This is your Tech Shield: US vs China Updates podcast.Hey listeners, it’s Ting, cyber threat aficionado and all-purpose digital oracle, coming at you with this week’s Tech Shield: US vs China update. Caffeine is optional but paranoia is encouraged—let’s dive right in because the cyber scene has been anything but dull over the past few days.The biggest splash? An urgent directive landing at every federal agency’s inbox courtesy of CISA—the United States Cybersecurity and Infrastructure Security Agency. CISA has thrown down a midnight gauntlet, demanding agencies patch up critical zero-day vulnerabilities in Cisco ASA firewall devices ASAP. This follows a massive campaign by the Chinese-linked ArcaneDoor group, a gang whose infrastructure security firm Censys traced straight back to Chinese networks—including Tencent and ChinaNet. Cisco’s got “high confidence” this is ArcaneDoor’s handywork and, more importantly, that updating to the newest software is not just smart, it’s existential at this point. If you’re in government IT, you’re patching or you’re panicking. According to Chris Butera, CISA’s acting deputy cyber chief, agencies patched more than 99 percent of their internet-facing vulnerabilities, which is like defending a sandcastle from a tsunami with a very aggressive spoon—impressive, but don’t break out the Piña Coladas yet.Elsewhere, researchers are still digging into RedNovember—aka TAG-100, or Storm-2077—a Chinese state-sponsored crew that’s about as stealthy as your neighbor’s Wi-Fi but a lot more malicious. They’ve been snooping around since the middle of last year, specializing in supply chain infiltration and espionage antics targeting tech and legal sectors. If you haven’t double-checked your vendors and their vendors, now’s the time.On the cool-but-creepy tech front, if Boston Dynamics isn’t already writing angry tweets, they will be soon. Unitree Robotics’ Go2 quadruped robot dogs—used everywhere from Taipei patrols to casual campus security—were found to have a colossal Bluetooth setup flaw. Andreas Makris and Victor Mayoral-Vilches have warned us: with admin access available by encrypting the hardcoded string “unitree,” attackers can hijack whole fleets and even block firmware updates—hello, zombie robot armageddon! If you’ve got one of these at home, keep it off the main Wi-Fi and disable Bluetooth, or risk starring in your own “Black Mirror” episode. The kicker? Alias Robotics found these bots quietly sending video and telemetry data to Chinese servers—privacy advocates: commence gnashing of teeth.Industry’s response? Rapid patching, more segmentation, and a spike in zero trust implementations. There’s also a push for smarter, AI-driven management—last year alone saw 40,000 vulnerabilities disclosed, making traditional patch cycles look prehistoric. As Jason Clark of Cyera put it on CyberWire, the proliferation of agentic AI means legacy security is crumbling. Automation is king, and human oversight is non-negotiable—but it’s a thin line between robust defense and hopeful finger-crossing.Now, for the expert take: The good news is, American agencies have gotten faster and smarter—the days when adversaries lingered unnoticed for months are closing fast. The bad news? Chinese groups are evolving too, leveraging automation, supply chain gaps, and the world’s love affair with connected gadgets. The vulnerabilities are being patched, but the perimeter keeps moving. The current gaps? Vendor oversight, IoT security, and the lag between zero-day detection and universal patching. If we’ve learned anything, it’s that defensive agility is the new cybersecurity gold.Thanks for tuning in! If you want to stay on top of the cyber joust, don’t forget to subscribe. This has been a quiet please production, for more check out quiet please dot ai.For more http://www.quietplease.aiGet the best deals https://amzn.to/3ODvOtaThis content was created in partnership and with the help of Artificial Intelligence AI

Ver todos los episodios