Show Notes
A podcast about cloud adoption and cybersecurity.
Website: https://www.globaltech.tv/
Social networks: https://linktr.ee/globaltechtv
View Full Transcript
Episode Transcript
[00:00:02] Speaker A: Hello everyone and welcome to another episode of Global Tech tv. And last month I couldn't be. I received a lot of complaints, mainly of this forum. But now I am back with full power. How are you guys and women.
[00:00:21] Speaker B: Doing? Great.
[00:00:25] Speaker C: Amazing.
[00:00:26] Speaker A: Great.
[00:00:27] Speaker D: Yeah. So I didn't miss you. Real. I didn't miss you.
[00:00:30] Speaker A: Thank you very much. You look very focused. Well. So I think that we should start with you, please.
[00:00:36] Speaker D: Thank you. Ariel.
It wasn't planned but you know I. I can do that just because you ask. And you are here today.
[00:00:45] Speaker A: Yeah.
[00:00:45] Speaker D: So surprise. I'm gonna speak about lots of cyber news today focusing on November. November 2024. So one of the biggest data breach that actually caught my eye was with Amazon. They officially confirmed employee data breach after a vendor hack. And stay tuned because we're going to speak about the threats, how it's been compromised, what was the source of breach, what is the name of the group? I know you have lots of tension, but I'm going to try to do it past with you. So first of all, the incident confirmation by by Amazon. Amazon officially confirmed a data breach affecting the employee information which is already good for them to to confirm that about the Data compromise over 2.8 million lines of employees that are leaked including all the names, content details, building locations and work email and addresses. So out there just dropping name. John, they know you are in building A. You're sitting in row six. So be careful because next time maybe they're gonna turn off the L condition on you. So non sensitive data breach or Social Security number of financial information was compromised relief. But still, you know they have the information. The source of the breach actually the data stolen from a third party service provider managing Amazon properties or properties, which is super surprising. Third party risk management, suppliers and all these type of risk. We spoke about it so many times and it happens again into Amazon. It's not into Amazon. Yeah, meaning it can happen to anyone. No one is immune.
[00:02:50] Speaker C: Right?
[00:02:50] Speaker D: It's not. It's not. You don't have the immunity.
And then the vendor response was you need to patch this vulnerability.
Surprise. Okay, we're gonna patch it next time. The scope of the attack they were attacking, the attacking group was num3l3ss.
Would you remember that Aviel Nameless.
Yeah, they're actually the proxy because we're going to speak in a second who's built the malware, which is much, much more familiar group. The data was form companies that leaked, including major firms like Lenovo, hp, hsbc. So they took the data from there and they actually Leveraged it on the attack. Meaning each time that we see an attack it doesn't mean that the information discovery phase the attack group is actually created on the target in this case which Amazon not always coming from Amazon. Meaning they collected from another company and use it to attack another company.
And this is all the meaning of supply chain attack by the way. The data source from exposure database and ransomware gang leaks. This is where they took the information all the attack and this is how it worked. There is a chain of commands in each of attack. So the attack was orchestrated by Club Ransomware group. They are very well known, very notorious, they did lots of attacks unfortunately and they explored a zero day vulnerability in movie transfer we already heard about a few months ago. It's still over there in the wild attacker are still using it. So my advice patch, patch, patch, patch.
The COIN status that Amazon stated is that Amazon and the affected vendor are addressing the breach. Thank you.
Ongoing investigation ensure further vulnerability exists. Very formal, they use a very good pr, very good communication and this is what they need to do. Next time please read the known vulnerability and just patch it. I will not have the news but you gonna be more protected anyway. Thank you bleeping computer for providing us this information and you're going to have it in the show notes afterwards.
Jumping from Amazon to another space in Europe with a big federation Russians they like to hack. They don't admit that but again this is a very interesting one. Russian attacker exploit new MTLM flow to deploy RAT which is remote access Trojan malware via phishing email. For the ones of you listen and stay until this point and I hope you're going to say more.
I'm going to explain what is ltm ltm, it's network transfer level domains actually the protocol that Microsoft created. It's a suite for security to utilize challenge respond mechanism authentication and preventing the need of send password over the network. Meaning when you exploit NTLM you're actually getting a hash and you can do pass the key. If you heard about this type of attack and this is what they did, they were able to pass the key of the hash of NTLM flow and how they did it surprise by fishing. So the vulnerability by the way, it's gonna be a bit surprise to some of you. For some of you, yes, some of some of you know the CVSS score which is the risk or the priority of the of the CV was 6.5. So basically if you have vulnerability management and you're looking at that, you would say hey, it's a low priority but guess what priority? Medium. Medium. Thank you. Yeah, it's a medium priority. We will do that maybe next year, maybe in two years and maybe never. Yeah, medium priority. Always go for urgent, high and extreme. But guess what?
The attackers knows that well so they are also using a medium score and exploit environments the discovery things.
[00:07:40] Speaker A: How do you know this real knows what the that is a medium According.
[00:07:46] Speaker C: To the score I'm guessing something above 7 point something is considered high. 6 point something is naturally the the rate is between I'm guessing 1 and 10 which I don't recall ever seeing a 10 but in the past couple of months I have seen nine and above which is like super critical. Don't wait patch it unless it's a zero day and the vendor hasn't released a pitch. But by the way Raspi, before I can do I just have to say that NTN protocol is an ancient protocol. You can find it in many traditional data centers. Any organization still using Microsoft Active Directory it's like compatibility for previous versions.
It was even eventually way before Kerberos.
I'm still amazed that the organization haven't closed it yet, haven't disabled it yet. But again there's so many legacy systems so I'm guessing NTLM is still exist out there.
You would never find it on cloud native environments. It's a legacy protocol.
[00:09:00] Speaker D: And the problem in the pain is that there are lots, lots of companies that still have on prem they cannot move to the cloud based on what you just mentioned, legacy software frameworks or other softwares and even though you're going to come to them and say hey, you need to change your NTLM to Kerberos, unfortunately they can't. They can't but they need to have other compensation tools in order to try to mitigate this type of attack. One of the mitigation is by understanding the software, the supply chain of the software and try to patch the vulnerability in the right spot. But this is easier said than done. Okay. It's a continuous pain. Lots of vulnerability management persons will if they were on this call they would say yeah, it's nice to speak about it on the news but it's a challenge, it's a huge challenge to prioritize. Let's go back to the WHO find it which I feel proud. It was an Israeli cyber security company called Clear sky and by the way they found that when the Russians tried to attack Ukrainians part of the the conflict, part of the ongoing war. It's already above 1000 days people suffering over there and I pray for Everyone that it's gonna stop and, and it's going to be very peaceful soon. But this was part of the, of the operation. They actually send in phishing attacks to compromise Ukrainian government and this is how they discover it. Of course they use it afterwards for another companies as well.
A link by the way to the Russian actor, if you want to know his name is less easy to remember. It was UAC 0194. Ariel, would you remember that for next time?
[00:11:02] Speaker A: UAC 0194.
[00:11:06] Speaker C: It's like, it's like randomly naming stars. It's like we don't have any more English letters so we just randomly pick them and their numbers because naturally I.
[00:11:16] Speaker A: Get homework from us.
You wake up in the morning what number?
[00:11:22] Speaker D: And my morning is your night. Which is gonna be very interesting to ask you that, Ariel. So good luck with that.
This information came from the hacker News now have wonderful news. If you want to keep on knowing what's going on you can go to the website. However, if you want to be very specific you can go to the show notes and then we're giving you. It's a very prioritized and very laser focused last one before I'm going to move on. We spoke about Russian and now I have to speak about Iranians. Yeah. I don't want to do any, you know, kind of gaps of not mentioning other locations in the world that will try to be.
Yeah. And you know what? Their campaign can happen anywhere. In this case it was Iranians.
The name of the campaign, of the hacking campaign was getting your dream job. And you know what was the target industry?
Aerospace. Oh yeah. Do you want to be an astronaut?
[00:12:35] Speaker C: Always look at, look at earth from the sky. Yeah, definitely.
[00:12:42] Speaker D: So they try and, and, and guess what? I think we. I know why they, they really target the aerospace industry.
It's not a coincidence. They didn't go to ugly culture industry. They want to do things in space. So it makes sense to this to do this type of campaign. So the threat actor it's a long name something with yellow dev 3 13. I'm not going to give you another task, Ariel, but it was Iranian group with RDTC part of APT35 which is more well known in our space in AP group. So the campaign actually started last year in September 2023. It's called Running the dream of the job basically targeting the a space sector or fake jobs offering with this and the description was a malware.
They send a back door and you know I have to say something. The name of the malware was very Sleazy name. They call it snail Reason and Slong Reason. What does it mean without? The only name that I actually understand is snail. Other than that I know it was in a zip file and they tried to do that.
[00:14:04] Speaker C: That wasn't the zip file name. Right. It's just the malware name but not the zip file name. I mean if you get it email, you wouldn't just double click it.
[00:14:12] Speaker D: No, the zip was including a PDF with guides that how you want to submit to the job, what kind of how the process look like. And it hides command and control servers linked to GitHub, another supply chain vendor. Okay, GitHub didn't do anything wrong.
Anyone can use them, even the bad guys.
[00:14:42] Speaker C: Yeah, but when you're sophisticated enough and you get an email from somebody, whether you know or not, and it offers you the dream job of your life and it comes with an attachment of a zip file, regardless of what's inside it, always be suspicious like send it to the trash before you open it. Just my 10 cent.
[00:15:05] Speaker D: I absolutely agree. Another action that can be done if you see the name of the company before you click anything or open anything, search for the name, see if they have a LinkedIn page, see if they have a Facebook page, see if you can find them on either Google or Complexity. Yeah, AI So each one of them just check if you can get any signals to verify that it's not fake. And always have a doubt. I'm not sure that Ariel is actually here. Maybe it's an AI because last week he wasn't here. I always have a doubt. Is it you?
[00:15:45] Speaker A: Yes.
[00:15:46] Speaker D: Okay.
[00:15:47] Speaker A: Yes.
[00:15:48] Speaker D: AI by the way, the attribution for the attack was from another notorious team Laos group, the known North Korea friends.
You know, they like to deal with this type of thing. So the Iranians took it from South Korea, they did a party and they make our job very dreamful.
I'm going to stop over here. I hope next, next month I'm going to have more happy, joyful and party news as Angie asked me last time. I will try to find them, I promise.
[00:16:30] Speaker A: Okay, thank you. This is something that I remember that Angie said that we are too much negative and she brings the light to this podcast. Okay, aj so please, your turn.
[00:16:43] Speaker B: Definitely. I have to thank Russ for taking us in a journey around the world. And I'll try to help everyone by bringing yet one more time some positive news, especially from the world of AI it's moving at the speed of light and the news but sorry, Angie, what is AI oh, it's.
[00:17:06] Speaker D: A real interfering. That's what this is.
[00:17:10] Speaker A: That's what you know that I am real at this time.
[00:17:14] Speaker B: Exactly. So I would love to dive into my news this month. It's coming from AI Microsoft. Big changes, so much positivity and also so many regulations. So basically today we're going to dive into a major initiative led by us to ensure that AI is evolving responsibility. The International AI Safety Network is a global coalition bringing together nations and the European Commission to tackle the ethical and security challenges of AI. So what's the goal of all this? Basically, it's to create a framework where AI systems are transparent, secure and aligned with human values. Ariel, if you are familiar. So this collaboration is focusing on mitigation risks like disinformation, misuse of AI in warfare and of course other malicious applications. But there is a catch. Bringing together countries.
[00:18:15] Speaker A: If you say there's a catch, you need to stop.
[00:18:17] Speaker B: There is a catch.
Yes. So to bring together countries with varying priorities and capabilities, definitely it's not easy, but this coalition is aiming to foster global trust and cooperation. It's setting shared standards for AI governance and if successful, this could be the blueprint for managing the future of AI responsibility. Absolutely. In a global scale. So fingers crossed on this sector moving forward.
[00:18:51] Speaker C: If this is relevant only for corporation or also for any startup who is developing the next AI application.
[00:19:01] Speaker B: Definitely. At this point, everything, it's on its newborn stages. So as I mentioned, this is a project that's just being tested. We're trying to see if we can send and set a blueprint for everyone to take advantage of it. It's going to be beneficial for everyone, starting from individuals, whether being companies or corporations. So we're hoping that coalition that's bringing together countries, colorful countries with different policies and different uses of AI will of course benefit from all categories, starting from regular engineers and professionals like us to of course companies later on.
[00:19:44] Speaker A: Okay.
[00:19:44] Speaker B: Anyway, we are continuing with more positive news, especially on my field in cybersecurity. For all my bug bounters and penetration testers. Microsoft just released their newest project, $4 million per zero day quest. So next up, we're going to talk about Microsoft's big move in cybersecurity. They've announced their largest bug bounty ever, $4 million zero day quest, and basically this global hacking challenge. It's set for the upcoming year in 2025. It invites independent researchers like me to hunt for vulnerabilities in AI and of course AI's favorite cloud.
It's a proactive step to stay ahead of cyber threats. As AI becomes integral in our digital infrastructure. So what's fascinating about all this news, it's how this shifts the narrative in cybersecurity. It's not just another patching issue after what's happening. It's actually Microsoft making a bold investment in collective intelligence, working with researchers to prevent attacks before they even occur. So with such a massive reward on the line, we're hoping that this challenge is bound to draw top talents and lead to some groundbreaking discoveries. Hopefully.
[00:21:08] Speaker A: I'm sorry, I should say the $4 million or I stopped to think.
[00:21:16] Speaker D: Me too, me too. Me too. I'm always thinking about.
So are you planning to participate, Andy?
[00:21:23] Speaker B: Absolutely. I have. I have always been very fond of bug bounties. I have tried to stay in companies that do not offer such lucrative offers. But as all of you guys mentioned, the $4 million is very appealing, especially to us independent researchers. So wish me luck.
[00:21:44] Speaker A: Okay.
[00:21:45] Speaker D: Do you have an agent to represent you?
[00:21:49] Speaker B: Well, the position is open, so feel free.
[00:21:53] Speaker C: How much should we take commission?
[00:21:56] Speaker D: Very low. Commission. Very low.
[00:21:57] Speaker A: Give a number.
[00:21:59] Speaker D: Very low. Negotiable.
[00:22:02] Speaker C: Fine. Let's take it offline. By the way, Angie, do you know if this initiative, I mean, I'm guessing it's not generic for the entire industry, just I'm guessing, trying to break Microsoft AI related systems. I'm guessing AI and Microsoft and OpenAI, I'm guessing.
[00:22:20] Speaker B: Yes, absolutely. It's mostly concerned and channeled into vulnerabilities that are concerning AI and mostly cloud systems. But in addition to this great news, Microsoft has always been open towards all its domains and towards different programs of bug bounties. So this is mostly news about the big amount that's being offered, but Microsoft has been one of the original bug bounties that most professional bug bounters tend to target and hopefully solve issues.
So in addition to that, we have even more news from AI and even more great and positive news, and this time concerning os, one of my favorite organizations. And finally, we have an exciting update from owasp, the Open Web Application Security Project. They've rolled out new security guidelines concerning AI, which are designed to help developers protect AI systems against threats like attacks and data manipulations. This comes absolutely in a critical time when many industries are very rapidly adopting AI, often without robust security measures in place, as we have mentioned in our previous news. But what's great about the new security guidelines is that they are trying to bridge a gap between traditional software security practices and the unique challenges that AI is presenting. They are focusing on secure designs, testing, and ongoing monitoring. Empowering organizations to build safer AI systems. And of course, in an era where AI misuse can have very serious consequences, these resources are really game changer for professionals like us who are working to secure emerging tech. In addition to this great news, I would also very much advise and encourage all security professionals, and why not even developers to check on the yearly OWASP security security guidelines not only concerning AI, but concerning all stages of technology.
[00:24:31] Speaker A: Great you say.
[00:24:33] Speaker C: By the way, I was part of the one of the reviews of the last edition of the OAS Proactive Controls. I guess it was Proactive Control 2024. It was released several months ago.
The work began, I'm guessing more than a year ago. It took some time because we had to review the changes from previous years, but also very good document. Everybody knows the OWASP top 10. So the proactive control is like looking at the same issue, but not from the vulnerability side, but from the how do you actually do proactive controls and protect those type of vulnerabilities. So also recommended document.
[00:25:17] Speaker B: Absolutely. It sounds great. And I have also been a member of the Open Web Application Security project for the past two years and to see so many developers and security professionals gather in the same place just with the goal of perfecting and bettering how we develop software, how we protect it, and hopefully now even securing AI is really innovative and it's really hopeful to see how people can gather together to share this great goal of securing emerging tech.
[00:25:50] Speaker A: Yeah.
[00:25:52] Speaker C: Okay.
[00:25:52] Speaker D: Nice, nice.
[00:25:53] Speaker A: Very nice. The positive person here. Thank you very much.
[00:25:56] Speaker B: Absolutely.
[00:25:58] Speaker A: And Eyal, let's last but not least, Claudios.
[00:26:03] Speaker C: Okay, thanks.
[00:26:05] Speaker A: You will talk about the Array inventor or not?
[00:26:09] Speaker C: Partially.
[00:26:11] Speaker D: Only if you last night. Yeah.
[00:26:13] Speaker C: Okay. Okay. So we're recording this episode a couple of days after the Microsoft Ignite 2024 conference. There were a lot of announcements, some of them on preview release, some of them in general availability. I'm going to just mention one of them, but I just want to say that in the show notes I've added a link.
There's a one page that Microsoft created with all the documentation about all the announcement from the conference, including some of the keynotes. So stay tuned to this. A lot of information, a lot to read.
Also, as you just mentioned, we were recording this episode of the podcast a couple of days before the AWS re invent 2024 in Vegas.
We don't really know at the moment what will be the announcement, but for some reason that I can't really explain, last week in parallel to the Microsoft Ignite conference, there were Tons of new announcement from AWS side. So even though we don't know what to anticipate in the Re Invent conference, good people already created a page that summarizes all the announcement where they call it pre reinvent 2024. So there are a lot of announcements from AWS as well. Well, I'll put it in the show notes so you can review everything that was new in Amazon domain as well.
So moving on to the news itself, I tried to pick one news from each of the cloud providers. So from AWS they introduced resource control policies to centrally restrict access to resources.
It's a huge name. What actually does it mean? For many, many years Amazon has the service control policies its policy is called. It applies outside the boundaries of AWS accounts and you can restrict or configure what is called maximum allowed permissions Service control policies which we had for many many years. They used to control permission for identities either IAM user or IAM role. Meaning what can an iam user do? For example, can I consume an S3 bucket? Can I deploy an EC2 instance? For example, the new announcement, the RCPs, the resource control policies, they are applied again outside the boundaries of AWS accounts, but they are specifically meant to control permissions over resources, not identities. And during the past announcement and I saw many blog posts about it, currently there are only few services that actually support configuring resource control policies. The services are Amazon S3AWS STS for allowing temporary access to resources, AWS KMS for key management service, the Amazon sqs the queuing service and lastly the AWS secret manager for controlling secrets or any static credentials. So this is the announcement from aws?
[00:29:31] Speaker D: Yeah. Can I comment? Yeah, I think it's a huge announcement. One of the biggest issues are identity and access and there are lots of startups right now that are trying to solve the issue of what they like to call na, which is non human access. And one of the problems, the problem statement, it's machine to machine how to define identity, who's going to control it, you don't know what's in behind it. And I think this announcement actually give the granularity of be more control of who's touching which resource. And I think if the cloud experts will know to transfer this knowledge to the security guys, this can be a game changer.
[00:30:26] Speaker C: It's a beginning I have to say from my experience because the way I mean both SCPS and RCPS has some limitations. One of the limitations is how many.
I mean basically RCP and SAP, they're both about JSON files and there are built in limitations like you cannot write very granular JSON file that will be if I can recall the documentation above 4k in size. There's also limitation of how many policies can you assign to a specific AWS account. So there are limitations and anyway the if you want to have the most granularity you have to do it inside the account meaning somehow assign the permissions on the resource itself and limit it. For example I have an S3 bucket who can access it only authenticated user who comes from a specific IP address, for example my own private IP and this specific identity, assuming it was a human identity had to do the login with a multifactor authentication or passkeys for example this is the amount of granularity you can do and also you can say this identity cannot access any S3 buckets in my account only specific S3 bucket, only specific folder and maybe specific file extension for example. So for more granularity you need to do it pretty much closely to the resource itself. But yeah, I mean it's some sort of advancement in the way you can control permissions. So not just for identities, but now also another layer for resources itself.
[00:32:17] Speaker D: Thank you, thank you for elaborating.
[00:32:20] Speaker C: Okay, moving on to Microsoft Azure. So during the Ignite 2024 I tried to look for something that would be really really shiny. Really, I don't know, something completely new that they announced and even though as far as I know it's in pre release, it's called Azure Local Azure Local It's a cloud infrastructure for distributed location enabled using Azure Arc. Azure Arc was another layer on top of both Azure and on prem you can get unified console where you can see all your resources whether they are virtual machines in the cloud, storage in the cloud or maybe even, I don't know, kubernetes cluster on premises or maybe on other cloud providers. So this was the concept of Azure Arc. So Azure Local is a cloud connected infrastructure that can be deployed at the customer physical location similar to Azure Arc and under the operational control of the customer. With Azure Local, customer can operate and scale distributed infrastructure.
Using Azure Portal and Azure APIs, customers can run fundamental Azure compute, network storage and application service locally. And by extending cloud security to customer distributed locations, they can be better safeguard their application and data and protected against advanced threats. I tried to look for similar service from Amazon. Amazon has several years ago the AWS Outpost yeah and Azure Header, Azure Stack Hub and I try to look for similarity so it's not exactly the Same even though it's, it's been deployed in the customer data centers.
Azure Arc, Azure Local is more like, I would call it wide branding. I mean Microsoft don't really provide you the hardware itself, you use your own regular hardware. It's just a layer above your existing infrastructure on prem that you can control and get observability and get naturally dashboards, everything else from the cloud. So in a high level this is the concept of Azure, of Azure Local again for legacy organization who are trying to move on to the cloud. Maybe they have regulation issues, maybe they have, maybe they have network latency issues and they have their own reasons why to keep their infrastructure on prem. So Azure Local is another way for them, another step in the migration that maybe one day will go to the public cloud.
So this is the Azure Local and finally Google announced very interesting thing in the domain of managed Kubernetes and in the domain of running Kubernetes as an infrastructure for AI ML calculation, let's call it.
They announced the support of the biggest Google Kubernetes engine cluster with up to 65,000 nodes which is huge. I mean I don't know any other cloud provider who currently supports it.
And one of the way that Google actually allows themselves to scale to up to 65,000 nodes it's been provided the large scale is much needed capacity for the world's most resource hungry AI workloads and this will enable customers to reduce model training time or scale model to multi trillion parameters or more which is huge amount of compute power.
Lastly, this achievement is made possible by the transition of Google Kubernetes engine from the open source etcd which is the database, the key value database that any Kubernetes cluster that we know so far is using to manage the status of the Kubernetes itself.
And Google actually is transitioning from the open source ETCD to their own distributed key value store called Google Spanner which is a distributed database that delivers virtually unlimited scale.
So on one side it's a huge huge advancement, on the other side I'm sensing vendor locking because as far as I'm aware of Google Spanner is Google's own build database and it has many capabilities but again as far as I know it runs only on top of Google's environment. So unless Google decide one day to open this or shift this project from a managed service to an open source or community based, I don't see any way that other customer will get the same benefits from Kubernetes. Even though it's a completely Open source project right now. Yeah.
[00:37:44] Speaker D: And you know what I'm sensing Al, is that I now understand why Google wants to build a nuclear power station.
They need to run actually all cloud.
[00:37:58] Speaker C: Providers, including Amazon, including Azure, including Google, including Meta and OpenAI.
Actually beside Elon Musk, he was the only one who was building the largest one and didn't mention it. So all of them has an issue that they understand that within I'm guessing two years from now they will not be able to have enough power capacity for running the largest AI workloads. So they're looking for other alternatives. Building new power plants is too expensive and it has environmental impact and it has impact on the home home on people at home that are actually needs the power for their own purpose.
All cloud providers are looking for alternatives, hoping to find something. So nuclear power plants is one of the alternatives which looks like an existing technology that they can use.
They still have challenges from how do you cool it? What do you do with the pollution? I mean how do you put it in ground without making like a thousand years of damage? But yeah, it's something that it's in the news in the past couple of months.
[00:39:20] Speaker D: Yeah, yeah, so I heard. And we all remember what happened in Chamoid and in Fukushima.
[00:39:27] Speaker C: And in Fukushima in Japan. And in Fukushima, Japan it happens due to a tsunami wave that actually impacted the nuclear power plant. In their case, even though they shut it down when they heard about the tsunami wave, it still impacted the cooling systems and there was a disaster in Japan a couple of years ago.
[00:40:01] Speaker A: Okay, field of knowledge I say, I think but yeah.
Anything else to add to this nuclear thing? If it's not involved it can be okay for me but I don't have enough knowledge.
[00:40:21] Speaker C: Watch the movie show about channel Bill. Watch it.
[00:40:25] Speaker A: Okay people don't.
[00:40:26] Speaker C: But don't, don't, don't do it before you go to sleep.
[00:40:30] Speaker A: I do it at home when Raz will wake me up and ask me about the numbers. So please.
UA9124 1924 okay I, I don't believe that anybody will check if I did it right. So anyway, thank you all for sharing the knowledge. It was very interesting. Thank you all the people that asked where I was and I always pleased. You are welcome to follow us in all the social media places that we are global tech TV and also feel free to write us suggest and we can talk about everything that like you heard in the last minute. So thank you.
[00:41:17] Speaker C: By the way, before we end when we finish up, I just want to say in the past couple of weeks, I'm guessing related to the election in the U.S. i see a lot of migration of users from Twitter to bluesky platform. And I just want to mention that global tech TV from day one had an activity in BlueSky. So you can also find us not just on Twitter, but also on bluesky. So you're welcome to follow us in this platform as well.
[00:41:48] Speaker A: Innovators.
[00:41:49] Speaker C: Yeah.
[00:41:50] Speaker A: Okay. Thank you very much and bye.
