Sign up to save your podcasts
Or
Share Salt Typhoon Hacks Haunt Telcos | FCC Rethinks Security | China Cracks Down on Data Skeletons
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Salt Typhoon Hacks Haunt Telcos | FCC Rethinks Security | China Cracks Down on Data Skeletons
This is your Digital Dragon Watch: Weekly China Cyber Alert podcast.
Happy Halloween, listeners! Or as I like to call it, the perfect day for a Digital Dragon cyber scare. I’m Ting and this is your weekly China Cyber Alert, breaking down the past seven days in infosec with just enough wit to keep you awake, even if you stayed up all night patching vulnerabilities.
The big headline: Salt Typhoon is giving telecom execs more nightmares than the new reboot of The Ring. This Chinese cyberespionage group has been living rent-free in the servers of Ribbon Communications, not for weeks, but for months. Ribbon is basically the backbone for major phone and internet providers—think AT&T, Verizon, even Lumen and some Canadian outfits. The U.S. government says Salt Typhoon, which reports pin back to the Ministry of State Security, was hunting for phone records and call data on senior officials. Why? Well, if you ask U.S. intelligence, it’s all in prep for any future friction over Taiwan. According to TechCrunch, these hackers were only recently discovered after stealing who-knows-how-much data since December 2024. They’ve targeted more than 200 U.S. companies so far, and the campaign is a global affair[TechCrunch].
The FCC, with Chairman Brendan Carr at the helm, thinks telecom security rules brought in during the closing months of the Biden administration may be a swing and a miss. These rules forced telcos to lock down wiretap request systems—where law enforcement demands data—and required annual security posture check-ins. But Carr argues it’s regulatory overkill that “exceeded the agency’s authority.” So, next month, the FCC might pull back on these requirements[Nextgov]. Some cybersecurity folks think that’s like leaving the candy bowl unattended on Halloween: asking for mischief, given Salt Typhoon’s recent rampage.
On the China side, the Ministry of Public Security released six new cases from its “Cybersecurity Protection - 2025” campaign. The focus: corporate data skeletons in the closet. Shanghai CAC, along with several ministries, is clamping down on facial recognition and surveillance, especially in high-traffic commercial zones. The MPS handed out fines to a luxury brand and an AI provider for botching personal information protection—yes, even fancy shopping apps need to worry about data privacy these days. The Cyberspace Administration is rolling out draft provisions to beef up oversight for giant internet platforms, with fresh standards for cross-border personal data[TwoBirds].
Meanwhile, in D.C., the FCC just voted unanimously to close lingering loopholes that let Huawei, ZTE, and other blacklisted Chinese manufacturers sneak gear into the U.S. The updated ban catches components, not just branded boxes. Millions of unauthorized listings have vanished from U.S. websites. Brendan Carr summed it up: foreign adversaries will exploit any digital open window. Still, some on the vendor side say the FCC is going too far, hurting small businesses relying on cheap Chinese tech[Tech Policy Press].
Now, how do you stay out of the Salt Typhoon’s crosshairs? Experts stress zero trust and constant monitoring. Assume every router and switch might have a hidden dragon waiting to exhale malicious packets. Patch, log, audit, repeat. NIST’s latest report urges scrutiny for Chinese-made generative AI solutions like DeepSeek, warning about possible code-level backdoors. For organizations in telecom, cloud infrastructure, and retail, treat any new device with suspicion and schedule that penetration test before the weekend. Also, consider endpoint security that spots anomalous traffic, and brush up on incident response plans—because if Salt Typhoon isn’t in your logs now, you can bet they’re knocking.
Thanks for spending your cyber minute with me, Ting. Don’t forget to subscribe, because every week the dragons get sneakier. This has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
Happy Halloween, listeners! Or as I like to call it, the perfect day for a Digital Dragon cyber scare. I’m Ting and this is your weekly China Cyber Alert, breaking down the past seven days in infosec with just enough wit to keep you awake, even if you stayed up all night patching vulnerabilities.
The big headline: Salt Typhoon is giving telecom execs more nightmares than the new reboot of The Ring. This Chinese cyberespionage group has been living rent-free in the servers of Ribbon Communications, not for weeks, but for months. Ribbon is basically the backbone for major phone and internet providers—think AT&T, Verizon, even Lumen and some Canadian outfits. The U.S. government says Salt Typhoon, which reports pin back to the Ministry of State Security, was hunting for phone records and call data on senior officials. Why? Well, if you ask U.S. intelligence, it’s all in prep for any future friction over Taiwan. According to TechCrunch, these hackers were only recently discovered after stealing who-knows-how-much data since December 2024. They’ve targeted more than 200 U.S. companies so far, and the campaign is a global affair[TechCrunch].
The FCC, with Chairman Brendan Carr at the helm, thinks telecom security rules brought in during the closing months of the Biden administration may be a swing and a miss. These rules forced telcos to lock down wiretap request systems—where law enforcement demands data—and required annual security posture check-ins. But Carr argues it’s regulatory overkill that “exceeded the agency’s authority.” So, next month, the FCC might pull back on these requirements[Nextgov]. Some cybersecurity folks think that’s like leaving the candy bowl unattended on Halloween: asking for mischief, given Salt Typhoon’s recent rampage.
On the China side, the Ministry of Public Security released six new cases from its “Cybersecurity Protection - 2025” campaign. The focus: corporate data skeletons in the closet. Shanghai CAC, along with several ministries, is clamping down on facial recognition and surveillance, especially in high-traffic commercial zones. The MPS handed out fines to a luxury brand and an AI provider for botching personal information protection—yes, even fancy shopping apps need to worry about data privacy these days. The Cyberspace Administration is rolling out draft provisions to beef up oversight for giant internet platforms, with fresh standards for cross-border personal data[TwoBirds].
Meanwhile, in D.C., the FCC just voted unanimously to close lingering loopholes that let Huawei, ZTE, and other blacklisted Chinese manufacturers sneak gear into the U.S. The updated ban catches components, not just branded boxes. Millions of unauthorized listings have vanished from U.S. websites. Brendan Carr summed it up: foreign adversaries will exploit any digital open window. Still, some on the vendor side say the FCC is going too far, hurting small businesses relying on cheap Chinese tech[Tech Policy Press].
Now, how do you stay out of the Salt Typhoon’s crosshairs? Experts stress zero trust and constant monitoring. Assume every router and switch might have a hidden dragon waiting to exhale malicious packets. Patch, log, audit, repeat. NIST’s latest report urges scrutiny for Chinese-made generative AI solutions like DeepSeek, warning about possible code-level backdoors. For organizations in telecom, cloud infrastructure, and retail, treat any new device with suspicion and schedule that penetration test before the weekend. Also, consider endpoint security that spots anomalous traffic, and brush up on incident response plans—because if Salt Typhoon isn’t in your logs now, you can bet they’re knocking.
Thanks for spending your cyber minute with me, Ting. Don’t forget to subscribe, because every week the dragons get sneakier. This has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
View all episodes
By Inception Point AiThis is your Digital Dragon Watch: Weekly China Cyber Alert podcast.
Happy Halloween, listeners! Or as I like to call it, the perfect day for a Digital Dragon cyber scare. I’m Ting and this is your weekly China Cyber Alert, breaking down the past seven days in infosec with just enough wit to keep you awake, even if you stayed up all night patching vulnerabilities.
The big headline: Salt Typhoon is giving telecom execs more nightmares than the new reboot of The Ring. This Chinese cyberespionage group has been living rent-free in the servers of Ribbon Communications, not for weeks, but for months. Ribbon is basically the backbone for major phone and internet providers—think AT&T, Verizon, even Lumen and some Canadian outfits. The U.S. government says Salt Typhoon, which reports pin back to the Ministry of State Security, was hunting for phone records and call data on senior officials. Why? Well, if you ask U.S. intelligence, it’s all in prep for any future friction over Taiwan. According to TechCrunch, these hackers were only recently discovered after stealing who-knows-how-much data since December 2024. They’ve targeted more than 200 U.S. companies so far, and the campaign is a global affair[TechCrunch].
The FCC, with Chairman Brendan Carr at the helm, thinks telecom security rules brought in during the closing months of the Biden administration may be a swing and a miss. These rules forced telcos to lock down wiretap request systems—where law enforcement demands data—and required annual security posture check-ins. But Carr argues it’s regulatory overkill that “exceeded the agency’s authority.” So, next month, the FCC might pull back on these requirements[Nextgov]. Some cybersecurity folks think that’s like leaving the candy bowl unattended on Halloween: asking for mischief, given Salt Typhoon’s recent rampage.
On the China side, the Ministry of Public Security released six new cases from its “Cybersecurity Protection - 2025” campaign. The focus: corporate data skeletons in the closet. Shanghai CAC, along with several ministries, is clamping down on facial recognition and surveillance, especially in high-traffic commercial zones. The MPS handed out fines to a luxury brand and an AI provider for botching personal information protection—yes, even fancy shopping apps need to worry about data privacy these days. The Cyberspace Administration is rolling out draft provisions to beef up oversight for giant internet platforms, with fresh standards for cross-border personal data[TwoBirds].
Meanwhile, in D.C., the FCC just voted unanimously to close lingering loopholes that let Huawei, ZTE, and other blacklisted Chinese manufacturers sneak gear into the U.S. The updated ban catches components, not just branded boxes. Millions of unauthorized listings have vanished from U.S. websites. Brendan Carr summed it up: foreign adversaries will exploit any digital open window. Still, some on the vendor side say the FCC is going too far, hurting small businesses relying on cheap Chinese tech[Tech Policy Press].
Now, how do you stay out of the Salt Typhoon’s crosshairs? Experts stress zero trust and constant monitoring. Assume every router and switch might have a hidden dragon waiting to exhale malicious packets. Patch, log, audit, repeat. NIST’s latest report urges scrutiny for Chinese-made generative AI solutions like DeepSeek, warning about possible code-level backdoors. For organizations in telecom, cloud infrastructure, and retail, treat any new device with suspicion and schedule that penetration test before the weekend. Also, consider endpoint security that spots anomalous traffic, and brush up on incident response plans—because if Salt Typhoon isn’t in your logs now, you can bet they’re knocking.
Thanks for spending your cyber minute with me, Ting. Don’t forget to subscribe, because every week the dragons get sneakier. This has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
Happy Halloween, listeners! Or as I like to call it, the perfect day for a Digital Dragon cyber scare. I’m Ting and this is your weekly China Cyber Alert, breaking down the past seven days in infosec with just enough wit to keep you awake, even if you stayed up all night patching vulnerabilities.
The big headline: Salt Typhoon is giving telecom execs more nightmares than the new reboot of The Ring. This Chinese cyberespionage group has been living rent-free in the servers of Ribbon Communications, not for weeks, but for months. Ribbon is basically the backbone for major phone and internet providers—think AT&T, Verizon, even Lumen and some Canadian outfits. The U.S. government says Salt Typhoon, which reports pin back to the Ministry of State Security, was hunting for phone records and call data on senior officials. Why? Well, if you ask U.S. intelligence, it’s all in prep for any future friction over Taiwan. According to TechCrunch, these hackers were only recently discovered after stealing who-knows-how-much data since December 2024. They’ve targeted more than 200 U.S. companies so far, and the campaign is a global affair[TechCrunch].
The FCC, with Chairman Brendan Carr at the helm, thinks telecom security rules brought in during the closing months of the Biden administration may be a swing and a miss. These rules forced telcos to lock down wiretap request systems—where law enforcement demands data—and required annual security posture check-ins. But Carr argues it’s regulatory overkill that “exceeded the agency’s authority.” So, next month, the FCC might pull back on these requirements[Nextgov]. Some cybersecurity folks think that’s like leaving the candy bowl unattended on Halloween: asking for mischief, given Salt Typhoon’s recent rampage.
On the China side, the Ministry of Public Security released six new cases from its “Cybersecurity Protection - 2025” campaign. The focus: corporate data skeletons in the closet. Shanghai CAC, along with several ministries, is clamping down on facial recognition and surveillance, especially in high-traffic commercial zones. The MPS handed out fines to a luxury brand and an AI provider for botching personal information protection—yes, even fancy shopping apps need to worry about data privacy these days. The Cyberspace Administration is rolling out draft provisions to beef up oversight for giant internet platforms, with fresh standards for cross-border personal data[TwoBirds].
Meanwhile, in D.C., the FCC just voted unanimously to close lingering loopholes that let Huawei, ZTE, and other blacklisted Chinese manufacturers sneak gear into the U.S. The updated ban catches components, not just branded boxes. Millions of unauthorized listings have vanished from U.S. websites. Brendan Carr summed it up: foreign adversaries will exploit any digital open window. Still, some on the vendor side say the FCC is going too far, hurting small businesses relying on cheap Chinese tech[Tech Policy Press].
Now, how do you stay out of the Salt Typhoon’s crosshairs? Experts stress zero trust and constant monitoring. Assume every router and switch might have a hidden dragon waiting to exhale malicious packets. Patch, log, audit, repeat. NIST’s latest report urges scrutiny for Chinese-made generative AI solutions like DeepSeek, warning about possible code-level backdoors. For organizations in telecom, cloud infrastructure, and retail, treat any new device with suspicion and schedule that penetration test before the weekend. Also, consider endpoint security that spots anomalous traffic, and brush up on incident response plans—because if Salt Typhoon isn’t in your logs now, you can bet they’re knocking.
Thanks for spending your cyber minute with me, Ting. Don’t forget to subscribe, because every week the dragons get sneakier. This has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI