The end of warrantless searches? - CyberWire Daily

Summary8 min read

CyberWire Daily: The End of Warrantless Searches?
Hosted by N2K Networks
Release Date: January 24, 2025

Introduction

In the January 24, 2025 episode of CyberWire Daily, host Dave Bittner delivers a comprehensive briefing on pivotal cybersecurity developments. The episode delves into significant legal rulings, criminal prosecutions, industry investigations, technical vulnerabilities, international cybersecurity initiatives, and features an insightful conversation with Dr. Chris Pearson, founder and CEO of Blackcloak, regarding the evolving landscape of executive protection.

1. Federal Court Rules FBI’s Warrantless Searches Unconstitutional

A landmark decision has emerged as a federal court deems the FBI's warrantless searches under Section 702 of the Foreign Intelligence Surveillance Act (FISA) unconstitutional.

Key Points:

Ruling Details: Judge LaShawn D'Arcy Hall criticized the FBI for conducting searches without judicial oversight, especially highlighting cases where data was accessed for months without warrants. The decision emphasizes that even incidental collection during foreign surveillance necessitates a warrant unless urgent national security concerns are present.
Implications: While the ruling doesn't entirely prohibit warrantless searches, it underscores the necessity for stricter controls and judicial authorization.
Reactions: Digital rights organizations like the Electronic Frontier Foundation (EFF) and the American Civil Liberties Union (ACLU) have lauded the verdict. They are urging Congress to reform Section 702 before its expiration in April 2026, advocating for mandatory warrant requirements and enhanced transparency to prevent misuse.

Notable Quote:

"Americans' communications, even if incidentally collected during foreign surveillance, require a warrant to be searched unless there are urgent national security concerns."
— Judge LaShawn D'Arcy Hall [02:45]

2. DOJ Prosecutes Five in Fake IT Worker Scheme Linked to North Korea

The Department of Justice has charged five individuals involved in a sophisticated scheme where North Korean IT workers were utilized to funnel funds to the Pyongyang regime.

Key Points:

Scheme Mechanics: North Korean nationals Jin Seung Il and Park Jin Song, along with facilitators Eric Taquirens Prince Emmanuel Ashter (U.S. Citizen) and Mexican national Pedro Ernesto Alonso de los Reyes, amassed over $866,000 by securing employment with 64 U.S. companies from 2018 to 2024. They employed forged documents and remote access setups to mask the North Koreans' identities, circumventing sanctions.
Laundering Tactics: Funds were laundered through multiple accounts, including those in Chinese banks. The FBI's investigation uncovered a laptop farm that supported the operation.
Broader Impact: The indictment highlights North Korea's extensive use of IT professionals abroad to generate revenue illegally, prompting renewed U.S. government scrutiny and sanctions.

3. Texas Attorney General Expands Investigation into Automakers’ Data Sharing Practices

Texas Attorney General Ken Paxton has intensified his inquiry into major automakers, including Ford, Hyundai, Toyota, and Fiat Chrysler, regarding their consumer data collection and sales practices.

Key Points:

Scope of Investigation: Following a lawsuit against General Motors in August alleging deceptive data collection and third-party sharing, Paxton's office is demanding comprehensive records from automakers. This includes methodologies for data collection, sharing practices, the extent of consumer impact, and consent mechanisms.
Specific Focus: Toyota is under additional scrutiny for its data sharing with connected analytics services tied to its insurance programs.
Industry-Wide Concerns: Privacy experts indicate that the entire automotive sector is being examined for potential violations related to geolocation and driving data signal acquisition, amidst ongoing investigations.

4. CISA Uncovers Vulnerabilities in Aircraft Collision Avoidance Systems

The Cybersecurity and Infrastructure Security Agency (CISA) has identified two critical vulnerabilities within the Traffic Alert and Collision Avoidance System (TCAS), a safety mechanism designed to prevent aircraft collisions.

Key Points:

First Vulnerability: Allows attackers to spoof aircraft locations using software-defined radios, potentially misleading pilots and air traffic controllers.
Second Vulnerability: Enables manipulation of system configurations, which could disable collision resolution advisories, increasing the risk of mid-air collisions.
Mitigation Measures: Although the exploitation of these vulnerabilities outside laboratory environments is considered unlikely, CISA recommends immediate system upgrades to address and mitigate these risks.

5. Estonia to Host Europe’s New Space Cybersecurity Testing Ground

Estonia is set to become the hub for Europe’s latest initiative in space cybersecurity by hosting the new Space Cyber Range.

Key Points:

Program Leadership: A consortium led by SpaceIT will spearhead the development of the ESA Space Cyber Range, in collaboration with the Estonian Space Office.
Purpose and Features: The Space Cyber Range aims to enhance the security and accessibility of space technology for European companies. It provides a virtual environment, complemented by a physical site, enabling organizations to test, validate, and develop secure satellite technologies. Additionally, it facilitates cyber exercises and training.
Strategic Location: Estonia's existing role as the home of NATO’s Cyber Defense Center makes it an ideal location for establishing the Space Cyber Range at Foundation CR14, the nation’s premier Cyber Range facility.

Notable Quote:

“You can picture it as a sophisticated simulator where companies can create virtual copies of their satellites and systems to check for security weaknesses and practice responding to cyber attacks.”
— Maria Vermazes, Host of N2K’s T Minus Daily Space Podcast [07:19]

6. Hackers Exploit Hardware Breakpoints to Evade Endpoint Detection and Response (EDR)

Advancements in attack strategies have seen cybercriminals leveraging hardware breakpoints to bypass traditional EDR systems, posing new challenges for cybersecurity defenses.

Key Points:

Technique Overview: Attackers utilize CPU debug registers to monitor memory addresses for specific instructions. Unlike software breakpoints, hardware breakpoints operate at the CPU level, making them less detectable by standard EDR solutions.
Exploitation Methods: By manipulating functions like NT Continue, attackers can alter system processes such as the MC scanning buffer or NT trace event functions without triggering ETW (Event Tracing for Windows) logs, thus evading real-time malicious activity detection.
Countermeasures: Security teams are advised to monitor debug registers closely, enhance API tracking mechanisms, and implement machine learning for behavioral anomaly detection to address these evasion tactics.

Notable Quote:

“These advanced defenses address critical gaps in current EDR architectures.”
— Dr. Christopher Pearson [08:30]

7. Subaru’s Starlink Connected Vehicle Service Exposes Sensitive Data

A significant vulnerability was discovered in Subaru’s Starlink connected vehicle service, compromising sensitive customer and vehicle information across multiple countries.

Key Points:

Vulnerability Details: Security researchers Sam Curry and Subham Shah identified that Subaru’s admin portal, intended exclusively for employee use, allowed unauthorized password resets without confirmation tokens. This loophole facilitated bypassing two-factor authentication, granting attackers administrative access.
Data Compromised: The breach exposed a wealth of information, including location history, Vehicle Identification Numbers (VINs), customer names, ZIP codes, and billing details.
Operational Risk: More alarmingly, the admin panel permitted attackers to add themselves as authorized users, enabling remote control over vehicle functions such as starting, stopping, locking, and unlocking without owner notification.
Resolution: Upon discovering the flaw on November 20, Subaru rectified the issue within 24 hours, mitigating potential ongoing risks.

8. Progress in Combating Criminal Cyber Scam Camps in Asia

Law enforcement agencies from Cambodia, Laos, Myanmar, Thailand, Vietnam, and China have reported advancements in dismantling criminal cyber scam operations within the region.

Key Points:

Operational Tactics: These scam camps recruit individuals through fraudulent job offers, subsequently indebting them, confiscating passports, and coercing them into executing scams under threat of violence. Victims often endure severe conditions, with some losing their lives in escape attempts.
Scale of Operations: China is implicated as a significant orchestrator, with estimates suggesting around 100,000 of its citizens are enslaved in these operations.
Law Enforcement Successes: In 2024, the joint operation led to 70,000 arrests, the liberation of 160 individuals, and disruptions in weapons smuggling linked to these camps.
Challenges Ahead: Despite pledges of increased cooperation and intelligence sharing, critics note that many scam camps continue to operate, indicating the need for sustained and enhanced efforts.

9. In-Depth Conversation with Dr. Chris Pearson on Executive Protection

A significant portion of the episode features an engaging discussion with Maria Vermazen, CEO of Blackcloak, moderated by Dave Bittner. The conversation centers on the heightened need for robust executive protection in the wake of high-profile security incidents, such as the assassination of a United Healthcare CEO.

Key Insights:

Evolving Risks: The tragic event underscored the necessity for comprehensive protection strategies that extend beyond traditional measures. Executives now require safeguarding of their digital footprints, including personal data and familial information, to mitigate threats.
Comprehensive Protection Measures: Measures discussed include:
- Mitigating Digital Breadcrumbs: Reducing the availability of personal information that could be exploited by malicious actors.
- Executive Threat Assessments: Conducting detailed risk profiles that consider both professional and personal life vulnerabilities.
- Integration of Personal and Corporate Security: Ensuring that personal security measures for executives are aligned with corporate cybersecurity strategies.
Budget and Implementation: Despite being considered a sunk cost by some, investing in executive protection is portrayed as financially prudent compared to the potential costs associated with security breaches, including legal fees and reputational damage.
Common Blind Spots: Vermazen highlighted areas often overlooked, such as:
- Home Network Vulnerabilities: Even well-secured home networks can harbor weaknesses that compromise executive security.
- Family Involvement: The security practices of family members, especially children, can inadvertently introduce risks.

Notable Quotes:

"I knew a lot of these risks... have dramatically changed."
— Dr. Chris Pearson [15:51]

"The home is the new battleground."
— Maria Vermazen [17:30]

"The costs of digital executive protection... will be dwarfed by the legal costs, remediation costs, incident response costs."
— Maria Vermazen [21:06]

Conclusion

The episode of CyberWire Daily effectively navigates through a series of critical cybersecurity issues, providing listeners with in-depth analysis and expert perspectives. From significant legal rulings impacting federal surveillance practices to the technical intricacies of cyber threats and the imperative of executive protection, the program underscores the dynamic and multifaceted nature of the cybersecurity landscape in 2025.

For more in-depth discussions and research, visit CyberWire Daily's daily briefing and explore additional resources in the show notes.

Loading summary

Transcript32 lines

[00:02]
Dave Bittner
You're listening to the Cyberwire network, powered by N2K.
[00:13]
Dr. Christopher Pearson
Hey everybody, Dave here. Have you ever wondered where your personal information is lurking online? Like many of you, I was concerned about my data being sold by data brokers, so I decided to try Deleteme. I have to say, Deleteme is a game changer. Within days of signing up, they started removing my personal information from hundreds of data brokers. I finally have peace of mind knowing my data Privacy is protected. DeleteMe's team does all the work for you with detailed reports so you know exactly what's been done. Take control of your data and keep your private life private by signing up for Deleteme now at a special discount for our listeners today. Get 20% off your delete me plan when you go to JoinDeleteMe.com N2K and use promo code N2K at checkout. The only way to get 20% off is to go to JoinDeleteMe.com n2k and enter code N2K at checkout. That's JoinDeleteMe.com N2k code N2K A federal court finds the FBI's warrantless section seven hundred and two searches unconstitutional. The DOJ charges five in a fake IT worker scheme. The Texas Attorney General expands his investigation into automakers data sharing CISA highlights vulnerabilities in the aircraft collision avoidance system. Estonia will host Europe's new space cybersecurity testing ground. Hackers use hardware breakpoints to evade EDR detection. Subaru's Starlink connected vehicle service exposed sensitive customer and vehicle data. Asian nations claim progress against criminal cyber scam camps. Our guest today is Dr. Chris Pearson, founder and CEO of Blackcloak, with his outlook on 2025 and sticking AI crawlers in the tar P foreign it's Friday, January 24, 2025. I'm Dave Bittner and this is your Cyberwire Intel Briefing. Happy Friday and thanks for joining us here today. It is great as always to have you with us. A federal court has ruled the FBI's warrantless searches of communications under Section 702 of the Foreign Intelligence Surveillance act unconstitutional, citing violations of the Fourth Amendment. Judge LaShawn D'Arcy hall stated that Americans communications, even if incidentally collected during foreign surveillance, require a warrant to be searched unless there are urgent national security concerns. She criticized the FBI's practice of querying such data without judicial oversight, noting that in some cases the agency searched for months without seeking a warrant. The ruling stops short of banning all warrantless searches, but emphasizes the need for tighter controls. Digital rights groups like the EFF and ACLU have hailed the decision, urging Congress to reform Section 702 before it expires in April 2026. They advocate for a mandatory warrant requirement and increase transparency to prevent abuses. The ACLU called Section 702 one of the most abused provisions of FISA, citing widespread privacy violations. The U.S. department of justice charged five individuals for participating in a scheme involving North Korean IT workers funneling funds to the Pyongyang regime. North Korean nationals Jin Seung Il and Park Jin Song, along with facilitators Eric Taquirens Prince Emmanuel Ashter, both US Citizens and Mexican national Pedro Ernesto Alonso de los Reyes, allegedly generated over $866,000 by obtaining work from 64 US companies between 2018 and 2024. Using forged documents and remote access setups, they concealed the North Koreans identities, bypassing sanctions and deceiving employers. Funds were laundered through various accounts, including a Chinese bank. Aster, Takiris and Alonso have been arrested with an FBI search revealing a laptop farm aiding the scheme. The indictment highlights North Korea's widespread use of IT workers abroad to to generate revenue through fake identities, prompting renewed scrutiny and recent sanctions by the US Government. The Texas attorney general is investigating Ford, Hyundai, Toyota and Fiat Chrysler over their collection and sale of consumer data, Expanding scrutiny on automakers data practices this follows a lawsuit against General Motors in August for allegedly misleading consumers about data collection and sharing it with third parties. Texas AG Ken Paxton's office has demanded detailed records from the automakers, including how they collect, share and sell data, the number of customers affected and consent procedures. Toyota's inquiry also targets its data sharing practices with connected analytics services linked to its insurance programs. Paxton's broader efforts include a January lawsuit against all state for for collecting and selling location data from millions of Americans, implicating several automakers. Privacy experts say the entire auto industry is under scrutiny for practices related to geolocation and driving data signaling, ongoing investigations into potential violations. CISA disclosed two vulnerabilities in the Traffic Alert and Collision avoidance system, two used to prevent aircraft collisions. The first flaw allows attackers to spoof aircraft locations using software defined radios, while the second enables manipulation of system configurations, potentially disabling collision resolution advisories. While exploitation is deemed unlikely outside labs, CISA recommends upgrading to mitigate risks. Estonia is set to host Europe's new Space cybersecurity testing ground. For details, we turn to Maria vermazes, host of N2K's T minus daily space podcast.
[07:19]
Dave Bittner
The European Space Agency and the Estonian Space Office have set out to develop Europe's newest Space Cyber Range, and the range will aim to make space technology more secure and accessible for companies across Europe. The program will be provided by a consortium led by SpaceIT to begin development. The ESA Space Cyber Range will offer a safe and cost effective way for companies to test, validate and develop secure satellite technologies and solutions, and perform cyber exercises and training. The Space Cyber Range will be a virtual environment that can be supported with a physical site to promote collaboration and provide necessary data centers, servers and equipment, ESA says. You can picture it as a sophisticated simulator where companies can create virtual copies of their satellites and systems to check for security weaknesses and practice responding to cyber attacks. All before launching real hardware into orbit, of course. So why Estonia? Well, it is already home to NATO's Cyber Defense center, and the new Space Cyber Range will be established at Foundation CR14, which is Estonia's national Cyber Range facility.
[08:31]
Dr. Christopher Pearson
Be sure to check out T minus wherever you get your favorite podcasts Modern endpoint detection and response solutions depend on event tracing for Windows to log system activities like memory allocation, thread manipulation, and hardware breakpoints. These logs help detect malicious activities in real time. However, according to research from Praetorian, attackers are increasingly exploiting ETW's reliance on event triggers to evade detection. A common evasion method evolves hardware breakpoints, which use CPU debug registers to monitor memory addresses for instructions. Unlike software breakpoints, hardware breakpoints operate at the CPU level and are harder to detect. Attackers exploit functions like NT continue to modify debug registers without generating ETW logs. This technique avoids detection by EDR systems, enabling covert manipulations like altering MC scanning buffer or NT trace event functions. To counter this, security teams can monitor debug registers, enhance API tracking, and leverage machine learning for behavioral anomaly detection. These advanced defenses address critical gaps in current EDR architectures. Security researcher Sam Curry discovered a vulnerability in Subaru's starlink connected vehicle service that exposed sensitive customer and vehicle data across the U.S. canada, and Japan. Along with researcher Subham Shah, Curry found that Subaru's admin portal, meant only for employees, allowed attackers to reset passwords for employee accounts without needing confirmation tokens. By bypassing two factor authentication, they gained admin access. This access exposed vehicle and customer data, including location history, VIN numbers, names, zip codes, and billing information. Alarmingly, the admin panel allowed attackers to add themselves as authorized users of vehicles, enabling them to remotely start, stop, lock, unlock, and effectively take control of vehicles without notifying the owners. Curry reported the flaw to Subaru on November 20 and the issue was fixed within 24 hours. The Lancang Mekong law enforcement operation, formed by Cambodia, Laos, Myanmar, Thailand, Vietnam and China, say they've made progress in combating criminal cyber scam camps in the region. These camps lure workers with fake job offers, then trap them in debt, confiscate passports, and force them into scams under threats of violence. Victims often work under brutal conditions, with some dying during escape attempts. The camps, often located in poorly policed border areas, target global victims through tech support, scams or fraudulent investment schemes. China, with 100,000 of its citizens reportedly enslaved, has been a driving force behind the organization's efforts. In 2024, the law enforcement operation reported 70,000 arrests, freeing 160 people and disrupting weapons smuggling linked to the camps. While the group pledges deeper cooperation and intelligence sharing, critics note these promises have been made before, yet many camps remain operational. Coming up after the break, my conversation with Dr. Chris Pierce Pearson, founder and CEO of Blackcloak, with his outlook for 2025 and sticking AI crawlers in the tar pit. Stay with us.
[12:37]
Dave Bittner
This episode is brought to you by Shopify. Forget the frustration of picking commerce platforms when you switch your business to Shopify, the global commerce platform that supercharges your selling. Wherever you sell with Shopify, you'll harness the same intuitive features, trusted apps, and powerful analytics used by the world's leading brands. Sign up today for your $1 per month trial period at shopify.com tech. All lowercase, that's shopify.com tech.
[13:10]
Dr. Christopher Pearson
Do you know the status of your compliance controls right now? Like right now, we know that real time visibility is critical for security, but when it comes to our GRC programs, we rely on point in time checks. But get this, more than 8,000 companies like Atlassian and Quora have continuous visibility into their controls with Vanta. Here's the gist. Vanta brings automation to evidence collection across 30 frameworks like SoC2 and ISO 27001. They also centralize key workflows like policies, access reviews and reporting, and helps you get security questionnaires done five times faster with AI. Now that's a new way to GRC. Get $1,000 off Vanta when you go to vanta.com cyber that's vanta.com cyber for $1,000 off.
[14:10]
Dave Bittner
Foreign.
[14:17]
Dr. Christopher Pearson
Cyber threats are evolving every second, and staying ahead is more than just a challenge, it's a necessity. That's why we're thrilled to partner with Threat Locker, the cybersecurity solution trusted by businesses worldwide. Threat Locker is a Full suite of solutions designed to give you total control, stopping unauthorized applications, securing sensitive data, and ensuring your organization runs smoothly and securely. Visit threatlocker.com today to see how a default deny approach can keep your company safe and compliant. It is always my pleasure to welcome to the show Dr. Christopher Pearson. He is the CEO and founder of Black Cloak. Chris, welcome back.
[15:11]
Maria Vermazen
Hey, it's great to be here, Dave.
[15:13]
Dr. Christopher Pearson
I know, you know, a lot of us have responded and seen the terrible news of the killing of the United Healthcare CEO, and I wanted to check in with you on that because obviously you and your colleagues at Black Cloak are in the middle of protecting executives. I wanted to get your insights. Like, after that event happened, what were the phone calls you were getting? Was there a mandate coming to you from CEOs and boards saying, find us better protection for ourselves? Yeah.
[15:52]
Maria Vermazen
So, I mean, unfortunately, massively tragic events, but I mean, what this has really shown is that, you know, the risks have changed. What people wanted to talk about, both chief information security officers and chief security officers, after that point in time, what they really wanted to focus on is how can we go ahead and mitigate some of the risks to our executives, board members, and their families? How can we mitigate the digital breadcrumbs that are out there that lead folks to where they might be in terms of their location, in terms of their presence, in terms of their residences, even in terms of their personal private email addresses and phone numbers? And what types of steps can we security professionals on the inside of the company do to kind of reduce this inherent risk to an acceptable level of risk? And it went beyond, you know, your traditional physical security review of the home alarms, professional drivers into an area which is, hey, what types of threat intelligence is out there? How can we go ahead and assess the privacy better? How can we go ahead and help reduce that attack surface? So it really has become something that huge amount of incoming from boards of directors, from executives, and from both CISOs and CSOs, and, you know, obviously happy to field the call, but, you know, it does seem like a lot of those risks and the risk appetite in this area has dramatically changed.
[17:23]
Dr. Christopher Pearson
Have things settled down from the initial, Is it fair to say, emotional response to this?
[17:31]
Maria Vermazen
Not so much. Not so much at all. I think that this is one of those things that our kind of take on things has always been that the home is the next battleground, the home is the new battleground. And so what this has done is just like Covid, opened up people's eyes to the fact that the home Network is an actual attack vector for cybercriminals in nation states into corporate devices that are being used at home and then into the network. This has also opened up people's eyes to the fact that the personal lives of the executives and their family members is something that needs to be safeguarded. You're not safeguarding Jennifer the CEO or Bob the CFO or Larry, who's the cto. You're not, you know, safeguarding them per se. You're safeguarding the role and the position that they have. And that's what the boards care about. That's what the executives and the protection teams care about. I think eventually what's going to happen is that's what the SEC is going to care about. Are you taking care of those things? And so I think this is going to usher in a new era of executive protection for those persons.
[18:40]
Dr. Christopher Pearson
So perhaps these things become table stakes.
[18:43]
Maria Vermazen
Absolutely. I think that this is just gonna become number one. It's gonna become a corporate mandate. First of all, boards of directors, corporations, the enterprise risk management committees, these are all gonna be asking questions about what are we doing? What are we doing to protect our executives? What are we doing to protect those people that are kind of on the About Us, the leadership page of our website. But also I have a feeling that what we're gonna do is just like public reporting documents. How are you compensating folks? What are you doing that are the key level officers of the company? It's going to be a how are you protecting not just the company from a cybersecurity or personal protection perspective, but how are you actually going ahead and mitigating those risks and protecting them? That fall 24 7, how do you.
[19:28]
Dr. Christopher Pearson
Counsel people on when they've crossed that threshold? I'm thinking specifically of physical security here. At what point do I need someone to come with me to my kid's baseball game?
[19:44]
Maria Vermazen
I mean, a lot of it can be gleaned from an executive threat assessment. So literally a risk profile on that individual and their family. It also can and should include the kids. And that's really a conversation that needs to be had between the security folks, that security professionals that are on the inside of the company and that executive. But there's some things that are just going to be table stakes and mandated as a result of you being the CEO cfo, we will have a driver for you. You will have an armed driver in other countries. We will have kidnap and ransom. You will have the Mayo Clinic executive physicals.
[20:20]
Dr. Christopher Pearson
Right.
[20:20]
Maria Vermazen
Once a year type of thing. And that's really where digital executive protection is headed. You will have personal protection, cyber protection for you and your family as a result of your role. And that really is something that I think is going to be baked in more and more. But that executive threat assessment is a great first step and it's a great first step at awareness. And also the key to this is you want a willing participant, you want the executive to understand and to participate in their protection because you're going to have greater success.
[20:54]
Dr. Christopher Pearson
This is a sunk cost for most companies. You don't, you know, you don't make money off of your executive protection. What's the budgeting component here? How do you dial it in to make it make sense?
[21:06]
Maria Vermazen
Well, I mean, in some cases, I think, you know, it was reported in prior years. It's like Facebook spends $17 million a year on Mark Zuckerberg's personal privacy detail for him and his family and all the rest, because they're just big, big targets. The fact of the matter is, is that the costs of digital executive protection for those persons is going to be dwarfed by the legal costs, remediation costs, incident response costs, investor relation costs, filing costs for SEC stuff. So it's the harm there and the amount of money being spent there. On the latter end, it just absolutely, absolutely towers over the costs of getting in protection to mitigate. Right. Nothing's going to be 100% but to mitigate those risks on the front end.
[21:51]
Dr. Christopher Pearson
Are there common blind spots that folks have when you meet with people to talk about this sort of thing? What are the things that come up where they'll say, I never thought of that?
[22:02]
Maria Vermazen
Yeah, that's a great, great question. The first thing I would say is the extent to which their home network and home devices play in a lot of cases, the things that actually gave them better security. So, hey, we have cameras all around the house that are professionally installed or you have a professionally installed managed firewall system. You know, a lot of those things that were for good security purposes have actually introduced more holes and vulnerabilities into their systems. So that's always an interesting takeaway. The second is going to be the role that the other persons in the home, especially the kids, play in this. We actually just had one CEO have their teenage son poke a hole in through their corporate firewall that was at home and literally open up a port so they could have and host a gaming server at the home. Which of course, I know we both are chuckling Dave.
[22:55]
Dr. Christopher Pearson
No, well, I mean, to make this about me, when my Wife and I were bringing up our two boys. We agreed that we may be able to outsmart our kids, but there's no way we're gonna outsmart our kids and all of our kids friends, right?
[23:11]
Maria Vermazen
Well that's right, but I mean it's one of those stories where the home security was great but spared no expense. And then you have the, well the K are at least home, they're gaming. So this is a positive attribute. They're not down by the river doing something else. But all of a sudden you have a hole in the firewall that the corporate laptop comes into each night and then third, the exposure of the personal accounts. So the personal Gmail, Yahoo, whatever it is that they're using, they do a great job at work.
[23:41]
Dr. Christopher Pearson
Yep.
[23:41]
Maria Vermazen
I've got dual factor authentication, I've got the yubikey, I've got the authenticator. But then they say I got nothing interesting on my Gmail. Well, you got all your personal financial communications, banking communications, legal communications, where you're actually traveling because a lot of those airline reservations come back to that centralized email. It exposes a lot of information. So it's always interesting when we're, when the team is meeting with people after the fact of being onboarded in terms of what we're able to find the exposures and then obviously needs a solution for.
[24:13]
Dr. Christopher Pearson
I suppose there's a certain amount of letting go that they have to do when it comes to trade offs with privacy. Right. Like if you've got a team of people keeping an eye on your stuff, that's a trusted relationship.
[24:28]
Maria Vermazen
You gotta, it starts all with a trusted relationship always. The nice thing is, you know, speaking for us and our platform is that since it's built from the ground up, it's built with privacy in mind. And Dave, as you know, I mean, you know, former chief privacy officer, you gotta instill that in the company and the people, the value the product, all the rest and build it with privacy, you know, in there by design. I think overall what we've seen on the corporate side is corporate executives, board members have had trusted relationships with their professional drivers, the private jets, with the folks that are in charge of kidnapping, ransom or medical and all the rest and even financial. I mean sometimes corporations have financial and tax experts that are hired by the company to help and assist those executives so they don't have to worry as much about that personal side of things. And so what we've seen is those relationships grow over time. I think it's a trend that's going to continue especially as Those are value enhancing for the executive, but also provide real value and real mitigation into the company.
[25:38]
Dr. Christopher Pearson
Dr. Christopher Pearson is CEO and Founder of Black Cloak. Chris, thanks so much for joining us.
[25:43]
Maria Vermazen
Hey, thank you.
[25:58]
Dr. Christopher Pearson
And now a message from Blackcloak. Did you know the easiest way for cybercriminals to bypass your company's defenses is by targeting your executives and their families at home? Blackcloak's award winning digital executive protection platform secures their personal devices, home networks and connected lives. Because when executives are compromised at home, your company is at risk. In fact, over one third of new members discover they've already been breached. Protect your executives and their families 247365 with Blackcloak. Learn more at Blackcloak IO. This episode is brought to you by Indeed. When your computer breaks, you don't wait for it to magically start working again. You fix the problem. So why wait to hire the people your company desperately needs? Use Indeed Sponsored jobs to hire top talent fast. And even better, you only pay for results. There's no need to wait. Speed up your hiring with a $75 sponsored job credit@ Indeed.com podcast. Terms and conditions apply. And finally, a coder with a flair for mischief and a knack for naming has unleashed Nepenthes, an open source tar pit designed to trap AI training web crawlers in an infinite loop of randomly generated self referential web pages. Named after carnivorous pitcher plants, Nepenthes doesn't just catch flies, it strands crawlers in an endless maze, wasting their time and computing power like a bad episode of Westworld. Imagine a minotaur in a labyrinth that keeps rebuilding itself, creator Aaron B explained. Web crawlers which naively follow links get stuck in Nepenthes loop, downloading link after link that leads back to more links. It's hilariously Sisyphean. Aaron describes Nepenthes as part defensive mechanism, part performance art fueled by frustration over AI companies scraping the Internet for profit. Deployed defensively or offensively, it's already been hit millions of times. Who knew the secret to fighting AI overlords was less terminator, more carnivorous plant? And that's the cyberwire. For links to all of today's stories, check out our daily briefing@thecyberwire.com be sure to check out this weekend's Research Saturday and my conversation with Ismail Valenzuela and Jacob fares, both from BlackBerry. We're discussing their work. LightSpy APT41 deploys advanced deep Data Framework in Targeted Southern Asia Espionage Campaign that's Research Saturday. Check it out. We'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like our show, please share a rating and review in your favorite podcast app. Please also fill out the survey in the show notes or send an email to cyberwire2k.com this episode was produced by Liz Stokes. Our mixer is Trey Hester with original music and sound design by Elliot Peltzman. Our executive producer is Jennifer Ibin. Our executive editor is Brandon Karp. Simone Petrella is our president, Peter Kilpe is our publisher and I, Dave Buettner. Thanks for listening. We'll see you back here. Next Foreign business needs AI solutions that are not only ambitious, but also practical and adaptable. That's where Domo's AI and data products platform comes in. With Domo, you can channel AI and data into innovative uses that deliver measurable impact. Secure AI agents connect. Prepare and automate your data workflows, helping you gain insights, receive alerts and act with ease through guided apps tailored to your role. Data is hard. Domo is easy. Learn more@AI.domo.com that's AI.domo.com.