This is your China Hack Report: Daily US Tech Defense podcast.Hey listeners, Ting here, your friendly cyberspace tour guide, and I’ve got breaking updates from the overnight digital battlefield. If you left your firewalls running but your credit card in your back pocket, buckle up—China-linked hacking groups have been lighting up the boards again, with consequences echoing from Wall Street to industrial shop floors.Let’s start with what everyone’s talking about at US tech defense: Google, led by General Counsel Halimah DeLaine Prado, dropped a lawsuit yesterday hammering a China-based cybercriminal gang called Lighthouse. Their phishing operation just compromised up to 100 million US credit cards in a matter of weeks. No exaggeration—they impersonated Google with over 100 fake sites, snagged passwords, tricked folks with “unpaid toll” and “missed package” scams, and then siphoned off millions. It’s a digital heist of Ocean’s Eleven proportions, happening in your inbox.Next up, pin your ears back for zero-day drama. Amazon’s MadPot honeypot—a global ambush network for hackers—caught Citrix and Cisco in the crosshairs. Critical vulnerabilities CVE-2025-5777 and CVE-2025-20337 were actively exploited before patch alerts even hit the streets. The Citrix Bleed 2 exploit lets attackers siphon data from NetScaler ADC and Gateway appliances. Meanwhile, the Cisco ISE hole scored a perfect 10 on the risk-o-meter, letting bad actors install “IdentityAuditAction,” a custom webshell capable of root access and sneaky code execution. How sneaky? DES encryption, non-standard base64, and hijacking Tomcat threads—think Mission Impossible for nerds.Amazon couldn’t hard-pin attribution, but the advanced techniques, multi-zero-days, and targeting style reek of a sophisticated state-sponsored attacker. Organizations have one job: patch—now—and restrict edge device exposure like your next pizza delivery depends on it. CISA and DHS have put out urgent bulletins. If you’re running NetScaler or Cisco ISE, drop everything—update, segment, and review logs ASAP.Did someone say industrial sabotage? Socket’s Threat Research Team just exposed nine malicious NuGet packages—authored under the alias shanhai666—that quietly sabotage industrial PLCs, targeting safety systems. The malware, written in C#, can crash applications and silently corrupt database queries 30 to 90 minutes post-installation. Bonus: code comments in Mandarin, Chinese internet slang, and forged Microsoft code-signing—can you say APT41 fan club? If you build anything with SQL Server, PostgreSQL, or sharp7, check dependencies now, or you’ll be chasing random shutdowns that look like flaky hardware. The advice? Audit, nuke, and rebuild—compromised means compromised.On the ransomware front, there’s fresh evidence out of Guangzhou. Security feeds picked up a Cobalt Strike beacon at IP 43.139.169.60 port 8009, a sure sign China’s toolkits are active and probing. Cobalt Strike’s used for lateral movement and remote control in enterprise hacks—if your servers ping back to Guangzhou, get onto your IR team before your morning coffee.As for sectors in the firing line: financial, telecom, and energy remain on DEFCON 1. Not only have US government agencies like the EPA expanded protocols to head off water infrastructure hits, but CISA reiterated Shields Up advisories for oil, gas, and critical infrastructure, stressing renewed credential audits and zero-trust segmentation.Immediate defensive actions you can take: apply vendor emergency patches for Citrix and Cisco, audit all open-source dependencies especially in ICS and .NET environments, segment network access, kick off credential rotation, and enable multi-factor authentication everywhere.From bustling Shanghai to your own login page, this digital cat-and-mouse never sleeps. Thanks for tuning into China Hack Report: Daily US Tech Defense—where it’s always zero-day somewhere. Smash that subscribe button and stay alert—I’m Ting, and this has been a quiet please production, for more check out quiet please dot ai.For more http://www.quietplease.aiGet the best deals https://amzn.to/3ODvOtaThis content was created in partnership and with the help of Artificial Intelligence AI

Ver todos los episodios