access ai android api apple attack authentication backdoor breach browser business ceo china cisa cisco ciso cloud compliance control credentials crypto cve cyber cyberattack cybercrime cybersecurity data data-breach defense detection email exploit finance flaw framework fraud germany google government group hacker hacking healthcare identity infrastructure intelligence Internet jobs law leak linux malicious malware microsoft monitoring network open-source password phishing privacy ransomware remote-code-execution resilience risk russia scam service software strategy supply-chain technology theft threat tool unclassified update usa vulnerability windows zero-day
-
Trump’s cyber strategy emphasizes offensive operations, deregulation, AI
Industry reaction and next steps: Industry reaction was broadly positive, though notably, many of the strongest endorsements came from cybersecurity firms likely to benefit from the strategy’s emphasis on AI adoption and expanded private-sector roles in national defense.Drew Bagley, chief privacy and policy officer at CrowdStrike, said in a statement, “This strategy addresses modern threats…
-
Iran War Unlikely to Disrupt Israeli Vendor Presence at RSAC
Vendors Cite Global Teams as Iran War Raises Travel Questions From Israel. Several Israeli cybersecurity firms say they still plan to attend RSAC 2026 despite the Iran war. Companies including Orca Security, Check Point, Cyera and Radware say their global workforce structure allows them to maintain conference participation even if travel from Israel remains difficult.…
-
The long-awaited Trump cyber strategy has arrived
The administration also released an executive order on cybercrime and fraud. First seen on cyberscoop.com Jump to article: cyberscoop.com/trump-cybersecurity-strategy/ also interesting: Phishing Season 2025: The Latest Predictions Unveiled Threat Actors Target Job Seekers with Three New Unique Adversaries TDL001 – Cybersecurity Explained: Privacy, Threats, and the Future – Chester Wisniewski Top 10 Best Digital Footprint…
-
Trump’s new cybersecurity strategy makes promises but lacks details
The administration vowed to increase the government’s use of AI for rapid cyber defense. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/white-house-trump-cybersecurity-strategy/814120/ also interesting: China-linked hackers target Japan’s national security and high-tech industries New Report Reveals Just 10% of Employees Drive 73% of Cyber Risk FireTail’s 2022 Review on Macro, Industry, and Thoughts About What’s…
-
TDL – Defense Before Offense: Leadership, Risk, and the Cost of Bad Decisions – Steven Elliott
From the Battlefield to the Boardroom: Lessons in Defense In the latest episode of The Defender’s Log, host David Redekop sits down with Steven Elliott, CFO of Adam Networks, to explore the surprising parallels between military operations, financial management, and cybersecurity. A Journey of Unpredictable Paths Elliott’s background is anything but linear. From a small…
-
How do Agentic AI systems enhance security frameworks
Can Agentic AI Innovate Security Frameworks for Non-Human Identities? Where organizations grapple with digital transformation, one question looms large: Can leveraging Agentic AI revolutionize how we manage security frameworks, particularly for Non-Human Identities (NHIs)? The integration of advanced AI solutions into cybersecurity strategies has become imperative. The Need for Reinventing Cybersecurity with Agentic AI Agentic……
-
Can AI-driven security solutions fit small business budgets
Are Non-Human Identities the Missing Piece in Your Cybersecurity Strategy? What Are Non-Human Identities, and Why Are They Important? Have you ever considered the security implications of the digital identities and credentials your machines hold? The rise of Non-Human Identities (NHIs) is reshaping cybersecurity. These machine identities serve as essential components for securing modern digital……
-
How well can Agentic AI handle complex security needs
What Does It Mean to Manage Non-Human Identities Effectively? Imagine where every digital entity, from simple applications to complex systems, functions like travelers in an international airport. If human identities are the passengers, then non-human identities (NHIs) are the technical travelers. Their management involves a passport-and-visa approach to cybersecurity, where NHIs use encrypted secrets as……
-
Pentagon Moves to Cut Anthropic From Defense AI Work
Defense Contractors May Be Forced to Remove Claude From Pentagon Programs. The Pentagon labeled Anthropic a supply-chain risk after accusing the artificial intelligence firm of restricting military use of its tools, a move that could force defense contractors to cut ties with Claude as the company prepares a legal challenge and the tech sector warns…
-
HHS OCR Fines Firm $10K in Breach Affecting 15M
HIPAA Settlement Small Compared to Many Others. U.S. federal regulators fined a dental practice software vendor with a seemingly lowball financial penalty for a high-stakes 2020 hack affecting 15 million individuals that the company failed to report. Maryland-based MMG Fusion agreed to $10,000. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/hhs-ocr-fines-firm-10k-in-breach-affecting-15m-a-30938 also interesting: Privacy Roundup:…
-
China-Linked Hackers Use Malware Trio for Telecom Espionage
Tags: access, china, cisco, communications, cyberespionage, espionage, group, hacker, infrastructure, malware, tool, usaResearchers Tie UAT-9244 Intrusion to Famous Sparrow and Tropic Trooper. A China-linked cyberespionage group has been targeting telecommunications providers in South America since 2024 using a set of newly discovered malware tools designed to maintain persistent access to critical communications infrastructure, Cisco Talos researchers found. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/china-linked-hackers-use-malware-trio-for-telecom-espionage-a-30940 also interesting:…
-
ClickFix attackers using new tactic to evade detection, says Microsoft
AppData\Local that is then invoked through cmd.exe to write a VBScript to %Temp%. The batch script is executed via cmd.exe with the /launched command-line argument, and is then executed again through MSBuild.exe, resulting in LOLBin abuse. The script connects to Crypto Blockchain RPC endpoints, indicating etherhiding technique, and also performs QueueUserAPC()-based code injection into chrome.exe…
-
The Chrome Extension Backdoor: How ‘Productivity Tools’ Became Enterprise Attack Vectors
Millions installed ‘productivity’ Chrome extensions that became malware after acquisition. Here’s how browser extensions became enterprise security’s weakest link. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/the-chrome-extension-backdoor-how-productivity-tools-became-enterprise-attack-vectors/ also interesting: Dust Specter APT Targets Government Officials in Iraq OAuth Identity Attack”Š”, “ŠAre your Extensions Affected? AI browsers can be tricked with malicious prompts hidden in URL…
-
AI Exploits, Cloud Breaches, and Identity Gaps Define This Week’s Cybersecurity Landscape
Weekly summary of Cybersecurity Insider newsletters from the week of March 01, 2026. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/weekly-roundup/ai-exploits-cloud-breaches-and-identity-gaps-define-this-weeks-cybersecurity-landscape/ also interesting: OAuth Identity Attack”Š”, “ŠAre your Extensions Affected? Exposure Management Beyond The Endpoint Smarter Threats Need Smarter Defenses: AI, APIs, and the Reality for Critical Infrastructure Security 2025 Threat Landscape in Review: Lessons…
-
FBI Arrests Suspect in $46M U.S. Marshals Crypto Theft
The FBI arrested a suspect accused of stealing $46 million in cryptocurrency from U.S. Marshals Service holdings. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/fbi-arrests-suspect-in-46m-u-s-marshals-crypto-theft/ also interesting: Dark Partners Hacker Group Drains Crypto Wallets Using Fake AI Tools and VPN Services Notable post-quantum cryptography initiatives paving the way toward Q-Day Chinese Money Laundering Jargon via…
-
WordPress Plugin Flaw Lets Attackers Create Admin Accounts
A WordPress plugin flaw allows attackers to create administrator accounts and take over vulnerable sites. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/wordpress-plugin-flaw-lets-attackers-create-admin-accounts/ also interesting: Critical Security Flaw Exposes 1 Million WordPress Sites to SQL Injection Critical Flaw in LiteSpeed Cache WordPress Plugin Exposes Millions of Websites to Attack OttoKit WordPress Plugin Admin Creation Vulnerability…
-
WordPress Plugin Flaw Lets Attackers Create Admin Accounts
A WordPress plugin flaw allows attackers to create administrator accounts and take over vulnerable sites. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/wordpress-plugin-flaw-lets-attackers-create-admin-accounts/ also interesting: WordPress Builder Plugin Flaw Exposes 3,300+ Websites To XSS Attack Critical Security Flaw Exposes 1 Million WordPress Sites to SQL Injection Critical Flaw in LiteSpeed Cache WordPress Plugin Exposes Millions…
-
HHS OCR Fines Firm $10K in Breach Affecting 15 Million
HIPAA Settlement Small Compared to Many Others. U.S. federal regulators fined a dental practice software vendor with a seemingly lowball financial penalty for a high-stakes 2020 hack affecting 15 million individuals that the company failed to report. Maryland-based MMG Fusion agreed to $10,000. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/hhs-ocr-fines-firm-10k-in-breach-affecting-15-million-a-30938 also interesting: Privacy Roundup:…
-
Iran-linked MuddyWater deploys Dindoor malware against U.S. organizations
Iran-linked APT MuddyWater targeted U.S. organizations, deploying the new Dindoor backdoor across sectors including banks, airports, and nonprofits. Broadcom’s Symantec Threat Hunter Team uncovered a campaign by the Iran-linked MuddyWater (aka SeedWorm, TEMP.Zagros, Mango Sandstorm, TA450, and Static Kitten) APT group targeting several U.S. organizations. >>Activity associated with Iranian APT group Seedworm has been spotted on the networks of multiple…
-
Firefox taps Anthropic AI bug hunter, but rancid RAM still flipping bits
Now if only device makers would deliver higher quality components First seen on theregister.com Jump to article: www.theregister.com/2026/03/06/firefox_bugs_anthropic_ai/ also interesting: Google Chrome uses AI to analyze pages in new scam detection feature AI browsers can be tricked with malicious prompts hidden in URL fragments Google Chrome’s New AI Security Aims to Stop Hackers Cold Widely…
-
USENIX Security ’25 (Enigma Track) Please (Don’t) Stop The Music: Adversarial Red-Teaming Of AI Music Generation Models
Author, Creator & Presenter: Jannis Kirschner, Niantic Inc. Our thanks to USENIX Security ’25 (Enigma Track) (USENIX ’25 for publishing their Creators, Authors and Presenter’s tremendous USENIX Security ’25 (Enigma Track) content on the Organizations’ YouTube Channel. Permalink First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/usenix-security-25-enigma-track-please-dont-stop-the-music-adversarial-red-teaming-of-ai-music-generation-models/ also interesting: AI Surpasses Elite Red Teams in Crafting…
-
FBI is Investigating the ‘Sophisticated’ Hack of Its Surveillance System
The FBI, CISA, and NSA reportedly are investigating the hack by an unnamed “sophisticated” actor of a FBI surveillance system that holds sensitive information. The breach carries the hallmarks of Chinese nation-state groups and comes amid concerns about attacks in the wake of the war against Iran and the shrinking of the federal cybersecurity apparatus.…
-
Cognizant TriZetto breach exposes health data of 3.4 million patients
