Despite economic headwinds and layoffs in other areas, most retail and hospitality CISOs expect to add staff in 2023, according to a new report.

**VIENNA, Va.****,** **Jan. 25, 2023** **/PRNewswire/ --** Information security teams have always had to do more with less, but 2023 might be the year when they are able to do more with more. Riding a three-year trend, 70% of CISOs expect their budgets to increase again this year, while 60% also expect more FTEs, according to the CISO Benchmark Report released today from the Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC).

The annual report surveys cybersecurity leaders from consumer-facing industries to assess data about budgets, personnel, and organizational priorities.

The increase in budget and personnel reflects how cybersecurity has grown as a critical part of business operations in many organizations. This year, business disruption emerged as a top 10 (No. 7) risk that organizations currently face, up seven spots from No. 14 in 2021. Similarly, 50% of CISOs now have business continuity/disaster recovery as part of their core responsibilities, an increase of 11 percentage points since last year.

Surprisingly, although fraud in its many forms greatly impacts the bottom line, and continues to be a top risk for organizations, very few CISOs have fraud as part of their core responsibilities, according to the report.  

New this year is an additional benchmark report from RH-ISAC that survey cybersecurity practitioners to understand the challenges and priorities staff have in executing daily job functions.

Key insights from the Practitioner Benchmark Report include:

*   83% serve more than one job function, which means that employees have a valuable and diverse skill set across security operations (76%), threat intelligence (66%), and risk management (66%)
*   93% believe they have the necessary skill sets to perform their job effectively

"The retail and hospitality industries are constantly evolving, and so are the cybersecurity challenges they face," said Suzie Squier, president of RH-ISAC. "The RH-ISAC Benchmark Reports provide valuable insights and actionable information for CISOs and other information security professionals to stay informed about trends and resource allocation among infosec teams."

The companies represented in the surveys include retail, restaurants, hospitality, travel, and consumer packaged goods/manufacturing companies, and reflect more than 718,000 total locations, 3.4 million corporate employees, and $2.3 trillion in annual sales.

The full reports are available to RH-ISAC members, and summary versions of each report are available to download:  
CISO Benchmark Report   
Practitioner Benchmark Report 

**About the Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC)**

The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) is the trusted community for sharing sector-specific cybersecurity information and intelligence. The RH-ISAC connects information security teams at the strategic, operational, and tactical levels to work together on issues and challenges, to share practices and insights, and to benchmark among each other – all with the goal of building better security for consumer-facing industries through collaboration. RH-ISAC serves businesses, including retailers, restaurants, hotels, gaming casinos, food retailers, consumer products, and other consumer-facing companies. For more information, visit www.rhisac.org.

SOURCE Retail and Hospitality ISAC

Cybersecurity Budgets Increase for Retail & Hospitality Industry

Red Hat Security Advisory 2023-0440-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Important: kernel security and bug fix update  
Advisory ID:       RHSA-2023:0440-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:0440  
Issue date:        2023-01-24  
CVE Names:         CVE-2022-4139 CVE-2022-26373  
====================================================================  
1. Summary:

An update for kernel is now available for Red Hat Enterprise Linux 8.6  
Extended Update Support.

Red Hat Product Security has rated this update as having a security impact  
of Important. A Common Vulnerability Scoring System (CVSS) base score,  
which gives a detailed severity rating, is available for each vulnerability  
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat CodeReady Linux Builder EUS (v.8.6) - aarch64, ppc64le, x86_64  
Red Hat Enterprise Linux BaseOS EUS (v.8.6) - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

The kernel packages contain the Linux kernel, the core of any Linux  
operating system.

Security Fix(es):

* kernel: i915: Incorrect GPU TLB flush can lead to random memory access  
(CVE-2022-4139)

* hw: cpu: Intel: Post-barrier Return Stack Buffer Predictions  
(CVE-2022-26373)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Bug Fix(es):

* Azure: Sometimes newly deployed VMs are not getting accelerated network  
during provisioning (BZ#2155273)

* Azure: VM Deployment Failures Patch Request (BZ#2155281)

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

5. Bugs fixed (https://bugzilla.redhat.com/):

2115065 - CVE-2022-26373 hw: cpu: Intel: Post-barrier Return Stack Buffer Predictions  
2147572 - CVE-2022-4139 kernel: i915: Incorrect GPU TLB flush can lead to random memory access

6. Package List:

Red Hat Enterprise Linux BaseOS EUS (v.8.6):

Source:  
kernel-4.18.0-372.41.1.el8_6.src.rpm

aarch64:  
bpftool-4.18.0-372.41.1.el8_6.aarch64.rpm  
bpftool-debuginfo-4.18.0-372.41.1.el8_6.aarch64.rpm  
kernel-4.18.0-372.41.1.el8_6.aarch64.rpm  
kernel-core-4.18.0-372.41.1.el8_6.aarch64.rpm  
kernel-cross-headers-4.18.0-372.41.1.el8_6.aarch64.rpm  
kernel-debug-4.18.0-372.41.1.el8_6.aarch64.rpm  
kernel-debug-core-4.18.0-372.41.1.el8_6.aarch64.rpm  
kernel-debug-debuginfo-4.18.0-372.41.1.el8_6.aarch64.rpm  
kernel-debug-devel-4.18.0-372.41.1.el8_6.aarch64.rpm  
kernel-debug-modules-4.18.0-372.41.1.el8_6.aarch64.rpm  
kernel-debug-modules-extra-4.18.0-372.41.1.el8_6.aarch64.rpm  
kernel-debuginfo-4.18.0-372.41.1.el8_6.aarch64.rpm  
kernel-debuginfo-common-aarch64-4.18.0-372.41.1.el8_6.aarch64.rpm  
kernel-devel-4.18.0-372.41.1.el8_6.aarch64.rpm  
kernel-headers-4.18.0-372.41.1.el8_6.aarch64.rpm  
kernel-modules-4.18.0-372.41.1.el8_6.aarch64.rpm  
kernel-modules-extra-4.18.0-372.41.1.el8_6.aarch64.rpm  
kernel-tools-4.18.0-372.41.1.el8_6.aarch64.rpm  
kernel-tools-debuginfo-4.18.0-372.41.1.el8_6.aarch64.rpm  
kernel-tools-libs-4.18.0-372.41.1.el8_6.aarch64.rpm  
perf-4.18.0-372.41.1.el8_6.aarch64.rpm  
perf-debuginfo-4.18.0-372.41.1.el8_6.aarch64.rpm  
python3-perf-4.18.0-372.41.1.el8_6.aarch64.rpm  
python3-perf-debuginfo-4.18.0-372.41.1.el8_6.aarch64.rpm

noarch:  
kernel-abi-stablelists-4.18.0-372.41.1.el8_6.noarch.rpm  
kernel-doc-4.18.0-372.41.1.el8_6.noarch.rpm

ppc64le:  
bpftool-4.18.0-372.41.1.el8_6.ppc64le.rpm  
bpftool-debuginfo-4.18.0-372.41.1.el8_6.ppc64le.rpm  
kernel-4.18.0-372.41.1.el8_6.ppc64le.rpm  
kernel-core-4.18.0-372.41.1.el8_6.ppc64le.rpm  
kernel-cross-headers-4.18.0-372.41.1.el8_6.ppc64le.rpm  
kernel-debug-4.18.0-372.41.1.el8_6.ppc64le.rpm  
kernel-debug-core-4.18.0-372.41.1.el8_6.ppc64le.rpm  
kernel-debug-debuginfo-4.18.0-372.41.1.el8_6.ppc64le.rpm  
kernel-debug-devel-4.18.0-372.41.1.el8_6.ppc64le.rpm  
kernel-debug-modules-4.18.0-372.41.1.el8_6.ppc64le.rpm  
kernel-debug-modules-extra-4.18.0-372.41.1.el8_6.ppc64le.rpm  
kernel-debuginfo-4.18.0-372.41.1.el8_6.ppc64le.rpm  
kernel-debuginfo-common-ppc64le-4.18.0-372.41.1.el8_6.ppc64le.rpm  
kernel-devel-4.18.0-372.41.1.el8_6.ppc64le.rpm  
kernel-headers-4.18.0-372.41.1.el8_6.ppc64le.rpm  
kernel-modules-4.18.0-372.41.1.el8_6.ppc64le.rpm  
kernel-modules-extra-4.18.0-372.41.1.el8_6.ppc64le.rpm  
kernel-tools-4.18.0-372.41.1.el8_6.ppc64le.rpm  
kernel-tools-debuginfo-4.18.0-372.41.1.el8_6.ppc64le.rpm  
kernel-tools-libs-4.18.0-372.41.1.el8_6.ppc64le.rpm  
perf-4.18.0-372.41.1.el8_6.ppc64le.rpm  
perf-debuginfo-4.18.0-372.41.1.el8_6.ppc64le.rpm  
python3-perf-4.18.0-372.41.1.el8_6.ppc64le.rpm  
python3-perf-debuginfo-4.18.0-372.41.1.el8_6.ppc64le.rpm

s390x:  
bpftool-4.18.0-372.41.1.el8_6.s390x.rpm  
bpftool-debuginfo-4.18.0-372.41.1.el8_6.s390x.rpm  
kernel-4.18.0-372.41.1.el8_6.s390x.rpm  
kernel-core-4.18.0-372.41.1.el8_6.s390x.rpm  
kernel-cross-headers-4.18.0-372.41.1.el8_6.s390x.rpm  
kernel-debug-4.18.0-372.41.1.el8_6.s390x.rpm  
kernel-debug-core-4.18.0-372.41.1.el8_6.s390x.rpm  
kernel-debug-debuginfo-4.18.0-372.41.1.el8_6.s390x.rpm  
kernel-debug-devel-4.18.0-372.41.1.el8_6.s390x.rpm  
kernel-debug-modules-4.18.0-372.41.1.el8_6.s390x.rpm  
kernel-debug-modules-extra-4.18.0-372.41.1.el8_6.s390x.rpm  
kernel-debuginfo-4.18.0-372.41.1.el8_6.s390x.rpm  
kernel-debuginfo-common-s390x-4.18.0-372.41.1.el8_6.s390x.rpm  
kernel-devel-4.18.0-372.41.1.el8_6.s390x.rpm  
kernel-headers-4.18.0-372.41.1.el8_6.s390x.rpm  
kernel-modules-4.18.0-372.41.1.el8_6.s390x.rpm  
kernel-modules-extra-4.18.0-372.41.1.el8_6.s390x.rpm  
kernel-tools-4.18.0-372.41.1.el8_6.s390x.rpm  
kernel-tools-debuginfo-4.18.0-372.41.1.el8_6.s390x.rpm  
kernel-zfcpdump-4.18.0-372.41.1.el8_6.s390x.rpm  
kernel-zfcpdump-core-4.18.0-372.41.1.el8_6.s390x.rpm  
kernel-zfcpdump-debuginfo-4.18.0-372.41.1.el8_6.s390x.rpm  
kernel-zfcpdump-devel-4.18.0-372.41.1.el8_6.s390x.rpm  
kernel-zfcpdump-modules-4.18.0-372.41.1.el8_6.s390x.rpm  
kernel-zfcpdump-modules-extra-4.18.0-372.41.1.el8_6.s390x.rpm  
perf-4.18.0-372.41.1.el8_6.s390x.rpm  
perf-debuginfo-4.18.0-372.41.1.el8_6.s390x.rpm  
python3-perf-4.18.0-372.41.1.el8_6.s390x.rpm  
python3-perf-debuginfo-4.18.0-372.41.1.el8_6.s390x.rpm

x86_64:  
bpftool-4.18.0-372.41.1.el8_6.x86_64.rpm  
bpftool-debuginfo-4.18.0-372.41.1.el8_6.x86_64.rpm  
kernel-4.18.0-372.41.1.el8_6.x86_64.rpm  
kernel-core-4.18.0-372.41.1.el8_6.x86_64.rpm  
kernel-cross-headers-4.18.0-372.41.1.el8_6.x86_64.rpm  
kernel-debug-4.18.0-372.41.1.el8_6.x86_64.rpm  
kernel-debug-core-4.18.0-372.41.1.el8_6.x86_64.rpm  
kernel-debug-debuginfo-4.18.0-372.41.1.el8_6.x86_64.rpm  
kernel-debug-devel-4.18.0-372.41.1.el8_6.x86_64.rpm  
kernel-debug-modules-4.18.0-372.41.1.el8_6.x86_64.rpm  
kernel-debug-modules-extra-4.18.0-372.41.1.el8_6.x86_64.rpm  
kernel-debuginfo-4.18.0-372.41.1.el8_6.x86_64.rpm  
kernel-debuginfo-common-x86_64-4.18.0-372.41.1.el8_6.x86_64.rpm  
kernel-devel-4.18.0-372.41.1.el8_6.x86_64.rpm  
kernel-headers-4.18.0-372.41.1.el8_6.x86_64.rpm  
kernel-modules-4.18.0-372.41.1.el8_6.x86_64.rpm  
kernel-modules-extra-4.18.0-372.41.1.el8_6.x86_64.rpm  
kernel-tools-4.18.0-372.41.1.el8_6.x86_64.rpm  
kernel-tools-debuginfo-4.18.0-372.41.1.el8_6.x86_64.rpm  
kernel-tools-libs-4.18.0-372.41.1.el8_6.x86_64.rpm  
perf-4.18.0-372.41.1.el8_6.x86_64.rpm  
perf-debuginfo-4.18.0-372.41.1.el8_6.x86_64.rpm  
python3-perf-4.18.0-372.41.1.el8_6.x86_64.rpm  
python3-perf-debuginfo-4.18.0-372.41.1.el8_6.x86_64.rpm

Red Hat CodeReady Linux Builder EUS (v.8.6):

aarch64:  
bpftool-debuginfo-4.18.0-372.41.1.el8_6.aarch64.rpm  
kernel-debug-debuginfo-4.18.0-372.41.1.el8_6.aarch64.rpm  
kernel-debuginfo-4.18.0-372.41.1.el8_6.aarch64.rpm  
kernel-debuginfo-common-aarch64-4.18.0-372.41.1.el8_6.aarch64.rpm  
kernel-tools-debuginfo-4.18.0-372.41.1.el8_6.aarch64.rpm  
kernel-tools-libs-devel-4.18.0-372.41.1.el8_6.aarch64.rpm  
perf-debuginfo-4.18.0-372.41.1.el8_6.aarch64.rpm  
python3-perf-debuginfo-4.18.0-372.41.1.el8_6.aarch64.rpm

ppc64le:  
bpftool-debuginfo-4.18.0-372.41.1.el8_6.ppc64le.rpm  
kernel-debug-debuginfo-4.18.0-372.41.1.el8_6.ppc64le.rpm  
kernel-debuginfo-4.18.0-372.41.1.el8_6.ppc64le.rpm  
kernel-debuginfo-common-ppc64le-4.18.0-372.41.1.el8_6.ppc64le.rpm  
kernel-tools-debuginfo-4.18.0-372.41.1.el8_6.ppc64le.rpm  
kernel-tools-libs-devel-4.18.0-372.41.1.el8_6.ppc64le.rpm  
perf-debuginfo-4.18.0-372.41.1.el8_6.ppc64le.rpm  
python3-perf-debuginfo-4.18.0-372.41.1.el8_6.ppc64le.rpm

x86_64:  
bpftool-debuginfo-4.18.0-372.41.1.el8_6.x86_64.rpm  
kernel-debug-debuginfo-4.18.0-372.41.1.el8_6.x86_64.rpm  
kernel-debuginfo-4.18.0-372.41.1.el8_6.x86_64.rpm  
kernel-debuginfo-common-x86_64-4.18.0-372.41.1.el8_6.x86_64.rpm  
kernel-tools-debuginfo-4.18.0-372.41.1.el8_6.x86_64.rpm  
kernel-tools-libs-devel-4.18.0-372.41.1.el8_6.x86_64.rpm  
perf-debuginfo-4.18.0-372.41.1.el8_6.x86_64.rpm  
python3-perf-debuginfo-4.18.0-372.41.1.el8_6.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-4139  
https://access.redhat.com/security/cve/CVE-2022-26373  
https://access.redhat.com/security/updates/classification/#important  
https://access.redhat.com/solutions/6971358

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY9AIp9zjgjWX9erEAQg9Pg/9Er7Hk82Tlcs3vY1CJJqUIfo2AVzr1z3o  
kf95Z65Nu4pUrHvInLvRQsejwHYMJQ0CUiVLzeoGey+W3p7iqN3au2rhAPgqNB80  
z6ZgznAXhIoTHKZYDrRFmc7WKUcmwI+GFcpojzImdAyBTOlKAOUArLo/ymdVN1PR  
ByVc/0twtkhaCbkacs3ZqH0YsRl9M5oz6TWPG5Vl47v25hy/NBG8IgANeDBYBDsL  
101xyBH0eukaXYjral2bDfGNnTVM8rasnVTzbM1e78qs2Xy+YcMgiweoYGh8/ci/  
EsRr2lad0aoLL6vzV14QaCV3O5yOXRanFXgj4V3Ur5KQD++Fm6GVXrJJrpGiofdl  
dZP1gt7u70OdPNHJDGULnuA38fqI9q1Y7q/joeIEQW8DNNaltylSkH6QbcQORWdJ  
+RCrvXCEEN2OByn12mphTor70RiiYysCc8ZPvjZ8IV1bcFdDJn2zYryauvChCXg3  
z4mPg/tCkGKuHPkUFb8rpwlwctxPNl2T/AaFrpLCbJEZ7xFHikId7WyQo3lDQP6e  
9Zoq8GibW+Sk0pKs/6nD5tAA8ELFcibXbqBf1c0ryJtdkHMnr6egh7//df4eO0KM  
vS2ftNd/dwjSXDZW7thARNfXNy1IjozVnkx5Lljp+CEFB8alQvjPiJXA+kdxhBgo  
UqlXQmL4JOQ=V4KT  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-0440-01

The Wordfence Threat Intelligence team has released their 2022 State of WordPress Security report. In the report, they look at changes in the threat landscape, analyze impactful trends, and provide recommendations based on their findings.

Wordfence 2022 State Of WordPress Security

Report identifies 1.75m cyberattacks were stopped by BlackBerry in the last 90 days.

**WATERLOO, ON****,** **Jan. 25, 2023** **/PRNewswire/ --** BlackBerry Limited (NYSE: BB; TSX: BB) today released its Global Threat Intelligence Report, highlighting the volume and model of threats across a range of organizations and regions, including industry-specific attacks targeting the automotive and manufacturing, healthcare and financial sectors. After the success and continued demand for its annual threat report, BlackBerry has switched to a quarterly cadence to match the speed adversaries evolve to provide a more holistic view of the threat landscape, helping businesses to prepare and protect themselves accordingly.

BlackBerry's Threat Research and Intelligence team identified that in the 90 days between September 1 and November 30, 2022 (Q4), BlackBerry's AI-driven prevention-first technology stopped 1,757,248 malware-based cyberattacks. This includes 62 unique samples per hour, or one sample each minute. The most common cyber-weapons used in  attacks include the resurgence of the Emotet botnet after a four-month dormancy period, the extensive presence of the Qakbot phishing threat, which hijacks existing email threads to convince victims of their legitimacy, and the increase in infostealer downloaders like GuLoader.

"Annual threat reports have been a fantastic way to provide insight into overall trends, but now more than ever, organizations need to make well-informed decisions and take prompt effective actions, using the latest actionable data," said Ismael Valenzuela, Vice President, Threat Research & Intelligence at BlackBerry. "Our public and private reports are written by our top threat researchers and intelligence analysts, world-class experts that not only understand the technical threats but also the global and local geopolitical situation, and how it affects organizational threat models in each region. This expertise allows us to provide actionable and contextualized threat intelligence to increase cyber resilience and to enable mission and business objectives."

Highlights from the report include:

*   **MacOS is not immune**. It is a common misconception that macOS is a "safe" platform due to it being used less among enterprise systems. However, this could be lulling IT managers into a false sense of security. BlackBerry explores the pernicious threats targeting macOS, including malicious codes that are sometimes even explicitly downloaded by users. In Q4, the most-seen malicious application on macOS was Dock2Master which collects users' data from its own surrepticious ads. BlackBerry researchers noted that 34 percent of client organizations using macOS had Dock2Master on their network.
*   **RedLine was the most active and widespread infostealer in this last quarter.** Post-pandemic work models have necessitated the need for businesses to support remote and hybrid employees, putting corporate credentials at greater risk of attack from malicious actors than ever before. RedLine is capable of stealing credentials from numerous targets including browsers, crypto wallets, and FTP and VPN software, among others, and selling them on the black market. Cybercriminals and nation state threat actors rely on initial access brokers trading stolen credentials. RedLine is one of them providing initial access to another threat actors.
*   **BlackBerry is uniquely positioned to uncover threats that affect industries that aren't often discussed in other threat reports**. With a strong presence in both the cyber and IoT markets, BlackBerry provides insights into the current threat landscape and trends for the future that affect the automotive and manufacturing industries, along with financial and healthcare. The report includes analysis of GuLoader and the BlackCat ransomware group that targets small-to-medium sized enterprises, largely in the manufacturing sector, and threatens victims to leak compromised data to further extort their ransom.

To learn more, download a copy of the Global Threat Intelligence Report: Delivering Actionable and Contextualized Intelligence to Increase Cyber Resilience now, and tune into BlackBerry's LinkedIn Live Session on January 26th to discover more.

**About BlackBerry**

BlackBerry (NYSE: BB; TSX: BB) provides intelligent security software and services to enterprises and governments around the world. The company secures more than 500M endpoints including over 215M vehicles. Based in Waterloo, Ontario, the company leverages AI and machine learning to deliver innovative solutions in the areas of cybersecurity, safety, and data privacy solutions, and is a leader in the areas of endpoint security, endpoint management, encryption, and embedded systems.  BlackBerry's vision is clear - to secure a connected future you can trust.

BlackBerry's Inaugural Quarterly Threat Intelligence Report Reveals Threat Actors Launch One Malicious Threat Every Minute

Ticketmaster testified in the Senate that a cyberattack was to blame for the high-profile Taylor Swift concert sales collapse, but some senators aren't so sure.

When armies of Taylor Swift fans in November were locked out of being able to purchase tickets for her upcoming The Eras tour, the so-called "Swifties" demanded answers.

And the Senate agreed.

This week, Ticketmaster testified in Senate Judiciary Committee hearings that it's not the company's monopoly on the live music market that caused the Swifty sales collapse — it was instead a cyberattack, executives said.

"There was unprecedented demand for Taylor Swift tickets," according to the opening testimony, shared ahead of the hearing with Dark Reading. "We knew bots would attack that on-sale, and planned accordingly."

However, Ticketmaster added that it received triple the amount of bot traffic that it had ever experienced, with bots both attempting to purchase tickets as well as breach the ticket sales servers for access codes.

"While the bots failed to penetrate our systems or acquire any tickets, the attack required us to slow down and even pause our sales," according to the company, which added that the difference in this instance is that instead of bots attempting to beat humans to the tickets, these bots were also attacking the system itself.

Some senators, including Marsha Blackburn, a Republican from Tennessee, didn't agree with Ticketmaster's assessment that the company was prepared in advance for the Taylor Swift swarm.

"This is unbelievable," Blackburn said during the hearing. She added, "Why is it that you have not developed an algorithm to sort out what is a bot and what is a consumer?"

Ticketmaster asked the Senate to consider stronger anti-bot legislation, enforcement, and penalties, but that does little to help shore up systems for future blockbuster tour event sales against an increasingly aggressive legion of shopper bots.

"It is absolutely an ever-growing arms in race in terms of fighting the bots," Berchtold said in response to Senator Blackburn's questioning. "These are bots that are trying to impersonate people on an automated basis. They are faster and putting American consumers at a disadvantage."

**When Bot Traffic Looks Like a DDoS Attack**

Rather than a targeted, intentional distributed denial-of-service (DDoS) attack, Ticketmaster's outage was simply the result of the system getting crushed under a tidal wave of traffic. But the result was the same: disruption.

"Botnets are often used to launch DDoS attacks; they're also used to do other things such as attempting to quickly (and unfairly!) snap up tickets to popular events the moment they go on sale," Roland Dobbins, a DDoS expert and principal engineer with Netscout, explains to Dark Reading. 

He adds, "Even though the intent in the latter scenario isn’t to cause an outage — which defeats the purpose of the bot-driven purchases — high levels of aggressive, bot-driven, 'flash crowd' transactions can effectively constitute an unintentional application-layer DDoS attack against the online ticket vending system, if all the key elements in the system’s service delivery chain haven’t been designed with resilience, scale, and defense against application-layer DDoS attacks in mind."

**SeatGeek Had Similar, but Not as Serious, Swift Sales Problems**

Although it was also bogged down under a similar traffic spike, Ticketmaster competitor Seat Geek was able to sell tickets to 52 Taylor Swift concerts without the same technical failures, the company explained to Politico, blaming Ticketmaster's troubles on its market monopoly.

"Ticketmaster’s outage, recovery time, and continued lack of a solution are the results of a monopoly’s complacency," SeatGeek said in a statement. "No competition means no incentive to innovate and iron out problems that they’ve experienced in the past."

**Bot & DDoS Attack Defense Differ**

Online retailers trying to protect against both bots and DDoS attacks need to adopt different approaches for each, Boaz Gelbord, senior vice president and chief security officer at Akamai, explains to Dark Reading in reaction to the Ticketmaster Senate testimony.

"Organizations face an increasing array of cyber-threats during 'hype events' such as flash sales or online commercial events," Gelbord says. "These can include both DDoS attacks aimed at bringing down the event and bots that aim to subvert the legitimate sales process. The goals of these attacks differ and they also require different protection."

DDoS protection is about putting up infrastructure and application defenses prior to an attack, while thwarting bots requires "a deeper understanding of the behavior to determine which traffic is legitimate and which is automated," Gelbord explains.

**Battling the Bot Problem**

Online brands experienced a 71% increase in bot attacks in 2022 over 2021, with bad bots making up nearly a third of online traffic, Michael Pezely points out in response to the Ticketmaster hearing.

"All these trends were reflected in Ticketmaster’s own experience with the Taylor Swift tour," Pezely adds. "While 3.5 million fans preregistered as verified fans, according to Ticketmaster, 3.5 billion purchase attempts were made."

Pezely urges online retailers to consider a holistic artificial intelligence (AI) approach to battling the bot problem.

"Fighting AI with AI will continue to be part of the solution. Merchants, whether they’re selling PlayStations, sneakers, or tickets, can counter the bots with learning machines that provide the intelligence to understand the identity and intent behind each order," Pezely explains. "That understanding allows merchants to turn to automation to block illegitimate orders."

Ticketmaster Blames Bots in Taylor Swift 'Eras' Tour Debacle

Mainz brings 25 years of industry experience to execute on Forescout’s strategy and drive its next phase of growth.

**SAN JOSE, Calif.--(****BUSINESS WIRE****)--** Forescout Technologies Inc., the global leader in compliance and cybersecurity for all connected devices, today announced that Barry Mainz will join the company as CEO, effective immediately.

Barry Mainz brings more than 25 years of experience in executive leadership across infrastructure software and cybersecurity companies. Mainz has served as CEO and member of the Board of Directors for MobileIron and also led Wind River Systems, a division of Intel, as President during important years of growth. Additionally, Mainz has held leadership roles, as well as advisory and board positions at private and public companies such as Mercury Interactive, Makara (acquired by Red Hat, Inc.) and Sun Microsystems.

“Barry has been working with Wael, our Board and myself for the last several months as we prepared to execute our next stage of growth. Barry is a passionate and inspirational leader who delivers customer value, builds strong teams and drives operational discipline and rigor,” said Greg Clark, Chairman of the Board, Forescout and former CEO of cybersecurity companies BlueCoat and Symantec. “His experience across scaled and innovative companies makes him an ideal leader to take the company to the next level. Barry rounds out a fantastic team at Forescout and will be building on our strong foundation. We are pleased with the results of Forescout’s journey to date, and we are excited about the new value Forescout is bringing to our customers through our acquisitions as well as our organic development.”

Bryan Taylor, head of Advent’s technology investment team and a Managing Partner in Palo Alto added, “We are excited for Barry’s appointment as CEO as he brings a wealth of experience and expertise to the role, and we are confident that under his leadership, the company will continue to thrive and achieve even greater success. We also want to thank Wael Mohamed for his leadership and his significant contribution to Forescout.”

“I am really excited about the work we’ve done to plan Forescout’s next horizon and am thrilled to partner with our Board, our strong management team and employees as we execute our plans,” said Barry Mainz, CEO, Forescout. “Working together with Greg and our Board over the past few months gives me high confidence that we are on the right strategy and will deliver immense value to our customers.”

**About Forescout**

Forescout Technologies, Inc. delivers compliance and cybersecurity for all connected devices, including IT, IoT, OT, IoMT, and cloud environments. The Forescout Platform provides complete asset visibility, continuous compliance, network segmentation and a strong foundation for Zero Trust. For more than 20 years, Fortune 100 organizations and government agencies have trusted Forescout to provide automated cybersecurity at scale. Forescout arms customers with data-powered intelligence to accurately detect risks and quickly remediate cyberthreats without disruption of critical business assets. www.forescout.com

Managing cyber risk, together.

Forescout Appoints Technology Veteran Barry Mainz as CEO

Restoration teams must be part of a collaborative, initial response team to address costly downtime.

**CHATTANOOGA, Tenn.****,** **Jan. 24, 2023** **/PRNewswire/ --** Fenix24, a leading provider of disaster recovery services, released a white paper proposing a new flow for post-cybersecurity breach incident response that would significantly shorten downtime, the most-costly aspect of cyberattacks today. The paper, titled "The High Price of Business Interruption Requires New Response Modalities," argues that today's cyberattacks, particularly ransomware, have been designed to cause maximum destruction to the organization; and since downtime can cost between $100K and $1M for most organizations, it's time to redesign incident response (IR) flows to reduce business interruption by getting companies back to business faster. This can be accomplished by prioritizing restoration efforts to begin in the immediate aftermath of breach discovery. 

"The earlier restoration teams are brought into events, the lower the overall business interruption expenses," said Heath Renfrow, co-founder, Fenix24. "A few years ago, restoration was turning on systems. Today, these teams are essential to accelerating forensic data capture, establishing remote access into a compromised environment, and helping identify and prioritize critical systems for restoration, easing the pain of business interruption. When restoration is there from the beginning, everyone else can move faster. We have forged new models with Digital Forensics/Incident Response partners that are very collaborative and, in concert with Fenix24's intelligent restoration strategies, are producing up to 50% shorter downtimes."

The paper: proposes that the industry at large considers redefining the incident response model to involve restoration teams in the initial attack aftermath; encourages cyber insurance carriers to include restoration panels in their policies to encourage greater referral rates for high-quality restoration experts; and urges DFIR solutions providers not already adopting a collaborative model to consider the advantages it provides. Today's pre-, mid- and post-incident efforts can be greatly supported by real-time orchestration and communications tools such as Cygnvs, helping make this collaborative model a reality.

Historically, breach coaches have brought in Digital Forensics/Incident Response Teams (DFIR) to take the lead in containing the incident and providing initial response. DFIR leads or breach coaches may—or may not—recommend restoration partners following this process, which can extend business interruption weeks or even months. However, it is becoming clear to customers and carriers alike that downtime is becoming far too expensive and commands most of the incident's exorbitant costs.

"At Eos, we work closely with large insurers and vendors in the cyber sector and consistently hear how business interruption has become a major factor in escalating cyber losses," said Zach Powell, partner at Eos Venture Partners. "Through our research, we see that BI now accounts for over 50% of losses in select cyber lines."

**Resource:** Download and read the full white paper**.**  

**About Fenix24**

Fenix24, part of the Conversant Group family of companies, is raising the bar for post-incident disaster recovery and restoration with a fast, thorough and professional operation. Our battle-tested professionals execute the most intelligent and strategic recovery playbook for minimal cost of incident response and business interruption. Fenix24 is the army you need to push out the criminals that have compromised your environment and restore your company's IT operations. Learn more at fenix24.com.

SOURCE Fenix24

Fenix24 Releases White Paper Proposing New Cyber Incident Response Paradigm

Respondents indicate organizations are unprepared to handle cyberwarfare, there's no one-size-fits-all response to ransomware, and cybersecurity spending is on the rise.

**SAN** **FRANCISCO** **,** **Jan.** **24**, **2023** **/PRNewswire/ --** Armis, the leading asset visibility and security company, today announced the Armis State of Cyberwarfare and Trends Report: 2022-2023, which highlights global IT and security professionals' sentiment on cyberwarfare. The study shares sentiment from more than 6,000 global respondents across multiple industries, including healthcare, critical infrastructure, retail, supply chain and logistics, and more.

The Russian invasion of Ukraine has not only tragically upended the lives of countless people in a sovereign nation, but it is also causing geopolitical shockwaves of cyberwarfare that will reverberate for the foreseeable future. Today's targets extend well beyond the higher levels of the opposition governments; any organization is a potential victim, with critical infrastructure and high-value entities at the top of the list.

"Cyberwarfare is the future of terrorism on steroids, providing a cost-effective and asymmetric method of attack, which requires constant vigilance and expenditure to defend against," said Nadir Izrael, CTO and Co-founder of Armis. "Clandestine cyberwarfare is rapidly becoming a thing of the past. We now see brazen cyberattacks by nation-states, often with the intent to gather intelligence, disrupt operations, or outright destroy data. Based on these trends, all organizations should consider themselves possible targets for cyberwarfare attacks and secure their assets accordingly."

Key global findings from the Armis State of Cyberwarfare and Trends Report: 2022-2023 include:

*   One-third (33%) of global organizations are not taking the threat of cyberwarfare seriously, identifying as indifferent or unconcerned about the impact of cyberwarfare on their organization as a whole, leaving room for security gaps.
*   Nearly a quarter of global organizations (24%) feel underprepared to handle cyberwarfare. Even still, the lowest-ranking security element in the eyes of IT professionals is preventing nation-state attacks (22%).
*   Over 3 in 5 (64%) IT and security professionals surveyed agree with the statement, 'The war in Ukraine has created a greater threat of cyberwarfare.'
*   Over half (54%) of professionals who are the sole decision maker for IT security said they experienced more threat activity on their network between May 2022 and October 2022 when compared to the six months prior.
*   Over half (55%) of IT professionals surveyed agree with the statement, 'My organization has stalled or stopped digital transformation projects due to the threat of cyberwarfare.' This percentage is even higher in specific countries, including Australia (79%), the U.S. (67%), Singapore (63%), the UK (57%), and Denmark (56%). 
*   When asked about their organization's policy on paying ransoms in the event of a ransomware attack, IT professionals globally were divided in their responses. Twenty-four percent of respondents indicated their organization always pays, 31% said their organization only pays when customer data is at risk, 26% said the organization never pays, and 19% indicated that it depends.
*   Just over three-quarters (76%) of IT professionals surveyed agree that the boards of directors are changing their organization's culture towards cybersecurity in response to the threat of cyberwarfare.
*   Almost 4 in 5 (78%) IT professionals surveyed said, when thinking about recent and ongoing sudden global events (such as the pandemic, Ukraine conflict, etc.), it's likely that their company invests more of its budget into cybersecurity, with nearly 2 in 5 (37%) who think it's very likely.

Proprietary data from the Armis Asset Intelligence and Security Platform collected from June 1, 2022 through November 30, 2022 confirmed the aforementioned trends haven't slowed, only worsened. Threat activity against the global Armis customer base increased by 15% from September to November when compared to the three months prior. Further, Armis identified the largest percentage of threat activity against critical infrastructure organizations, with healthcare organizations the second most targeted when compared to various industries.

In addition to the key global findings from the report and complimentary proprietary data from the Armis platform, Armis zoomed in on regional trends with unique country-by-country analysis within breakout reports for the U.S., UK, France, DACH (Austria, Germany, Switzerland), Iberia, Italy, Denmark, the Netherlands, and APJ (Australia, Japan, Singapore).

For further information on the Armis State of Cyberwarfare and Trends Report: 2022-2023, please visit: https://www.armis.com/cyberwarfare/

**Methodology**

Armis surveyed 6,021 IT and security professionals in firms with more than one hundred employees across the U.S., UK, France, DACH (Austria, Germany, Switzerland), Iberia, Italy, Denmark, the Netherlands, and APJ (Australia, Japan, Singapore). Those findings were gathered between September 22, 2022 and October 5, 2022 and depict the state of cyberwarfare globally across various regions and industries.

**About Armis**

Armis, the leading asset visibility and security company, provides the industry's first unified asset intelligence platform designed to address the new extended attack surface that connected assets create. Fortune 100 companies trust our real-time and continuous protection to see with full context all managed, unmanaged assets across IT, cloud, IoT devices, medical devices (IoMT), operational technology (OT), industrial control systems (ICS), and 5G. Armis provides passive cyber asset management, risk management, and automated enforcement. Armis is a privately held company and headquartered in California.

Armis State of Cyberwarfare and Trends Report: 2022-2023 Highlights Global IT and Security Professionals' Sentiment on Cyberwarfare

Machine learning offers great opportunities, but it still can't replace human experts.

Machine intelligence has captured the human imagination since the invention of the first modern computer in the mid-20th century. And the latest milestone in artificial intelligence, ChatGPT, has reinvigorated our pervasive interest in AI's ability to simplify the way we work.

ChatGPT's advancements in machine learning are impressive: Its high-quality outputs feel close to human. The strides it represents for AI systems signal that even more remarkable achievements are close to reality. But while ChatGPT suggests that the full potential of AI is drawing nearer, the reality is it still isn't quite here. Right now, there are great opportunities for machine learning to augment human intelligence, but it still cannot replace human experts.

**The Obstacles Between ChatGPT and the Future It Promises**

A complete reliance on AI can only happen if any given AI technology is proven more effective than all the other tools used to serve the same purpose. And AI hasn't yet developed to run entirely autonomously. Narrow AI (ANI) often describes the AI we see today: AI designed for a single task, such as a chatbot or image generator. ANI still requires human supervision and some manual configuration to function and is not always run and trained upon the latest data and intelligence. In this case, Reinforcement Learning from Human Feedback (RLHF), which allows the model to learn from correct and incorrect responses to requests, helped train ChatGPT.

Our human inputs into AI systems pose a significant challenge as well. Machine learning models can be colored by our personal views, culture, upbringing, and world perspectives, limiting our ability to create models that entirely remove bias. If improperly used and trained, ANI can further ingrain our biases into our work, systems, and culture. We've even seen bug bounties dedicated to removing AI bias, underscoring these challenges. Complete dependence would be problematic unless we can identify how to build more robust AI systems that mitigate human bias.

**It's Foolish to Rely Fully on AI for Cybersecurity**

The growing threat landscape, diversification of attack vectors, and highly resourced cybercriminal groups necessitate a multipronged approach that leverages the strengths of both human and machine intelligence. A survey conducted in 2020 found 90% of cybersecurity professionals believed cybersecurity technology is not as effective as it should be and is partially responsible for the continued success of attackers. Fully trusting AI will only exacerbate many organizations' already significant overreliance on these ineffective automation and scanning tools, and vulnerability reports generated by AI with "confidently wrong" false positives can even add friction to remediation efforts.

Technology has its place, but nothing will compare to what a skilled human with a hacker mindset can produce. The type of high-severity vulnerabilities found by many hackers requires creativity and a contextual understanding of the affected system. A vulnerability report written by ChatGPT compared with one developed end to end by a hacker demonstrates this gap in proficiency. When tested, the former's report was repetitive, lacked specificity, and failed to provide accurate information, while the latter offered full context and detailed mitigation guidance.

**AI Can Supercharge Your Security Team**

There is a middle ground. Artificial intelligence _can_ accomplish tasks faster and more efficiently than any one person. That means AI can make work much easier for cybersecurity professionals.

Ethical hackers already use existing AI tools to help write vulnerability reports, generate code samples, and identify trends in large data sets. The diverse skill set of the hacker community fills the capability gaps of AI. Where AI really helps is providing hackers and security teams with the most critical component for vulnerability management: speed.

With nearly half of organizations lacking the confidence to close their security gaps, AI can play an instrumental role in vulnerability intelligence. AI's ability to reduce time to remediation by helping teams process large data sets faster could supercharge how quickly internal teams analyze and categorize vast swaths of their unknown attack surface.

**Narrow AI Could Help Address Major Industry Challenges**

We're already seeing governments recognize the potential of narrow AI: The Cybersecurity and Infrastructure Security Agency (CISA) lists AI as one possible vulnerability intelligence solution for software supply chain security. When the daily minutiae of important cybersecurity work is eliminated, the humans behind the technology are freed to pay closer attention to their attack surface, remediate vulnerabilities better, and build stronger strategies to defend against cyberattacks.

Soon, ANI could unlock even more potential from the hackers and cybersecurity professionals that use it. Instead of worrying about AI taking their jobs, security professionals should cultivate a diverse skill set that complements AI tooling while also maintaining a keen awareness of its current limitations. AI is far from replacing human thought, but that doesn't mean it cannot help create a better future. For an industry with a significant skills gap, AI could make all the difference in building a safer Internet.

Chat Cybersecurity: AI Promises a Lot, But Can It Deliver?

Apple Security Advisory 2023-01-23-5 - macOS Monterey 12.6.3 addresses buffer overflow, bypass, code execution, and information leakage vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

APPLE-SA-2023-01-23-5 macOS Monterey 12.6.3

macOS Monterey 12.6.3 addresses the following issues.  
Information about the security content is also available at  
https://support.apple.com/HT213604.

AppleMobileFileIntegrity  
Available for: macOS Monterey  
Impact: An app may be able to access user-sensitive data  
Description: This issue was addressed by enabling hardened runtime.  
CVE-2023-23499: Wojciech Reguła (@_r3ggi) of SecuRing  
(wojciechregula.blog)

curl  
Available for: macOS Monterey  
Impact: Multiple issues in curl  
Description: Multiple issues were addressed by updating to curl  
version 7.86.0.  
CVE-2022-42915  
CVE-2022-42916  
CVE-2022-32221  
CVE-2022-35260

curl  
Available for: macOS Monterey  
Impact: Multiple issues in curl  
Description: Multiple issues were addressed by updating to curl  
version 7.85.0.  
CVE-2022-35252

dcerpc  
Available for: macOS Monterey  
Impact: Mounting a maliciously crafted Samba network share may lead  
to arbitrary code execution  
Description: A buffer overflow issue was addressed with improved  
memory handling.  
CVE-2023-23513: Dimitrios Tatsis and Aleksandar Nikolic of Cisco  
Talos

DiskArbitration  
Available for: macOS Monterey  
Impact: An encrypted volume may be unmounted and remounted by a  
different user without prompting for the password  
Description: A logic issue was addressed with improved state  
management.  
CVE-2023-23493: Oliver Norpoth (@norpoth) of KLIXX GmbH (klixx.com)

DriverKit  
Available for: macOS Monterey  
Impact: An app may be able to execute arbitrary code with kernel  
privileges  
Description: A type confusion issue was addressed with improved  
checks.  
CVE-2022-32915: Tommy Muir (@Muirey03)

Intel Graphics Driver  
Available for: macOS Monterey  
Impact: An app may be able to execute arbitrary code with kernel  
privileges  
Description: The issue was addressed with improved bounds checks.  
CVE-2023-23507: an anonymous researcher

Kernel  
Available for: macOS Monterey  
Impact: An app may be able to execute arbitrary code with kernel  
privileges  
Description: The issue was addressed with improved memory handling.  
CVE-2023-23504: Adam Doupé of ASU SEFCOM

Kernel  
Available for: macOS Monterey  
Impact: An app may be able to determine kernel memory layout  
Description: An information disclosure issue was addressed by  
removing the vulnerable code.  
CVE-2023-23502: Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte.  
Ltd. (@starlabs_sg)

PackageKit  
Available for: macOS Monterey  
Impact: An app may be able to gain root privileges  
Description: A logic issue was addressed with improved state  
management.  
CVE-2023-23497: Mickey Jin (@patch1t)

Screen Time  
Available for: macOS Monterey  
Impact: An app may be able to access information about a user’s  
contacts  
Description: A privacy issue was addressed with improved private data  
redaction for log entries.  
CVE-2023-23505: Wojciech Regula of SecuRing (wojciechregula.blog)

Weather  
Available for: macOS Monterey  
Impact: An app may be able to bypass Privacy preferences  
Description: The issue was addressed with improved memory handling.  
CVE-2023-23511: Wojciech Regula of SecuRing (wojciechregula.blog), an  
anonymous researcher

WebKit  
Available for: macOS Monterey  
Impact: Processing maliciously crafted web content may lead to  
arbitrary code execution  
Description: The issue was addressed with improved memory handling.  
WebKit Bugzilla: 248268  
CVE-2023-23518: YeongHyeon Choi (@hyeon101010), Hyeon Park  
(@tree_segment), SeOk JEON (@_seokjeon), YoungSung Ahn (@_ZeroSung),  
JunSeo Bae (@snakebjs0107), Dohyun Lee (@l33d0hyun) of Team ApplePIE  
WebKit Bugzilla: 248268  
CVE-2023-23517: YeongHyeon Choi (@hyeon101010), Hyeon Park  
(@tree_segment), SeOk JEON (@_seokjeon), YoungSung Ahn (@_ZeroSung),  
JunSeo Bae (@snakebjs0107), Dohyun Lee (@l33d0hyun) of Team ApplePIE

Windows Installer  
Available for: macOS Monterey  
Impact: An app may be able to bypass Privacy preferences  
Description: The issue was addressed with improved memory handling.  
CVE-2023-23508: Mickey Jin (@patch1t)

Additional recognition

Kernel  
We would like to acknowledge Nick Stenning of Replicate for their  
assistance.

macOS Monterey 12.6.3 may be obtained from the Mac App Store or  
Apple's Software Downloads web site:  
https://support.apple.com/downloads/  
All information is also posted on the Apple Security Updates  
web site: https://support.apple.com/en-us/HT201222.

This message is signed with Apple's Product Security PGP key,  
and details are available at:  
https://www.apple.com/support/security/pgp/  
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmPPIl8ACgkQ4RjMIDke  
NxlXeg/+JwvCu4zHuDTptxkKw1gxht0hTTVJvNjgNWj2XFtnOz9kCIupGj/xPTMl  
P9vABQWRbpEJfCJE31FbUcxRCMcr/jm8dDb1ocx4qsGLlY5iGLQ/M1G6OLxQVajg  
gGaCSMjW9Zk7l7sXztKj4XcirsB3ft9tiRJwgPUE0znaT70970usFdg+q95CzODm  
DHVoa5VNLi0zA4178CIiq4WayAZe90cRYYQQ1+Okjhab/U/blfGgEPhA/rrdjQ85  
J4NKTXyGBIWl+Ix4HpLikYpnwm/TKyYiY+MogZ6xUmFwnUgXkPCc4gYdPANQk064  
KNjy90yq3Os9IBjfDpw+Pqs6I3GMZ0oNYUKWO+45/0NVp5/qjDFt5K7ZS+Xz5Py7  
YrodbwaYiESzsdfLja9ILf8X7taDLHxxfHEvWcXnhcMD1XNKU6mpsb8SOLicWYzp  
8maZarjhzQl3dQi4Kz3vQk0hKHTIE6/04fRdDpqhM9WXljayLLO7bsryW8u98Y/b  
fR3BXgfsll+QjdLDeW3nfuY+q2JsW0a2lhJZnxuRQPC+wUGDoCY7vcCbv8zkx0oo  
y1w8VDBdUjj7vyVSAqoZNlpgl1ebKgciVhTvrgTsyVxuOA94VzDCeI5/6RkjDAJ+  
WL2Em8qc4aqXvGEwimKdNkETbyqIRcNVXWhXLVGLsmHvDViVjGQ=  
=BbMS  
-----END PGP SIGNATURE-----

Tag

#intel