Kimsuky gets kim-sunk. - CyberWire Daily

Summary6 min read

CyberWire Daily: "Kimsuky Gets Kim-Sunk" – August 12, 2025

N2K Networks’ CyberWire Daily delivers the latest in cybersecurity news and expert analysis. In this episode titled "Kimsuky Gets Kim-Sunk," host Dave Buettner covers a range of critical cybersecurity incidents, including data breaches, ransomware attacks, and vulnerabilities in emerging technologies. The episode also features an insightful interview with Sean Dube, Principal Technologist at Sempras, discussing the evolving landscape of ransomware.

1. Kimsuky Data Leak

Timestamp: [02:00]

Two hackers, known as Saber and Cyborg, publicly leaked 8.9 gigabytes of backend data from the North Korean state-sponsored hacking group Kimsuky. This leak, hosted on the Distributed Denial of Secrets platform, revealed crucial information including:

Infrastructure Details: Phishing tools, malware, source code, and operational logs.
Targeted Phishing Kits: Specifically aimed at South Korean government websites.
Technical Artifacts: Cobalt Strike loaders, reverse shells, SSH logs, private certificates, and VPN purchase links.

Impact:

Operational Disruption: Potential hindrance to Kimsuky’s espionage activities against South Korea and other global entities.
Intelligence Value: Provides cybersecurity analysts with actionable data to bolster defenses and craft targeted countermeasures.

Expert Insight: "While the exposure may hinder ongoing operations, experts note long-term impact is uncertain," notes Buettner.

2. Ransomware Attack on Dutch Clinical Diagnostics Lab

Timestamp: [03:00]

The Dutch National Molecular Diagnostics Laboratories (NMDL) suffered a ransomware attack compromising personal and medical data of approximately 485,000 women involved in the national Cervical Cancer Screening Program. Key points include:

Data Compromised: Names, addresses, medical test results, and historical records, some already available on the Dark Web.
Response Delay: The lab took nearly five weeks to report the breach, exceeding the EU’s 72-hour notification requirement.
Operational Impact: Population Screening Netherlands severed ties with NMDL, relocating testing to maintain program continuity.

3. Data Breach at Manpower

Timestamp: [05:00]

ManpowerGroup, one of the world’s largest staffing firms, is notifying over 144,000 individuals about a significant data breach that occurred between December 29, 2024, and January 12, 2025. Highlights include:

Data Stolen: 500 gigabytes encompassing sensitive personal, corporate, and financial records, including passport scans and Social Security numbers.
Ransom Hub’s Involvement: The ransomware group Ransom Hub claimed responsibility, later removing some data from their leak site, indicating possible ransom payments.
Response Measures: ManpowerGroup has enhanced IT security, is collaborating with the FBI, and is offering free credit monitoring through Equifax.

Notable Quote: "Manpower says they've strengthened IT security, that they're working with the FBI and that they're offering free credit monitoring through Equifax." [05:45]

4. Interlock Ransomware Gang Attacks St. Paul, Minnesota

Timestamp: [06:30]

St. Paul confirmed that the Interlock ransomware gang was responsible for a cyber attack in July 2025, which disrupted city systems. Key details:

Impact: City operations faced delays in online payments and services, although emergency services remained unaffected.
Ransom Demand: Interlock claims to have stolen 66,000 files, leaking some online despite the city’s refusal to pay.
Gang Profile: Active since 2024, Interlock focuses on global organizations, particularly in the healthcare sector, with prior breaches at DaVita and Kettering Health.

5. GPT-5 Jailbreak Reveals Security Flaws

Timestamp: [07:30]

Just 24 hours after the launch of OpenAI’s GPT-5, researchers at Tenable successfully bypassed its new Safe Completions safety system. The jailbreak involved:

Methodology: A four-step crescendo approach where Tenable posed as a history student to gradually elicit harmful instructions.
Outcome: Obtained detailed instructions for creating a Molotov cocktail.
Concerns: Highlights significant security vulnerabilities in GPT-5, with other researchers also reporting similar issues.

Notable Quote: "Using a four step crescendo approach, Tenable posed as a history student, gradually steering the model toward providing dangerous instructions." [08:30]

OpenAI’s Response: The company is actively working on fixes but warns of potential risks if the model is used without adequate safeguards.

6. Pennsylvania Attorney General’s Office Cyber Incident

Timestamp: [08:00]

A severe cyber incident has rendered the Pennsylvania Attorney General’s office entirely offline, affecting:

Systems Impacted: Website, email, and phone systems are non-operational.
Current Status: Staff are limited to coordinating internally to minimize disruptions; the nature of the attack and data exposure details remain undisclosed.
Response: Collaboration with law enforcement is underway to investigate and restore full functionality.

7. Financial Risk from Operational Technology (OT) Cyber Incidents

Timestamp: [09:00]

Dragos, in partnership with Marsh McLennan’s Cyber Risk Intelligence Center, released the 2025 OT Security Financial Risk Report. Key findings include:

Global Exposure: Potential OT cyber risk exposure could reach $329.5 billion in extreme but plausible scenarios.
Business Interruption: Accounts for up to 70% of the total financial impact.
Top Risk Mitigation Controls:
1. Incident Response Planning
2. Defensible Architecture
3. ICS Network Visibility and Monitoring

Expert Insight: The report offers a data-informed framework for executives and insurers to prioritize risk mitigation and justify investments in OT security.

8. Finnish Prosecutors Charge Russian Captain Over Subsea Cables Damage

Timestamp: [10:30]

Finnish authorities have charged the captain and two senior officers of the Russian-linked tanker Eagle S with aggravated criminal mischief and interference with communications. Details include:

Incident: The ship allegedly dragged its anchor for 90 kilometers, damaging five critical subsea cables in the Baltic Sea.
Financial Impact: Estimated repair costs exceed 60 million euros.
Security Implications: Compromises Finland’s energy and telecom infrastructure.
NATO’s Stance: Warns of increased sabotage threats in the Baltic region.
Defense: The suspects deny the charges, citing jurisdictional issues.

9. Industry Voices: Sean Dube on the Global State of Ransomware

Timestamp: [12:00]

In the Industry Voices segment, Sean Dube, Principal Technologist at Sempras, discusses insights from the latest ransomware trends:

Ransomware Success Rate: Despite a reported slight decrease, Dube emphasizes that it's "almost statistically insignificant" and cautions against complacency.

Notable Quote: "It's human nature to say, yay, we're winning and we're doing a good job. But the reality is that easing off the throttle based on a modest trend in the direction you want to see, it's a mistake." [12:27]
AI-Driven Attacks: AI tools are making ransomware attacks more sophisticated and easier to execute, lowering the barrier for threat actors.

Notable Quote: "The tools, for example, AI, they're making attacks both easier and they're making them more sophisticated." [13:38]
Focus on Identity Systems: Identity remains the central target for attackers, with systems like Microsoft Identity and Active Directory being particularly vulnerable.

Notable Quote: "Identity isn't a security problem. Identity is the security problem." – Jen Easterly [15:47]
Resilience Over Ransom Payments: Emphasizes the importance of building resilience to reduce the likelihood of paying ransoms.

Notable Quote: "The more resilient you are, the less likely you are to pay a ransom to get your service back." [20:50]
Recommendations:
- Strengthen fundamental security principles.
- Minimize attack surfaces, particularly in identity infrastructure.
- Invest in incident response planning and defensible architectures.

10. DEF CON Report: Smart Buses Vulnerabilities

Timestamp: [24:00]

At DEF CON 2025, researchers Qao Lin Yu and Kai Xing Wang exposed critical vulnerabilities in Taiwan’s smart buses:

Vulnerability Points:
- Network Segmentation: Lack thereof allowed access from passenger Wi-Fi to driver assistance and transport management systems.
- Default Passwords: Usage of easily guessable passwords like "password123".
- Technical Flaws: Command injections, MQTT backdoors, and lack of encryption.
Potential Exploits:
- Surveillance: Tracking buses and spying via onboard cameras.
- Data Falsification: Manipulating GPS data or dispatching false service outage signals.

Impact: These vulnerabilities could affect smart bus systems globally, posing significant risks to transportation infrastructure.

Researcher Observation: "The vulnerabilities Yu noted may not be confined to Taiwan. Bad news for any smart bus with global ambitions." [25:15]

Conclusion

This episode of CyberWire Daily underscores the persistent and evolving threats in the cybersecurity landscape. From state-sponsored attacks and ransomware incidents to vulnerabilities in AI and smart transportation systems, the need for robust security measures and resilient infrastructures is more critical than ever. Expert insights from Sean Dube highlight the importance of focusing on identity protection and foundational security principles to mitigate these threats effectively.

Stay informed and proactive in safeguarding your organization's digital assets by following the latest developments and best practices in cybersecurity.

For more detailed coverage of today’s stories, visit CyberWire Daily Briefing.

Produced by Alice Carruth, Liz Stokes, and the CyberWire team. Special thanks to guest Sean Dube and researchers Qao Lin Yu and Kai Xing Wang for their contributions.

Loading summary

Transcript23 lines

[00:02]
Dave Buettner
You're listening to the Cyberwire Network powered by N2K.
[00:18]
Sean Dube
Hackers leak back end data from the North Korean state sponsored hacking group Kim Suki. A ransomware attack on a Dutch clinical diagnostics lab exposes medical data of nearly half a million women. One of the world's largest staffing firms suffers a data breach. St. Paul, Minnesota confirms the interlock ransomware gang was behind a July cyber attack. Researchers jailbreak chatgpt5 A cyber incident takes the Pennsylvania Attorney General's office entirely offline. A new report quantifies global financial exposure from operational technology cyber incidents. Finnish prosecutors charge a Russian captain for allegedly damaging five critical subsea cables in the Baltic Sea. On our Industry Voices segment, we're joined by Sean Duby Sampras, principal technolog technologist with insights on the global state of ransomware and hackers take smart buses for a virtual JoyRide. It's Tuesday, August 12th, 2025. I'm Dave Buettner and this is your Cyberwire Intel Brief. Thanks for joining us. It's great to have you with us. Two hackers with the handles, Saber and Cyborg leaked 8.9 gigabytes of backend data from North Korean state sponsored hacking group Kim Suki, citing ethical objections to the group's financial greed. The leak, shared via distributed denial of secrets, exposes Kim Suki's infrastructure, phishing tools, malware, source code and operational logs. It includes phishing kits targeting South Korean government sites, Cobalt strike loaders, reverse shells, SSH logs, private certificates and links to GitHub accounts and VPN purchases. Kimsuki, known for espionage against South Korea and global entities, now faces potential disruption as parts of its infrastructure are compromised. While the exposure may hinder ongoing operations, experts note long term impact is uncertain. The breach offers valuable intelligence for cybersecurity analysts to strengthen defenses and develop targeted countermeasures. A ransomware attack on Dutch lab clinical diagnostics NMDL exposed personal and medical data of about 485,000 women in the national Cervical Cancer Screening Program. Stolen data includes names, addresses, medical test results and historical records, some of which are already for sale on the Dark Web. The Lab waited nearly five weeks to report the breach, far exceeding the EU's 72 hour rule. The delay prompted Population Screening Netherlands to cut ties and move testing to other labs to maintain program operations. Manpower. One of the world's largest staffing firms is notifying over 144,000 people of a data breach that occurred between December 29, 2024 and January 12 of this year. The breach was discovered during an IT outage investigation in Lansing, Michigan and attackers reportedly stole 500 gigabytes of data. The Ransom Hub ransomware group claimed responsibility, alleging theft of sensitive personal, corporate and financial record, including passport scans, Social Security numbers, contracts and HR data. Some data has since been removed from Ransom Hub's leak site, suggesting a ransom payment. Manpower says they've strengthened IT security, that they're working with the FBI and that they're offering free credit monitoring through Equifax. Ransom Hub, a rebranded Ransomware as a service operation, has targeted numerous high profile victims and breached over 200 U.S. critical infrastructure entities in recent years. St. Paul, Minnesota confirmed the interlock ransomware gang was behind a July cyber attack that disrupted city systems, prompting the governor to deploy the National Guard's cyber unit. While emergency services were unaffected. Online payments and some services remain delayed. The city refused to pay ransom, but Interlock claims to have stolen 66,000 files and has leaked some online. Active since 2024, Interlock targets global organizations, especially healthcare, and was recently linked to major breaches at DaVita and Kettering Health. Just 24 hours after OpenAI launched GPT5 on August 7, Tenable Research says it bypassed the model's new Safe Completions safety system and obtained detailed instructions for making a Molotov cocktail. OpenAI had touted GPT5 as its most advanced model yet, with expert level skills, improved accuracy and stronger safeguards against harmful use. Using a four step crescendo approach, Tenable posed as a history student, gradually steering the model toward providing dangerous instructions. The incident raises concerns about GPT5 security, as other researchers have also reported jailbreaks and hallucinations. OpenAI says fixes are in progress, but Tenable warns that organizations may already be exposed to risks if employees use the model without safeguards. A cyber incident has taken the Pennsylvania Attorney General's office entirely offline, disabling its website, email and phone systems. Attorney General Dave Sunday confirmed the outage, which is preventing citizens from submitting tips or accessing resources. Staff are continuing work and coordinating with supervisors to limit disruptions. The nature of the attack and any potential data exposure remain undisclosed. The office is working with law enforcement to investigate the incident and restore full system functionality. Dragos, in collaboration with Marsh McLennan's Cyber Risk Intelligence center, has released the 2025 OT Security Financial Risk Report, what they say is the first large scale analysis quantifying global financial exposure from operational technology cyber incidents. The report highlights that indirect losses such as business interruption, can account for up to 70% of the total impact in extreme but plausible one. In 250 year scenarios, global OT cyber risk exposure could reach $329.5 billion, with 172.4 billion tied specifically to business interruptions. Drawing on over a decade of breach and insurance claim data, the study identifies the top three OT cybersecurity controls linked to the greatest risk reductions, incident response planning, defensible architecture and ICS network visibility and monitoring. It offers executives and insurers a data informed framework to prioritize risk mitigation and justify investment in OT security. Finnish prosecutors have charged the captain and two senior officers of the Russian linked tanker Eagle S with aggravated criminal mischief and interference with communications for allegedly damaging five critical subsea cables in the Baltic Sea. Authorities say the ship, part of Russia's shadow fleet, dragged its anchor for 90 kilometers, causing at least 60 million euros in repair costs and risking Finland's energy and telecom infrastructure. The suspects deny the charges, citing jurisdiction issues. NATO has warned of increased sabotage threats in the Baltic region. Coming up after the break, my conversation with Sean Dube from Sempras. We're discussing the global state of ransomware and hackers take smart buses for a virtual joyride. Stay with us.
[09:09]
Dave Buettner
Foreign I'm Ben Yellen, co host of the Caveat podcast. Each Thursday we sit down and talk about the biggest legal and policy developments affecting technology that are shaping our world. Whether it be sitting down with experts or government officials, or breaking down the latest political developments, we talk about the stories that will have tangible impacts on businesses and people around the world. If you are looking to stay informed on what is happening and how it.
[09:39]
Sean Dube
Could impact you, make sure to listen.
[09:41]
Dave Buettner
To the Caveat podcast.
[09:53]
Sean Dube
Compliance regulations, third party risk and customer security demands are all growing and changing fast. Is your manual GRC program actually slowing you down? If you're thinking there has to be something more efficient than spreadsheets, screenshots and all those manual processes, you're right. GRC can be so much easier and it can strengthen your security posture while actually driving revenue for your business. You know, one of the things I really like about Vanta is how it takes the heavy lifting out of your GRC program. Their trust management platform automates those key compliance, internal and third party risk, and even customer trust so you're not buried under spreadsheets and endless manual tasks. Vanta really streamlines the way you gather and manage information across your entire business. And this isn't just theoretical. A recent IDC analysis found that compliance teams using Vanta are 129% more productive. That's a pretty Impressive number. So what does it mean for you? It means you get back more time and energy to focus on what actually matters, like strengthening your security posture and scaling your business. Vanta GRC Just imagine how much easier trust can be. Visit vanta.com cyber to sign up today for a free demo. That's v a n-t a.com cyber Sean Dube is principal technologist at Sempras. In today's sponsored Industry Voices segment, I catch up with him for the latest insights on the global state of ransomware.
[11:46]
Dave Buettner
Well, it's been a couple of years since we've done this and that was actually last year. And it's always good to see where the trends are going because this is something that never stays still. I think it's very important to see that. And specifically our report tends to focus on identity, which has been getting more and more attention but has been previously underserved. So it's always good to make sure that it gets the attention it deserves.
[12:21]
Sean Dube
Well, let's dig in together. What were some of the most significant findings here from your point of view?
[12:28]
Dave Buettner
Well, from my point of view, and different people in the organization have different takes on it, there is a little bit of talk about the modest decrease in ransomware success, but to my mind it's an almost statistically insignificant. And it's human nature to say, yay, we're winning and we're doing a good job. But the reality is that easing off the throttle based on a modest trend in the direction you want to see, it's a mistake. It's human nature, but it's a mistake. The underlying motivations for cybercrime and nation state espionage haven't gone away. And one of the things, of course, that this is no surprise is that the tools, for example, AI, they're making attacks both easier and they're making them more sophisticated. So this means, among many things, is that it lowers the bar to success for other for organizations or threat actors. So it's not as hard to do as it was to be successful.
[13:39]
Sean Dube
Well, let's talk about that. I mean, what are you all seeing here in your research? When it comes to AI driven ransomware.
[13:46]
Dave Buettner
Attacks, sometimes the details are hard to find. And our study doesn't dive deep into the details. But what we're hearing is reporting from these organizations is that they are rapidly increasing in sophistication.
[14:02]
Sean Dube
Are there any particular escalation tactics that you all tracked in this year's report? Any anything new or innovative that you're seeing?
[14:12]
Dave Buettner
What we tend to see is the ability to do tried and true attacks. So one of the principles that I always espouse here is if you're looking at in particular cybercrime, the goal for cybercriminals is to make as much money as possible as quickly as possible with as little interference as possible. And so pretty much not everything, but most of what happens you can trace back to those goals. So with those goals in mind, they don't necessarily have to go for novel attacks. What they'll do is they'll find though, because there's a, you know, essentially a universe of organizations out there that are vulnerable. And so what this does is this makes the ability to generate those attacks and to execute those attacks faster. So the dwell time decreases, but the attacks themselves may be. Again, I'm an identity person, so I tend to focus on the identity aspects of IT against identity systems such as Active Directory and Entra id. And many of the attacks are, when it comes right down to it, are using the same tactics. They're just executed in a more automated manner or more quickly.
[15:41]
Sean Dube
Why is identity infrastructure a top focus for these attackers?
[15:47]
Dave Buettner
Well, I've said for many years the, you know, the mathematics for this is pretty simple. If I, if we focus specifically on the Microsoft Identity system, that is that what has become recognized as, number one, that identity is the core of security. Nowadays the NIST zero Trust framework says that and many other frameworks say that number two, it is highly vulnerable and the threat actors know that. So they go after identity. Jen Easterly had a great statement a few months ago at a conference. She said, identity isn't a security problem. Identity is the security problem. And of course, Jenny Sterling is the former director of cisa. So we have, everybody has, everybody depends on identity. Security is centered around identity. The bad guys know this and they attack identity. And the identity systems that everybody uses, the Microsoft identity systems, the on prem is very, is old. It's a quarter of a century old. And it has lots of vulnerabilities for many, many reasons, but it's a, it's a highly vulnerable environment. So if you take that and you plug that into the goals of making as much money as possible as quickly as possible and the traction that it gives threat actors once they've compromised that identity environment, it's logical. And what we've seen and what Mandiant and Microsoft Incident Response has stated is that the vast majority, 90, 95% of organizations that have been attacked, the identity system is a core component of what is attacked and what is owned for the threat actors to then do whatever they have in mind, whether it's encrypting the environment or whether it's exfiltrating data or whatever method that they're using to get revenue out of the victims.
[17:55]
Sean Dube
What sort of gaps did the study reveal? When we're talking about how organizations handle both identity resilience and recovery, One of.
[18:05]
Dave Buettner
The statistics that really stood out for me was the gap between in industries of paying ransom, what industry vertical, who paid more ransom and who paid less ransom. So the highest percentage of paying ransom industry was the energy industry and the lowest was healthcare. So if you had to read between the lines, and this is my speculation, is this might be reflecting the speed at which these two industries, which are both critical infrastructure, the speed at which they're making progress in building resilience in their organizations. We are going through this evolution at an uncomfortably quick pace, I believe, but that's the reality of it, of what I say for both security and for IT professionals, of, let's start with, oh, people are being attacked by threat actors, by cybercrime. That hasn't happened before. Oh, that won't happen to us. And then you're seeing, as an organization, you see it happen all around you and you start to human nature go, oh, well, I think we're probably okay. And then you see that organizations that, you know, you know, people in the organizations that may be equal or better than you in cybersecurity being attacked. And so then you go, oh, gosh, I. Gosh, I guess we really have to face the fact that we may be attacked. And so you really, you know, you, you build out your crisis management for cyber that many organizations have never had before, and you're still just getting your feet wet on how to do that. And now we're talking about resilience, as in, guess what, you're going to be attacked. You're going to have to work on resilience. I feel that there is this great stress of organizations having to adapt to this philosophy culturally. And again, as we know, this is about people, process and technology. It's not just technology, it's how does a culture adapt to this. So going back to your question about the significant findings, so what this says to me when I hear about energy sector versus the healthcare sector, you could speculate that on one side, the energy sector, it doesn't just represent the big oil and gas companies, but also the small municipal agencies that are generally highly vulnerable to cybercrime. They don't have the capabilities, they don't have the big security teams, they have old infrastructure that was not designed for security on one side, and so they're having to pay more ransom because they're more thoroughly compromised. But on the other side and is healthcare, they know that service interruption could mean harm or even death to their patients. So they're very focused on resilience in the face of attack. And in my conversations with healthcare security professionals, that is absolutely the case. So the more resilient you are, the less likely you are to pay a ransom to get your service back.
[21:27]
Sean Dube
So in light of everything in the report here, what are your recommendations? What should organizations be doing to better prepare themselves here?
[21:36]
Dave Buettner
Well, as a former technology journalist, I recognize what makes the press is what gets clicks and it's always interesting and drives traffic to report about new and novel attacks. And so I often get the question how do I deal with the newest and the most novel attacks? And the reality is I call it, I summarize it down to eat your vegetables, which is go back and look at your security. Look at your basic security principles and how well are you executing those basic security principles. What does your attack surface look like? As I said, I'm an identity guy. And the attack surface for your hybrid identity systems, Active directory on premises and enter ID in the cloud or perhaps it's okta in the cloud or ping one in the cloud. Look at your attack surface and how do you, how do you minimize your attack surface as you can't, you can't be perfect on it and it's a, and it's very difficult to do that. But as Rachel Wilson, who is a risk manager now for a risk director for it's not JP Morgan Chase. I'm sorry, I'm spacing this out. It's the other big Morgan Stanley in New York, but she used to be the, the NSA's cyber offense director. And she had her, her way of stating it is don't be the slowest gazelle in the herd.
[23:20]
Sean Dube
Right.
[23:21]
Dave Buettner
So you may not be able to make your security perfect, but if you can make it, you can make it a sufficient bar to make it harder to, to increase the time to revenue for a cybercrime, then you have helped yourself because if it takes too long, then it's simple enough to buy another set of credentials and go to the next organization. So it so often goes back down to basics. There's all sorts of advanced things that you can do, but I'm always about preaching the basics. And for example, our free utilities like Purple Knight and Forest Druid are designed to help you minimize your attack surface and make you less of a target or make you a harder target.
[24:10]
Sean Dube
That's Sean Dube, principal technologist at Cempress. And finally, at defcon, researchers Qao Lin Yu and Kai Xing Wang revealed that Taiwan's smart buses are perhaps a bit too smart for their own good. The trouble began innocently enough with free passenger WI fi, only to discover the same router also controlled the bus driver assistance and transport management systems. With no network segmentation and default passwords that might as well have been password123, the pair waltzed in, digitally uncovering command injections, MQTT backdoors and zero encryption. From there, a hacker could track buses, spy via onboard cameras, falsify GPS data, or even flash out of service signs mid route. Vendors contacted politely apparently preferred the ignore and hope patching strategy. The vulnerabilities Yu noted, may not be confined to Taiwan. Bad news for any smart bus with global ambitions. And that's the Cyber Wire. For links to all of today's stories, check out our daily briefing@thecyberwire.com we'd love to hear from you. We're conducting our annual audience survey. To learn more about our listeners. We're collecting your insights through the end of August. There's a link in the show. Notes, please. Please do. Check it out. N2K's senior producer is Alice Carruth. Our Cyberwire producer is Liz Stokes. We're mixed by Trey Hester with original music by Elliot Peltzman. Our executive producer is Jennifer Ibin. Peter Kilpe is our publisher, and I'm Dave Bittner. Thanks for listening. We'll see you back here tomorrow.
[26:39]
Dave Buettner
Sam.