Sign up to save your podcasts
Or
Share Ting's Cyber Tea: Microsoft's China Mess, ToolShell Terror, and Nvidia's Backdoor Blues
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Ting's Cyber Tea: Microsoft's China Mess, ToolShell Terror, and Nvidia's Backdoor Blues
This is your Digital Dragon Watch: Weekly China Cyber Alert podcast.
Listeners, buckle up—it’s Ting here, back again with your Digital Dragon Watch: Weekly China Cyber Alert. I promise, this isn’t going to be the cyber-equivalent of reading your Wi-Fi router manual out loud. The last seven days brought enough fireworks to light up the Shanghai skyline, so let’s get straight to the main event.
First up, Microsoft SharePoint. If you’re still running on-premises SharePoint servers and you haven’t patched this week, please pause me now and go do it. Attackers linked to Chinese state-backed groups—specifically Linen Typhoon, Violet Typhoon, and the ransomware outfit Storm-2603—are chaining big ticket vulnerabilities: CVE-2025-49706 and CVE-2025-49704. The exploits, collectively dubbed ToolShell, let hackers impersonate users and run remote code with zero user interaction. The scariest bit? Delays in patching left legacy systems wide open, with CISA confirming at least 148 successful breaches, some involving US government agencies. CISA’s new malware analysis details fresh indicators of compromise, including web shells and sneaky key stealers—so if you’re a defender, ring those blue team bells and check your logs for strange SharePoint activity. Microsoft’s only saving grace? SharePoint Online in M365, apparently immune for now.
US government response has been decisive, if a bit frenetic. The FCC launched investigations into telecom companies dodging national security rules, and CISA, though gutted by recent job cuts, is trumpeting its 24/7 patch-and-alert war room. At Black Hat, top CISA officials—Robert Costello and Chris Butera—emphasized that their agency’s commitment remains rock steady, even if their travel budget is now tighter than a Beijing subway at rush hour. CISA’s issuing direct warnings to thousands of vulnerable orgs and advocating cloud migration and continuous patching for all critical infrastructure.
Meanwhile, over in Redmond, Microsoft stepped in it again over alleged use of Chinese engineers for US defense tech support, raising alarms on Capitol Hill. Senator Tom Cotton fired off a very spicy letter to Defense Secretary Pete Hegseth demanding a full rundown of all contractors with Chinese tech personnel. And former White House cyber advisor Richard Cressey went on record, torching Microsoft’s persistent “treat security as an annoyance” approach. He’s calling for a full government pause on Microsoft procurements until they can prove, with receipts, that their house is finally in order.
On the flip side, accusations of hardware backdooring are flying in both directions. China’s cyber regulator summoned Nvidia to answer claims their H20 AI chips include tracking and kill-switch features—claims Nvidia, for its part, flatly denies.
So, Ting’s expert recommendations for this week: Patch those SharePoint servers now, get your systems off public internet exposure, and don’t sleep on MFA and network segmentation. Critical infrastructure ops—double-check your supply chains and vendor access. And everybody, keep security training sharp. The greatest vulnerability is still, unfortunately, us.
Thanks for tuning in to Digital Dragon Watch. Don’t forget to subscribe for your weekly cyber scoop—because with China in the mix, peace and quiet is never guaranteed. This has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
Listeners, buckle up—it’s Ting here, back again with your Digital Dragon Watch: Weekly China Cyber Alert. I promise, this isn’t going to be the cyber-equivalent of reading your Wi-Fi router manual out loud. The last seven days brought enough fireworks to light up the Shanghai skyline, so let’s get straight to the main event.
First up, Microsoft SharePoint. If you’re still running on-premises SharePoint servers and you haven’t patched this week, please pause me now and go do it. Attackers linked to Chinese state-backed groups—specifically Linen Typhoon, Violet Typhoon, and the ransomware outfit Storm-2603—are chaining big ticket vulnerabilities: CVE-2025-49706 and CVE-2025-49704. The exploits, collectively dubbed ToolShell, let hackers impersonate users and run remote code with zero user interaction. The scariest bit? Delays in patching left legacy systems wide open, with CISA confirming at least 148 successful breaches, some involving US government agencies. CISA’s new malware analysis details fresh indicators of compromise, including web shells and sneaky key stealers—so if you’re a defender, ring those blue team bells and check your logs for strange SharePoint activity. Microsoft’s only saving grace? SharePoint Online in M365, apparently immune for now.
US government response has been decisive, if a bit frenetic. The FCC launched investigations into telecom companies dodging national security rules, and CISA, though gutted by recent job cuts, is trumpeting its 24/7 patch-and-alert war room. At Black Hat, top CISA officials—Robert Costello and Chris Butera—emphasized that their agency’s commitment remains rock steady, even if their travel budget is now tighter than a Beijing subway at rush hour. CISA’s issuing direct warnings to thousands of vulnerable orgs and advocating cloud migration and continuous patching for all critical infrastructure.
Meanwhile, over in Redmond, Microsoft stepped in it again over alleged use of Chinese engineers for US defense tech support, raising alarms on Capitol Hill. Senator Tom Cotton fired off a very spicy letter to Defense Secretary Pete Hegseth demanding a full rundown of all contractors with Chinese tech personnel. And former White House cyber advisor Richard Cressey went on record, torching Microsoft’s persistent “treat security as an annoyance” approach. He’s calling for a full government pause on Microsoft procurements until they can prove, with receipts, that their house is finally in order.
On the flip side, accusations of hardware backdooring are flying in both directions. China’s cyber regulator summoned Nvidia to answer claims their H20 AI chips include tracking and kill-switch features—claims Nvidia, for its part, flatly denies.
So, Ting’s expert recommendations for this week: Patch those SharePoint servers now, get your systems off public internet exposure, and don’t sleep on MFA and network segmentation. Critical infrastructure ops—double-check your supply chains and vendor access. And everybody, keep security training sharp. The greatest vulnerability is still, unfortunately, us.
Thanks for tuning in to Digital Dragon Watch. Don’t forget to subscribe for your weekly cyber scoop—because with China in the mix, peace and quiet is never guaranteed. This has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
View all episodes
By Quiet. PleaseThis is your Digital Dragon Watch: Weekly China Cyber Alert podcast.
Listeners, buckle up—it’s Ting here, back again with your Digital Dragon Watch: Weekly China Cyber Alert. I promise, this isn’t going to be the cyber-equivalent of reading your Wi-Fi router manual out loud. The last seven days brought enough fireworks to light up the Shanghai skyline, so let’s get straight to the main event.
First up, Microsoft SharePoint. If you’re still running on-premises SharePoint servers and you haven’t patched this week, please pause me now and go do it. Attackers linked to Chinese state-backed groups—specifically Linen Typhoon, Violet Typhoon, and the ransomware outfit Storm-2603—are chaining big ticket vulnerabilities: CVE-2025-49706 and CVE-2025-49704. The exploits, collectively dubbed ToolShell, let hackers impersonate users and run remote code with zero user interaction. The scariest bit? Delays in patching left legacy systems wide open, with CISA confirming at least 148 successful breaches, some involving US government agencies. CISA’s new malware analysis details fresh indicators of compromise, including web shells and sneaky key stealers—so if you’re a defender, ring those blue team bells and check your logs for strange SharePoint activity. Microsoft’s only saving grace? SharePoint Online in M365, apparently immune for now.
US government response has been decisive, if a bit frenetic. The FCC launched investigations into telecom companies dodging national security rules, and CISA, though gutted by recent job cuts, is trumpeting its 24/7 patch-and-alert war room. At Black Hat, top CISA officials—Robert Costello and Chris Butera—emphasized that their agency’s commitment remains rock steady, even if their travel budget is now tighter than a Beijing subway at rush hour. CISA’s issuing direct warnings to thousands of vulnerable orgs and advocating cloud migration and continuous patching for all critical infrastructure.
Meanwhile, over in Redmond, Microsoft stepped in it again over alleged use of Chinese engineers for US defense tech support, raising alarms on Capitol Hill. Senator Tom Cotton fired off a very spicy letter to Defense Secretary Pete Hegseth demanding a full rundown of all contractors with Chinese tech personnel. And former White House cyber advisor Richard Cressey went on record, torching Microsoft’s persistent “treat security as an annoyance” approach. He’s calling for a full government pause on Microsoft procurements until they can prove, with receipts, that their house is finally in order.
On the flip side, accusations of hardware backdooring are flying in both directions. China’s cyber regulator summoned Nvidia to answer claims their H20 AI chips include tracking and kill-switch features—claims Nvidia, for its part, flatly denies.
So, Ting’s expert recommendations for this week: Patch those SharePoint servers now, get your systems off public internet exposure, and don’t sleep on MFA and network segmentation. Critical infrastructure ops—double-check your supply chains and vendor access. And everybody, keep security training sharp. The greatest vulnerability is still, unfortunately, us.
Thanks for tuning in to Digital Dragon Watch. Don’t forget to subscribe for your weekly cyber scoop—because with China in the mix, peace and quiet is never guaranteed. This has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
Listeners, buckle up—it’s Ting here, back again with your Digital Dragon Watch: Weekly China Cyber Alert. I promise, this isn’t going to be the cyber-equivalent of reading your Wi-Fi router manual out loud. The last seven days brought enough fireworks to light up the Shanghai skyline, so let’s get straight to the main event.
First up, Microsoft SharePoint. If you’re still running on-premises SharePoint servers and you haven’t patched this week, please pause me now and go do it. Attackers linked to Chinese state-backed groups—specifically Linen Typhoon, Violet Typhoon, and the ransomware outfit Storm-2603—are chaining big ticket vulnerabilities: CVE-2025-49706 and CVE-2025-49704. The exploits, collectively dubbed ToolShell, let hackers impersonate users and run remote code with zero user interaction. The scariest bit? Delays in patching left legacy systems wide open, with CISA confirming at least 148 successful breaches, some involving US government agencies. CISA’s new malware analysis details fresh indicators of compromise, including web shells and sneaky key stealers—so if you’re a defender, ring those blue team bells and check your logs for strange SharePoint activity. Microsoft’s only saving grace? SharePoint Online in M365, apparently immune for now.
US government response has been decisive, if a bit frenetic. The FCC launched investigations into telecom companies dodging national security rules, and CISA, though gutted by recent job cuts, is trumpeting its 24/7 patch-and-alert war room. At Black Hat, top CISA officials—Robert Costello and Chris Butera—emphasized that their agency’s commitment remains rock steady, even if their travel budget is now tighter than a Beijing subway at rush hour. CISA’s issuing direct warnings to thousands of vulnerable orgs and advocating cloud migration and continuous patching for all critical infrastructure.
Meanwhile, over in Redmond, Microsoft stepped in it again over alleged use of Chinese engineers for US defense tech support, raising alarms on Capitol Hill. Senator Tom Cotton fired off a very spicy letter to Defense Secretary Pete Hegseth demanding a full rundown of all contractors with Chinese tech personnel. And former White House cyber advisor Richard Cressey went on record, torching Microsoft’s persistent “treat security as an annoyance” approach. He’s calling for a full government pause on Microsoft procurements until they can prove, with receipts, that their house is finally in order.
On the flip side, accusations of hardware backdooring are flying in both directions. China’s cyber regulator summoned Nvidia to answer claims their H20 AI chips include tracking and kill-switch features—claims Nvidia, for its part, flatly denies.
So, Ting’s expert recommendations for this week: Patch those SharePoint servers now, get your systems off public internet exposure, and don’t sleep on MFA and network segmentation. Critical infrastructure ops—double-check your supply chains and vendor access. And everybody, keep security training sharp. The greatest vulnerability is still, unfortunately, us.
Thanks for tuning in to Digital Dragon Watch. Don’t forget to subscribe for your weekly cyber scoop—because with China in the mix, peace and quiet is never guaranteed. This has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta