This is your China Hack Report: Daily US Tech Defense podcast.Ting here, your cyber-obsessed conduit to the latest China-linked hack drama, and trust me, the past 24 hours have been pure digital popcorn! First up, the continued epic saga of Salt Typhoon, that ninja-like Beijing-backed group. The FBI and other agencies say Salt Typhoon has now struck in over 80 countries, but these folks don’t just grab-and-go. Instead, they sneak in, settle down, and siphon data over months—sometimes years—using dormant domains that only a DNS archaeologist could find. Think hotel, telecom, and government data quietly skimmed at scale, and yes, U.S. infrastructure is always fair game. CISA is now screaming at all admin warriors to audit historical DNS logs for ghostly traces of old domain-based access, because Salt Typhoon was patient—shocking for a cyber adversary whose usual MO is smash-and-grab, not sit-and-wait.On the malware front, we saw exciting emergency alerts about BlackNevas ransomware zipping around like a caffeinated raccoon through corporate networks. This new flavor encrypts business files, then exfiltrates the juiciest bits for extortion, and it's hitting sectors like finance and logistics. AI is everywhere—Chinese hackers reportedly used AI-forged military IDs as bait in new phishing attacks targeting defense contractors and energy firms in the U.S. The crooks are crafting totally believable fake docs, receipts, and even spoofing credentials to bypass security controls. CISA, along with Google’s Threat Intelligence Group, dropped guidance recommending immediate upgrades to anti-phishing filters, and a fresh round of MFA system audits to counter the swelling tide of AI-powered social engineering.Salesforce got itself tangled up again, with hacker squads UNC6040 and UNC6395 in the mix. The first crew used voice phishing (imagine them as cyber ventriloquists!) to charm support reps into handing over credentials, while the second focused on abusing OAuth tokens linked to smart chatbots. FBI urges any org running Salesforce or Salesloft Drift to nuke old tokens and hunt for strange login attempts pronto—these groups have a taste for juicy customer and financial data.Meanwhile, the Great Firewall of China suffered an embarrassing 600GB leak. According to hacktivist group Enlace Hacktivista, internal logs and source code spilled out, exposing blueprints for deep packet inspection, mobile monitoring, and granular censorship rules. U.S. intelligence is still parsing the data, but early hints suggest that several open-source security tools were pirated and weaponized to boost the firewall’s reach. If you’re involved in network security or privacy activism, watch out—there are now fresh indicators on how the Chinese system tracks netizens and even copies Western firewall appliances.On the policy front, China is rolling out a one-hour incident reporting rule starting November 1, turning cyber defense into a real-time sport. If a data breach touches more than ten million people or nukes national infrastructure for six hours, it’s red alert—call the CAC stat. U.S. experts warn this will mean faster attribution, but also an acceleration in state-sponsored response actions, so patch your weak spots post-haste.For anybody listening from a SOC or the C-suite, your action items in the immediate term: sweep DNS logs for Salt Typhoon fingerprints, refresh all OAuth and API access keys, roll out emergency patches on anything touching customer data, and lock down your AI-generated credentials with newly updated detection rules. Thanks for tuning in and letting me infect your brain with today’s code-breaking antics. Don’t forget to subscribe for daily cyber thrills. This has been a quiet please production, for more check out quiet please dot ai.For more http://www.quietplease.aiGet the best deals https://amzn.to/3ODvOtaThis content was created in partnership and with the help of Artificial Intelligence AI

Ver todos los episodios