Sign up to save your podcasts
Or
Share Dragon's Code Decoded: Beijing's Botnet Buffet Serves Up FBI Hacks and Medical Mayhem
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Dragon's Code Decoded: Beijing's Botnet Buffet Serves Up FBI Hacks and Medical Mayhem
This is your Dragon's Code: America Under Cyber Siege podcast.
Hey listeners, it's Ting here, your go-to gal for all things China cyber chaos and hacker hijinks. Picture this: I'm hunkered down in my digital war room, screens flickering with the latest intel on Dragon's Code—America under cyber siege from Beijing's slickest ops this past week. Buckle up, because March 2026 has been a wild ride of botnets, backdoors, and big brother vibes.
Flash to Monday: whispers from the U.S. Senate Intelligence Committee docs hit my feeds, warning that China and Russia are the top dogs pounding U.S. critical infrastructure for intel grabs and disruption prep. But the real fireworks? Tuesday's bombshell—Kaseya's breach roundup spotlighted China-linked hackers slamming Stryker's medical gear and even the FBI's networks. Attack methodology? Classic Flax Typhoon playbook: exploiting unpatched public-facing apps for remote code execution, then bootstrapping persistence with autostart scripts. Affected systems? Power grids, healthcare like Stryker's surgical robots, and federal email servers echoing that old Salt Typhoon infiltration of U.S. telecoms.
Attribution evidence is ironclad—FBI and U.S. Treasury fingerprints all over Integrity Technology Group, the backbone of the Raptor Train botnet that ballooned to 260,000 zombie devices by early '25. ProPublica dug deep too, exposing how Microsoft's GCC High cloud—now propping up Justice and Energy Depts—got the FedRAMP greenlight despite "unknown unknowns" and prior Chinese breaches stealing Cabinet emails. Tony Sager, ex-NSA wizard at the Center for Internet Security, called it a "not happy story" for U.S. security, slamming the deference to Big Tech amid China-based engineers tinkering with sensitive data.
Defensive measures kicked in fast: CISA pushed network segmentation and IOC monitoring for Raptor Train C2 traffic, while Justice yanked foreign access post-ProPublica exposé. Eric Mill, ex-GSA cloud boss, griped that FedRAMP went soft, authorizing anyway since agencies were already hooked. Lessons learned? Patch like your life depends on it—exploits like T1190 are low-hanging fruit. Experts like Alissa Knight warn of machine-to-machine risks amplifying this; one compromised AI robotics platform, per House Homeland Security hearings, and Beijing's surveilling your factory floor.
Wednesday amps it up: EU Council slaps sanctions on Integrity Tech and Anxun Information—aka i-Soon—right after U.S. moves, for hacker-for-hire hits on critical infra. Pierluigi Paganini at SecurityAffairs nailed it: these ops blend espionage with disruption, using spearphishing and web exfil like MITRE's T1566 and T1567. Microsoft's fumbling FedRAMP review? A wake-up: vendor trust is a vulnerability.
Listeners, stay vigilant—segment networks, hunt IOCs, and demand real audits. China’s not slowing; they’re scaling. Thanks for tuning in—subscribe for more cyber spice! This has been a Quiet Please production, for more check out quietplease.ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
Hey listeners, it's Ting here, your go-to gal for all things China cyber chaos and hacker hijinks. Picture this: I'm hunkered down in my digital war room, screens flickering with the latest intel on Dragon's Code—America under cyber siege from Beijing's slickest ops this past week. Buckle up, because March 2026 has been a wild ride of botnets, backdoors, and big brother vibes.
Flash to Monday: whispers from the U.S. Senate Intelligence Committee docs hit my feeds, warning that China and Russia are the top dogs pounding U.S. critical infrastructure for intel grabs and disruption prep. But the real fireworks? Tuesday's bombshell—Kaseya's breach roundup spotlighted China-linked hackers slamming Stryker's medical gear and even the FBI's networks. Attack methodology? Classic Flax Typhoon playbook: exploiting unpatched public-facing apps for remote code execution, then bootstrapping persistence with autostart scripts. Affected systems? Power grids, healthcare like Stryker's surgical robots, and federal email servers echoing that old Salt Typhoon infiltration of U.S. telecoms.
Attribution evidence is ironclad—FBI and U.S. Treasury fingerprints all over Integrity Technology Group, the backbone of the Raptor Train botnet that ballooned to 260,000 zombie devices by early '25. ProPublica dug deep too, exposing how Microsoft's GCC High cloud—now propping up Justice and Energy Depts—got the FedRAMP greenlight despite "unknown unknowns" and prior Chinese breaches stealing Cabinet emails. Tony Sager, ex-NSA wizard at the Center for Internet Security, called it a "not happy story" for U.S. security, slamming the deference to Big Tech amid China-based engineers tinkering with sensitive data.
Defensive measures kicked in fast: CISA pushed network segmentation and IOC monitoring for Raptor Train C2 traffic, while Justice yanked foreign access post-ProPublica exposé. Eric Mill, ex-GSA cloud boss, griped that FedRAMP went soft, authorizing anyway since agencies were already hooked. Lessons learned? Patch like your life depends on it—exploits like T1190 are low-hanging fruit. Experts like Alissa Knight warn of machine-to-machine risks amplifying this; one compromised AI robotics platform, per House Homeland Security hearings, and Beijing's surveilling your factory floor.
Wednesday amps it up: EU Council slaps sanctions on Integrity Tech and Anxun Information—aka i-Soon—right after U.S. moves, for hacker-for-hire hits on critical infra. Pierluigi Paganini at SecurityAffairs nailed it: these ops blend espionage with disruption, using spearphishing and web exfil like MITRE's T1566 and T1567. Microsoft's fumbling FedRAMP review? A wake-up: vendor trust is a vulnerability.
Listeners, stay vigilant—segment networks, hunt IOCs, and demand real audits. China’s not slowing; they’re scaling. Thanks for tuning in—subscribe for more cyber spice! This has been a Quiet Please production, for more check out quietplease.ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
View all episodes
By Inception Point AiThis is your Dragon's Code: America Under Cyber Siege podcast.
Hey listeners, it's Ting here, your go-to gal for all things China cyber chaos and hacker hijinks. Picture this: I'm hunkered down in my digital war room, screens flickering with the latest intel on Dragon's Code—America under cyber siege from Beijing's slickest ops this past week. Buckle up, because March 2026 has been a wild ride of botnets, backdoors, and big brother vibes.
Flash to Monday: whispers from the U.S. Senate Intelligence Committee docs hit my feeds, warning that China and Russia are the top dogs pounding U.S. critical infrastructure for intel grabs and disruption prep. But the real fireworks? Tuesday's bombshell—Kaseya's breach roundup spotlighted China-linked hackers slamming Stryker's medical gear and even the FBI's networks. Attack methodology? Classic Flax Typhoon playbook: exploiting unpatched public-facing apps for remote code execution, then bootstrapping persistence with autostart scripts. Affected systems? Power grids, healthcare like Stryker's surgical robots, and federal email servers echoing that old Salt Typhoon infiltration of U.S. telecoms.
Attribution evidence is ironclad—FBI and U.S. Treasury fingerprints all over Integrity Technology Group, the backbone of the Raptor Train botnet that ballooned to 260,000 zombie devices by early '25. ProPublica dug deep too, exposing how Microsoft's GCC High cloud—now propping up Justice and Energy Depts—got the FedRAMP greenlight despite "unknown unknowns" and prior Chinese breaches stealing Cabinet emails. Tony Sager, ex-NSA wizard at the Center for Internet Security, called it a "not happy story" for U.S. security, slamming the deference to Big Tech amid China-based engineers tinkering with sensitive data.
Defensive measures kicked in fast: CISA pushed network segmentation and IOC monitoring for Raptor Train C2 traffic, while Justice yanked foreign access post-ProPublica exposé. Eric Mill, ex-GSA cloud boss, griped that FedRAMP went soft, authorizing anyway since agencies were already hooked. Lessons learned? Patch like your life depends on it—exploits like T1190 are low-hanging fruit. Experts like Alissa Knight warn of machine-to-machine risks amplifying this; one compromised AI robotics platform, per House Homeland Security hearings, and Beijing's surveilling your factory floor.
Wednesday amps it up: EU Council slaps sanctions on Integrity Tech and Anxun Information—aka i-Soon—right after U.S. moves, for hacker-for-hire hits on critical infra. Pierluigi Paganini at SecurityAffairs nailed it: these ops blend espionage with disruption, using spearphishing and web exfil like MITRE's T1566 and T1567. Microsoft's fumbling FedRAMP review? A wake-up: vendor trust is a vulnerability.
Listeners, stay vigilant—segment networks, hunt IOCs, and demand real audits. China’s not slowing; they’re scaling. Thanks for tuning in—subscribe for more cyber spice! This has been a Quiet Please production, for more check out quietplease.ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
Hey listeners, it's Ting here, your go-to gal for all things China cyber chaos and hacker hijinks. Picture this: I'm hunkered down in my digital war room, screens flickering with the latest intel on Dragon's Code—America under cyber siege from Beijing's slickest ops this past week. Buckle up, because March 2026 has been a wild ride of botnets, backdoors, and big brother vibes.
Flash to Monday: whispers from the U.S. Senate Intelligence Committee docs hit my feeds, warning that China and Russia are the top dogs pounding U.S. critical infrastructure for intel grabs and disruption prep. But the real fireworks? Tuesday's bombshell—Kaseya's breach roundup spotlighted China-linked hackers slamming Stryker's medical gear and even the FBI's networks. Attack methodology? Classic Flax Typhoon playbook: exploiting unpatched public-facing apps for remote code execution, then bootstrapping persistence with autostart scripts. Affected systems? Power grids, healthcare like Stryker's surgical robots, and federal email servers echoing that old Salt Typhoon infiltration of U.S. telecoms.
Attribution evidence is ironclad—FBI and U.S. Treasury fingerprints all over Integrity Technology Group, the backbone of the Raptor Train botnet that ballooned to 260,000 zombie devices by early '25. ProPublica dug deep too, exposing how Microsoft's GCC High cloud—now propping up Justice and Energy Depts—got the FedRAMP greenlight despite "unknown unknowns" and prior Chinese breaches stealing Cabinet emails. Tony Sager, ex-NSA wizard at the Center for Internet Security, called it a "not happy story" for U.S. security, slamming the deference to Big Tech amid China-based engineers tinkering with sensitive data.
Defensive measures kicked in fast: CISA pushed network segmentation and IOC monitoring for Raptor Train C2 traffic, while Justice yanked foreign access post-ProPublica exposé. Eric Mill, ex-GSA cloud boss, griped that FedRAMP went soft, authorizing anyway since agencies were already hooked. Lessons learned? Patch like your life depends on it—exploits like T1190 are low-hanging fruit. Experts like Alissa Knight warn of machine-to-machine risks amplifying this; one compromised AI robotics platform, per House Homeland Security hearings, and Beijing's surveilling your factory floor.
Wednesday amps it up: EU Council slaps sanctions on Integrity Tech and Anxun Information—aka i-Soon—right after U.S. moves, for hacker-for-hire hits on critical infra. Pierluigi Paganini at SecurityAffairs nailed it: these ops blend espionage with disruption, using spearphishing and web exfil like MITRE's T1566 and T1567. Microsoft's fumbling FedRAMP review? A wake-up: vendor trust is a vulnerability.
Listeners, stay vigilant—segment networks, hunt IOCs, and demand real audits. China’s not slowing; they’re scaling. Thanks for tuning in—subscribe for more cyber spice! This has been a Quiet Please production, for more check out quietplease.ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI