When spies get spied on. - CyberWire Daily

Summary7 min read

CyberWire Daily Summary: "When Spies Get Spied On"
Release Date: August 13, 2025
Host: Dave Bittner, N2K Networks

Episode Overview

In the August 13, 2025 episode of CyberWire Daily, host Dave Bittner delves into the latest cybersecurity developments, ranging from critical vulnerability patches to sophisticated ransomware operations targeting global infrastructure. The episode features an in-depth interview with Jack Jones, the pioneer behind the Factor Analysis of Information Risk (FAIR) model, exploring advancements in cyber risk quantification. Additionally, the episode sheds light on the challenges consumers face under California law when attempting to remove their data from brokers.

Patch Tuesday: A Comprehensive Security Update

Timestamp: [00:02]

The episode kicks off with a detailed analysis of August 2025's Patch Tuesday, highlighting a surge in security updates across major technology platforms:

Microsoft patched over 100 vulnerabilities across Windows, Office, and Hyper-V, addressing 12 critical issues, including a high-severity GDI remote code execution flaw with a CVSS score of 9.8. "Although none appear actively exploited, the severity warrants immediate attention," notes Bittner.
Intel, AMD, and Nvidia issued multiple advisories:
- Intel addressed high-severity flaws in Xeon drivers and firmware, mitigating potential privilege escalations and denial-of-service attacks.
- AMD resolved issues related to stacking engine attacks and an EDK2 SMM code execution vulnerability.
- Nvidia fixed high-severity bugs in its Nemo, Isaac, and Apex tools, preventing remote code executions and data tampering in industrial systems.
Adobe released updates for over 60 vulnerabilities across 13 products, including Photoshop and InDesign, primarily fixing critical code execution flaws not yet exploited in the wild.
Fortinet and Avanti also rolled out critical patches addressing remote code executions and authentication bypasses in their respective platforms.
The Matrix Foundation patched two high-severity vulnerabilities in its open-source federated communications protocol, enhancing security for sensitive governmental and enterprise communications.

Curly Comrades: Russian-Aligned APT Targets Critical Infrastructure

Timestamp: [07:45]

Bitdefender Labs unveiled insights into Curly Comrades, a Russian-aligned Advanced Persistent Threat (APT) group active since mid-2024. This group has been targeting critical infrastructure in Georgia and Moldova, infiltrating judicial, governmental, and energy sectors to steal credentials and exfiltrate sensitive data.

Key findings include:

Utilization of the custom Mukur agent Backdoor, which bypasses AMSI to execute encrypted PowerShell scripts.
Techniques such as command hijacking of disabled engine tasks for system re-entry.
Blending legitimate utilities with custom malware using proxy relays and compromised websites for covert command and control (C2) operations.

“The stealthy, redundant infrastructure underscores both the resilience and geopolitical intent of Curly Comrades,” explains Bittner.

Recommendations:

Deployment of Extended Detection and Response (XDR) solutions.
Implementation of LOL bin monitoring and managed detection services.

Microsoft Advises Ignoring Certificate Services Client Errors

Timestamp: [09:30]

Microsoft has issued a caution to Windows 11 users regarding new certificate services client errors appearing post-July 2025 updates. Despite logs showing Error ID 57 related to a failed Microsoft Pluton cryptographic provider load, Microsoft assures users that these errors are harmless and linked to an unfinished feature. "These events do not affect system performance or security," Microsoft states, advising users to disregard the alerts.

NJRAT Malware in Fake Minecraft Clone Exposed

Timestamp: [10:58]

Point Wild's LAT61 threat intelligence team has detected a malware campaign embedding the NJRAT Remote Access Trojan (RAT) within a counterfeit Minecraft clone, specifically the Eaglecraft 1.12 offline version popular in educational and restricted environments. The RAT silently steals passwords, keystrokes, personal data, and can activate webcams and microphones.

Key Indicators:

Installation of WindowsServices.exe for persistence.
Connection to remote servers in India via Amazon's cloud infrastructure.
Evasion techniques to disable security tools like Wireshark.

Expert Advice: “Players should only download Minecraft from official sources and avoid unofficial mods or installers to prevent spyware infections and data theft,” warns Bittner.

Royal Enfield Ransomware Attack Disrupts Operations

Timestamp: [12:52]

Motorcycle manufacturer Royal Enfield has been hit by a ransomware attack, with hackers claiming to have encrypted all servers and wiped backups. This attack led to the suspension of online ordering and certain workshop services. The Chennai-based company confirmed the cybersecurity incident and initiated an internal investigation without disclosing specific details about the compromised data.

Implications:

Potential regulatory fines.
Reputational damage and loss of trust among dealers, suppliers, and customers.

DOJ's Operation Against Black Suit Ransomware Gang

Timestamp: [14:06]

The U.S. Department of Justice (DOJ) announced a significant operation against the Black Suit Ransomware Group, formerly known as Royal. This multinational effort, dubbed Operation Checkmate, involved agencies from the US, UK’s NCA, Europe, and Canada. The operation resulted in the seizure of four servers, nine domains, and $1.1 million in cryptocurrency stolen from victims who paid a $1.4 million ransom in April 2023.

Key Points:

Black Suit, active since 2022 and linked to Conti, has demanded over $500 million from victims across manufacturing, government, healthcare, and commercial sectors.
The operation emphasizes a disruption-first strategy to protect critical infrastructure and US businesses from ransomware threats.

Interview: Jack Jones on Cyber Risk Quantification and FAIR Model

Timestamp: [15:19] - [23:51]

Guest: Jack Jones, Father of the Factor Analysis of Information Risk (FAIR) model and creator of the Fair Controls Analytics Model

Discussion Highlights:

Origin of FAIR:
- Jack Jones recounts his early experiences as a Chief Information Security Officer (CISO) at Nationwide Insurance in 2000.
- Faced with the challenge of communicating risk to executives, Jones developed FAIR to quantitatively measure and present cyber risk, transforming abstract risk discussions into actionable insights.
- “I put together my strategy and went on my dog and pony show… and he said… ‘how much less risk will we have?’” (Transcript [12:52])
Adoption and Evolution:
- FAIR has been adopted as an open standard by The Open Group, with professional certifications available.
- Taught in over two dozen universities and supported by the FAIR Institute, which boasts 17,000 global members.
- “FAIR has been around for over 20 years now, and it has stood the test of time,” Jones emphasizes. (Transcript [18:00])
How FAIR Works:
- Begins by defining risk as a clearly scoped loss event scenario (e.g., operational outage due to ransomware).
- Utilizes data from internal and external experts, employing methodologies like Monte Carlo simulations and Bayesian analysis to account for uncertainty.
- Facilitates informed decision-making by presenting loss exposure and recommending cost-effective mitigation strategies.
- “Fair is still going to be perfectly capable of analyzing those… the model itself has really proven to be very resilient,” Jones states. (Transcript [15:27], [18:00])
Comparative Analysis:
- Jones acknowledges the existence of other risk models but asserts that many proprietary models resemble FAIR in structure and function.
- “Not everybody's happy with, with the notion of quantifying risk. And, to date, it has stood the test of time,” he notes. (Transcript [19:49], [21:29])
Recommendations for Adoption:
- Do your homework: Utilize resources from the FAIR Institute and The Open Group.
- Engage with the community: Reach out to experts and participate in local FAIR chapters.
- “Don’t hesitate to reach out, including reaching out to me through LinkedIn,” Jones advises. (Transcript [21:42])
Reflections on FAIR’s Success:
- Jones expresses pride in FAIR's enduring impact, attributing its success to community support and collaborative growth.
- “I’m incredibly grateful… it would not be nearly what it was or what it's turned out to be,” he reflects. (Transcript [23:51])

California Law vs. Data Brokers: The Opt-Out Maze

Timestamp: [24:00]

The episode concludes by examining the practical challenges consumers face when exercising their right to delete personal information from data brokers under California law. A review by The Markup and CalMatters revealed that out of 499 registered brokers, only 35 had accessible opt-out pages. Many brokers deliberately hid these pages from search engines using obfuscated code, rendering them virtually inaccessible.

Findings:

Hidden Opt-Out Pages: Some brokers concealed opt-out links in tiny fonts or behind multiple scrolling layers, making them as elusive as "Atlantis."
Company Responses: While some brokers removed the obscuring code after media attention, others defended their practices citing spam prevention.

“It’s all legal, of course, just not particularly findable. Which one suspects is probably the case,” Bittner concludes.

Closing Notes

Survey Announcement: CyberWire is conducting an audience survey until the end of the month. Participants can find the link in the show notes.
Production Credits:
- Senior Producer: Alice Carruth
- CyberWire Producer: Liz Stokes
- Mixing: Trey Hester
- Original Music: Elliot Heltzman
- Executive Producer: Jennifer Ibin
- Publisher: Peter Kilpe

“Thanks for listening. We'll see you back here tomorrow,” concludes Dave Bittner.

For more detailed information and links to today's stories, visit CyberWire Daily Briefing.

Loading summary

Transcript19 lines

[00:02]
Dave Bittner
You're listening to the Cyberwire Network powered by N2K. We got your patch Tuesday. Notes the Matrix foundation patches high severity vulnerabilities in its open source communications protocol. The Curly Comrades Russian aligned APT targets critical infrastructure Microsoft tells users to ignore new certificate services client errors Researchers uncover a malware campaign hiding the NJ RAT remote access Trojan in a fake Minecraft clone. Motorcycle manufacturer Royal Enfield suffers a ransomware attack. The DOJ details a major operation against the Black Suit ransomware gang. Our guest is Jack Jones, father of Factor Analysis of Information Risk and the Fair Controls Analytics Model model sharing insights on cyber risk quantification and data brokers digital hide and seek It's Wednesday, August 13, 2025. I'm Dave Bittner and this is your Cyberwire Intel Brief Foreign thanks for joining us here today. It's great as always to have you with us. August 2025's Patch Tuesday brought a major wave of security updates across the tech stack. Microsoft patched over 100 vulnerabilities spanning Windows Office Hyper V and flagged a publicly disclosed privilege escalation bug. 12 are rated critical, with the most severe being a GDI remote code execution issue with a CVSS of 9.8, though none appear actively exploited and overall exploitation is judged unlikely. Intel, AMD and Nvidia release dozens of advisories. Intel patched high severity flaws affecting Xeon drivers, firmware and networking, many enabling privilege escalation, denial of service or information disclosure. AMD fixed issues tied to research on stacking engine attacks and an EDK2 SMM code execution bug. Nvidia resolved several high severity flaws in its Nemo, Isaac, Groot, Apex and Deep learning tools that could lead to remote code execution or data tampering in the industrial and control system. Space vendors including Schneider Electric, Honeywell, abb, Phoenix, Contact and Aviva fixed code execution, privilege escalation and denial of service vulnerabilities across SCADA controllers, analytics and management tools. Several were high severity. Adobe issued Updates for over 60 vulnerabilities across 13 products, including Commerce, Photoshop, InDesign, FrameMaker, and Substance 3D tools. Many were critical code execution flaws, though none are known to be exploited in the wild. Finally, Fortinet released 14 advisories, including a critical Fortasim bug allowing unauthenticated remote code execution with a proof of concept Public, a high severity authentication bypass in fortaweb and other important fixes in fortamanager, fortamail and more were also addressed. Avanti patched two high severity authenticated RCE issues in Avalanche. The Matrix foundation has patched two high severity vulnerabilities in its open source federated communications protocol, used by governments and enterprises for sensitive discussions. The flaws could have allowed attackers to seize control of classified channels or predict room IDs, enabling them to infiltrate or redirect communications. One bug let malicious admins override a channel creator's permissions, potentially disrupting crisis coordination. The other allowed prediction of room IDs, risking authentication. Access fixes elevate room creators privileges and switch to cryptographic hashing for IDs. The off cycle embargoed update required complex coordination and delayed full disclosure to allow test. Room upgrades may cause user disruption and testing before deployment is advised. Bitdefender Labs has detailed Curly Comrades, a Russian aligned APT active since mid-2024, targeting critical infrastructure in Georgia and Moldova. The group infiltrates judicial, government, and energy entities to steal credentials, maintain persistence, and exfiltrate sensitive data. Key tools include the custom Mukur agent Backdoor, which bypasses AMSI to run encrypted PowerShell scripts, and techniques like comm hijacking of disabled engine tasks for system level reentry operations. Blend legitimate utilities with custom malware using proxy relays, Socks5 servers, and compromised websites for covert C2 credential theft exploits, NTDs, database copies, LSAs, dumps, and adapted open source tools. Data is staged, encrypted, disguised as PNGs, and updated via curl exe. The stealthy redundant infrastructure underscores resilience and geopolitical intent. Bitdefender urges XDR deployment, LOL bin monitoring, and managed detection. To counter this persistent espionage threat, Microsoft is asking Windows 11 users to ignore new certificate Services client errors appearing after the July 2025 preview and later updates. The Event Viewer logs error id 57, citing a failed Microsoft Pluton cryptographic provider load, but Microsoft says it's harmless, linked to an unfinished feature. Similar false warnings have surfaced in recent months, including Windows Firewall, BitLocker, and WinRE update errors, all without functional impact. The company confirms no action is needed, as these events don't affect system performance OR security. Point Wild's LAT61 threat intelligence team has uncovered a malware campaign hiding the Njrat remote access Trojan in a fake Minecraft clone. Eaglecraft 1.12 offline popular in schools and restricted environments, the game distracts players while NJRAT silently steals passwords, keystrokes, and personal data, and spies via webcam and microphone. The malware installs WindowsServices EXE for persistence, spawning hidden processes for command execution and payload handling. It can crash systems if security tools like wireshark are detected. The RAT connects to a remote server in India hosted on Amazon's cloud for attacker control. Given Minecraft's long history as a malware target, experts warn players to download only from official sources and avoid unofficial mods or installers to prevent spyware infections and data theft. Motorcycle manufacturer Royal Enfield has reportedly suffered a ransomware attack with hackers claiming to have encrypted all servers and wiped backups, crippling operations. Posted on an underground forum as a complete breach notice, the attack prompted temporary suspension of online ordering and some workshop services. The Chennai based company confirmed a cybersecurity incident and and launched an internal investigation, but disclosed no details on affected data. The breach risks regulatory fines, reputational damage and loss of trust among dealers, suppliers and customers in the motorcycle community. The U.S. department of justice has detailed a major operation against the Black Suit Ransomware group formerly known as Royal authorities seized four servers, nine domains and $1.1 million in cryptocurrency stolen from a vict who paid a $1.4 million ransom in April of 2023. The funds, repeatedly moved through a crypto exchange, were frozen in January 2024. This covert seizure preceded Operation Checkmate, a multinational effort involving US agencies, the UK's NCA and partners from Europe and Canada disrupting the gang's infrastructure and seizing digital assets. Active since 2022 and linked to Conti, Black Suit has demanded over $500 million from victims targeting manufacturing, government, healthcare and commercial sectors. Officials say the action reflects a disruption first strategy to protect critical infrastructure and US businesses from ransomware threats. Coming up Break my conversation with Jack Jones, father of Factor Analysis of Information Risk Fair and Data Brokers Digital Hide and Seek Stay with us.
[10:22]
Ben Yellen
I'm Ben Yellen, co host of the Caveat podcast. Each Thursday we sit down and talk about the biggest legal and policy developments affecting technology that are shaping our world. Whether it be sitting down with experts or government officials, or breaking down the latest political developments, we talk about the stories that will have tangible impacts on businesses and people around the world. If you are looking to stay informed on what is happening and how it can impact you, make sure to listen to the Caveat podcast.
[10:59]
Dave Bittner
Compliance regulations, third party risk and customer security demands are all growing and changing fast. Is your manual GRC program actually slowing you down? If you're thinking there has to be something more efficient than spreadsheets, screenshots and all those manual processes, you're right. GRC can be so much easier and it can strengthen your security posture while actually driving revenue for Your business. You know, one of the things I really like about Vanta is how it takes the heavy lifting out of your GRC program. Their trust management platform automates those key areas. Compliance, internal and third party risk, and even customer trust. So you're not buried under spreadsheets and endless manual tasks. Vanta really streamlines the way you gather and manage information across your entire business. And this isn't just theoretical. A recent IDC analysis found that compliance teams using Vanta are 129% more productive. That's a pretty impressive number. So what does it mean for you? It means you get back more time and energy to focus on what actually matters, like strengthening your security posture and scaling your business. Vanta GRC Just imagine how much easier trust can be. Visit vanta.com cyber to sign up today for a free demo. That's V A N-T A.com cyber Jack Jones is father of Factor Analysis of Information Risk and the FAIR Controls analytics model. I caught up with him for insights on cyber risk quantification.
[12:52]
Jack Jones
Yeah, so I was a newly minted CISO at Nationwide Insurance in 2000 and as a newly minted CISO, one of the first things you have to do is go beg for money. And I put together my strategy and went on my dog and pony show and one of the executives listened to me and then asked two questions that I wasn't prepared for. The first question was, how much risk do we have? My answer was lots. And he said, and if we spend these millions of dollars you're asking for, how much less risk will we have? And I knew I was in trouble then, so I kind of hung my head and said, well, less. And he knew he wasn't going to get a better answer. It was a teaching moment and I took the lesson to heart and went back and decided that this can't be an intractable problem. And over a period of months put together the Factor Analysis of Information Risk or FAIR model, which we began using a nationwide to very good effect. And that was really the catalyst moment.
[14:06]
Dave Bittner
And so where do we stand today when it comes to the broad use of that model and how people are quantifying risk?
[14:15]
Jack Jones
So FAIR has been adopted as an open standard by the open group and they offer a professional certification around it and those sorts of things. It's also taught in at least a couple of dozen universities and we have local chapters, Fair chapters around the world. In 20 some cities there's the Fair Institute, which is a non profit that's dedicated to advancing risk measurement and management. And that has, I believe, 17,000 members globally now. So it has, it has gotten some legs. And now we have a number of different solution providers who have baked it into their solutions to help organizations measure risk far more easily than if you had to do it manually in a spreadsheet or on a whiteboard or something like that.
[15:20]
Dave Bittner
Can you walk us through how it works and how so many organizations are finding it an effective way to come at this problem?
[15:28]
Jack Jones
Sure. Well, it begins even before you start measuring. So for any measurement, you first have to make it very clear what it is you're measuring in the first place. So fair begins by defining risk in a way that makes it very clear what it is you're measuring. And it defines it as a. As a loss event scenario. All right, maybe that's an operational outage due to ransomware that occurred from phishing or whatever the case might be, but it's this clearly scoped loss event scenario. And once you have something that's clearly scoped, you can then begin to apply the model and gather data and measure the thing you're going after. And ultimately, of course, that's to help make better decisions.
[16:19]
Dave Bittner
And how would this change that conversation you had with leadership so many years ago? If you were walking in today, what kind of answers would you be able to give?
[16:28]
Jack Jones
Sure. Well, I begin by saying, based on our analyses and our discussions with business stakeholders, here are the key loss event scenarios that we as an organization care about and that place the organization at greatest risk. And given that we've defined those scenarios, we went out and evaluated, measured them, gathered data, talked to internal experts, external experts, and run the numbers using typically Monte Carlo or sometimes a Bayesian sort of analysis that allows us to faithfully represent the uncertainty in the measurement, which is crucial because there's always uncertainty. And so we're able to present to executives the loss exposure the organization faces from those scenarios from which they can decide, are they comfortable with that level of exposure, or would they like us to take one or more measures to reduce risk? And of course, going into that conversation, we'll have evaluated some of the options and arrived at what we believe are the most cost effective options for reducing risk, so that we, you know, so they don't have to wait for an answer if they decide that mitigation is something they want to pursue.
[17:48]
Dave Bittner
In the years since you originated this fair model, have there been changes? Have there been adjustments, as you've seen how things work in the real world?
[18:00]
Jack Jones
Yeah, of course, no models are perfect, and certainly that's true. For fair. And so as we've applied it and learned in the application of it, there have been some tweaks, for example, to how loss magnitude is evaluated, to some of the terminology we use. We've certainly improved some of the measurement practices and the reporting practices as well. But underneath it all, the model itself has really proven to be very resilient. And the reason for that is FAIR is an attempt to describe what risk is and how it works. And so let's take, you know, the world we face today where there's AI and, and of course, rampant ransomware and whatnot. You know, the landscape keeps changing, but risk, how risk work works, doesn't change. So the model itself has proven to be very resilient. And so if there's some new threat technology or methods that come out tomorrow, the model is still going to be able to be applied against those changes in the risk landscape. If the business gets into a new form of business or begins to apply AI in new and inventive ways, fair is still going to be perfectly capable of analyzing those. The details of the scenarios might change, but, but fundamentally how risk works doesn't change. So that's been frankly an unexpected and very useful dimension of the model.
[19:41]
Dave Bittner
Are there competing models out there? Have other organizations or people come up with their own ways of coming at this problem?
[19:50]
Jack Jones
Sure, a lot of smart people trying to work this issue. And so there are some proprietary models out there in, various solution providers have developed and there's of course, NIST830, which isn't really a quantitative model, but a lot of people believe it is, but it's, again, it's, it's a risk measurement model. So there are these other solutions that have been developed. But what's interesting is when you look under the covers, and this is something I've heard from numerous people, is those solutions, even the proprietary ones, very often look very fairish. Because again, if, if fair is a reasonably accurate depiction of how risk works, then any risk model that isn't fundamentally flawed should in some ways at least resemble fair. Which, you know, there may come a point where somebody comes up with a entirely new description of how fair work or how risk works and, and, and that becomes dominant. But, you know, fair's been around for, you know, over 20 years now, and there have been quite a few people trying to poke holes in it over that span of time because not everybody's happy with, with the notion of quantifying risk. And, and to date, it has stood the test of time and some very close examination by People are frankly way smarter than I am.
[21:29]
Dave Bittner
What are your recommendations for organizations who may want to look into adopting this model? What's a good strategy for them to begin?
[21:43]
Jack Jones
Do your homework. And that really involves, I think there are a couple of really good sources. One is the FAIR Institute, which has scores of papers and videos and literally hundreds upon hundreds of blog posts on virtually any dimension of the problem you care to think about. And then the Open Group has its professional certification and some resources for learning about it. And by the way, the FAIR Institute also has created some online training that is offered through My Mind's Gone Blank, one of those online training programs that offers college courses and whatnot as well, at any rate. So there are a lot of resources available, and there are. One characteristic of the community in the Fair Institute is they are passionate about helping one another out. So, you know, reach out to people who you've seen publish on FAIR or risk measurement and those sorts of things, and don't hesitate to ask questions because the people you've. You'd be talking to have been where you are, have wrestled the beast, have undoubtedly had some high points and some low points in the process, because it can be challenging. It's gotten a lot easier as the years have gone by, as we've improved the resources and the technology supporting it and that sort of thing. But it can still be daunting for some people who aren't used to the notion of quantifying something that they voice just assigned red, yellow and green to. So don't hesitate to reach out, including reaching out to me through LinkedIn.
[23:39]
Dave Bittner
As you look back, I would imagine you must have a certain sense of pride that. That FAIR has stood the test of time and has become one of the standards in our industry.
[23:52]
Jack Jones
Yes, that's absolutely true. I did not have a grand vision for this. I was trying to keep my job as a CISO and be more effective. And it was the people around me who said, this is potentially something important, Jack, you should share it. And so I wrote my first white paper on it, and that got a fair amount of attention, and it just kind of grew from there. And I've been really fortunate to be surrounded by people who have maybe recognized opportunities regarding its utility that I wouldn't necessarily have seen and have really done a lot of the legwork for helping the community grow. So, yeah, I'm proud. But I'm incredibly grateful, too, because if left to my own devices, it would not be nearly what it was or what it's turned out to be.
[24:47]
Dave Bittner
Our thanks to Jack Jones for joining us. Joining us and finally, in theory, California law gives you the right to tell data brokers to delete your personal information. In practice, you'll need the patience of a monk and the detective skills of Sherlock Holmes to find where to do it. A review by the Markup and CalMatters found 35 out of 499 registered brokers had buried their opt out pages so deep even Google couldn't find them, thanks to deliberate code that hides these pages from search engines. Officially, the pages exist. Practically, they're as accessible as Atlantis. After reporters came knocking, some companies blamed oversights and hastily removed the code. Others stood firm, citing spam prevention. Meanwhile, a few opt out links were tucked at the bottom of home pages, hidden behind popups, tiny fonts and enough scrolling to count as cardio. It's all legal, of course, just not particularly findable. Which one suspects is probably the and that's the Cyber Wire. For links to all of today's stories, check out our daily briefing@thecyberwire.com we'd love to hear from you. We're conducting our audience survey through the end of this month. There is a link in the show Notes. Please do check it out. N2K's senior producer is Alice Carruth. Our Cyberwire producer is Liz Stokes. Were mixed by Trey Hester with original music by Elliot Heltzman. Our executive producer is Jennifer Ibin. Peter Kilpe is our publisher. And I'm Dave Bittner. Thanks for listening. We'll see you back here tomorrow.