Sign up to save your podcasts
Or
Share Shanghai Cyber Shade: China's Salt Typhoon Spice, DeepSeek AI Vice, and Panda's USB Heist Slice
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Shanghai Cyber Shade: China's Salt Typhoon Spice, DeepSeek AI Vice, and Panda's USB Heist Slice
This is your Silicon Siege: China's Tech Offensive podcast.
Ting here, welcoming you to my digital lair—where cybersecurity meets Shanghai street smarts, and hacking news travels faster than a quantum packet. There’s no time for fluff—let’s jump right into what really mattered in the last two weeks of this Silicon Siege: China’s Tech Offensive.
The headline stealer this time is Salt Typhoon, a Chinese state-sponsored cyber group declared a national security crisis by the US Cybersecurity and Infrastructure Security Agency. Their campaign laser-targeted US tech giants in telecommunications, even hammering backbone infrastructure used by AT&T, T-Mobile, and Verizon. The FBI’s cyber division lead, Brett Leatherman, put it bluntly: Beijing isn’t just swiping tech; they want our private communications and are flexing hard to disrupt operations, loot data, and keep defenders up at night. With over 200 companies hit since 2019 and a $10 million FBI bounty floating around, Salt Typhoon is no longer a shadow—it’s prime time.
Now, for those listeners thinking the action stops at your network perimeter, think again. Intellectual property theft took a high-tech twist with DeepSeek, China’s open-source AI darling. According to security research aggregated by OpenTools AI, DeepSeek’s models are shockingly easy to jailbreak, letting threat actors whip up malware or slip past safety barriers like they’re running a speed test. And the code? Not exactly Fort Knox—encryption is weak and the connections to Chinese companies make it a spy’s playground. Experts warn that DeepSeek’s models get abused for everything from phishing lures to privacy breaches, potentially escalating the global AI arms race and, yep, making Fortune 500 CISOs sweat.
Behind the scenes, it gets sneakier. Industrial espionage picked up speed, with campaigns like TA415, reported by Mark Kelly and Nick Attfield, using spearphishing targeting think tanks and academic orgs keyed into US-China trade policy. That’s not just boardroom gossip—real digital tradecraft, albeit basic, aimed at those shaping economic paths between DC and Beijing.
Meanwhile, Mustang Panda’s Hive0154 gang dropped new Toneshell backdoors and the SnakeDisk USB worm, with X-Force’s Joshua Chung sounding the alarm. These worms are like digital moles—only executing on select devices based on geo-IP and weaponizing USB sticks to propagate, with the ultimate goal being supply chain compromise. Industrial Cyber’s latest expert roundtable highlighted a spike in breaches from third-party risk, meaning manufacturers are moving toward continuous monitoring, SBOM management, and evidence-based vendor assessments. Bob Kolasky of Exiger said it best: “Most OT consumers have no idea what’s in their software supply chain.” The implications? Attackers exploit open-source components, pivot to edge devices, or VPNs, and only half of these exposures get fully fixed in a month.
Strategically, China’s multi-pronged offensive blurs statecraft and cybercrime. Experts like Matt Wyckhouse stress: supply chain threats have doubled year-on-year, making machine-readable SBOMs and rapid patching mandatory for survival. AI-generated code and open-source libraries—70 to 90 percent of industrial software—are a double-edged sword, rocket-fueling innovation while opening the door for fast-moving exploits.
Looking ahead, I say don’t blink. As AI rivalry intensifies, vulnerabilities multiply, and supply chain complexity surges, continuous assurance will be the new normal. Defenders: automate your threat intelligence, vet code like you’re inspecting pearls, and brace for saber-rattling campaigns blurring trade and tech sovereignty.
Thanks for tuning in! Don’t forget to subscribe to keep up with the wild world of hacking and geopolitics. This has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
Ting here, welcoming you to my digital lair—where cybersecurity meets Shanghai street smarts, and hacking news travels faster than a quantum packet. There’s no time for fluff—let’s jump right into what really mattered in the last two weeks of this Silicon Siege: China’s Tech Offensive.
The headline stealer this time is Salt Typhoon, a Chinese state-sponsored cyber group declared a national security crisis by the US Cybersecurity and Infrastructure Security Agency. Their campaign laser-targeted US tech giants in telecommunications, even hammering backbone infrastructure used by AT&T, T-Mobile, and Verizon. The FBI’s cyber division lead, Brett Leatherman, put it bluntly: Beijing isn’t just swiping tech; they want our private communications and are flexing hard to disrupt operations, loot data, and keep defenders up at night. With over 200 companies hit since 2019 and a $10 million FBI bounty floating around, Salt Typhoon is no longer a shadow—it’s prime time.
Now, for those listeners thinking the action stops at your network perimeter, think again. Intellectual property theft took a high-tech twist with DeepSeek, China’s open-source AI darling. According to security research aggregated by OpenTools AI, DeepSeek’s models are shockingly easy to jailbreak, letting threat actors whip up malware or slip past safety barriers like they’re running a speed test. And the code? Not exactly Fort Knox—encryption is weak and the connections to Chinese companies make it a spy’s playground. Experts warn that DeepSeek’s models get abused for everything from phishing lures to privacy breaches, potentially escalating the global AI arms race and, yep, making Fortune 500 CISOs sweat.
Behind the scenes, it gets sneakier. Industrial espionage picked up speed, with campaigns like TA415, reported by Mark Kelly and Nick Attfield, using spearphishing targeting think tanks and academic orgs keyed into US-China trade policy. That’s not just boardroom gossip—real digital tradecraft, albeit basic, aimed at those shaping economic paths between DC and Beijing.
Meanwhile, Mustang Panda’s Hive0154 gang dropped new Toneshell backdoors and the SnakeDisk USB worm, with X-Force’s Joshua Chung sounding the alarm. These worms are like digital moles—only executing on select devices based on geo-IP and weaponizing USB sticks to propagate, with the ultimate goal being supply chain compromise. Industrial Cyber’s latest expert roundtable highlighted a spike in breaches from third-party risk, meaning manufacturers are moving toward continuous monitoring, SBOM management, and evidence-based vendor assessments. Bob Kolasky of Exiger said it best: “Most OT consumers have no idea what’s in their software supply chain.” The implications? Attackers exploit open-source components, pivot to edge devices, or VPNs, and only half of these exposures get fully fixed in a month.
Strategically, China’s multi-pronged offensive blurs statecraft and cybercrime. Experts like Matt Wyckhouse stress: supply chain threats have doubled year-on-year, making machine-readable SBOMs and rapid patching mandatory for survival. AI-generated code and open-source libraries—70 to 90 percent of industrial software—are a double-edged sword, rocket-fueling innovation while opening the door for fast-moving exploits.
Looking ahead, I say don’t blink. As AI rivalry intensifies, vulnerabilities multiply, and supply chain complexity surges, continuous assurance will be the new normal. Defenders: automate your threat intelligence, vet code like you’re inspecting pearls, and brace for saber-rattling campaigns blurring trade and tech sovereignty.
Thanks for tuning in! Don’t forget to subscribe to keep up with the wild world of hacking and geopolitics. This has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
View all episodes
By Inception Point AiThis is your Silicon Siege: China's Tech Offensive podcast.
Ting here, welcoming you to my digital lair—where cybersecurity meets Shanghai street smarts, and hacking news travels faster than a quantum packet. There’s no time for fluff—let’s jump right into what really mattered in the last two weeks of this Silicon Siege: China’s Tech Offensive.
The headline stealer this time is Salt Typhoon, a Chinese state-sponsored cyber group declared a national security crisis by the US Cybersecurity and Infrastructure Security Agency. Their campaign laser-targeted US tech giants in telecommunications, even hammering backbone infrastructure used by AT&T, T-Mobile, and Verizon. The FBI’s cyber division lead, Brett Leatherman, put it bluntly: Beijing isn’t just swiping tech; they want our private communications and are flexing hard to disrupt operations, loot data, and keep defenders up at night. With over 200 companies hit since 2019 and a $10 million FBI bounty floating around, Salt Typhoon is no longer a shadow—it’s prime time.
Now, for those listeners thinking the action stops at your network perimeter, think again. Intellectual property theft took a high-tech twist with DeepSeek, China’s open-source AI darling. According to security research aggregated by OpenTools AI, DeepSeek’s models are shockingly easy to jailbreak, letting threat actors whip up malware or slip past safety barriers like they’re running a speed test. And the code? Not exactly Fort Knox—encryption is weak and the connections to Chinese companies make it a spy’s playground. Experts warn that DeepSeek’s models get abused for everything from phishing lures to privacy breaches, potentially escalating the global AI arms race and, yep, making Fortune 500 CISOs sweat.
Behind the scenes, it gets sneakier. Industrial espionage picked up speed, with campaigns like TA415, reported by Mark Kelly and Nick Attfield, using spearphishing targeting think tanks and academic orgs keyed into US-China trade policy. That’s not just boardroom gossip—real digital tradecraft, albeit basic, aimed at those shaping economic paths between DC and Beijing.
Meanwhile, Mustang Panda’s Hive0154 gang dropped new Toneshell backdoors and the SnakeDisk USB worm, with X-Force’s Joshua Chung sounding the alarm. These worms are like digital moles—only executing on select devices based on geo-IP and weaponizing USB sticks to propagate, with the ultimate goal being supply chain compromise. Industrial Cyber’s latest expert roundtable highlighted a spike in breaches from third-party risk, meaning manufacturers are moving toward continuous monitoring, SBOM management, and evidence-based vendor assessments. Bob Kolasky of Exiger said it best: “Most OT consumers have no idea what’s in their software supply chain.” The implications? Attackers exploit open-source components, pivot to edge devices, or VPNs, and only half of these exposures get fully fixed in a month.
Strategically, China’s multi-pronged offensive blurs statecraft and cybercrime. Experts like Matt Wyckhouse stress: supply chain threats have doubled year-on-year, making machine-readable SBOMs and rapid patching mandatory for survival. AI-generated code and open-source libraries—70 to 90 percent of industrial software—are a double-edged sword, rocket-fueling innovation while opening the door for fast-moving exploits.
Looking ahead, I say don’t blink. As AI rivalry intensifies, vulnerabilities multiply, and supply chain complexity surges, continuous assurance will be the new normal. Defenders: automate your threat intelligence, vet code like you’re inspecting pearls, and brace for saber-rattling campaigns blurring trade and tech sovereignty.
Thanks for tuning in! Don’t forget to subscribe to keep up with the wild world of hacking and geopolitics. This has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
Ting here, welcoming you to my digital lair—where cybersecurity meets Shanghai street smarts, and hacking news travels faster than a quantum packet. There’s no time for fluff—let’s jump right into what really mattered in the last two weeks of this Silicon Siege: China’s Tech Offensive.
The headline stealer this time is Salt Typhoon, a Chinese state-sponsored cyber group declared a national security crisis by the US Cybersecurity and Infrastructure Security Agency. Their campaign laser-targeted US tech giants in telecommunications, even hammering backbone infrastructure used by AT&T, T-Mobile, and Verizon. The FBI’s cyber division lead, Brett Leatherman, put it bluntly: Beijing isn’t just swiping tech; they want our private communications and are flexing hard to disrupt operations, loot data, and keep defenders up at night. With over 200 companies hit since 2019 and a $10 million FBI bounty floating around, Salt Typhoon is no longer a shadow—it’s prime time.
Now, for those listeners thinking the action stops at your network perimeter, think again. Intellectual property theft took a high-tech twist with DeepSeek, China’s open-source AI darling. According to security research aggregated by OpenTools AI, DeepSeek’s models are shockingly easy to jailbreak, letting threat actors whip up malware or slip past safety barriers like they’re running a speed test. And the code? Not exactly Fort Knox—encryption is weak and the connections to Chinese companies make it a spy’s playground. Experts warn that DeepSeek’s models get abused for everything from phishing lures to privacy breaches, potentially escalating the global AI arms race and, yep, making Fortune 500 CISOs sweat.
Behind the scenes, it gets sneakier. Industrial espionage picked up speed, with campaigns like TA415, reported by Mark Kelly and Nick Attfield, using spearphishing targeting think tanks and academic orgs keyed into US-China trade policy. That’s not just boardroom gossip—real digital tradecraft, albeit basic, aimed at those shaping economic paths between DC and Beijing.
Meanwhile, Mustang Panda’s Hive0154 gang dropped new Toneshell backdoors and the SnakeDisk USB worm, with X-Force’s Joshua Chung sounding the alarm. These worms are like digital moles—only executing on select devices based on geo-IP and weaponizing USB sticks to propagate, with the ultimate goal being supply chain compromise. Industrial Cyber’s latest expert roundtable highlighted a spike in breaches from third-party risk, meaning manufacturers are moving toward continuous monitoring, SBOM management, and evidence-based vendor assessments. Bob Kolasky of Exiger said it best: “Most OT consumers have no idea what’s in their software supply chain.” The implications? Attackers exploit open-source components, pivot to edge devices, or VPNs, and only half of these exposures get fully fixed in a month.
Strategically, China’s multi-pronged offensive blurs statecraft and cybercrime. Experts like Matt Wyckhouse stress: supply chain threats have doubled year-on-year, making machine-readable SBOMs and rapid patching mandatory for survival. AI-generated code and open-source libraries—70 to 90 percent of industrial software—are a double-edged sword, rocket-fueling innovation while opening the door for fast-moving exploits.
Looking ahead, I say don’t blink. As AI rivalry intensifies, vulnerabilities multiply, and supply chain complexity surges, continuous assurance will be the new normal. Defenders: automate your threat intelligence, vet code like you’re inspecting pearls, and brace for saber-rattling campaigns blurring trade and tech sovereignty.
Thanks for tuning in! Don’t forget to subscribe to keep up with the wild world of hacking and geopolitics. This has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI