This is your US-China CyberPulse: Defense Updates podcast.

Hey listeners, Ting here, your friendly neighborhood China-and-cyber nerd, coming in hot with this week’s US‑China CyberPulse.

Let’s start with Washington, because Congress has been treating Chinese cyber threats like a full‑time job. The new Fiscal Year 2026 National Defense Authorization Act, the NDAA, just signed by President Donald Trump, hard‑wires China into the US cyber playbook. According to analysis from law firm Crowell & Moring, the act forces mandatory notification for US investments in Chinese advanced tech like semiconductors, AI, and quantum, and even lets the government block those deals outright when they smell national‑security risk. That’s classic “follow the money” defense: starve the PLA’s digital war machine before the code is even written.

Inside the Pentagon, the NDAA reads like a to‑do list for cyber survival. It orders the Department of Defense to harmonize cybersecurity rules across the defense industrial base so contractors aren’t juggling 19 conflicting checklists, and it pushes the Cybersecurity Maturity Model Certification from “nice‑to‑have” to “comply or lose the contract.” Crowell & Moring also notes new directives for an AI/ML cybersecurity policy, AI sandbox testbeds, and NSA‑driven AI security guidance, all explicitly framed around threats from nation‑state adversaries like China stealing or poisoning US AI models.

On Capitol Hill, China is now basically a reserved keyword. The House recently passed the Strengthening Cyber Resilience Against State‑Sponsored Threats Act, highlighted by MeriTalk, which would create a China‑focused cyber task force inside the federal machinery. Meanwhile, US lawmakers just sent a letter to Defense Secretary Pete Hegseth, reported by the Times of India, pressing the Pentagon to blacklist 17 Chinese tech firms, including DeepSeek and Xiaomi, as “Chinese military‑linked” under the 1260H list. That’s not just trade policy; it’s about ripping out potentially compromised hardware and AI platforms from the US military’s digital bloodstream.

On the private‑sector front, US defense and cloud providers are quietly shifting from passive firewalls to active hunting. The Pentagon’s formal rollout of CMMC, covered by MeriTalk, forces thousands of US suppliers—from small tooling shops in Ohio to satellite firms in California—to implement continuous monitoring, zero‑trust architectures, and rigorous incident reporting if they want DOD dollars. That massively raises the cost of long‑dwell Chinese campaigns like the Salt Typhoon and BRICKSTORM operations that CISA and international partners warned about earlier this year.

Internationally, the play is teamwork. CISA’s joint advisories with allies on China‑linked malware families, and the NSA‑hosted AI Security Center’s guidance, described in NDAA commentary, are building a shared doctrine so the US, the UK, Japan, and others can spot the same Chinese TTPs—tactics, techniques, and procedures—in real time and push back in a coordinated way.

Overlay all this with what the Pentagon’s annual China report relayed from CrowdStrike: a 150 percent jump in China‑linked intrusions in a single year. That’s the background music for everything I just walked you through—more attacks, more AI in the kill chain, and a US response that’s finally starting to look like an ecosystem instead of a patchwork.

I’m Ting, thanks for tuning in, and don’t forget to subscribe so you don’t miss the next breach breakdown. This has been a quiet please production, for more check out quiet please dot ai.

For more http://www.quietplease.ai


Get the best deals https://amzn.to/3ODvOta

This content was created in partnership and with the help of Artificial Intelligence AI

This is your US-China CyberPulse: Defense Updates podcast.

Hey everyone, Ting here, diving into what's been absolutely wild in the cyber trenches this past week. So strap in because the US-China cyber battlefield just got a whole lot more interesting.

Let's kick off with what Taiwan's deputy foreign minister was doing slipping quietly into Israel in early December. Nobody wanted to talk about it publicly, but this is huge for understanding where security cooperation is heading. Taiwan and Israel are building these discreet ties in cybersecurity and AI, and the genius part is how they're hiding in plain sight. We're talking dual-use tech where a cyber assessment becomes a national security upgrade or an AI model transforms into infrastructure protection tools. The US is basically green-lighting this under the radar because it keeps things from escalating with Beijing while still getting critical expertise flowing.

Now flip to the Hill where Representative Andrew Garbarino is sweating bullets about the Cybersecurity Information Sharing Act hitting a deadline on January 30th, 2026. This law lets companies and government share threat intel without getting sued, and it literally sunsetted at the end of September. Garbarino's racing to make it permanent because every single person meeting with him is panicking about it. The guy knows this cannot lapse again, and he's trying to shove it into must-pass bills just to keep the whole thing from collapsing.

Meanwhile, Chinese state-linked hackers are absolutely exploiting a critical zero-day flaw called CVE-2025-20393 in Cisco's Email Security Appliances, granting root access since November without patches. This is the kind of persistence that keeps CISA analysts up at night. These threat actors are executing what looks like pure espionage operations, and security experts are pointing out this aligns perfectly with leaked Chinese military documents about exploiting foreign vendors for cyber dominance.

Here's where it gets spicy though. Congress is literally pushing back against Trump administration moves to let Nvidia sell advanced H200 chips to China. Representative Brian Mast introduced the AI OVERWATCH Act requiring Congress get alerts before advanced semiconductor sales go to Beijing. Gregory Meeks proposed the RESTRICT Act to straight-up ban these exports. They're arguing that keeping China locked out of cutting-edge chips is essential to maintaining US AI leadership.

But wait, there's more. China just tightened its own cybersecurity laws effective January 1st, 2026, hiking penalties from one million yuan up to ten million yuan for critical infrastructure operators. That's roughly 1.4 million dollars. They're also expanding extraterritorial reach, meaning any overseas conduct endangering Chinese cybersecurity now falls under their jurisdiction. It's basically their way of showing they can play hardball too.

And senators Maggie Hassan and Gary Peters just sent letters December 18th targeting major construction firms about their use of Chinese-made DJI drones on sensitive infrastructure. They're arguing these create pathways for transferring national security information straight to Beijing.

Thanks so much for tuning in, listeners. Make sure to subscribe for more cyber intelligence breakdowns. This has been Quiet Please, for more check out quietplease dot ai.

For more http://www.quietplease.ai


Get the best deals https://amzn.to/3ODvOta

This content was created in partnership and with the help of Artificial Intelligence AI

This is your US-China CyberPulse: Defense Updates podcast.

Hey listeners, Ting here, your go-to gal for all things China cyber chaos and hacking hijinks. Buckle up, because this past week in the US-China CyberPulse has been a non-stop thrill ride of zero-days, blacklists, and AI arms races—straight out of a spy thriller, but with more firewalls.

Picture this: I'm sipping my baijiu-laced energy drink when Cisco Talos drops a bombshell. A China-nexus crew, let's call 'em the Shadow Quirks, has been exploiting a zero-day in Cisco Secure Email Gateway since late November. CVE-2025-20393 lets them plant backdoors and wipe logs on hundreds of exposed gateways worldwide—India, Thailand, US systems lighting up like a bad pachinko machine. Shadowserver Foundation's Peter Kijewski says it's targeted, not mass chaos, but Cisco's yelling "rebuild everything!" No patch yet, just full nukes. Classic Beijing playbook: sneaky, persistent, and loving those Spam Quarantine features.

Meanwhile, over in DC, lawmakers are swinging the banhammer. Republicans want Xiaomi and DeepSeek slapped onto the Pentagon's list of China military-linked firms, joining Tencent and CATL. South China Morning Post reports this as part of the endless tech war tango. Trump's already signed a defense bill curbing investments in Chinese biotech and dual-use tech—outbound cash to PLA pals? Hard no. And get this: Nvidia's H200 AI chips are under inter-agency review for China sales, Commerce, State, Energy, Defense all piling on. Elon Musk even chimed in on X, agreeing with Adam Kobeissi that America's stagnant 1.3 terawatt grid is a "major competitive disadvantage" against China's 3.75 terawatts fueling their AI beast.

Private sector's not sleeping. US gov's pushing to privatize cyber ops, enlisting firms for offensive hacks against China-style espionage-crime mashups, per Security Conversations podcast with Juan Andres Guerrero-Saade and crew. Amazon caught a North Korean infiltrator via 110ms keystroke lag—hilarious, right? Too slow for Seattle. And ESET spotted LongNosedGoblin, a fresh China APT using Windows Group Policy for Southeast Asia gov surveillance.

Defensive strategies? Trump's halted retail CBDC to shield the dollar, while China's e-CNY hit $986B but lost $2B to DPRK hackers—prompting Beijing's beefed-up Cybersecurity Law penalties and AI fraud detectors. International angle: new US security strategy dials back China hostility, SCMP editorials note, but lawmakers still eye TikTok's algo spin-off warily.

Emerging tech-wise, privacy regs are exploding—EU GDPR fined TikTok €530M for China data dumps, Texas AG Ken Paxton grabbed $2.775B from Meta and Google. US bets on AI firewalls against "insider" agents, per GovTech's 2026 predictions, as CCP's Five-Year Plan hands hackers a Western tech hit-list.

Whew, from Cisco breaches to blacklists, America's hardening shields while China's AI models like DeepSeek and Moonshot rival US giants. Stay vigilant, patch fast, and laugh at the lag—it's the only way to win this pulse-pounding game.

Thanks for tuning in, listeners—subscribe now for more cyber spice! This has been a Quiet Please production, for more check out quietplease.ai.

For more http://www.quietplease.ai


Get the best deals https://amzn.to/3ODvOta

This content was created in partnership and with the help of Artificial Intelligence AI

This is your US-China CyberPulse: Defense Updates podcast.

Hey listeners, Ting here, your go-to gal for all things China cyber chaos and hacking hijinks. Buckle up, because this week's US-China CyberPulse has been a whirlwind of firewalls flying up faster than a Beijing traffic jam.

Picture this: I'm huddled over my triple-monitor setup in my dimly lit war room, caffeine IV dripping, as Senator Rick Scott drops a bombshell letter to DoW Secretary Pete Hegseth. He's pushing to slap Alibaba—yep, that e-commerce behemoth—and other CCP-linked giants like Tencent onto the 1260H list. Why? Salt Typhoon hacks and the F5 breach prove China's civil-military fusion is turning shopping carts into spy tools, funneling US customer data straight to the PLA. Financial Times intel backs it, detailing how Alibaba hands over IP addresses, Wi-Fi deets, and zero-day vulns to Xi's crew. Scott's not messing around—time to blacklist these data vampires.

Meanwhile, the DOJ's Data Security Program kicked into high gear on October 6, but this week it's flexing hard against China, Cuba, Iran, and the gang. Companies can't touch sensitive US personal or gov data with "countries of concern" without risking the slammer. Enforcement's live, and it's got private sector suits scrambling to audit their China supply chains.

Over in Congress, Rep. Gregory Meeks and Rep. Josh Gottheimer teamed up with 13 Dems to unleash the RESTRICT Act, slamming the door on H200 AI chips heading to China. Trump's sale of those bad boys? Meeks calls it national security for sale, supercharging PRC's military AI. The bill codifies export bans, carves safe paths for US firms abroad, and adapts as tech evolves—no more feeding the dragon our best silicon.

But hold onto your keyboards—Anthropic's Logan Graham testified this week at a House Homeland Security hearing about Chinese hackers jailbreaking Claude AI for cyberespionage blitzes on 30 global targets. They automated 80-90% of attack chains, from recon to payloads, dodging safeguards with obfuscation networks. Graham's red team says it's proof-of-concept nightmare fuel; even if US firms lock down, hackers pivot. Google VP Royal Hansen fires back: defenders, weaponize AI for patching! XBOW's startup crew is already hunting vulns with agentic AI, turning offense into defense.

Trump inked the NDAA too, pumping $73 million into Cyber Command ops, $314 million more for digital warfare—hello, upgraded US cyber muscle. Sen. Tom Cotton's nagging the White House on open-source software risks, while CSA pushes new AI Controls Matrix tweaks for prompt injection shields and shadow AI hunts.

China's not sleeping—draft gen AI safety standards from CSET translations clamp down on "objectionable" outputs, but wink at cyber misuse evals from state think tanks. World Internet Conference floats UN-led frontier AI governance, led by Zeng Yi, eyeing CBRN risks. Still, their hackers are sprinting ahead.

Whew, listeners, from chip walls to AI arms races, America's drawing lines in the silicon sand. Stay vigilant—patch now, probe later.

Thanks for tuning in, and don't forget to subscribe for more CyberPulse thrills! This has been a Quiet Please production, for more check out quietplease.ai.

For more http://www.quietplease.ai


Get the best deals https://amzn.to/3ODvOta

This content was created in partnership and with the help of Artificial Intelligence AI

This is your US-China CyberPulse: Defense Updates podcast.

Hey listeners, Ting here, your go-to cyber sleuth on all things China hacks and digital showdowns. Picture this: I'm hunkered down in my neon-lit war room, screens flickering with the latest US-China CyberPulse, and whoa, the past week has been a fireworks show of espionage, patches, and power plays. Starting December 10, Cisco Talos drops a bombshell—Chinese hackers, linked to state crews, have been exploiting a zero-day in Cisco Secure Email Gateway and AsyncOS since late November, slamming Spam Quarantine features for backdoor bliss. No patch yet, folks; Cisco's yelling "wipe and rebuild" like it's a bad breakup. Kevin Beaumont's calling it a nightmare for big orgs, and I'm nodding—persistent access in email gateways? That's chef's kiss cyber stealth.

Fast-forward to December 15, President Trump's executive order on AI hits, banning states from meddling in AI regs and yanking broadband funds from rule-breakers. Scott Kupor from the Office of Personnel Management backs it with a fiery memo: federal agencies, hustle up that AI, cyber, and data science talent now, or get left in China's dust. Evrimagaci reports the US leads in advanced models and chips, but China's deploying AI everywhere like candy at a parade. Trump's crew is all-in on innovation over red tape, sparking state lawsuits, but hey, it's turbocharging defenses.

Then bam, December 16: CISA, NSA, and Canadian Cyber Centre unmask BRICKSTORM malware—Chinese state-sponsored badness burrowing into VMware vSphere and Windows for North American govs, IT firms, and critical infra. Smarter MSP's roundup screams persistence city. Same day, Craig Singleton's House testimony via Foundation for Defense of Democracies paints China's hybrid warfare masterpiece: APT31 hitting Czech Foreign Ministry since 2022, per Prague's callout, with President Petr Pavel equating it to Russia's sabotage. It's espionage pre-positioning in networks, ports, and research—think Confucius Institutes morphing into leverage levers.

US counters hard: Trump's nominating Army Lt. Gen. Joshua Rudd for NSA/Cyber Command helm, his Indo-Pacific chops perfect for China smackdowns, per Nextgov. CISA's pumping Cross-Sector Cybersecurity Performance Goals 2.0 with NIST tweaks, while Anthropic sniffs out the first AI-powered CCP cyberespionage op on December 17 testimony—detected in weeks via cyber classifiers and YARA rules, shared straight to Uncle Sam. Salt Typhoon's US gov breach earlier this year? Still stinging, with telecoms and defense hit by zero-days.

Private sector's grinding: Microsoft's December patches fix exploited CVE-2025-62221; Fortinet seals auth bypasses in FortiOS. China's no slouch—CAC's Incident Reporting Measures kicked in November 1, classifying data thefts as major threats, and CSL amendments drop January 1 with AI boosts and extraterritorial teeth. Mayer Brown notes it's all about assertive data governance.

MITRE's expanding D3FEND ontology for OT environments, and Congress eyes cyber protections in FY2026 defense bills. Witty aside: China's grabbing US DOE-funded nuclear research via sneaky partnerships, per Washington Times—talk about biting the hand that funds you!

Listeners, stay patched, talent-hunt like mad, and watch those supply chains. Thanks for tuning into CyberPulse with Ting—subscribe for the unfiltered hacks, and remember, vigilance is your best firewall. This has been a Quiet Please production, for more check out quietplease.ai.

For more http://www.quietplease.ai


Get the best deals https://amzn.to/3ODvOta

This content was created in partnership and with the help of Artificial Intelligence AI

This is your US-China CyberPulse: Defense Updates podcast.