TriZetto Provider Solutions, a healthcare IT company that develops software and services used by health insurers and healthcare providers, has suffered a data breach that exposed the sensitive information of over 3.4 million people. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cognizant-trizetto-breach-exposes-health-data-of-34-million-patients/ also interesting: Time of Reckoning Reviewing My 2024 Cybersecurity Predictions ConnectOnCall breach exposes…
-
The Future of Iran’s Internet Is More Uncertain Than Ever
Iran’s internet shutdown has reduced connectivity by 99 percent, with air strikes likely causing additional outages, and few workarounds remaining. First seen on wired.com Jump to article: www.wired.com/story/the-future-of-irans-internet-is-more-uncertain-than-ever/ also interesting: Iran experienced a near-total national internet blackout Security Affairs newsletter Round 529 by Pierluigi Paganini INTERNATIONAL EDITION Navigating a Heightened Cyber Threat Landscape: Military Conflict…
-
Inside Tycoon 2FA: Disrupting a Global Phishing Operation
First seen on resecurity.com Jump to article: www.resecurity.com/blog/article/inside-tycoon-2fa-disrupting-a-global-phishing-operation also interesting: Sparkasse, Volksbank und mehr: Phishing-Kit gefährdet Kunden deutscher Banken GitHub moves to tighten npm security amid phishing, malware plague Poorly crafted phishing campaign leverages bogus security incident report How hackers bypassed MFA with a $120 phishing kit until a global takedown shut it down
-
Feds take notice of iOS vulnerabilities exploited under mysterious circumstances
The long, strange trip of a large assembly of advanced iOS exploits. First seen on arstechnica.com Jump to article: arstechnica.com/security/2026/03/cisa-adds-3-ios-flaws-to-its-catalog-of-known-exploited-vulnerabilities/ also interesting: Sitting Ducks DNS Attacks Put Global Domains at Risk Authorities Dismantled Hackers Who Stolen Millions Using AirBnB Veeam Update Patches Critical Backup Software Vulnerability Gladinet file sharing zero-day brings patched flaw back from…
-
CyberProof 2026 Report Warns of Rising Identity and AI Cyberattacks
The CyberProof 2026 report warns that cybercriminals are increasingly using stolen identities and AI to launch faster, more scalable attacks. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/cyberproof-2026-report-warns-of-rising-identity-and-ai-cyberattacks/ also interesting: Would Your Business Survive a Black Friday Cyberattack? Would Your Business Survive a Black Friday Cyberattack? 13 ways attackers use generative AI to exploit your…
-
FBI Investigates Suspicious Activity in Surveillance Platform
Tags: unclassifiedThe FBI is investigating suspicious activity in systems used to manage surveillance and wiretap warrants. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/fbi-investigates-suspicious-activity-in-surveillance-platform/ also interesting: Kim Dotcom Reveals Mega To Replace Megaupload File-Sharing Site Datenschutz- und Sicherheitsbedenken beim Connected Car – Cybersicherheitsrisiken in vernetzten Fahrzeugen Messenger-App: Signal erweitert Videokonferenzen um neue Funktion Anthropic touts safety,…
-
AWS-LC Flaws Could Bypass Certificate Verification
AWS disclosed vulnerabilities in its AWS-LC cryptographic library that could bypass certificate verification and expose timing weaknesses. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/aws-lc-flaws-could-bypass-certificate-verification/ also interesting: Critical Jenkins Vulnerabilities Expose Servers To RCE Attack CISA adds SolarWinds flaw to exploited vulnerabilities catalog Microsoft Windows Vulnerability Exploited to Deploy PipeMagic RansomExx Malware Linux CUPS Flaw…
-
The Multi-Billion Dollar AI Bet: Who Owns the Outcome?
Growing AI Investments Push Enterprises to Demand Accountability From Tech Vendors Companies spent over $300 billion on artificial intelligence last year, yet most initiatives produced little measurable value. As skepticism grows, a new debate is emerging around accountability in enterprise technology contracts and whether vendors should share responsibility for outcomes. First seen on govinfosecurity.com Jump…
-
Modernizing HIPAA: Are You Ready?
Key Challenges in the Proposed HIPAA Security Rule Update The HIPAA Security Rule may soon undergo its first major overhaul in decades. Although finalization could come as early as May 2026, timelines remain uncertain as new requirements are grounded in modern cybersecurity practices and frameworks. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/blogs/modernizing-hipaa-are-you-ready-p-4061 also interesting:…
-
NIST Urged to Go Deep in OT Security Guidance
OT Experts Weigh In on SP-800 82 Revisions. Now is the moment for U.S. federal guidance on securing OT to plunge deeper into the practicalities of securing systems, an extension into actionable advise that reflects a maturing branch of cybersecurity, several OT security specialists told the national Institute of Standards and Technology. First seen on…
-
After the Panic, the Reality of Claude Code Security
More Code, More Problems – and More Testing. When Anthropic unveiled Claude Code Security late last month, investors were quick to punish traditional cybersecurity vendors. But analysts say the impact of Anthropic’s new service will likely be more nuanced than indicated by early reactions. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/after-panic-reality-claude-code-security-a-30936 also interesting: UK…
-
Spyware disguised as emergency-alert app sent to Israeli smartphones
Steals SMS messages, location data, contacts “¦ and delivers it to Hamas-linked crew First seen on theregister.com Jump to article: www.theregister.com/2026/03/06/spyware_disguised_as_emergency_alert/ also interesting: Amazon is still hosting spyware victims’ data weeks after breach alert ClayRat Spyware Campaign Targets Android Users in Russia Commercial spyware “Landfall” ran rampant on Samsung phones for almost a year Predator…
-
Anthropic’s Claude found 22 vulnerabilities in Firefox over two weeks
In a recent security partnership with Mozilla, Anthropic found 22 separate vulnerabilities in Firefox, 14 of them classified as “high-severity.” First seen on techcrunch.com Jump to article: techcrunch.com/2026/03/06/anthropics-claude-found-22-vulnerabilities-in-firefox-over-two-weeks/ also interesting: High-Severity Vulnerabilities Patched in Zoom, Chrome >>0.0.0.0-Day<< vulnerability affects Chrome, Safari and Firefox Mozilla Firefox gets new anti-fingerprinting defenses Firefox v147.0.3 Released with Critical Fix…
-
Microsoft warns North Korean threat groups are scaling up fake worker schemes with generative AI
Attackers have turned AI into a “force multiplier” for the country’s expansive scheme to get and keep operatives hired at global companies, researchers said. First seen on cyberscoop.com Jump to article: cyberscoop.com/microsoft-north-korea-ai-operations/ also interesting: Microsoft sues overseas threat actor group over abuse of OpenAI service TDL 008 – Defending the Frontline: Ransomware, AI, and Real-World…
-
Auth0 Vendor Evaluation: Authentication, SSO, Access Management CIAM Analysis (2026)
A detailed Auth0 vendor evaluation covering authentication, SSO, authorization, and CIAM capabilities. Learn about Auth0 pricing, scalability, strengths, risks, and how it compares with modern alternatives like SSOJet. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/auth0-vendor-evaluation-authentication-sso-access-management-ciam-analysis-2026/ also interesting: Unpatched holes could allow takeover of GitLab accounts Enrollment Policies for Passwordless Authentication A CISO’s guide to…
-
Anthropic and the Pentagon
OpenAI is in and Anthropic is out as a supplier of AI technology for the US defense department. This news caps a week of bluster by the highest officials in the US government towards some of the wealthiest titans of the big tech industry, and the overhanging specter of the existential risks posed by a…
-
Data Protection Officer (DPO) and New EDPS Rules
Tags: dataThe post <b>Data Protection Officer (DPO) and New EDPS Rules</b> appeared first on Sovy. First seen on securityboulevard.com Jump to article: https://securityboulevard.com/2026/03/data-protection-officer-dpo-and-new-edps-rules/ also interesting: How to Get PCI Compliance Certification? Steps to Obtain it Asian Governments Rush to Ban DeepSeek Over Privacy Concerns Dialysis company DaVita reviewing data leaked by ransomware gang Capital One pushes…
-
Randall Munroe’s XKCD ‘Binary Star’
Tags: datavia the comic artistry and dry wit of Randall Munroe, creator of XKCD Permalink First seen on securityboulevard.com Jump to article: https://securityboulevard.com/2026/03/randall-munroes-xkcd-binary-star/ also interesting: Evasive Panda Attacking Cloud Services To Steal Data Using New Toolkit Cyber Attack on Consulting Firm Exposes DOJ Data of 341,000 People Most firms do not protect sensitive data in databases,…
-
5 Actions Critical for Cybersecurity Leadership During International Conflicts
Tags: attack, backup, business, cloud, corporate, cyber, cybersecurity, data, exploit, government, incident response, infrastructure, international, iran, middle-east, military, network, resilience, risk, risk-assessment, russia, saas, service, supply-chain, technology, threat, ukraine, update, vulnerability, warfareThe recent military attacks involving Iran in the Middle East are a stark reminder that cybersecurity leadership must continually incorporate geopolitical risk into their enterprise cyber risk posture and preparedness. Every crisis that elevates to military engagements between cyber-active participants, changes the risk landscape of businesses, for people, operations, and data. This includes the…
-
Analysis: Blast Radius for Third-Party Breaches Bigger Than Reported
An analysis of 136 unique major breaches involving third-parties affecting 710 companies, published this week by Black Kite, finds approximately 26,000 additional organizations were impacted, affecting as many as 433 million individuals. Ferhat Dikbiyik, chief research and intelligence officer for Black Kite, said the analysis shines a spotlight on the fact that the actual blast..…
-
North Korean APTs Use AI to Enhance IT Worker Scams
DPRK worker scams are old hat, but they’re still working, thanks to AI tools that help with everything from face swapping to daily emails. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/north-korean-apts-ai-it-worker-scams also interesting: Top 12 ways hackers broke into your systems in 2024 Privacy Roundup: Week 4 of Year 2025 Hacker nutzen Google Gemini…
-
Cyberattacks and Unpredictable Targeting Remain an Iran Risk
Experts Urge Preparedness, Nonstop Vigilance, See Ongoing Risk of Online Reprisals. Seven days into the United States and Israel continuing major combat operations against Iran, Tehran continues to respond with kinetic attacks against neighboring countries. While no cyberattacks have emerged, experts see unpredictability and continue to urge caution, monitoring and preparedness. First seen on govinfosecurity.com…
-
How hackers bypassed MFA with a $120 phishing kit until a global takedown shut it down
In a co-ordinated public-private operation between law enforcement agencies and cybersecurity industry partners, Tycoon 2FA – one of the world’s most prolific phishing-as-a-service platforms – has been dismantled. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/hackers-bypassed-mfa-120-phishing-kit-global-takedown-shut-down also interesting: How hackers bypassed MFA with a $120 phishing kit until a global takedown shut it down Cybersecurity…
-
How hackers bypassed MFA with a $120 phishing kit until a global takedown shut it down
In a co-ordinated public-private operation between law enforcement agencies and cybersecurity industry partners, Tycoon 2FA – one of the world’s most prolific phishing-as-a-service platforms – has been dismantled. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/hackers-bypassed-mfa-120-phishing-kit-global-takedown-shut-down also interesting: How hackers bypassed MFA with a $120 phishing kit until a global takedown shut it down 8…
-
ThreatLocker Driving ‘Reimagined’ Zero Trust, Consolidation For MSPs: Partners
ThreatLocker’s latest product moves show the vendor continuing to fill critical security gaps in a differentiated way for MSPs”, ultimately enabling major opportunities for consolidating on the company’s zero-trust security platform, MSP executives tell CRN. First seen on crn.com Jump to article: www.crn.com/news/security/2026/threatlocker-driving-reimagined-zero-trust-consolidation-for-msps-partners also interesting: Ditch the Perimeter: How Zero-Trust Data Exchange Can Turbocharge Your…
-
DHS CISO, deputy CISO exit amid reported IT leadership overhaul
Two sources tell FedScoop the personnel changes are part of a broader effort to consolidate IT and cybersecurity functions at DHS headquarters. First seen on fedscoop.com Jump to article: fedscoop.com/dhs-it-leadership-overhaul-includes-ciso-deputy-ciso/ also interesting: Cybersecurity Marketing Predictions for 2025 Business Growth TDL 007 – Cyber Warriors Digital Shadows: Insights from Canada’s Cybersecurity Leader SEC Drops SolarWinds Case…
-
Only 30 minutes per quarter on cyber risk: Why CISO-board conversations are falling short
Boards want more forward-looking insights: The report also suggests that board-CISO communication doesn’t dive as deeply into details as it should in these days of ever more sophisticated, AI-driven cyberattacks.The majority of board directors (82%) say their security leaders’ reporting on regulatory trends was satisfactory or excellent, and that they had strong visibility into program…