China’s shadow over U.S. telecom networks. - CyberWire Daily

Summary6 min read

CyberWire Daily – Episode Summary: "China’s Shadow over U.S. Telecom Networks"

Release Date: January 6, 2025
Host: Dave Bittner, N2K Networks

1. Introduction

In this episode of CyberWire Daily, host Dave Bittner delves into a range of pressing cybersecurity issues, with a primary focus on China’s increasing influence and cyber activities targeting U.S. telecom networks. The episode also covers significant vulnerabilities, emerging cyber threats, policy developments, and notable industry news, providing listeners with comprehensive insights into the current cybersecurity landscape.

2. China's Shadow Over U.S. Telecom Networks

Overview: China’s sophisticated cyber operations are increasingly targeting critical U.S. telecom infrastructure. Recent reports highlight the activities of two prominent Chinese hacking groups, Volt Typhoon and Salt Typhoon, underscoring the national security implications of their actions.

Key Points:

Volt Typhoon: Responsible for the 2022 cyberattack on Guam’s Power Authority (GPA), Volt Typhoon is linked to over 100 intrusions aimed at disrupting U.S. military operations in the Indo-Pacific region. This strategy potentially serves to disable U.S. responses in the event of a conflict over Taiwan.

"The GPA incident is particularly alarming since it serves the US Navy. Highlighting the national security stakes, the US has made countering Volt Typhoon a priority," [03:03] Dave Bittner.
Salt Typhoon: This group has infiltrated at least nine major U.S. telecom companies, including AT&T, Verizon, and T-Mobile, with recent victims being Charter Communications, Consolidated Communications, and Windstream. The 2021 Port Houston attack, where a disguised attacker accessed a password reset server, exemplifies their persistent threat.

"These incidents illustrate China's sophisticated and targeted cyber campaigns with serious implications for US national security," [03:03] Dave Bittner.
Chinese Denials: China officially denies involvement in these cyberattacks. Liu Pengyu, a Chinese embassy spokesperson, dismissed the allegations as baseless smear campaigns.

3. Vulnerability and Security Concerns

Tenable's Nessus Agent Vulnerability: Tenable identified a critical issue where Nessus agents went offline during plugin updates, affecting Tenable Vulnerability Management and Security Center. The problem led to halted updates until an patched version was released on January 2, 2025. Organizations are advised to update immediately or downgrade to ensure security integrity.

"The root cause remains undisclosed, with potential customer impacts unclear," [03:XX] Dave Bittner.

NUCLEI Vulnerability: A vulnerability in the open-source Vulnerability Scanner, NUCLEI, allows attackers to bypass template signature verification and inject malicious code by exploiting discrepancies in regex-based signature verification and YAML parser behavior.

"Users should update immediately and isolate NUCLEI to prevent risks," [03:XX] Dave Bittner.

4. Emerging Cyber Threats

Info Stealer Campaign Targeting Gamers on Discord: A new campaign deceives gamers by sending unsolicited messages from fake game developers seeking beta testers. Victims who download the provided installer unknowingly install malware like NovaStealer, AgiosStealer, or HexonStealer, leading to credential theft and financial losses.

"The ultimate goal of these scams is financial theft and account compromise," [03:XX] Dave Bittner.

Fake "Edit this Cookie" Browser Extension: Cybercriminals have created a fraudulent version of the popular "Edit this Cookie" extension, now downloaded over 50,000 times. This fake extension steals login credentials, conducts phishing attacks, and injects advertising scripts.

"This incident underscores ongoing challenges in Google's Chrome Web Store security," [03:XX] Dave Bittner.

ESET’s Warning to Windows 10 Users: With support for Windows 10 ending on October 14, 2025, ESET warns users to upgrade to Windows 11 or switch to Linux to avoid significant security risks from new vulnerabilities, as freeze on free updates makes the OS increasingly insecure.

"Without free updates, Windows 10 users will face significant security risks from newly discovered vulnerabilities," [03:XX] Dave Bittner.

5. Ransomware in Healthcare Sector

West End Dental’s Ransomware Settlement: An Indiana-based dental practice, West End Dental, agreed to pay a $350,000 settlement following allegations of a ransomware cover-up from a 2020 attack. The practice failed to conduct a forensic investigation or notify affected individuals, violating HIPAA and state breach laws.

"The case highlights the growing enforcement of data privacy regulations in health care," [03:XX] Dave Bittner.

6. United Nations Cybercrime Treaty Discussion with Tim Starks

Interview with Tim Starks: Senior reporter Tim Starks from CyberScoop provides an in-depth analysis of the newly adopted United Nations Cybercrime Treaty, highlighting its origins, controversies, and potential implications for global cybersecurity.

Key Insights:

Origins and Controversies: Initiated by Russia and supported by other authoritarian regimes, the treaty has raised concerns about potential abuses related to human rights and press freedoms.

"The potential for harm with something like that is very deep," [15:26] Tim Starks.
Ratification Challenges: With a requirement of 40 nations to ratify for enforcement, uncertainty remains, especially regarding the United States’ participation amid political resistance.

"It's going to be difficult for it to happen in the United States," [17:46] Tim Starks.
Implementation and Enforcement: Even after ratification, the treaty’s effectiveness will depend on how countries implement and enforce its provisions, which may vary significantly across different political landscapes.

Outlook for 2025: Starks anticipates a tumultuous year in cybersecurity policy, influenced by the new U.S. administration’s approaches and the unpredictable nature of cyber threats.

"Policymaking wise, it's going to be really fascinating to watch what happens on the threat side," [21:01] Tim Starks.

7. Outlook for 2025

Predictions and Areas of Focus:

Policy Developments: A new, potentially erratic U.S. administration's impact on cybersecurity regulations and international alliances.
Emerging Threats: Unpredictable cyberattack vectors and evolving spyware threats despite ongoing regulatory efforts.
Telecommunications Security: Continued vulnerability in telecom networks, emphasizing the need for robust defenses against state-sponsored attacks.

"You just never know what day somebody's going to use some kind of strange vector to attack somebody you didn't expect to get attacked," [21:01] Tim Starks.

8. Tribute to Amit Yoran and Tenable Update

Passing of Amit Yoran: Cybersecurity leader Amit Yoran, Chairman and CEO of Tenable, passed away at 54 after battling cancer. His contributions to the industry, including founding RSA Security NetWitness and serving as National Cybersecurity Director at DHS, left a lasting impact.

Company Transition: Following Yoran’s passing, Tenable appointed CFO Steve Vince and COO Mark Thurmond as interim co-CEOs, with Art Coviello set to chair the board, ensuring continued stability and adherence to Yoran’s legacy.

"The cybersecurity community mourns the loss of a true visionary and leader," [23:XX] Dave Bittner.

Conclusion

This episode of CyberWire Daily provides a comprehensive overview of critical cybersecurity issues, highlighting China's sophisticated cyber operations targeting U.S. telecom infrastructure, emerging vulnerabilities, and evolving cyber threats. The discussion with Tim Starks sheds light on the controversial UN Cybercrime Treaty and its potential implications. Additionally, the industry mourns the loss of a key leader, Amit Yoran, whose contributions have significantly shaped the cybersecurity landscape.

By addressing these multifaceted topics, CyberWire Daily ensures that listeners are well-informed about the dynamic and often unpredictable nature of cybersecurity in 2025.

Notable Quotes:

"These incidents illustrate China's sophisticated and targeted cyber campaigns with serious implications for US national security," – Dave Bittner [03:03]
"The potential for harm with something like that is very deep," – Tim Starks [15:26]
"You just never know what day somebody's going to use some kind of strange vector to attack somebody you didn't expect to get attacked," – Tim Starks [21:01]

Resources and Further Reading:

For detailed insights and access to all stories discussed in this episode, visit the CyberWire daily briefing at thecyberwire.com.

Produced by Liz Stokes, mixed by Trey Hester, with music and sound design by Elliot Peltzman. Executive Producer: Jennifer Iban. Executive Editor: Brandon Karp. President: Simone Petrella. Publisher: Peter Kilpe.

Loading summary

Transcript23 lines

[00:02]
Dave Bittner
You're listening to the Cyberwire Network, powered by N2K. What's the best time of day to get a deal? All day with Jack in the Box's all day Big deal meal. You get to choose from four entrees.
[00:19]
Tim Starks
Like the supreme croissant and five tasty.
[00:22]
Dave Bittner
Sides plus a drink starting at $5. So hurry in or take your time.
[00:27]
Tim Starks
You've got all day at Jack.
[00:29]
Dave Bittner
Every bite's a big deal. Ransomware supply chain attacks and zero day exploits can strike without warning, leaving your business's sensitive data and digital assets vulnerable. But imagine a world where your cybersecurity strategy could prevent these threats. That's the power of the Threat Locker Zero Trust Endpoint Protection Platform Robust cybersecurity is a non negotiable to safeguard organizations from cyberattacks, ThreatLocker implements a proactive, deny by default approach to cybersecurity, blocking every action process end user unless specifically authorized by your team. This least privilege methodology mitigates the exploitation of trusted applications and ensures protection for your organization. 247365 IT professionals are empowered by ThreatLocker application allowance listing, Ring Fencing, Network Control, and EDR solutions, enhancing their cybersecurity posture and streamlining internal IT and security operations. To learn more about how ThreatLocker can help mitigate unknown threats in your digital environment and align your organization with respected compliance frameworks, visit threatlocker.com A new report sheds light on both Volt and Salt Typhoons penable updates faulty NESSUS agents and resumes plugin updates. A new info stealer campaign targets gamers on Discord. A fake version of a popular browser extension has been discovered stealing login credentials and conducting phishing attacks. Eset warns Windows 10 users of a potential security fiasco. A vulnerability in NUCLEI allows attackers to bypass template signature verification and inject malicious code. An Indiana dental practice pays a $350,000 settlement over an alleged ransomware cover up. Tim Starks, senior reporter from cyberscoop, joins us today to discuss a new United Nations Cybercrime treaty along with his outlook for 2025 and a fond farewell to a vision.
[02:57]
Tim Starks
Foreign.
[03:03]
Dave Bittner
It's Monday, January 6, 2025. I'm Dave Bittner and this is your Cyberwire Intel Briefing. Happy Monday and thank you for joining us here today. It is great to have you with us. Two major reports published this past weekend shed light on China's escalating hacking campaigns. A Bloomberg article focused on Volt Typhoon, the Chinese group behind the 2022 cyberattack on Guam's power authority the GPA. This hack, tied to over 100 intrusions, raised concerns about China's capability to disrupt US military operations in Guam, a strategic hub in the Indo Pacific. Experts see this as part of a potential strategy to disable US Responses in a Taiwan conflict. The GPA incident is particularly alarming since it serves the US Navy. Highlighting the national security stakes, the US has made countering Volt Typhoon a priority, but China has denied any involvement. Liu Pengyu, a Chinese embassy spokesperson, dismissed the allegations as baseless smear campaigns. A Wall Street Journal piece examined Salt Typhoon, the Chinese hacking group that has infiltrated at least nine major U.S. telecom companies, including AT&T, Verizon and T Mobile. Newly identified victims include Charter Communications, Consolidated Communications, and Windstream. The article also revisited China's 2021 Port Houston attack, where a disguised attacker accessed a password reset server. Notably, a cybersecurity vendor flagged the breach, but a misjudgment by the port's cybersecurity chief led to the attack being dismissed as a false alarm right before he went to lunch at Whataburger. These incidents illustrate China's sophisticated and targeted cyber campaigns with serious implications for US national security. The revelations spotlight the vulnerabilities in critical infrastructure and the growing urgency to bolster defenses against state sponsored cyber attacks. Tenable temporarily disabled Nessus agent versions after discovering they went offline during plugin updates. The issue affecting Tenable Vulnerability Management and Security center led to halted updates while the company investigated. On January 2, Tenable released an updated version, which resolves the problem, and resumed plugin updates. Organizations are advised to either update to the latest version or downgrade to a previous version to ensure plugin resets were needed. The root cause remains undisclosed, with potential customer impacts unclear. Gaming enthusiasts are being warned about a new infostealer campaign targeting Discord users. Scammers send unsolicited messages claiming to be game developers seeking beta testers. Victims receive a download link and password for an installer, but instead of a game, they unknowingly install information, stealing malware like NovaStealer, AgiosStealer or HexonStealer. These malware strains steal credentials, Discord tokens, browser data, cryptocurrency wallet information, and more. The scam often uses compromised accounts and credible hosting platforms, including Dropbox and Discord's own content delivery network, to appear legitimate. Criminals leverage stolen Discord credentials to manipulate users into further scams, expanding their reach. To stay safe, users should maintain up to date anti malware software, verify suspicious messages through alternate channels, and avoid downloading files from unsolicited messages. The ultimate goal of these scams is financial theft and account compromise. A fake version of the popular Edit this Cookie browser extension has been discovered stealing login credentials and conducting phishing attacks. The legitimate Edit this cookie, used by millions to manage browser cookies, was recently removed from the Chrome Web Store, likely due to incompatibility with Google's new manifest version 3 framework. Cybercriminals exploited this gap, launching a fraudulent version. Edit this cookie with a registered trademark sign, now downloaded over 50,000 times. Malware analyst Eric Parker revealed the extension's malicious features, including phishing mechanisms, Facebook credential theft, and advertising scripts for revenue. Although current versions lack cookie exfiltration, future updates could escalate risks through Chrome's automatic updates. Users should audit their extensions, avoid suspicious add ons, and enable Chrome's enhanced safe browsing. This incident underscores ongoing challenges in Google's Chrome Web Store security and the controversial rollout of Manifest version 3. ESET is urging Windows 10 users to upgrade to Windows 11 or Linux before the operating system support ends on October 14, 2025. Without free updates, Windows 10 users will face significant security risks from newly discovered vulnerabilities. ESET's Thorsten Urbansky warns that delaying the upgrade could lead to a security fiasco. Windows 10 remains the most widely used OS globally, but with 63% of Windows users compared to 34% on Windows 11. Many users hesitate to upgrade due to missing features, performance issues, or hardware incompatibilities such as the Trusted Platform module requirement. Businesses and consumers relying on older devices face limited Upgrade to Windows 11, switch to another OS, or pay costly extended security updates. These updates, priced at up to $427 over three years, highlight the urgency to transition a vulnerability in nuclei. The open source Vulnerability Scanner allows attackers to bypass template signature verification and inject malicious code. NUCLEI uses YAML templates to scan websites for vulnerabilities and executes commands locally to extend functionality. Templates are protected by a digest hash for verification. The flaw exploited differences between go's regex based signature verification and YAML parser behavior with line breaks. Attackers could inject malicious content by manipulating how R is processed, bypassing verification but executing when parsed. Additionally, nuclei's limited digest line verification in a template allowed attackers to add additional malicious payloads in subsequent lines. WIZ researchers disclosed the issue to project discovery on August 14th of last year. It was fixed by nuclei on September 4th. Users should update immediately and isolate NUCLEI to prevent risks. Indiana based West End Dental has agreed to pay $350,000 and enhance data security measures following allegations of a ransomware cover up from 2020. The incident, which encrypted patient records via Medusa Locker malware, only came to light during a 2022 investigation triggered by a patient complaint about missing X rays. West End allegedly failed to conduct a forensic investigation or notify affected individuals, violating HIPAA and state breach laws, despite knowing its systems were hacked. The practice falsely claimed the data loss resulted from a server formatting error. Regulators allege West End attempted to hide the breach and delayed reporting it for two years. Under a consent order, West End must improve HIPAA compliance, notify all patients as of November 2023 and address allegations of improperly sharing patients protected health information online. The case highlights the growing enforcement of data privacy regulations in health care. Coming up after the break, Tim Starks from CybersGroup joins us to discuss a new United nations cybercrime treaty and a fond farewell to a visionary leader. Stay with us. And now a word from our sponsor, KnowBe4. It's all connected and we're not talking conspiracy theories when it comes to infosec tools, effective integrations can make or break your security stack. The same should be true for security awareness training. KnowBeFor, provider of the world's largest library of security awareness training, provides a way to integrate your existing Security stack tools to help you strengthen your organization's security culture. KnowBeFor's security coach uses standard APIs to quickly and easily integrate with your existing security products from vendors like Microsoft CrowdStrike and Cisco. 35. Vendor integrations and Counting Security Coach analyzes your security stack alerts to identify events related to any risky security behavior from your users. Use this information to set up real time coaching campaigns targeting risky users based on those events from your network, endpoint identity or web security vendors. Then coach your users at the moment the risky behavior occurs, with contextual security tips delivered via Microsoft Teams, Slack or email. Learn more@knowbe4.com SecurityCoach that's knowbe4.com SecurityCoach and we thank knowbe4 for sponsoring our show. Do you know the status of your compliance controls right now? Like right now, we know that real time visibility is critical for security, but when it comes to our GRC programs, we rely on point in time checks. But get this, more than 8,000 companies like Atlassian and Quora have continuous visibility into their controls with Vanta. Here's the gist Vanta brings automation to evidence collection across 30 frameworks like SoC2 and ISO 27001 they also centralize key workflows like policies, access reviews and reporting, and helps you get security questionnaires done five times faster with AI. Now that's a new way to GRC. Get $1,000 off Vanta when you go to vanta.com cyber that's vanta.com cyber for $1,000 off. It is always my pleasure to welcome to the show Tim Starks. He is a senior reporter at cyberscoop. Tim, thanks for joining us.
[15:10]
Tim Starks
Good to be here in the new year.
[15:12]
Dave Bittner
I want to touch on a story that you wrote for cyberscoop here. This is about the UN adopting a cybercrime treaty that is not without controversy here. Can you unpack what's going on for us, Tim?
[15:26]
Tim Starks
Yeah, this was something that has been in the works for five years, initiated by Russia. So if you were starting to start off skeptical about what they might want to do with the cybercrime treaty, that's some ground. The other countries that were in favor of it were countries that had a reputation for being repressive or authoritarian. So it finally came to a head on December 24th because, you know, everybody wants this for Christmas Eve. They're thinking, I think cybercrime treaty.
[15:58]
Dave Bittner
There's no minute like the last minute.
[16:01]
Tim Starks
The United nations at the last minute decided to do something with this. And I'll talk about what's troubling about it for people, but I'll just say that, you know, for our story, since this came out last week, we focused on what comes next, so we can talk about that in a second. But the parts of it that are controversial is there are a bunch of ways that this could be implemented or interpreted by countries that have those kinds of repressive backgrounds to abuse human rights. Journalists, lots of things. And one of the examples is that the requirement for cooperation amongst the treaty signatories is triggered by, in one case, what is the penalty for the crime? What is the length of the penalty of the crime? And if it's a long enough penalty, then you're obligated to cooperate. That's vague enough that if you're, you know, I think that it was David Kay, the former UN Special Rapporteur. I don't actually say not to say that word. That's the first on human rights. He said it's a crime in Russia to criticize the military. So the potential for harm with something like that is very deep. And that's just one example of what makes it controversial. There are some people who will speak in defense of it, but the United States is Really a reluctant part of what's going on here.
[17:27]
Dave Bittner
Help me understand the process of something like this going through the various machinations with the UN like, as something gets proposed and then is there ratification and enforcement and where do we stand with it now? And at what point does something like this actually get some teeth?
[17:46]
Tim Starks
Yeah, it's probably a ways off. During the process, when it started five years ago, the United States opinion was the Budapest Convention, an earlier cybercrime convention that was not UN Convention, I don't believe had done the trick that it was the thing that we should use. Russia, China, some other countries didn't like that convention, so they wanted to start their own with the U.N. the United States said, well, we can protest and sit it out, or we can look at the math and see that enough countries want to do this that we'd rather be on the inside negotiating and making things better, putting some provisions in there that they talk about saying nothing in this shall be construed to harm human rights, saying that those are some defenses against it. But it's a long, arduous, years long process of negotiating. You know, an earlier committee just in August voted on it. That was sort of the definitive, okay, this is going to happen. And the United States was uncertain whether they were going to vote for it and decided ultimately to do so, hoping that they could have an impact on the implementation side. Again, reading the math and going, we're probably not going to. This is going to probably happen with or without us. We need to make sure it happens with us. So the next steps are that 40 nations, as set by the rules of this particular treaty, as I understand it, I think that there's a variable on how many nations must ratify for it to enter into force. It's 40 in this case. The people I spoke to, I didn't actually mention this in the story, so this is exclusive for Cyber Wire listeners. Most of the people I spoke to think it's going to happen that there will be 40 nations. What's unclear is whether the United States will be one of them. I think it's going to be difficult for it to happen in the United States. Then it enters into force and then they start getting into implementation and oversight. And that's many, many years down the line. Just to give you a sense, I think it was four years before the United States approved. The Senate and the President were like, we're on board with the Budapest Convention. These things can take a long time.
[19:40]
Dave Bittner
And this requires approval. Is it 2/3 approval from the Senate? I believe, yes.
[19:45]
Tim Starks
Exactly.
[19:46]
Dave Bittner
So not easy, especially in today's Senate.
[19:49]
Tim Starks
Yeah, it's not easy in any Senate. In this Senate, you know, it's going to be, what is it, 51, 49 or something like that. It's a pretty close margin coming up in January. And then you have, you know, President Trump vacillates back and forth on how he feels about certain kinds of international alliances, but he does tend to be in that camp of, I'd rather not be bound by what the rest of the nation wants, what the rest of the world wants to do. You know, he seems to have reflexive resistance to that kind of thing. So I suppose if the right person gets in his ear, if he thinks that this will make Putin happy, maybe he'll be on board. But then you still have to get through the Senate. And I can't imagine great many senators liking this. We already have seen an indication from at least a handful of Democratic senators that they think this is really bad. So I think it's a tough road in the United States in particular.
[20:43]
Dave Bittner
Well, before I let you go, let's do a little pivot here. And since this is the beginning of the year and it is the time when we do these sorts of things, what's Your outlook for 2025 and anything strike you as being noteworthy as we enter the coming year?
[21:01]
Tim Starks
I mean, certainly one of the top stories I'm going to be watching, one of my beat focuses is policymaking. And the fact that there's a new president who can be erratic in terms of what he supports and what he believes and what he does is going to make that a very interesting development. I reported in this fall about some of the personnel that he was potentially going to be bringing in, either because those people wanted to be in or because they were people who just made sense for him to bring in. And there weren't a lot of people that you would. And this is a quote from one of the people who was a supporter saying, these weren't a bunch of. They aren't a bunch of MAGA radicals. So there, you know, in the previous Trump administration, there was that there was the control, if you will, of cyber pros kind of keeping their head down, but also doing policy work that wasn't controversial, at least until the end, when Christopher Krebs ran afoul of the president on election Lies. So it'll be fascinating to see what he does. I mean, I'll give an example of why the kind of thing that I find interesting, a lot of people in Trump's circle or who are Trump supporters or Trump oriented people on cyber say that he's going to curtail regulations. But if you look at the Republican national RNC platform, it said we need minimum security standards for critical infrastructure, which is what this past administration is doing. So policymaking wise, it's going to be really fascinating to watch what happens on the threat side. This is the part that's always the most unpredictable and it's one of the things that makes the job never boring. You know, you just never know what day somebody's going to use some kind of strange vector to attack somebody you didn't expect to get attacked. I don't think anybody, you know, while we could have worried about the state of telecommunications security coming into 2024, I don't think we would have said, oh yeah, we're going to end 2024 with the biggest hack of that sector ever. So that's always hard to predict. On the spyware side, that's also going to be really fascinating. That's another thing I cover a lot. You know, there's been some progress in lots of ways in the, in the fight against that. There was the Facebook WhatsApp meta ruling against NSO group. There have been some changes made by this Biden administration to that seem to have isolated or harmed some of these worst case providers. And there's the polish examination of what's going on there, what had gone on in their past. There are a lot of things that you could point to and say this is promising, but they also have a way of bouncing back. Like a lot of threats, you think that you've got them down and you might not. And that's not me denigrating any specific company. That's just me saying that the misuse of spyware seems like it's been here for a while and it's going to stay. I'll be curious to see how much the, the waves lap in and lap out and how, whether they recede to a certain point and stay receded. That'll be another thing I'll be thinking about a lot in the near.
[23:58]
Dave Bittner
Yeah. All right, well, thank you again for joining us. Wishing you all the best this new year. Tim Starks is senior reporter at cyberscoop. Great to catch up with you, Tim.
[24:08]
Tim Starks
Definitely, thanks. Thanks, David.
[24:23]
Dave Bittner
And now a message from our sponsor, Zscaler. The leader in cloud security. Enterprises have spent billions of dollars on firewalls and VPNs. Yet breaches continue to rise by an 18% year over year increase in ransomware attacks and a $75 million. Record payout in 2024. These traditional security tools expand your attack surface with public facing IPs that are exploited by bad actors more easily than ever With AI tools, it's time to rethink your security Zscaler Zero Trust plus AI stops attackers by hiding your attack surface making apps and IPs invisible eliminating lateral movement Connecting users only to specific apps, not the entire network Continuously verifying every request based on identity and context simplifying security management with AI powered automation and detecting threats using AI to analyze over 500 billion daily transactions. Hackers can't attack what they can't see. Protect your organization with Zscaler Zero Trust and AI. Learn more@Zscaler.com Security and finally, cybersecurity leader Tenable has announced the heartbreaking passing of its chairman and CEO Amit Yoran, at the age of 54, following a courageous battle with cancer. A pillar in the cybersecurity world, Yoran was admired for his leadership and vision, having guided tenable since 2016. Yoran's career was marked by significant contributions, including roles at RSA Security Net Witness, which he founded, and Symantec. He also served as National Cybersecurity director at the U.S. department of Homeland Security, leaving a lasting legacy in public and private sectors. Following his medical leave in December, CFO Steve Vince and COO Mark Thurmond were named interim CO CEOs, ensuring stability during this transition. Art Coviello, an industry veteran, will chair the board. Tenable honors Joran's impact and assures stakeholders of its ability to meet financial expectations, reflecting the resilience he instilled in the company. The cybersecurity community mourns the loss of a true visionary and leader. And that's the CyberWire. For links to all of today's stories, check out our daily briefing@thecyberwire.com we'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like our show, please share a rating and review in your favorite podcast app. Please also fill out the survey in the show notes or send an email to cyberwire2k. We're privileged that N2k cyberwire is part of the daily routine of the most influential leaders and operators in the public and private sector, from the Fortune 500 to many of the world's preeminent intelligence and law enforcement agencies. This episode was produced by Liz Stokes. Our mixer is Trey Hester, with original music and sound design by Elliot Peltzman. Our executive producer is Jennifer Iban. Our executive editor is Brandon Karp. Simone Petrella is our president. Peter Kilpe is our publisher, and I'm Dave Bittner. Thanks for listening. We'll see you back here.