Hey listeners, Ting here, your friendly neighborhood China-and-cyber nerd, and this week’s US‑China CyberPulse is…busy.

Let’s start with Washington hardening the digital moat. Buried in the latest National Defense Authorization Act, Section 1692 tightens who can even touch Department of Defense cloud systems, explicitly locking out citizens from “foreign countries of concern” like China from admin, maintenance, or even indirect access. GovWin IQ notes this forces a sweep of existing contracts, which means a lot of quiet offboarding and re-architecting in defense clouds as we speak. That’s not “zero trust,” that’s “zero chance you’re from Beijing and holding root.”

Over at CISA, updated Cybersecurity Performance Goals push critical infrastructure toward real zero‑trust, stronger supply‑chain defenses, and clearer incident-response comms. Utility Dive reports they even added a “Govern” category, basically telling CEOs, “You own this, not just your CISO.” That lands squarely on Chinese threat activity: think Volt Typhoon‑style infiltrations into power, ports, and telecom; the new goals assume that kind of long-term pre-positioning is the norm, not the edge case.

Now zoom into the Pentagon’s soft underbelly: operational technology. Lawfare highlights how air‑gapping is basically a myth and how some China-made infrastructure devices quietly phone home. The emerging strategy isn’t “rip everything out tomorrow,” but catalog every OT asset, assume it touches the internet, and then wrap it with controls designed to survive compromise, especially when Chinese hardware is embedded in the stack. It’s like discovering your base has smart lightbulbs from Shenzhen…then deciding the new policy is: every bulb is hostile until proven otherwise.

On the private-sector flank, Anthropic’s national security head Tarun Chhabra just told the Senate Foreign Relations Subcommittee that Anthropic not only blocks model access from China, but also from China-tied companies. That’s a US company turning its AI stack into a strategic asset, not just a product. Combine that with Trump’s recent executive order centralizing AI policy at the federal level, described by firms like Fenwick as an explicit move to keep US AI ahead of China, and you get the new defense perimeter: the model, the data center, and who’s allowed to query what.

Internationally, US cyber teams are tightening playbooks with allies, borrowing from Five Eyes-style intelligence sharing and joint exercises, as highlighted by Atlantic Council’s Cyber Statecraft work. The idea is simple: if China hits one grid, everyone’s sensors light up, and response turns from solo to swarm.

On the tech front, SOC Prime’s write‑up of fresh React RSC vulnerabilities is a reminder that Chinese operators don’t need zero‑days in nukes when your front-end app leaks source or falls to a DoS. The defensive trend here is faster detection-as-a-service, threat hunting tied to specific PRC clusters, and auto-patching pipelines baked into DevSecOps.

So, listeners, the pattern this week is clear: fewer naïve assumptions, more hard lines—on identity, on hardware, on AI access, and on who gets to sit anywhere near the cloud.

Thanks for tuning in, and don’t forget to subscribe so you don’t miss the next pulse. This has been a quiet please production, for more check out quiet please dot ai.

For more http://www.quietplease.ai


Get the best deals https://amzn.to/3ODvOta

This content was created in partnership and with the help of Artificial Intelligence AI

This is your US-China CyberPulse: Defense Updates podcast.

Hey listeners, Ting here, your go-to cyber sleuth on all things China hacks and digital dodgeballs. Picture this: I'm hunkered down in my neon-lit war room, screens flickering with the latest US-China CyberPulse, and whoa, the past week's been a rollercoaster of Salt Typhoon storms and chip showdowns. Let's dive right in, because if you're not encrypting your calls, Chinese hackers might just be eavesdropping on your grandma's bingo plans.

Senator Mark Warner dropped a bombshell at the Defense Writers Group, warning that China's Salt Typhoon crew—tied straight to the Ministry of State Security—is still burrowed deep in US telecom giants like Verizon and AT&T. This two-year espionage fest lets them snag unencrypted calls from practically every American. Warner's fuming over a "frustrating" briefing where the FBI claims networks are "pretty clean," but NSA docs scream ongoing intrusions. He's pushing bills for mandatory cybersecurity standards, but telecoms are balking at the billion-dollar rip-and-replace costs. Meanwhile, Huntress labs confirm Salt Typhoon's playbook: exploiting router vulns, sniffing packets with native tools, and tunneling data out via GRE and IPsec. FBI's even slapped a $10 million bounty on their heads, and Treasury sanctioned Sichuan Juxinhe Network Technology for pitching in.

On the policy front, Trump's fresh National Security Strategy screams "America First" cyber deterrence, prioritizing AI supremacy and encircling China without full-on brawl. But get this—White House AI czar David Sacks spilled to Bloomberg that Beijing's snubbing Nvidia's H200 chips, our "lagging" export ploy to steal Huawei's lunch. China Daily gloats they're pumping $70 billion into homegrown semis, with embassy spokesperson Liu Pengyu urging supply chain stability. Nvidia's shrugging it off, still chasing licenses, but Sacks admits the cat's out of the bag on our market-share gambit.

Private sector's firing back hard. ServiceNow's inked a potential $7 billion swoop for Armis—those Israeli cyber vets tracking sneaky devices in med, finance, and defense. It's their biggest buy yet, weaving AI threat-hunting into workflows amid Anthropic's bust of a Chinese AI-boosted hack op targeting 30 peeps. Republicans like Scott Perry are all-in on data center booms for the AI arms race, tweaking FERC rules so Big Tech foots grid upgrade bills without screwing ratepayers.

Internationally? UK's sanctioning Chinese firms drew Beijing's ire, with spokesman Guo Jiakun calling it "pernicious manipulation." China Daily blasts it as Five Eyes meddling, pushing their "community with a shared future in cyberspace" via Digital Silk Road. And upcoming CSIS chat with ex-DIA boss David R. Shedd on his book "The Great Heist" will unpack CCP's 30-year IP theft spree across chips and telecoms.

Emerging tech? NIST's rolling out post-quantum crypto guidance to thwart quantum-cracking threats, while fears mount over Chinese lidar in US gear—new bills aim to phase it out. Witty aside: if Salt Typhoon's your typhoon, Armis is the umbrella you didn't know you needed.

Thanks for tuning in, listeners—subscribe now so you don't miss the next pulse! This has been a Quiet Please production, for more check out quietplease.ai.

For more http://www.quietplease.ai


Get the best deals https://amzn.to/3ODvOta

This content was created in partnership and with the help of Artificial Intelligence AI

This is your US-China CyberPulse: Defense Updates podcast.

Hey listeners, it's Ting here, your go-to gal for all things China cyber chaos and hacker hijinks. Picture this: I'm hunkered down in my digital war room, caffeine-fueled, dissecting the past week's US-China CyberPulse frenzy as of December 13, 2025. Buckle up, because Washington's not messing around with Beijing's digital dragon breath anymore.

First off, the big kahuna: on December 10, the House smashed through the FY2026 National Defense Authorization Act with a 312-112 vote, clearing cyber gold like U.S. Cyber Command's $73 million boost for ops and $314 million for headquarters maintenance. JD Supra reports this beast expands Cyber Command's autonomy while keeping that sweet dual-hat with NSA intact—no cuts to their red-team testing or AI threat training mandates. It's tightening mobile encryption for DoD brass phones, harmonizing defense industrial base regs, and pushing AI security plus cloud enclaves overseas. Senate's voting next week before holiday recess—game changer for DoD, State, Energy, and Coast Guard cyber muscle.

Meanwhile, the BRICKSTORM malware storm hit hard. CISA and Canada's Cyber Centre dropped their December 4 analysis, fingering PRC-sponsored creeps using this sneaky backdoor for long-term squats in IT and gov networks—Windows, VMware vCenter, ESXi, you name it. Acting CISA Director Madhu Gottumukkala warned it's not infiltration, it's embedding for sabotage. CrowdStrike tags WARP PANDA, those cloud-savvy Chinese ops-sec wizards, as deployers. China embassy in Canada fired back, calling the U.S. the real "hacker empire." Then boom—UK's National Cyber Security Centre sanctioned Sichuan Anxun Information Technology, aka i-Soon, and Integrity Technology Group on December 9 for reckless hacks on 80+ systems. Australia cheered 'em on December 10. U.S. already hit 'em, but Salt Typhoon telecom carnage paused more sanctions to save Trump's November 1 trade deal—critics say it's greenlighting espionage.

