Sign up to save your podcasts
Or
Share Ting's Tea: Salt Typhoon Sips Your Emails While China Hacks America's Backbone Through Your Favorite Cloud Apps
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Ting's Tea: Salt Typhoon Sips Your Emails While China Hacks America's Backbone Through Your Favorite Cloud Apps
This is your Dragon's Code: America Under Cyber Siege podcast.
Hey listeners, Ting here, your go-to gal for all things China cyber chaos. Picture this: I'm hunkered down in my neon-lit war room, screens flickering with the latest feeds from Cloudflare's 2026 Threat Report and Xinhua dispatches, as Dragon's Code unleashes hell on America's digital backbone. Over the past week, Salt Typhoon and Linen Typhoon—those slick Chinese state-sponsored crews—have been drilling deep into US telecom giants like AT&T, Verizon, and Lumen, plus government nets and IT services. Cloudforce One nailed it: these ops aren't smash-and-grab; they're pre-positioning for the long game, embedding backdoors for future blackouts when geopolitics heats up.
Their playbook? Pure elegance meets ruthlessness. They "live off the XaaS," hijacking legit cloud toys—Google Calendar for encrypted C2 commands via event descriptions, F5 and VMware for sticky persistence, even Azure Web Apps masked as boring enterprise chatter. No brute force; it's stealthy token theft bypassing MFA, stolen session cookies letting them waltz in under 10 minutes. Affected systems? North American telecoms got hit hardest, with a July 2025 Microsoft SharePoint compromise still echoing, plus Congressional staff emails for House committees on China policy, intel, foreign affairs, and military oversight. Salt Typhoon slipped in December, eyeing policy drafts before they hit the floor—smart, right? Financial Times spotted their subtle pivot to unclassified soft underbellies.
Attribution? Ironclad from US officials and Cloudforce One telemetry: infrastructure fingerprints match multi-year espionage patterns. CISA's fresh deets on RESURGE implant—deployed via Ivanti Connect Secure zero-day CVE-2025-0282 by China-linked UNC5221—seals it. Defensive moves ramped up fast: Florida AG James Uthmeier launched the CHINA Unit on March 3, subpoenaing Shein, Lorex, Contec, and TP-Link for data threats, zeroing in on healthcare's Chinese med devices. FBI's pushing Operation Winter Shield for better intel sharing against Chinese hackers, eyeing Taiwan invasion spillovers. Cloudflare null-routed over 550 Kimwolf C2 nodes early this year, and states like New York banned DeepSeek AI.
Lessons? Experts like Jason Hsu from US-China Economic Review Commission scream: diversify beyond subsea cables—Taiwan's prepping OneWeb satellites, we need that too. Mao Ning from China's Foreign Ministry flipped the script March 2, blasting US AI recon on their grids via Xinhua, but listeners, actions speak louder. Witty takeaway: in cyber sieges, today's "trusted" cloud is tomorrow's Trojan horse. Patch your SaaS, segment like your life depends on it—because it does.
Thanks for tuning in, listeners—hit subscribe for more Ting intel drops. This has been a Quiet Please production, for more check out quietplease.ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
Hey listeners, Ting here, your go-to gal for all things China cyber chaos. Picture this: I'm hunkered down in my neon-lit war room, screens flickering with the latest feeds from Cloudflare's 2026 Threat Report and Xinhua dispatches, as Dragon's Code unleashes hell on America's digital backbone. Over the past week, Salt Typhoon and Linen Typhoon—those slick Chinese state-sponsored crews—have been drilling deep into US telecom giants like AT&T, Verizon, and Lumen, plus government nets and IT services. Cloudforce One nailed it: these ops aren't smash-and-grab; they're pre-positioning for the long game, embedding backdoors for future blackouts when geopolitics heats up.
Their playbook? Pure elegance meets ruthlessness. They "live off the XaaS," hijacking legit cloud toys—Google Calendar for encrypted C2 commands via event descriptions, F5 and VMware for sticky persistence, even Azure Web Apps masked as boring enterprise chatter. No brute force; it's stealthy token theft bypassing MFA, stolen session cookies letting them waltz in under 10 minutes. Affected systems? North American telecoms got hit hardest, with a July 2025 Microsoft SharePoint compromise still echoing, plus Congressional staff emails for House committees on China policy, intel, foreign affairs, and military oversight. Salt Typhoon slipped in December, eyeing policy drafts before they hit the floor—smart, right? Financial Times spotted their subtle pivot to unclassified soft underbellies.
Attribution? Ironclad from US officials and Cloudforce One telemetry: infrastructure fingerprints match multi-year espionage patterns. CISA's fresh deets on RESURGE implant—deployed via Ivanti Connect Secure zero-day CVE-2025-0282 by China-linked UNC5221—seals it. Defensive moves ramped up fast: Florida AG James Uthmeier launched the CHINA Unit on March 3, subpoenaing Shein, Lorex, Contec, and TP-Link for data threats, zeroing in on healthcare's Chinese med devices. FBI's pushing Operation Winter Shield for better intel sharing against Chinese hackers, eyeing Taiwan invasion spillovers. Cloudflare null-routed over 550 Kimwolf C2 nodes early this year, and states like New York banned DeepSeek AI.
Lessons? Experts like Jason Hsu from US-China Economic Review Commission scream: diversify beyond subsea cables—Taiwan's prepping OneWeb satellites, we need that too. Mao Ning from China's Foreign Ministry flipped the script March 2, blasting US AI recon on their grids via Xinhua, but listeners, actions speak louder. Witty takeaway: in cyber sieges, today's "trusted" cloud is tomorrow's Trojan horse. Patch your SaaS, segment like your life depends on it—because it does.
Thanks for tuning in, listeners—hit subscribe for more Ting intel drops. This has been a Quiet Please production, for more check out quietplease.ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
View all episodes
By Inception Point AiThis is your Dragon's Code: America Under Cyber Siege podcast.
Hey listeners, Ting here, your go-to gal for all things China cyber chaos. Picture this: I'm hunkered down in my neon-lit war room, screens flickering with the latest feeds from Cloudflare's 2026 Threat Report and Xinhua dispatches, as Dragon's Code unleashes hell on America's digital backbone. Over the past week, Salt Typhoon and Linen Typhoon—those slick Chinese state-sponsored crews—have been drilling deep into US telecom giants like AT&T, Verizon, and Lumen, plus government nets and IT services. Cloudforce One nailed it: these ops aren't smash-and-grab; they're pre-positioning for the long game, embedding backdoors for future blackouts when geopolitics heats up.
Their playbook? Pure elegance meets ruthlessness. They "live off the XaaS," hijacking legit cloud toys—Google Calendar for encrypted C2 commands via event descriptions, F5 and VMware for sticky persistence, even Azure Web Apps masked as boring enterprise chatter. No brute force; it's stealthy token theft bypassing MFA, stolen session cookies letting them waltz in under 10 minutes. Affected systems? North American telecoms got hit hardest, with a July 2025 Microsoft SharePoint compromise still echoing, plus Congressional staff emails for House committees on China policy, intel, foreign affairs, and military oversight. Salt Typhoon slipped in December, eyeing policy drafts before they hit the floor—smart, right? Financial Times spotted their subtle pivot to unclassified soft underbellies.
Attribution? Ironclad from US officials and Cloudforce One telemetry: infrastructure fingerprints match multi-year espionage patterns. CISA's fresh deets on RESURGE implant—deployed via Ivanti Connect Secure zero-day CVE-2025-0282 by China-linked UNC5221—seals it. Defensive moves ramped up fast: Florida AG James Uthmeier launched the CHINA Unit on March 3, subpoenaing Shein, Lorex, Contec, and TP-Link for data threats, zeroing in on healthcare's Chinese med devices. FBI's pushing Operation Winter Shield for better intel sharing against Chinese hackers, eyeing Taiwan invasion spillovers. Cloudflare null-routed over 550 Kimwolf C2 nodes early this year, and states like New York banned DeepSeek AI.
Lessons? Experts like Jason Hsu from US-China Economic Review Commission scream: diversify beyond subsea cables—Taiwan's prepping OneWeb satellites, we need that too. Mao Ning from China's Foreign Ministry flipped the script March 2, blasting US AI recon on their grids via Xinhua, but listeners, actions speak louder. Witty takeaway: in cyber sieges, today's "trusted" cloud is tomorrow's Trojan horse. Patch your SaaS, segment like your life depends on it—because it does.
Thanks for tuning in, listeners—hit subscribe for more Ting intel drops. This has been a Quiet Please production, for more check out quietplease.ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
Hey listeners, Ting here, your go-to gal for all things China cyber chaos. Picture this: I'm hunkered down in my neon-lit war room, screens flickering with the latest feeds from Cloudflare's 2026 Threat Report and Xinhua dispatches, as Dragon's Code unleashes hell on America's digital backbone. Over the past week, Salt Typhoon and Linen Typhoon—those slick Chinese state-sponsored crews—have been drilling deep into US telecom giants like AT&T, Verizon, and Lumen, plus government nets and IT services. Cloudforce One nailed it: these ops aren't smash-and-grab; they're pre-positioning for the long game, embedding backdoors for future blackouts when geopolitics heats up.
Their playbook? Pure elegance meets ruthlessness. They "live off the XaaS," hijacking legit cloud toys—Google Calendar for encrypted C2 commands via event descriptions, F5 and VMware for sticky persistence, even Azure Web Apps masked as boring enterprise chatter. No brute force; it's stealthy token theft bypassing MFA, stolen session cookies letting them waltz in under 10 minutes. Affected systems? North American telecoms got hit hardest, with a July 2025 Microsoft SharePoint compromise still echoing, plus Congressional staff emails for House committees on China policy, intel, foreign affairs, and military oversight. Salt Typhoon slipped in December, eyeing policy drafts before they hit the floor—smart, right? Financial Times spotted their subtle pivot to unclassified soft underbellies.
Attribution? Ironclad from US officials and Cloudforce One telemetry: infrastructure fingerprints match multi-year espionage patterns. CISA's fresh deets on RESURGE implant—deployed via Ivanti Connect Secure zero-day CVE-2025-0282 by China-linked UNC5221—seals it. Defensive moves ramped up fast: Florida AG James Uthmeier launched the CHINA Unit on March 3, subpoenaing Shein, Lorex, Contec, and TP-Link for data threats, zeroing in on healthcare's Chinese med devices. FBI's pushing Operation Winter Shield for better intel sharing against Chinese hackers, eyeing Taiwan invasion spillovers. Cloudflare null-routed over 550 Kimwolf C2 nodes early this year, and states like New York banned DeepSeek AI.
Lessons? Experts like Jason Hsu from US-China Economic Review Commission scream: diversify beyond subsea cables—Taiwan's prepping OneWeb satellites, we need that too. Mao Ning from China's Foreign Ministry flipped the script March 2, blasting US AI recon on their grids via Xinhua, but listeners, actions speak louder. Witty takeaway: in cyber sieges, today's "trusted" cloud is tomorrow's Trojan horse. Patch your SaaS, segment like your life depends on it—because it does.
Thanks for tuning in, listeners—hit subscribe for more Ting intel drops. This has been a Quiet Please production, for more check out quietplease.ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI