Fingers point east. - CyberWire Daily

Summary7 min read

CyberWire Daily: Episode Summary – "Fingers Point East"

Release Date: May 28, 2025
Host: Dave Bittner, N2K Networks
Guest: Tony Valleka, CEO of Cyberproof

1. Introduction

In the May 28, 2025 episode of CyberWire Daily, host Dave Bittner delves into a spectrum of pressing cybersecurity issues, ranging from state-sponsored cyber espionage to innovative threat management strategies. The episode also features an insightful interview with Tony Valleka, CEO of Cyberproof, who discusses the evolving landscape of exposure management and the integration of AI in cybersecurity.

2. Key Cybersecurity News

a. Chinese State-Sponsored Cyber Espionage in the Czech Republic
The Czech Republic has accused Chinese state-backed hackers, specifically the APT31 group linked to China's Ministry of State Security, of conducting a cyber espionage campaign targeting its Ministry of Foreign Affairs since 2022. Despite targeting an unclassified network without breaching it, Czech Foreign Minister Jan Lipovský stated, "China's interference efforts aim to weaken Czech democracy" [04:50]. The Czech authorities have shared their findings with EU and NATO allies, receiving support amid growing condemnation of China's cyber threats. China has yet to respond to these accusations.

b. Leadership Crisis at CISA
The Cybersecurity and Infrastructure Security Agency (CISA) is undergoing a significant leadership upheaval, with nearly all top officials resigning or planning to leave by the end of May [06:15]. Key figures like Matt Hartman and Boyden Rohner are among the departing leaders, raising concerns about the agency's capacity to manage rising cyber threats effectively. Experts warn that this exodus could undermine national cybersecurity and the support of critical infrastructures just when it is most needed.

c. Malware Spread via Fake AI Video Generator Websites
Cybercriminals are exploiting the popularity of AI tools by creating fraudulent websites that mimic legitimate services like Luma AI and Canva Dreamlab. These fake sites disseminate malware, including StarkVail, which steals data and opens backdoors for further access [07:30]. Mandiant has attributed this campaign to the Vietnamese group UNC6032. Meta has collaborated with Mandiant to remove many malicious ads, highlighting the widespread threat posed by deceptive AI tool fronts.

d. Browser Security Updates
Google and Mozilla have released updates—Chrome 137 and Firefox 139 respectively—to address 21 security vulnerabilities, including high-severity flaws that could allow code execution or crashes [09:45]. Users are urged to update their browsers promptly to protect against these vulnerabilities, which are common exploitation targets for attackers.

e. Stealthy Phishing Campaign Delivering Remcos RAT via DBAT Loader
Researchers at Any Run have identified a sophisticated phishing campaign that delivers the Remcos Remote Access Trojan (RAT) through the DBAT Loader [11:10]. The attack employs obfuscated scripts and legitimate Windows tools to evade detection. Victims receive phishing emails containing malicious archives that trigger the attack chain, ultimately embedding Remcos into trusted processes for persistent access. This highlights the need for dynamic analysis to counter modern evasive threats effectively.

f. Fake Bitdefender Website Spreading Malware
A fraudulent Bitdefender download site, BitdefenderDownload.co, is distributing malware aimed at stealing financial data and ensuring long-term system access [13:00]. The site mirrors the legitimate Bitdefender download page and entices users to download a zip file containing Venom Rat, Storm Kitty, and Silent Trinity malware. Bitdefender is actively working to take down the site, and Chrome now blocks access to the malicious link. Users are advised to download antivirus software only from official sources.

g. Medusa Ransomware Breach of ReMax
Medusa ransomware has claimed responsibility for breaching the global real estate firm ReMax, exfiltrating 150 gigabytes of data and demanding a $200,000 ransom [14:00]. Although ReMax has not confirmed the breach, the leaked data reportedly includes sensitive information such as agent contact details and property schematics from 2021 to 2023. Security experts warn of potential risks like identity theft and fraud resulting from the exposed data.

h. Critical Vulnerability in Johnson Control's I Star Configuration Tool
CISA has issued an advisory regarding a critical memory leak vulnerability in Johnson Control's I Star Configuration utility tool, affecting all versions prior to 6.9.5 [15:30]. With a CVSS score of 7.4, this flaw could expose sensitive data and impact industrial control systems across vital sectors like energy and transportation. CISA recommends implementing defense-in-depth strategies, including network segmentation and regular security assessments.

i. Guilty Plea of Iranian National for Ransomware Attacks
Iranian national Sina Golenahad has pleaded guilty to deploying Robin Hood ransomware targeting several U.S. cities, including Baltimore and Greenville, North Carolina [17:20]. His actions have caused tens of millions in damages and disrupted essential public services. Golenahad faces up to 30 years in prison, with sentencing scheduled for August. The Justice Department highlighted the significance of international cooperation in apprehending cybercriminals, emphasizing that attacks on critical public systems will face severe consequences.

3. Interview with Tony Valleka, CEO of Cyberproof

a. Exposure Management and Risk-Focused Approach
In an in-depth conversation, Tony Valleka discusses the evolution of exposure management towards a more risk-focused approach. He emphasizes the shift from traditional "single pane of glass" models to systems that prioritize proactive threat mitigation based on cost-effectiveness. Valleka states, "The single pane of glass needs to start guiding people on what's the best dollar next dollar spent to reduce my cyber risk" [15:16]. This approach involves understanding where to allocate resources for maximum risk reduction, whether through exposure reduction, detection rule enhancements, or enhanced threat intelligence.

b. Tailoring Risk Assessment to Organizational Needs
Valleka highlights the importance of customizing risk assessments to fit an organization's specific needs, noting that "risk itself needs to be tailored to the organization that you have" [16:35]. He critiques traditional models that attempt to quantify risk in monetary terms, advocating instead for prioritizing actions that effectively mitigate the most pertinent threats.

c. Common Blind Spots in Risk Evaluation
Addressing common blind spots, Valleka points out that many organizations struggle to operationalize threat intelligence, making it difficult to prioritize exposures effectively [17:53]. He underscores the necessity of a continuous view of threat actors' activities and ensuring that security operations can detect and respond to current attack techniques.

d. Integration of AI in Cybersecurity
AI remains a pivotal topic, with Valleka discussing both its potential and challenges in cybersecurity [20:33]. He notes the emergence of agentic AI for tasks like threat hunting and Level 1 Security Operations Center (SOC) duties, stating, "This has a promise of maybe offloading today... purpose-built agents to do threat hunting and L1 SOC" [20:54]. Valleka also emphasizes the importance of regulatory frameworks for AI, such as the OAUTH top 10 for Large Language Models (LLMs), to guide ethical and effective AI usage in security contexts.

e. Advice for Cybersecurity Professionals
For those embarking on enhancing their organization's exposure management, Valleka advises focusing on execution and effective communication [24:07]. He encourages security teams to prioritize their actions, communicate risks in business terms, and maintain flexibility to adapt to the rapidly changing threat landscape.

f. Insights from RSAC 2025
Valleka shares his experiences from the RSAC 2025 conference, highlighting the innovation and problem-solving approaches of new startups [25:14]. He emphasizes the industry's responsibility to support and integrate innovative solutions to advance cybersecurity measures.

4. Emerging Concerns in Neurotechnology Privacy

Towards the end of the episode, Bittner addresses alarming developments in neurotechnology privacy. U.S. senators Chuck Schumer, Maria Cantwell, and Ed Markley have urged the FTC to investigate brain-computer interface companies for potential violations of mental privacy [26:30]. A Neuro Rights foundation study revealed that 29 out of 30 neurotech firms collect users' brain-related data, often without explicit consent. Without stringent regulations, these technologies risk becoming tools for invasive data mining, threatening individuals' mental privacy, identity, and autonomy. The segment underscores the urgent need for regulatory frameworks to protect sensitive cognitive data.

5. Conclusion

In this episode of CyberWire Daily, Dave Bittner provides a comprehensive overview of significant cybersecurity threats and trends, while Tony Valleka offers expert insights into evolving exposure management strategies and the integration of AI in cybersecurity practices. The discussion highlights the critical need for tailored risk assessments, proactive threat prioritization, and robust regulatory measures to safeguard both digital and cognitive privacy.

Notable Quotes:

Tony Valleka on Single Pane of Glass Evolution:
"The single pane of glass needs to start guiding people on what's the best dollar next dollar spent to reduce my cyber risk." [15:16]
Valleka on Risk Tailoring:
"Risk itself needs to be tailored to the organization that you have." [16:35]
On AI's Role in Cybersecurity:
"This has a promise of maybe offloading today... purpose-built agents to do threat hunting and L1 SOC." [20:54]
Advice to Cybersecurity Professionals:
"Step back, take a look at the landscape, pick your priorities, take a deep breath and execute." [24:07]

For more detailed insights and daily updates, visit CyberWire Daily.

Loading summary

Transcript41 lines

[00:02]
Dave Bittner
You're listening to the Cyberwire network, powered by N2K. Hey everybody, Dave here. I've talked about Deleteme before and I'm still using it because it still works. It's been a few months now and I'm just as impressed today as I was when I signed up. Deleteme keeps finding and removing my personal information from data broker sites and they keep me updated with detailed reports so I know exactly what's been taken down. I'm genuinely relieved. Knowing my privacy isn't something I have to worry about every day. The Deleteme team handles everything. It's the set it and forget it peace of mind. And it's not just for individuals. Delete Me also offers solutions for businesses, helping companies protect their employees personal information and reduce exposure to social engineering and phishing threats. And right now our listeners get a special 20% off your delete me plan. Just go to JoinDeleteMe.com N2K and use promo code N2K at checkout. That's JoinDeleteMe.com N2k code N2K.
[01:26]
Tony Valleka
Foreign.
[01:34]
Dave Bittner
The Czech Republic accuses Chinese state backed hackers of cyber espionage CISA's leaders head for the exits cybercriminals are using fake AI video generator websites to spread malware. A stealthy phishing campaign delivers the Remcos RAT via DBAT Loader. A fake bitdefender website spreads malware targeting financial data. Medusa ransomware claims to have breached global real estate firm ReMax. An Iranian national faces up to 30 years in prison for ransomware targeting US cities. Our guest is Tony Valleka, Cyberproof CEO, discussing exposure management and a more risk focused approach to prioritize threats and mind reading for fun and profit. It's Wednesday, May 28, 2025. I'm Dave Bittner and this is your Cyberwire Intel Briefing. Thanks for joining us. It's great as always to have you here with us. The Czech Republic has accused Chinese state backed hackers of targeting its Ministry of Foreign affairs in cyber espionage campaign that began in 2022. An investigation by Czech intelligence and cybersecurity agencies linked the attack to APT31, a group associated with China's Ministry of State Security. The hackers targeted an unclassified network but may not have breached it. Foreign Minister Jan Leposky condemned China's interference, citing efforts to weaken Czech democracy. He summoned the Chinese ambassador and highlighted new security measures the US and UK previously sanctioned APT31. The group also allegedly targeted British lawmakers. Czech officials shared findings with EU and NATO allies. Both organizations backed Prague, with NATO condemning China's increased cyber threats. China has not yet responded. The cybersecurity and infrastructure Security agency is facing a major leadership crisis, with nearly all its top officials having left or set to leave by the end of May, cybersecurity dive reports. An internal email revealed that five of CISA's six operational divisions and most regional offices are losing senior leaders, including key figures like Matt Hartman and Boyden Rohner. These departures come amid rising cyber threats from foreign adversaries and have sparked concern over the agency's stability and effectiveness. Experts and insiders warn the loss of seasoned leadership may weaken CISA's ability to support critical infrastructure and partner agencies. Field directors who helped expand CISA's reach across the US are also stepping down, further fueling uncertainty. While CISA's leadership insists the agency remains mission focused, morale is low and doubts about the agency's future are growing. Critics fear this exodus will hurt national cybersecurity and resilience at a critical time. Cybercriminals are using fake AI video generator websites to spread malware. Google's Mandiant unit has found These scammers create fraudulent sites mimicking tools like Luma AI and Canva Dreamlab, promoting them through thousands of malicious ads on platforms like Facebook and LinkedIn. Victims lured in by the ads are tricked into downloading malware such as StarkVail, which steals data and opens backdoors for further access. Mandiant attributes the campaign to a group named UNC6032, likely based in Vietnam. Since mid-2024, the campaign has impacted users globally, stealing credentials, cookies and credit card info via Telegram. Meta removed many of the malicious ads, proactively aided by Mandiant's use of Meta's ad library. The campaign reveals how fake AI tools are now a widespread threat not just to tech professionals, but to anyone tempted by trendy, seemingly legitimate AI services. Google and Mozilla have released Chrome 137 and Firefox 139, addressing 21 security vulnerabilities, including three rated high severity. Chrome 137 includes 11 fixes, notably two high risk memory issues that could allow code execution or crashes. Firefox 139 patches 10 flaws, including a high severity Double free bug updates were also issued for Firefox, ESR and Thunderbird, though no act of exploitation was reported. Users are urged to update promptly, as browser vulnerabilities are common targets for attackers. Researchers at any run have uncovered a stealthy phishing campaign delivering the remcos RAT via DBAT Loader the attack uses obfuscated CMD scripts, user account control bypass and legitimate Windows tools to evade detection. Victims receive phishing emails containing an archive with Factura exe, which triggers the attack chain, DBAT loader execution, script obfuscation and malware injection. Remcos is stealthily embedded into trusted processes and persistence is ensured through scheduled tasks and registry edits. This campaign shows how attackers exploit curiosity around AI tools and rely on native OS behavior to bypass traditional security. The researchers stress the importance of a dynamic analysis to detect and respond to modern evasive threats effectively. Cybercriminals have created a fake Bitdefender antivirus website, Bitdefender Download Co, to spread malware targeting financial data and enabling long term system access. The fraudulent site closely mimics the real bitdefender download page, tricking users into downloading a zip file containing Venom Rat, Storm Kitty, and Silent Trinity. Venom Rat steals files, crypto wallets and credit card data, while Storm Kitty harvests credentials and Silent Trinity ensures persistent access. The attackers host files via BitBucket and Amazon S3 to appear legitimate. The campaign is part of a broader phishing operation using shared infrastructure with fake banking sites. Domain tools Researchers identified a common command and control server and warned of the attacker's dual quick financial theft and long term system control. Bitdefender is working to take the site down and Chrome now blocks the link. Experts urge users to download antivirus software only from official sites and remain cautious of unsolicited prompts. Medusa ransomware claims to have breached global real estate firm ReMax, exfiltrating 150 gigabytes of data and demanding a $200,000 ransom. The group posted samples on its Dark Web leak site, threatening public release in under 18 days. While ReMax hasn't confirmed the breach, leaked data includes agent contact details, commissions, internal documents and property schematics, mostly from 2021 through 2023. Security experts warn the full data set may contain more sensitive information, posing risks of identity theft, fraud and property scams, along with reputational and financial damage to ReMax. CISA has issued an advisory for a critical memory leak vulnerability in Johnson Control's I Star Configuration utility tool, impacting all versions prior to 6.9.5. The flaw, due to the use of uninitialized variables, could expose sensitive data and affect industrial control systems vital to sectors like energy, transportation and manufacturing. With a CVSS score of 7.4, the bug requires adjacent network access but no authentication. CISA urges defense in depth strategies such as network segmentation and regular assessments to mitigate risks. Iranian national Sina Golenahad, age 37, pleaded guilty to deploying Robin Hood ransomware in attacks that hit several U.S. cities, including Baltimore and Greenville, North Carolina. His actions caused tens of millions in damages and disrupted essential public services. The 2019 Baltimore hack alone inflicted $19 million in losses, forcing the city offline for months. Prosecutors say Go Linohad and his co conspirators began the attacks in 2019, extorting victims with threats of similar consequences. They targeted municipalities in New York, Oregon and beyond until March 2024. Go linohad faces up to 30 years in prison, with sentencing set for August. He was detained in North Carolina with help from Bulgarian authorities. The Justice Department emphasized that cyber attacks on critical public systems won't go unpunished and thanked international partners for their support. In the Coming up after the break, my conversation with Tony Valleca, Cyberproof CEO. We're discussing exposure management in a more risk focused approach to prioritize threats and mind reading for fun and profit. Stick around and now a word from our sponsor. Spy Cloud Identity is the new battleground and attackers are exploiting stolen identities to infiltrate your organization. Traditional defenses can't keep up. Spy Cloud's holistic identity threat protection helps security teams uncover and automatically remediate hidden exposures across your users from breaches, malware and phishing. To neutralize identity based threats like account takeover, fraud and ransomware, don't let invisible threats compromise your business. Get your free corporate darknet exposure report@spycloud.com cyberwire and see what attackers already know. That's spycloud.com cyberwire compliance regulations, third party.
[13:07]
Vanta Representative
Risk and customer security demands are all growing and changing fast. Is your manual GRC program actually slowing you down? If you've ever found yourself drowning in spreadsheets, chasing down screenshots or wrangling manual processes just to keep your GRC program on track, you're not alone. But let's be clear. There is a better way. Vanta's trust management platform takes the headache out of governance, risk and compliance. It automates the essentials from internal and third party risk to consumer trust, making your security posture stronger. Yes, even helping to drive revenue. And this isn't just nice to have. According to a recent analysis from IDC, teams using Vanta saw a 129% boost in productivity. That's not a typo, that's real impact. So if you're ready to trade in chaos for clarity, check out Vanta and bring some serious efficiency to your GRC game Vanta GRC how much easier trust can be. Get started@vanta.com Cyber.
[14:25]
Dave Bittner
Tony Vilika is CEO at Cyberproof. I recently caught up with him on the show floor of the RSAC conference. In today's sponsored Industry Voices segment we discuss exposure management and a more risk focused approach to prioritize threats.
[14:42]
Tony Valleka
Well, I am thrilled to be here at RSAC 2025. We are right here on the show floor as you can see and here. And it is my pleasure to be joined today by Tony Valleka. He is the CEO at Cyberproof.
[14:56]
Dave Bittner
Tony, welcome.
[14:57]
Tony Valleka
Thank you. I'm excited.
[14:59]
So our conversation today, we are focusing on this very interesting metaphor that you shared with me and I'm going to read it here. This is the idea, this is the idea of an elusive single pane of glass. Please explain.
[15:17]
Well, I think most people know that the single pane of glass was something we used to call the idea of a sim. Originally when we had a sock. Right. We wanted to bring all this information into a single pane of glass. But as we look forward, it's not just the defensive capabilities that are important. We're looking more at the more proactive things we can do in cybersecurity. So anything that we do in cybersecurity always has a denominator of cost. So nobody ever wants to spend a buck more than they have to to protect themselves and bring down their risk. So to me, the single pane of glass needs to start guiding people on what's the best dollar next dollar spent to reduce my cyber risk. So that's the proactive side and the, and the defensive side. And some companies are even talking about the predictive side. What is the next generation of attack coming with AI and how do I protect myself against that?
[16:09]
Yeah, well, I mean, I think when we're talking about glass, there are a couple of things I think of. There's of course, in case of emergency, break glass.
[16:18]
Dave Bittner
Right.
[16:20]
Tony Valleka
But then like there's plate glass, there's tempered glass, and those break in very different ways. Does that metaphor extend to security? That not everyone's glass is created the same, not everyone's risk profile is the same?
[16:35]
Yeah, no, that's, that's a, that's a great analogy actually because in fact, with many of our large enterprise clients, they're saying I need to look at risk the way I need to look at risk. Right. And this comes back to one of the foundational concepts, which is risk itself needs to be tailored to the organization that you have. And it becomes a language for example, you need to know where your riskiest assets are, where your crown jewels, as they used to say are, and these sorts of things.
[17:02]
Dave Bittner
Right.
[17:02]
Tony Valleka
And I think also a lot of times when we talk about risk, people think that, hey, we're trying to add up the dollars and say I'm carrying $500 million worth of risk. I think that's where the models fail because nobody can really tell you how much risk you're carrying. The insurance providers may want that and their cyber risk, but I think the models will break down. What we really want to know is where do we spend that next dollar and should I spend it on, you know, reducing exposure to an attack or should I build a new detection rule or should I invest in better threat intelligence? So these are, this is more of a, of more of analysis on how I optimize my spend to be able to get the maximum reduction in risk, in my view.
[17:47]
Are there common blind spots that people have when it comes to evaluating their risk?
[17:54]
Oh, I think so. And I think we've been blessed with a new, with a new framework, which is a mitre, ATT and CK framework because honestly, risk used to be, am I going to get fined by the regulators? And I think risk has moved to am I at risk of a major ransomware breach and ransomware? You know, if you look where cybercrime is going this year with the Ukraine war and the wars in the Middle east, you're seeing a lot of focus on OT and systems like this, abilities, the capabilities to attack those types of systems that's going to flow down to cybercrime. And you're going to likely see those people that might have the biggest impact by having their manufacturing monitoring sites shut down. Our hospitals you saw last year. So these are the types of areas you're going to see new risks show up. So what do I need to do to protect a lot of these new environments from these new capabilities? So that's the way I think it shows up for me. And balancing some of these areas we may not be looking at today but need to look at tomorrow. Right.
[18:56]
How do you recommend that people balance their risk in, of terms, in terms of the things they're obligated to, the compliance things like you mentioned, but then also the sort of more real time risk, like you said, things like ransomware, the smoking hole in the ground, that sort of thing. The things you don't see coming, no one has unlimited resources. So the things you have to take care of, how do you turn that dial?
[19:25]
So my point of view is that you're gonna see a lot more, less. Three or four years everybody's talking about threat intelligence, threat intelligence. Now I get a lot of great reports coming in on threat intelligence, but how do I operationalize that in a way that I can prioritize my exposures? So I think this, this year you're going to see a lot. You're seeing the words continuous threat, exposure, management. I think you're going to see focusing on the threat actors that are important to you, your industry, where you're at, what technology you're running, being able to understand those campaigns, the tactics at the tactics and technique level and then to be able to understand where you're exposed to those tactics and techniques. So it's a, it's around a continuous view of what the threat actors are targeting you and flowing that all the way through your organization. And on the, on the defensive side you have to understand whether you can even, you have the detections in your systems. Most security operations teams that are maybe even using outside provider don't know what they're actually able to see and what they can't see. And they probably can't tell you whether, how that compares to the threat actors and the techniques that they're running today. Right.
[20:34]
We're here at RSAC 25 and of course AI is still the hot topic for you and your colleagues at Cyber Proof. How does that play into the equation?
[20:46]
Great, great question. Obviously you can't go to any interview today and not talk about AI.
[20:51]
No, it'd be malpractice for me not to ask you about it.
[20:54]
So, so in that, in that vein, I think there's two sides of, there's AI for security, which is the exciting side for me. What can we do? And I think you're seeing this agentic AI just taking off very quickly. This has a promise of maybe offloading today. We probably have analytical tools that'll give us a lot more problems than, than we can solve. So we need the agents to be able to help us solve some of those tools. And you're going to see purpose built agents to do threat hunting and L1 SOC and things like that. And I think that's going to, that's going to mature very quickly. So that's, that's the positive side. I think the CISOs that get ahead and lay the foundation for a solid framework, you're seeing like the OAuth top 10 for LLMs and things now putting these frameworks in early. I think it's an opportunity for them to take leadership positions in Companies because there are very few roles in an organization that understands all aspects of regulatory compliance, the technical aspects and even the business aspects which most CISOs have to in their jobs today. So I think there's an opportunity, but I also think it's like anything, it's a cold war. It's going to be changing so quickly. You got to stay ahead of it and you got to make it a priority or you're going to get behind.
[22:08]
Dave Bittner
Yeah, yeah.
[22:09]
Tony Valleka
For the people who are well along on this journey with a company like.
[22:14]
Dave Bittner
Yours.
[22:17]
Tony Valleka
What are they enjoying? What does success look like? You know, their day to day of feeling like we have this under a certain amount of control.
[22:26]
You know, as you say, we tend to work for the larger enterprise companies and more sophisticated companies. And for those, I like to say, do they have a well managed estate? And because I'm hearing this word used more and more often is do I know where all assets do all my assets under management. Am I able to make sense of this complex environment and to be able to take advantage of some of this continuous threat exposure management that you're seeing coming out or attack surface prioritization or even is my SOC able to see all the things that I need? So I think a lot of it is just putting, and I don't even like to call it governance anymore, honestly. I think it's a continuous process of making sure that you're, you're, you're keeping your estate well managed so that you can do it. The other problem that I hear many times is do you have, you have the ability? A lot of times our security teams own the responsibility for the security, but they don't have the cape, they don't own the teams that are actually doing things. So you're going to see software development being much more important. Right. The kind of defects are entered into that or LLMs, but those teams are not necessarily own. So there may be governance responsibility, but they don't have the responsibility to actually do the fixing. So I think that ability to make sure that you have the right leverage and working with those teams to get things done is going to be critical as this, as we change, as the change happens. Right?
[23:52]
Dave Bittner
Yeah.
[23:52]
Tony Valleka
What about for the person who's on the other side of that journey who's just getting started, looks at it and feels a little overwhelmed, you know, like how am I going to start taking bites out of this problem? What's your words of wisdom for, for.
[24:07]
Them, you know, it's, it's great. I think all security people probably feel overwhelmed. No matter what. So now step back, take a look at the landscape, pick your priorities, take a deep breath and. And execute. Right. I think execution will be key. We're all going to be wrong about something because we don't know and it's going to be changing so quickly. I think it's also communicate effectively. I think that's an area that most of us in security can move from a technical conversation into more of a business conversation. It'll be important and you know, execute, execute, execute, execute. That's my.
[24:46]
Dave Bittner
Yeah.
[24:47]
Tony Valleka
Before I let you go, RSAC for you. What do you get out of this show? What do you hope to accomplish? What are the things you look forward to? Getting together with all of your friends and colleagues here?
[24:59]
I'm always amazed when the show of what, 40,000 plus people is here, how many people I run into. I know and I forget. So I love just, you know, reconnecting with me. People like right outside the booth, I ran into somebody hadn't seen in about five years. So. But the second is I'm always shocked at the innovation, the new startups that are coming, the problems that they're solving. And I think one of the challenges, you know, you got to get, you got to figure out which, you don't know which one of those is going to be successful. But I think we're at this point where we, the industry has a responsibility to try some of these things out and to make sure that we're always progressing on that, on the innovation front. So I learn a lot from talking to many of these startups about how they look at the problem.
[25:41]
Dave Bittner
Yeah.
[25:42]
Tony Valleka
Well, Tony, thank you so much for taking the time for us. It was a real pleasure to get.
[25:46]
To chat with you and likewise, I always enjoy these conversations. It always makes me think.
[25:50]
All right, have a good show. See you soon.
[25:52]
Bye.
[25:54]
Dave Bittner
That's Tony Villecca from Cyber Proof. And finally, imagine popping on a sleek little meditation headband for some self care, only to find you've accidentally signed away the intimate details of your inner monologue. That's the unsettling reality U.S. senators Chuck Schumer, Maria Cantwell and Ed Markley are now raising alarms about. They've asked the FTC to investigate brain computer interface companies because apparently reading your mind isn't off limits if it's in the fine print. A Neuro Rights foundation study found 29 out of 30 neurotech firms are scooping up users BR data but only 14 bother to ask for permission. And unless you're in the EU or lucky enough to live in California, your brain waves are basically up for grabs. These tools promise breakthroughs communication for the paralyzed, early Alzheimer's detection or boosted focus. But without regulation, they might just become thought mining machines for profit. The stakes include your mental privacy, identity and autonomy, because apparently, what were you thinking? Might soon be a data point. And that's the Cyberwire. For links to all of today's stories, check out our daily briefing@thecyberwire.com N2K's senior producer is Alice Carruth. Our Cyberwire producer is Liz Stokes. We're mixed by Trey Hester with original music and sound design by Elliot Keltzman. Our executive producer is Jennifer Ibin. Peter Kilpe is our publisher. And I'm Dave Bittner. Thanks for listening. We'll see you back here tomorrow. And now a word from our sponsor. Threat Threat Locker. Keeping your system secure shouldn't mean constantly reacting to threats. Threat Locker helps you take a different approach by giving you full control over what software can run in your environment. If it's not approved, it doesn't run. Simple as that. It's a way to stop ransomware and other attacks before they start without adding extra complexity to your day. See how ThreatLocker can help you lock down your environment at www.threatlocker.com.