Sign up to save your podcasts
Or
Share Ting Spills Tea: China Hackers Crash Cisco Party With Zero-Day Snacks While US Networks Burn
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Ting Spills Tea: China Hackers Crash Cisco Party With Zero-Day Snacks While US Networks Burn
This is your China Hack Report: Daily US Tech Defense podcast.
Hey listeners, Ting here, your go-to gal for all things China cyber chaos and US tech defense. Buckle up, because the last 24 hours have been a fireworks show of China-linked hacks slamming American interests—straight fire from F5 Labs' Weekly Threat Bulletin dated March 11th, 2026.
Picture this: I'm sipping my baijiu-laced energy drink, scanning feeds, when bam—STORM-1849 and Uat4356, those sneaky Chinese threat crews, unleash **Line Dancer** and **Line Runner** malware. These nasties are worming into Cisco Secure Firewall Management Center Software via two critical zero-days: CVE-2026-20079, an auth bypass letting randos grab root access with crafted HTTP requests, and CVE-2026-20131, a remote code exec flaw from dodgy Java deserialization—unauthenticated attackers running arbitrary code as root. Cisco dropped emergency patches today, so if you're on that gear, patch now or weep later.
Sectors? They're feasting on US **cloud infrastructure**, **energy grids**, **financial services**, **government networks**, **healthcare**, **industrials**, **IT**, **multimedia**, and **telecoms**. F5 Labs pins victims squarely in the United States, with IOCs lighting up like a Beijing skyline. No direct CISA alert yet on these exact CVEs, but they're echoing their playbook: isolate, patch, and hunt with EDR tools.
This isn't isolated—CSIS logs China state-linked ops surging, and with Iran war heating up per Fox and CBN reports, Computer Weekly warns China's ramping cyber alongside Belarus and Pakistan packs. Defensive moves? CISA's KEV catalog just added 23 iOS vulns from the "Coruna" exploit kit—Chinese-hosted scam sites peddling zero-click chains hitting iOS 13 to 17.2.1. Federal agencies: patch CVE-2021-30952 and CVE-2023-43000 by March 26th, or get memory-corrupted. Google Threat Intelligence Group dissected this beast—fingerprinting JS loading exploits, spotted in Ukraine watering holes.
Immediate actions, listeners: Run Cisco's patches on Secure Firewall Management Center and Security Cloud Control. Oracle Java users, update yesterday. Segment networks, deploy behavioral analytics to sniff Line Dancer's LOLBIN abuse and screen-printed exfils—Unit 42-style stealth. Hunt for those IOCs from F5: weird Java streams, auth skips. Enable MFA everywhere, audit cloud logs, and drill your teams on phishing—China's not slowing.
Witty aside: These hackers think they're ninjas, but with patches, we're the ones vanishing their access. Stay vigilant, fortify those perimeters.
Thanks for tuning in, listeners—subscribe for daily drops! This has been a Quiet Please production, for more check out quietplease.ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
Hey listeners, Ting here, your go-to gal for all things China cyber chaos and US tech defense. Buckle up, because the last 24 hours have been a fireworks show of China-linked hacks slamming American interests—straight fire from F5 Labs' Weekly Threat Bulletin dated March 11th, 2026.
Picture this: I'm sipping my baijiu-laced energy drink, scanning feeds, when bam—STORM-1849 and Uat4356, those sneaky Chinese threat crews, unleash **Line Dancer** and **Line Runner** malware. These nasties are worming into Cisco Secure Firewall Management Center Software via two critical zero-days: CVE-2026-20079, an auth bypass letting randos grab root access with crafted HTTP requests, and CVE-2026-20131, a remote code exec flaw from dodgy Java deserialization—unauthenticated attackers running arbitrary code as root. Cisco dropped emergency patches today, so if you're on that gear, patch now or weep later.
Sectors? They're feasting on US **cloud infrastructure**, **energy grids**, **financial services**, **government networks**, **healthcare**, **industrials**, **IT**, **multimedia**, and **telecoms**. F5 Labs pins victims squarely in the United States, with IOCs lighting up like a Beijing skyline. No direct CISA alert yet on these exact CVEs, but they're echoing their playbook: isolate, patch, and hunt with EDR tools.
This isn't isolated—CSIS logs China state-linked ops surging, and with Iran war heating up per Fox and CBN reports, Computer Weekly warns China's ramping cyber alongside Belarus and Pakistan packs. Defensive moves? CISA's KEV catalog just added 23 iOS vulns from the "Coruna" exploit kit—Chinese-hosted scam sites peddling zero-click chains hitting iOS 13 to 17.2.1. Federal agencies: patch CVE-2021-30952 and CVE-2023-43000 by March 26th, or get memory-corrupted. Google Threat Intelligence Group dissected this beast—fingerprinting JS loading exploits, spotted in Ukraine watering holes.
Immediate actions, listeners: Run Cisco's patches on Secure Firewall Management Center and Security Cloud Control. Oracle Java users, update yesterday. Segment networks, deploy behavioral analytics to sniff Line Dancer's LOLBIN abuse and screen-printed exfils—Unit 42-style stealth. Hunt for those IOCs from F5: weird Java streams, auth skips. Enable MFA everywhere, audit cloud logs, and drill your teams on phishing—China's not slowing.
Witty aside: These hackers think they're ninjas, but with patches, we're the ones vanishing their access. Stay vigilant, fortify those perimeters.
Thanks for tuning in, listeners—subscribe for daily drops! This has been a Quiet Please production, for more check out quietplease.ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
View all episodes
By Inception Point AiThis is your China Hack Report: Daily US Tech Defense podcast.
Hey listeners, Ting here, your go-to gal for all things China cyber chaos and US tech defense. Buckle up, because the last 24 hours have been a fireworks show of China-linked hacks slamming American interests—straight fire from F5 Labs' Weekly Threat Bulletin dated March 11th, 2026.
Picture this: I'm sipping my baijiu-laced energy drink, scanning feeds, when bam—STORM-1849 and Uat4356, those sneaky Chinese threat crews, unleash **Line Dancer** and **Line Runner** malware. These nasties are worming into Cisco Secure Firewall Management Center Software via two critical zero-days: CVE-2026-20079, an auth bypass letting randos grab root access with crafted HTTP requests, and CVE-2026-20131, a remote code exec flaw from dodgy Java deserialization—unauthenticated attackers running arbitrary code as root. Cisco dropped emergency patches today, so if you're on that gear, patch now or weep later.
Sectors? They're feasting on US **cloud infrastructure**, **energy grids**, **financial services**, **government networks**, **healthcare**, **industrials**, **IT**, **multimedia**, and **telecoms**. F5 Labs pins victims squarely in the United States, with IOCs lighting up like a Beijing skyline. No direct CISA alert yet on these exact CVEs, but they're echoing their playbook: isolate, patch, and hunt with EDR tools.
This isn't isolated—CSIS logs China state-linked ops surging, and with Iran war heating up per Fox and CBN reports, Computer Weekly warns China's ramping cyber alongside Belarus and Pakistan packs. Defensive moves? CISA's KEV catalog just added 23 iOS vulns from the "Coruna" exploit kit—Chinese-hosted scam sites peddling zero-click chains hitting iOS 13 to 17.2.1. Federal agencies: patch CVE-2021-30952 and CVE-2023-43000 by March 26th, or get memory-corrupted. Google Threat Intelligence Group dissected this beast—fingerprinting JS loading exploits, spotted in Ukraine watering holes.
Immediate actions, listeners: Run Cisco's patches on Secure Firewall Management Center and Security Cloud Control. Oracle Java users, update yesterday. Segment networks, deploy behavioral analytics to sniff Line Dancer's LOLBIN abuse and screen-printed exfils—Unit 42-style stealth. Hunt for those IOCs from F5: weird Java streams, auth skips. Enable MFA everywhere, audit cloud logs, and drill your teams on phishing—China's not slowing.
Witty aside: These hackers think they're ninjas, but with patches, we're the ones vanishing their access. Stay vigilant, fortify those perimeters.
Thanks for tuning in, listeners—subscribe for daily drops! This has been a Quiet Please production, for more check out quietplease.ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
Hey listeners, Ting here, your go-to gal for all things China cyber chaos and US tech defense. Buckle up, because the last 24 hours have been a fireworks show of China-linked hacks slamming American interests—straight fire from F5 Labs' Weekly Threat Bulletin dated March 11th, 2026.
Picture this: I'm sipping my baijiu-laced energy drink, scanning feeds, when bam—STORM-1849 and Uat4356, those sneaky Chinese threat crews, unleash **Line Dancer** and **Line Runner** malware. These nasties are worming into Cisco Secure Firewall Management Center Software via two critical zero-days: CVE-2026-20079, an auth bypass letting randos grab root access with crafted HTTP requests, and CVE-2026-20131, a remote code exec flaw from dodgy Java deserialization—unauthenticated attackers running arbitrary code as root. Cisco dropped emergency patches today, so if you're on that gear, patch now or weep later.
Sectors? They're feasting on US **cloud infrastructure**, **energy grids**, **financial services**, **government networks**, **healthcare**, **industrials**, **IT**, **multimedia**, and **telecoms**. F5 Labs pins victims squarely in the United States, with IOCs lighting up like a Beijing skyline. No direct CISA alert yet on these exact CVEs, but they're echoing their playbook: isolate, patch, and hunt with EDR tools.
This isn't isolated—CSIS logs China state-linked ops surging, and with Iran war heating up per Fox and CBN reports, Computer Weekly warns China's ramping cyber alongside Belarus and Pakistan packs. Defensive moves? CISA's KEV catalog just added 23 iOS vulns from the "Coruna" exploit kit—Chinese-hosted scam sites peddling zero-click chains hitting iOS 13 to 17.2.1. Federal agencies: patch CVE-2021-30952 and CVE-2023-43000 by March 26th, or get memory-corrupted. Google Threat Intelligence Group dissected this beast—fingerprinting JS loading exploits, spotted in Ukraine watering holes.
Immediate actions, listeners: Run Cisco's patches on Secure Firewall Management Center and Security Cloud Control. Oracle Java users, update yesterday. Segment networks, deploy behavioral analytics to sniff Line Dancer's LOLBIN abuse and screen-printed exfils—Unit 42-style stealth. Hunt for those IOCs from F5: weird Java streams, auth skips. Enable MFA everywhere, audit cloud logs, and drill your teams on phishing—China's not slowing.
Witty aside: These hackers think they're ninjas, but with patches, we're the ones vanishing their access. Stay vigilant, fortify those perimeters.
Thanks for tuning in, listeners—subscribe for daily drops! This has been a Quiet Please production, for more check out quietplease.ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI