In the debut episode of “Exploited: The Cyber Truth,” host Paul Ducklin talks with Joseph M. Saunders, CEO and Founder of RunSafe Security, about the serious threat Volt Typhoon poses to critical infrastructure in the U.S. and beyond. What makes this Chinese state-sponsored group so dangerous, and how are they exploiting the software in devices that make our world run?

Joe breaks it all down, explaining the big-picture geopolitical motivations behind these attacks. You’ll also learn how attackers use memory-based vulnerabilities to quietly gain long-term access to critical systems without leaving obvious clues.

In this episode:

• How Volt Typhoon is targeting critical infrastructure in sectors like transportation, communications, and financial services to create potential footholds for future conflicts
• Why memory-based vulnerabilities are a major risk, enabling attacks that are hard to detect and trace
• Practical ways to secure systems—like rewriting code in memory-safe languages or using advanced memory protection techniques like load-time function randomization
• How Secure by Design and Secure by Demand initiatives can drive adoption of practices to improve cybersecurity in critical infrastructure