Sign up to save your podcasts
Or
Share DeepSeek Caught Red-Handed Cloning OpenAI While China Plants Wiretaps in Americas Telecom Backbone
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
DeepSeek Caught Red-Handed Cloning OpenAI While China Plants Wiretaps in Americas Telecom Backbone
This is your China Hack Report: Daily US Tech Defense podcast.
Hey listeners, Ting here with your China Hack Report: Daily US Tech Defense. Let’s jack straight into the last 24 hours.
According to Politico’s Morning Cybersecurity newsletter, lawmakers on the House Homeland Security cyber subcommittee are zeroing in on Chinese AI firms DeepSeek and Unitree Robotics after OpenAI and Anthropic accused them of “distillation attacks” to clone US foundation models. That sounds abstract, but it’s core US intellectual property being siphoned—exactly the kind of slow-burn exfiltration that turns into long‑term strategic advantage for Beijing across defense, finance, and energy.
Politico also notes that Representative Andy Ogles is tying this directly to earlier China‑nexus operations like the Salt Typhoon intrusion into American telecom networks, which gave China potential visibility into voice and data flows that underpin everything from 911 services to military logistics. Think of it as planting persistent wiretaps in the nervous system of US critical infrastructure.
Check Point Research just dropped a threat intelligence report that, while focused globally, highlights fresh China‑linked espionage tradecraft that US defenders should treat as “coming soon to a network near you.” They describe Camaro Dragon, a China‑nexus group, pushing PlugX and Cobalt Strike beacons via war‑themed lures and abused software update chains against government and energy entities in the Middle East and Qatar. Swap the target logo and that playbook maps perfectly onto US federal agencies and power grid operators.
Red Packet Security today flagged a live Cobalt Strike beacon hitting 47.109.198.8 on port 6000, infrastructure sitting in Chinese cloud space. On its own, that’s just telemetry, but chained with the Camaro Dragon report, it’s a reminder that commodity tools like Cobalt Strike are still the lingua franca of Chinese espionage inside US networks.
Infosecurity Magazine is also calling out a surge in fake shipment‑tracking scams riding on a Chinese‑language phishing‑as‑a‑service platform called Darcula, which has already hit government, postal, airline, and financial targets in over 100 countries. US agencies that handle citizen identity data and logistics—think USPS, state DMVs, even contractors for DHS—are prime collateral if those kits are repurposed with US‑branded skins.
On the defense side, CyberScoop reports a Booz Allen analysis warning that attackers are using AI frameworks like HexStrike to weaponize newly disclosed CVEs faster than defenders can patch. They explicitly call out CISA’s 15‑day remediation window for Known Exploited Vulnerabilities as too slow in an AI‑accelerated world, where something like a Citrix Netscaler flaw can be mass‑exploited in minutes. That’s not theoretical—China‑nexus groups have historically loved edge appliances for stealthy access.
So here’s what Ting wants you locking in on right now: follow CISA’s KEV catalog like it’s your heartbeat monitor; patch internet‑facing VPNs, Citrix, and SolarWinds gear on emergency timelines; hunt aggressively for PlugX and Cobalt Strike beacons, especially tied to Chinese IP space; tighten egress rules so model‑training data and code repos aren’t quietly dribbling into foreign AI labs; and train staff to spot “fake shipping” and AI‑tool lures that ultimately deliver infostealers into corporate environments.
That’s it for today’s China Hack Report: Daily US Tech Defense. Thanks for tuning in, and don’t forget to subscribe so Ting can keep your packets clean and your threat intel spicy. This has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
Hey listeners, Ting here with your China Hack Report: Daily US Tech Defense. Let’s jack straight into the last 24 hours.
According to Politico’s Morning Cybersecurity newsletter, lawmakers on the House Homeland Security cyber subcommittee are zeroing in on Chinese AI firms DeepSeek and Unitree Robotics after OpenAI and Anthropic accused them of “distillation attacks” to clone US foundation models. That sounds abstract, but it’s core US intellectual property being siphoned—exactly the kind of slow-burn exfiltration that turns into long‑term strategic advantage for Beijing across defense, finance, and energy.
Politico also notes that Representative Andy Ogles is tying this directly to earlier China‑nexus operations like the Salt Typhoon intrusion into American telecom networks, which gave China potential visibility into voice and data flows that underpin everything from 911 services to military logistics. Think of it as planting persistent wiretaps in the nervous system of US critical infrastructure.
