Chrome & Firefox squash the latest flaws. - CyberWire Daily

Summary8 min read

CyberWire Daily: Chrome & Firefox Squash the Latest Flaws
Released: April 2, 2025
Host: Dave Buettner, CyberWire Network, powered by N2K Networks

Introduction

In the April 2, 2025 episode of CyberWire Daily, host Dave Buettner delivers a comprehensive roundup of the latest cybersecurity developments. The episode delves into critical browser security updates, significant data breaches, sophisticated cyberattack campaigns, vulnerabilities in major cloud platforms, legal actions against tech giants, and insights from a high-profile cybersecurity leader. Additionally, the episode features an informative segment on the Cisco Enterprise Network Core Technologies exam, catering to professionals aiming to bolster their networking expertise.

1. Browser Security Updates: Chrome 135 & Firefox 137

Patching Critical Flaws

Google and Mozilla took proactive steps to enhance browser security by releasing updates for Chrome and Firefox.

Chrome 135: This update addresses 14 security vulnerabilities, including a high-severity "use after free" bug in navigations, which could be exploited for unauthorized code execution. Notably, Google rewarded Philip Beer with a $10,000 bug bounty for a vulnerability related to custom tabs ([00:10:02] Buettner).
Firefox 137: Mozilla's release fixes eight flaws, with three high-severity memory bugs that similarly pose risks of code execution. Updates are extended to Firefox ESR and Thunderbird, ensuring comprehensive protection across platforms.

Urgent Update Recommendations

Both companies emphasize the importance of promptly applying these updates to mitigate potential exploitation, although there is currently no evidence of these specific bugs being actively exploited in the wild.

“Chrome 135 is now available for Linux, Windows, and macOS, while Firefox 137 is live for all supported platforms.” ([00:10:40] Buettner)

2. Data Breach at UK's Royal Mail Group

Massive Data Leak

A significant breach has impacted the UK's Royal Mail Group, with a threat actor known as Ghna leaking 144 gigabytes of stolen data on breach forums. This incident mirrors a previous breach at Samsung and traces back to a 2021 Infostealer malware infection at Spectos, a third-party data service provider.

Details of the Leaked Data

The compromised data includes:

Customer PII (Personally Identifiable Information)
Internal Zoom recordings
Mailing lists
Delivery data
WordPress SQL database

Implications and Insights

The breach highlights critical flaws in supply chain security, demonstrating how outdated stolen credentials can culminate in extensive data exposure years later.

“Hackers are increasingly using AI to extract value from such large data dumps, enabling faster, more targeted attacks.” ([00:11:55] Buettner)

Call for Enhanced Security Measures

This incident underscores the urgent need for:

Improved third-party risk management
Continuous monitoring
Implementation of AI-aware defenses within cybersecurity strategies

3. Bizarre Recruitment Campaign to Hack Chinese Websites

Unorthodox Recruitment Tactics

A mysterious figure named Jack has initiated a peculiar campaign offering up to $100,000 a month to cybersecurity professionals tasked with hacking Chinese websites using web shells. The campaign propagates via sockpuppet accounts on X Twitter, featuring AI-generated avatars and vague incentives.

Campaign Characteristics

Objective: "Hack any website registered in China" with no specific targets, emphasizing volume over precision.
Conflicting Claims: Jack ambiguously mentions working for the Indian government, leading to speculation about the campaign’s true intent.

Expert Opinions

Security experts remain baffled, debating whether the campaign is genuine or a form of trolling. Despite its dubious nature, there have been no reports of phishing or malware distribution associated with the campaign.

“The campaign is persistent, widespread, and bizarre, with no clear motive or endgame.” ([00:15:10] Buettner)

4. PostgreSQL Servers Compromised for Cryptojacking

Jinx0126 Campaign Exploitation

Over 1,500 PostgreSQL servers with weak credentials have fallen victim to the Jinx0126 cryptojacking campaign. This operation leverages vulnerabilities in PostgreSQL to execute system commands, terminate competing miners, and deploy the XMRig mining software for cryptocurrency extraction.

Technical Breakdown

Exploitation Method: Utilization of PostgreSQL SQL commands to install malicious binaries.
Persistence Mechanism: A spoofed postmaster binary ensures continued unauthorized access and privilege escalation.
Evasion Techniques: The campaign employs unique hashes and fileless execution to bypass traditional detection methods, indicating a sophisticated evolution in cloud-targeted attacks.

“The campaign uses unique hashes and fileless execution to bypass detection, marking a sophisticated evolution in cloud-targeted attacks.” ([00:16:50] Buettner)

5. Google Cloud Patches "Imagerunner" Vulnerability

Vulnerability Details

Google Cloud has addressed a vulnerability named imagerunner affecting its Cloud Run platform. Discovered by Tenable, the flaw permitted users with specific permissions to modify cloud run services and access private container images, potentially leading to the extraction and exfiltration of sensitive data.

Remediation Measures

Patch Deployment: Google fully deployed the fix by January 28, 2025, and now enforces stricter IAM (Identity and Access Management) checks during deployments to prevent unauthorized image access.
Customer Notifications: Customers were alerted about the vulnerability in November 2024.

New Security Features

Google also introduced a beta feature allowing enterprise users to send end-to-end encrypted emails within their organization, with plans to expand this to all Gmail inboxes by year-end. This feature simplifies secure communications by eliminating the need for certificate management or key sharing.

“Google’s approach doesn’t require certificate management or key sharing, simplifying secure communications.” ([00:18:00] Buettner)

6. Oracle Faces Class Action Lawsuit Over Data Breaches

Legal Challenges

Oracle is currently embroiled in a class action lawsuit in Texas, filed by Michael Toik and law firm Seamus and Gentile. The suit alleges that Oracle violated Texas data breach notification laws by failing to inform victims within the required 60-day timeframe following breaches that exposed personal and health data.

Allegations

Negligence: Accusations center on Oracle's inadequate security practices leading to data exposure.
Lack of Transparency: Plaintiffs claim Oracle did not disclose the breach, nor did it explain how it occurred or assure data security post-breach.
Potential Risks: Continued risks of identity theft and financial loss for affected individuals.

Plaintiffs’ Demands

The lawsuit seeks:

Compensation for affected individuals
Improved cybersecurity practices within Oracle

“He and others expect to face ongoing risks of identity theft and financial loss.” ([00:19:20] Buettner)

Oracle has yet to issue a response to these allegations.

7. CISA Releases ICS Advisories on Rockwell Automation & Hitachi Energy

Critical Vulnerabilities Identified

On April 1, CISA (Cybersecurity and Infrastructure Security Agency) released advisories highlighting major vulnerabilities in products from Rockwell Automation and Hitachi Energy, posing significant risks to critical infrastructure sectors such as manufacturing, energy, water, and chemicals.

Rockwell Automation Advisory

Vulnerability: Deserialization flaw in systems using Veeam Backup and Replication
Impact: Allows remote code execution with administrative access
Mitigation: Patches are available and must be applied immediately

Hitachi Energy Advisory

Vulnerabilities: Includes a critical injection vulnerability in Micro SCADA Pro X SYS600
Affected Versions: Multiple versions are impacted
Mitigation: Patches provided for affected systems

CISA’s Recommendations

Immediate Patching: Apply available fixes without delay
Limit ICS Exposure: Restrict access to Industrial Control Systems
Secure Configurations: Implement best practices for system security

“No exploitation has been reported yet, but the agency stresses urgency due to the potential for severe disruption.” ([00:20:30] Buettner)

8. Exclusive Interview with General Paul Nakasone

Assessment of Evolving Cyber Threats

In an exclusive interview with The Record, former NSA and US Cyber Command Chief General Paul Nakasone provides a candid evaluation of America's shifting cyber threat landscape.

Key Insights

China’s Cyber Aggression: General Nakasone highlights Chinese campaigns such as Volt and SALT Typhoon as indicators that Beijing has surpassed Russia in both capability and intent. He notes, “This is nothing like we've seen before,” emphasizing the unprecedented nature of Chinese cyber operations ([00:21:00] Nakasone).
Critical Infrastructure Intrusions: Pointing to Chinese intrusions into critical US infrastructure, he underscores the necessity for enhanced cyber deterrence, rapid defense mechanisms, and robust partnerships across government, industry, and academia.
AI’s Dual-Use Potential: Now serving on the OpenAI board, Nakasone discusses the dual-use nature of AI technologies, which can be harnessed for both offensive and defensive purposes. He advocates for a national strategy encompassing data, energy, semiconductors, and talent to leverage AI’s potential responsibly.
Broader Strategic Concerns: From AI ethics to tensions in Taiwan and offensive cyber policies, Nakasone’s overarching message is clear: “The US must move faster or fall behind.” He stresses that proactive measures are essential to stay ahead in the cyber domain ([00:21:35] Nakasone).

9. Certbytes Segment: Cisco Enterprise Network Core Technologies Exam

Exam Overview

The episode features an insightful segment hosted by Chris and Troy, focusing on the Cisco Enterprise Network Core Technologies (350-401 ENCOR) exam.

Key Highlights

Certification Importance: The exam is a gateway to the Cisco Certified Specialist Enterprise Core certification, which also fulfills prerequisites for several other Cisco certifications, positioning candidates for roles such as network engineers.
Exam Structure: Beyond multiple-choice and drag-and-drop questions, the exam includes performance-based items that require hands-on configuration and troubleshooting of routers and switches.
Study Tips: Troy emphasizes the necessity of using network simulation tools to gain practical experience, ensuring readiness for the performance-based sections.

“You need to get lots of hands-on. So find some sort of a network simulation tool that allows you to practice working with routers and switches.” ([00:18:50] Troy)

Sample Question Breakdown

During the segment, Chris navigates a sample question about Enhanced Interior Gateway Routing Protocol (EIGRP) packet types, illustrating effective test-taking strategies even when unfamiliar with the subject matter.

Conclusion

This episode of CyberWire Daily provides a thorough exploration of recent cybersecurity developments, from essential browser updates and substantial data breaches to emerging cyber threats and legal challenges within the tech industry. The exclusive interview with General Paul Nakasone offers strategic insights into national cyber defense, underscoring the evolving nature of global cyber threats. Additionally, the Certbytes segment serves as a valuable resource for professionals seeking to advance their networking certifications. Collectively, the episode equips listeners with critical information and actionable insights to navigate the complex cybersecurity landscape.

For More Information:
Visit thecyberwire.com for detailed reports and additional resources related to today's topics.

Loading summary

Transcript27 lines

[00:02]
Dave Buettner
You're listening to the Cyberwire Network, powered by N2K. Looking for a career where innovation meets impact? Vanguard's technology team is shaping the future of financial services by solving complex challenges with cutting edge solutions. Whether you're passionate about AI, cybersecurity or cloud computing, Vanguard offers a dynamic and collaborative environment where your ideas drive change. With career growth opportunities and a focus on work life balance, you'll have the flexibility to thrive both professionally and personally. Explore open cybersecurity and technology roles today@vanguard jobs.com Google and Mozilla patch nearly two dozen security flaws the UK's Royal Mail Group sees 144 gigabytes of data stolen and leaked. A bizarre campaign looks to recruit cybersecurity professionals to hack Chinese websites. PostgreSQL servers with weak credentials have been compromised for cryptojacking Google Cloud patches, a vulnerability affecting its cloud run platform. Oracle faces a class action lawsuit over alleged cloud services data breaches. CISA releases ICS advisories detailing vulnerabilities in Rockwell Automation and Hitachi Energy products. General Paul Nakasone offers a candid assessment of America's evolving cyber threats. On today's Certbyte segment, a look at the Cisco Enterprise Network Core Technologies exam and are AI LLMs more like minds or mirrors? It's Wednesday, April 2, 2025. I'm Dave Buettner and this is your CyberWire Intel Brief. Thanks for joining us here today. It's great to have you with us. Google and Mozilla released updates on Tuesday to patch nearly two dozen security flaws in Chrome 135 and Firefox 137. Chrome 135 includes 14 fixes with a high severity use after free bug in navigations. Topping the list. Google paid $18,000 in bug bounties, including $10,000 to Philip Beer for a custom tabs issue. Firefox 137 addresses eight flaws, including three high severity memory bugs that could allow code execution. Mozilla also rolled out updates for Firefox, ESR and Thunderbird covering many of the same vulnerabilities. While there's no evidence these bugs are being exploited in the wild, both companies urge users to Update promptly. Chrome 135 is now available for Linux, Windows and macOS, while Firefox 137 is live for all supported platforms. A threat actor known as Ghna has leaked 144 gigabytes of data stolen from Royal Mail Group, a UK postal service and courier company, on breach forums following a similar Samsung breach. Both incidents trace back to a 2021 Infosteeler malware infection at Spectos, a third party data service provider. The leaked files include customer PII, internal Zoom recordings, mailing lists, delivery data and a WordPress SQL database. Hackers are increasingly using AI to extract value from such large data dumps, enabling faster, more targeted attacks. The breach exposes deep flaws in supply chain security, showing how old stolen credentials can lead to major breaches. Years later, the Royal Mail incident underscores the urgent need for better third party risk management, ongoing monitoring and AI aware defenses in cybersecurity strategies. A mysterious figure named Jack is offering up to $100,000 a month to cybersecurity professional to hack Chinese websites using web shells. This recruitment campaign spread via sockpuppet accounts on X Twitter features AI generated avatars and vague promises. The job Hack any website registered in China. No specific targets, just volume. Jack claims to want China's traffic but offers little explanation, even contradicting himself about working for the Indian government. Security experts are baffled. Some think it's trolling. Others suspect a bizarre attempt to infect Chinese users with malware. Despite its sketchiness, no one has reported phishing or malware links yet. In the words of one expert, the campaign is persistent, widespread and bizarre, with no clear motive or endgame. Over 1500 PostgreSQL servers with weak credentials have been compromised by the Jinx0126 campaign, a new wave of cryptojacking linked to earlier PG MEM malware. Attackers exploit a PostgreSQL SQL command to run system commands, kill competing miners, and deploy a binary that installs XMRig mining software. A spoofed postmaster binary ensures persistence and escalates privileges. According to Wiz, the campaign uses unique hashes and fileless execution to bypass detection, marking a sophisticated evolution in cloud targeted attacks. Google Cloud has patched a vulnerability called imagerunner, which affected its cloud run platform. Discovered by Tenable, the flaw allowed users with certain permissions to modify cloud run services and potentially access private container images. In the worst case, attackers could extract secrets and exfiltrate sensitive data. Google says they alerted customers in November of last year and fully deployed a fix by January 28th of this year. The update now enforces stricter IAM checks during deployments to prevent unauthorized image access. Elsewhere, Google has launched a beta feature allowing enterprise users to send end to end encrypted emails within their organization, with plans to expand it to all Gmail inboxes by year's end. Google's approach doesn't require certificate management or key sharing, simplifying secure communications. Organizations retain control of encryption keys, keeping messages secure and compliant with regulations. External recipients can access messages via a restricted interface or smime if supported. Additional Gmail security features, including data loss prevention and AI threat protection, are also now available. Oracle is facing a class action lawsuit in Texas over alleged data breaches tied to its cloud services. Filed by Floridian Michael Toik and law firm Seamus and Gentile, the suit accuses Oracle of violating Texas data breach notification laws by failing to alert victims within 60 days. The case alleges that Oracle's poor security practices led to the exposure of personal and health data and that the company has remained silent about the breach. Tykos claims Oracle didn't inform him of the incident, explain how it occurred, or confirmed data security. He and others expect to face ongoing risks of identity theft and financial loss. The plaintiffs seek compensation and demand Oracle improve its cybersecurity practices. Oracle has yet to respond to the allegations. On April 1, CISA released two ICS advisories detailing major vulnerabilities in Rockwell Automation and Hitachi energy products, posing risks to critical infrastructure. The Rockwell advisory warns of a deserialization flaw in systems using Veeam backup and replication, allowing remote code execution with admin access. Patches are available. The Hitachi advisory highlights several flaws, including a critical injection vulnerability in micro scada Pro X SYS600. Multiple versions are affected and there are fixes provided. These issues could impact manufacturing, energy, water and chemical sectors. CISA urges immediate action, patching systems, limiting ICS exposure and applying secure configurations. No exploitation has been reported yet, but the agency stresses urgency due to the potential for severe disruption. In an exclusive interview with the Record, former NSA and US Cyber Command Chief General Paul Nakasone offered a candid assessment of America's evolving cyber threats. A year out of government, Nakasone reflected on China's growing cyber aggression, describing the Volt and SALT typhoon campaigns as clear signs that Beijing has surpassed Russia in capability and intent. This is nothing like we've seen before, he warned, pointing to Chinese intrusions in critical US Infrastructure, Nakasone emphasized the urgent need for better cyber deterrence, faster defense and stronger partnerships across government, industry and academia. Now on the OpenAI board, he also discussed AI's dual use future powerful for both offense and defense, and called for a national strategy around data, energy, semiconductors and talent. From AI ethics to Taiwan tensions and offensive cyber policy, Nakasone's message was the US Must move faster or fall behind. Coming up after the break on today's Certbyte segment A look at the Cisco Enterprise Network Core Technologies exam and are AI LLMs more like minds or mirrors? Stay with us.
[10:59]
Troy
Foreign.
[11:09]
Dave Buettner
Dave here. Have you ever wondered where your personal information is lurking online? Like many of you, I was concerned about my data being sold by data brokers. So I decided to try Delete me. I have to say, delete me is a game changer. Within days of signing up, they started removing my personal information from hundreds of data brokers. I finally have peace of mind knowing my data Privacy is protected. DeleteMe's team does all the work for you with detailed reports so you know exactly what's been done. Take control of your data and keep your private life private by signing up for Deleteme now at a special discount for our listeners today. Get 20% off your DeleteMe plan when you go to JoinDeleteMe.com n2k and use promotional promo code n2k at checkout. The only way to get 20 off is to go to JoinDeleteMe.com N2K and enter code N2K at checkout. That's JoinDeleteMe.com N2k code N2K. Are you frustrated with cyber risk scores backed by mysterious data, zero context and cloudy reasoning? Typical cyber ratings are ineffective and the true risk story is begging to be told. It's time to cut the bs. Black Kite believes in seeing the full picture with more than a score. One where companies have complete clarity in their third party cyber risk using reliable quantitative data. Make better decisions, reduce your uncertainty. Trust Black Kite. On today's Certbytes segment, the Certbyte team looks at the Cisco Enterprise Network Core Technologies exam.
[13:17]
Chris
Hi everyone, it's Chris. I'm a content developer and project management specialist here at N2K Networks. Today's question targets the Cisco Enterprise Network Core Technologies 350, 401 Encore version 1.1, which was updated on September 20, 2023. This exam enables candidates to earn the Cisco Certified Specialist Enterprise Core certification, which can also be used to meet exam requirements for several other Cisco certifications. I've enlisted Troy once again as our new guest host. He's a specialist in all things Cisco, ISACA and EC Council. Welcome, Troy. How are you today?
[13:55]
Troy
I'm doing great, Chris. Thank you for having me.
[13:57]
Chris
Absolutely. Now, before we get into it, be sure to stick around after our question for our special study bit for this test, as well as for the latest News on upcoming N2K practice tests. Okay, we're going to be turning the tables and Troy, you're going to be asking me today's question. Troy, let me have it.
[14:15]
Troy
Okay, Chris, here's your question. It's a multiple choice, but only one answer is correct. Which of the following is not a packet type used by Enhanced Interior Gateway Routing Protocol or eigrp? Your choices are A query, B reply, C response, or D ack.
[14:39]
Chris
Right. So before I answer, Troy, I understand this is under the infrastructure objective and the layer 3 sub objective, correct?
[14:48]
Troy
That is correct. Okay.
[14:50]
Chris
And since I have no idea what an EIGRP is, can you please take a moment to explain that to me?
[14:57]
Troy
EIGRP is a routing protocol, and routing protocols are used by the routers to communicate with one another, to exchange what they know, the information they know about routes to various destinations. The beauty of a routing protocol is if we didn't have them, we'd have to manually program all the routes into the routers, and anytime a route changed, we'd have to make the change in the router. So it's sort of a language that they use to exchange information.
[15:31]
Chris
Great. And I know that this usually sounds like a stall tactic, and it kind of is. So I'm going to ask another question before I answer. Are there any other routing protocols that have the same or similar packet types used as the eigrp?
[15:46]
Troy
Yes. All of these routing protocols use different packet types to communicate. For example, OSPF or Open Shortest Path first uses about four or five different packet types with completely different names than what EIGRP has. But it is common that routing protocols would have similar packet types used by eigrp.
[16:13]
Chris
Okay, and I'm going to try a different tactic than I usually use. And I'm going to guess one of the R answers because I think there may be a distractor strategy with having two answer choices that start with the same letter. And there also may be something with the fact that this is a negative question as well. So I'm going to guess that the correct answer is B Reply. How did I do?
