This is your Red Alert: China's Daily Cyber Moves podcast.Hey listeners, Ting here, your go-to cyber sleuth on all things China hacking chaos. Red Alert: China's cyber squad's been dropping bombs on US turf like it's Black Friday for backdoors. Let's rewind the tape on the past week's frenzy, straight from the hottest intel drops.Kicked off December 10th when Cisco sounded the alarm—China-nexus APT crew UAT-9686 exploited a zero-day in Cisco AsyncOS on Secure Email Gateways and Web Managers. They snuck in 'Aqua' malware for full system takeover, hitting US orgs hard. Patch now or bleed data, folks—Cisco's yelling emergency mitigations.Fast-forward to December 17th: Check Point Research unmasks Ink Dragon, aka Jewelbug or Earth Alux, wielding ShadowPad and FINALDRAFT malware. This China-linked beast hacked European governments but loves US pivots—think credential dumps from Southeast Asia ops bleeding into our grids. They're feasting on ShadowPad's modular espionage toolkit, exfiling secrets like it's dim sum.December 18th doubled down—ESET tags LongNosedGoblin, a fresh China-aligned goblin using Windows Group Policy to shove espionage malware into Southeast Asia and Japan gov nets. But whispers from Bitsight say they're probing US telecoms and energy edges next, phishing creds and lurking forever.CISA's been frantic: Just days ago on December 21st, they dropped analysis on Brickstorm malware, Rust-coded nightmare from a China-nexus group pounding US orgs for months. Indicators scream ongoing campaigns—think supply chain nibbles in critical infra. Plus, that ASUS Live Update flaw CVE-2025-59374? CISA KEV-listed it December 18th after exploits flew wild.Timeline's brutal: US Justice Department indicted 12 Chinese hackers tied to Ministry of State Security units back in 2025's big reveal, but these daily jabs—Cisco zero-days, malware floods—echo their global intrusions on aerospace, labs, even pandemic researchers. Patterns? Stealthy persistence, zero-days chaining with policy hacks, supply chain sneaks. Active threats: UAT-9686, Ink Dragon, LongNosedGoblin, Brickstorm crews.Defensive playbook: Hunt IOCs from CISA alerts—patch Cisco AsyncOS, FortiGate SSO bypasses if you're exposed, scan for ShadowPad beacons. Segment networks, enforce MFA beyond SMS, and drill EDR for Rust payloads. FBI and CISA scream: Assume breach in email gateways and edge devices.Escalation nightmare? If Trump-era NDAA ramps offense per CyberWire briefs, China flips to Typhoon-style disruptions on US CNI—energy blackouts, AI data heists. Picture pre-positioned backdoors igniting amid Taiwan tensions, per Bridewell analysts. We're one unpatched router from grid Armageddon.Stay frosty, listeners—China's not slowing; they're accelerating. Thanks for tuning in—subscribe for daily red alerts! This has been a Quiet Please production, for more check out quietplease.ai.For more http://www.quietplease.aiGet the best deals https://amzn.to/3ODvOtaThis content was created in partnership and with the help of Artificial Intelligence AI

Ver todos los episodios