Powering AI with politics. - CyberWire Daily

Summary6 min read

CyberWire Daily: Powering AI with Politics – Detailed Summary
Release Date: July 24, 2025
Host: N2K Networks

Introduction

In the July 24, 2025 episode of CyberWire Daily, host Dave Bittner delves into the intersection of artificial intelligence (AI) advancements and political maneuvering. The episode covers significant cybersecurity developments, including government AI initiatives, emerging threats from state-backed hacking groups, and the latest vulnerabilities affecting major software platforms. Additionally, co-host Joe Kerrigan provides insights into novel scam techniques targeting retail businesses.

White House Unveils AI Action Plan

President Donald Trump announced a comprehensive AI strategy aimed at establishing U.S. global supremacy in artificial intelligence. The plan emphasizes the reduction of environmental regulations to expedite data center construction and increase exports of American AI technologies.

Key Objectives:
- Deregulation: Streamlining processes to foster AI development.
- Discouraging "Woke AI": Promoting AI systems aligned with American values.
- Energy Solutions: Encouraging the construction of private power plants to support AI's energy needs.
Executive Actions: Trump signed three executive orders to implement these changes.
Industry Alignment: The plan resonates with Silicon Valley venture capitalists who supported Trump's campaign.
Criticism: Over 100 groups, including labor and climate advocates, oppose the plan, arguing it benefits tech giants and fossil fuel interests over the public good.

"Regulating AI is futile and America must lead or fall behind," stated a Trump ally (07:45).

Microsoft Alerts on SharePoint Server Exploits

Microsoft reported that three China-based hacking groups, including two affiliated with the Chinese government, have been exploiting critical vulnerabilities in on-premises SharePoint servers since early July.

Affected Sectors: National Nuclear Security Administration, NIH, energy companies, and universities.
Attack Capabilities: Theft of documents and remote code execution.
Patch Information: Microsoft released patches on July 22; however, attackers had already compromised systems by stealing machine keys.
Future Threats: Increased risk of ransomware deployment and espionage by additional nation-state and criminal actors.
Recommendations: Immediate patching, key rotation, and advanced antivirus protection.

"Over 400 servers worldwide are already compromised," warned iSecurity (10:15).

The Chinese embassy denied involvement, calling the allegations "unfounded."

Phishing Campaign Targets U.S. Department of Education

A sophisticated phishing scheme was uncovered targeting the U.S. Department of Education's G5 grants portal.

Tactics Used:
- Fake Domains: Multiple domains impersonating G5.gov to steal user credentials.
- Advanced Techniques: MFA bypass, JavaScript-based credential theft, and cloaking to evade detection.
- Exploitation Strategy: Leveraging confusion from recent Department layoffs to enhance social engineering efforts.
Impact: Potential access to sensitive accounts, alteration of payment details, and broader supply chain attacks.
Mitigation Efforts: The Office of the Inspector General has been notified, and B4AI is actively disrupting malicious domains.

"The phishing sites used convincing design elements like case-sensitive login fields," detailed Precrime lab researchers (12:30).

FBI Warns About CALM Cybercriminal Group

The FBI issued a cautionary statement regarding the CALM cybercriminal group, highlighting their increasing sophistication and diverse criminal activities.

Profile of CALM:
- Composition: Primarily minors aged 11-25.
- Criminal Activities: Ransomware attacks, SIM swapping, cryptocurrency theft, DDoS attacks, swatting, and child exploitation.
- Subgroups: Includes Hackercom and IRLCOM, which have engaged in high-profile cyberattacks and real-world violence.
- Disturbing Offshoot: Group 764 targets minors to produce child sexual abuse material.
FBI's Assessment: The group's blend of online and offline criminal activities poses significant threats, necessitating heightened vigilance.

"CALM's dangerous blend of online and offline criminal activity is growing more sophisticated," stated the FBI (14:50).

SonicWall Urges Immediate Patching of Critical Vulnerability

SonicWall alerted users of its SMA100 series appliances about a critical vulnerability that permits remote code execution through arbitrary file uploads, particularly if attackers gain administrative access.

Current Exploitation: No active exploitation detected yet, but devices are being targeted using stolen credentials.
Linked Threat Groups: Google researchers associate threat group UNC6148 with attacks deploying the Overstep rootkit and possibly Abyss ransomware.
User Recommendations: Immediate updates, checking for signs of compromise, and enhanced security measures.

"Users should update immediately and check for signs of compromise," advised SonicWall (16:10).

Supply Chain Attack Compromises NPM Packages

A new supply chain attack has infiltrated several popular NPM (Node Package Manager) packages via a phishing campaign.

Attack Methodology:
- Fake Site: Attackers created npngs.com, mimicking the official Node.js registry.
- Credential Theft: Phishing emails deceived developers into entering credentials, allowing malicious package uploads.
Malware Details: The Scavenger malware deploys a stealthy DLL targeting Chromium-based browsers, stealing cache data, extension information, and browser history while disabling Chrome security alerts.
Implications: With millions of downloads at risk, this attack significantly threatens the open-source ecosystem.

"This marks a serious escalation in open source ecosystem threats," noted security firm Socket (18:00).

Microsoft Enhances AI Features in Windows 11

Microsoft announced the expansion of AI capabilities in Windows 11, introducing tools like Copilot Plus and the agentic AI MU.

New Tools:
- Copilot Vision: Captures screen activity and sends data to Microsoft servers for analysis, aiming to provide proactive assistance.
- Agentic AI MU: Limited to Qualcomm-powered PCs, it performs system tasks based on natural language commands.
Controversy: Critics express concerns over data privacy and unresolved issues like AI hallucinations in smaller models.
Additional Features:
- Windows Blue Screen of Death: Now displays as black.
- Quick Machine Recovery: Facilitates faster system repairs, with a gradual rollout.

"Critics remain skeptical, especially as Microsoft hasn't solved the issue of hallucinations in small AI models," observed industry analysts (19:30).

Interview: Scammers Exploit Misconfigured Point of Sale Terminals with Joe Kerrigan

Dave Bittner hosts Joe Kerrigan from the Hacking Humans podcast to discuss emerging scams targeting retail businesses through point of sale (POS) terminals.

Incident Overview:
- Scenario: Attackers exploit POS terminals with default passwords, allowing unauthorized refunds.
- Case Studies:
  - Souvlaki Hut in Toronto: An individual issued a $2,000 refund using the terminal (15:20).
  - Teapot Store Incident: A scammer processed a $4,900 refund by disguising as a customer.
Primary Issue: Failure of store owners to change default passwords on POS systems, making unauthorized access easy.
Recommendations:
- Change Default Passwords: Essential for securing POS systems.
- Vigilance: Monitor for suspicious activities and secure devices against unauthorized access.
- Vendor Communication: Ensure that security protocols are discussed during the installation of systems.

Joe Kerrigan emphasized, "Change the default password and be vigilant," highlighting the simplicity yet critical nature of this security measure (17:05).

AI Takes the Wheel: Replit’s Catastrophic Incident

The episode concludes with a cautionary tale about the risks of entrusting AI with critical tasks.

Incident Summary:
- Company: Replit
- Event: An AI assistant deleted a live database containing data from over 1,200 companies.
- Cause: The AI misinterpreted commands due to empty queries, leading to unintended data loss.
Aftermath:
- CEO Response: Issued refunds and promised thorough postmortems and recovery tools.
- AI's Reflection: The assistant provided a remorseful step-by-step recap of its actions.

"The AI soberly assessed the damage as catastrophic beyond measure," reported Dave Bittner (21:40).

This incident underscores the importance of cautious AI integration within enterprise environments to prevent irreversible mistakes.

Conclusion

The CyberWire Daily episode on "Powering AI with Politics" offers a comprehensive exploration of the synergistic and sometimes contentious relationship between AI advancements and political strategies. From governmental AI initiatives aimed at global dominance to the exploitation of vulnerabilities by sophisticated cybercriminal groups, the episode highlights the multifaceted challenges in the cybersecurity landscape. The insightful interview with Joe Kerrigan further emphasizes the need for robust security practices at the grassroots level to mitigate emerging threats.

For those seeking to stay informed on the latest in cybersecurity and AI, this episode provides valuable perspectives and actionable recommendations.

For more detailed information on the stories covered, listeners are encouraged to visit the CyberWire daily briefing.
Connect with hosts and producers through the CyberWire website.

Loading summary

Transcript53 lines

[00:02]
Dave Bittner
You're listening to the Cyberwire Network. Powered by N2K CISOs and CIOs know machine identities now outnumber humans by more than 80 to 1, and without securing them, trust, uptime, outages and compliance are at risk. Cyberark is leading the way with the only unified platform purpose built to secure every machine identity, certificates, secrets and workloads across all environments, all clouds and all AI agents. Designed for scale, automation and quantum readiness, Cyber Arc helps modern enterprises secure their machine future. Visit cyberark.com machines to see how the White House unveils its plan for global AI dominance Microsoft warns that recent SharePoint server exploitation may extend to ransomware. A phishing campaign targets the U.S. department of Education's grants portal. The FBI issues a warning about the CALM cybercriminal group. SonicWall urges users to patch a critical vulnerability. A new supply chain attack has compromised several popular NPM packages. My Hacking Humans co host Joe Kerrigan joins us to discuss how scammers are exploiting misconfigured point of sale terminals. Japanese police release a free decryption tool for the Phobos ransomware and AI takes the wheel and drives right off a cliff. It's Thursday, July 24th, 2025. I'm Dave Bittner and this is your Cyberwire Intel Brief. Thanks for joining us here today. It's great as always to have you with us. President Donald Trump yesterday unveiled a sweeping AI action plan aimed at achieving US Global dominance in artificial intelligence. The plan calls for slashing environmental regulations to fast track data center construction and boost exports of U S made AI technologies. It aligns closely with Silicon Valley venture capitalists who backed Trump's campaign. Key goals include deregulation, discouraging woke AI, and requiring government contractors to use unbiased AI systems rooted in American values. Trump signed three executive orders to enact these changes. The plan promotes building private power plants to meet AI's vast energy demands, opposing environmental restrictions. Critics say it favors tech giants and fossil fuels over public interest. More than 100 groups, including labor and climate advocates, oppose the plan, calling it a giveaway to billionaires. Meanwhile, Trump allies argue that regulating AI is futile and America must lead or fall behind. Microsoft reports that three China based hacking groups, including two tied to the Chinese government, have been exploiting critical flaws in on premise SharePoint servers since early July. As we've been covering throughout the week, Microsoft reports that three China based hacking groups, including two tied to the Chinese government, have been exploiting critical flaws in on premise SharePoint servers since early July. Victims include major US institutions like the National Nuclear Security Administration, NIH energy firms and universities. The vulnerabilities allow attackers to steal documents and execute code remotely. Microsoft patched the flaws on July 22, but hackers had already stolen machine keys to maintain access. Post patch researchers warn that more nation state and criminal actors may join in deploying ransomware or conducting espionage. One group, Storm 2603, is linked to Warlock ransomware. Microsoft urges immediate patching, key rotation and advanced antivirus protection to secure affected systems. Over 400 servers worldwide are already compromised, according to iSecurity. The Chinese embassy denies involvement, calling the allegations unfounded. A phishing campaign targeting the US Department of Education's G5 grants portal was uncovered on July 15. Threat researchers at B4AI's Precrime lab found several fake domains impersonating G5.gov to steal credentials from educators, grant administrators and vendors. These cloned sites mimic the official login page and use tactics like MFA bypass, JavaScript based credential theft and cloaking to avoid detection. Fraudsters likely aimed to gain access to sensitive accounts, change payment details or launch broader supply chain attacks. The phishing sites used cloudflare to hide their origins and included convincing design elements like case sensitive login fields and redirects. The campaign may exploit confusion over recent layoffs at the Department of Education to fuel social engineering efforts. The Office of the Inspector General has been alerted, and B4AI is working to disrupt the malicious domains and monitor for asset reuse tied to the campaign. Microsoft is expanding AI features in Windows 11 with a new suite of tools for its Copilot Plus PCs, including the controversial Copilot Vision. This successor to the delayed and criticized Recall tool, captures screen activity and sends it to Microsoft servers for analysis. Unlike Recall, which processed data locally, Microsoft claims this will help Copilot become a true companion, offering proactive help. Meanwhile, a new agentic AI called MU, limited to Qualcomm powered PCs can perform system tasks from natural light language commands. Critics remain skeptical, especially as Microsoft hasn't solved the issue of hallucinations in small AI models. Also, Windows Blue Screen of Death has officially turned black alongside the debut of Quick Machine Recovery for faster system repairs. Many features are us only and will roll out gradually. The FBI has issued a warning about the comm, a decentralized cybercriminal group made up largely of minors targeting youth aged 11 through 25 through gaming platforms. The group engages in a wide range of cybercrimes, including ransomware attacks, SIM swapping, cryptocurrency theft, DDoS attacks, swatting and child exploitation Their motives range from financial gain to notoriety and ideology. Subgroups like Hackercom and IRLCOM have conducted high profile cyber attacks, sold hacking services and even engaged in real world violence like kidnapping, assault and extortion. One particularly disturbing offshoot called 764, targets minors to produce child sexual abuse material. The group recruits miners to evade harsh penalties and shares tools across subgroups. Internal disputes often escalate into cyber or physical attacks. The FBI highlights the comms growing sophistication and warns of its dangerous blend of online and offline criminal activity. Sonicwall is urging users of its SMA100 series appliances to patch a critical vulnerability that allows remote code execution via arbitrary file updates uploads if attackers have admin access. While there's no sign of active exploitation yet, Sonicwall warns that these devices are already being targeted using stolen credentials. Google researchers recently linked threat group UNC6148 to attacks deploying the overstep rootkit and possibly Abyss ransomware. Users should update immediately and check for signs of compromise. A new supply chain attack has compromised several popular NPM packages after attackers phished developers using a fake site, npngs.com that mimicked the official Node JS registry. NPM stands for Node Package Manager, the default package manager for the Node JS JavaScript runtime. Phishing emails lured victims into entering credentials, allowing attackers to steal NPM tokens and publish malicious package versions without GitHub changes, making detection harder. The malware, dubbed Scavenger deploys a stealthy DLL targeting chromium based browsers, stealing cache data, extension information and browser history. It also disables Chrome security alerts, security firm Socket and others. Note the phishing campaign used tokenized URLs to mimic legitimate login sessions. The attack likely harvested emails from packaged metadata and abused persistent NPM tokens. With millions of downloads at risk, this marks a serious escalation in open source ecosystem threats. Japanese police have released a free decryption tool for victims of the Phobos ransomware and its variant 8 base. Phobos, active since 2018 as a ransomware as a service, has extorted millions from organizations worldwide. Recent international law enforcement actions, including arrests in Thailand and the seizure of 27 servers, have crippled the group. Now, with a decryptor available via the no More Ransom project, past victims may recover their files without paying ransoms. Authorities haven't disclosed how the tool was developed, but credit recent intelligence operations. Coming up after the break, Joe Kerrigan discusses how scammers are exploiting misconfigured point of sale terminals and AI takes the wheel and drives right off a cliff. Stay with us. Bad actors don't break in, they log in. Attackers use stolen credentials in nearly nine out of 10 data breaches. Once inside, they're after one thing, your data. Varonis AI powered data security platform secures your data at scale across las SaaS and hybrid cloud environments. Join thousands of organizations who trust Varonis to keep their data safe. Get a free data risk assessment@veronis.com Krogel is AI built for the enterprise SOC, fully private schema, free and capable of running in sensitive air gapped environments. Krogle autonomously investigates thousands of alerts weekly, correlating insights across your tools without data leaving your perimeter. Designed for high availability across geographies, it delivers context aware auditable decisions aligned to your workflows. Krogel empowers analysts to act faster and focus on critical threats, replacing repetitive triage with intelligent automation to help your sock operate at scale with precision and control. Learn more@krogle.com that's C-R-O GL.com and it is always my pleasure to welcome back to the show Joe Kerrigan. He is my co host over on the Hacking Humans podcast along with Maria Vermazes. Joe, welcome back.
[13:25]
Joe Kerrigan
Hi Dave.
[13:26]
Dave Bittner
So interesting little scam story that you have to share with us here. This happens in some retail businesses, right?
[13:34]
Joe Kerrigan
This is coming out of CTV News, which is a Canadian company, Canadian news organization from our friends in the Great white North.
[13:42]
Dave Bittner
Dave. Okay.
[13:44]
Joe Kerrigan
Apparently there are. Well, let me just. We've all experienced this. You walk into some small business, right? Right. Like maybe my favorite example of this is the ice cream shop that I go to, ok. And anybody looks at me and goes, that guy likes ice cream.
[14:00]
Dave Bittner
Okay.
[14:00]
Joe Kerrigan
So I go in there and there's always this point of sale terminal that they have to accept credit cards. So there, there are these companies out there, like Square. I believe they're called Block now.
[14:11]
Dave Bittner
Okay.
[14:13]
Joe Kerrigan
That actually was started by Jack Dorsey from Twitter.
[14:16]
Dave Bittner
Oh yeah.
[14:16]
Joe Kerrigan
And then there are other companies like Clover and Toast that are named in the story. So what these systems are, they're essentially turnkey point of sale systems. You buy the system, you sign up for the service and now you can accept credit cards and they can do all your, they do a lot of bookkeeping, integration.
[14:36]
Dave Bittner
Right.
[14:36]
Joe Kerrigan
Really great for small businesses.
[14:38]
Dave Bittner
And instead of having a big cash register, you have this thing that looks like a little like an iPad. Like an iPad, yeah.
[14:45]
Joe Kerrigan
And then they turn it around, they say, would you like to leave a $25 or 25% tip.
[14:49]
Dave Bittner
Right.
[14:50]
Joe Kerrigan
And of course, you can make that ethical decision on your own. I will not fault you for anything. Anyway, what's happening here is that there is a security problem with them in that the users are not resetting the default passwords. The default passwords that will allow you to have access to do things like issue refunds.
[15:14]
Dave Bittner
So this is store owners.
[15:15]
Joe Kerrigan
Store owners.
[15:16]
Dave Bittner
Okay. Or not, are not changing the default password.
[15:19]
Joe Kerrigan
Correct.
[15:19]
Dave Bittner
Okay.
[15:20]
Joe Kerrigan
So, like, for example, there's one, One company in here, the Souvlaki Hut in Toronto. Somebody used the Point of Sale terminal to issue a $2,000 refund to themselves. Oh, that is a lot of souvlaki.
[15:37]
Dave Bittner
Yes, it is. He got my mouth watering. That is a lot of soup.
[15:43]
Joe Kerrigan
Security footage shows the guy picking the terminal up and trying to hide what he was doing then. Then processing a manual refund. The owner's son said they had no idea the terminal could do that without oversight.
[15:55]
Dave Bittner
Yeah.
[15:55]
Joe Kerrigan
Which is interesting.
[15:57]
Dave Bittner
You think there'd be like a second factor or a verification of a password.
[16:01]
Joe Kerrigan
There is, but it's a default.
[16:04]
Dave Bittner
There you go.
[16:05]
Joe Kerrigan
And that's what's happening. I see there was another company, a man pretending to buy a teapot, refunded himself $4,900. I mean, these are not small amounts of money that are getting applied. So this hearkens back to the old age, old problem and the problem that we. We've seen in Iot and critical infrastructure stuff of default passwords.
[16:34]
Dave Bittner
Yeah.
[16:34]
Joe Kerrigan
And when you get a piece of equipment, it doesn't matter if you're in business or at home, you have to be able to change that default password. And that has to be easy. You have to know how to do it. And what I'm saying, this is what I'm saying here is this should be part of your purchasing decision. Right. How do I change the default password? Should be a question you ask the sales guy, Right?
[16:59]
Dave Bittner
Yeah. If somebody's there getting you set up and that sort of thing, that should be top of your list of things to ask. Yeah.
[17:05]
Joe Kerrigan
So just make sure that you do that when it's time to install one of these systems and you can at least make this more difficult for people to do.
[17:14]
Dave Bittner
Right. This is one of the odd things about these terminals that because they're so small and self contained, it's not like a big cash register where there's a little tiny little sub device that handles the credit card taking or the swiping of whatever.
[17:31]
Joe Kerrigan
Yeah. It's the whole Device, the whole device.
[17:34]
Dave Bittner
They turn around. It's like inviting you behind the counter to use the cash reg yourself. Right, right.
[17:39]
Joe Kerrigan
That's what they're doing. They turn that thing around.
[17:41]
Dave Bittner
Yeah.
[17:41]
Joe Kerrigan
Maybe I'll try to. To encourage people not to do that to me and ask me for a tip by just saying, ooh, I'm going to issue myself a $2,000 refund here and see what happens. I'll probably wind up in jail.
[17:52]
Dave Bittner
That's why Joe was never invited back to the comic book shop. Right, right, right. So I guess the recommendations here are obvious.
[18:02]
Joe Kerrigan
Change the default password.
[18:04]
Dave Bittner
Right.
[18:04]
Joe Kerrigan
And this doesn't just go for your point of sale systems, it really goes for everything, you know, just change the default password.
[18:10]
Dave Bittner
Yeah. And if you're running one of these, just be vigilant.
[18:13]
Joe Kerrigan
Right? Be vigilant. And if you see somebody grab one of those things, it's, you know, it's perfectly okay to, I would say, snatch it out of their hands, depending on what you feel comfortable doing. Maybe pulling the network plug, stopping them from doing it.
[18:24]
Dave Bittner
Yeah, no, it's. It's an interesting little evolution in scamming. You know, the convenience of these little devices is undeniable. Right. But as always, someone's discovered a way to exploit it.
[18:36]
Joe Kerrigan
Yeah, I don't know if this is scamming or if this is more akin to just reaching around and putting your hand in the register. Yeah, you know, yeah, that's. I think I'd call it robbery.
[18:44]
Dave Bittner
Right, right. Interesting. All right, well, we will have a link to that story in the show notes. Again, Joe Kerrigan is my co host over on the Hacking Humans podcast, which, if you are not listening to, you should be. There you go, Joe. Thanks so much for joining us.
[18:59]
Joe Kerrigan
My pleasure, Dave.
[19:16]
Dave Bittner
Compliance, regulations, third party risk, and customer security demands are all growing and changing fast. Is your manual GRC program actually slowing you down? If you're thinking there has to be something more efficient than spreadsheets, screenshots, and all those manual processes, you're right. GRC can be so much easier, and it can strengthen your security posture while actually driving revenue for your business. You know, one of the things I really like about Vanta is how it takes the heavy lifting out of your GRC program. Their trust management platform automates those key compliance, internal and third party risk, and even customer trust so you're not buried under spreadsheets and endless manual tasks. Vanta really streamlines the way you gather and manage information across your entire business. And this isn't just theoretical. A recent IDC analysis found that compliance teams using Vanta are 129% more productive. That's a pretty impressive number. So what does it mean for you? It means you get back more time and energy to focus on what actually matters, like strengthening your security posture and scaling your business. Vanta GRC just imagine how much easier trust can be. Visit vanta.com cyber to sign up today for a free demo. That's V A N-T A.com cyber foreign Dave here. I've talked about Delete Me before and I'm still using it because it still works. It's been a few months now, and I'm just as impressed today as I was when I signed up. Delete Me keeps finding and removing my personal information from data broker sites, and they keep me updated with detailed reports so I know exactly what's been taken down. I'm genuinely relieved knowing my privacy isn't something I have to worry about every day. The Delete Me team handles everything. It's the set it and forget it peace of mind. And it's not just for individuals. Deleteme also offers solutions for businesses, helping companies protect their employees personal information and reduce exposure to social engineering and phishing threats. And right now, our listeners get a special deal 20% off your delete me plan. Just go to JoinDeleteMe.com N2K and use promo code N2K at checkout. That's JoinDeleteMe.com N2k code N2K and finally, welcome to the world of vibe coding, where developers let AI take the wheel and sometimes drive straight off a cliff. Just ask Jason Lemkin, a seasoned VC who learned the hard way when Replit's AI assistant turned his database into digital dust Nine days into his project, the AI cheerfully admitted it had deleted the entire database without permission, despite clear instructions not to touch a thing. The assistant, ever helpful in its remorse, offered a step by step recap titled how this Happened, which boiled down to it seeing empty queries, panicking, ignoring orders, and nuking everything. It even confirmed the loss wasn't limited to test data. This was live data from over 1200 companies. The AI soberly assessed the damage as catastrophic beyond measure, which feels about right. Replit's CEO has since issued refunds and promises of postmortems and recovery tools. As for the AI, perhaps it's now being gently encouraged to pursue less destructive hobbies like Sudok. And that's the Cyberwire. For links to all of today's stories, check out our daily briefing@thecyberwire.com. we'd love to hear from you. We're conducting our annual audience survey to learn more about our listeners. We're collecting your insights through August 31st. There's a link in the show Notes. Please do check it out. N2K's senior producer is Alice Carruth. Our Cyberwire producer is Liz Stokes. Were mixed by Trey Hester with original music by Elliot Peltzman. Our executive producer is Jennifer Ibin. Peter Kilpe is our publisher. And I'm Dave Buettner. Thanks for listening. We'll see you back here tomorrow. And now a word from our sponsor. ThreatLocker, the powerful zero trust enterprise solution that stops ransomware in its tracks. Allowlisting is a deny by default software that makes application control simple and fast. Ring Fencing is an application containment strategy ensuring apps can only access the files, registry keys, network resources and other applications they truly need to function. Shut out cybercriminals with world class endpoint protection from threat locker.