skip navigation

More signal. Less noise.

Visit LookingGlass Cyber Solutions at BlackHat USA 2019

There are many weapons to choose from when it comes to cybersecurity solutions providers – and you must choose wisely. With LookingGlass Cyber Solutions as your security provider, its “Game Over” for threat actors trying to infiltrate your network. To learn more about our solutions, visit our experts at the LookingGlass Network & Chill Lounge, Mandalay Bay South, Palm A on level 3, August 7 & 8. Take a break from the hectic show floor for old school video games, happy hour from 3-7 PM, and a demo tailored to your organization’s security needs.

Daily briefing.

CyberWire podcast transcripts are now available.

We're pleased to announce that our library of podcasts is now transcribed. More than one-thousand episodes of the Daily Podcast, Research Saturday, Hacking Humans, CyberWire-X, and Special Editions are now available as transcripts. Researchers, the hearing impaired, and even people who would rather read than listen, are invited to take a look.

Buhtrap, the threat group hitherto known for criminal raids on Russia's financial sector, has moved on to cyber espionage, targeting organizations in Eastern Europe and Central Asia. ESET says Buhtrap has recently been exploiting a local Windows privilege-escalation vulnerability, CVE-2019-1132, against its victims. BleepingComputer reads the move from theft to espionage (which may have been in progress for some time) as an instance of the interpenetration of criminal gangs and intelligence services in many parts of the world.

Lawfare takes a look at US cyber operations mounted as a response to Iranian attacks on shipping in the Gulf region and, of course, Iran's shootdown of a US Global Hawk drone. They conclude that perhaps three distinct cyberattacks took place, and that US Cyber Command has issued no statements on the matter, "content to wait out the news cycle without correcting the record." The operation displays the sort of strategic ambiguity that can be valuable in deterring an adversary.

Warnings about a recurrence of WannaCry continue to surface, as they do in this TechRepublic piece. The malware would affect unpatched systems, and unfortunately there are still a lot of unpatched systems out there.

US Intelligence Community officials briefed Congress on potential threats to the 2020 elections.

Among the effects of Baltimore's ransomware incident, the Baltimore Sun reports, will be very large water bills as the city slowly brings its billing systems back online. Residents are told they'll receive a bill covering "three or more months" (the smart money is on "more").

Notes.

Today's issue includes events affecting Australia, Belgium, China, European Union, Democratic Peoples Republic of Korea, Netherlands, United Kingdom, United States.

Bring your own context.

Regulatory risk surrounding data protection looms increasingly large in terms of risk management.

"There's a lot of additional regulations coming state by state, country by country. So organizations are going to need to figure out how they can quickly adopt these standards - many of these new regulations will be based on GDPR - but look at ways that they're different and look at ways that they can adopt them and really start to think about a privacy platform - more of a data governance platform - rather than single one-off technologies."

—Myke Lyons, CISO at Collibra, on the CyberWire Daily Podcast, 7.10.18.

Risk represents opportunity for those who can manage data governance effectively, affordably, and as simply as possible.

Modernizing security analytics and operations with SOAPA.

Security operations is held back by the compromises of existing security analytics solutions, and throwing more money and time at the problem isn’t helping. Instead, you are left dealing with an army of point tools, exponential data growth, lack of context... the list goes on.

It's time to take a new approach to security analytics - explore how Devo can help evolve your SOC in this report by ESG.

In today's podcast, out later this afternoon, we speak with our partners at CenturyLink, as Mike Benjamin talks us through some RDP scanning they’re tracking. Our guest is Martha Saunders, President of the University of West Florida, on how her institution is adapting to meet the workforce needs for cyber security professionals.

Cyber Security Summits: DC on July 16 and in Chicago on August 27 (Washington, DC, United States, July 16, 2019) Register for reduced admission to the Cyber Security Summit with promo code cyberwire19 for $95 admission ($350 without code). Sr. Level Executives are invited to learn about the latest threats & solutions in Cyber Security from experts from The FBI, The U.S. DOJ, Verizon, Center for Internet Security, IBM and more. Breakfast, Lunch & Cocktail Reception are included with your admission. Passes are limited, secure yours today.

RSA Conference 2019 Asia Pacific & Japan (Singapore, Republic of Singapore, July 16 - 18, 2019) Join industry leaders and peers at the region’s leading cybersecurity event. Learn the latest issues and solutions, stay on top of new regulations, demo cutting-edge products, expand your skills and grow your personal network. Register now.

XM Cyber is coming to Black Hat (Las Vegas, Nevada, United States, August 3 - July 8, 2019) Visit XM Cyber at our booth 875, to experience the first fully automated APT simulation platform to Simulate, validate and remediate hackers’ path to organizational critical assets.

Wicked6 Cyber Games (Las Vegas, Nevada, United States, August 6, 2019) Wicked6 is a fundraiser and cybersecurity exhibition in a thrilling esports arena in Las Vegas on August 8, 2019. It’s a week when cybersecurity leaders from around the world come to Las Vegas, and all are welcome to come by to experience this exciting and unique cyber competition as a player, sponsor, or avid fan. Wicked6 will raise funds for the Women’s Society of Cyberjutsu, a national 501(c)(3) nonprofit that promotes training, mentoring and more to advance women and girls in cybersecurity careers.

Cyber Attacks, Threats, and Vulnerabilities

An Amazon Phishing Scam Hits Just in Time For Prime Day (WIRED) Some deals are too good to be true, even on the most made-up holiday of all.

iOS URL Scheme Susceptible to Hijacking (TrendLabs Security Intelligence Blog) Abuse of the iOS URL Scheme can potentially result in the loss of privacy, bill fraud, exposure to pop-up ads, and more.

Sea Turtle DNS Hijackers Go After More Victims (Infosecurity Magazine) Sea Turtle DNS Hijackers Go After More Victims. Cisco Talos reveals new targets and techniques in ongoing campaign

Windows Zero-Day Used by Buhtrap Group For Cyber-Espionage (BleepingComputer) The Buhtrap hacking group has switched its targets from Rusian financial businesses and institutions since December 2015 when it moved into cyber-espionage operations, culminating with the use of a recently patched Windows zero-day during June 2019.

Buhtrap Group Using Zero-Day Attack in Windows (Infosecurity Magazine) Researchers discover zero-day used in targeted attacks in Eastern Europe.

Windows zero‑day CVE‑2019‑1132 exploited in targeted attacks (WeLiveSecurity) ESET research uncovers a zero-day exploit that leverages a vulnerability in Windows and that has been deployed for a surgically targeted attack.

2020 election a target of foreign threats, lawmakers briefed on election security agree (The Washington Times) Lawmakers briefed on election security by top administration officials acknowledged ongoing threats to the 2020 presidential race Thursday.

Wannacry ransomware attack: Industry experts offer their tips for prevention (TechRepublic) Wannacry remains a significant threat for companies. Learn how your organization can guard against it.

Agent Smith: A New Species of Mobile Malware (Check Point Research) Research by: Aviran Hazum, Feixiang He, Inbal Marom, Bogdan Melnykov, Andrey Polkovnichenko   Check Point Researchers recently discovered a new variant of mobile malware that quietly infected around 25 million devices, while the user remains completely unaware. Disguised as Google related app, the core part of malware exploits various known Android vulnerabilities and automatically... Click to Read More

Chinese Cloud Hopper Operation Targets Top Tech Providers in World (CPO Magazine) It appears that Chinese hackers have been running Cloud Hopper attacks targeting tech providers for access to their customers' corporate intellectual property and government secrets.

AVEVA Vijeo Citect and Citect SCADA Floating License Manager (CISA) 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: AVEVA Equipment: Vijeo Citect and Citect SCADA Floating License Manager Vulnerabilities: Improper Input Validation, Memory Corruption 2. RISK EVALUATION These vulnerabilities could allow an attacker to deny the acquisition of a valid license for legal use of the product.

Philips Holter 2010 Plus (CISA) 1. EXECUTIVE SUMMARY CVSS v3 1.9 Vendor: Philips Equipment: Philips Holter 2010 Vulnerability: Use of Obsolete Function 2. RISK EVALUATION Successful exploitation of this vulnerability under certain conditions can lead to a product feature escalation. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Holter 2010 Plus, a 12-lead EKG analysis software program, are affected:

Siemens TIA Administrator (TIA Portal) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 8.0 ATTENTION: Low skill level to exploit Vendor: Siemens Equipment: TIA Administrator (TIA Portal) Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an execution of some commands without proper authentication.

Siemens SIMATIC RF6XXR (CISA) 1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION: Exploitable remotely/public exploits are available Vendor: Siemens Equipment: SIMATIC RF6XXR Vulnerabilities: Improper Input Validation, Cryptographic Issues 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow access to sensitive information.

Siemens SIMATIC WinCC and PCS7 (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.2 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: SIMATIC WinCC and SIMATIC PCS7 Vulnerability: Unrestricted Upload of File with Dangerous Type 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a denial-of-service condition on the affected service or device.

Delta Industrial Automation CNCSoft ScreenEditor (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Delta Electronics Equipment: CNCSoft ScreenEditor Vulnerabilities: Heap-based Buffer Overflow, Out-of-Bounds Read 2. RISK EVALUATION Successful exploitation of these vulnerabilities could cause buffer overflow conditions that may allow information disclosure, remote code execution, or crash the application.

Schneider Electric Interactive Graphical SCADA System (CISA) 1. EXECUTIVE SUMMARY CVSS v3 7.0 Vendor: Schneider Electric Equipment: Interactive Graphical SCADA System (IGSS) Vulnerability: Out-of-Bounds Write 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to achieve arbitrary code execution or crash the software.

Schneider Electric Floating License Manager (CISA) 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Schneider Electric Equipment: Floating License Manager Vulnerabilities: Improper Input Validation, Memory Corruption 2. RISK EVALUATION These vulnerabilities could allow an attacker to deny the acquisition of a valid license for legal use of the product.

EXCLUSIVE: Monroe College hacked, $2 million in Bitcoin demanded as ransom (New York Daily News) The attack was reported to the NYPD Tuesday, shortly after the hacker crippled the Bronx-based school’s computer system by encrypting its files remotely.

Cyberattack lands ship in hot water (Naked Security) Less than two months after warning of cybersecurity problems on ships, the US Coast Guard has revealed that a large international vessel has suffered a cyberattack.

More information about our processes to safeguard speech data (Google) We’re focused on building products that work for everyone, and as part of this, we invest significant resources to ensure that our speech technology works for a wide variety of languages, accents and dialects.

Google workers listen to your “OK Google” queries—one of them leaked recordings (Ars Technica) News service identified Google users by listening to 1,000 leaked recordings.

Who’s Listening When You Talk to Your Google Assistant? (WIRED) A Belgian broadcaster obtained recordings of more than 1,000 conversations with Google's automated assistant, some including personal details and medical information.

Google Home Silently Captures Recordings of Domestic Violence and More (Threatpost) Google is under fire after a report found that Google Home and Google Assistant records user audio, even when no wake-up word is used.

Twitter goes down during White House social media summit (The Verge) When in doubt, ban yourself.

It wasn't a cyber attack, Telstra says of five-hour failure (Australian Financial Review) Telstra has blamed a surge in network traffic for its five-hour service outage on Thursday afternoon that cost retailers an estimated $100 million in lost trade.

Cyber Trends

Nearly 60% of us fear using digital assistants – have you secured yours? (WRAL TechWire) Amazon Prime Day – which is actually "a two-day parade of epic deals" – is just around the corner. And more than half of Americans – are planning on or considering buying a digital assistant during this global online shopping event. But remember to take security precautions when using one.

Five things I learned at IBM Security (LinkedIn) Earlier this week I resigned from IBM … more on that and my future plans in the coming days. It has been the highlight of my career to lead and grow the IBM X-Force into what is today one of the largest incident response and intelligence teams in the industry.

Marketplace

CIA Remains Tied to the Industry (SIGNAL Magazine) The intelligence agency continues to turn to the private sector for help solving complex problems.

Verizon CEO: We're doing just fine without using any equipment from Chinese tech giant Huawei (CNBC) Verizon has no reliance on China, says CEO Hans Vestberg. "We are executing our strategy with our Western European vendors."

How U.S. Tech Giants Are Helping to Build China’s Surveillance State (The Intercept) A nonprofit led by Google and IBM executives is working with Semptian, whose technology is monitoring the internet activity of 200 million people in China.

ZTE opens European cybersecurity lab (PCR) ZTE Corporation has opened up a European cybersecurity lab in Brussels. Located in the administrativ

Privacy Startup OneTrust Reaches $1.3 Billion Valuation From Its First Funding Round (Forbes) OneTrust is a unicorn after a $200 million Series A funding round. The enterprise tech startup helps companies navigate privacy laws, like the EU's GDPR.

McAfee Value Could Be $5 Billion in IPO Later This Year (Channel Futures) Increasing cash flow under McAfee CEO Chris Young reportedly has prompted the plan to return to the public market The IPO could come this year and could raise at least $1 billion, and value McAfee at more than $5 billion, it said.

Motorola Solutions Acquires WatchGuard, Inc., Leader in Mobile Video for Public Safety (Yahoo) Motorola Solutions, Inc. (MSI) today announced it has acquired WatchGuard, Inc., a U.S. leader in mobile video solutions. WatchGuard designs and manufactures in-car video systems, body-worn cameras, evidence management systems and software. “An integrated, secure mobile video solution can enhance safety

7 recent acquisitions in the IT security space — and why they happened (TechGenix) Companies that have proven cybersecurity tools and solutions are hot commodities, as these seven IT security acquisitions clearly show.

Breaking Down 3 Of The Year's Most Intriguing Cybersecurity Stocks (MarketWatch) The state of the cybersecurity industry remains as intriguing and dire as ever. Between the threat of hacking and digital espionage from foreign actors,...

HackerOne’s greatest hack? Pay transparency for gig workers (Quartz at Work) It is one of the rare gig-economy companies that doesn't take a cut from workers' pay.

Products, Services, and Solutions

Trend Micro to Deliver Transparent, Inline Network Security with Amazon Web Services Transit Gateway (Trend Micro Newsroom) Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global leader in cybersecurity solutions, today announced the extension of its industry leading network protection to the cloud, now available on Amazon Web Services (AWS) Marketplace.

EnGenius SkyKey Puts Cloud Accessible Networks in the Palm of Your Hand (Morningstar) EnGenius SkyKey Puts Cloud Accessible Networks in the Palm of Your Hand, Read most current stock market news, Get stock, fund, etf analyst reports from an independent source you can trust – Morningstar

enSilo Unveils Advanced Platform Capabilities, Announces Strong Growth and New Investment (Yahoo) Demand for more capable endpoint security defenses automating protection and constraining security costs drives enSilo's growth and momentum

Bitdefender Expands Sandbox Workflows and Use-Cases with On-Prem Deployment (Bitdefender) Bitdefender announces controlled availability release of GravityZone Sandbox Analyzer On-Premises. Improves targeted attack detection across multiple vectors with enhanced data security and privacy. Integrates with Bitdefender and third-party solutions for complex workflows and automated response.

Company to get $1.3 million for school safety tool (WOFL) The Florida Department of Education will pay nearly $1.3 million to a company that will revise a tool used by all public schools to identify threats and vulnerabilities on campuses.

Technologies, Techniques, and Standards

Inside the NIST team working to make cybersecurity more user-friendly (Help Net Security) NIST has a team of researchers working on projects aimed at improving the usability of cybersecurity software, hardware, systems, and processes.

CIS Controls Microsoft Windows 10 Cyber Hygiene Guide (Yahoo) Resource Helps Organizations Implement CIS Sub-Controls in Windows 10 EAST GREENBUSH, N.Y. , July 11, 2019 /PRNewswire/ --The Center for Internet Security, Inc. (CIS ® ) launches the CIS Controls Microsoft ...

How to Catch a Phish: Where Employee Awareness Falls Short (Dark Reading) Advanced phishing techniques and poor user behaviors that exacerbate the threat of successful attacks.

Exploring the Dark Net - Behind Enemy Lines (Infosecurity Magazine) A strong understanding of operational security and acceptance of the risks associated with this type of research is key

Design and Innovation

Blockchain has Numerous Applications for Cybersecurity (CoinIdol) Blockchain Technology applications in cyber security range from data protection, decentralization, resistance to attacks among others. General digitization is associated with a heap of risks that developers and entrepreneurs need to be aware of. Although the full potential of the technology is yet to be explored, it is already preventing many cyber crimes across the world.

The top 8 problems with blockchain (Computerworld) While blockchain holds the promise for reinventing business processes, it is still a developing technology with few production systems in place, not to mention governance issues and vulnerabilities that must be understood.

Delivering AI we can trust (Government News) The G20 Declaration is a timely reminder that emerging technologies such as artificial intelligence (AI) are critical to the nation’s future.

On TikTok, Teens Meme the Safety App Ruining Their Summer (WIRED) Parents can use Life360 to track their teen’s location in real time. The company can use that data to sell car insurance.

Research and Development

The Navy Kicks off Artificial Intelligence Cybersecurity Prize Challenge (SIGNAL Magazine) The $100,000 contest is especially looking for nontraditional partners to submit solutions.

DARPA funding brings machine learning to BAE Systems’ Signals Intelligence capabilities (Intelligent Aerospace) BAE Systems has been awarded funding from the Defense Advanced Research Projects Agency (DARPA) to integrate machine-learning technology into platforms that decipher radio frequency signals.

Academia

Northeastern University joins with universities from US, UK, and Japan to tackle international cybersecurity challenges (Northeastern University) Northeastern has joined with five universities from the United States, the United Kingdom, and Japan to establish a new consortium to tackle the growing international…

Legislation, Policy, and Regulation

What Really Happened in the Cyber Command Action Against Iran? (Lawfare) A careful reading of the reporting suggests that the U.S. response consisted of three distinct operations.

Langevin presses Trump for details on cyber ops (FCW) The Trump administration has yet to brief Congress on new rules governing offensive cyber operations, and some on the Hill are getting impatient.

America is woefully unprepared for cyber-warfare (Roll Call) War in cyberspace is fully on, and the United States is losing it, according to about two dozen national security experts.

Cyberspace administration releases new rules on security assessment of cross-border transfers of personal information (International Law Office) The Cyberspace Administration of China recently released the Measures on Security Assessment of Cross-Border Transfer of Personal Information (Draft for Comment). According to the draft, network operators must apply to the provincial-level cyberspace administration for a security assessment before conducting cross-border transfers. Further, network operators must record all cross-border transfers and retain the records for at least five years.

Mnuchin urges US suppliers to seek approval to resume selling to blacklisted Huawei, new report claims (INSIDER) Trump met with Chinese President Xi Jinping on the sidelines of the G20 summit last month and promised to ease certain restrictions off Huawei.

Former heads of DHS and NSA explain how the U.S. can keep Huawei at bay (CNBC) Former DHS secretary Michael Chertoff and former NSA head Mike McConnell write for CNBC that Wednesday's FCC spectrum upgrades are a positive step in 5G support, and bring us another step closer to a more connected internet of things.

Britain set for clash with US on digital tax (Times) Britain is on course for another trade showdown with President Trump after deciding to forge ahead with a special tax on Amazon, Google and other big technology companies. The Treasury said...

FEC says political campaigns can now get discounted cybersecurity help (TechCrunch) In a long awaited decision, the Federal Elections Commission will now allow political campaigns to appoint cybersecurity helpers to protect political campaigns from cyberthreats and malicious attackers. The FEC, which regulates political campaigns and contributions, was initially poised to block th…

F.E.C. Allows Security Company to Help 2020 Candidates Defend Campaigns (New York Times) Federal lawyers previously advised the commission to block the company, Area 1, from providing services to presidential candidates at a discount.

FEC: Campaigns Can Use Discounted Cybersecurity Services (KrebsOnSecurity) The U.S. Federal Election Commission (FEC) said today political campaigns can accept discounted cybersecurity services from companies without running afoul of existing campaign finance laws, provided those companies already do the same for other non-political entities.

Joint Chiefs nominee wants to boost information warfare (C4ISRNET) In a pre-hearing questionnaire, the nominee to be the next chairman of the Joint Chiefs of Staff addressed questions on a range of information warfare-related capabilities.

Navy nominee brings cyber experience to top echelons of Pentagon leadership (Fifth Domain) Vice Adm. Michael Gilday, who formerly commanded Fleet Cyber Command, has been nominated to be the Navy's top officer.

Litigation, Investigation, and Law Enforcement

GDPR superpowers lead to whopper ICO fines for BA, Marriott (Naked Security) The ICO isn’t pulling its punches: The penalty for BA’s data breach is about 367 times higher than the previous record-setting fine.

Will BA, Marriott Have to Pay UK ICO’s Huge Breach Fines? We Look at What’s Next. (Cooley) The UK Information Commissioner’s Office (ICO) has issued Notices of Intent (NOI) to fine British Airways (for £183m) and US hotel group Marriott (for £99m) for breaches of the EU General Data Prot…

How GDPR mega-fines could be a cybersecurity game changer (CRN) As both British Airways and Marriott hotel group face mammoth penalties for data breaches, CRN asks how large may change their approach to cybersecurity

Supreme Court limits First Amendment exposure of social media giants (Silicon Valley Business Journal) Exclusive guest viewpoint: While the Trump White House convenes a summit to complain about perceived bias on the part of Silicon Valley social media giants, a recent Supreme Court decision reinforced a key aspect of the First Amendment, protecting private entities such as Twitter, Facebook, and YouTube.

Lawsuit claims FedEx misled investors after cyber attack (https://www.wmcactionnews5.com) A lawsuit claims FedEx violated federal securities laws after a cyber attack.

For a complete running list of events, please visit the Event Tracker on the CyberWire website.

Newly Noted Events

Cyber Security X Atlanta (Atlanta, Georgia, USA, November 20 - 21, 2019) Cyber Security X Atlanta is part of the fastest growing cyber security event series, providing events that uniquely cover the entire security landscape. The event will offer invaluable security insight...

Upcoming Events

The Digital Economy and Consumer Welfare: A Commonsense Approach to Federal Privacy Law (Washington, DC, USA, July 15, 2019) CompTIA will convene a panel discussion on why federal privacy legislation is critical to protect consumer data and promote U.S. leadership and innovation. Join tech industry representatives and thought...

Insider Threat Program Development - Management Training Course (Mountain View, California, USA, July 15 - 16, 2019) The Insider Threat Defense Group will hold our highly sought after Insider Threat Program (ITP) Development - Management Training Course, in Mountain View, California, on July 15-16, 2019. This comprehensive...

Raleigh Cybersecurity Conference (Raleigh, North Carolina, USA, July 18, 2019) Data Connectors brings together security professionals to discuss mitigating risk and improving their overall security posture. Eight industry speakers, an FBI/NSA/DHS keynote speaker, and a CISO Panel...

Cybertech Midwest 2019 (Indianapolis, Indiana, USA, July 24 - 25, 2019) Cybertech is the cyber industry’s foremost B2B networking platform featuring cutting-edge content by top executives, government officials, and leading decision-makers from the world of cyber. Our Cybertech...

Smoky Mountain Bigfoot Conference (Gaitlinsburg, Tennessee, USA, July 27, 2019) Join us for the first ever Smoky Mountain Bigfoot Conference. We have some of America's most experienced Bigfoot researchers and investigators including Cliff Barackman, Bigfoot Field Researcher and co-host...

Grow your brand and reach new customers.

Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.

Be a part of the CyberWire story.

People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.