Sign up to save your podcasts
Or
Share China vs US: Hacking Smackdown! Cyber Spies Gone Wild in Epic Exchange & SharePoint Showdown
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
China vs US: Hacking Smackdown! Cyber Spies Gone Wild in Epic Exchange & SharePoint Showdown
This is your Digital Dragon Watch: Weekly China Cyber Alert podcast.
Listeners, Ting here on Digital Dragon Watch: Weekly China Cyber Alert, and you won’t want to miss what’s been crackling across the wires over the past seven days. Buckle up, because if Microsoft had a loyalty program for cyber drama, both China and the US would be platinum members by now.
The big story? The Cyber Security Association of China, with backup from the Cyberspace Administration, came out swinging, claiming US intelligence exploited a Microsoft Exchange zero-day flaw to infiltrate not just anyone, but companies central to China’s defense sector. The attack, which allegedly let US actors control servers for almost a year, led to a hefty data grab, including confidential military info. Beijing wasn't shy—official Foreign Ministry spokesperson Guo Jiakun said this just highlights how the US remains the “top cyber threat” facing China. He accused the US of orchestrating over 600 attacks on Chinese agencies last year alone, often working hand-in-glove with allies in Europe and right in China’s regional backyard.
But not to be outdone, Microsoft countered, reminding everyone of its own headache: Chinese state-backed hackers exploiting SharePoint vulnerabilities—what Microsoft calls one of the most significant security breaches ever. This affected hundreds of organizations worldwide, and led to a major push to issue urgent patches to all SharePoint customers, especially those in the US. Microsoft still strongly recommends updating on-premises servers ASAP to avoid similar disasters.
Meanwhile, Chinese-speaking threat actors were busy themselves, using the PlayPraetor remote access trojan to compromise over 11,000 Android devices globally. This kind of mobile infiltration opens doors to more than just surveillance—think banking info, SMS, and sensitive personal data. Security researchers warn individuals and businesses alike to avoid sideloaded apps, keep Android OS patched, and deploy mobile security tools tailored for advanced persistent threats.
The US government isn’t watching from the sidelines either. The new FBI office in New Zealand, according to the Associated Press, is designed to monitor and counter China’s influence in the Pacific, which probably isn’t going over well in Beijing. Meanwhile, US agencies have ramped up communications with cloud service providers and critical infrastructure companies, issuing advisories about possible retaliatory Chinese cyber operations targeting defense, aerospace, and supply chain sectors.
What do the pros say about shoring up defenses? First: Patch management remains king. Whether it’s Microsoft Exchange, SharePoint, or mobile devices, organizations must keep software up-to-date and audit for unpatched systems regularly. Second: Zero trust architecture is creeping from buzzword to baseline. Assume no device or user is automatically safe. Finally, experts urge more international threat intelligence sharing. China, the US, and the rest of the world may not play nice, but when vulnerabilities are weapons, fast information is the best shield.
Thanks for tuning in to Digital Dragon Watch! Don’t forget to subscribe for your weekly hit of China cyber intrigue. This has been a Quiet Please production, for more check out quietplease dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
Listeners, Ting here on Digital Dragon Watch: Weekly China Cyber Alert, and you won’t want to miss what’s been crackling across the wires over the past seven days. Buckle up, because if Microsoft had a loyalty program for cyber drama, both China and the US would be platinum members by now.
The big story? The Cyber Security Association of China, with backup from the Cyberspace Administration, came out swinging, claiming US intelligence exploited a Microsoft Exchange zero-day flaw to infiltrate not just anyone, but companies central to China’s defense sector. The attack, which allegedly let US actors control servers for almost a year, led to a hefty data grab, including confidential military info. Beijing wasn't shy—official Foreign Ministry spokesperson Guo Jiakun said this just highlights how the US remains the “top cyber threat” facing China. He accused the US of orchestrating over 600 attacks on Chinese agencies last year alone, often working hand-in-glove with allies in Europe and right in China’s regional backyard.
But not to be outdone, Microsoft countered, reminding everyone of its own headache: Chinese state-backed hackers exploiting SharePoint vulnerabilities—what Microsoft calls one of the most significant security breaches ever. This affected hundreds of organizations worldwide, and led to a major push to issue urgent patches to all SharePoint customers, especially those in the US. Microsoft still strongly recommends updating on-premises servers ASAP to avoid similar disasters.
Meanwhile, Chinese-speaking threat actors were busy themselves, using the PlayPraetor remote access trojan to compromise over 11,000 Android devices globally. This kind of mobile infiltration opens doors to more than just surveillance—think banking info, SMS, and sensitive personal data. Security researchers warn individuals and businesses alike to avoid sideloaded apps, keep Android OS patched, and deploy mobile security tools tailored for advanced persistent threats.
The US government isn’t watching from the sidelines either. The new FBI office in New Zealand, according to the Associated Press, is designed to monitor and counter China’s influence in the Pacific, which probably isn’t going over well in Beijing. Meanwhile, US agencies have ramped up communications with cloud service providers and critical infrastructure companies, issuing advisories about possible retaliatory Chinese cyber operations targeting defense, aerospace, and supply chain sectors.
What do the pros say about shoring up defenses? First: Patch management remains king. Whether it’s Microsoft Exchange, SharePoint, or mobile devices, organizations must keep software up-to-date and audit for unpatched systems regularly. Second: Zero trust architecture is creeping from buzzword to baseline. Assume no device or user is automatically safe. Finally, experts urge more international threat intelligence sharing. China, the US, and the rest of the world may not play nice, but when vulnerabilities are weapons, fast information is the best shield.
Thanks for tuning in to Digital Dragon Watch! Don’t forget to subscribe for your weekly hit of China cyber intrigue. This has been a Quiet Please production, for more check out quietplease dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
View all episodes
By Quiet. PleaseThis is your Digital Dragon Watch: Weekly China Cyber Alert podcast.
Listeners, Ting here on Digital Dragon Watch: Weekly China Cyber Alert, and you won’t want to miss what’s been crackling across the wires over the past seven days. Buckle up, because if Microsoft had a loyalty program for cyber drama, both China and the US would be platinum members by now.
The big story? The Cyber Security Association of China, with backup from the Cyberspace Administration, came out swinging, claiming US intelligence exploited a Microsoft Exchange zero-day flaw to infiltrate not just anyone, but companies central to China’s defense sector. The attack, which allegedly let US actors control servers for almost a year, led to a hefty data grab, including confidential military info. Beijing wasn't shy—official Foreign Ministry spokesperson Guo Jiakun said this just highlights how the US remains the “top cyber threat” facing China. He accused the US of orchestrating over 600 attacks on Chinese agencies last year alone, often working hand-in-glove with allies in Europe and right in China’s regional backyard.
But not to be outdone, Microsoft countered, reminding everyone of its own headache: Chinese state-backed hackers exploiting SharePoint vulnerabilities—what Microsoft calls one of the most significant security breaches ever. This affected hundreds of organizations worldwide, and led to a major push to issue urgent patches to all SharePoint customers, especially those in the US. Microsoft still strongly recommends updating on-premises servers ASAP to avoid similar disasters.
Meanwhile, Chinese-speaking threat actors were busy themselves, using the PlayPraetor remote access trojan to compromise over 11,000 Android devices globally. This kind of mobile infiltration opens doors to more than just surveillance—think banking info, SMS, and sensitive personal data. Security researchers warn individuals and businesses alike to avoid sideloaded apps, keep Android OS patched, and deploy mobile security tools tailored for advanced persistent threats.
The US government isn’t watching from the sidelines either. The new FBI office in New Zealand, according to the Associated Press, is designed to monitor and counter China’s influence in the Pacific, which probably isn’t going over well in Beijing. Meanwhile, US agencies have ramped up communications with cloud service providers and critical infrastructure companies, issuing advisories about possible retaliatory Chinese cyber operations targeting defense, aerospace, and supply chain sectors.
What do the pros say about shoring up defenses? First: Patch management remains king. Whether it’s Microsoft Exchange, SharePoint, or mobile devices, organizations must keep software up-to-date and audit for unpatched systems regularly. Second: Zero trust architecture is creeping from buzzword to baseline. Assume no device or user is automatically safe. Finally, experts urge more international threat intelligence sharing. China, the US, and the rest of the world may not play nice, but when vulnerabilities are weapons, fast information is the best shield.
Thanks for tuning in to Digital Dragon Watch! Don’t forget to subscribe for your weekly hit of China cyber intrigue. This has been a Quiet Please production, for more check out quietplease dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
Listeners, Ting here on Digital Dragon Watch: Weekly China Cyber Alert, and you won’t want to miss what’s been crackling across the wires over the past seven days. Buckle up, because if Microsoft had a loyalty program for cyber drama, both China and the US would be platinum members by now.
The big story? The Cyber Security Association of China, with backup from the Cyberspace Administration, came out swinging, claiming US intelligence exploited a Microsoft Exchange zero-day flaw to infiltrate not just anyone, but companies central to China’s defense sector. The attack, which allegedly let US actors control servers for almost a year, led to a hefty data grab, including confidential military info. Beijing wasn't shy—official Foreign Ministry spokesperson Guo Jiakun said this just highlights how the US remains the “top cyber threat” facing China. He accused the US of orchestrating over 600 attacks on Chinese agencies last year alone, often working hand-in-glove with allies in Europe and right in China’s regional backyard.
But not to be outdone, Microsoft countered, reminding everyone of its own headache: Chinese state-backed hackers exploiting SharePoint vulnerabilities—what Microsoft calls one of the most significant security breaches ever. This affected hundreds of organizations worldwide, and led to a major push to issue urgent patches to all SharePoint customers, especially those in the US. Microsoft still strongly recommends updating on-premises servers ASAP to avoid similar disasters.
Meanwhile, Chinese-speaking threat actors were busy themselves, using the PlayPraetor remote access trojan to compromise over 11,000 Android devices globally. This kind of mobile infiltration opens doors to more than just surveillance—think banking info, SMS, and sensitive personal data. Security researchers warn individuals and businesses alike to avoid sideloaded apps, keep Android OS patched, and deploy mobile security tools tailored for advanced persistent threats.
The US government isn’t watching from the sidelines either. The new FBI office in New Zealand, according to the Associated Press, is designed to monitor and counter China’s influence in the Pacific, which probably isn’t going over well in Beijing. Meanwhile, US agencies have ramped up communications with cloud service providers and critical infrastructure companies, issuing advisories about possible retaliatory Chinese cyber operations targeting defense, aerospace, and supply chain sectors.
What do the pros say about shoring up defenses? First: Patch management remains king. Whether it’s Microsoft Exchange, SharePoint, or mobile devices, organizations must keep software up-to-date and audit for unpatched systems regularly. Second: Zero trust architecture is creeping from buzzword to baseline. Assume no device or user is automatically safe. Finally, experts urge more international threat intelligence sharing. China, the US, and the rest of the world may not play nice, but when vulnerabilities are weapons, fast information is the best shield.
Thanks for tuning in to Digital Dragon Watch! Don’t forget to subscribe for your weekly hit of China cyber intrigue. This has been a Quiet Please production, for more check out quietplease dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta