Sign up to save your podcasts
Or
Share CBO Hacked! China's AI Malware Wreaks Havoc on US Tech Giants
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
CBO Hacked! China's AI Malware Wreaks Havoc on US Tech Giants
This is your China Hack Report: Daily US Tech Defense podcast.
Hey listeners, I’m Ting, your one-woman firewall bursting with all the latest China cyber shenanigans! Buckle in: here’s what you’ve got to know about today’s critical China-linked activities hitting US tech and defense.
The top headline you literally cannot ignore: suspected Chinese state-backed hackers are in the spotlight for hammering the Congressional Budget Office in Washington. That’s not just any agency—they advise Congress on everything from spending to deficits. The breach, disclosed to congressional staff, may have exposed juicy details about US lawmakers’ comms and even Congressional cost projections, which Beijing would definitely like to peek at. This alert came out while most of the CISA workforce was still furloughed for the ongoing government shutdown—talk about terrible timing. The office’s spokesperson says containment happened fast and extra monitoring’s in place, but the hackers’ full reach is still under investigation. Notably, Capitol Hill IT told staffers: don’t touch CBO links right now because their own accounts may still be booby-trapped.
Zooming out, the Salt Typhoon group—yes, the same squad the FBI says may have stolen data from “nearly every American”—is causing international heartburn. Salt Typhoon is backed by the Chinese state and has hit at least 200 companies in 80 countries since 2019, but the US round this week is another big deal. Their specialty: targeting the networks that keep our world humming—telecoms, government servers, even military infrastructure. AT&T, T-Mobile, Verizon, no one is safe. Intelligence agencies from the UK, Germany, and Japan have all linked arms with the US in a rare united front, urging companies to hunt for intrusions and implement every mitigation in the new CISA security advisory. The FBI’s even tacked a $10 million bounty for leads on these folks—so if your cousin’s a Salt Typhoon insider, now’s the time to turn them in!
For newly discovered malware, researchers have identified “spinstallX.aspx” scripts showing up in SharePoint deployments, the calling card of this summer’s ToolShell attack. After Vietnamese researcher Dinh Ho Anh Khoa demoed vulnerabilities at Pwn2Own Berlin, Chinese actors—namely Linen Typhoon, Violet Typhoon, and Storm-2603—weaponized the flaws before Microsoft even finished patching. Microsoft’s MAPP program, which shares vulnerability details pre-release with security partners, got burned when exploitation happened the exact day of its last confidential notifications. Now Microsoft has restricted access for all Chinese MAPP partners: no more proof-of-concept code, just bland written notes, and private notifications go public at the same time as patches.
CISA, as usual, is not mincing words: emergency guidance went out this morning for any US org running SharePoint, especially in energy, finance, and transportation sectors. Immediate actions: patch all SharePoint servers, rotate ASP.NET mach
This content was created in partnership and with the help of Artificial Intelligence AI.
View all episodes
By Inception Point AIThis is your China Hack Report: Daily US Tech Defense podcast.
Hey listeners, I’m Ting, your one-woman firewall bursting with all the latest China cyber shenanigans! Buckle in: here’s what you’ve got to know about today’s critical China-linked activities hitting US tech and defense.
The top headline you literally cannot ignore: suspected Chinese state-backed hackers are in the spotlight for hammering the Congressional Budget Office in Washington. That’s not just any agency—they advise Congress on everything from spending to deficits. The breach, disclosed to congressional staff, may have exposed juicy details about US lawmakers’ comms and even Congressional cost projections, which Beijing would definitely like to peek at. This alert came out while most of the CISA workforce was still furloughed for the ongoing government shutdown—talk about terrible timing. The office’s spokesperson says containment happened fast and extra monitoring’s in place, but the hackers’ full reach is still under investigation. Notably, Capitol Hill IT told staffers: don’t touch CBO links right now because their own accounts may still be booby-trapped.
Zooming out, the Salt Typhoon group—yes, the same squad the FBI says may have stolen data from “nearly every American”—is causing international heartburn. Salt Typhoon is backed by the Chinese state and has hit at least 200 companies in 80 countries since 2019, but the US round this week is another big deal. Their specialty: targeting the networks that keep our world humming—telecoms, government servers, even military infrastructure. AT&T, T-Mobile, Verizon, no one is safe. Intelligence agencies from the UK, Germany, and Japan have all linked arms with the US in a rare united front, urging companies to hunt for intrusions and implement every mitigation in the new CISA security advisory. The FBI’s even tacked a $10 million bounty for leads on these folks—so if your cousin’s a Salt Typhoon insider, now’s the time to turn them in!
For newly discovered malware, researchers have identified “spinstallX.aspx” scripts showing up in SharePoint deployments, the calling card of this summer’s ToolShell attack. After Vietnamese researcher Dinh Ho Anh Khoa demoed vulnerabilities at Pwn2Own Berlin, Chinese actors—namely Linen Typhoon, Violet Typhoon, and Storm-2603—weaponized the flaws before Microsoft even finished patching. Microsoft’s MAPP program, which shares vulnerability details pre-release with security partners, got burned when exploitation happened the exact day of its last confidential notifications. Now Microsoft has restricted access for all Chinese MAPP partners: no more proof-of-concept code, just bland written notes, and private notifications go public at the same time as patches.
CISA, as usual, is not mincing words: emergency guidance went out this morning for any US org running SharePoint, especially in energy, finance, and transportation sectors. Immediate actions: patch all SharePoint servers, rotate ASP.NET mach
This content was created in partnership and with the help of Artificial Intelligence AI.