Sign up to save your podcasts
Or
Share Cyber Sleuth Ting Dishes on China's Bold Hacks: Grid Attacks, Spear-Phishing & More!
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Cyber Sleuth Ting Dishes on China's Bold Hacks: Grid Attacks, Spear-Phishing & More!
This is your Red Alert: China's Daily Cyber Moves podcast.
Listeners, Ting here—your favorite cyber sleuth reporting straight from the front lines, and believe me, the red alerts have been relentless this week. If you tuned in thinking you could multitask on your phone and not pay attention, sorry, but things are moving way too fast for that today. Grab your two-factor codes and that emergency coffee, because China’s cyber operators, especially the infamous Salt Typhoon crew, have taken things up a notch.
Starting mid-last week, U.S. agencies and companies started registering an uptick in odd network pings and malformed data packets targeting power grids and telecoms. According to the latest from FBI briefings, the Salt Typhoon cyber-espionage campaign turned out to be the biggest, boldest move we've seen yet. Investigators uncovered that the breach wasn’t just a simple smash-and-grab—Salt Typhoon embedded itself within telecom backbones, ultimately snatching personal and operational data from just about every American. No exaggeration—if you’ve made a call or used a major provider, your data may be stashed somewhere in a server farm outside Shanghai.
At the same time, emergency alerts pinged inboxes from CISA late last night: new attack vectors targeting not just the energy grid, but also healthcare and financial sectors, using a novel hybrid approach. The technique? They used compromised U.S. networks, making their attacks appear domestic—evading NSA scrutiny and causing a whiplash response among incident response teams nationwide.
We also had a slice of old-meets-new: Chinese actors, via criminal proxies, launched spear-phishing campaigns in Microsoft Teams, impersonating senior U.S. lawmakers. The favorite identity this week was Rep. John Moolenaar—if you got a message requesting your “essential insights” on sanctions, delete it. The FBI is chasing this digital masquerade ball, but it’s a wild ride when attackers pivot so fast between spoofing and direct network exploitation.
Potential escalation? We’re already seeing secondary attacks—PDF-based infostealer malware slipping past classic filters and targeting mid-size enterprises. According to Black Arrow Cyber, this trend will continue, especially as more ransomware groups regroup under state protection. If the retaliation tit-for-tat escalates, critical systems—power, water, food supply—could see timed disruptions that look like technical failures but are anything but.
So what are we supposed to do while Beijing’s best are flexing? Start by banning external admin access where not vital—especially for anything critical. Disable remote cloud logins that rely on weak single-factor authentication, and verify every endpoint for traces of recent command-and-control activity. CISA and FBI insist on segmenting operational tech and running emergency patch cycles twice weekly. And please, please rehearse your incident response—don’t be the company tangled in forgotten test accounts while attackers waltz through your firewall.
Before I crash back to the cyber trenches: keep those alerts enabled, question everything odd in your inbox, and if someone claims to be your favorite representative sliding into your DMs, assume they’re probably plotting a supply chain attack.
Thanks for tuning in to your Red Alert update. Subscribe for more actionable intel—Ting out. This has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
Listeners, Ting here—your favorite cyber sleuth reporting straight from the front lines, and believe me, the red alerts have been relentless this week. If you tuned in thinking you could multitask on your phone and not pay attention, sorry, but things are moving way too fast for that today. Grab your two-factor codes and that emergency coffee, because China’s cyber operators, especially the infamous Salt Typhoon crew, have taken things up a notch.
Starting mid-last week, U.S. agencies and companies started registering an uptick in odd network pings and malformed data packets targeting power grids and telecoms. According to the latest from FBI briefings, the Salt Typhoon cyber-espionage campaign turned out to be the biggest, boldest move we've seen yet. Investigators uncovered that the breach wasn’t just a simple smash-and-grab—Salt Typhoon embedded itself within telecom backbones, ultimately snatching personal and operational data from just about every American. No exaggeration—if you’ve made a call or used a major provider, your data may be stashed somewhere in a server farm outside Shanghai.
At the same time, emergency alerts pinged inboxes from CISA late last night: new attack vectors targeting not just the energy grid, but also healthcare and financial sectors, using a novel hybrid approach. The technique? They used compromised U.S. networks, making their attacks appear domestic—evading NSA scrutiny and causing a whiplash response among incident response teams nationwide.
We also had a slice of old-meets-new: Chinese actors, via criminal proxies, launched spear-phishing campaigns in Microsoft Teams, impersonating senior U.S. lawmakers. The favorite identity this week was Rep. John Moolenaar—if you got a message requesting your “essential insights” on sanctions, delete it. The FBI is chasing this digital masquerade ball, but it’s a wild ride when attackers pivot so fast between spoofing and direct network exploitation.
Potential escalation? We’re already seeing secondary attacks—PDF-based infostealer malware slipping past classic filters and targeting mid-size enterprises. According to Black Arrow Cyber, this trend will continue, especially as more ransomware groups regroup under state protection. If the retaliation tit-for-tat escalates, critical systems—power, water, food supply—could see timed disruptions that look like technical failures but are anything but.
So what are we supposed to do while Beijing’s best are flexing? Start by banning external admin access where not vital—especially for anything critical. Disable remote cloud logins that rely on weak single-factor authentication, and verify every endpoint for traces of recent command-and-control activity. CISA and FBI insist on segmenting operational tech and running emergency patch cycles twice weekly. And please, please rehearse your incident response—don’t be the company tangled in forgotten test accounts while attackers waltz through your firewall.
Before I crash back to the cyber trenches: keep those alerts enabled, question everything odd in your inbox, and if someone claims to be your favorite representative sliding into your DMs, assume they’re probably plotting a supply chain attack.
Thanks for tuning in to your Red Alert update. Subscribe for more actionable intel—Ting out. This has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
View all episodes
By Inception Point AiThis is your Red Alert: China's Daily Cyber Moves podcast.
Listeners, Ting here—your favorite cyber sleuth reporting straight from the front lines, and believe me, the red alerts have been relentless this week. If you tuned in thinking you could multitask on your phone and not pay attention, sorry, but things are moving way too fast for that today. Grab your two-factor codes and that emergency coffee, because China’s cyber operators, especially the infamous Salt Typhoon crew, have taken things up a notch.
Starting mid-last week, U.S. agencies and companies started registering an uptick in odd network pings and malformed data packets targeting power grids and telecoms. According to the latest from FBI briefings, the Salt Typhoon cyber-espionage campaign turned out to be the biggest, boldest move we've seen yet. Investigators uncovered that the breach wasn’t just a simple smash-and-grab—Salt Typhoon embedded itself within telecom backbones, ultimately snatching personal and operational data from just about every American. No exaggeration—if you’ve made a call or used a major provider, your data may be stashed somewhere in a server farm outside Shanghai.
At the same time, emergency alerts pinged inboxes from CISA late last night: new attack vectors targeting not just the energy grid, but also healthcare and financial sectors, using a novel hybrid approach. The technique? They used compromised U.S. networks, making their attacks appear domestic—evading NSA scrutiny and causing a whiplash response among incident response teams nationwide.
We also had a slice of old-meets-new: Chinese actors, via criminal proxies, launched spear-phishing campaigns in Microsoft Teams, impersonating senior U.S. lawmakers. The favorite identity this week was Rep. John Moolenaar—if you got a message requesting your “essential insights” on sanctions, delete it. The FBI is chasing this digital masquerade ball, but it’s a wild ride when attackers pivot so fast between spoofing and direct network exploitation.
Potential escalation? We’re already seeing secondary attacks—PDF-based infostealer malware slipping past classic filters and targeting mid-size enterprises. According to Black Arrow Cyber, this trend will continue, especially as more ransomware groups regroup under state protection. If the retaliation tit-for-tat escalates, critical systems—power, water, food supply—could see timed disruptions that look like technical failures but are anything but.
So what are we supposed to do while Beijing’s best are flexing? Start by banning external admin access where not vital—especially for anything critical. Disable remote cloud logins that rely on weak single-factor authentication, and verify every endpoint for traces of recent command-and-control activity. CISA and FBI insist on segmenting operational tech and running emergency patch cycles twice weekly. And please, please rehearse your incident response—don’t be the company tangled in forgotten test accounts while attackers waltz through your firewall.
Before I crash back to the cyber trenches: keep those alerts enabled, question everything odd in your inbox, and if someone claims to be your favorite representative sliding into your DMs, assume they’re probably plotting a supply chain attack.
Thanks for tuning in to your Red Alert update. Subscribe for more actionable intel—Ting out. This has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
Listeners, Ting here—your favorite cyber sleuth reporting straight from the front lines, and believe me, the red alerts have been relentless this week. If you tuned in thinking you could multitask on your phone and not pay attention, sorry, but things are moving way too fast for that today. Grab your two-factor codes and that emergency coffee, because China’s cyber operators, especially the infamous Salt Typhoon crew, have taken things up a notch.
Starting mid-last week, U.S. agencies and companies started registering an uptick in odd network pings and malformed data packets targeting power grids and telecoms. According to the latest from FBI briefings, the Salt Typhoon cyber-espionage campaign turned out to be the biggest, boldest move we've seen yet. Investigators uncovered that the breach wasn’t just a simple smash-and-grab—Salt Typhoon embedded itself within telecom backbones, ultimately snatching personal and operational data from just about every American. No exaggeration—if you’ve made a call or used a major provider, your data may be stashed somewhere in a server farm outside Shanghai.
At the same time, emergency alerts pinged inboxes from CISA late last night: new attack vectors targeting not just the energy grid, but also healthcare and financial sectors, using a novel hybrid approach. The technique? They used compromised U.S. networks, making their attacks appear domestic—evading NSA scrutiny and causing a whiplash response among incident response teams nationwide.
We also had a slice of old-meets-new: Chinese actors, via criminal proxies, launched spear-phishing campaigns in Microsoft Teams, impersonating senior U.S. lawmakers. The favorite identity this week was Rep. John Moolenaar—if you got a message requesting your “essential insights” on sanctions, delete it. The FBI is chasing this digital masquerade ball, but it’s a wild ride when attackers pivot so fast between spoofing and direct network exploitation.
Potential escalation? We’re already seeing secondary attacks—PDF-based infostealer malware slipping past classic filters and targeting mid-size enterprises. According to Black Arrow Cyber, this trend will continue, especially as more ransomware groups regroup under state protection. If the retaliation tit-for-tat escalates, critical systems—power, water, food supply—could see timed disruptions that look like technical failures but are anything but.
So what are we supposed to do while Beijing’s best are flexing? Start by banning external admin access where not vital—especially for anything critical. Disable remote cloud logins that rely on weak single-factor authentication, and verify every endpoint for traces of recent command-and-control activity. CISA and FBI insist on segmenting operational tech and running emergency patch cycles twice weekly. And please, please rehearse your incident response—don’t be the company tangled in forgotten test accounts while attackers waltz through your firewall.
Before I crash back to the cyber trenches: keep those alerts enabled, question everything odd in your inbox, and if someone claims to be your favorite representative sliding into your DMs, assume they’re probably plotting a supply chain attack.
Thanks for tuning in to your Red Alert update. Subscribe for more actionable intel—Ting out. This has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI