Sign up to save your podcasts
Or
Share Salt Typhoon Storms the US: China's Epic Hack Attack Rocks Telecoms and Campaigns
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Salt Typhoon Storms the US: China's Epic Hack Attack Rocks Telecoms and Campaigns
This is your Dragon's Code: America Under Cyber Siege podcast.
Listeners, strap in. I’m Ting—cyber sleuth, China whisperer, and lover of real-time packet captures. Today’s episode? Dragon’s Code: America Under Cyber Siege, where the only firewall that truly matters is the one you haven’t patched.
Let’s dig right in—because as of this week, America’s digital infrastructure has been under siege by what Senator Mark Warner aptly described as “the worst telecom hack in our nation’s history.” The culprit? Salt Typhoon—a Chinese state-backed cyber-espionage juggernaut. We’re talking breaches at Verizon, AT&T, and T-Mobile. That's nearly 400 million subscribers in the blast radius, which means if you’ve dialed, texted, or stepped within cell tower range, Salt Typhoon probably has your number, literally. Former FBI director Christopher Wray didn’t sugarcoat it; he called this “the most significant cyber espionage campaign in history.”
Now, how did Salt Typhoon pull it off? They surfed on the back of zero-days—those digital unicorns—hitting Microsoft SharePoint servers with a vulnerability known as CVE-2025-53770, a.k.a. ToolShell. Before Microsoft got the patch out, Salt Typhoon, along with crews like Linen Typhoon and Violet Typhoon, broke in, targeting not just telecoms but government agencies, universities, and even the US Energy Department. Once inside, they unleashed custom malware like Zingdoor and weaponized sideloading tricks, where a legit bug-tracking app called ‘mantec.exe’ helped sneak in nasty code. Bonus points for using legitimate software to hide the mayhem.
Attribution is no longer a whodunit. Microsoft, Symantec, and Carbon Black trace the attacks right to Beijing’s doorstep and even name the groups—APT27, APT31, Salt Typhoon, and their shadowy affiliate UNC5221. These folks went after not just infrastructure but the political process. That’s right: 2024 election interference included efforts to compromise candidates’ personal devices and sniff out confidential law enforcement communications.
How did American defenders fare? CISA, the FBI, and Treasury’s OFAC ran coordinated countermeasures—targeting compromised routers, probing command-and-control servers, and hitting Chinese front firms with sanctions. In fact, Sichuan Juxinhe and other network tech companies are now persona non grata for providing the digital getaway cars.
Anne Neuberger, national security wizard, pointed out “these threat actors can geolocate millions, record phone calls at will.” Basically, Salt Typhoon doesn’t just break in—they set up shop. Offense is tempting, but experts like Erica Lonergan urge, don't start a cyber slugfest unless your own servers are Fort Knox. Congress is debating clearer red lines: cross them and we’ll respond in kind, no more guessing games.
What are we learning? Lesson one: Information-sharing is not optional. CISA’s rapid alerts made a dent. Number two: Patch everything—today, not “tomorrow.” Number three: Sanctions work, but these crews adapt fast, so persistence matters.
That’s the pulse, folks. Thanks for tuning in to Dragon’s Code: America Under Cyber Siege. Don’t forget to subscribe for your weekly dose of China cyber drama—straight from Ting.
This has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
Listeners, strap in. I’m Ting—cyber sleuth, China whisperer, and lover of real-time packet captures. Today’s episode? Dragon’s Code: America Under Cyber Siege, where the only firewall that truly matters is the one you haven’t patched.
Let’s dig right in—because as of this week, America’s digital infrastructure has been under siege by what Senator Mark Warner aptly described as “the worst telecom hack in our nation’s history.” The culprit? Salt Typhoon—a Chinese state-backed cyber-espionage juggernaut. We’re talking breaches at Verizon, AT&T, and T-Mobile. That's nearly 400 million subscribers in the blast radius, which means if you’ve dialed, texted, or stepped within cell tower range, Salt Typhoon probably has your number, literally. Former FBI director Christopher Wray didn’t sugarcoat it; he called this “the most significant cyber espionage campaign in history.”
Now, how did Salt Typhoon pull it off? They surfed on the back of zero-days—those digital unicorns—hitting Microsoft SharePoint servers with a vulnerability known as CVE-2025-53770, a.k.a. ToolShell. Before Microsoft got the patch out, Salt Typhoon, along with crews like Linen Typhoon and Violet Typhoon, broke in, targeting not just telecoms but government agencies, universities, and even the US Energy Department. Once inside, they unleashed custom malware like Zingdoor and weaponized sideloading tricks, where a legit bug-tracking app called ‘mantec.exe’ helped sneak in nasty code. Bonus points for using legitimate software to hide the mayhem.
Attribution is no longer a whodunit. Microsoft, Symantec, and Carbon Black trace the attacks right to Beijing’s doorstep and even name the groups—APT27, APT31, Salt Typhoon, and their shadowy affiliate UNC5221. These folks went after not just infrastructure but the political process. That’s right: 2024 election interference included efforts to compromise candidates’ personal devices and sniff out confidential law enforcement communications.
How did American defenders fare? CISA, the FBI, and Treasury’s OFAC ran coordinated countermeasures—targeting compromised routers, probing command-and-control servers, and hitting Chinese front firms with sanctions. In fact, Sichuan Juxinhe and other network tech companies are now persona non grata for providing the digital getaway cars.
Anne Neuberger, national security wizard, pointed out “these threat actors can geolocate millions, record phone calls at will.” Basically, Salt Typhoon doesn’t just break in—they set up shop. Offense is tempting, but experts like Erica Lonergan urge, don't start a cyber slugfest unless your own servers are Fort Knox. Congress is debating clearer red lines: cross them and we’ll respond in kind, no more guessing games.
What are we learning? Lesson one: Information-sharing is not optional. CISA’s rapid alerts made a dent. Number two: Patch everything—today, not “tomorrow.” Number three: Sanctions work, but these crews adapt fast, so persistence matters.
That’s the pulse, folks. Thanks for tuning in to Dragon’s Code: America Under Cyber Siege. Don’t forget to subscribe for your weekly dose of China cyber drama—straight from Ting.
This has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
View all episodes
By Inception Point AiThis is your Dragon's Code: America Under Cyber Siege podcast.
Listeners, strap in. I’m Ting—cyber sleuth, China whisperer, and lover of real-time packet captures. Today’s episode? Dragon’s Code: America Under Cyber Siege, where the only firewall that truly matters is the one you haven’t patched.
Let’s dig right in—because as of this week, America’s digital infrastructure has been under siege by what Senator Mark Warner aptly described as “the worst telecom hack in our nation’s history.” The culprit? Salt Typhoon—a Chinese state-backed cyber-espionage juggernaut. We’re talking breaches at Verizon, AT&T, and T-Mobile. That's nearly 400 million subscribers in the blast radius, which means if you’ve dialed, texted, or stepped within cell tower range, Salt Typhoon probably has your number, literally. Former FBI director Christopher Wray didn’t sugarcoat it; he called this “the most significant cyber espionage campaign in history.”
Now, how did Salt Typhoon pull it off? They surfed on the back of zero-days—those digital unicorns—hitting Microsoft SharePoint servers with a vulnerability known as CVE-2025-53770, a.k.a. ToolShell. Before Microsoft got the patch out, Salt Typhoon, along with crews like Linen Typhoon and Violet Typhoon, broke in, targeting not just telecoms but government agencies, universities, and even the US Energy Department. Once inside, they unleashed custom malware like Zingdoor and weaponized sideloading tricks, where a legit bug-tracking app called ‘mantec.exe’ helped sneak in nasty code. Bonus points for using legitimate software to hide the mayhem.
Attribution is no longer a whodunit. Microsoft, Symantec, and Carbon Black trace the attacks right to Beijing’s doorstep and even name the groups—APT27, APT31, Salt Typhoon, and their shadowy affiliate UNC5221. These folks went after not just infrastructure but the political process. That’s right: 2024 election interference included efforts to compromise candidates’ personal devices and sniff out confidential law enforcement communications.
How did American defenders fare? CISA, the FBI, and Treasury’s OFAC ran coordinated countermeasures—targeting compromised routers, probing command-and-control servers, and hitting Chinese front firms with sanctions. In fact, Sichuan Juxinhe and other network tech companies are now persona non grata for providing the digital getaway cars.
Anne Neuberger, national security wizard, pointed out “these threat actors can geolocate millions, record phone calls at will.” Basically, Salt Typhoon doesn’t just break in—they set up shop. Offense is tempting, but experts like Erica Lonergan urge, don't start a cyber slugfest unless your own servers are Fort Knox. Congress is debating clearer red lines: cross them and we’ll respond in kind, no more guessing games.
What are we learning? Lesson one: Information-sharing is not optional. CISA’s rapid alerts made a dent. Number two: Patch everything—today, not “tomorrow.” Number three: Sanctions work, but these crews adapt fast, so persistence matters.
That’s the pulse, folks. Thanks for tuning in to Dragon’s Code: America Under Cyber Siege. Don’t forget to subscribe for your weekly dose of China cyber drama—straight from Ting.
This has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
Listeners, strap in. I’m Ting—cyber sleuth, China whisperer, and lover of real-time packet captures. Today’s episode? Dragon’s Code: America Under Cyber Siege, where the only firewall that truly matters is the one you haven’t patched.
Let’s dig right in—because as of this week, America’s digital infrastructure has been under siege by what Senator Mark Warner aptly described as “the worst telecom hack in our nation’s history.” The culprit? Salt Typhoon—a Chinese state-backed cyber-espionage juggernaut. We’re talking breaches at Verizon, AT&T, and T-Mobile. That's nearly 400 million subscribers in the blast radius, which means if you’ve dialed, texted, or stepped within cell tower range, Salt Typhoon probably has your number, literally. Former FBI director Christopher Wray didn’t sugarcoat it; he called this “the most significant cyber espionage campaign in history.”
Now, how did Salt Typhoon pull it off? They surfed on the back of zero-days—those digital unicorns—hitting Microsoft SharePoint servers with a vulnerability known as CVE-2025-53770, a.k.a. ToolShell. Before Microsoft got the patch out, Salt Typhoon, along with crews like Linen Typhoon and Violet Typhoon, broke in, targeting not just telecoms but government agencies, universities, and even the US Energy Department. Once inside, they unleashed custom malware like Zingdoor and weaponized sideloading tricks, where a legit bug-tracking app called ‘mantec.exe’ helped sneak in nasty code. Bonus points for using legitimate software to hide the mayhem.
Attribution is no longer a whodunit. Microsoft, Symantec, and Carbon Black trace the attacks right to Beijing’s doorstep and even name the groups—APT27, APT31, Salt Typhoon, and their shadowy affiliate UNC5221. These folks went after not just infrastructure but the political process. That’s right: 2024 election interference included efforts to compromise candidates’ personal devices and sniff out confidential law enforcement communications.
How did American defenders fare? CISA, the FBI, and Treasury’s OFAC ran coordinated countermeasures—targeting compromised routers, probing command-and-control servers, and hitting Chinese front firms with sanctions. In fact, Sichuan Juxinhe and other network tech companies are now persona non grata for providing the digital getaway cars.
Anne Neuberger, national security wizard, pointed out “these threat actors can geolocate millions, record phone calls at will.” Basically, Salt Typhoon doesn’t just break in—they set up shop. Offense is tempting, but experts like Erica Lonergan urge, don't start a cyber slugfest unless your own servers are Fort Knox. Congress is debating clearer red lines: cross them and we’ll respond in kind, no more guessing games.
What are we learning? Lesson one: Information-sharing is not optional. CISA’s rapid alerts made a dent. Number two: Patch everything—today, not “tomorrow.” Number three: Sanctions work, but these crews adapt fast, so persistence matters.
That’s the pulse, folks. Thanks for tuning in to Dragon’s Code: America Under Cyber Siege. Don’t forget to subscribe for your weekly dose of China cyber drama—straight from Ting.
This has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI