This is your Red Alert: China's Daily Cyber Moves podcast.Hey listeners, it’s Ting here—your cyber commando with the Beijing byte and a knack for hacking headlines. Buckle up, because the last 72 hours in US-China cyber relations have been as wild as a zero-day on a Friday night.Starting off, late Friday, federal authorities began investigating a shifty malware campaign tied to the infamous China-linked APT41. This crew’s been busy poking into sensitive trade databases right as US Treasury Secretary Scott Bessent was getting ready to face off with Vice Premier He Lifeng in Madrid. If you think that’s a coincidence, I’ve got a bridge to sell you in Shenzhen. Reports say APT41’s malware was custom-tuned, focusing on trade and tech policy targets—talk about timing the hacks to the negotiation clock.By Saturday, CISA, that’s the Cybersecurity and Infrastructure Security Agency, went full DEFCON chicken-little, blasting out fresh alerts about Chinese activity in critical US infrastructure. Why? The dual threats of Salt Typhoon and Volt Typhoon. Jason Bilnoski at the FBI’s cyber division admitted these teams have stepped up their game. Instead of old-school malware, they’re using “living off the land” techniques—think commandeering legit Windows tools like they own Redmond. This new stealth maneuver makes intrusion detection feel like searching for a VPN server in a haystack.Also in the wild: fresh IOCs, or indicators of compromise—FBI flashed these to major tech partners after UNC6040 and UNC6395 blitzed Salesforce platforms. The goal? Data theft and classic extortion. If your org runs on Salesforce, double-check those logins and brace your board, because the FBI isn’t mincing words about what’s at stake.All of this unfolded while, over in Madrid, Bessent and He Lifeng opened trade talks at Spain’s Foreign Ministry. Tensions smashed through the diplomatic firewall as China’s commerce ministry announced probes into US semiconductor imports—specifically targeting chips from US giants like Texas Instruments. Meanwhile, Biden’s blacklisted 23 Chinese firms, and the showdown over TikTok’s divestiture rages on, with another US shutdown deadline barely three days away.This isn’t just economic saber-rattling—it’s digital brinkmanship. What’s the fallout if these cyber ops escalate? Picture coordinated ransomware attacks against US energy and telecoms. Homeland Security would have to scramble emergency comms while CISA mandates critical incident reporting, even though—plot twist—the rule for that got punted to May 2026. That delay is like leaving your front door open while you futz with the lock instructions.In response, CISA released a new CVE roadmap and the Pentagon plans to overhaul software accreditation—dubbed the “10 commandments of RMF.” Meanwhile, Google recommends passkeys to sidestep the latest adversary-in-the-middle phishing campaign—seriously, ditch those SMS codes right now.Listeners, your defensive actions: assume the adversary’s already inside, baseline your networks, roll out MFA everywhere, and train your users relentlessly. The new game isn’t about stopping every breach, but spotting them before your trade secrets ride the next China-bound packet.Thanks for tuning in to this Red Alert recap—don’t forget to subscribe, because we’ll be here until the next phishing lures hit your inbox. This has been a quiet please production, for more check out quiet please dot ai.For more http://www.quietplease.aiGet the best deals https://amzn.to/3ODvOtaThis content was created in partnership and with the help of Artificial Intelligence AI

Ver todos los episodios