Check Point Research just dropped a threat intelligence report that, while focused globally, highlights fresh China‑linked espionage tradecraft that US defenders should treat as “coming soon to a network near you.” They describe Camaro Dragon, a China‑nexus group, pushing PlugX and Cobalt Strike beacons via war‑themed lures and abused software update chains against government and energy entities in the Middle East and Qatar. Swap the target logo and that playbook maps perfectly onto US federal agencies and power grid operators.
Red Packet Security today flagged a live Cobalt Strike beacon hitting 47.109.198.8 on port 6000, infrastructure sitting in Chinese cloud space. On its own, that’s just telemetry, but chained with the Camaro Dragon report, it’s a reminder that commodity tools like Cobalt Strike are still the lingua franca of Chinese espionage inside US networks.
Infosecurity Magazine is also calling out a surge in fake shipment‑tracking scams riding on a Chinese‑language phishing‑as‑a‑service platform called Darcula, which has already hit government, postal, airline, and financial targets in over 100 countries. US agencies that handle citizen identity data and logistics—think USPS, state DMVs, even contractors for DHS—are prime collateral if those kits are repurposed with US‑branded skins.
On the defense side, CyberScoop reports a Booz Allen analysis warning that attackers are using AI frameworks like HexStrike to weaponize newly disclosed CVEs faster than defenders can patch. They explicitly call out CISA’s 15‑day remediation window for Known Exploited Vulnerabilities as too slow in an AI‑accelerated world, where something like a Citrix Netscaler flaw can be mass‑exploited in minutes. That’s not theoretical—China‑nexus groups have historically loved edge appliances for stealthy access.
So here’s what Ting wants you locking in on right now: follow CISA’s KEV catalog like it’s your heartbeat monitor; patch internet‑facing VPNs, Citrix, and SolarWinds gear on emergency timelines; hunt aggressively for PlugX and Cobalt Strike beacons, especially tied to Chinese IP space; tighten egress rules so model‑training data and code repos aren’t quietly dribbling into foreign AI labs; and train staff to spot “fake shipping” and AI‑tool lures that ultimately deliver infostealers into corporate environments.
That’s it for today’s China Hack Report: Daily US Tech Defense. Thanks for tuning in, and don’t forget to subscribe so Ting can keep your packets clean and your threat intel spicy. This has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
View all episodes
By Inception Point AiThis is your China Hack Report: Daily US Tech Defense podcast.
Hey listeners, Ting here with your China Hack Report: Daily US Tech Defense. Let’s jack straight into the last 24 hours.
According to Politico’s Morning Cybersecurity newsletter, lawmakers on the House Homeland Security cyber subcommittee are zeroing in on Chinese AI firms DeepSeek and Unitree Robotics after OpenAI and Anthropic accused them of “distillation attacks” to clone US foundation models. That sounds abstract, but it’s core US intellectual property being siphoned—exactly the kind of slow-burn exfiltration that turns into long‑term strategic advantage for Beijing across defense, finance, and energy.
Politico also notes that Representative Andy Ogles is tying this directly to earlier China‑nexus operations like the Salt Typhoon intrusion into American telecom networks, which gave China potential visibility into voice and data flows that underpin everything from 911 services to military logistics. Think of it as planting persistent wiretaps in the nervous system of US critical infrastructure.
Check Point Research just dropped a threat intelligence report that, while focused globally, highlights fresh China‑linked espionage tradecraft that US defenders should treat as “coming soon to a network near you.” They describe Camaro Dragon, a China‑nexus group, pushing PlugX and Cobalt Strike beacons via war‑themed lures and abused software update chains against government and energy entities in the Middle East and Qatar. Swap the target logo and that playbook maps perfectly onto US federal agencies and power grid operators.
Red Packet Security today flagged a live Cobalt Strike beacon hitting 47.109.198.8 on port 6000, infrastructure sitting in Chinese cloud space. On its own, that’s just telemetry, but chained with the Camaro Dragon report, it’s a reminder that commodity tools like Cobalt Strike are still the lingua franca of Chinese espionage inside US networks.
Infosecurity Magazine is also calling out a surge in fake shipment‑tracking scams riding on a Chinese‑language phishing‑as‑a‑service platform called Darcula, which has already hit government, postal, airline, and financial targets in over 100 countries. US agencies that handle citizen identity data and logistics—think USPS, state DMVs, even contractors for DHS—are prime collateral if those kits are repurposed with US‑branded skins.
On the defense side, CyberScoop reports a Booz Allen analysis warning that attackers are using AI frameworks like HexStrike to weaponize newly disclosed CVEs faster than defenders can patch. They explicitly call out CISA’s 15‑day remediation window for Known Exploited Vulnerabilities as too slow in an AI‑accelerated world, where something like a Citrix Netscaler flaw can be mass‑exploited in minutes. That’s not theoretical—China‑nexus groups have historically loved edge appliances for stealthy access.
So here’s what Ting wants you locking in on right now: follow CISA’s KEV catalog like it’s your heartbeat monitor; patch internet‑facing VPNs, Citrix, and SolarWinds gear on emergency timelines; hunt aggressively for PlugX and Cobalt Strike beacons, especially tied to Chinese IP space; tighten egress rules so model‑training data and code repos aren’t quietly dribbling into foreign AI labs; and train staff to spot “fake shipping” and AI‑tool lures that ultimately deliver infostealers into corporate environments.
That’s it for today’s China Hack Report: Daily US Tech Defense. Thanks for tuning in, and don’t forget to subscribe so Ting can keep your packets clean and your threat intel spicy. This has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
Hey listeners, Ting here with your China Hack Report: Daily US Tech Defense. Let’s jack straight into the last 24 hours.
According to Politico’s Morning Cybersecurity newsletter, lawmakers on the House Homeland Security cyber subcommittee are zeroing in on Chinese AI firms DeepSeek and Unitree Robotics after OpenAI and Anthropic accused them of “distillation attacks” to clone US foundation models. That sounds abstract, but it’s core US intellectual property being siphoned—exactly the kind of slow-burn exfiltration that turns into long‑term strategic advantage for Beijing across defense, finance, and energy.
Politico also notes that Representative Andy Ogles is tying this directly to earlier China‑nexus operations like the Salt Typhoon intrusion into American telecom networks, which gave China potential visibility into voice and data flows that underpin everything from 911 services to military logistics. Think of it as planting persistent wiretaps in the nervous system of US critical infrastructure.
Check Point Research just dropped a threat intelligence report that, while focused globally, highlights fresh China‑linked espionage tradecraft that US defenders should treat as “coming soon to a network near you.” They describe Camaro Dragon, a China‑nexus group, pushing PlugX and Cobalt Strike beacons via war‑themed lures and abused software update chains against government and energy entities in the Middle East and Qatar. Swap the target logo and that playbook maps perfectly onto US federal agencies and power grid operators.
Red Packet Security today flagged a live Cobalt Strike beacon hitting 47.109.198.8 on port 6000, infrastructure sitting in Chinese cloud space. On its own, that’s just telemetry, but chained with the Camaro Dragon report, it’s a reminder that commodity tools like Cobalt Strike are still the lingua franca of Chinese espionage inside US networks.
Infosecurity Magazine is also calling out a surge in fake shipment‑tracking scams riding on a Chinese‑language phishing‑as‑a‑service platform called Darcula, which has already hit government, postal, airline, and financial targets in over 100 countries. US agencies that handle citizen identity data and logistics—think USPS, state DMVs, even contractors for DHS—are prime collateral if those kits are repurposed with US‑branded skins.
On the defense side, CyberScoop reports a Booz Allen analysis warning that attackers are using AI frameworks like HexStrike to weaponize newly disclosed CVEs faster than defenders can patch. They explicitly call out CISA’s 15‑day remediation window for Known Exploited Vulnerabilities as too slow in an AI‑accelerated world, where something like a Citrix Netscaler flaw can be mass‑exploited in minutes. That’s not theoretical—China‑nexus groups have historically loved edge appliances for stealthy access.
So here’s what Ting wants you locking in on right now: follow CISA’s KEV catalog like it’s your heartbeat monitor; patch internet‑facing VPNs, Citrix, and SolarWinds gear on emergency timelines; hunt aggressively for PlugX and Cobalt Strike beacons, especially tied to Chinese IP space; tighten egress rules so model‑training data and code repos aren’t quietly dribbling into foreign AI labs; and train staff to spot “fake shipping” and AI‑tool lures that ultimately deliver infostealers into corporate environments.
That’s it for today’s China Hack Report: Daily US Tech Defense. Thanks for tuning in, and don’t forget to subscribe so Ting can keep your packets clean and your threat intel spicy. This has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI