Sign up to save your podcasts
Or
Share Beijing's Cyber Soldiers Unleashed: PLA InfoOps Group Rocks US Infrastructure in Hacking Blitz
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Beijing's Cyber Soldiers Unleashed: PLA InfoOps Group Rocks US Infrastructure in Hacking Blitz
This is your Red Alert: China's Daily Cyber Moves podcast.
Ting here, and hold onto your firewalls, because the last 72 hours have been like DEFCON-flavored Red Bull for anyone tracking China’s digital chaos campaign. If you blinked since Friday, here’s what you missed: fresh TTPs—yes, tactics, techniques, and procedures—emerging directly from Beijing’s newly unveiled Information Operations Group at that massive 2025 military parade. Imagine the PLA but in hoodies, armed with zero-days instead of rifles. The InfoOps Group is now fully operational, and you could practically smell the ozone from their attack traffic by midnight.
First salvo: Saturday afternoon, CISA and the FBI dropped an emergency directive for all federal agencies—patch your Cisco Secure Firewall ASA, yesterday. Two vulnerabilities—CVE-2025-23456 and CVE-2025-23506—were being hammered in zero-day attacks against federal infrastructure. Reports out of Cisco and BleepingComputer confirm Chinese state-linked operators used a combo of webshells and command injection flaws to pivot into core network segments. Think Treasury, Energy, even a small but spicy intrusion attempt on the FAA. Not only did they exfiltrate cloud access tokens, but siphoned off several hours' worth of encrypted VOIP comms, studiously decrypted somewhere under a Shanghai datacenter’s glowing LEDs.
By Saturday evening, emergency alerts flashed up and down the East Coast as telecommunications outages roared through major urban cores. According to iHLS, attribution points straight to a PLA-originated Brickstorm malware variant, seen scraping telco backbone logs and targeting political candidates’ mobile traffic. Combine that with the FBI’s warning this morning about a spoofed IC3 cybercrime reporting site—classic supply chain jiu-jitsu—where they phished credentials belonging to over two dozen DOJ officers, and you see why the Twitterverse was melting in real time.
For listeners in security: The attack pattern shifts are wild. We’re seeing less reliance on noisy DDoS bursts, more on low-and-slow data exfil using bespoke plugins stitched into remote management tools. Google’s Threat Intelligence Group reported that this new Brickstorm flavor wasn’t just after data—it embedded persistence hooks so deep that wiping infected servers could tank essential backup systems. CISA’s mitigation order was clear: segment networks, shut down lateral movement between data centers, replace compromised VPN credentials, and for extra credit, roll out hardware tokens for privileged logins. Do it, or you’re the next breached agency on the 9pm news.
As for escalation? If the PLA’s Information Operations Group keeps this tempo, we’re looking at not just espionage—think actual functional denial of regional infrastructure. Patch what you can, verify everything, and get your IR playbooks printed, not just online. Next week could bring simultaneous ransomware plus telecom takedowns if defenses stall.
That’s your cyber sit-rep as of September 28, 2025. Thanks for tuning in with Ting, and if you survived this week’s Red Alert without tossing your laptop, you’re a legend. Don’t forget to subscribe for more, and remember—this has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
Ting here, and hold onto your firewalls, because the last 72 hours have been like DEFCON-flavored Red Bull for anyone tracking China’s digital chaos campaign. If you blinked since Friday, here’s what you missed: fresh TTPs—yes, tactics, techniques, and procedures—emerging directly from Beijing’s newly unveiled Information Operations Group at that massive 2025 military parade. Imagine the PLA but in hoodies, armed with zero-days instead of rifles. The InfoOps Group is now fully operational, and you could practically smell the ozone from their attack traffic by midnight.
First salvo: Saturday afternoon, CISA and the FBI dropped an emergency directive for all federal agencies—patch your Cisco Secure Firewall ASA, yesterday. Two vulnerabilities—CVE-2025-23456 and CVE-2025-23506—were being hammered in zero-day attacks against federal infrastructure. Reports out of Cisco and BleepingComputer confirm Chinese state-linked operators used a combo of webshells and command injection flaws to pivot into core network segments. Think Treasury, Energy, even a small but spicy intrusion attempt on the FAA. Not only did they exfiltrate cloud access tokens, but siphoned off several hours' worth of encrypted VOIP comms, studiously decrypted somewhere under a Shanghai datacenter’s glowing LEDs.
By Saturday evening, emergency alerts flashed up and down the East Coast as telecommunications outages roared through major urban cores. According to iHLS, attribution points straight to a PLA-originated Brickstorm malware variant, seen scraping telco backbone logs and targeting political candidates’ mobile traffic. Combine that with the FBI’s warning this morning about a spoofed IC3 cybercrime reporting site—classic supply chain jiu-jitsu—where they phished credentials belonging to over two dozen DOJ officers, and you see why the Twitterverse was melting in real time.
For listeners in security: The attack pattern shifts are wild. We’re seeing less reliance on noisy DDoS bursts, more on low-and-slow data exfil using bespoke plugins stitched into remote management tools. Google’s Threat Intelligence Group reported that this new Brickstorm flavor wasn’t just after data—it embedded persistence hooks so deep that wiping infected servers could tank essential backup systems. CISA’s mitigation order was clear: segment networks, shut down lateral movement between data centers, replace compromised VPN credentials, and for extra credit, roll out hardware tokens for privileged logins. Do it, or you’re the next breached agency on the 9pm news.
As for escalation? If the PLA’s Information Operations Group keeps this tempo, we’re looking at not just espionage—think actual functional denial of regional infrastructure. Patch what you can, verify everything, and get your IR playbooks printed, not just online. Next week could bring simultaneous ransomware plus telecom takedowns if defenses stall.
That’s your cyber sit-rep as of September 28, 2025. Thanks for tuning in with Ting, and if you survived this week’s Red Alert without tossing your laptop, you’re a legend. Don’t forget to subscribe for more, and remember—this has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
View all episodes
By Inception Point AiThis is your Red Alert: China's Daily Cyber Moves podcast.
Ting here, and hold onto your firewalls, because the last 72 hours have been like DEFCON-flavored Red Bull for anyone tracking China’s digital chaos campaign. If you blinked since Friday, here’s what you missed: fresh TTPs—yes, tactics, techniques, and procedures—emerging directly from Beijing’s newly unveiled Information Operations Group at that massive 2025 military parade. Imagine the PLA but in hoodies, armed with zero-days instead of rifles. The InfoOps Group is now fully operational, and you could practically smell the ozone from their attack traffic by midnight.
First salvo: Saturday afternoon, CISA and the FBI dropped an emergency directive for all federal agencies—patch your Cisco Secure Firewall ASA, yesterday. Two vulnerabilities—CVE-2025-23456 and CVE-2025-23506—were being hammered in zero-day attacks against federal infrastructure. Reports out of Cisco and BleepingComputer confirm Chinese state-linked operators used a combo of webshells and command injection flaws to pivot into core network segments. Think Treasury, Energy, even a small but spicy intrusion attempt on the FAA. Not only did they exfiltrate cloud access tokens, but siphoned off several hours' worth of encrypted VOIP comms, studiously decrypted somewhere under a Shanghai datacenter’s glowing LEDs.
By Saturday evening, emergency alerts flashed up and down the East Coast as telecommunications outages roared through major urban cores. According to iHLS, attribution points straight to a PLA-originated Brickstorm malware variant, seen scraping telco backbone logs and targeting political candidates’ mobile traffic. Combine that with the FBI’s warning this morning about a spoofed IC3 cybercrime reporting site—classic supply chain jiu-jitsu—where they phished credentials belonging to over two dozen DOJ officers, and you see why the Twitterverse was melting in real time.
For listeners in security: The attack pattern shifts are wild. We’re seeing less reliance on noisy DDoS bursts, more on low-and-slow data exfil using bespoke plugins stitched into remote management tools. Google’s Threat Intelligence Group reported that this new Brickstorm flavor wasn’t just after data—it embedded persistence hooks so deep that wiping infected servers could tank essential backup systems. CISA’s mitigation order was clear: segment networks, shut down lateral movement between data centers, replace compromised VPN credentials, and for extra credit, roll out hardware tokens for privileged logins. Do it, or you’re the next breached agency on the 9pm news.
As for escalation? If the PLA’s Information Operations Group keeps this tempo, we’re looking at not just espionage—think actual functional denial of regional infrastructure. Patch what you can, verify everything, and get your IR playbooks printed, not just online. Next week could bring simultaneous ransomware plus telecom takedowns if defenses stall.
That’s your cyber sit-rep as of September 28, 2025. Thanks for tuning in with Ting, and if you survived this week’s Red Alert without tossing your laptop, you’re a legend. Don’t forget to subscribe for more, and remember—this has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
Ting here, and hold onto your firewalls, because the last 72 hours have been like DEFCON-flavored Red Bull for anyone tracking China’s digital chaos campaign. If you blinked since Friday, here’s what you missed: fresh TTPs—yes, tactics, techniques, and procedures—emerging directly from Beijing’s newly unveiled Information Operations Group at that massive 2025 military parade. Imagine the PLA but in hoodies, armed with zero-days instead of rifles. The InfoOps Group is now fully operational, and you could practically smell the ozone from their attack traffic by midnight.
First salvo: Saturday afternoon, CISA and the FBI dropped an emergency directive for all federal agencies—patch your Cisco Secure Firewall ASA, yesterday. Two vulnerabilities—CVE-2025-23456 and CVE-2025-23506—were being hammered in zero-day attacks against federal infrastructure. Reports out of Cisco and BleepingComputer confirm Chinese state-linked operators used a combo of webshells and command injection flaws to pivot into core network segments. Think Treasury, Energy, even a small but spicy intrusion attempt on the FAA. Not only did they exfiltrate cloud access tokens, but siphoned off several hours' worth of encrypted VOIP comms, studiously decrypted somewhere under a Shanghai datacenter’s glowing LEDs.
By Saturday evening, emergency alerts flashed up and down the East Coast as telecommunications outages roared through major urban cores. According to iHLS, attribution points straight to a PLA-originated Brickstorm malware variant, seen scraping telco backbone logs and targeting political candidates’ mobile traffic. Combine that with the FBI’s warning this morning about a spoofed IC3 cybercrime reporting site—classic supply chain jiu-jitsu—where they phished credentials belonging to over two dozen DOJ officers, and you see why the Twitterverse was melting in real time.
For listeners in security: The attack pattern shifts are wild. We’re seeing less reliance on noisy DDoS bursts, more on low-and-slow data exfil using bespoke plugins stitched into remote management tools. Google’s Threat Intelligence Group reported that this new Brickstorm flavor wasn’t just after data—it embedded persistence hooks so deep that wiping infected servers could tank essential backup systems. CISA’s mitigation order was clear: segment networks, shut down lateral movement between data centers, replace compromised VPN credentials, and for extra credit, roll out hardware tokens for privileged logins. Do it, or you’re the next breached agency on the 9pm news.
As for escalation? If the PLA’s Information Operations Group keeps this tempo, we’re looking at not just espionage—think actual functional denial of regional infrastructure. Patch what you can, verify everything, and get your IR playbooks printed, not just online. Next week could bring simultaneous ransomware plus telecom takedowns if defenses stall.
That’s your cyber sit-rep as of September 28, 2025. Thanks for tuning in with Ting, and if you survived this week’s Red Alert without tossing your laptop, you’re a legend. Don’t forget to subscribe for more, and remember—this has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI