Sign up to save your podcasts
Or
Share Salt Typhoon Throws Wildest Cyber Bash Yet! China Hacks Carriers, Swipes Texts & Calls
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Salt Typhoon Throws Wildest Cyber Bash Yet! China Hacks Carriers, Swipes Texts & Calls
This is your Red Alert: China's Daily Cyber Moves podcast.
Hey listeners, Ting here, and wow, do I have some wild cyber news for you today. While you were probably enjoying your Wednesday, Chinese state hackers were throwing the mother of all cyber parties on American soil, and honestly, it's getting scary.
So let's talk about Salt Typhoon, because this crew just earned the title of most destructive cyber espionage campaign in American history according to former FBI director Christopher Wray. Between March and December 2024, these hackers didn't just knock on the door, they broke into Verizon, AT&T, and T-Mobile. That's 397 million subscribers potentially compromised. They grabbed call logs, unencrypted texts, audio from high-ranking political figures, and even targeted presidential candidates' phones during the election. The FBI estimates over one million call records were stolen, and Deputy National Security Adviser Anne Neuberger said they can geolocate millions of people and record phone calls at will. The worst part? Despite AT&T and Verizon claiming they contained the threat, a joint cybersecurity advisory confirms Salt Typhoon maintains persistent, long-term access to networks. They're still in there.
But wait, it gets juicier. Symantec and Carbon Black just dropped a bombshell today revealing that Salt Typhoon exploited that critical SharePoint vulnerability Microsoft patched back in July, the ToolShell bug designated CVE-2025-53770. Before the patch, they hit over 400 organizations including the US Energy Department. Originally Microsoft blamed three groups, but now we know Salt Typhoon joined the party, hitting a Middle East telecom and two African government departments using their signature Zingdoor backdoor. They also compromised two South American government agencies and a US university.
Meanwhile, CISA issued emergency directive ED 26-01 yesterday after F5 Networks admitted nation-state hackers, specifically the China-nexus group UNC5221 using BRICKSTORM malware, breached their systems and stole BIG-IP source code. These attackers lived inside F5's network for at least 12 months. Federal agencies have until today, October 22nd, to inventory F5 products and secure management interfaces, with full compliance reports due October 29th.
Here's the escalation scenario that should terrify everyone: Trend Micro revealed something they're calling Premier Pass, where Chinese groups like Earth Estries and Earth Naga are now sharing access to compromised networks. Earth Estries breaks in, then hands the keys to Earth Naga for continued exploitation. They're collaborating like never before, targeting telecommunications, government agencies, and critical infrastructure across APAC, NATO countries, and Latin America.
The Treasury already sanctioned Sichuan Juxinhe Network Technology for Salt Typhoon involvement, but lawmakers like Senator Mark Warner are pushing for offensive cyber operations against China. The problem? You can't credibly threaten to hack back when your own networks remain vulnerable.
So what do you do? Update everything, especially F5 and SharePoint systems. Assume breach. Monitor for unusual network traffic. And honestly, assume China can hear your phone calls right now.
Thanks for tuning in listeners, and make sure to subscribe so you don't miss the next cyber disaster unfolding in real time.
This has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
Hey listeners, Ting here, and wow, do I have some wild cyber news for you today. While you were probably enjoying your Wednesday, Chinese state hackers were throwing the mother of all cyber parties on American soil, and honestly, it's getting scary.
So let's talk about Salt Typhoon, because this crew just earned the title of most destructive cyber espionage campaign in American history according to former FBI director Christopher Wray. Between March and December 2024, these hackers didn't just knock on the door, they broke into Verizon, AT&T, and T-Mobile. That's 397 million subscribers potentially compromised. They grabbed call logs, unencrypted texts, audio from high-ranking political figures, and even targeted presidential candidates' phones during the election. The FBI estimates over one million call records were stolen, and Deputy National Security Adviser Anne Neuberger said they can geolocate millions of people and record phone calls at will. The worst part? Despite AT&T and Verizon claiming they contained the threat, a joint cybersecurity advisory confirms Salt Typhoon maintains persistent, long-term access to networks. They're still in there.
But wait, it gets juicier. Symantec and Carbon Black just dropped a bombshell today revealing that Salt Typhoon exploited that critical SharePoint vulnerability Microsoft patched back in July, the ToolShell bug designated CVE-2025-53770. Before the patch, they hit over 400 organizations including the US Energy Department. Originally Microsoft blamed three groups, but now we know Salt Typhoon joined the party, hitting a Middle East telecom and two African government departments using their signature Zingdoor backdoor. They also compromised two South American government agencies and a US university.
Meanwhile, CISA issued emergency directive ED 26-01 yesterday after F5 Networks admitted nation-state hackers, specifically the China-nexus group UNC5221 using BRICKSTORM malware, breached their systems and stole BIG-IP source code. These attackers lived inside F5's network for at least 12 months. Federal agencies have until today, October 22nd, to inventory F5 products and secure management interfaces, with full compliance reports due October 29th.
Here's the escalation scenario that should terrify everyone: Trend Micro revealed something they're calling Premier Pass, where Chinese groups like Earth Estries and Earth Naga are now sharing access to compromised networks. Earth Estries breaks in, then hands the keys to Earth Naga for continued exploitation. They're collaborating like never before, targeting telecommunications, government agencies, and critical infrastructure across APAC, NATO countries, and Latin America.
The Treasury already sanctioned Sichuan Juxinhe Network Technology for Salt Typhoon involvement, but lawmakers like Senator Mark Warner are pushing for offensive cyber operations against China. The problem? You can't credibly threaten to hack back when your own networks remain vulnerable.
So what do you do? Update everything, especially F5 and SharePoint systems. Assume breach. Monitor for unusual network traffic. And honestly, assume China can hear your phone calls right now.
Thanks for tuning in listeners, and make sure to subscribe so you don't miss the next cyber disaster unfolding in real time.
This has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
View all episodes
By Inception Point AiThis is your Red Alert: China's Daily Cyber Moves podcast.
Hey listeners, Ting here, and wow, do I have some wild cyber news for you today. While you were probably enjoying your Wednesday, Chinese state hackers were throwing the mother of all cyber parties on American soil, and honestly, it's getting scary.
So let's talk about Salt Typhoon, because this crew just earned the title of most destructive cyber espionage campaign in American history according to former FBI director Christopher Wray. Between March and December 2024, these hackers didn't just knock on the door, they broke into Verizon, AT&T, and T-Mobile. That's 397 million subscribers potentially compromised. They grabbed call logs, unencrypted texts, audio from high-ranking political figures, and even targeted presidential candidates' phones during the election. The FBI estimates over one million call records were stolen, and Deputy National Security Adviser Anne Neuberger said they can geolocate millions of people and record phone calls at will. The worst part? Despite AT&T and Verizon claiming they contained the threat, a joint cybersecurity advisory confirms Salt Typhoon maintains persistent, long-term access to networks. They're still in there.
But wait, it gets juicier. Symantec and Carbon Black just dropped a bombshell today revealing that Salt Typhoon exploited that critical SharePoint vulnerability Microsoft patched back in July, the ToolShell bug designated CVE-2025-53770. Before the patch, they hit over 400 organizations including the US Energy Department. Originally Microsoft blamed three groups, but now we know Salt Typhoon joined the party, hitting a Middle East telecom and two African government departments using their signature Zingdoor backdoor. They also compromised two South American government agencies and a US university.
Meanwhile, CISA issued emergency directive ED 26-01 yesterday after F5 Networks admitted nation-state hackers, specifically the China-nexus group UNC5221 using BRICKSTORM malware, breached their systems and stole BIG-IP source code. These attackers lived inside F5's network for at least 12 months. Federal agencies have until today, October 22nd, to inventory F5 products and secure management interfaces, with full compliance reports due October 29th.
Here's the escalation scenario that should terrify everyone: Trend Micro revealed something they're calling Premier Pass, where Chinese groups like Earth Estries and Earth Naga are now sharing access to compromised networks. Earth Estries breaks in, then hands the keys to Earth Naga for continued exploitation. They're collaborating like never before, targeting telecommunications, government agencies, and critical infrastructure across APAC, NATO countries, and Latin America.
The Treasury already sanctioned Sichuan Juxinhe Network Technology for Salt Typhoon involvement, but lawmakers like Senator Mark Warner are pushing for offensive cyber operations against China. The problem? You can't credibly threaten to hack back when your own networks remain vulnerable.
So what do you do? Update everything, especially F5 and SharePoint systems. Assume breach. Monitor for unusual network traffic. And honestly, assume China can hear your phone calls right now.
Thanks for tuning in listeners, and make sure to subscribe so you don't miss the next cyber disaster unfolding in real time.
This has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
Hey listeners, Ting here, and wow, do I have some wild cyber news for you today. While you were probably enjoying your Wednesday, Chinese state hackers were throwing the mother of all cyber parties on American soil, and honestly, it's getting scary.
So let's talk about Salt Typhoon, because this crew just earned the title of most destructive cyber espionage campaign in American history according to former FBI director Christopher Wray. Between March and December 2024, these hackers didn't just knock on the door, they broke into Verizon, AT&T, and T-Mobile. That's 397 million subscribers potentially compromised. They grabbed call logs, unencrypted texts, audio from high-ranking political figures, and even targeted presidential candidates' phones during the election. The FBI estimates over one million call records were stolen, and Deputy National Security Adviser Anne Neuberger said they can geolocate millions of people and record phone calls at will. The worst part? Despite AT&T and Verizon claiming they contained the threat, a joint cybersecurity advisory confirms Salt Typhoon maintains persistent, long-term access to networks. They're still in there.
But wait, it gets juicier. Symantec and Carbon Black just dropped a bombshell today revealing that Salt Typhoon exploited that critical SharePoint vulnerability Microsoft patched back in July, the ToolShell bug designated CVE-2025-53770. Before the patch, they hit over 400 organizations including the US Energy Department. Originally Microsoft blamed three groups, but now we know Salt Typhoon joined the party, hitting a Middle East telecom and two African government departments using their signature Zingdoor backdoor. They also compromised two South American government agencies and a US university.
Meanwhile, CISA issued emergency directive ED 26-01 yesterday after F5 Networks admitted nation-state hackers, specifically the China-nexus group UNC5221 using BRICKSTORM malware, breached their systems and stole BIG-IP source code. These attackers lived inside F5's network for at least 12 months. Federal agencies have until today, October 22nd, to inventory F5 products and secure management interfaces, with full compliance reports due October 29th.
Here's the escalation scenario that should terrify everyone: Trend Micro revealed something they're calling Premier Pass, where Chinese groups like Earth Estries and Earth Naga are now sharing access to compromised networks. Earth Estries breaks in, then hands the keys to Earth Naga for continued exploitation. They're collaborating like never before, targeting telecommunications, government agencies, and critical infrastructure across APAC, NATO countries, and Latin America.
The Treasury already sanctioned Sichuan Juxinhe Network Technology for Salt Typhoon involvement, but lawmakers like Senator Mark Warner are pushing for offensive cyber operations against China. The problem? You can't credibly threaten to hack back when your own networks remain vulnerable.
So what do you do? Update everything, especially F5 and SharePoint systems. Assume breach. Monitor for unusual network traffic. And honestly, assume China can hear your phone calls right now.
Thanks for tuning in listeners, and make sure to subscribe so you don't miss the next cyber disaster unfolding in real time.
This has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI