Buckets of trouble. - CyberWire Daily

Summary7 min read

CyberWire Daily – Episode: "Buckets of Trouble"
Release Date: December 10, 2024
Host: Dave Buettner
Produced by: N2K Networks

Introduction

In the December 10, 2024 episode of CyberWire Daily, host Dave Buettner delves into a spectrum of pressing cybersecurity issues, from large-scale hacking operations and critical vulnerabilities to significant ransomware attacks and groundbreaking advancements in quantum computing. The episode also features an insightful interview with Jason Lamar, Senior Vice President of Product at Cobalt, who discusses the evolving landscape of offensive security. This comprehensive summary captures the key discussions, expert insights, and notable conclusions presented throughout the episode.

Major Cybersecurity Breaches and Vulnerabilities

Shiny Hunters and Nemesis Tied to Large-Scale Hacking Operation

Cybersecurity researchers Noam Rotem and Ran Lokar uncovered a sophisticated hacking operation linked to the notorious Shiny Hunters and Nemesis groups. This operation exploited vulnerabilities and misconfigurations to access sensitive data, including AWS keys, source code, and cryptocurrency wallets.

Notable Insights:
- Automation Tools: The attackers utilized tools like ff, httpx, and Shodan to automate exploits across millions of websites and endpoints globally.
- Data Sales: Stolen data was sold on Telegram by French-speaking individuals, generating revenue in the hundreds of euros.
- Operational Exposure: An open AWS S3 bucket inadvertently exposed the attackers' tools, techniques, and some identities, including links to Sezyu Kaizen, a convicted member of Shiny Hunters.
Mitigation Efforts: Collaborating with AWS, researchers mitigated the breach's impact and notified affected parties, highlighting the persistent threat posed by these sophisticated syndicates.

Dell Power Manager Vulnerability

A critical flaw in Dell Power Manager, a tool for managing power settings on Dell systems, was discovered, allowing attackers with local access to execute malicious code and escalate privileges.

Details:
- Vulnerability Score: The flaw carries a CVSS score of 7.8.
- Exploitation: Requires local access but is low in complexity and does not need user interaction.
Response: Dell promptly released version 3.17 to address the issue, urging immediate updates due to the absence of workarounds, thereby emphasizing the importance of timely patching and robust endpoint security.

TikTok's Efforts to Delay U.S. Ban

TikTok sought a federal court injunction to postpone a U.S. ban slated for January 19th, challenging the D.C. Circuit Court's mandate to sever ties with its Chinese parent company, ByteDance.

Legal Arguments:
- National Security: TikTok contends that the ban poses no immediate national security risk.
Current Status: The injunction request is pending, which could allow the incoming administration to reassess the case, potentially averting the ban and avoiding Supreme Court involvement.

Radiant Capital's $50 Million Cryptocurrency Heist

Radiant Capital reported a significant cryptocurrency theft of $50 million, attributing the attack to North Korean state-affiliated hackers known as Citrine Sleet (UNC4736 or Apple Juice).

Attack Mechanism:
- Advanced Exploitation: Bypassed security measures like hardware wallets and multi-signature verification using malware delivered via spoofed Telegram messages.
- Targeted Networks: Compromised developer devices to authorize transactions on Arbitrum and Binance smart chain networks.
Response: Radiant is collaborating with U.S. law enforcement and recovery firms to reclaim stolen funds while advocating for enhanced device-level security to prevent future breaches.

Ransomware Attacks on Japanese Firms

Japanese companies, including Kurita Water Industries and Ito N, reported ransomware attacks affecting their U.S. subsidiaries.

Impact:
- Kurita Water Industries: Attack on Qurita America resulted in encrypted servers and potential data leaks, though core systems remained operational.
- Ito N North America: Ransomware impacted servers in Texas, with operations being restored using backup data.
Trend: These incidents signal a surge in ransomware targeting Japanese firms in 2024, with other major companies like Fujitsu and Game Freak also affected.

WhatsApp's "View Once" Feature Under Scrutiny

Meta’s WhatsApp faced criticism after vulnerabilities in its "View Once" feature allowed attackers to bypass privacy protections using modified web clients.

Exploitation: Browser extensions ignored content restrictions, enabling recipients to save or share media intended for single views.
Response: Meta implemented a robust server-side fix in November to block "View Once" media access on web clients, though concerns about metadata exposure and vulnerabilities in mobile clients persist.
Expert Recommendations: Enhanced device integrity checks and Digital Rights Management (DRM) are suggested to bolster protection.

Spy Loan Malware Targeting Android Users

A surge in malicious loan apps posing as legitimate financial tools has been observed, particularly targeting Android users.

Threat Details:
- Prevalence: Over 8 million downloads globally, affecting users in India, Southeast Asia, Africa, and Latin America.
- Malicious Activities: Theft of financial information, contacts, and location details, leading to financial exploitation, blackmail, and harassment.
Mitigation: Authorities are intensifying efforts to combat these threats, emphasizing the need for stronger security measures and heightened user vigilance.

Romanian Electricity Distributor Ransomware Attack

Electrica Group, a major Romanian electricity distributor, is investigating an ongoing ransomware attack that has not yet impacted its critical SCADA systems.

Impact: Temporary disruptions are in place to safeguard infrastructure and data, serving over 3.8 million customers.
Context: This incident follows a report of over 85,000 cyberattacks targeting Romania's election infrastructure, underscoring the nation’s escalating cybersecurity challenges.

Industry Voices: Offensive Security with Jason Lamar of Cobalt

In the Industry Voices segment, Jason Lamar, Senior Vice President of Product at Cobalt, shares his expertise on the importance and evolution of offensive security.

The Crucial Role of Offensive Security

Jason Lamar emphasizes, “[16:47] Red teaming is crucial because it helps organizations understand their high-risk scenarios and assess how their defenses perform against simulated attacks.”

Proactive Measures: Offensive security involves being proactive to safeguard businesses against evolving cyber threats through methods like penetration testing and red teaming.

Penetration Testing as a Service (PTaaS)

Lamar discusses the landscape of PTaaS, highlighting both its benefits and challenges.

Types of Offerings: He notes, “[17:38] There’s a lot of snake oil in the market, with many providers offering automated scans masquerading as pen tests. It's essential to evaluate providers based on their methodology and experience."
Provider Selection: Lamar recommends using resources like GigaOM’s Radar to assess providers' capabilities, scalability, and integration strengths.

Setting Testing Cadence

Establishing an appropriate testing frequency is vital for maintaining security integrity.

Customization: “[20:49] Setting a cadence for penetration testing depends on your application’s maturity, change frequency, and the specific risks you aim to mitigate.” Regular assessments can range from annual tests to agile testing aligned with development cycles.

Advantages of External Providers

Engaging external offensive security providers offers several benefits over in-house testing.

Expertise and Flexibility: “[23:18] External providers bring specialized expertise and flexible resources, allowing organizations to scale their testing efforts without the overhead of maintaining an in-house team.” This is particularly beneficial for handling surge capacities and diverse testing needs.
Building Relationships: Establishing relationships with trusted providers ensures a deeper understanding of the organization’s unique security landscape, facilitating more effective and tailored security assessments.

Addressing Intimidation in Testing

Lamar reassures organizations that engaging with offensive security experts need not be intimidating.

Collaborative Approach: “[26:08] Trusted providers, who conduct thousands of tests annually, are adept at easing client concerns and tailoring their approach to meet specific needs.” Open dialogue and mutual understanding are key to successful engagements.

Groundbreaking Advances in Quantum Computing

The episode concludes with a discussion on Google's latest quantum computing achievement – the Willow chip.

Google's Willow Chip Milestone

Hartmut Nevin, Head of Google Quantum AI, announced that the Willow chip successfully addresses error correction challenges in scaling quantum computers.

Innovation: Unlike traditional approaches where adding more qubits increases errors, Willow reduces errors as more qubits are integrated, marking a historic advancement since Peter Shor's introduction of quantum error correction in 1995.
Significance: Nevin stated, “[27:02] We’ve built the first convincing prototype for a scalable logical qubit, bringing us closer to functional large-scale quantum computers.”

Industry Perspective

While Willow represents a significant leap, experts caution that practical quantum computing remains in its experimental phase.

Competitive Landscape: Google’s progress is juxtaposed with IBM’s ongoing efforts, including a $100 million initiative with U.S. and Japanese universities to develop quantum-centric supercomputers.
Collaborative Necessity: Quantum industry veteran Bob Sutor highlighted, “[27:45] Progress in quantum computing requires collaboration across regions and alliances, beyond mere financial investment.”
Future Outlook: Despite Willow’s success, the path to practical quantum computing is fraught with challenges, debates, and intense competition, underscoring the need for continued innovation and cooperation within the industry.

Conclusion

The "Buckets of Trouble" episode of CyberWire Daily provides a thorough examination of recent cybersecurity threats, vulnerabilities, and advancements. From uncovering sophisticated hacking operations and addressing critical software vulnerabilities to exploring the future of quantum computing and the nuances of offensive security, the episode delivers valuable insights for cybersecurity professionals and enthusiasts alike. The expert commentary by Jason Lamar enriches the discussion, offering practical advice on enhancing organizational security through proactive measures. As the cybersecurity landscape continues to evolve, staying informed and adaptable remains paramount.

[Listen to the full episode and access detailed show notes at thecyberwire.com.](https://thecyberwire.com)

Loading summary

Transcript15 lines

[00:02]
Dave Buettner
You're listening to the Cyberwire Network, powered by N2K. Quick question. Do your end users always, and I mean always without exception, work on company owned devices and IT approved apps? I didn't think so. So my next question is how do you keep your company's data safe when it's sitting on all those unmanaged apps and devices? 1Password has an answer to this Extended Access Management 1Password Extended Access Management helps you secure every sign in for every app on every device because it solves the problems traditional IAM and MDM can't touch. And it's now available to companies with Okta and Microsoft Entra and in beta for Google Workspace customers. Check it out@1Password.com cyberwire that's 1Password.com cyberwire Researchers uncover a large scale hacking operation tied to the infamous Shiny Hunters A Dell Power manager vulnerability lets attackers execute malicious code. TikTok requests a federal court injunction to delay a US ban. Radiant Capital attributed a $50 million cryptocurrency heist to North Korea. Japanese firms report ransomware attacks affecting their US subsidiaries. WhatsApp's view once feature faces continued scrutiny. Spy loan malware targets Android users through deceptive loan apps. A major Romanian electricity distributor is investigating an ongoing ransomware attack. Contenders for top cyber roles in the next Trump administration, visit Mar A Lago in our Industry Voices segment, Jason Lamar Cobalt, Senior vice President of Product, joins us to share insights on offensive security and Google's new Quantum chip promises scaling without failing. Coming to you live from the Cybersecurity Marketing Society's Cyber Marketing Con in Philadelphia. I'm Dave Buettner and this is your Cyberwire Intel Brief Briefing. Thanks for joining us here today. It is great as always to have you with us. Cybersecurity researchers Noam Rotem and Ran Lokar have uncovered a large scale hacking operation tied to the infamous Shiny Hunters and Nemesis groups. Exploiting vulnerabilities and misconfigurations, hackers accessed sensitive data including AWS keys, source code and cryptocurrency wallets. Using tools like ff, httpx and Shodan, they automated exploits targeting millions of websites and endpoints globally. The operation traced to French speaking individuals involved selling stolen data on Telegram for hundreds of Euros. Notably, an open AWS S3 bucket used by the attackers revealed harvested data and even linked back to Sezyu Kaizen, a convicted member of Shiny Hunters. This error exposed their tools, techniques and some identities. Researchers collaborating with AWS mitigated the impact and notified affected parties. Shiny Hunters, known for breaches at major firms like AT&T and Ticketmaster and Nemesis, tied to a black market forum demonstrate the sophistication of these syndicates. A critical vulnerability in Dell Power Manager, used to manage power settings on Dell systems, allowed attackers with local access and low privileges to execute malicious code and escalate privileges. The flaw stems from improper access control, enabling unauthorized access to sensitive system functions and potential full system compromise. Rated with a CVSS score of 7.8, the vulnerability requires local access but is low in complexity and does not need user interaction. Dell has released version 3.17 to address the issue, urging users to update immediately. No workarounds exist, emphasizing the need for timely patching and robust endpoint security to mitigate risks. TikTok has requested a federal court injunction to delay a U.S. ban set for January 19th as it appeals to the U.S. supreme Court. The D.C. circuit Court upheld a law requiring TikTok to sever ties with Chinese parent ByteDance. TikTok argues the ban poses no immediate national security risk and seeks a decision by December 16th. The injunction would allow the incoming administration to reassess the case, potentially avoiding harm and Supreme Court involvement. Defi platform Radiant Capital has attributed the $50 million cryptocurrency heist from its platform on October 16 to North Korean state affiliated hackers known as Citrine Sleet, also known as UNC4736 or apple juice. The sophisticated attack bypassed advanced security measures including hardware wallets and multi signature verification, exploiting malware delivered via a spoof telegram message. Hackers use the malicious payload inlet drift to compromise developer devices, enabling authorized transactions on the Arbitrum and Binance smart chain networks. Mandiant assisted in the investigation, linking the attack to North Korea's broader strategy of targeting cryptocurrency platforms to fund state operations. Radiant, a DEFI platform enabling cross blockchain asset management, emphasized the attacker's ability to evade standard verification processes. It's now working with US Law enforcement and recovery firms to reclaim stolen funds while calling for improved device level security to mitigate future threats. Japanese firms Kurita Water Industries and Ito N recently reported ransomware attacks affecting their U.S. subsidiaries. Querita, a global leader in water treatment chemicals, revealed that its Minnesota based Qurita America was targeted on November 29th. Attackers encrypted servers and potentially leaked data belonging to customers, employees and partners. However, core systems have been restored and operations remain unaffected. Similarly, Ito N North America, part of Japan's largest green tea producer, faced a ransomware attack on December 2, impacting servers in Texas. Backup data is being used to restore operations, and investigations are ongoing. These incidents highlight the surge in ransomware targeting Japanese companies in 2024, with major firms like Fujitsu, Game Freak and nidec also affected. Meta's WhatsApp faced criticism after a vulnerability in its view once featured allowed attackers to bypass privacy protections using modified WhatsApp web clients. The feature, designed to limit media to a single view, was undermined by browser extensions that ignored its restrictions, enabling recipients to save or share content. Meta initially deployed a partial fix in September, but attackers adapted quickly. A robust server side fix in November resolved the issue by blocking Once View media access on Web clients. While effective, this fix raised concerns about metadata exposure and left vulnerabilities in modified mobile clients. Experts suggest device integrity checks, or DRM for enhanced protection. Spy loan malware is a growing threat targeting Android users through deceptive loan apps masquerading as legitimate financial tools. These apps exploit social engineering to gain access permissions and steal sensitive data, including financial information, contacts and location details. Downloaded over 8 million times, spyloan apps bypass Google Play Store's filters and target users globally, with cases reported in India, Southeast Asia, Africa and Latin America. Victims face financial exploitation, blackmail and harassment. Authorities are combating the threat, but Spyloan's global prevalence demands stronger security measures and user vigilance. Electrica Group, a major Romanian electricity distributor, is investigating an ongoing ransomware attack that has not impacted its critical SCADA systems. The company, serving over 3.8 million customers, emphasize that temporary disruptions are precautionary measures to protect infrastructure and data. Romania's Energy Ministry confirmed the attack, stating that network equipment remains unaffected. The incident follows a declassified report revealing over 85,000 cyberattacks targeting Romania's election infrastructure, highlighting the country's increasing cybersecurity challenges. Electrica is collaborating with authorities to resolve the issue. A critical flaw in open WRTs attended sys upgrade feature could have enabled attackers to distribute malicious firmware via custom builds. OpenWRT is a popular Linux based OS for routers and IoT devices, and it's had vulnerabilities involving command injection and hash truncation. Researcher Ryotac demonstrated how these flaws allowed modification of firmware artifacts. OpenWRT developers promptly addressed the issue, fixing it within hours. Although no exploitation has been detected, users are urged to update their firmware to eliminate potential risks. Brian Harrell, a seasoned veteran of the Department of Homeland Security under the Trump administration, is reportedly a leading contender for high ranking cybersecurity roles in the next administration, the Record reports. Sources familiar with the situation reveal that Harrell has been invited to Mar A Lago in the coming weeks to interview for roles such as director of the Cybersecurity and Infrastructure Security Agency and DHS Undersecretary for Strategy, Policy and plans. Harrell, who previously served as DHS Assistant Secretary for Infrastructure protection, is well regarded for his expertise in safeguarding critical infrastructure. Recorded Future News first reported his candidacy for these prominent positions. He's not the only one under consideration. Matt Hayden, former DHS Assistant Secretary for Cyber Infrastructure Risk and Resilience, and Sean Plankey, a former National Security Council Cyber Team member and acting assistant secretary at the Department of Energy's Cybersecurity office, are also being considered for potential leadership at cisa. Two sources confirmed Plankey's name in the mix for the top CISA role. The forthcoming Mar? A Lago interviews are part of broader plans to fill key positions within DHS not only in cybersecurity but also in areas such as immigration enforcement and leadership roles at the Transportation Security Administration. This diverse hiring strategy reflects the transition team's focus on securing leadership across various critical sectors. Coming up after the break, Jason Lamar, Cobalt's senior Vice President of product, joins us to share insights on offensive security and Google's new quantum chip promises scaling without failing and now a word from our sponsor, KnowBefore. It's all connected and we're not talking conspiracy theories when it comes to infosec tools, effective integrations can make or break your security stack. The same should be true for security awareness training. KnowBefore, provider of the world's largest library of security awareness training, provides a way to integrate your existing security stack tools to help you strengthen your organization's security culture. KnowBefore's security coach uses standard APIs to quickly and easily integrate with your existing security products from vendors like Microsoft, CrowdStrike and Cisco 35. Vendor integrations and Counting Security Coach analyzes your security stack alerts to identify events related to any risky security behavior from your users. Use this information to set up real time coaching campaigns targeting risky users based on those events from your network, endpoint, identity or web security vendors. Then coach your users at the moment the risky behavior occurs with contextual security tips delivered via Microsoft Teams, Slack or email. Learn more@knowbefore.com SecurityCoach that's knowbefore.com SecurityCoach and we thank KnowBe4 for sponsoring our show Identity Architects and engineers modernize your identity systems with Strata, integrate legacy apps with any idp, ensure seamless identity failover, and apply MFA with without touching app code. Strada offers robust, efficient identity management, reducing tech debt and enhancing security. Gain peace of mind and operational efficiency with Strata's comprehensive solutions. Visit Strada IO CyberWire. Share your biggest identity challenge and enjoy free AirPods Pro. Optimize your identity solutions today. Visit Strata IO CyberWire and our thanks to Strata for being a longtime friend and supporter of this podcast. In our Industry Voices segment, Jason Lamar, Cobalt's senior vice president of product, joins us to share insights on offensive security, Staying ahead of Cyber threats and It.
[15:37]
Jason Lamar
Really Matters this whole area of offensive security matters. Why? Because being proactive is really critical to keeping your business safe from new and evolving cyber attacks. We have penetration testing, and that is changing more and more frequently as part of the software development lifecycle. And customers increasingly are adopting a pen testing as a service model because that's an area where this whole model shines. There's also a lot of automation, you know, where you have different capabilities being used. Offensive security is all about being proactive. It's about, you know, getting in the mindset of a external attacker, looking for the weaknesses that you have on your external attack surface.
[16:34]
Dave Buettner
Well, I want to dig into pen testing as a service, but before we do, what other things fall under the umbrella of offensive security measures? What sort of things would you categorize there?
[16:48]
Jason Lamar
I would say there's things like red teaming, where you're trying to understand your particular scenarios that are high risk for your particular kind of organization or threat stack, and how your defenses work in that is also really important. So having an adversarial mindset, looking at not just probing for vulnerabilities like a scanner, or even just basically trying to become more testing like you're the adversary.
[17:22]
Dave Buettner
Let's dig into some of the details about penetration testing as a service. Can we start off again sort of at a high level here? I mean, where do you think we stand when it comes to the types of offerings that are out there for this?
[17:38]
Jason Lamar
We see a lot of snake oil, to be honest, script kiddies that are running the same couple of tools calling it a pen test or even claiming that's offensive. You know, there's automated DAS scans that people are doing, and then they have some kind of human review calling that offensive. So there's a lot of snake oil. What we recommend is people look for the provider's methodology and how have they exercised that over years? Have they got experience with it? And offensive security is about going beyond pen testing and delivering a breadth of engagements based on maturity of an organization. Some organizations are Just starting out, they need to do scans to pick up the easy to find things. But as they mature they want to do pen testing to bring a variety of testing and outside in perspective. And then as they get even more mature, they'll do things like red teaming, secure code reviews and those kind of engagements. So depends on the maturity of the customer. But everyone's on a journey, I would say, to up their game.
[18:58]
Dave Buettner
Do you have any suggestions or words of wisdom for the types of questions people should be asking out there when you know if they want to align that provider with where they are on their own journey?
[19:11]
Jason Lamar
Well, I mean I think there's. Every industry has kind of a standard analysts or different folks that monitor the industry and give recommendations for the offensive security arena and especially the pen testing as a service arena. GigaOM is a great resource. They have a thing called the gigaom radar. And the gigaom radar really takes you through specific selection criteria areas where you might evaluate different providers or different companies that you know, you would get this from. And they'll talk about how the company's doing with actionable reporting or you know, how good their integrations are, you know, and they have a, how scalable they are, how quickly they can do testing for you. Because not everyone can plan ahead. But this GIGA ohm radar I think is super helpful in characterizing understanding different players and their strengths. And also who are the front runners or the folks that I think the terms they use are outperformers. But I mean it just helps you understand what the field is of providers and based upon your requirements, you can interpret what's most important there.
[20:34]
Dave Buettner
What about setting a cadence for this sort of thing? How often do you engage, how often do you have penetration test and testing happen? You know, how do folks go about dialing that in?
[20:49]
Jason Lamar
Well, I think it's always important to talk with the organization that you want to partner with and have them consult with you as part of the ongoing discussion you have about procuring tests or engaging them. Usually there's a, an assessment or some kind of, it's not even a costly thing. Do some kind of understanding of where you're at in, in your maturity of your testing program and that can help you understand what you need most. If you're not sure what you need to do, if you have very specific requirements and you know what you want, then it just depends on the kind of activity that you're looking at. You might say, well, I just need a very quick compliance test for a new product that I'M deploying. There's folks out there that can start a test within 24 hours and have you up and running. I know of one that can do that. And then there's whole programs where you've got a very mature application or group of applications and you know, they change less frequently. So you don't, you know, you do your annual test there, but maybe you spend your testing time on things that are changing a lot within applications, particularly around this area of LLM AI. Existing applications that have been stable and kind of not changing a lot are getting new experiences added to them. So we've had folks come and say, hey, I want to test this AI stuff. They may want to do a smaller test where they're just doing prompt injection kind of test, or they may want to have a new experience altogether and they want to do a comprehensive test. So it depends on what your application or asset is, the rates of change on it, and the risk that you want to try to mitigate by testing and at least having that visibility and then understanding how your controls will do and what compliance needs that you have to fulfill your organization's objectives.
[23:10]
Dave Buettner
And what are the advantages of engaging with someone from outside of your own organization to do this rather than handling it in house?
[23:19]
Jason Lamar
Well, if you're blessed with a team that is able to do this kind of testing, that's really great. A lot of organizations don't have the ability to hire for this in house, and even those that do often need what I would call surge resources. There's overflow work. And so that's where you want to look outside. If you don't know where to start, obviously engage with someone that you know, especially as part of the meet us kind of part of the relationship. You know, you'd. You'd want to have a discussion about your maturity and what your needs are. If you have specific projects that you know you need to do, you know they're on a timeline and scope is really clear and that kind of thing. Then you know, it's a good opportunity to use resources that can go fast. So you engage someone who's got a large network of testers available. That's going to be an easier process than going through a statement of work with each, you know, with different vendors for each test. There's some economies that you can have by working with organization that does pen testing as a service or red teaming as a service. And other benefits would be you have the ability to have a relationship with a company, do some testing with them. They know you, they know your assets and your organization kind of understand what your unique situation is and what you want to get out of things. And as more projects come up, then you can just add those into the work that you're already doing ongoing. Some customers, they have annual testing, you know, and that's kind of their thing. Other customers have like they want to do agile testing where especially increasingly with software development, there's an area of an app that's been undergoing a significant amount of change. Hey, we want to pen test that area outside of our annual cadence. Very common for that to happen as well. So you want a relationship with organizations that have those flexible capabilities to meet you in the kind of testing that you need.
[25:45]
Dave Buettner
You know, I can imagine that particularly for companies who are just starting down this path, that there's, there could be a certain amount of intimidation here that, you know, you're asking someone to come and poke at all the soft, exposed parts of your company here. I mean, is that part of that onboarding conversation to put people at ease and let them know exactly what to expect?
[26:09]
Jason Lamar
Absolutely. And to get yourself comfortable. First of all, do you like the folks you're talking with? That's always important, but folks that do this a lot, we do over 4,000 tests a year. Right. So there's a familiarity and understanding of folks that are entering the process and their care abouts and concerns that, you know, we are particularly tuned with and others like us. So don't be intimidated, but do engage and help the folks that you're talking with understand what your actual needs are. And if you don't know what your needs are, be willing to go through a conversation to uncover those. Because a lot of times that can be very enriching whether you buy anything or not.
[27:02]
Dave Buettner
That's Jason Lamar, senior vice president of product at Cobalt. We'll have a link to their research in our show Notes. And finally, Google's latest breakthrough in quantum computing, a chip named Willow, tackles the notorious challenge of error correction in scaling up quantum computers. Traditionally, adding more qubits, the building blocks of quantum systems, results in more errors, derailing the dream of functional quantum computing. But Willow flips the script, reducing errors as more qubits are added. Hartmut Nevin, head of Google Quantum AI, proudly announced they achieved below threshold error rates, a historic feat since Peter Shor introduced quantum error correction in 1995. Nevin likened the milestone to building the first convincing prototype for a scalable logical qubit, a step closer to truly large, useful quantum computers. But quantum enthusiasts, hold your champagne. The tech is still in the experimental phase. Remember when Google claimed quantum supremacy in 2019, IBM quickly played referee, disputing Google's assertion that its quantum processor outpaced supercomputers. Meanwhile, IBM continues its Quantum Crusade, launching a $100 million initiative with US and Japanese universities to create quantum centric supercomputers. Quantum industry veteran Bob Sutor reminds us that while companies like Google and IBM are pouring resources into solving Quantum's puzzles, progress requires more than just deep pockets, collaboration across regions, countries, and alliances. So while Willow's achievement is a major leap, the road to practical quantum computing is still filled with hurdles, debates, and undoubtedly a few more bold claims from competitors. Until then, Quantum's promise remains a tantalizing mix of science, strategy and a dash of corporate rivalry. And that's the Cyberwire. For links to all of today's stories, check out our daily briefing@the cyberwire.com we'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like our show, please share a rating and review in your favorite podcast app. Please also fill out the survey in the show notes or send an email to cyberwiren2k.com we're privileged that N2K Cyberwire is part of the daily routine of the most influential leaders and operators in the public and private sector. From the Fortune 500 to many of the world's preeminent intelligence and law enforcement agencies, N2K makes it easy for companies companies to optimize your biggest investment your people. We make you smarter about your teams while making your team smarter. Learn how@n2k.com this episode was produced by Liz Stokes. Our mixer is Trey Hester, with original music and sound design by Elliot Peltzman. Our executive producer is Jennifer Iban. Our executive editor is Brandon Carp. Simone Petrella is our president, Peter Kilpie is our publisher and I'm Dave Bittner. Thanks for listening. We'll see you back here tomorrow.