Sign up to save your podcasts
Or
Share China's Hack Blitz: US Shields Buckle, Zero-Days & Stealthy Malware Run Amok
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
China's Hack Blitz: US Shields Buckle, Zero-Days & Stealthy Malware Run Amok
This is your Tech Shield: US vs China Updates podcast.
Hey listeners, Ting here, your go-to cyber sleuth on all things China hacks and US shields. This week in the US-China cyber showdown, it's been a brutal blitz from Beijing's crews, but America's defenses are firing back—sort of. Picture this: I'm hunkered down in my digital war room, caffeine-fueled, watching CISA, NSA, and Cisco Talos drop bombshells left and right.
First off, Chinese state-sponsored ops unleashed BRICKSTORM malware, a sneaky backdoor beast hitting VMware vSphere and Windows setups in government agencies and critical infrastructure across North America. Smarter MSP reports CISA's joint advisory with NSA and Canada's Cyber Centre exposing how these hackers lurked undetected for 17 months in one case—from April 2024 to September 2025. It uses layered encryption, DNS-over-HTTPS for stealth chats, and auto-reinstalls if you try to boot it. Nasty, right? The Defense Post echoes this, calling out PRC hackers targeting US networks hard.
Then bam, Cisco drops a zero-day bombshell on December 17. Chinese hackers, linked to known gov groups per Cisco Talos, exploited a critical flaw in AsyncOS software on Secure Email Gateway and Web Manager appliances. No patch yet—Cisco says wipe and rebuild if compromised. TechCrunch notes the campaign kicked off late November 2025, hitting internet-facing Spam Quarantine features. Researcher Kevin Beaumont warns big orgs are exposed since these boxes are everywhere.
Patching frenzy ensued: Microsoft fixed CVE-2025-62221 under active exploit, plus CISA added D-Link router overflow (CVE-2022-37055) and Array Networks injection (CVE-2025-66644). Fortinet patched auth bypass bugs in FortiOS and FortiWeb—Australia's ACSC and Canada's Cyber Centre screamed urgency. CISA also blasted 12 ICS advisories for Mitsubishi Electric, Advantech, Johnson Controls, even medical gear.
Government moves? DOJ's Data Security Program, live since April 2025, slaps export controls on bulk sensitive data to China and five other adversaries, per FTI Consulting. And President Trump's nominating Lt. Gen. Rudd—Indo-Pacific Command deputy—for NSA/Cyber Command head, eyeing China counters, says Nextgov.
Industry's scrambling: Check Point tracks China-linked Ink Dragon (aka Jewelbug) chaining ShadowPad and new FINALDRAFT malware across Europe, Asia, Africa govs and telcos. The Hacker News details their web shells, Cobalt Strike, and Google Drive C2 tricks—super stealthy, turning victims into relay nodes.
Expert take? These patches and advisories are clutch, buying time, but gaps scream loud. BRICKSTORM's persistence and Cisco's no-patch wipe show detection lags—17 months? Oof. Zero-days like AsyncOS exploit unpatched sprawl, and Ink Dragon's mesh network means one breach fuels global ops. US needs faster attribution, AI-driven anomaly hunts—MITRE's expanding D3FEND for OT helps—and mandatory bulk data audits. China's hybrid game, per Craig Singleton's House testimony December 16, blends cyber espion with supply chains; we're reactive, they're prepositioned.
Witty wrap: Beijing's hackers are like that ex who won't delete your number—persistent and everywhere. US shields are tougher, but plug those holes before New Year's fireworks.
Thanks for tuning in, listeners—subscribe for more cyber spice! This has been a Quiet Please production, for more check out quietplease.ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
Hey listeners, Ting here, your go-to cyber sleuth on all things China hacks and US shields. This week in the US-China cyber showdown, it's been a brutal blitz from Beijing's crews, but America's defenses are firing back—sort of. Picture this: I'm hunkered down in my digital war room, caffeine-fueled, watching CISA, NSA, and Cisco Talos drop bombshells left and right.
First off, Chinese state-sponsored ops unleashed BRICKSTORM malware, a sneaky backdoor beast hitting VMware vSphere and Windows setups in government agencies and critical infrastructure across North America. Smarter MSP reports CISA's joint advisory with NSA and Canada's Cyber Centre exposing how these hackers lurked undetected for 17 months in one case—from April 2024 to September 2025. It uses layered encryption, DNS-over-HTTPS for stealth chats, and auto-reinstalls if you try to boot it. Nasty, right? The Defense Post echoes this, calling out PRC hackers targeting US networks hard.
Then bam, Cisco drops a zero-day bombshell on December 17. Chinese hackers, linked to known gov groups per Cisco Talos, exploited a critical flaw in AsyncOS software on Secure Email Gateway and Web Manager appliances. No patch yet—Cisco says wipe and rebuild if compromised. TechCrunch notes the campaign kicked off late November 2025, hitting internet-facing Spam Quarantine features. Researcher Kevin Beaumont warns big orgs are exposed since these boxes are everywhere.
Patching frenzy ensued: Microsoft fixed CVE-2025-62221 under active exploit, plus CISA added D-Link router overflow (CVE-2022-37055) and Array Networks injection (CVE-2025-66644). Fortinet patched auth bypass bugs in FortiOS and FortiWeb—Australia's ACSC and Canada's Cyber Centre screamed urgency. CISA also blasted 12 ICS advisories for Mitsubishi Electric, Advantech, Johnson Controls, even medical gear.
Government moves? DOJ's Data Security Program, live since April 2025, slaps export controls on bulk sensitive data to China and five other adversaries, per FTI Consulting. And President Trump's nominating Lt. Gen. Rudd—Indo-Pacific Command deputy—for NSA/Cyber Command head, eyeing China counters, says Nextgov.
Industry's scrambling: Check Point tracks China-linked Ink Dragon (aka Jewelbug) chaining ShadowPad and new FINALDRAFT malware across Europe, Asia, Africa govs and telcos. The Hacker News details their web shells, Cobalt Strike, and Google Drive C2 tricks—super stealthy, turning victims into relay nodes.
Expert take? These patches and advisories are clutch, buying time, but gaps scream loud. BRICKSTORM's persistence and Cisco's no-patch wipe show detection lags—17 months? Oof. Zero-days like AsyncOS exploit unpatched sprawl, and Ink Dragon's mesh network means one breach fuels global ops. US needs faster attribution, AI-driven anomaly hunts—MITRE's expanding D3FEND for OT helps—and mandatory bulk data audits. China's hybrid game, per Craig Singleton's House testimony December 16, blends cyber espion with supply chains; we're reactive, they're prepositioned.
Witty wrap: Beijing's hackers are like that ex who won't delete your number—persistent and everywhere. US shields are tougher, but plug those holes before New Year's fireworks.
Thanks for tuning in, listeners—subscribe for more cyber spice! This has been a Quiet Please production, for more check out quietplease.ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
View all episodes
By Inception Point AiThis is your Tech Shield: US vs China Updates podcast.
Hey listeners, Ting here, your go-to cyber sleuth on all things China hacks and US shields. This week in the US-China cyber showdown, it's been a brutal blitz from Beijing's crews, but America's defenses are firing back—sort of. Picture this: I'm hunkered down in my digital war room, caffeine-fueled, watching CISA, NSA, and Cisco Talos drop bombshells left and right.
First off, Chinese state-sponsored ops unleashed BRICKSTORM malware, a sneaky backdoor beast hitting VMware vSphere and Windows setups in government agencies and critical infrastructure across North America. Smarter MSP reports CISA's joint advisory with NSA and Canada's Cyber Centre exposing how these hackers lurked undetected for 17 months in one case—from April 2024 to September 2025. It uses layered encryption, DNS-over-HTTPS for stealth chats, and auto-reinstalls if you try to boot it. Nasty, right? The Defense Post echoes this, calling out PRC hackers targeting US networks hard.
Then bam, Cisco drops a zero-day bombshell on December 17. Chinese hackers, linked to known gov groups per Cisco Talos, exploited a critical flaw in AsyncOS software on Secure Email Gateway and Web Manager appliances. No patch yet—Cisco says wipe and rebuild if compromised. TechCrunch notes the campaign kicked off late November 2025, hitting internet-facing Spam Quarantine features. Researcher Kevin Beaumont warns big orgs are exposed since these boxes are everywhere.
Patching frenzy ensued: Microsoft fixed CVE-2025-62221 under active exploit, plus CISA added D-Link router overflow (CVE-2022-37055) and Array Networks injection (CVE-2025-66644). Fortinet patched auth bypass bugs in FortiOS and FortiWeb—Australia's ACSC and Canada's Cyber Centre screamed urgency. CISA also blasted 12 ICS advisories for Mitsubishi Electric, Advantech, Johnson Controls, even medical gear.
Government moves? DOJ's Data Security Program, live since April 2025, slaps export controls on bulk sensitive data to China and five other adversaries, per FTI Consulting. And President Trump's nominating Lt. Gen. Rudd—Indo-Pacific Command deputy—for NSA/Cyber Command head, eyeing China counters, says Nextgov.
Industry's scrambling: Check Point tracks China-linked Ink Dragon (aka Jewelbug) chaining ShadowPad and new FINALDRAFT malware across Europe, Asia, Africa govs and telcos. The Hacker News details their web shells, Cobalt Strike, and Google Drive C2 tricks—super stealthy, turning victims into relay nodes.
Expert take? These patches and advisories are clutch, buying time, but gaps scream loud. BRICKSTORM's persistence and Cisco's no-patch wipe show detection lags—17 months? Oof. Zero-days like AsyncOS exploit unpatched sprawl, and Ink Dragon's mesh network means one breach fuels global ops. US needs faster attribution, AI-driven anomaly hunts—MITRE's expanding D3FEND for OT helps—and mandatory bulk data audits. China's hybrid game, per Craig Singleton's House testimony December 16, blends cyber espion with supply chains; we're reactive, they're prepositioned.
Witty wrap: Beijing's hackers are like that ex who won't delete your number—persistent and everywhere. US shields are tougher, but plug those holes before New Year's fireworks.
Thanks for tuning in, listeners—subscribe for more cyber spice! This has been a Quiet Please production, for more check out quietplease.ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
Hey listeners, Ting here, your go-to cyber sleuth on all things China hacks and US shields. This week in the US-China cyber showdown, it's been a brutal blitz from Beijing's crews, but America's defenses are firing back—sort of. Picture this: I'm hunkered down in my digital war room, caffeine-fueled, watching CISA, NSA, and Cisco Talos drop bombshells left and right.
First off, Chinese state-sponsored ops unleashed BRICKSTORM malware, a sneaky backdoor beast hitting VMware vSphere and Windows setups in government agencies and critical infrastructure across North America. Smarter MSP reports CISA's joint advisory with NSA and Canada's Cyber Centre exposing how these hackers lurked undetected for 17 months in one case—from April 2024 to September 2025. It uses layered encryption, DNS-over-HTTPS for stealth chats, and auto-reinstalls if you try to boot it. Nasty, right? The Defense Post echoes this, calling out PRC hackers targeting US networks hard.
Then bam, Cisco drops a zero-day bombshell on December 17. Chinese hackers, linked to known gov groups per Cisco Talos, exploited a critical flaw in AsyncOS software on Secure Email Gateway and Web Manager appliances. No patch yet—Cisco says wipe and rebuild if compromised. TechCrunch notes the campaign kicked off late November 2025, hitting internet-facing Spam Quarantine features. Researcher Kevin Beaumont warns big orgs are exposed since these boxes are everywhere.
Patching frenzy ensued: Microsoft fixed CVE-2025-62221 under active exploit, plus CISA added D-Link router overflow (CVE-2022-37055) and Array Networks injection (CVE-2025-66644). Fortinet patched auth bypass bugs in FortiOS and FortiWeb—Australia's ACSC and Canada's Cyber Centre screamed urgency. CISA also blasted 12 ICS advisories for Mitsubishi Electric, Advantech, Johnson Controls, even medical gear.
Government moves? DOJ's Data Security Program, live since April 2025, slaps export controls on bulk sensitive data to China and five other adversaries, per FTI Consulting. And President Trump's nominating Lt. Gen. Rudd—Indo-Pacific Command deputy—for NSA/Cyber Command head, eyeing China counters, says Nextgov.
Industry's scrambling: Check Point tracks China-linked Ink Dragon (aka Jewelbug) chaining ShadowPad and new FINALDRAFT malware across Europe, Asia, Africa govs and telcos. The Hacker News details their web shells, Cobalt Strike, and Google Drive C2 tricks—super stealthy, turning victims into relay nodes.
Expert take? These patches and advisories are clutch, buying time, but gaps scream loud. BRICKSTORM's persistence and Cisco's no-patch wipe show detection lags—17 months? Oof. Zero-days like AsyncOS exploit unpatched sprawl, and Ink Dragon's mesh network means one breach fuels global ops. US needs faster attribution, AI-driven anomaly hunts—MITRE's expanding D3FEND for OT helps—and mandatory bulk data audits. China's hybrid game, per Craig Singleton's House testimony December 16, blends cyber espion with supply chains; we're reactive, they're prepositioned.
Witty wrap: Beijing's hackers are like that ex who won't delete your number—persistent and everywhere. US shields are tougher, but plug those holes before New Year's fireworks.
Thanks for tuning in, listeners—subscribe for more cyber spice! This has been a Quiet Please production, for more check out quietplease.ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI