Sign up to save your podcasts
Or
Share China Sheets the Competition: VMware Burns While Hackers Pivot Through Your Power Grid
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
China Sheets the Competition: VMware Burns While Hackers Pivot Through Your Power Grid
This is your China Hack Report: Daily US Tech Defense podcast.
Hey listeners, Ting here, your go-to gal for all things China cyber chaos. Buckle up, because the last 24 hours have been a fireworks show of Beijing's digital shadow games hitting US tech and defense right where it hurts—think virtualization empires crumbling and sneaky grid takedowns.
First off, CISA just slapped CVE-2026-22719, a nasty remote code execution bug in VMware Aria Operations from Broadcom, onto their Known Exploited Vulnerabilities catalog yesterday, March 3rd. This command injection flaw, scored at CVSS 8.1, lets attackers with basic access—like phished creds—run wild: inject commands, snag vCenter admin passwords, pivot to ESXi roots, and ransomware your entire VM fleet in minutes. Federal agencies gotta patch by March 18th per Binding Operational Directive 22-01, but if you're in tech or defense, do it now—network-lock that web interface and rotate every stored credential.
Not done yet—UNC2814, that crafty China-linked crew dubbed GridTide, got busted using Google Sheets as command-and-control across 42 countries, including US power grids and defense contractors. Risky Business reports they're pivoting from sheets to exfiltrate industrial control system configs, blending in like a tourist in Times Square. No new malware drop, but it's evolving fast, hitting energy sectors hard.
Then there's CVE-2026-22769, a perfect 10.0 CVSS zero-day in Dell RecoverPoint, exploited by Chinese actors since 2024 for data center domination—think backup sabotage in US hyperscalers. Dev.to flags it as active, urging emergency patches to block persistence.
Sectors? Virtualization like VMware and Dell owns the hit list, with energy grids via GridTide, and telecoms teased in breaches per Cybersecurity Dive. CISA's screaming immediate defenses: hunt for Aria instances everywhere, even forgotten ones from mergers; restrict access to management-only IPs; verify offline backups 'cause wipers love this chaos. FBI echoes phishing-resistant MFA—hardware keys only, no SMS nonsense—and monitor password sprays on VPNs.
Oh, and Silver Dragon APT, tight with APT41, is spewing GearDoor backdoors via spear-phish at US-linked Asian firms, per Check Point. PlugX domains popped up for Mustang Panda and UNC6384, espionage classics targeting defense intel.
Witty wrap: China's not bombing servers—they're sheet-ing 'em, exploiting 'em, and owning 'em while we patch. Stay vigilant, listeners—update, segment, and hunt like your data center depends on it.
Thanks for tuning in—subscribe for daily doses of cyber spice! This has been a Quiet Please production, for more check out quietplease.ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
Hey listeners, Ting here, your go-to gal for all things China cyber chaos. Buckle up, because the last 24 hours have been a fireworks show of Beijing's digital shadow games hitting US tech and defense right where it hurts—think virtualization empires crumbling and sneaky grid takedowns.
First off, CISA just slapped CVE-2026-22719, a nasty remote code execution bug in VMware Aria Operations from Broadcom, onto their Known Exploited Vulnerabilities catalog yesterday, March 3rd. This command injection flaw, scored at CVSS 8.1, lets attackers with basic access—like phished creds—run wild: inject commands, snag vCenter admin passwords, pivot to ESXi roots, and ransomware your entire VM fleet in minutes. Federal agencies gotta patch by March 18th per Binding Operational Directive 22-01, but if you're in tech or defense, do it now—network-lock that web interface and rotate every stored credential.
Not done yet—UNC2814, that crafty China-linked crew dubbed GridTide, got busted using Google Sheets as command-and-control across 42 countries, including US power grids and defense contractors. Risky Business reports they're pivoting from sheets to exfiltrate industrial control system configs, blending in like a tourist in Times Square. No new malware drop, but it's evolving fast, hitting energy sectors hard.
Then there's CVE-2026-22769, a perfect 10.0 CVSS zero-day in Dell RecoverPoint, exploited by Chinese actors since 2024 for data center domination—think backup sabotage in US hyperscalers. Dev.to flags it as active, urging emergency patches to block persistence.
Sectors? Virtualization like VMware and Dell owns the hit list, with energy grids via GridTide, and telecoms teased in breaches per Cybersecurity Dive. CISA's screaming immediate defenses: hunt for Aria instances everywhere, even forgotten ones from mergers; restrict access to management-only IPs; verify offline backups 'cause wipers love this chaos. FBI echoes phishing-resistant MFA—hardware keys only, no SMS nonsense—and monitor password sprays on VPNs.
Oh, and Silver Dragon APT, tight with APT41, is spewing GearDoor backdoors via spear-phish at US-linked Asian firms, per Check Point. PlugX domains popped up for Mustang Panda and UNC6384, espionage classics targeting defense intel.
Witty wrap: China's not bombing servers—they're sheet-ing 'em, exploiting 'em, and owning 'em while we patch. Stay vigilant, listeners—update, segment, and hunt like your data center depends on it.
Thanks for tuning in—subscribe for daily doses of cyber spice! This has been a Quiet Please production, for more check out quietplease.ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
View all episodes
By Inception Point AiThis is your China Hack Report: Daily US Tech Defense podcast.
Hey listeners, Ting here, your go-to gal for all things China cyber chaos. Buckle up, because the last 24 hours have been a fireworks show of Beijing's digital shadow games hitting US tech and defense right where it hurts—think virtualization empires crumbling and sneaky grid takedowns.
First off, CISA just slapped CVE-2026-22719, a nasty remote code execution bug in VMware Aria Operations from Broadcom, onto their Known Exploited Vulnerabilities catalog yesterday, March 3rd. This command injection flaw, scored at CVSS 8.1, lets attackers with basic access—like phished creds—run wild: inject commands, snag vCenter admin passwords, pivot to ESXi roots, and ransomware your entire VM fleet in minutes. Federal agencies gotta patch by March 18th per Binding Operational Directive 22-01, but if you're in tech or defense, do it now—network-lock that web interface and rotate every stored credential.
Not done yet—UNC2814, that crafty China-linked crew dubbed GridTide, got busted using Google Sheets as command-and-control across 42 countries, including US power grids and defense contractors. Risky Business reports they're pivoting from sheets to exfiltrate industrial control system configs, blending in like a tourist in Times Square. No new malware drop, but it's evolving fast, hitting energy sectors hard.
Then there's CVE-2026-22769, a perfect 10.0 CVSS zero-day in Dell RecoverPoint, exploited by Chinese actors since 2024 for data center domination—think backup sabotage in US hyperscalers. Dev.to flags it as active, urging emergency patches to block persistence.
Sectors? Virtualization like VMware and Dell owns the hit list, with energy grids via GridTide, and telecoms teased in breaches per Cybersecurity Dive. CISA's screaming immediate defenses: hunt for Aria instances everywhere, even forgotten ones from mergers; restrict access to management-only IPs; verify offline backups 'cause wipers love this chaos. FBI echoes phishing-resistant MFA—hardware keys only, no SMS nonsense—and monitor password sprays on VPNs.
Oh, and Silver Dragon APT, tight with APT41, is spewing GearDoor backdoors via spear-phish at US-linked Asian firms, per Check Point. PlugX domains popped up for Mustang Panda and UNC6384, espionage classics targeting defense intel.
Witty wrap: China's not bombing servers—they're sheet-ing 'em, exploiting 'em, and owning 'em while we patch. Stay vigilant, listeners—update, segment, and hunt like your data center depends on it.
Thanks for tuning in—subscribe for daily doses of cyber spice! This has been a Quiet Please production, for more check out quietplease.ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
Hey listeners, Ting here, your go-to gal for all things China cyber chaos. Buckle up, because the last 24 hours have been a fireworks show of Beijing's digital shadow games hitting US tech and defense right where it hurts—think virtualization empires crumbling and sneaky grid takedowns.
First off, CISA just slapped CVE-2026-22719, a nasty remote code execution bug in VMware Aria Operations from Broadcom, onto their Known Exploited Vulnerabilities catalog yesterday, March 3rd. This command injection flaw, scored at CVSS 8.1, lets attackers with basic access—like phished creds—run wild: inject commands, snag vCenter admin passwords, pivot to ESXi roots, and ransomware your entire VM fleet in minutes. Federal agencies gotta patch by March 18th per Binding Operational Directive 22-01, but if you're in tech or defense, do it now—network-lock that web interface and rotate every stored credential.
Not done yet—UNC2814, that crafty China-linked crew dubbed GridTide, got busted using Google Sheets as command-and-control across 42 countries, including US power grids and defense contractors. Risky Business reports they're pivoting from sheets to exfiltrate industrial control system configs, blending in like a tourist in Times Square. No new malware drop, but it's evolving fast, hitting energy sectors hard.
Then there's CVE-2026-22769, a perfect 10.0 CVSS zero-day in Dell RecoverPoint, exploited by Chinese actors since 2024 for data center domination—think backup sabotage in US hyperscalers. Dev.to flags it as active, urging emergency patches to block persistence.
Sectors? Virtualization like VMware and Dell owns the hit list, with energy grids via GridTide, and telecoms teased in breaches per Cybersecurity Dive. CISA's screaming immediate defenses: hunt for Aria instances everywhere, even forgotten ones from mergers; restrict access to management-only IPs; verify offline backups 'cause wipers love this chaos. FBI echoes phishing-resistant MFA—hardware keys only, no SMS nonsense—and monitor password sprays on VPNs.
Oh, and Silver Dragon APT, tight with APT41, is spewing GearDoor backdoors via spear-phish at US-linked Asian firms, per Check Point. PlugX domains popped up for Mustang Panda and UNC6384, espionage classics targeting defense intel.
Witty wrap: China's not bombing servers—they're sheet-ing 'em, exploiting 'em, and owning 'em while we patch. Stay vigilant, listeners—update, segment, and hunt like your data center depends on it.
Thanks for tuning in—subscribe for daily doses of cyber spice! This has been a Quiet Please production, for more check out quietplease.ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI