OneView gives attackers the full tour. - CyberWire Daily

Summary6 min read

CyberWire Daily: “OneView gives attackers the full tour.”

Date: December 18, 2025
Host: Dave Bittner (N2K Networks)
Guest: Larry Zorio, CISO, Mark 43

Overview

This episode of CyberWire Daily explores a wave of urgent vulnerabilities and exploits across enterprise IT and cloud infrastructure, as well as international cybercrime crackdowns and policy developments. A major theme is the security risks facing critical infrastructure and public safety agencies, highlighted by a feature interview with Larry Zorio, CISO of Mark 43, about insider risks, outdated systems, and the evolving cyber threat landscape for first responders.

Key News and Analysis Segments

1. Critical Vulnerabilities & Software Updates

HPE OneView Maximum Severity Vulnerability (03:35)
Hewlett Packard Enterprise patched a severe remote code execution flaw in its OneView infrastructure management software, affecting all pre-version 11 releases. There are no mitigations—immediate patching is urged.

“Organizations are urged to patch immediately…no mitigations or workarounds are available.” (03:15, Dave Bittner)
Cisco Zero-Day Under Active Exploitation (04:15)
A Chinese state-linked threat group (UAT9686) is exploiting a zero-day in Cisco AsyncOS-based secure email gateway appliances, gaining root privileges. No patch or workaround is available; CISA added the flaw to its exploited vulnerabilities list.
Chrome Emergency Patch (04:58)
Google issued an emergency Chrome update for high-severity bugs (remote code execution). Users—including on Edge, Brave, Opera, Vivaldi—are urged to update immediately.

2. Law Enforcement & International Cybercrime

French Authorities: Arrests & Espionage (05:17)
- Arrests in a cyberattack on France's Interior Ministry which led to the breach of confidential documents (no ransom demanded).
- Further arrests on an Italian ferry after discovery of remote-access malware, suspected foreign interference under investigation.
US: Unlicensed Crypto Exchange Takedown (06:27)
Authorities dismantled ENote, accused of laundering $70M for cybercriminals. The FBI and partners seized infrastructure; operator Mikhailo Petrovich Chudnovets remains at large.

3. Zero-Day Exploits & Security Research

Sonicwall Zero-Day Attack (07:25)
Exploitation of a privilege escalation vulnerability in Sonicwall's SMA 1000; patches issued, CISA recommends urgency.
Zero Day Cloud Hacking Competition, London (08:02)
Researchers won $320K for cloud infrastructure exploits; 85% success rate, 11 zero-days found.

“Team Xcentcode won the competition with three successful exploits, earning $90,000.” (08:52, Dave Bittner) Notably, high-profile targets (Kubernetes, Docker, major webservers, AI) resisted all exploit attempts.

4. Policy & Data Security

Sen. Ron Wyden Urges Patient Control Over Health Records (09:30)
With data interoperability rules tightening, Wyden asked EHR vendors for stronger patient controls. Epic is responding with opt-out and privacy tracking features.

FEATURE INTERVIEW: Public Safety, Insider Risks & First Responder Challenges

Guest: Larry Zorio, CISO, Mark 43
Segment Starts: 12:17

Annual Cybersecurity Trends for Public Safety

Mark 43 releases a public safety-focused cybersecurity report annually, tracking breaches and challenges, often with a new emphasis (e.g., AI, access management) each year.

“We actually do a lot of tracking ourselves with different trends we see in the industry, especially breaches and attacks on government agencies. So this year was definitely focused... on AI… also access management.” (12:27, Larry Zorio)

Cybersecurity Gaps in Public Safety Agencies (13:08)

Most agencies, especially smaller ones, struggle with:
- Budget constraints and outdated, legacy systems
- Recruitment and retention of cybersecurity talent
“Many of these agencies are struggling with similar things that small businesses are struggling with... technology budgets, a lot of old legacy systems, trying to recruit and retain talent...” (13:13, Larry Zorio)

Key Report Findings (14:08)

98% of law enforcement now see cybersecurity as critical when evaluating technology—a big shift from five years ago, when on-premise control was the priority.

“If you were to ask that question five years ago...you would get a totally different answer... They understand that they need to level up.” (14:18, Larry Zorio)

Insider Threats in First Responder Agencies (15:06)

Agencies handle highly sensitive info (FBI data, warrants, medical info).
Legacy systems often lack basics like role-based access control or logging.
Zero trust adoption remains slow and uneven.

“They have a lot of legacy systems…that just don’t give them what we would consider…table stakes, right, like the role-based access control.” (15:23, Larry Zorio)

Access Control & Multi-Factor Authentication Challenges (16:19)

Many agencies struggle to implement MFA due to both technical and personnel limitations.
Legacy systems often lack detailed logging needed for monitoring.

“They're struggling with multi-factor authentication…finally starting to modernize…The other thing…I’ll mention today…they don’t even have the granularity that you’re looking for in an activity report.” (16:26, Larry Zorio)

Core Systems at Stake (17:54)

Critical systems include:
- 911 call taking and Computer-Aided Dispatch (CAD)
- Records Management Systems (RMS)—“where they live and breathe for 80, 90% of the day”
- License plate readers, analytics platforms
“There’s the 911 call taking system…records management systems, that is basically where they live and breathe…” (18:06, Larry Zorio)

AI and “Shadow AI” Concerns (19:27)

Emergence of “shadow AI”—employees using unauthorized AI tools.
Agencies look for state or federal guidance and push providers to build secure AI within approved systems.

“Many of them are aware that they are using these shadow it, these shadow AI tools and they are concerned about it.” (19:39, Larry Zorio)

The “Haves and Have Nots” Gap (20:44)

Large cities have cybersecurity resources; small towns might not even have an IT manager.
Some state governments offer shared services to help smaller agencies.

“It very much is a have and a have nots in this space. We do talk around, especially with those smaller agencies. A lot of states are actually offering these smaller agencies services.” (21:17, Larry Zorio)

Practical Recommendations (21:51)

Choose a security framework (NIST, ISO, CIS) to guide planning.
Use the framework to secure funding and grants, and build a roadmap for improvements.
Having a plan helps in advocating for resources with leadership.

“Just settle on a framework…find one that works for your agency…Having a framework…allows them to go to town leadership, city leadership, state leadership, and say, hey, we do have a plan…” (21:56, Larry Zorio)

Notable Quotes & Memorable Moments

“A near total majority, 98%, of law enforcement believe that cybersecurity is an important part of evaluating technology.” (14:10, Larry Zorio)
“Legacy systems… just don’t give them what we would consider…table stakes, like role-based access control.” (15:23, Larry Zorio)
“Even these legacy systems…they don’t even have the granularity that you’re looking for in an activity report…” (16:47, Larry Zorio)

Right to Repair Bounties (24:33)

Nonprofit Fulu pays for proof that users can regain control of DRM-locked, abandoned, or restricted devices—spotlighting ownership rights and legal barriers.

“Fulu now offers cash rewards for fixes that bypass DRM, expired software support or parts pairing schemes… fixing these devices can violate US Copyright law. Fulu pays anyway.” (24:40, Dave Bittner)

Timestamps for Important Segments

[03:35] HPE OneView vulnerability
[04:15] Cisco zero-day active exploitation
[04:58] Chrome emergency patch
[05:17] France: cyber arrests and foreign interference
[06:27] US: ENote unlicensed crypto exchange takedown
[07:25] Sonicwall zero-day
[08:02] Zero Day London hacking contest
[09:30] Sen. Wyden and EHR privacy
[12:17] Interview: Larry Zorio, insider threats in public safety
[14:08] Report findings (“98% of law enforcement…”)
[15:06] Insider threat discussion
[16:19] Access control/MFA challenges
[17:54] Core first responder systems
[19:27] Shadow AI concerns
[20:44] Resource gap between agencies
[21:51] Recommendations for public safety organizations
[24:33] Right to repair bounties

Summary Takeaways

Public safety agencies face unique cybersecurity obstacles but increasing awareness and shifting habits around modern security practices.
Insider threats and legacy technology are major weak points, especially outside major cities.
State and federal frameworks, planning, and funding grants are critical tools for progress.
In broader news, 2025 continues to see advanced persistent threats across high-profile vendors and infrastructure, with both law enforcement and security research driving progress (and payouts) on both defensive and offensive fronts.
Ongoing debates and action on digital ownership, repair rights, and health data privacy highlight the human side of these technical challenges.

Loading summary

Transcript30 lines

[00:02]
A
You're listening to the CyberWire network powered by N2K.
[00:13]
B
Ever wished you could rebuild your network from scratch to make it more secure, scalable and simple? Meet Meter, the company reimagining enterprise networking from the ground up. Meter builds full stack zero trust networks including hardware, firmware and software, all designed to work seamlessly together. The result? Fast, reliable and secure connectivity without the constant patching, vendor juggling or hidden costs. From wired and wireless to routing, switching, firewalls, DNS security and vpn, every layer is integrated and continuously protected in one unified platform. And since it's delivered as one predictable monthly service, you skip the heavy capital costs and endless upgrade cycles. Meter even buys back your old infrastructure to make switching effort, transform complexity into simplicity and give your team time to focus on what really matters helping your business and customers thrive. Learn more and book your demo@meter.com cyberwire that's M E T E R.com cyberwire. Hewlett Packard patches a maximum severity vulnerability in its OneView infrastructure management software Cisco warns a critical zero day is under active exploitation. An emergency Chrome update fixes two high severity vulnerabilities. French authorities make multiple arrests. US Authorities dismantle an unlicensed crypto exchange Sonicwall highlights an exploited Zero Day Research earn $320,000 for demonstrating critical remote code execution flaws in cloud infrastructure A US Senator urges electronic health record vendors to give patients greater control over who can access their medical data. Our guest is Larry Zorio, CISO, from Mark 43, discussing first responders and insider cyber risks and a Right to Repair group puts cash on the T.
[02:33]
C
Foreign.
[02:39]
B
It's Thursday, december 18th, 2025. I'm dave bittner and this is your cyberwire intel briefing. Thanks for joining us here today. It's great to have you with us. Hewlett Packard Enterprise has released patches for a maximum severity vulnerability in its OneView infrastructure management software that allows remote code execution by unauthenticated attackers. The flaw affects all OneView versions prior to version 11 and can be exploited through low complexity code injection attacks. The issue was reported by a Vietnamese security researcher and disclosed in an HPE advisory, warning that no mitigations or workarounds are available. Organizations are urged to patch immediately. HPE says customers can remediate the issue by upgrading to Oneview 11 or later or by applying specific security hotfixes for other versions. HPE has not confirmed any active exploitation of the vulnerability. Cisco has warned that a China linked threat group is actively exploiting a critical zero day affecting Cisco Async OS based secure email gateway and secure email and Web Manager appliances. The flaw allows unauthenticated attackers to execute commands with root privileges. Cisco Talos discovered the activity and attributed it with moderate confidence to a Chinese state sponsored tracked as UAT9686. The campaign uses multiple backdoors and tunneling tools. No patch or workaround is currently available and CISA has added the flaw to its known exploited vulnerabilities catalog. Google has released an emergency Chrome update fixing two high severity vulnerabilities that could allow remote code execution. The flaws include a use after free bug in the Web GPU component and an out of bounds read and write issue in the V8 JavaScript engine. Google has patched the issues and users are strongly urged to update immediately, including those running Chromium based browsers such as Edge, Brave, Opera and Vivaldi. French authorities have been busy. They arrested a 22 year old suspect in connection with a cyber attack on France's Interior Ministry that compromised multiple email accounts and confidential documents. Officials say the breach claimed on breach forums, exposed files related to judicial records and wanted persons with attackers inside the network for several days. No ransom demand was made and authorities say public safety was not endangered. Prosecutors allege the suspect acted as part of an organized group and note prior convictions for similar offenses. French authorities have arrested two crew members of an Italian passenger ferry after malware capable of remote access was found aboard the vessel. A Bulgarian national was released without charge while a Latvian crew member remains detained and faces charges of conspiring to infiltrate computer systems on behalf of a foreign power. The malware was discovered while the ferry was docked and was neutralized without impact. Officials say the investigation involves suspected foreign interference and is ongoing in coordination with Italian authorities. US Authorities have dismantled Enote, an unlicensed cryptocurrency exchange accused of laundering more than $70 million in illicit proceeds for cybercriminals. The FBI, working with European and US partners, seized servers, domains and apps used by the service, which allegedly helped ransomware groups and other criminals convert stolen cryptocurrency into harder to trace assets. Prosecutors unsealed charges against 39 year old Russian national Mikhailo Petrovich Chudnovets, accused of operating E notes and offering laundering services for over a decade. He faces up to 20 years in prison if convicted and remains at large. Officials say the takedown targets the financial infrastructure that enables cybercrime, not just individual attackers. Sonicwall has warned that attackers are exploiting a zero day vulnerability in the secure mobile access 1000 appliance management console. The Medium Severity Flaw allows local privilege escalation and has been used alongside a previously disclosed bug to achieve unauthenticated remote code execution with root privileges. The issue has been patched in recent hotfixes, and CISA has added it to the known Exploited Vulnerabilities catalog, urging rapid remediation and mitigations where patching is delayed. The inaugural Zero Day Cloud Hacking Competition in London awarded researchers $320,000 for demonstrating critical remote code execution flaws in cloud infrastructure components. Hosted by Wiz Research with Amazon Web Services, Microsoft and Google Cloud, the event focused exclusively on cloud systems. Across 13 sessions, researchers succeeded in 85% of attempts uncovering 11 zero day vulnerabilities. Day one awards totaled $200,000 for exploits targeting Redis, PostgreSQL, Grafana, and the Linux kernel, including a container escape flaw that broke cloud tenant isolation. DayTwo added $120,000 for database exploits involving Redis, PostgreSQL and MariaDB team. Xcentcode won the competition with three successful exploits, earning $90,000. Despite the results, most of the $4.5 million prize pool went unclaimed, with no successful exploits against Kubernetes, Docker, major Web servers or AI targets. Senator Ron Wyden of Oregon is urging US Electronic health record vendors to give patients greater control over who can access their medical data, framing the issue as both a privacy and national security concern. His push comes as regulators more aggressively enforce data interoperability rules under the 21st Century Cures act, which aimed to improve data sharing while allowing exceptions for privacy and CyberSecurity. Wyden contacted 10 major EHR vendors calling for direct control features for patients. He warned that widespread data sharing increases risks of misuse. Citing past Defense Department findings, EPIC responded that it is developing new MyChart features to let patients opt out of sharing with, hide records, track access and manage preferences for sensitive care. Coming up after the break, Larry Zorio from Mark 43, discusses first responders and insider cyber threats and a Right to Repair group Puts cash on the table. What's your 2am Security worry? Is it Do I have the right controls in place? Maybe? Are my vendors secure? Or the one that really keeps you up at night? How do I get out from under these old tools and manual processes? That's where Vanta comes in. Vanta automates the manual work so you can stop sweating over spreadsheets, chasing audit evidence and filling out endless questionnaires. Their trust management platform continuously monitors your systems, centralizes your data, and simplifies your security at scale. And it fits right into your workflows, using AI to streamline evidence collection, flag risks, and keep your program audit ready all the time. With Vanta, you get everything you need to move faster, scale confidently, and finally get back to sleep. Get started at vanta.com cyber that's V-A-N-T A.com cyber.
[11:42]
A
This message may be shocking to many millennials. If you are one, you might want to sit down. Right now, loads of people are searching the following on low rise jeans, halter top, velour, tracksuit, puka shell necklace, disc belt. You likely place these in the dark of your closet in 2004, never to be seen again. But if you can find it in yourself to dust them off, there are a lot of people who will give you money for them. Sell on depop where taste recognizes taste.
[12:17]
B
Larry Zorio is CISO from Mark 43. We're discussing first responders sounding the alarm on insider cyber risks.
[12:27]
C
Well, we put it out every year and every year it has different themes. Every year we typically focus on different cybersecurity trends. We actually do a lot of tracking ourselves with different trends we see in the industry, especially breaches and attacks on government agencies. So this year was definitely focused. There was definitely a focus on AI, which I'm sure you definitely know that that also access management. So this was. Yeah, this is something we do every year, Dave.
[12:58]
B
Well, I mean, let's dig in here. The focus is public safety. What are some of the specific issues that folks in that part of the world have to deal with?
[13:09]
C
I would like to just start, especially for your listeners, just to kind of level set with them. There are a lot of things that public safety agencies struggle with with cybersecurity. I think we're all used to seeing movies and TV shows with very advanced technology following the dot around the screen, sitting in different security operations centers. Right. But that, that is really only for the, the top, top, top tier of public safety agencies. Many of these agencies are struggling with similar things that small businesses are struggling with. They're struggling with technology budgets, a lot of old legacy systems. They're struggling with people trying to recruit and retain talent in the cybersecurity industry. So many challenges in this space and some of them have come out in our trends report this year.
[14:04]
B
Well, let's dig into the report. What were some of the key findings that caught your eye?
[14:09]
C
A near total majority, 98% of law enforcement believe that cybersecurity is an important part of evaluating technology. I thought that was interesting because if, if you were to ask that Question five years ago, I think you would get a totally different answer because five years ago public safety was very much, they wanted things on prem. They wanted to be in charge of their systems. They, they knew how to protect their systems in their, in their data centers. I think what this, this stat is, is telling us is they understand that they need to level up. They understand that they need to start leveraging modern technology and they know that cybersecurity needs to be a piece of that. So that, that, that was the near majority was an interesting one for me.
[15:00]
B
One of the things that caught my eye was the concerns about insider threats. Can you dig into that a little bit?
[15:07]
C
For us, it's the, the public safety. We're talking police, we're talking fire, we're talking EMTs, we're talking even like the federal agencies dealing with such sensitive information. We're talking FBI data, we're talking warrants, arrest records. You know, in these records there is the potential for very private information. There is even some cases, there's, there's medical information in there. So agencies understand that, that this is so, so sensitive. And they have a lot of legacy systems, Dave, that just don't give them what we would consider in your audience would consider just like it's table stakes, right? Like the role based access control. A lot of them are struggling with that. They're struggling even with like zero trust, this, this thing that's been around for many years. So it was interesting to see, you know, the responders come back that way with, you know, more. A good majority of them are worried about it and they know that it needs to be something they got to focus on.
[16:14]
B
Well, you mentioned access control. What did you learn when it comes to that?
[16:20]
C
There's a couple things that we've learned actually from that. I mean, it's definitely we're seeing them respond, you know, with this, with the 65% we're seeing, we've seen in past trends reports, them respond to how much they're struggling even with just again for your listeners, Dave, they're struggling with multi factor authentication. These are old legacy systems and they're finally starting to modernize and they're now being pushed and required through different compliance standards that they have to follow to roll out mfa. And it's either a technology struggle, which I spoke to earlier, or it's a people struggle. Like we would love to roll out mfa, but we don't have the personnel to do it. So I think it's, it's just important for, for people, for folks like myself that are in this industry that can help to educate and be there to help them in that space. The other thing I'll mention today of outside of mfa, we've learned that even these legacy systems, they don't even have the granularity that you're looking forward in an activity report to be able to see what people are doing in the systems themselves. So it's another reason why modernization is so important.
[17:36]
B
Can you give us an idea of the range of systems that we're talking about and the functions? I guess top of mind for me is something like a 911 call center where obviously downtime is the last thing you want, but I'm sure there's a lot more to it than most of us think about.
[17:55]
C
You hit the nail on the head with the 911 system, right? That is one of the absolute core critical infrastructures that public safety is using. So those, those Systems, there's the 911 call taking system. There's also what's called a computer aided dispatch system. That, that's kind of, if you ever see a picture of a 911 environment, a dispatch center, you see all these screens and, and typically they're the call taking systems, they're the computer aided dispatch systems. So there's that piece of it, but then there's also what's called records management systems, rms. And that is basically where they live and breathe for 80, 90% of the day. It's where they're writing up all their arrests, they're, they're filling out forms for, for warrants, they're doing all their research. Detectives are going in there looking, looking at different evidence. This all happens in, in an rms. So those are kind of the big core ones. Then you have things like license plate reader systems that, that have been making the headlines recently and, and, and some analytics software as well. That, that's very, very important to these, these public safety officials.
[19:08]
B
You know, we were talking about insider threats and also AI. And I know that's a big concern for a lot of organizations that employees may be using AI. We refer to it as shadow AI. And when you're talking about this sort of sensitive information, that could be a real big problem.
[19:27]
C
It is a real big problem. It's something that I, I talk to a lot of public safety agencies about for many different reasons. In some cases they're just looking for guidance. They're looking from, guidance from, it could be from the state or even the city level. What, what are we allowed and not allowed to do? So there's definitely that side of it. I know, I know that a lot of states are starting to make progress, the federal government's starting to make progress in that area to give them the frameworks. Many of them are aware that they are using these shadow it, these shadow AI tools and they are concerned about it. We're talking to them about how they can lock it down, certainly try to keep it within the boundaries of those RMS systems and those CAD systems. And some of those providers are starting to now offer AI technologies that can really kind of bring everything back into, into the core systems and give, give these leaders a bit more control over where the data is going to go.
[20:34]
B
Is there a big gap between the, the haves and the have nots when it comes to communities that are able to fund these sorts of efforts?
[20:44]
C
There definitely is. Your big cities are thankfully they're going to be able to have big cybersecurity teams and that's great. But it's also shocking in some cases that big cities that we're, we're, we're all aware of that. They're still struggling. They are still struggling, Dave. So with, with kind of your bigger agencies, they might have a team, they could have a team of 100 cybersecurity professionals, which is wonderful and that's great. But if you're, you're in your local town agency, you're lucky if they even have an IT manager and that's it. So it very much is a have and a have nots in this space. We, we do talk around, especially with those smaller agencies. A lot of states are actually offering these smaller agencies services. So we're talking to them about hey, go talk to your state officials. There are some, some tooling and some services that you can get out of the state as well.
[21:42]
B
Well, based on the information that you all gathered in the report here, what are your recommendations? How should these organizations go about best protecting themselves?
[21:51]
C
I think it really all comes down to, and I talk about this a lot, Dave, and for your listeners this is going to sound very obvious, but I talk to a lot of agencies about just settling on a framework that you want to follow, like whether it's NIST or ISO or cis, like just find one that works for your agency. We put out a lot of documentation around this for them and what that can then do is it, it gives them a comfort level that they can build a roadmap, they can build a plan over the next two, three, even five years of some of the things that they need to work on, some of the controls they need to put in place. Funding is a really big issue. Budgets, funding, finding dollars. But having that framework then allows them to go to town leadership, city leadership, state leadership, and say, hey, we do have a plan. And the great thing about it is this plan actually maps to some of the state regulations we have, some of the federal regulations we have. And then the other great thing about that, Dave, is once they have that, they can actually then go for grants because there are a lot of great grant programs out there for these, these agencies, they just don't necessarily know how to go grab that money. And having a framework, having a plan can really help with that.
[23:14]
B
That's Larry Zorio from Mark 43.
[23:29]
A
So good, so good, so good Score Holiday gifts Everyone wants for way less at your Nordstrom RA Save on ugg, Nike, Rag and Bone, Vince Frame, Kurt Geiger, London, and more.
[23:41]
C
Cause there's always something new.
[23:43]
A
I'm giving all the gifts this year.
[23:45]
B
With that extra 5% off when I.
[23:47]
A
Use my Nordstrom credit card. Santa who join the Nordy Club at Nordstrom Rack to unlock our best deals. It's easy. Big gifts, big perks. That's why you rack. Ford BlueCruise Hands Free highway driving takes the work out of being behind the wheel, allowing you to relax and reconnect while also staying in control. Enjoy the drive in BlueCruise enabled vehicles like the F150 Explorer and Mustang Mach E. Available feature on equipped vehicles Terms apply. Does not replace safe driving. See Ford.com BlueCruise for more details.
[24:34]
B
And finally, a small nonprofit with a long memory and a short tolerance for corporate lock ins is paying people to answer an awkward when you buy a device, how much of it is actually yours? Freedom from unethical limitations on users or Fulu runs bounties not for security bugs, but for proof that abandoned or restricted hardware can still be made to work. The effort gained momentum after Google retired support for early Nest thermostats, leaving owners with expensive wall ornaments that still worked locally but had quietly lost their smart Fulu now offers cash rewards for fixes that bypass drm, expired software support or parts pairing schemes. Targets include filter locked appliances, disk drive encryption in game consoles, and other features that seem designed to outlive warranties, not usefulness. The irony is that fixing these devices can violate US Copyright law. Fulu pays anyway. The group's point is not just to revive gadgets, but to highlight how a decades old law now stands between ownership and permission. And that's the cyber Wire. For links to all of today's stories, check out our daily briefing@thecyberwire.com we'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like our show, please share a rating and review in your favorite podcast app. Please also fill out the survey in the show notes or send an email to cyberwire2k.com N2K's senior producer is Alice Carruth. Our Cyberwire producer is Liz Stokes. We're mixed by Trey Hester with original music by Elliot Peltzman. Our executive producer is Jennifer Ibin. Peter Kilpe is our publisher, and I'm Dave Bittner. Thanks for listening. We'll see you back here tomorrow.