Private sector's firing too: Anthropic's team disrupted a Claude AI-orchestrated espionage op in September, but Booz Allen CEO Horacio Rozanski yelled on December 12 at Reagan National Defense Forum that we're not ready for China's AI cyber apocalypse. They're building the Three-Body Computing Constellation—2,800 sats for quintillion ops/sec by 2026, eyeing space-based attacks on GPS. Rozanski says U.S. leads now, but Beijing's surging.

Rep. Raja Krishnamoorthi's SAFE LiDAR Act just dropped, phasing out China-tied LiDAR in fed gov and critical infra—think autonomous vehicles spying via laser mapping. His bill warns CCP dominance hands 'em espionage gateways.

International vibes? CMMC enforcement bit DoD contractors hard November 10—no grace, pure pain. Salt Typhoon lurked since 2019, hitting 200+ U.S. orgs via telecoms. Google's Cloud CISO forecast nails it: foes like ShadowV2 botnet prove AI malware's here, from code-writing spies to preemptive defenses.

Whew, listeners, from policy hammers to tech shields, U.S. defenses are pulsing stronger against China's shadow ops. Stay vigilant—patch those edges, segment networks, hunt BRICKSTORM IOCs.

Thanks for tuning in—subscribe for more cyber spice! This has been a Quiet Please production, for more check out quietplease.ai.

For more http://www.quietplease.ai


Get the best deals https://amzn.to/3ODvOta

This content was created in partnership and with the help of Artificial Intelligence AI

This is your US-China CyberPulse: Defense Updates podcast.

Hey listeners, Ting here, your resident China-and-cyber nerd, and this week’s US‑China CyberPulse is…spicy.

Let’s start with the big alarm bell: according to a recent warning from the US Cybersecurity and Infrastructure Security Agency, senior official Eric Goldstein and colleagues say Chinese state-backed operators have already burrowed into US water systems, power grids, telecom networks, cloud providers, and even identity systems, using a “pre‑positioning” strategy — planting malware now so it’s ready to fire in a Taiwan or South China Sea crisis. CISA is shifting hard toward hunting that dormant access across operational technology and industrial control systems, and they’re pushing operators to crank up logging and telemetry so those faint Chinese footprints can’t hide in the noise.

On the strategic side, Check Point Software’s latest assessment on US critical infrastructure says the quiet spying era is over; Chinese and other state-aligned groups are treating persistent access as a latent strategic weapon, not just a data vacuum. They’re mixing espionage, disruption, and psychological ops, and leaning on zero‑days, identity abuse, and supply‑chain compromise as standard tradecraft. That’s exactly why US policymakers and think tanks like the Atlantic Council are doubling down on “zero trust” architectures, data resilience, and continuous threat hunting as the new normal.

Policy-wise, Washington is conflicted. CyberNews reports that the Trump administration has been soft-pedaling public retaliation for China-linked “Salt Typhoon” activity, even rolling back some FCC telecom rules inspired by that campaign while prioritizing trade talks with Beijing. At the same time, lawmakers like John Cornyn and Gary Peters are reviving a bill to harden commercial satellite operators, forcing tighter cybersecurity baselines on the space layer that US forces would rely on in any showdown with the People’s Liberation Army.

Meanwhile, the private sector is not waiting around. CrowdStrike just bragged that its Falcon platform hit 100 percent detection and protection in the latest MITRE ATT&CK evaluation, zero false positives, which is basically an arms‑race flex aimed squarely at state-backed crews out of places like Chengdu and Tianjin. And Nvidia, under heavy scrutiny after US criminal cases exposed China‑linked smuggling rings for its AI chips, is rolling out location‑tracking safeguards and GPU telemetry tools so data‑center operators can spot diverted or tampered hardware, closing one more loophole that Chinese buyers have been exploiting.

Internationally, the narrative war is heating up too. At a Beijing press conference, Foreign Ministry spokesperson Guo Jiakun flipped the script, calling China “the biggest victim of cyberattacks” and accusing the US National Security Agency of hacking China’s National Time Service Center with help from the UK. That’s Beijing’s way of framing US and UK sanctions and indictments as politicized and hypocritical, even as Western agencies document China’s own pre‑positioning in critical infrastructure.

Technically, the defense trend line is clear: more zero trust, more AI‑driven threat hunting, more secure‑by‑design mandates, and more joint operations between government and big vendors to actually disrupt Chinese infrastructure, not just file angry reports. The open question is whether politics and trade will let those defenses move as fast as the operators in the Ministry of State Security.

That’s your US‑China CyberPulse for the week. Thanks for tuning in, and don’t forget to subscribe so you don’t miss the next breach breakdown. This has been a quiet please production, for more check out quiet please dot ai.

For more http://www.quietplease.ai


Get the best deals https://amzn.to/3ODvOta

This content was created in partnership and with the help of Artificial Intelligence AI

This is your US-China CyberPulse: Defense Updates podcast.

Hey listeners, Ting here, your friendly neighborhood China-and-cyber nerd, and this week’s US‑China CyberPulse is…spicy.

Let’s start on Capitol Hill. Politico reports that the new National Defense Authorization Act is quietly turning U.S. Cyber Command into a reinforced bunker, with language that blocks any move to weaken the commander’s authority and pours more money into cyber operations and AI‑driven defense tools. Over at Nextgov and Bloomberg Government, the same bill is backing a roughly $900‑billion national security package that hardens critical infrastructure, restricts U.S. exposure to sensitive Chinese sectors like biotech, and orders the Pentagon to harmonize thousands of messy cybersecurity requirements for defense contractors. Translation: if you build anything for the military, your cyber homework just got standardized and much, much more China‑focused.

Zoom in on the threat picture. A recent Check Point report, highlighted by Politico, says China’s state‑linked operators, including groups like Volt Typhoon, are digging in for long‑term access to U.S. energy, transport, and government networks, not to blow things up today, but to hold leverage tomorrow. CISA and NSA are simultaneously warning about Chinese‑linked “BRICKSTORM” backdoor malware going after VMware vSphere and vCenter, quietly living in the virtualization layer where most endpoint tools can’t see. If you’re an enterprise CIO listening to this on your commute, your hypervisor is now officially the new crown jewel.

So how is Washington answering? First, by policy reset. National Defense Magazine notes that the new U.S. National Security Strategy puts technological sovereignty front and center, explicitly framing China as the main competitor in digital infrastructure, AI, and supply chains. That connects directly to export controls, investment screening, and pressure on allies to line up their own cyber rules with Washington’s.

Second, by tightening public‑private teamwork. Industrial Cyber reports that CISA just launched an Industry Engagement Platform, basically a fast lane for companies, universities, and researchers to pitch new defensive tech—think AI‑assisted threat hunting, quantum‑resistant crypto, secure cloud architectures—straight to government operators. That’s the U.S. betting that the next big counter to Chinese threat actors will probably come out of a startup in Austin or an R&D lab in Boston, not just a SCIF at Fort Meade.

Third, by building international muscle. The same NDAA text, according to Nextgov and Politico, leans hard on NATO partners and Indo‑Pacific allies to lock down shared infrastructure and align standards, especially around AI security and commercial spyware misuse. It’s no longer “America versus Chinese hackers”; it’s a coalition trying to close every gap Beijing can route traffic through.

So if you connect the dots—Chinese persistence in U.S. critical networks, new U.S. cyber spending, CISA’s industry pipeline, and a sovereignty‑obsessed security strategy—you get a clear picture: the U.S. isn’t treating Chinese cyber as background noise anymore. It’s treating it as the main stage.

I’m Ting, thanks for tuning in, and don’t forget to subscribe so you don’t miss the next CyberPulse. This has been a quiet please production, for more check out quiet please dot ai.

For more http://www.quietplease.ai


Get the best deals https://amzn.to/3ODvOta

This content was created in partnership and with the help of Artificial Intelligence AI