skip navigation

More signal. Less noise.

Daily briefing.

Security industry researchers, many of them GCHQ alumni, warn that ISIS is trying to recruit hacking talent in labor black markets. The terrorist group has hitherto excelled at inspiration but generally flunked hacking proper, demonstrating little more than an ability to vandalize poorly protected sites. An influx of criminal coding talent could change that.

Exploitation of an Adobe Flash Player zero-day (patch expected sometime this week) is now generally being attributed to North Korean operators belonging to the "TEMP.Reaper" threat group.

Researchers tie a gaming server rental operation more closely to the JenX botnet, thought to be controlled by the San Calvicie organization that offers Grand Theft Auto hosting.

Scarabey ransomware (a variant of the well-known Scarab malware) brings a new twist to ransomware. It encrypts files, of course, but then threatens to delete twenty-four files from the victims' systems every four hours the extortionists aren't paid. It's apparently a Russian criminal product, and it spreads by RDP/manual dropping.

British hacker Lauri Love, who hit US Government sites in 2012 and 2013, will not be extradited Stateside after all: the High Court overturned his 2016 extradition order (but left the door open to Love's prosecution in the UK). Russian hacker Petr Levashov, alleged creator of the Kelihos botnet and reputedly one of the world's leading spammers, has been extradited to the US from Spanish custody. Levashov has claimed connections to Russian President Putin's political party.

In the US, the Nunes Memo is expected to be followed by other memos, releases.


Today's issue includes events affecting Australia, Azerbaijan, Bangladesh, China, European Union, Iraq, Japan, Democratic Peoples Republic of Korea, Republic of Korea, Lithuania, Russia, Syria, Ukraine, United Arab Emirates, United Kingdom, United States.

The board and cyber-risk oversight: Crown Jewels Risk Assessments.

Corporate directors want to review cybersecurity risk and assist security leaders in protecting critical assets. Learn how to identify what matters the most and how to collaboratively assess and treat cyber risk using Crown Jewels Risk Assessments.

You've got questions? Joe Carrigan's got answers. In today's podcast, we speak with him as he again represents our partners at the Johns Hopkins University's Information Security Institute, answering listeners' emailed questions about passwords.

Cyber Security Summits: February 13 in Silicon Valley & Atlanta on February 28 (Silicon Valley, California, USA, February 13, 2018) Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, Darktrace, IBM and more. Register with promo code cyberwire50 for half off your admission (Regular price $350)

Compete to win prize money plus the chance to be DataTribe’s next big investment (Online, March 23 - April 25, 2018) The DataTribe Inaugural Cyber Funding Competition: We put real firepower behind every idea. If you're part of a entrepreneurial technology team with a vision to disrupt cybersecurity and data sciences — we want to enhance your growth prospect with the opportunity for a DataTribe-financed seed capital of $2,000,000. Plus possible millions more in a Series A Venture Capital Round. The top three finalists will share $20,000 in prize money.

Cyber Attacks, Threats, and Vulnerabilities

ISIL seeking industry insiders for cyber-attacks: report (The National) The terrorist group has shown little ability to launch a major cyber-attack but security agencies cannot afford to be complacent, experts say

Isis cyber-attackers may hire help from the dark web (Times) Isis and other jihadist groups are seeking to launch destructive cyber-attacks on Britain and the West, possibly with “insider” help, a spy chief has warned. Conrad Prince, the former deputy head...

North Korean threat group suspected to be behind Adobe Flash exploit (Security Brief) An exploit that targeted an Adobe Flash vulnerability looks to be the work of a North Korean group called TEMP.Reaper.

About the Flash zero-day currently exploited in the wild (Help Net Security) The zero-day Flash Player vulnerability (CVE-2018-4878) that Adobe warned about on Thursday was leveraged by North Korean hackers.

Hacking threats loom over 2018 Olympics (TheHill) Nation-state and criminal hackers are targeting the Winter Olympics at a rapidly increasing rate, raising fears of phishing scams, hacks and other disruptive attacks.

Cyber attacks on defense minister undermine bilateral relations ( On 18 January, Lithuania experienced a cyber attack  aimed at—the website of a major Lithuanian TV channel—in which hackers inserted false information about Raimundas Karoblis, the minister of national defense.

New JenX IoT DDoS Botnet Offered Part of Gaming Server Rental Scheme (BleepingComputer) The operators of a gaming server rental business are believed to have built an IoT DDoS botnet, which they are now offering as part of the server rental scheme.

JenX Botnet Has Grand Theft Auto Hook (Threatpost) A GTA hosting site is offering powerful DDoS attacks for $20 a pop, researchers say.

New variant of Scarab ransomware threatens to shred 24 documents every day until you pay (Computing) Pay up or the documents get it, threatens new Russian ransomware

Scarabey Ransomware - A Scarab Version Targeting Enterprises (BleepingComputer) A new version of the Scarab ransomware has been spotted in the wild, but instead of being distributed via email spam campaigns, crooks are brute-forcing computers with weakly-secured RDP connections and are installing the ransomware manually on each system.

Cybercriminals are using new tactics to spread Ransomware GandCrab (Safe Harbor on Cyber) GandCrab uses two vulnerability kits, distributed by RIG EK and GrandSoft EK. GandCrab requires payment of ransom in Dash to encrypt money to find payment.

Cryptocurrency botnets are rendering some companies unable to operate (Ars Technica) Smominru botnet has infected 526,000 machines, generated as much as $3.6 million.

Internet Crime Complaint Center Impersonated for Malware & Phishing Scam (HackRead) Another day, another phishing scam - This time, hackers have created a fake federal online crime complaint portal and using it for conducting phishing scam.

Internet Crime Complaint Center (IC3) | Impersonation of the Internet Crime Complaint Center (FBI) Cyber actors are scamming victims into providing personal information and downloading malicious files by impersonating the Internet Crime Complaint Center (IC3).

NotPetya malware: How does it detect security products? (SearchSecurity) It was discovered that NotPetya malware is able to detect when Kaspersky security products are used. Learn how it changes its behavior and why this happens.

Google Chrome WARNING - Do you have any of THESE dangerous extensions installed? (Express) GOOGLE Chrome users need to double check if they have downloaded dangerous extensions from the official Chrome Web Store.

Droidclub Malware Track People's Online Activities, Show Ads (AndroidHeadlines) Security researchers from Trend Micro have recently announced the discovery of malicious extensions that allow attackers to direct traffic to advertisement

Porn as bait: Over 1.2 million people hit by malware, lured by adult content (Rappler) Kaspersky Lab explains 'adult content serves as a tool for cybercriminals to lure victims into fraudulent schemes involving phishing, PC and Android malware'

Cyber risk: Credential harvesting is to future incidents what ‘kindling is to a fire’ says Chubb (Insurance Business) It’s time to tune into the serious risks surrounding password management

APIs Pose 'Mushrooming' Security Risk (Dark Reading) As APIs grow in prominence, top security concerns include bots and authentication.

Security Patches, Mitigations, and Software Updates

Cisco IOS and IOS XE Software EnergyWise Denial of Service Vulnerabilities (Cisco Security) The Cisco Security portal provides actionable intelligence for security threats and vulnerabilities in Cisco products and services and third-party products.

Adobe warns of Flash zero-day, patch to come next week (Naked Security) Adobe has announced that a zero-day Flash exploit has turned up in the wild – a patch should be ready early next week.

It's time to say 'Welcome to dumpsville Adobe Flash', as new unpatched flaw exploited by criminals (Graham Cluley) It's time to call an end to what can best be called a rocky relationship.

Meltdown and Spectre Patches: a story of delays, lies, and failures (InfoSec Resources) The beginning On January 3, white hackers from Google Project Zero have disclosed some vulnerabilities in Intel chips called Meltdown (CVE-2017-5754) and S

Cyber Trends

Akamai: IoT the new 'shadow IT' of the enterprise (ZDNet) Internet-connected devices pose a similar threat to the enterprise as shadow IT, with Akamai noting many devices are used on the company network without security in place.

Bedroom hackers bigger threat than Russia, regulator says (The Telegraph) Government departments should be more worried about teenage bedroom hackers than state-sponsored cyber terrorists, the Information Commissioner has warned.

Cyber attacks on Israeli banks rose in last six months -regulator (Reuters) Israel's banking regulator warned banks and their customers on Sunday to be more vigilant against cyber criminals following a rise in hacking attempts in recent months.


The Sound of a Cyber Bubble Popping (Fortune) The cryptocurrency market is in a meltdown...

Is Cyber-Insider Trading Illegal? ( Also governance, bad-actor waivers, crypto-kidnapping and flamethrower returns.

What can Organizations Do to Tackle the Cybersecurity Skills Shortage? (Infosecurity Magazine) What is the cybersecurity skills gap, and what is needed to resolve it?

Michael Dell confirms rumours of potential VMware-Dell merger (CRN) In a filing to US regulator CEO says Dell may float or be acquired by VMware

Booz Allen scores massive $621M Homeland Security cyber contract (TheHill) Firm awarded first prime contract for government-wide Continuous Diagnostics and Mitigation (CDM) program.

This cybersecurity firm is opening a new office at College Park's 'Discovery District' - DC ( DC) BlueVoyant joins Capital One as a tenant of the development at the University of Maryland.

F-Secure Continues Strategy Transformation to Serve Cyber Security Needs of Midmarket (F-Secure) To improve strategy execution, the company reorganizes and introduces important new roles to F-Secure’s Leadership Team.

Products, Services, and Solutions

Rohde & Schwarz Cybersecurity Presents Its Deep Packet Inspection Engine for Secure and Reliable Embedded Devices at Embedded World 2018 (Rohde & Schwarz) The OEM software adds IP traffic analytics capabilities to network equipment solutions to enable security and traffic control and to guarantee uninterrupted network availability and continuity.

BeyondTrust Introduces First-of-its Kind Solution to Protect Critical Network, IoT, ICS, and SCADA Devices from Privilege-based Attacks (Beyond Trust) PowerBroker for Networks enables privilege nanagement at scale

Protecting Mobile Healthcare Data in Multiple Counties: Jackson-Hinds CHC (Prey Project) Case Study on Jackson-Hinds Comprehensive Health Center use of Prey as a barrier to protects all patient's healthcare data and JHCHC's technological assets.

Pragma Releases Telemote, Next Generation Cyber Security System Administration Platform (Business Insider) Pragma Systems, a leading provider of enterprise-class remote access and SSH solutions, announces the release of its next generation of secure systems administration platform, Telemote.

Wombat makes updates to phishing email report button (Pittsburgh Business Times) A Pittsburgh-based security awareness and training software company is aiming to make reporting phishing emails a little easier.

Technologies, Techniques, and Standards

NIST Blockchain Report Examines the Tech Behind the “Hype” (Bitcoin Magazine) The National Institute of Standards and Technology (NIST) has issued a report titled “Blockchain Technology Overview.” The report, intended to provide a ...

Critical Industries Need Continuous ICS Security (ARC Advisory) Most industrial managers recognize that a cyber incident could jeopardize the safety, continuity, and profitability of their operations.

Cybertraining election officials for this year's voting (Southern California Public Radio) "It's no longer the teenager in his basement that's trying to get into [the] system. There are now nation states that are, in a coordinated effort, trying to do something."

7 steps for getting your organization GDPR-ready (Help Net Security) Are you a GDPR-ready organization? Here are seven steps to help organizations improve data management and close the GDPR compliance gap.

Pay Attention to Probing, Persistent Attacks Against Critical Infrastructure (The Cipher Brief) During times when the country expresses passionate opinions over the politics of the day, I wonder what U.S. adversaries focus on. One thing always in the back of my mind, as a former intelligence correspondent and now publisher of a national-security focused website, is the U.S. power grid. U.S. critical infrastructure systems have been under … Continue reading "Pay Attention to Probing, Persistent Attacks Against Critical Infrastructure"

SonicWall reveals public betas to defend against 'vulnerabilities of tomorrow' (Channel Life) SonicWall has released a new bundle of public betas aimed at defending enterprises against ‘the vulnerabilities of tomorrow’.

NCSC’s ‘Active Cyber Defence’ Initiative Boasts Impressive First-Year Results (Infosecurity Magazine) More than one million security scans and seven million security tests carried out on public sector websites

Design and Innovation

Beyond the Hype: Blockchain and Its Applications in Business Aviation (Aviation International News) Flight hours, traveler information, safety records are among the data that can be stored.

Tired of Trolls? Take Your Twitter to Germany (WIRED) A writer had enough of the trolling and toxic taunts on Twitter. So she reset her location and “moved” to Germany, the safest social media state in the world.


Woman at top of her game seeks girls with a cyber-aptitude (ABC News) Dora Schriro, Connecticut's public safety commissioner, knows what it's like to be a woman in the male-dominated world of criminal justice, so she jumped at the chance to work with organizers of a national competition being held this month to find and attract young women to the field of...

Legislation, Policy, and Regulation

WHATIS Going to Happen With WHOIS? (Motherboard) A new European data privacy law and official internet policy are about to conflict with each other.

Azerbaijan’s authoritarianism goes digital (openDemocracy) 2018 is an election year in Azerbaijan. The authorities may have the streets on lockdown, but the fight against dissent in cyberspace is just beginning.

Why the Cryptocurrency World Is Watching South Korea ( Many South Koreans are obsessed with cryptocurrencies. The country’s lawmakers? Not so much. From the prime minister down, officials have warned that the speculative mania surrounding Bitcoin and its peers is dangerous. Demand for the virtual currency was so extreme at one point in January that it lifted prices in Korea 50 percent higher than those in America. The premium has since receded, but policy makers are still worried. Given the nation’s outsized role in the crypto world, the prospect of

Buying Bitcoin on your credit card? Not any more… (Naked Security) According to reports, buying cryptocurrency will be that little bit harder from today.

Why experts are worried about Tether, a dollar-pegged cryptocurrency (Ars Technica) Markets treat a tether as though it's worth $1. But what if it's not?

No, the US Won’t Respond to A Cyber Attack with Nukes (Defense One) Defense leaders won’t completely rule out the possibility. But it’s a very, very, very remote possibility.

Yes, a cyberattack could spur the president to launch a nuclear attack (Fifth Domain) The Nuclear Posture Review, officially revealed Friday, does not change when a president might order a nuclear strike in response to a non-nuclear attack. But it does provide more hypotheticals about the circumstances that might force the president’s hand.

In first SRS visit, Perry calls cybersecurity one of his biggest challenges as Energy Secretary (Augusta Chronicle) Energy Secretary Rick Perry told Savannah River Site workers on Friday that cybersecurity is “the biggest challenge I’ve got” in the national security scope of his job.

Vice Adm. Nancy Norton Starts DISA, JFHQ-DODIN Leadership Roles - Executive Gov (Executive Gov) U.S. Navy Vice Adm. Nancy Norton has assumed her new roles as director of the Defense Information Sy

Litigation, Investigation, and Law Enforcement

The Nunes FBI Memo, Annotated (POLITICO) The latest news from POLITICO.

Nunes' memo, McCabe's ouster, and Mueller's next move: Inside the most dramatic week of the Russia investigation (Business Insider) This week saw monumental developments on several fronts in the Russia investigation.

GOP memo alleges bias against Trump in FBI probe (TheHill) President Trump signed off on the release of the document Friday.

What is the Devin Nunes memo about and how does it affect Trump? (the Guardian) The four-page document released on Friday is at the heart of a firestorm over Donald Trump, Russia and special counsel Robert Mueller. What’s in it?

Reading Between the Lines of the Devin Nunes Memo (WIRED) The most important part of the Nunes memo? What it doesn't say.

Opinion | The Nunes Memo Is All Smoke, No Fire (New York Times) It gives us too little information to make a conclusion about whether the government abused the surveillance laws.

'The Nunes Memo' Is Worthless Without the Warrant (Motherboard) This whole circus is performative "transparency" from a bunch of hypocrites.

The Real Damage of the Nunes Memo (Daily Intelligencer) The integrity of the U.S. law enforcement system is under attack, and Trump may already be winning the battle.

Intelligence community worried about Nunes memo’s potential ripple effects (The Washington Times) President Richard Nixon’s unprecedented misuse of federal resources to spy on political and activist groups 40 years ago prompted the creation of the Foreign Intelligence Surveillance Act (FISA), which requires federal agencies to obtain warrants for investigations involving U.S. citizens.

Brennan: Nunes memo 'exceptionally partisan' (POLITICO) "I never saw the Democrats do something like this that was so partisan, so reckless."

Republican lawmakers distance themselves from Trump on memo (Washington Post) As four GOP members of the House Intelligence Committee disputed that the document has a bearing on the Mueller probe, Democrats on the panel were gearing up for a possible vote on their party’s response.

'Reckless' or revealing, reaction to GOP memo on Russia depends largely on party affiliation (The Star Democrat) Maryland Democrats blasted the release of a controversial memo Friday that Republicans said raised questions about how the FBI handled surveillance of a Trump campaign associate.

New FBI messages reveal agents sought way to evade federal record requirements (TheHill) "Hot damn," the chief of the FBI's counterespionage section texted in response to a plan to hide his communications from federal authorities.

The Publisher of Newsweek And The International Business Times Is Buying Traffic And Engaging In Ad Fraud (BuzzFeed) Several of Newsweek Media Group’s business websites are buying and manipulating traffic that originates on pirated video streaming sites. The company acknowledged buying traffic, but denies engaging in ad fraud.

'Newsweek' owner's top execs resign; company inflated users for CFPB ad campaign, report says (USA TODAY) Consultancy Social Puncher says that bought users when its traffic declined.

About that raid on the Newsweek servers . . . (Ricochet) Step one: create the Consumer Fraud Protection Bureau, because who could be against protecting consumers from fraud? What are you, some sort of right-wing Social Darwinist? Step two: give the CFPB lots of money to raise awareness about fraud and protection and consumers. It’s not enough, of course. If there’s fraud next year, that’s just …

DHS threatened with subpoena over information about Kaspersky removal (Cyberscoop) Another influential congressman has criticized the Department of Homeland Security for not being transparent enough about the government’s ongoing efforts to remove a Russian anti-virus product from federal systems.

Corruption Threatens Australia’s Defense Program (The Diplomat) In pursuing it massive defense building program, Australia must protect itself against critical corruption risks.

What type of attack was the central bank reserve heist? (Dhaka Tribune) Two years after the theft of $101 million from the Bangladesh Bank reserve, many mysteries persist.

RCS malware attack prompts FBI investigation, double down on network defenses (Greensboro News & Record) EDEN – The Federal Bureau of Investigation continues to pursue the culprit of the debilitating Emotet malware attack that struck Rockingham County Schools in December, school officials said on Jan.

Military Official's Home Raided as Part of Probe on Cyber Command Irregularities (KBS) Prosecutors on Monday raided the home of a military official as part of their probe into suspicions that he mishandled a case on allegations that the

Iran says jails 'nuclear spy' for U.S., European country (Reuters) Iran has sentenced an unnamed person to six years in jail for selling information about its nuclear program to the United States and a European country, the Iranian judiciary's news website reported on Sunday.

Investigation uncovers Luminosity Link RAT distributors, victims are in the thousands (Help Net Security) A hacking tool allowing cybercriminals to remotely gain complete control over a victim’s computer is no longer available as a result of an UK-led operation targeting hackers linked to the Luminosity Link RAT.

Russian National Arrested for Kelihos Botnet Sent to US (Dark Reading) Peter Levashov, among the world's most notorious email spammers, has been extradited to the US.

Russian Spammer Claiming Kremlin Ties Is in U.S. Facing Feds ( A Russian programmer who claimed he worked for Vladimir Putin’s ruling party arrived in the U.S. Friday after Spanish authorities extradited him to face cybercrime charges in Connecticut.

British Hacker Lauri Love will not be extradited to the United States (HackRead) Lauri Love, known For hacking US government computers including the US Army and NASA, will not be extradited.

Japanese boy arrested for developing cryptocurrency stealing malware (HackRead) A teenager has been arrested for creating a cryptocurrency stealing malware used in stealing MonaCoin, world's first Japanese cryptocurrency.

Why cops won’t need a warrant to pull the data off your autonomous car (Ars Technica) “It’s like instant replay in the NFL; I can tell what happened.”

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

CyberThreat 18 (Westminster, England, UK, February 27 - 28, 2018) Hosted by the UK’s National Cyber Security Centre, a part of GCHQ, and the SANS Institute, CyberThreat18 brings together a packed schedule of talks on a broad range of familiar and less familiar topics...

National Cyber League Spring Season (Chevy Chase, Maryland, USA, March 30 - May 25, 2018) The NCL is a defensive and offensive puzzle-based, capture-the-flag style cybersecurity competition. Its virtual training ground helps high school and college students prepare and test themselves against...

Upcoming Events

SecureWorld Charlotte (Charlotte, North Carolina, USA, February 8, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

Women in Data Protection, Securing Medical Devices and Health Records (Washington, DC, USA, February 9, 2018) Join some of the top cyber and privacy professionals as they talk about the landscape of the medical device and electronic health records market. They will also talk about the dangers to patients' health...

Cyber Security Summit: Silicon Valley (San Jose, California, USA, February 13, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their companies’ critical data with innovative solution providers & renowned information security experts.

Security Titans (Scottsdale, Arizona, USA, February 23, 2018) Security Titans is a ground-breaking event, bringing the biggest names in Information Security together - all in one day, on a single stage to give the nation's cyber security industry access to the very...

Midlands Cyber: US Cyber Market Workshop (Lutterworth, England, UK, February 27, 2018) We are delighted to announce that we will be running two workshops, led by Andy Williams, the International Director of the iCyber Centre @bwtech, Maryland. The workshops have been tailored by the team...

European Cybersecurity Forum – CYBERSEC Brussels (Brussels, Belgium, February 27, 2018) CYBERSEC Forum is an unique opportunity to meet and discuss the current issues of cyber disruption and ever-changing landscape of cybersecurity related threats. Our mission is to foster the building of...

The Cyber Security Summit: Atlanta (Atlanta, Georgia, USA, February 28, 2018) This event is an exclusive conference connecting Senior Level Executives responsible for protecting their company’s critical data with innovative solution providers & renowned information security experts.

Insider Threat Program Management With Legal Guidance Training Course (Herndon, Virginia, USA, March 6 - 7, 2018) The course will cover current regulations like National Insider Threat Policy NITP and NISPOM Conforming Change 2, and more. The course will provide the ITP Manager and Facility Security Officer with the...

SINET ITSEF 2018 (Silicon Valley, California, USA, March 7 - 8, 2018) Bridging the gap between Silicon Valley and the Beltway. SINET – Silicon Valley provides a venue where entrepreneurs can meet and interact directly with leaders of government, business and the investment...

PCI Security Standards Council Middle East and Africa Forum (Cape Town, South Africa, March 14 - 15, 2018) Don’t miss the data security event of the year for the payment card industry. Join us for: networking opportunities, updates on industry trends, insights and strategies on best practices, engaging keynotes...

SecureWorld Boston (Boston, Massachussetts, USA, March 14 - 15, 2018) Connecting, informing, and developing leaders in cybersecurity. SecureWorld conferences provide more content and facilitate more professional connections than any other event in the Information Security...

Cyber 9-12 (Washington, DC, USA, March 16 - 17, 2018) Now entering its fifth year, the Cyber 9/12 Student Challenge is a one-of-a-kind competition designed to provide students across academic disciplines with a deeper understanding of the policy challenges...

3rd Annual Billington International Cybersecurity Summit (Washington, DC, USA, March 21, 2018) With confirmed speakers from Estonia, Romania, Singapore, Sweden, the United States, and Kuwait, and with attendees from many more countries, this summit brings together world-class cybersecurity thought...

Infosecurity Magazine North America Virtual Conference (Online, March 21 - 22, 2018) Tune in on Wednesday March 21 for day two of our two-day online event to learn what’s going on at the heart of the industry. Our easy to digest format offers a mix of short sessions, panel debates and...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.