[16:39]
Troy
Good try, Chris, but unfortunately that is incorrect. The correct answer is B. Response. Response is not a packet type that EIGRP uses. The following are packet types used by eigrp. There is a packet called hello Acknowledge, which is used for them to establish neighbor relationships. And the ACK is used to acknowledge receiving something. The update packets are used to send a routing update to another router. Query packets are used to ask a neighboring router about a route. Reply packets are used to respond to a query about routing information. And then request packets are when a router asks another router specific information about router.
[17:32]
Chris
So I was at least correct in using the logic that out of two similar sounding answer choices, one may be the correct answer.
[17:40]
Troy
In this particular case, you were. I'd hate to say that that works every time, but if you were looking at an item and you had nothing else to go on, you were clueless. You might use that and not pick two that are very similar.
[17:55]
Chris
Okay, so that's interesting and I probably wouldn't use that tactic all the time, but in this case, in the absence of everything else, I just took my best guess. So that's great info. Now, Troy, can you please share what job level and type the certification is aimed at?
[18:13]
Troy
Yes, this is on the CCMP level, the professional level, whereas the CCNA level, the Associate level is sort of those that are starting out and perhaps they would work under the direction of a ccmp. So this is a higher level exam. This, the job role that this CERT would probably prepare you for would be to become a network engineer.
[18:41]
Chris
Okay, great. Great information and question, Troy. So now it's time to discuss the study bit for this test. What do you have for us?
[18:49]
Troy
Okay, my study bit on this is that you are going to have to not only answer multiple choice questions and drag and drop items, those type of items. On this exam you're also going to have to do some performance items. You're going to have to actually configure some routers and troubleshoot some issues. So you need to get lots of hands on. So find some sort of a network simulation tool that allows you to practice working with routers and switches so that you can complete those performance based items.
[19:26]
Chris
As we wrap up today's episode, are there any upcoming practice tests you'd like to promote here?
[19:31]
Troy
Yes, we just released the CompTIA Tech plus, the AWS Certified AI Practitioner and Azure AI Engineer Associate Practice Test. And we'll also have more coming up for Comptia, Microsoft and Oracle in the next month.
[19:51]
Chris
Great. Thanks so much for being here with me today, Troy.
[19:54]
Troy
Thank you.
[19:55]
Chris
And thank you for joining me for this week's CertFite. If you're actively studying for this certification and have any questions about study tips or even future certification questions you'd like to see, please feel free to email me at certbyte2k.com that's C E R-T V Y-T-E-2K.com if you'd like to learn more about N2K's practice tests, visit our website at n2k.com certify for sources and citations for this question, please check out our show notes. Happy certifying.
[20:30]
Dave Buettner
And don't forget, you can find out more about our Cisco Enterprise Network Core Technologies Practice exam on our website. Is your AppSec program actually reducing risk? Developers and AppSec teams drown in critical alerts, yet 95% of fixes don't reduce real risk. Why? Traditional tools use generic prioritization and lack the ability to filter real threats from noise. High impact threats slip through and surface in production, costing 10 times more to fix. AUX Security helps you focus on the 5% of issues that truly matter before they reach the cloud. Find out what risks deserve your attention in 2025. Download the application Security Benchmark from AUX Security. And finally, what if large AI models aren't on the verge of becoming sentient minds, but something even more profound? In a thought provoking reflection published in Science, a team of scholars suggests these systems are best seen not as artificial agents, but as revolutionary cultural and social technologies akin to writing markets or bureaucracies. Instead of mimicking human intelligence, these models absorb and remix the vast, messy, beautiful sprawl of human expression. Like economic prices or library catalogs, they compress and reorganize knowledge at a massive scale, letting us do something astonishing interact with the collective mind of humanity. But here's the they reflect not just our data, but our patterns, biases and histories. Their influence might rival that of the printing press. So what happens next? That depends not on AI alone, but on us. How we shape it, govern it, and use it to illuminate or obscure what it means to be human. It's an interesting article, well worth your time. For me, it reflects the notion that as much as we hope that AI will reflect an idealized version of who we aspire to be, all too often it reveals the cold, hard truth staring back at us, warts and all. And that's the Cyber Wire. For links to all of today's stories, check out our daily briefing@thecyberwire.com we'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like our show, please share a rating and review in your favorite podcast app. Please also fill out the survey in the show notes or send an email to cyberwiren2k.com N2K's senior producer is Alice Carruth. Our Cyberwire producer is Liz Stokes. We're mixed by Trey Hester with original music and sound design by Elliot Heltzman. Our executive producer is Jennifer Ibin. Peter Kilpe is our publisher. And I'm Dave Bittner. Thanks for listening. We'll see you back here tomorrow. Cyber threats are evolving every second. And staying ahead is more than just a challenge, it's a necessity. That's why we're thrilled to partner with ThreatLocker, the cybersecurity solution trusted by businesses worldwide. ThreatLocker is a full suite of solutions designed to give you total control, stopping unauthorized applications, securing sensitive data, and ensuring your organization runs smoothly and securely. Visit threatlocker.com today to see how a default deny approach can keep your company safe and compliant.