Sign up to save your podcasts
Or
Share Panda Pandemonium: Backdoor Blowups, Firewall Fails, and Espionage Extravaganza!
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Panda Pandemonium: Backdoor Blowups, Firewall Fails, and Espionage Extravaganza!
This is your Digital Dragon Watch: Weekly China Cyber Alert podcast.
Listeners, Ting here and the cyber dragons have been anything but sleepy this week. Let's kick off with the bombshell out of Beijing: the Cyberspace Administration of China, or CAC, summoned Nvidia for a grilling after accusing the US of scheming to slip backdoors into Nvidia’s newest H20 chips. The backstory? The US Chip Security Act, pitched by Senator Tom Cotton, would force chipmakers to install tracking and remote shutdown systems in semiconductors headed for “unwelcome” destinations. While the law hasn’t passed, China’s top cyber sleuths are on red alert, pressing Nvidia to spill whether Washington might sneak backdoors into made-for-China chips. Nvidia, of course, is walking a global tightrope, debuting H20 chips explicitly to skirt US export controls, but is now caught in this chip chess match.
If that weren’t enough, China’s own CNCERT dropped a massive report last Thursday claiming US intelligence hackers, with techniques straight out of a spy thriller, breached Chinese military-industrial networks starting in 2022. The initial break-in exploited a zero-day flaw in Microsoft Exchange. These folks didn’t just pop in for a peek—they stuck around for almost a year. We’re talking stealthy malware, payloads zipped through WebSocket-wrapped SSH tunnels, and traffic bounced through anonymous European relay nodes. In wave two, between July and November last year, attackers hit a critical supply chain, manipulating Tomcat service filters and sneaking in Trojanized updates. The malware went hunting for keywords like “secret work” and “core network,” swiping sensitive diagrams and protocol blueprints. CNCERT spotted log wiping and active recon against military intrusion detection: this was sophisticated, persistent, and, frankly, scary.
Now, flipping the Great Firewall’s script, security researchers from University of Massachusetts Amherst and Stanford published a paper showing China’s recent attempt to upgrade censorship for new QUIC traffic backfired—leaving the infamous firewall vulnerable to “availability attacks.” Attackers could spoof packets to block DNS—shutting out access to non-Chinese DNS resolvers countrywide. The paper triggered a partial fix but not a full solution, and anti-censorship communities are already dissecting this new attack surface. For censorship engineers in China, it’s back to the blueprint.
Here at home, the Salt Typhoon attack plot twist is still sending shockwaves. Dr. Susan Landau exposed how Chinese hackers used the CALEA-mandated wiretap backdoors in U.S. telecoms to infiltrate senior campaign communications. In response, four Five Eyes countries—yes, including the FBI this time—urged everywhere encryption. The UK, in vintage style, declined to sign on and is looking to its own secret squirrel methods instead.
Let’s talk sector trends: according to CrowdStrike’s just-released Threat Hunting Report, China-nexus groups like GENESIS PANDA and GLACIAL PANDA are feasting on misconfigured clouds and embedding deeply in telecom networks. Cloud intrusions linked to China were up 40% in just half a year. Telecom espionage activity skyrocketed 130%. Eighty-one percent of attacks have ditched malware altogether for hands-on, interactive hacking. If your business is in government, telecom, or cloud, it’s open season—patch those servers, audit identity and access configurations, and get those activity logs under a magnifying glass.
The US, recognizing old patchwork isn’t enough, has green-lit a heavyweight commission, led by CSIS and Cyber Solarium alumni, to blueprint a possible independent Cyber Force. It’s less about hand-waving at cyberspace and more about ensuring trained, ready teams can repel the next big digital onslaught—whether panda-branded or from elsewhere.
So, three big takeaways: supply chain chips are the next espionage frontier, stealth hands-on hacking still rules, and government infrastructure enabled for lawful surveillance is also easy pickings for the bad guys. Experts are adamant: embrace the best encryption, minimize supply-chain dependency on foreign chips, and don’t let default cloud settings lull you into false security.
Thanks for tuning in to Digital Dragon Watch. Don’t forget to subscribe for next week’s cyber dragon tales. This has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
Listeners, Ting here and the cyber dragons have been anything but sleepy this week. Let's kick off with the bombshell out of Beijing: the Cyberspace Administration of China, or CAC, summoned Nvidia for a grilling after accusing the US of scheming to slip backdoors into Nvidia’s newest H20 chips. The backstory? The US Chip Security Act, pitched by Senator Tom Cotton, would force chipmakers to install tracking and remote shutdown systems in semiconductors headed for “unwelcome” destinations. While the law hasn’t passed, China’s top cyber sleuths are on red alert, pressing Nvidia to spill whether Washington might sneak backdoors into made-for-China chips. Nvidia, of course, is walking a global tightrope, debuting H20 chips explicitly to skirt US export controls, but is now caught in this chip chess match.
If that weren’t enough, China’s own CNCERT dropped a massive report last Thursday claiming US intelligence hackers, with techniques straight out of a spy thriller, breached Chinese military-industrial networks starting in 2022. The initial break-in exploited a zero-day flaw in Microsoft Exchange. These folks didn’t just pop in for a peek—they stuck around for almost a year. We’re talking stealthy malware, payloads zipped through WebSocket-wrapped SSH tunnels, and traffic bounced through anonymous European relay nodes. In wave two, between July and November last year, attackers hit a critical supply chain, manipulating Tomcat service filters and sneaking in Trojanized updates. The malware went hunting for keywords like “secret work” and “core network,” swiping sensitive diagrams and protocol blueprints. CNCERT spotted log wiping and active recon against military intrusion detection: this was sophisticated, persistent, and, frankly, scary.
Now, flipping the Great Firewall’s script, security researchers from University of Massachusetts Amherst and Stanford published a paper showing China’s recent attempt to upgrade censorship for new QUIC traffic backfired—leaving the infamous firewall vulnerable to “availability attacks.” Attackers could spoof packets to block DNS—shutting out access to non-Chinese DNS resolvers countrywide. The paper triggered a partial fix but not a full solution, and anti-censorship communities are already dissecting this new attack surface. For censorship engineers in China, it’s back to the blueprint.
Here at home, the Salt Typhoon attack plot twist is still sending shockwaves. Dr. Susan Landau exposed how Chinese hackers used the CALEA-mandated wiretap backdoors in U.S. telecoms to infiltrate senior campaign communications. In response, four Five Eyes countries—yes, including the FBI this time—urged everywhere encryption. The UK, in vintage style, declined to sign on and is looking to its own secret squirrel methods instead.
Let’s talk sector trends: according to CrowdStrike’s just-released Threat Hunting Report, China-nexus groups like GENESIS PANDA and GLACIAL PANDA are feasting on misconfigured clouds and embedding deeply in telecom networks. Cloud intrusions linked to China were up 40% in just half a year. Telecom espionage activity skyrocketed 130%. Eighty-one percent of attacks have ditched malware altogether for hands-on, interactive hacking. If your business is in government, telecom, or cloud, it’s open season—patch those servers, audit identity and access configurations, and get those activity logs under a magnifying glass.
The US, recognizing old patchwork isn’t enough, has green-lit a heavyweight commission, led by CSIS and Cyber Solarium alumni, to blueprint a possible independent Cyber Force. It’s less about hand-waving at cyberspace and more about ensuring trained, ready teams can repel the next big digital onslaught—whether panda-branded or from elsewhere.
So, three big takeaways: supply chain chips are the next espionage frontier, stealth hands-on hacking still rules, and government infrastructure enabled for lawful surveillance is also easy pickings for the bad guys. Experts are adamant: embrace the best encryption, minimize supply-chain dependency on foreign chips, and don’t let default cloud settings lull you into false security.
Thanks for tuning in to Digital Dragon Watch. Don’t forget to subscribe for next week’s cyber dragon tales. This has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
View all episodes
By Quiet. PleaseThis is your Digital Dragon Watch: Weekly China Cyber Alert podcast.
Listeners, Ting here and the cyber dragons have been anything but sleepy this week. Let's kick off with the bombshell out of Beijing: the Cyberspace Administration of China, or CAC, summoned Nvidia for a grilling after accusing the US of scheming to slip backdoors into Nvidia’s newest H20 chips. The backstory? The US Chip Security Act, pitched by Senator Tom Cotton, would force chipmakers to install tracking and remote shutdown systems in semiconductors headed for “unwelcome” destinations. While the law hasn’t passed, China’s top cyber sleuths are on red alert, pressing Nvidia to spill whether Washington might sneak backdoors into made-for-China chips. Nvidia, of course, is walking a global tightrope, debuting H20 chips explicitly to skirt US export controls, but is now caught in this chip chess match.
If that weren’t enough, China’s own CNCERT dropped a massive report last Thursday claiming US intelligence hackers, with techniques straight out of a spy thriller, breached Chinese military-industrial networks starting in 2022. The initial break-in exploited a zero-day flaw in Microsoft Exchange. These folks didn’t just pop in for a peek—they stuck around for almost a year. We’re talking stealthy malware, payloads zipped through WebSocket-wrapped SSH tunnels, and traffic bounced through anonymous European relay nodes. In wave two, between July and November last year, attackers hit a critical supply chain, manipulating Tomcat service filters and sneaking in Trojanized updates. The malware went hunting for keywords like “secret work” and “core network,” swiping sensitive diagrams and protocol blueprints. CNCERT spotted log wiping and active recon against military intrusion detection: this was sophisticated, persistent, and, frankly, scary.
Now, flipping the Great Firewall’s script, security researchers from University of Massachusetts Amherst and Stanford published a paper showing China’s recent attempt to upgrade censorship for new QUIC traffic backfired—leaving the infamous firewall vulnerable to “availability attacks.” Attackers could spoof packets to block DNS—shutting out access to non-Chinese DNS resolvers countrywide. The paper triggered a partial fix but not a full solution, and anti-censorship communities are already dissecting this new attack surface. For censorship engineers in China, it’s back to the blueprint.
Here at home, the Salt Typhoon attack plot twist is still sending shockwaves. Dr. Susan Landau exposed how Chinese hackers used the CALEA-mandated wiretap backdoors in U.S. telecoms to infiltrate senior campaign communications. In response, four Five Eyes countries—yes, including the FBI this time—urged everywhere encryption. The UK, in vintage style, declined to sign on and is looking to its own secret squirrel methods instead.
Let’s talk sector trends: according to CrowdStrike’s just-released Threat Hunting Report, China-nexus groups like GENESIS PANDA and GLACIAL PANDA are feasting on misconfigured clouds and embedding deeply in telecom networks. Cloud intrusions linked to China were up 40% in just half a year. Telecom espionage activity skyrocketed 130%. Eighty-one percent of attacks have ditched malware altogether for hands-on, interactive hacking. If your business is in government, telecom, or cloud, it’s open season—patch those servers, audit identity and access configurations, and get those activity logs under a magnifying glass.
The US, recognizing old patchwork isn’t enough, has green-lit a heavyweight commission, led by CSIS and Cyber Solarium alumni, to blueprint a possible independent Cyber Force. It’s less about hand-waving at cyberspace and more about ensuring trained, ready teams can repel the next big digital onslaught—whether panda-branded or from elsewhere.
So, three big takeaways: supply chain chips are the next espionage frontier, stealth hands-on hacking still rules, and government infrastructure enabled for lawful surveillance is also easy pickings for the bad guys. Experts are adamant: embrace the best encryption, minimize supply-chain dependency on foreign chips, and don’t let default cloud settings lull you into false security.
Thanks for tuning in to Digital Dragon Watch. Don’t forget to subscribe for next week’s cyber dragon tales. This has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
Listeners, Ting here and the cyber dragons have been anything but sleepy this week. Let's kick off with the bombshell out of Beijing: the Cyberspace Administration of China, or CAC, summoned Nvidia for a grilling after accusing the US of scheming to slip backdoors into Nvidia’s newest H20 chips. The backstory? The US Chip Security Act, pitched by Senator Tom Cotton, would force chipmakers to install tracking and remote shutdown systems in semiconductors headed for “unwelcome” destinations. While the law hasn’t passed, China’s top cyber sleuths are on red alert, pressing Nvidia to spill whether Washington might sneak backdoors into made-for-China chips. Nvidia, of course, is walking a global tightrope, debuting H20 chips explicitly to skirt US export controls, but is now caught in this chip chess match.
If that weren’t enough, China’s own CNCERT dropped a massive report last Thursday claiming US intelligence hackers, with techniques straight out of a spy thriller, breached Chinese military-industrial networks starting in 2022. The initial break-in exploited a zero-day flaw in Microsoft Exchange. These folks didn’t just pop in for a peek—they stuck around for almost a year. We’re talking stealthy malware, payloads zipped through WebSocket-wrapped SSH tunnels, and traffic bounced through anonymous European relay nodes. In wave two, between July and November last year, attackers hit a critical supply chain, manipulating Tomcat service filters and sneaking in Trojanized updates. The malware went hunting for keywords like “secret work” and “core network,” swiping sensitive diagrams and protocol blueprints. CNCERT spotted log wiping and active recon against military intrusion detection: this was sophisticated, persistent, and, frankly, scary.
Now, flipping the Great Firewall’s script, security researchers from University of Massachusetts Amherst and Stanford published a paper showing China’s recent attempt to upgrade censorship for new QUIC traffic backfired—leaving the infamous firewall vulnerable to “availability attacks.” Attackers could spoof packets to block DNS—shutting out access to non-Chinese DNS resolvers countrywide. The paper triggered a partial fix but not a full solution, and anti-censorship communities are already dissecting this new attack surface. For censorship engineers in China, it’s back to the blueprint.
Here at home, the Salt Typhoon attack plot twist is still sending shockwaves. Dr. Susan Landau exposed how Chinese hackers used the CALEA-mandated wiretap backdoors in U.S. telecoms to infiltrate senior campaign communications. In response, four Five Eyes countries—yes, including the FBI this time—urged everywhere encryption. The UK, in vintage style, declined to sign on and is looking to its own secret squirrel methods instead.
Let’s talk sector trends: according to CrowdStrike’s just-released Threat Hunting Report, China-nexus groups like GENESIS PANDA and GLACIAL PANDA are feasting on misconfigured clouds and embedding deeply in telecom networks. Cloud intrusions linked to China were up 40% in just half a year. Telecom espionage activity skyrocketed 130%. Eighty-one percent of attacks have ditched malware altogether for hands-on, interactive hacking. If your business is in government, telecom, or cloud, it’s open season—patch those servers, audit identity and access configurations, and get those activity logs under a magnifying glass.
The US, recognizing old patchwork isn’t enough, has green-lit a heavyweight commission, led by CSIS and Cyber Solarium alumni, to blueprint a possible independent Cyber Force. It’s less about hand-waving at cyberspace and more about ensuring trained, ready teams can repel the next big digital onslaught—whether panda-branded or from elsewhere.
So, three big takeaways: supply chain chips are the next espionage frontier, stealth hands-on hacking still rules, and government infrastructure enabled for lawful surveillance is also easy pickings for the bad guys. Experts are adamant: embrace the best encryption, minimize supply-chain dependency on foreign chips, and don’t let default cloud settings lull you into false security.
Thanks for tuning in to Digital Dragon Watch. Don’t forget to subscribe for next week’s cyber dragon tales. This has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta