerns it could empower authoritarian regimes to surveil dissidents. While it would be the UN's first binding agreement on cybersecurity, critics worry it could be misused to target political opponents or censor Internet users. U.S. officials argue the treaty would help criminalize child exploitation and expand access to electronic evidence, facilitating extradition of cybercriminals. Advocacy groups and six Democratic senators warn the treaty risks legitimizing censorship and human rights abuses. To address these concerns, U.S. officials assure that human rights safeguards will be enforced and the Department of Justice will scrutinize assistance requests. Although the treaty is likely to pass the UN vote, it may face ratification challenges in the U.S. unless human rights protections are enhanced. Coming up after the break on our Cert Bites segment, we break down a question from the CompTIA Security Plus Certification Practice Test. Stay with us.
[13:19]
Dan Neville
And now a word from our sponsor. Know before it's all connected and we're not talking conspiracy theories when it comes to infosec tools. Effective integrations can make or break your security stack. The same should be true for security awareness training. KnowBefore, provider of the world's largest library of security awareness training, provides a way to integrate your existing Security stack tools to help you strengthen your organization's security culture. KnowBe4's security coach uses standard APIs to quickly and easily integrate with your existing security products from vendors like Microsoft, CrowdStrike and Cisco 35. Vendor integrations and counting Security Coach analyzes your Security Stack alerts to identify events related to any risky security behavior from your users. Use this information to set up real time coaching campaigns targeting risky users based on those events from your network, endpoint identity or web security vendors. Then coach your users at the moment the risky behavior occurs with contextual security tips delivered via Microsoft Teams, Slack or email. Learn more@knowbefore.com SecurityCoach that's knowbe4.com SecurityCoach and we thank KnowBefore for sponsoring our show.
[14:52]
Dave Buettner
Do you know the status of your compliance controls right now? Like right now? We know that real time visibility is critical for security, but when it comes to our GRC programs, we rely on point in time checks. But get this, more than 8,000 companies like Atlassian and Quora have continuous visibility into their controls with Vanta. Here's the Vanta brings automation to evidence collection across 30 frameworks like SoC2 and ISO 27001. They also centralize key workflows like policies, access reviews and reporting, and helps you get security questionnaires done five times faster with AI. Now that's a new way to GRC. Get $1,000 off Vanta when you go to vanta.com cyber that's vanta.com cyber for $1,000 off on our latest CertBytes segment, N2K's Chris Hare is joined by Dan Neville to break down a question from the CompTIA Security Plus Certification Practice Test.
[16:14]
Chris Hare
Hi everyone, it's Chris. I'm a content developer and project management specialist here at N2K Networks. I'm also your host for this week's edition of certbyte, where I share a practice question from our suite of industry leading content and a study tip to help you achieve the professional certifications you need to fast track your career growth in IT, cybersecurity and project management. Today's question targets the CompTIA Security plus exam, which is exam ID SY0701, targeted for those candidates who already hold a network plus certification and have about two years of experience in a security or systems admin role. I have my teammate Dan here to help us out today. He's our resident COMPTIA expert. One can say maybe you're our Captain of Comptia. Dan, how are you today?
[17:05]
Dan Neville
Well, thanks for the welcome Chris. I'm glad to be here and I'm glad for the promotion from being Lieutenant Dan for so many years to Captain Dan. So that's pretty cool. Thank you.
[17:15]
Chris Hare
Yes, well deserved. So Dan, we're going to turn the tables and you will be asking me today's question. But while I summon up the courage to answer your question, Dan, I understand you have a 10 second study bit for security plus, so what do you have for us?
[17:30]
Dan Neville
So this is absolutely crucial. Get a copy of the published exam objectives. If there's a term or a concept in the objective that you don't understand. Use your study materials to read up on that term and keep studying it until you can explain it to a five year old and you'll do just fine.
[17:47]
Chris Hare
That's great. That's a great tip. So do you have your security question ready for me?
[17:53]
Dan Neville
Yes, I do. I think I'm ready to launch this one.
[17:56]
Chris Hare
All right, hit me.
[17:58]
Dan Neville
So which role and associated responsibility involves managing and overseeing the use of systems and data, insurance compliance with security policies and regulations? All right, so your choices are A, owners, B custodians and stewards, C processors or D controllers.
[18:26]
Chris Hare
Okay, so Dan, there is a precedent with this series where I remind my listeners of my limited technical acumen with these types of exams. So no, that's out of the way. What I do know is that this question targets program management and oversight and elements of effective security governance, correct?
[18:45]
Dan Neville
Yes.
[18:46]
Chris Hare
All right, so coming in from a project management bent, I'm going to think about this in terms of a RACI chart. So RACI to remind, everyone stands for responsible, accountable, consulted and informed. So I'm going to proceed with this strategy not knowing the answer and so let's go through them. So the first one is owners. So that sounds more like a role of accountability rather than management. Custodians and stewards, that may be more like hands on and responsible. So that could be a possible answer. Let's put a pin in that one. Processors could be likely, but not for something as overarching and overseeing of systems and data and compliance. So maybe that's more of the I in the RACI in the informed role. And then controllers, that might be more of a legal or compliance role which would fit the consulted part of the REC chart. The C in rec. So using this line of thinking, I'm going to go with B custodians and stewards. Final answer.
[19:48]
Dan Neville
Well, that was a great logical way of working through that. Thank you. The correct answer is custodians and stewards.
[19:55]
Chris Hare
Yay.
[19:56]
Dan Neville
So well done. Well done. So they are the individuals, they could be entities as well who are responsible for the day to day management and the protection of systems and data assets. They ensure the proper handling and storage and security of data in accordance with established policies and procedures.
[20:15]
Chris Hare
Okay.
[20:15]
Dan Neville
Custodians are typically responsible for implementing security controls, monitoring access and responding to security incidents. While on the other hand, stewards focus on data governance, quality assurance and metadata management. So that's a lot. So let's sum it up.
[20:35]
Chris Hare
Yes. Okay.
[20:36]
Dan Neville
Owners have ultimate accountability for the governance and strategic direction of systems and data controllers, ensure compliance with legal and regulatory requirements related to data processing.
[20:50]
Chris Hare
Okay.
[20:52]
Dan Neville
Processors handle personal data on behalf of data controllers and implement security measures to protect data. And then finally, custodians and stewards are responsible for the day to day management and protection of systems and data assets, implementing security controls and ensuring data integrity and quality.
[21:14]
Chris Hare
Well, that's a great question and great answer. Explanation. So Dan, Comptia says that the Security Exam is the most widely adopted ISO, ANSI accredited early career cybersecurity certification out there on the market. In your professional opinion, out of the top three popular certifications, network Security and A, which of these would you say is the hardest and why?
[21:43]
Dan Neville
Well, I'm going to say that security is the hardest of the three. The first time you take you look at A, it's very broad and wide, a lot of material but not a whole lot of depth. Networking builds on that. And Security plus, you have to have elements of A and Network plus plus in addition to the security requirements. So of the three exams, Security is the hardest.
[22:12]
Great.
[22:13]
Chris Hare
All right. That's very helpful to our listeners. So thank you so much for being here today, Dan.
[22:18]
Dan Neville
Thank you. I really appreciate it.
[22:20]
Chris Hare
So are there any upcoming Comptia practice tests or courses you'd like to promote here?
[22:25]
Dan Neville
Ooh, I get to do that?
[22:27]
Chris Hare
Yes, you do.
[22:27]
Dan Neville
So let's see, Cloud is being updated by Comptia. We should have that out very shortly. Later this fall it Fundamentals has been updated to a new exam called Tech and we'll have material for that Pen Test plus comes out also later in the fall, early in the winter. And the brand new exam Security X, the first second of their Security Expert exams replaced with CAASPP plus. And we'll have all those out end of the year or early beginning in 2025.
[23:05]
Chris Hare
Excellent. That's exciting to hear. So thank you Dan. And thank you for joining me for this week's Cert Bite. If you're actively studying for this certification and have any questions about study tips or even future certification questions you'd like to see, please feel free to email me at certbyten2k.com that's C E R T B Y T E number 2k.com if you'd like to learn more about N2K s practice tests, visit our website at n2k.com certify for more resources, including our N2K Pro offerings. Check out thecyberwire.com pro for sources and citations. For this question, please check out our show notes. Happy certifying.
[23:53]
Dave Buettner
Be sure to visit our show notes for links to the practice test and other helpful resources that Chris and Dan talked about. And now a word from our sponsor, NordPass. NordPass is an advanced password manager from the team behind NordVPN, designed to help keep your business safe from data leaks and cyber threats. It gives your IT professionals control over who has access to your company's data and makes it easy for everyone else on your team to use strong passwords. Right now, you can go to www.nordpass.com cyberwire for 35% off the NordPass business yearly plan. Don't miss out on that. And finally, Roger Ver, also known as Bitcoin Jesus, is facing US tax fraud charges over $240 million in token sales with accusations of evading over $48 million in taxes. Known for his crypto evangelism, Vere claims he's being targeted for his political views and insists he followed professional advice amid IRS crypto tax ambiguity. Arrested in Spain, Vere spent a stint in jail and now awaits a ruling on possible extradition to the U.S. the indictment alleges he hid substantial bitcoin holdings when renouncing U.S. citizenship in 2014 under reporting assets and crypto sales. While Vere continues living in Mallorca, practicing jiu jitsu and hosting friends, his supporters are rallying behind him, decrying what they call unjust prosecution. If extradited, Vere's case could set a precedent as the first crypto only tax case to go to trial. Bitcoin Jesus might not be walking on water, but he's definitely skating on thin ice with the IRS. And that's the CyberWire. For links to all of today's stories, check out our daily briefing@the cyberwire.com we'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like our show, please share a rating and review in your favorite podcast app. Please also fill out the survey in the show notes or send an email to cyberwiren2k. We're privileged that N2k Cyberwire is part of the daily routine of the most influential leaders and operators in the public and private sector. From the Fortune 500 to many of the world's preeminent intelligence and law enforcement agencies, N2K makes it easy for companies to optimize your biggest investment your people. We make you smarter about your teams while making your teams smarter. Learn how@n2k.com this episode is produced by Liz Stokes. Our mixer is Trey Hester with original music and sound design by Elliot Peltzman. Our executive producer is Jennifer Iban. Our executive editor is Brandon Karp. Simone Petrella is our president, Peter Kilpie is our publisher and I'm Dave Buettner. Thanks for listening. We'll see you back here tomorrow.
[28:01]
Dan Neville
The IT world used to be simpler. You only had to secure and manage environments that you controlled. Then came new technologies and new ways to work. Now employees, apps and networks are everywhere. This means poor visibility, security gaps, and added risk. That's why Cloudflare created the first ever connectivity cloud. Visit cloudflare. Com to protect your business Everywhere you do business.