This is your China Hack Report: Daily US Tech Defense podcast.Hey listeners, I’m Ting, your one-woman firewall bursting with all the latest China cyber shenanigans! Buckle in: here’s what you’ve got to know about today’s critical China-linked activities hitting US tech and defense.The top headline you literally cannot ignore: suspected Chinese state-backed hackers are in the spotlight for hammering the Congressional Budget Office in Washington. That’s not just any agency—they advise Congress on everything from spending to deficits. The breach, disclosed to congressional staff, may have exposed juicy details about US lawmakers’ comms and even Congressional cost projections, which Beijing would definitely like to peek at. This alert came out while most of the CISA workforce was still furloughed for the ongoing government shutdown—talk about terrible timing. The office’s spokesperson says containment happened fast and extra monitoring’s in place, but the hackers’ full reach is still under investigation. Notably, Capitol Hill IT told staffers: don’t touch CBO links right now because their own accounts may still be booby-trapped.Zooming out, the Salt Typhoon group—yes, the same squad the FBI says may have stolen data from “nearly every American”—is causing international heartburn. Salt Typhoon is backed by the Chinese state and has hit at least 200 companies in 80 countries since 2019, but the US round this week is another big deal. Their specialty: targeting the networks that keep our world humming—telecoms, government servers, even military infrastructure. AT&T, T-Mobile, Verizon, no one is safe. Intelligence agencies from the UK, Germany, and Japan have all linked arms with the US in a rare united front, urging companies to hunt for intrusions and implement every mitigation in the new CISA security advisory. The FBI’s even tacked a $10 million bounty for leads on these folks—so if your cousin’s a Salt Typhoon insider, now’s the time to turn them in!For newly discovered malware, researchers have identified “spinstallX.aspx” scripts showing up in SharePoint deployments, the calling card of this summer’s ToolShell attack. After Vietnamese researcher Dinh Ho Anh Khoa demoed vulnerabilities at Pwn2Own Berlin, Chinese actors—namely Linen Typhoon, Violet Typhoon, and Storm-2603—weaponized the flaws before Microsoft even finished patching. Microsoft’s MAPP program, which shares vulnerability details pre-release with security partners, got burned when exploitation happened the exact day of its last confidential notifications. Now Microsoft has restricted access for all Chinese MAPP partners: no more proof-of-concept code, just bland written notes, and private notifications go public at the same time as patches.CISA, as usual, is not mincing words: emergency guidance went out this morning for any US org running SharePoint, especially in energy, finance, and transportation sectors. Immediate actions: patch all SharePoint servers, rotate ASP.NET machine keys, enable anti-malware interface scanning, and look for suspicious POST requests referencing /ToolPane.aspx. Disconnect internet-facing servers if they aren’t fully updated.Meanwhile, in the malware arms race, Google’s Threat Intelligence Group warns that Chinese-linked groups are now using AI-mutating malware—programs that change on the fly to dodge detection. SonicWall, Cisco, and even Samsung have had to issue high-priority emergency patches for critical vulnerabilities under active Chinese exploitation—so if you haven’t patched this week, you might as well leave your front door open.Special shout-out to US non-profits, too: Security Affairs reports a coordinated China-linked surveillance operation against a prominent policy think tank, with the goal of gaining long-term access to sensitive internal strategy documents. Cyber espionage isn’t just about governments; it's trickling straight into think tank research influencing national policy.Thanks for tuning in to China Hack Report: Daily US Tech Defense. As always, subscribe, patch like there’s no tomorrow, and beware random CBO emails! This has been a quiet please production, for more check out quiet please dot ai.For more http://www.quietplease.aiGet the best deals https://amzn.to/3ODvOtaThis content was created in partnership and with the help of Artificial Intelligence AI

Ver todos los episodios