This week on the podcast, we discuss Anthropic's Project Glasswing and what the Claude Mythos announcement means to cybersecurity. After that, we cover FrostArmada, a campaign from a Russian GRU-backed threat actor that has compromised tens of thousands of home networking routers. Finally we end with a chat about Google Chrome 146's new feature to protect against session hijacking.
View Transcript
Marc Laliberte 0:00
Hey everyone, welcome back to the 443 security simplified. I'm your host, Mark Laliberte, and joining me today is...
Corey Nachreiner 0:07
Corey iron legs Nachreiner,
Marc Laliberte 0:12
iron...Ah, okay. On this week's episode, we will be discussing a different alloy body part,
Corey Nachreiner 0:23
glass wings and mythos and AI news decided to change it to iron legs. There we go.
Marc Laliberte 0:35
Now we will discuss Project Glasswing and what it means for cyber security and the software ecosystem. After that, we'll cover lumens Black Lotus labs, blog post on frost Armada, a new campaign targeting, believe it or not, Edge networking equipment yet again. And then we will end with Google's latest announcement for the updated Chrome 146 with a brand new way to protect against session hijacking attacks.
Corey Nachreiner 1:02
Yeah, be harder to do it way attacker in the middle night store, but not to get your session
Marc Laliberte 1:09
or will it? With that, let's go ahead and generate our way in: mythos edition.
Marc Laliberte 1:15
So I guess Corey, to start, what would you say if I told you that cybersecurity might be reaching a fundamental, I don't know, turning point or really scary situation, if a bunch of marketing hype turns out to be true?
Corey Nachreiner 1:37
Didn't I already say that this year would be the last normal year, I guess I wouldn't be surprised.
Marc Laliberte 1:43
Yeah, and it feels like we have reached that potential fork in the road, that is, if we are to believe everything coming out of anthropic mouths. And I don't know anthropic does have a history of being, I wouldn't say the boy who cried wolf, but at least, like the even fear monger doesn't seem nice, but like big, big claims about how scary AI can be, and you know, occasionally they turn out to be correct. But this last week, they announced the Claude mythos preview, which is the latest frontier model, which they are not going to be releasing for general use, and alongside that announce what they're calling Project Glass wing, which is an initiative to give some of the biggest names in tech early access to this frontier model for cyber defense. Basically, in their announcement, they claim that Claude mythos is exceptionally good at finding and exploiting vulnerabilities, and that it's already found 1000s of high severity vulnerabilities in every single major operating system and web browser. Basically, they're saying this is too big, too good, too scary, to release to the public. So instead, they're going to only release it to critical infrastructure vendors and major technology companies to use defensively to find and fix vulnerabilities before it makes its way publicly in some potentially limited capacity during project glasswing anthropic says they're going to work directly with 40 Major technology companies to operationalize Claude mythos for defensive security with the goal of sharing what they learn with other companies. Those 40 include the likes of like Microsoft, Google, like actual competitors of anthropic notably not open AI or or x or whatever the heck owns x ai these days, but and they're also going to be giving $100 million in free use credits for many of these organizations. And like another, I think it was like 10 million for open source projects to operationalize Claude mythos,
Corey Nachreiner 3:57
I think for the direct donation 4 million.
Marc Laliberte 4:00
But either way, so alongside this big, like scary announcement of we've just broken cybersecurity fundamentally their their frontier Red Team, published a technical write up that we'll talk about in a bit. Shortly afterwards, Scott Bennett, or best net, the Treasury secretary for the US, and Jerome Powell, the head of the Federal Reserve, held an urgent meeting with the CEOs of many banks that happened to be in town for Washington DC, to, like, warn them about the risks posed by Claude mythos. Like, seems like a lot of people are taking this very seriously, and more seriously than, like, other marketing material that has come out of any AI Lab, historically, the frontier Red Team's blog post was interesting. They said they couldn't talk about, like most or almost all, the vulnerabilities they found, because many of them are not yet patched, but they gave examples like a 27 year old denial of service vulnerability and. On open BSD, which is a heavily hardened Unix operating system, 16 year old vulnerability, and the popular video encoding library FFmpeg, that over 5 million scanner runs had never found, and then a chained privilege escalation vulnerability in the Linux kernel that Claude mythos was able to find and exploit. They gave a few benchmarks as well. They pointed to, I think it's cyber gym benchmark on vulnerability reproduction, saying that they were able to reproduce 83% of mythos vulnerabilities versus only 66% of Claude Opus 4.6 is vulnerabilities. But either way, like Corey, this seems like it could potentially be a very huge deal if it turns out to be correct. And we I feel like it's not super surprising. The only surprise I have is that this just came out, like last week, pretty quickly. Versus, like, I don't know, versus sometime next year or the year after? Like it feels came early
Speaker 1 6:07
potentially, yeah,
Marc Laliberte 6:10
but it's not like I was expecting this type of thing. Like, AI has been getting better and
Corey Nachreiner 6:14
better, yeah. I mean, we've been we've talked about zero day is going to go up because of this. We talk about the old DEF CON, the grand cyber challenge, where we've already seen AI find in patches Zero Day, basically at machine speed. And we've mentioned many times that not only is AI getting better, it's getting better at an accelerated pace we've never seen before. So at the end of the day, this isn't completely surprising. One of the things I've seen blowing up about this is jokes about, is mythos really that much better a model, or is it basically just 4.6 of the old model, but with better GPUs and more available RAM so that they have a larger context window, and that may seem like a small detail, but I think you we've even internally, been playing with AI to help us verify and find potential security issues in coding in general. And I think you've pointed out to me in the past, when there's big amounts of source code, when you have a pretty big, let's say Windows huge freak in project, and when you're looking for vulnerabilities, say in a specific function that could be all over the code in lots of different places, how much that the AI can keep in its context window at once significantly changes how good it is at maybe finding all The interactions that could, long story short, result in discovering vulnerabilities that you may not have been able to so I'm curious whether mythos is just that much better at coding and spotting vulnerabilities, or is this more more memory, bigger context windows and one day when AI can see All of source at once. We already know it's great at analyzing things technically. Maybe it's going to just right away find all these complex zero days that are buried everywhere. So it's, I think the only surprising thing is that, you know, anthropic thinks it's a big enough deal that they pre set up a group of organizations to say they're not going to release a model until they figure out the implications.
Marc Laliberte 8:29
I think that's a good approach. Well, I mean, it's clearly a good approach by them if this turns out to be correct, like, if their their fear turns out to be like, accurate to reality, I'm glad that they're erring on the side of caution then and saying, Okay, we're going to give defenders a head start this time others, because that hasn't
Corey Nachreiner 8:46
deregulating it. So it's nice that they're thinking about it and kind of self
Marc Laliberte 8:50
regulating to your point. And that hasn't historically been the case with these models, like they generally become public, like they release them for everyone to use soon after they certify them or whatever, within their own testing labs, and anyone can use them, good or bad. Yeah, they've got guardrails, but it's still relatively trivial to get around guardrails and jailbreak and AI model to do whatever you want. One thing that stood out to me? Oh, go
Corey Nachreiner 9:15
ahead, I was going to say maybe it's what stood out to you too, but the banking connection is interesting to me too, only because, like you were pointing out that open BSD. I mean, BSD is one of the strongest operating systems, at least reputationally. As far as having people that care about secure operating systems to find a 27 year old vulnerability is a big deal. But then you have the banking industry, which pretty much lives I'm overstating. I'm sure they use modern technology too, but they live on legacy code and technology like I'm sure they're the organizations that still have, I don't know, VMs, Vax machines, and might have windows, ce hiding and ATM. So if you're finding two. Seven year old vulnerabilities in well established code that's been around and is still updated today. Imagine what you can find in all that legacy stuff. So the banking it like you say, if it's true, if it really is that good at becoming a zero day researcher, it could definitely have industry wide implications, and I could see why they're concerned with banking.
Marc Laliberte 10:24
Another thing that stood out to me was when they talked about those benchmarks and like, what makes cloud mythos so good? They also like pointed out that cloud Opus 4.6 they're currently most powerful model that us normal humans could use. Only 66.6% of vulnerabilities that it found were actually reproducible, meaning only, like, two thirds of reports were actually valid. And that's actually in line with a trend that I've been seeing, like with vulnerability reports submitted to Watchguard, for example, we get so much AI generated garbage these days that, like, it thinks it found something, but it turns out it's hallucinating, and someone submits a bug bounty report for it, like my one of my worries is as AI becomes more used, we are going to see more and more like just garbage coming into the system that we'll have to find a way to sift through. And we've already seen the fallout for that too, like hacker one just announced they're pausing their internet bug bounty program, which was like a hacker one funded program to offer bug bounties on open source software that otherwise they don't have finances to actually pay out bounties because of all the AI hallucination reports that they've been getting in. I think it was Node js, like one of, if not the most popular like JavaScript frameworks out there pause their bug bounty program because of AI based submissions. So even as we're moving towards this future where AI becomes more powerful and can find more legitimate stuff, it also becomes more widely used and finds a lot of garbage.
Corey Nachreiner 11:59
Yeah, people think AI slop, as in silly videos and audio, but in this case, a false positive when you're giving a coding or security team a supposed new vulnerability, if you get overwhelmed with a bunch of false positives, that that's a type of AI slot that can make it harder for you to get to the real work of the actual true positives. And so I
Marc Laliberte 12:20
think another piece of this, like this fork in the road that we're at right now with this potential, or this upcoming release of Claude mythos, at least in a limited capacity, is we're also reaching a turning point where, like, we can't have humans scale to the right level to, like, even triage a lot of these findings that are coming in. So we have to very quickly make the step from automated vulnerability discovery and verification to automated patching and like development as quickly as possible to be able to bridge that gap. Otherwise, we're just going to have a hell of a lot of unpatched zero days being reported that are valid reports that humans can't keep up with potentially
Corey Nachreiner 13:00
but man, we better solve that false positive or slot problem, because, can you imagine if we do have to move, if there are enough legitimate new vulnerabilities being found, where you do have to auto patch with AI too? How would it react? Like it's the self? It's this, this recursive bad loop of false positive submitted code change based on false positive that likely makes all kinds of crazy things happen. That would be a bad feedback loop. Hopefully we'll solve the false positives before we adopt automated patches.
Marc Laliberte 13:33
So, like, I'm of the belief that we should take this announcement, like, with a small grain of salt, because it is clearly a look how big and scary and powerful of a tool we made kind of announcement, but also take it seriously, because it is, even if it is just a slightly better iteration of what we already have right now, it'll still be better than most humans at finding and exploiting vulnerabilities. And that's this is where we're at right now in April of 2026 like September of this year. Few more months, maybe we have something even more powerful and even more scary.
Corey Nachreiner 14:07
I kind of lean on, I hear your balanced approach, and I think it's right, but I personally think that anthropic. I guess some people like I think they might overstate a little, but they never, it's never a lie. I they are in the business and are profit motivated to make good AI tools and to have good AI tools so they don't want to be the boy who cried wolf, and people stop using their new model when they do release mythos. So I think it'd be while I do think they're one of the few AI companies out there that might be trying to add security and add a little warning to it too, and that's why I do think sometimes they will overstate things. I I have a feeling, even if it's a. Had overstated. Now we're on the cusp of the like, it's stuff we've been predicting anyways, like it's almost like this is what you and I have been saying for the last three years would eventually happen. And now we're like, it sounds too crazy to be true, but I think it's happening, and I think it happening faster than we expect, is something we ought to change our expectations for, because everything about AI is going to happen faster than we expect, in my humble
Marc Laliberte 15:28
opinion, yep. And now we have already started getting questions about this from, like, our customers, too, on, like, what does this mean? And like, what should we do? And like, my guidance is still the same, like, be prepared to have a good or you should already have a good patch management process, but be prepared to respond to potential updates quicker and more more frequently than you have been right now, because as these tools get more powerful, find more things. It's not just us defenders finding and fixing them. It is cyber criminals finding and exploiting them, and that time from
Corey Nachreiner 16:03
customers and users updating their stuff, especially when it comes to hardware and firmware products. Like I think we're moving to an age where people might start to accept over the air, forced updates. Like I'm I just want to bang this drum for a second mark, because we have a hardware based firewall product as long as as well as a bunch of software based firewalls and products. But for the hardware based one, even when we have a vulnerability, we really want to bang the drum about and let the whole world know. Sometimes the adoption, like how quickly we see people that we you know, the numbers we can look at update is still low, even for one of our biggest things, I think we have seen it get to 80% which is great, but that's 20% of people still not updating something that we've kind of been yelling about. So what does that make you think about the normal security fixes that we don't yell about. So I had to your point is, if we start to see these quickly, even if everyone in the industry can accelerate their patching and their if there's a person in the middle for a device like a network like the reason over the Air Force updates are an issue for a hardware network provider is, if it's a gateway device, we don't want to disrupt your network if there's a reboot needed, but this is something we need to figure out. And customer like people that run these devices, we're trying to do our best to make it so you don't have to do anything, and we can try to secure you, but there are cases where you have to do something, and you're part of this, this loop of correcting the issues before the hackers leverage it. So, you know, besides just us doing a good job of it, and our managed service providers and other vendors doing a good job, it's something all IT folks need to think about period
Marc Laliberte 17:56
100% so just be prepared for rapid security updates, and definitely have those those maintenance windows pre planned as advanced as you can I'm looking forward to getting my hands on Claude mythos, that is for sure, this seems insanely interesting, and I'm looking forward to seeing If it really does live up to the hype,
Corey Nachreiner 18:22
so it should probably be good at coding too. So we should see a lot of cool, innovative new software coming out quickly as well,
Marc Laliberte 18:29
and even more, AI slop. Let's move on to the next topic. So lumens, Black Lotus labs published a pretty interesting blog post last week describing what they're calling frost Armada, which is a campaign that they've attributed to forest Blizzard, which is the name given to Russian Gru unit, 26 165, so a Russian nation state backed hacking organization, which They claims have affected 40,000 or up to 40,000 consumer routers. Basically, this campaign started around May 2025, with limited targeting and more widespread exploitation, starting in August of last year, peaking in around December and continuing well through the current time. Right now. During this campaign, the Russian Gru Hacking Team will exploit exposed web interfaces, primarily for TP Link and micro tick routers, change the DNS settings and then propagate them using DHCP to devices behind the router, and then when a they receive a DNS request for a targeted domain, instead of giving the legitimate IP address to the client, they will give the IP address of a server under the attacker's control, so the client will connect to the attacker's web server instead of the legitimate website. Now, the Russian Gru has not figured out how to forge certificate private keys yet. And so it does display a certificate warning when the victim goes to one of these websites, but if they click through that, then they automatically steal OAuth session tokens and can use that to take over and compromise accounts. They some of the global victims that lumen has identified include Ministries of Foreign Affairs and national law enforcement for some North African, Central American and Southeast Asian countries, as well as some other private organizations across Europe and even North America.
Corey Nachreiner 20:32
So this one, I think for a second I was a little interesting too, that how they set up the infrastructure that they came out like we're familiar with this, because of VPN filtering, maybe other botnet attacks from Russia.
Marc Laliberte 20:46
They can maybe other botnet attacks from Russia that will remain unnamed on this podcast.
Corey Nachreiner 20:52
Longtime listeners know what we're saying. They come out at Tor exit relay, but before they hit the target router, there were some Soho proxy hops, which is kind of familiar, too. I'm curious of the the Soho proxy hops, my understanding is that they're still TP Link in micro tick, but they were targeting, as you say, law enforcement in nation state, etc, as far as the targeted routers. But I wonder if any of these Soho ones are those ones seem more like kind of an additional proxy protection that could just be consumer like I did they describe, besides being similar devices, do they describe the victimology of the proxy hop
Marc Laliberte 21:34
versus they didn't victims, so I interpreted it as it could either be another like proxy layer of the Same botnet, like we've seen them do in the past, or like we've talked previously in recent months about, like, quote, unquote, legitimate proxying applications that people can set up, like web browser plugins, VPNs, whatever, or just other botnets that have exploited routers and offer those as a proxy service that they could be relaying through those too.
Corey Nachreiner 22:00
But it's definitely smart like this multiple layers, like, they're already hiding their self besides behind Tor behind, you know, another router. So routers, as we've predicted and seen, we only predicted it because we watched the trend happen, are definitely a really good target for these threat actors, and
Marc Laliberte 22:21
it makes sense to go after like consumer grade routers like this, where someone might enable the web interface and not realize they exposed it on the internet. Some of them might just be enabled by default on the internet, and almost certainly not regularly patched with any meaningful frequency, which makes them perfect targets for this if they're able to find a vulnerability, or in this case, it looks like just brute force their way in with valid credentials, as people either reuse default passwords or just set crappy passwords for their their home router. It is yet another update on the trend of attacks against edge networking equipment, but this one very focused on consumer grade routers in this case, but still to try and, like, steal information, like they're going after credentials, in this case, OAuth tokens from victims behind these routers, and based off, like the the telemetry they get from compromised devices, like IP addresses they're able to target, potentially, like, based off the description for some of the victims, like, potentially very valuable targets for a nation state threat actor to go after,
Corey Nachreiner 23:30
if you think about it, especially with work at home changing across the industry, including government and law enforcement, is like all of these People go home, but probably connect to work remotely. So it makes sense that even consumer routers can be a way into pretty sensitive information.
Marc Laliberte 23:49
Yeah. So if you do have a micro tick or a TP Link router, now is probably the time to update it and make sure it's not exposed to the internet.
Corey Nachreiner 23:58
Let's just say all routers. If you have any consumer router, update its firmware, like we saw in the story, they're leveraging patch vulnerabilities for these so whether it's a low end consumer router or a high end consumer router, update it. As soon as there's an update, it kind of adds what we said before about making sure to update hardware quickly. Yeah.
Marc Laliberte 24:20
And pretty soon after this came out, just a couple of days ago, the the NSA, the National Security Agency, put out a a like little bulletin for all US citizens, telling you go reboot your router. Basically, because most of these types of attacks, they are ephemeral. They live just in memory. If you reboot the device, it'll restore a known good configuration.
Corey Nachreiner 24:43
It was like that, right? A reboot would wipe it unless they but usually they could come in through some other means, if you hadn't patched but at least it would temporarily
Marc Laliberte 24:53
wipe it. Yep, it is funny seeing the NSA put out a nine page white paper telling everyone, go reboot your routers, especially. If you're seeing weird internet activity like unexpected certificate errors, moving on to the last one. So we've talked about a lot about credentialed attacks and authentication based attacks, and session hijacking is kind of the next frontier of that style of attack where cyber criminals are even paying insiders in the company to give them like a browser export that includes session tokens that they can then use to go compromise the organization. It's one of like shiny hunters favorite ways of getting into companies these days. Well, Google announced last week that the latest update for Chrome, Chrome 146 includes a rollout of a new security feature that's designed to not entirely prevent but at least substantially mitigate this style of attack. It's called device bound session credentials or dbsc, which uses the computer's Trusted Platform Module or TPM chip to generate and securely,
Corey Nachreiner 26:00
say, security enclave, if your Mac mark,
Marc Laliberte 26:08
whatever, to securely save a key pair per session so that Chrome can prove the identity of the hardware when it's asking For a session renewal. It's like real quick like how session management generally works for a website. When you log into, let's say, your Facebook account, you're given what's called an access token, which is what your web browser sends with every single request it sends to that server. That's how Facebook validates that you are who you say you are with every request. And you're also given a longer living refresh token that you can use to get a new access token sometime in the future, usually that access token is pretty short lived, like minutes, potentially up to hours. For older websites, the refresh token could live to be quite a bit longer, like days, months, even years, in some cases depending on how the site is made, the risk comes from if an attacker is able to steal that refresh token without any other protections, they could then from their machine go use it to request a new access token and then use that access token to basically take over or hijack your session. So this new feature binds that refresh token to your computer's hardware itself by using the TPM built into it. There is no way barring some insane critical vulnerability for an attacker to get that private key out of the TPM, meaning the only way they can use that session token is directly on your computer. If they steal it and try and refresh it somewhere else. They won't have that private key to prove that they are who they say they are, and they won't be able to refresh the session. Now, this doesn't protect against everything, because that access token, they could still use that and continue using it to access a website, which means that we need some combination of also, like shorter lived access tokens. In order to make this work, it is not technically feasible to, like, refresh a token with every single request. You will blow up the TPM on your computer, so to speak. Fact, Google even mentioned in their their little write up there. Like, one of the caveats for this is TPMS are rate limited, and so if you're refreshing a lot, very frequently in a ton of tabs, you might run into some rate limiting on it. But this is a meaningful improvement to what we had before, which was effectively no protection unless this site was doing like its own, roll your own, like IP address pinning or something for session information. So I think that's like, this is a good change. Now I saw, like in news posts on this, they mentioned that, like others, like Okta, are also investigating the technology. I would like to see this become widespread standard.
Corey Nachreiner 28:51
Yeah, yeah,
Marc Laliberte 28:53
to help mitigate against this type of attack.
Corey Nachreiner 28:55
Are you going to leave Firefox until they get it?
Marc Laliberte 28:59
I think Firefox is one of the ones also working on it as well, too, even if it hasn't been officially released. But no, I will never leave Firefox. You can pry it out of my cold, dead hands. Now Google did note like another caveat, they said, If malware is present on the device during session registration, they may be able to extract the private key basically before it gets saved into that enclave, they could get a copy of it that could enable session hijacking, similar to other styles of cookie theft. But attacks involving malware during registration or TPM driver modifications are significantly more complex and significantly more easier to detect, way more than like the standard attacks we're seeing that just it's trivial to steal someone's session, session cookie and potentially use it. So I think it has a meaningful improvement, even if it doesn't like 100% mitigate the entire risk from this. It's better than what we had. And incremental improvements in cybersecurity
Corey Nachreiner 29:59
are great. Yeah. No, I agree this is a good thing. Hey, look at that, man. We ended on good news. For once,
Marc Laliberte 30:05
I'm not done. I've got one more forward thinking thought for you. Corey, and this is like a good thought. So it got me thinking like so we're using now a TPM to manage refresh tokens. What if we also start using the TPM for, like, other sorts of user activity, like people may not know your computer already uses the TPM for, like, secure boot to validate that, like, the firmware that's being loaded and then the operating system being loaded is all what it's supposed to be. But what if we use it for more of these, like web activities too? Like, before I can go update my password, it'll go query the TPM and validate them on the normal hardware that I normally am, and if I'm not, then trigger another like MFA push or something like I could see it opening up more opportunities for additional verification for like hardware bound to a not user identity beyond what we have
Corey Nachreiner 30:56
right now. We do something more with important kernel drive, like already kernel driving, but that's usually based on operating system vendor, like Microsoft's private key. But what if we have, you know, some sort of industry wide here are the big players for drivers that you know can store keys in a TPM to make sure people can't start replacing drivers, whether you're operating there are tons of potential Mark I think that's a very cool idea. On the flip side, that's just like anything digital key or digital certificate, then you have to deal with managing public private key infrastructure. And then it becomes a supply chain risk, instead of a technical risk, right? Like, you know, with the OS driver signing that already exists with Windows using vendor private keys. You know, bad guys have figured out how to steal someone else's signing key. So you have to worry about the supply chain for providing all of this to the TPM. But I think it's smart. I think I mean Secure Boot, the TPM is what changed everything in secure boot, and you could have that to secure run, you can make every application like there's tons we could do with it. It does add some complexity and some management, though, but I
Marc Laliberte 32:16
do trust that hardware more than I trust some random employee not getting bribed with 10,000 bucks, they export a horror file.
Corey Nachreiner 32:24
Like, it's exactly it's not that hardware is not complete. Like, do you remember Andrew bunny Huang hacking the Xbox when he basically the Xbox? It wasn't called the TPM at the time, but it had, like, yeah, it essentially was a trust. It was a security enclave in the Xbox in a chip. He had to use acids and stuff to remove the chips. He had to have a super expensive electron microscope, and then he had to on tiny, tiny points, hook inputs and outputs up to a FPGA device just to be fast enough to process what he was looking at, but eventually, with a lot of deep, super expensive hardware hacking work, you can break into a secure chip and maybe get into an input or output that starts to give you these private keys. But I mean, listen to everything I did, like I don't even know how to use an electron microscope, let alone how are you going to solder FGP? So that's a very to your point. It's a much bigger roadblock hacking that TPM. And by the way, this all requires physical access to the computer. So what's the victim going to think when you're in his computer, pouring on acid, putting it under an electron microscope? Yeah, yes. I trust the hardware TPM more than a lot of things, we can agree,
Marc Laliberte 33:43
yeah, so this is good, like the future is looking bright for for session theft, at least assuming this does become a standard that others, yeah,
Corey Nachreiner 33:54
unless is so smart that it finds some sort of vulnerability, huge vulnerability, in the interaction with the TPM, there it is.
Marc Laliberte 34:03
There's the doom and gloom. I was worried we wouldn't get it. Thanks.
Corey Nachreiner 34:06
Corey had to deliver. It's kind of on brand. The future
Marc Laliberte 34:12
is no longer bright. Unfortunately, the the glass wings are going to shatter at some point.
Corey Nachreiner 34:19
Good thing I have iron legs.
Marc Laliberte 34:21
Good thing you have iron legs. Hey, Everyone, thanks again for listening. As always. If you enjoyed today's episode, don't forget to rate, review and subscribe. If you have any questions on today's topics, or if you have suggestions for future episode topics, please reach out to us on the social medias. We're both on blue sky. I'm at it's mark.me Corey is at second EP. We're also on Instagram, at Watchguard, underscore technologies, and I'm sure you can find our emails or probably our Reddit handles or anything else you want to out there on the internet, because everything has been stolen and breached and leaked at some point. Thanks again for listening, and you will hear from
Marc Laliberte 34:58
us next week.
Corey Nachreiner 34:59
It comes. So we're public personas at this point. There is no operational tradecraft security going on.
Marc Laliberte 35:06
Yep, exactly. So talk to us, please and thank you.
Corey Nachreiner 35:12
Just don't send us more spam and scams. We get those on social media every single day.
Marc Laliberte 35:18
too late.
