Sign up to save your podcasts
Or
Share Cyber Gossip Alert: China's AI Antics, Big-Tech Blunders, and Uncle Sam's Defense Flex!
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Cyber Gossip Alert: China's AI Antics, Big-Tech Blunders, and Uncle Sam's Defense Flex!
This is your Digital Dragon Watch: Weekly China Cyber Alert podcast.
Hey listeners, Ting here with your Digital Dragon Watch Weekly China Cyber Alert, and trust me, you’ll want both your firewall and your popcorn ready for what’s gone down in the past seven days.
Let’s not waste a second—here’s the headline: the last week has seen a dangerous fusion of state-sponsored cyber threat innovation, big-tech breaches, and a US policy push on defensive lines, with China firmly in the spotlight. First up, ransomware evolution. Researchers at Trend Micro just confirmed a new ransomware called Charon is attacking public sector and aviation targets in the Middle East. What’s wild is the technical fingerprint—Charon’s DLL side-loading tricks look disturbingly close to those used in Earth Baxia’s campaigns, which cybersecurity pros have linked to China-based actors targeting Taiwan and wider Asia. That means the attack vectors we’re facing aren’t just copycats, they’re advanced persistent threat level, using legitimate files to sneak in and launch encrypted chaos.
By the way, these ransomware groups aren’t acting alone or with tunnel vision. Canadian firm eSentire lit up the board with details on Interlock ransomware, highlighting how China-backed hackers are chaining PowerShell, PHP, and custom implants for relentless credential theft and data destruction. Combine that with Barracuda’s new stat: 57% of organizations hit by ransomware in the last year, and you see why even big names like Salesforce—yes, the Google Salesforce breach in June—are out here playing defense. Google confirmed ShinyHunters, a familiar data-grabbing adversary, used voice phishing to trick their people, leak 2.55 million records, and remind us all why you should never trust “Hi, this is IT, can you click this link for me?”
Zooming in on US institutions, judicial and financial systems saw an alarming spike in state-sponsored cyberattacks, right as AI-powered attacks come into play. CrowdStrike and Palo Alto are ramping up their AI tools on the federal network, while the government mandates more zero-trust architectures and regular audits. According to the DTCC Systemic Risk Barometer Survey, AI and third-party vulnerabilities drove a 69% jump in risk across US finance since last year—with Chinese threat actors frequently cited as primary suspects.
But there are some surprises, too. At DEF CON, researchers revealed what might be a first: a Chinese cybercriminal allegedly working directly for North Korea’s notorious Kimsuky group, blurring lines further between state and mercenary cybercrime. Meanwhile, China itself has gone global on AI policy with new dialogues—Xi Jinping is pushing for emergency response and ‘hotline’ risk protocols as China’s own AI regulators warn about high-capability models straying out of human control. Both the US and China recognize that AI-fueled attacks, like those potentially able to facilitate bio-threats, could spiral past borders regardless of trade disputes—hey, the tariff deal just got extended, but data isn’t stoppable at customs.
Expert recommendations? Get rigorous on employee vishing and phishing awareness, audit and lock down cloud app permissions, patch like your coffee depends on it, and keep zero-trust front and center. Microsoft and Google both urge rapid updates following this week’s new CVEs. And yes, monitor those large data exports—don’t wait for a breach to test your incident response.
That’s a wrap for this week’s Digital Dragon Watch! Thanks for tuning in, and don’t forget to subscribe. This has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
Hey listeners, Ting here with your Digital Dragon Watch Weekly China Cyber Alert, and trust me, you’ll want both your firewall and your popcorn ready for what’s gone down in the past seven days.
Let’s not waste a second—here’s the headline: the last week has seen a dangerous fusion of state-sponsored cyber threat innovation, big-tech breaches, and a US policy push on defensive lines, with China firmly in the spotlight. First up, ransomware evolution. Researchers at Trend Micro just confirmed a new ransomware called Charon is attacking public sector and aviation targets in the Middle East. What’s wild is the technical fingerprint—Charon’s DLL side-loading tricks look disturbingly close to those used in Earth Baxia’s campaigns, which cybersecurity pros have linked to China-based actors targeting Taiwan and wider Asia. That means the attack vectors we’re facing aren’t just copycats, they’re advanced persistent threat level, using legitimate files to sneak in and launch encrypted chaos.
By the way, these ransomware groups aren’t acting alone or with tunnel vision. Canadian firm eSentire lit up the board with details on Interlock ransomware, highlighting how China-backed hackers are chaining PowerShell, PHP, and custom implants for relentless credential theft and data destruction. Combine that with Barracuda’s new stat: 57% of organizations hit by ransomware in the last year, and you see why even big names like Salesforce—yes, the Google Salesforce breach in June—are out here playing defense. Google confirmed ShinyHunters, a familiar data-grabbing adversary, used voice phishing to trick their people, leak 2.55 million records, and remind us all why you should never trust “Hi, this is IT, can you click this link for me?”
Zooming in on US institutions, judicial and financial systems saw an alarming spike in state-sponsored cyberattacks, right as AI-powered attacks come into play. CrowdStrike and Palo Alto are ramping up their AI tools on the federal network, while the government mandates more zero-trust architectures and regular audits. According to the DTCC Systemic Risk Barometer Survey, AI and third-party vulnerabilities drove a 69% jump in risk across US finance since last year—with Chinese threat actors frequently cited as primary suspects.
But there are some surprises, too. At DEF CON, researchers revealed what might be a first: a Chinese cybercriminal allegedly working directly for North Korea’s notorious Kimsuky group, blurring lines further between state and mercenary cybercrime. Meanwhile, China itself has gone global on AI policy with new dialogues—Xi Jinping is pushing for emergency response and ‘hotline’ risk protocols as China’s own AI regulators warn about high-capability models straying out of human control. Both the US and China recognize that AI-fueled attacks, like those potentially able to facilitate bio-threats, could spiral past borders regardless of trade disputes—hey, the tariff deal just got extended, but data isn’t stoppable at customs.
Expert recommendations? Get rigorous on employee vishing and phishing awareness, audit and lock down cloud app permissions, patch like your coffee depends on it, and keep zero-trust front and center. Microsoft and Google both urge rapid updates following this week’s new CVEs. And yes, monitor those large data exports—don’t wait for a breach to test your incident response.
That’s a wrap for this week’s Digital Dragon Watch! Thanks for tuning in, and don’t forget to subscribe. This has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
View all episodes
By Quiet. PleaseThis is your Digital Dragon Watch: Weekly China Cyber Alert podcast.
Hey listeners, Ting here with your Digital Dragon Watch Weekly China Cyber Alert, and trust me, you’ll want both your firewall and your popcorn ready for what’s gone down in the past seven days.
Let’s not waste a second—here’s the headline: the last week has seen a dangerous fusion of state-sponsored cyber threat innovation, big-tech breaches, and a US policy push on defensive lines, with China firmly in the spotlight. First up, ransomware evolution. Researchers at Trend Micro just confirmed a new ransomware called Charon is attacking public sector and aviation targets in the Middle East. What’s wild is the technical fingerprint—Charon’s DLL side-loading tricks look disturbingly close to those used in Earth Baxia’s campaigns, which cybersecurity pros have linked to China-based actors targeting Taiwan and wider Asia. That means the attack vectors we’re facing aren’t just copycats, they’re advanced persistent threat level, using legitimate files to sneak in and launch encrypted chaos.
By the way, these ransomware groups aren’t acting alone or with tunnel vision. Canadian firm eSentire lit up the board with details on Interlock ransomware, highlighting how China-backed hackers are chaining PowerShell, PHP, and custom implants for relentless credential theft and data destruction. Combine that with Barracuda’s new stat: 57% of organizations hit by ransomware in the last year, and you see why even big names like Salesforce—yes, the Google Salesforce breach in June—are out here playing defense. Google confirmed ShinyHunters, a familiar data-grabbing adversary, used voice phishing to trick their people, leak 2.55 million records, and remind us all why you should never trust “Hi, this is IT, can you click this link for me?”
Zooming in on US institutions, judicial and financial systems saw an alarming spike in state-sponsored cyberattacks, right as AI-powered attacks come into play. CrowdStrike and Palo Alto are ramping up their AI tools on the federal network, while the government mandates more zero-trust architectures and regular audits. According to the DTCC Systemic Risk Barometer Survey, AI and third-party vulnerabilities drove a 69% jump in risk across US finance since last year—with Chinese threat actors frequently cited as primary suspects.
But there are some surprises, too. At DEF CON, researchers revealed what might be a first: a Chinese cybercriminal allegedly working directly for North Korea’s notorious Kimsuky group, blurring lines further between state and mercenary cybercrime. Meanwhile, China itself has gone global on AI policy with new dialogues—Xi Jinping is pushing for emergency response and ‘hotline’ risk protocols as China’s own AI regulators warn about high-capability models straying out of human control. Both the US and China recognize that AI-fueled attacks, like those potentially able to facilitate bio-threats, could spiral past borders regardless of trade disputes—hey, the tariff deal just got extended, but data isn’t stoppable at customs.
Expert recommendations? Get rigorous on employee vishing and phishing awareness, audit and lock down cloud app permissions, patch like your coffee depends on it, and keep zero-trust front and center. Microsoft and Google both urge rapid updates following this week’s new CVEs. And yes, monitor those large data exports—don’t wait for a breach to test your incident response.
That’s a wrap for this week’s Digital Dragon Watch! Thanks for tuning in, and don’t forget to subscribe. This has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
Hey listeners, Ting here with your Digital Dragon Watch Weekly China Cyber Alert, and trust me, you’ll want both your firewall and your popcorn ready for what’s gone down in the past seven days.
Let’s not waste a second—here’s the headline: the last week has seen a dangerous fusion of state-sponsored cyber threat innovation, big-tech breaches, and a US policy push on defensive lines, with China firmly in the spotlight. First up, ransomware evolution. Researchers at Trend Micro just confirmed a new ransomware called Charon is attacking public sector and aviation targets in the Middle East. What’s wild is the technical fingerprint—Charon’s DLL side-loading tricks look disturbingly close to those used in Earth Baxia’s campaigns, which cybersecurity pros have linked to China-based actors targeting Taiwan and wider Asia. That means the attack vectors we’re facing aren’t just copycats, they’re advanced persistent threat level, using legitimate files to sneak in and launch encrypted chaos.
By the way, these ransomware groups aren’t acting alone or with tunnel vision. Canadian firm eSentire lit up the board with details on Interlock ransomware, highlighting how China-backed hackers are chaining PowerShell, PHP, and custom implants for relentless credential theft and data destruction. Combine that with Barracuda’s new stat: 57% of organizations hit by ransomware in the last year, and you see why even big names like Salesforce—yes, the Google Salesforce breach in June—are out here playing defense. Google confirmed ShinyHunters, a familiar data-grabbing adversary, used voice phishing to trick their people, leak 2.55 million records, and remind us all why you should never trust “Hi, this is IT, can you click this link for me?”
Zooming in on US institutions, judicial and financial systems saw an alarming spike in state-sponsored cyberattacks, right as AI-powered attacks come into play. CrowdStrike and Palo Alto are ramping up their AI tools on the federal network, while the government mandates more zero-trust architectures and regular audits. According to the DTCC Systemic Risk Barometer Survey, AI and third-party vulnerabilities drove a 69% jump in risk across US finance since last year—with Chinese threat actors frequently cited as primary suspects.
But there are some surprises, too. At DEF CON, researchers revealed what might be a first: a Chinese cybercriminal allegedly working directly for North Korea’s notorious Kimsuky group, blurring lines further between state and mercenary cybercrime. Meanwhile, China itself has gone global on AI policy with new dialogues—Xi Jinping is pushing for emergency response and ‘hotline’ risk protocols as China’s own AI regulators warn about high-capability models straying out of human control. Both the US and China recognize that AI-fueled attacks, like those potentially able to facilitate bio-threats, could spiral past borders regardless of trade disputes—hey, the tariff deal just got extended, but data isn’t stoppable at customs.
Expert recommendations? Get rigorous on employee vishing and phishing awareness, audit and lock down cloud app permissions, patch like your coffee depends on it, and keep zero-trust front and center. Microsoft and Google both urge rapid updates following this week’s new CVEs. And yes, monitor those large data exports—don’t wait for a breach to test your incident response.
That’s a wrap for this week’s Digital Dragon Watch! Thanks for tuning in, and don’t forget to subscribe. This has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta