One rule to rule them all. - CyberWire Daily

Summary6 min read

CyberWire Daily: "One rule to rule them all."

Host: Dave Bittner (N2K Networks)
Date: December 12, 2025

Episode Overview

This episode of CyberWire Daily dives into major recent developments in cybersecurity policy and threats, with updates on a new AI-focused executive order from the White House, leadership changes at the NSA, regulatory actions in the UK, the latest vulnerability and breach intelligence, and how organizations are evolving tabletop exercises to prepare for AI-generated attacks. The episode also includes an in-depth interview with Mark Lance, Vice President for DFIR and Threat Intelligence at GuidePoint Security, on preparing organizations via Purple Team tabletop exercises—especially as AI changes the threat landscape.

Key News Highlights & Analysis

1. White House Executive Order: Preempting State AI Regulation

[01:35–04:00]

President Trump signed an order to prevent states from creating their own AI regulations.
- Aimed at avoiding a "fragmented regulatory landscape" and maintaining US competitiveness against China.
- Directs the Attorney General to challenge state laws and the Commerce Department to flag problematic state regulations.
- Federal funds (like broadband grants) may be withheld from states passing independent AI rules.
In Context:
- States like California, Colorado, Utah, and Texas already passed AI laws for data, transparency, and discrimination risks.
- Supporters argue local rules are needed for real harms; the administration wants to target only the "most burdensome" restrictions.

"Trump said requiring companies to navigate approvals in all 50 states would discourage investment and slow development." (03:05, Host)

2. NSA Leadership Shake-Up

[04:05–05:15]

Joe Francesca’s nomination as NSA Deputy Director was withdrawn amid pressure from far-right conservatives and internal opposition.
Tim Kosiba, a former NSA and FBI senior official, is now slated for the role.
Backdrop: NSA continues to lack a Senate-confirmed director and faces additional senior departures.

3. Notable Security Events and Alerts

- LastPass Fined Over 2022 Breach

[05:16–06:18]

UK Information Commissioner's Office fined LastPass $1.6 million for insufficient technical/security measures.
Hackers accessed a backup database—though customer passwords were not decrypted.
Experts see this as a “watershed moment,” stressing modern breaches often relate to identity and supplier risk.

- Active Exploitation: Gladonet Center Stack

[06:19–07:00]

Warning from Huntress about real-world attacks exploiting a cryptography flaw (static keys).
Attackers can steal machine keys and execute remote code.
Nine organizations affected so far; immediate updating and review urged.

- OpenAI’s Cybersecurity Preparedness Plans

[07:01–08:10]

OpenAI now treats all future AI models as potentially high risk for cybersecurity.
Focus on “defense in depth,” robust red teaming, system monitoring, and a Trusted Access Program for verified defenders.
Analysts caution that real-world risks from AI attacks may be overstated for now.

- MITRE's Top 25 Software Vulnerabilities (2025)

[08:11–09:15]

Cross-site scripting, SQL injection, and CSRF lead the rankings.
New entries: several buffer overflows, access control issues.
CISA urges developers to use the list to guide secure-by-design practices.

- Emergency Patch: GeoServer Vulnerability

[09:16–10:18]

CISA orders agencies to patch a critical unauthenticated XXE (XML External Entity) flaw.
Exploits allow data theft, DoS, and server-side request forgery.
All organizations—public and private—strongly urged to update immediately.

- Major Anti-Piracy Takedown in India

[10:19–11:10]

Anti-piracy coalition ACE (including Disney, Netflix, Warner Bros.) shut down Mark V Cinemas, a leading illegal streaming service.
Operator agreed to cede 25 domains; also took down a file cloning tool widely used in India and Indonesia.

Featured Interview: Mark Lance – GuidePoint Security

Topic: Purple Team Tabletop Exercises & AI-Generated Attacks
[14:34–25:38]

The Rise and Purpose of Tabletop Exercises

[14:34–15:14]

Tabletop exercises have grown as organizations see the value in testing and awareness.
Drivers include board directives, insurance, and compliance needs.

"We recommend that a tabletop is performed at least once a year across your senior leadership team and then additionally a separate one across your technical or maybe management teams."
— Mark Lance (14:51)

What Is a Tabletop Exercise?

[15:20–16:14]

A “tabletop exercise” is a simulated incident, designed to:
- Educate on incident types, response processes, and key decision points.
- Help teams rehearse roles, responsibilities, and reactions in a controlled environment.

"The idea is to take this hypothetical incident that's applicable to you and your organization and get people to understand how they would react..."
— Mark Lance (16:03)

AI’s Impact on Incident Response Readiness

[16:14–17:24]

AI is now considered a core element in tabletop scenarios.
Includes threats like AI-generated phishing, malicious code, or attacks on internally-used AI systems.
Scenarios are customized to reflect real, emerging threats relevant to each organization.

Choosing Cadence and Audience for Exercises

[17:24–20:26]

Frequency depends on maturity and existing processes; less mature orgs should use exercises to develop plans.
Advanced organizations use tabletop to test and refine existing incident response.
Different roles:
- Technical teams focus on detection, escalation, and severity assessment.
- Senior leaders focus on business impact, communications (e.g., with cyber insurers, counsel), and response decisions.

"Audience-specific to their role is very important."
— Mark Lance (20:12)

Overcoming Skepticism and Realism

[20:26–22:35]

Many participants arrive not knowing what to expect; realistic, surprise-driven scenarios work best.
The process exposes policy and process gaps, drives improvements, and builds “muscle memory.”

Lessons Learned and Getting Started

[23:19–25:38]

Start by assessing your organization's maturity—have you ever done this before?
Decide on internal vs. third-party facilitation.
Focus scenarios on risks truly relevant to your specific environment—avoid generic, “this could never happen” stories.
Most important: capture lessons learned and apply them to keep improving response.

"They're not necessarily a test, but they're an opportunity to say, hey, we were extremely efficient here and here are things we did very well. But maybe we're missing some of these policies or processes here..."
— Mark Lance (24:50)

Memorable Quote

"A lot of our clients walk away from these things saying, 'holy crap, are these the kinds of things that could really happen to us?'"
— Mark Lance (22:47)

Cutting-Edge Research Highlight: DNA as an Attack Vector

[27:01–29:00]

Researchers demonstrated malware can be encoded in synthetic DNA, triggering exploits in sequencing software.
Biological samples, once digitized, pass into cloud systems where hidden code could corrupt data or provide remote access.
Raises new concerns for data integrity and biosecurity in genomics, biotech, and healthcare.

"The takeaway is simple and genomic pipelines are now part of the attack surface. The genome is no longer just life's blueprint, it is executable input."
— Dave Bittner (28:35)

Useful Timestamps

White House AI Executive Order: 01:35–04:00
NSA Leadership Update: 04:05–05:15
LastPass Breach Fine: 05:16–06:18
OpenAI Cyber Plans: 07:01–08:10
MITRE Vulnerabilities List: 08:11–09:15
GeoServer Exploit Alert: 09:16–10:18
Interview: Mark Lance begins: 14:34
- Tabletop Overview: 15:20
- AI in Exercises: 16:14
- Audience/Roles: 18:54
- Lessons Learned/Getting Started: 23:27
DNA-Based Malware Segment: 27:01–29:00

Conclusion

This episode underscores how rapidly shifting technologies—especially AI and even biotechnology—are drastically expanding the cybersecurity threat landscape. Practical insights from Mark Lance show how organizations can better prepare for both present and future challenges, using tailored tabletop exercises to move beyond compliance checklists and truly test their readiness.

For a more in-depth dive, listen to the full episode and check supplemental materials at the CyberWire.

Loading summary

Transcript21 lines

[00:02]
A
You're listening to the Cyberwire Network powered by N2K.
[00:14]
B
We've all been there. You realize your business needs to hire someone yesterday. How can you find amazing candidates fast? Well, it's easy. Just use Indeed when it comes to hiring, Indeed is all you need. Stop struggling to get your job post noticed Indeed Sponsored Jobs helps you stand out and hire fast. Your post jumps to the top of search results so the right candidates see it first and it works. Sponsored Jobs on indeed get 45% more applications than non sponsored ones. One of the things I love about Indeed is how fast it makes hiring. And yes, we do actually use Indeed for hiring here at N2K CyberWire. Many of my colleagues here came to us through Indeed. Plus with Sponsored Jobs. There are no subscriptions, no long term contracts. You only pay for results. How fast is Indeed? Oh, in the minute or so that I've been Talking to you, 23 hires were made on Indeed according to Indeed Data Worldwide. There's no need to wait any longer. Speed up your hiring right now with Indeed and listeners to this show will get a $75 sponsored job credit. To get your jobs more visibility at indeed.com cyberwire just go to indee indeed.com cyberwire right now and support our show by saying you heard about Indeed on this podcast. Indeed.com cyberwire terms and conditions apply. Hiring Indeed is all you need. A new executive order targets State's AI regulatory regulations while the White House shifts course on an NSA Deputy Director pick the UK finds LastPass over inadequate security measures Researchers warn of active attacks against Gladonet center stack instances OpenAI outlines future cybersecurity plans MITRE ranks the top 25 vulnerabilities of 2025 CISA orders US federal agencies to urgently patch a critical geo server vulnerability an anti piracy coalition shuts down one of India's most popular Illeg streaming services Our guest is Mark Lance, vice President for DFIR and threat intelligence at GuidePoint Security, unpacking Purple Team tabletop exercises and preparing for AI generated attacks and hackers set their sights on DNA. This Friday, December 12, 2025. I'm Dave Bittner and this is your Cyberwire Intel Briefing. Thanks for joining us here today. Happy Friday. It is great as always to have you with us. President Donald Trump signed an executive order aimed at preventing US States from creating their own artificial intelligence regulations, arguing that a fragmented regulatory landscape could hinder innovation and weaken America's ability to compete with China. Trump said requiring companies to navigate approvals in all 50 states would discourage investment and slow development. The order directs the attorney general to form a task force to challenge state AI laws and instructs the Commerce Department to identify regulations deemed problematic. It also threatens to withhold certain federal funds, including broadband grants, from states that enact AI rules. The move comes amid bipartisan calls in Congress and pressure from civil liberties and consumer groups for stronger AI oversight. Several states, including California, Colorado, Utah and Texas, have already passed AI laws focused on data limits, transparency and discrimination risks. Supporters say such measures address real harms, while the administration argues only the most burdensome regulations should be targeted, leaving room for protections like child safety elsewhere. The Trump administration has reversed its decision on who will serve as deputy director of the National Security Agency, withdrawing its earlier pick amid internal opposition and pressure from far right conservatives. Joe Franciscan, announced in August for the number two role, was recently informed he would no longer be appointed, according to multiple sources. Francesca, a former NSA analyst and National Security Council official, never began the job and faced criticism from conservative activists as well as resistance within the administration. He has since declined alternative NSA roles and moved to the private sector. The White House now plans to name Tim Kosiba, a former senior NSA and FBI official, to the position. Kosiba reportedly has backing from Trump allies and recently completed a polygraph at NSA headquarters. The change adds to ongoing leadership instability at the nsa, which remains without a Senate confirmed director and faces additional senior departures in the coming weeks. The UK Information Commissioner's Office has fined LastPass about $1.6 million over a 2022 data breach that affected roughly 1.6 million UK users. Regulators concluded that LastPass failed to implement sufficiently robust technical and security measures, allowing a hacker to gain unauthorized access to a backup database tied to a third party cloud storage service. While there is no evidence that customer passwords were decrypted, the ICO said the company nonetheless failed users who trusted it to protect sensitive information. LastPass, which serves more than 20 million customers and 100,000 businesses globally, remains a recommended security tool despite the incident. Industry experts described the fine as a watershed moment, highlighting that modern breaches often stem from identity compromise, governance failures and supplier risk rather than weak passwords alone. Huntress is warning of active attacks against gladonet Center Stack instances where attackers exploit a newly identified cryptography flaw to to steal machine keys and gain remote code execution. The issue stems from Center Stack reusing static cryptographic strings, allowing attackers to access the Web config file, forge trusted requests and abuse ASPX View state deserialization. Huntress has observed nine impacted organizations across multiple sectors. No CVE has been assigned, gladonet has fixed issues and organizations are urged to update immediately and review indicators of compromise. OpenAI has outlined plans to treat all future AI models as having potentially high cybersecurity capabilities, acknowledging they could both aid defenders and be misused by attackers. Under its preparedness framework, such models might automate vulnerability, discovery or cyber operations, prompting a defense in depth approach. Rather than limiting access or knowledge. OpenAI plans to rely on targeted training, red teaming and system wide monitoring to curb abuse. Models are designed to refuse or safely respond to malicious requests with suspicious activity blocked, downgraded or escalated for enforcement. OpenAI also plans a Trusted Access Program offering enhanced capabilities to qualified cybersecurity defenders and a Frontier Risk Council of experts. While OpenAI cites improving model performance as evidence of advancing capabilities, outside analysts caution against overstating current AI driven threats. MITRE has published their 2025 CWE Top 25 ranking the past year's vulnerabilities Cross site scripting was the most dangerous software weakness, followed by SQL injection and cross site request forgery. Missing authorization climbed to fourth while out of bounds right placed fifth. The list adds six new entries, including multiple buffer overflow flaws and access control weaknesses. While several issues dropped off due to methodology changes, CISA says the updated list is designed to help reduce vulnerabilities and costs. Agencies urge developers and security teams to use it to guide secure by design practices, testing and vendor evaluations. CISA has ordered US Federal agencies to urgently patch a critical geoserver vulnerability that's being actively exploited in the wild. The flaw is an unauthenticated XML external entity or XXE vulnerability affecting multiple geoserver versions. By abusing weak XML input handling in a specific GetMap endpoint, the attackers can retrieve arbitrary files, trigger denial of service conditions, access sensitive data, or enable server side request forgery. CISA has added the flaw to its known exploited vulnerabilities catalog and directed federal Civilian Executive branch agencies to remediate by January 1. While the mandate applies only to federal agencies, CISA strongly urges all organizations running GeoServer to patch immediately, noting widespread exposure and active exploitation. An anti piracy coalition has shut down Mark V Cinemas, one of India's most popular illegal streaming services, cutting off access to free movies and TV shows used by millions of the operation was led by the alliance for Creativity and Entertainment, or ACE, backed by more than 50 major studios and networks including Disney, Netflix and Warner Bros. ACE identified the operator in Bihar, India, who agreed to cease operations and transfer 25 related domains now redirected to a legal streaming portal. The coalition also dismantled a file cloning tool widely used in India and Indonesia to to distribute pirated content via cloud storage. Ace says the takedown underscores its continued collaboration with global law enforcement to disrupt large scale piracy networks. Coming up after the break, my conversation with mark Lance from GuidePoint Security. We're discussing Purple Team tabletop exercises to prepare for AI generated attacks and hackers set their sights on DNA. Stay with us. Most environments trust far more than they should, and attackers know it. ThreatLocker solves that by enforcing default deny at the point of execution. With ThreatLocker allowlisting you stop unknown executables cold. With ring fencing you control how trusted applications behave and with threatlocker DAC defense against configurations, you get real assurance that your environment is free of misconfigurations and clear visibility into whether you meet compliance standards. ThreatLocker is the simplest way to enforce zero trust principles without the operational pain. Its powerful protection that gives CISOs real visibility, real control and real peace of mind. ThreatLocker makes zero trust attainable even for small security teams. See why thousands of organizations choose ThreatLocker to minimize alert fatigue, stop ransomware at the source and regain control over their environments. Schedule your demo@threatlocker.com n2k today foreign. Is transforming every industry, but it's also creating new risks that traditional frameworks can't keep up with. Assessments today are fragmented, overlapping and often specific to industries, geographies or regulations. That's why Black kite created the BKGA3AI assessment framework to give cybersecurity and risk teams a unified, evolving standard for measuring AI risk across their own organizations and their vendors. AI use it's global, research driven, built to evolve with the threat landscape and free to use because Black Kite is committed to strengthening the entire cybersecurity community. Learn more@blackkite.com. Mark Lance is Vice President for DFIR and threat intelligence with GuidePoint Security. I recently sat down with him to discuss Purple Team tabletop exercises to help prepare for AI generated attacks.
[14:34]
C
Yeah, we've seen this to be a huge growth area over the last couple years where more and more people are seeing the benefits and starting to perform tabletop exercises. We think a lot of that is driven internally from, you know, management teams, even technical teams trying to drive awareness and visibility upwards. But also board directives could be insurance and compliance requirements or driving people to do these tabletops. In general, we recommend that, you know, a tabletop is performed at least once a year across your senior leadership team and then additionally a separate One across your technical or maybe management teams.
[15:15]
B
Well, for folks who've never been part of one. Can you describe it for us? What typically goes into a tabletop exercise?
[15:21]
C
A tabletop is going to be a hypothetical incident where you are taking and leveraging this incident to educate the participants in the audience on the different types of things that could transpire during an incident. And while it's also used for, you know, the opportunity for education, it's also about enablement, making sure that people know how to leverage their existing incident response plans, knowing their roles and responsibilities during those incidents, and what are those key decision points that could occur. But all in all, the idea is to take this hypothetical incident that's applicable to you and your organization and get people to understand how they would react by executing that with an audience and having them make the decisions on what steps they would take based upon different injects and things that would happen during that incident process.
[16:15]
B
Well, of course, the hot topic these days is AI. And how has that changed the way people are framing their tabletops these days?
[16:25]
C
AI, similar to any other threat, just needs to be accounted for when putting together these hypothetical incidents or these tabletop exercises. Different organizations have different types of threats that they should be aware of and conscious of that are the most relative to them and their organization and their business. And AI is one of the things that obviously we're very conscientious about because we know that cybercriminals and threat actors are leveraging AI in certain technologies in different ways. And so accounting for those during these tabletops, whether that is more efficient phishing attempts, whether it is custom code created, whether it's accessing AI infrastructure that you're leveraging and using within your own environment. Those are all things that should be or could be accounted for when you're, when you're creating and developing these unique scenarios to test somebody's ability to respond to them.
[17:24]
B
What's your advice for organizations figuring out what the cadence should be for them, how often they should do this?
[17:32]
C
I think the cadence for these tabletop exercises and crisis simulations is contingent upon an organization's, an organization's maturity. A lot of, you know, businesses, this could be the very first time they're doing it. And maybe they don't have an existing incident response plan. And so they're leveraging this as an opportunity to vet out who could be doing what during an incident and who's going to be responsible. So they can then go develop that incident response plan because they don't have that level of sophistication yet now there are other organizations that might have existing incident response plan playbooks, specific runbooks, and it's more of an opportunity to test those out and you can perform them more frequently because you have the established plans and you're just seeing how people would respond to certain types of incidents. And so I think the level of maturity an organization has will determine what the purpose and intent behind it is. But I also think what's very important is making sure that you're targeting specific audiences based on the type of conversation that's occurring. And the talk track for the tabletop itself.
[18:48]
B
Well, related to that, how do you go about deciding who should be included in the exercises?
[18:55]
C
It really varies upon the audience and the intent behind the tabletop and the exercise. For a technical tabletop as an example. For a technical tabletop it could be more around how are things identified? How did you identify a certain type of incident or an incident has occurred in your environment? How are you then tracking that incident? How are you escalating it? How are you sharing information internally about that? Who's determining the severity and escalations and when? That should go up to senior leadership. Now the audience for more of a senior leadership or executive tabletop is going to be less about the intricacies involved with the incident itself and going to be more about decisions and business related decisions that need to be made. You know, you are going to get high level details about the incident, not necessarily having to know the intricacy and technical details involved in how it's tracked, but instead, you know who's going to be communicating with your cyber insurance carrier. Are we going to engage external counsel? Is there a necessity to shut down certain areas of the business? Who's drafting internal and external notifications and and letting people know that we are being potentially impacted by an incident and when should those occur. And so really the in the audience can drive the intent, but the intent can also drive the audience. But realistically we do see we're breaking apart those sessions into different audiences. Audience specific to their role is very important.
[20:27]
B
You know, Mark, I know as part of your role there at guidepoint, you help organizations run their tabletop exercises. Can you give us a kind of a peek into that world? I'm specifically curious, like, do you find you have to bring some people along? I guess I'm asking are some folks skeptical when they walk into that room that they're not sure what they're getting into or is this the best use of my time?
[20:53]
C
Yeah, absolutely. We have a lot of clients who might not necessarily know what they're getting into, which, again, dependent upon the intent of the exercise. In most circumstances, we actually recommend that clients aren't prepared with knowing the full incident scenario, because in a real incident situation, you are not going to know everything about the incident up front. You're going to be dealing with it reactively versus, you know, having all of the details and able to know that, well, eventually this is going to happen. Instead, information gets trickled in during a real incident response effort. And so we try to simulate what a real incident would be like. And a lot of that is, you know, having core preparation with policies and processes and then being able to navigate those based on the variables and the details that are shared with you as part of the incident. So realistically, when we're going to develop these things, it's one, who's the audience? Two, what is the intent behind the tabletop? Is it to test plans? Is it for educational purposes, to teach people about different types of threats? Is it enablement for the team to further understand their roles and responsibilities? And then developing a scenario that's going to test different areas of the business and help them establish some muscle memory and then also to educate them on, okay, well, here where there were, there were deficiencies in your process and you need to potentially make improvements to be more effective in the future. If this was a real scenario and.
[22:36]
B
What'S it like after the fact, is this a revelation for some of the people to have this real worldview of the possibilities?
[22:45]
C
It is, you know, it's, it's. A lot of our clients walk away from these things saying, holy crap, are these the kinds of things that could really happen to us and that we need to be thinking about? And the answer is, is generally yes. You know, the intent isn't to necessarily scare people, but it is to bring awareness to them so that they know the details about the true impacts of potential incidents to their business and their organization.
[23:19]
B
What are your recommendations for folks who want to go down this path, who maybe haven't done this before? What's a good place to get started?
[23:28]
C
I think understanding your level of maturity, 1, is the first piece. Have you done these types of things in the past, if you haven't? I think in general, everybody should be performing tabletop exercises. They should be actively having these simulations for different target audiences periodically. Two, do we have the capability to potentially try to do this or want to try to do this internally ourselves, or do we want to bring in outside help with the expertise and experience of knowing what some of the pitfalls or speed bumps might be. We do see where a lot of people will, you know, attempt to perform these and that's great, at least they're trying. But then they do realize sometimes there is some, some outside experience that can be brought to the table and so looking for others and consulting them on the opportunity for that, for that experience in those services. And then I think that, you know, three is just making sure that you are leveraging best practices like doing target and specific audiences, building custom scenarios that are going to be specific to your environment, but also making sure that they're relevant and things that could really happen because a lot of times you'll lose the audience and people will say, oh, that couldn't really happen to us. So making sure that they are viable and real things that could potentially impact your specific environment and infrastructure. And then the last piece is making sure that you're taking the lessons learned from that and applying them. These are learning opportunities. They're not necessarily a test, but they're an opportunity to say, hey, we were extremely efficient here and here are things we did very well. But maybe we're missing some of these policies or processes here. Here's where there was some confusion and people didn't know who should be handling certain actions or activities. We also weren't sure who our third parties are or we weren't tracking that information. So making sure that you're leveraging the lessons learned from that so that you can grow and be more efficient and effect in the following exercises.
[25:38]
B
That's mark Lance from GuidePoint Security.
[25:54]
A
Ford BlueCruise Hands Free highway driving takes the work out of being behind the wheel, allowing you to relax and reconnect while also staying in control. Enjoy the drive in blue cruise enabled vehicles like the F150 Explorer and Mustang Mach E. Available feature on equipped vehicles terms apply. Does not replace safe driving. See Ford.com BlueCruise for more details. This message may be shocking to many millennials. If you are one, you might want to sit down. Right now, loads of people are searching the following on low rise Jeans, halter top, velour, tracksuit, puka shell necklace, disc belt. You likely place these in the dark of your closet in 2004, never to be seen again. But if you can find it in yourself to dust them off, there are a lot of people who will give you money for them. Sell on Depop where taste recognizes taste.
[27:01]
B
And finally, cybersecurity has officially crossed the Rubicon. And it did so carrying a pipette. Researchers have shown that malware no longer needs phishing emails or poisoned downloads, it can hitch a ride inside synthetic DNA. In a University of Washington demonstration, carefully crafted DNA sequences were shown to trigger exploits when processed by sequencing software, turning lab workflows into attack paths. Once sequenced, biological data moves through cloud platforms and custom code, where hidden instructions could corrupt data or enable remote access for sectors like genomics, biotech, healthcare, and agriculture. This raises uncomfortable questions about data integrity, intellectual property, and national biosecurity. Traditional controls barely notice the threat because DNA looks like biology, not malware. The takeaway is simple and genomic pipelines are now part of the attack surface. The genome is no longer just life's blueprint it is executable input. And yes, that means your lab bench just joined the threat model. Now, if you'll excuse me, I'm gonna go watch the latest episode of Pluribus. And that's the Cyberwire. Be sure to check out our daily briefing@the cyberwire.com Be sure to check out this weekend's Research Saturday and my conversation with Daniel Schwabe, Domain Tools head of investigations and ciso. We're sharing their work inside the Great Firewall. That's Research Saturday. Check it out. We'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like our show, please share a rating and review in your favorite podcast app. Please also fill out the survey in the show notes or send an email to cyberwire2k.com N2K's senior producer is Alice Carruth. Our Cyberwire producer is Liz Stokes. We're mixed by Trey Hester with original music by Elliot Peltzman. Our executive producer is Jennifer Ibin. Peter Kilpe is our publisher and I, Dave Bittner. Thanks for listening. We'll see you back here next week.
[29:58]
A
The Uniswap Wallet makes it easier and safer to own and use crypto Created by pioneers of the crypto economy, the Uniswap protocol has powered over $3 trillion in trading volume, and it's trusted by tens of millions worldwide. With the Uniswap Wallet, you can discover, swap, and manage your crypto all from your phone. Buy your first crypto assets in just a few taps and start exploring the freedom of decentralized finance. With Uniswap. Tap the banner to get.