Digital Dragon Watch: Weekly China Cyber Alert

Inception Point Ai

This is your Digital Dragon Watch: Weekly China Cyber Alert podcast. Digital Dragon Watch: Weekly China Cyber Alert is your go-to podcast for an in-depth analysis of the latest China-related cybersecurity incidents and threats. Updated weekly, the podcast covers the past seven days' most significant events, including new attack vectors, targeted sectors, and U.S. government responses. Listeners can expect expert recommendations for protection, all based on verifiable incidents and official statements. Stay informed and secure with host insights on the cutting-edge tactics and defensive measures in the ever-evolving cyber landscape. For more info go to https://www.quietplease.ai Check out these deals https://amzn.to/48MZPjs

  1. FA 1 DIA

    Chinese Hackers Feast on US Gov as Feds Slash Cybersecurity | Digital Dragon Watch Ep 37

    This is your Digital Dragon Watch: Weekly China Cyber Alert podcast. It’s Ting here with your fresh-off-the-wire Digital Dragon Watch: Weekly China Cyber Alert for November 7th, 2025. If you thought last week was spicy, the last seven days have truly been a dim sum cart of Chinese cyber tactics, advanced threats, and some very questionable US defensive maneuvers. Let’s get straight to the biggest story: suspected Chinese state-backed hackers breached the US Congressional Budget Office. Yes, the CBO—the folks running budget estimates for every squabble on Capitol Hill—discovered malicious actors had infiltrated emails and internal communications. This raised eyebrows at CNN and Politico, since any leaked correspondence here could reveal the legislative pulse, giving Beijing a behind-the-scenes seat at America’s policy table. U.S. officials cited in major outlets indicate China as the likely culprit, matching tactics used in July’s law firm breach, which also carried the trade negotiation scent. CBO spokesperson Caitlin Emma says quick action plugged some gaps, with extra monitoring and controls rolled out, but the breach is still under active investigation. Staffers were warned: don’t trust links from CBO mail, as accounts could remain infected. This is unfolding as the federal shutdown stretches into its 37th day, conveniently handicapping two-thirds of the CISA cyber defense team and making the government an even juicier target. Moving to attack vectors, researchers at Symantec and Carbon Black laid out a fascinating technique menu in an April 2025 campaign, recently tied to Chinese groups like Salt Typhoon (also known as Kelp) and the infamous APT41. They exploited vulnerabilities like OGNL injection in Atlassian (CVE-2022-26134), the ubiquitous Log4j bug, Apache Struts, and GoAhead RCE. Once in, tools like netstat for recon, scheduled tasks for persistence (using system-level privileges), and DLL sideloading with legitimate apps like vetysafe.exe kept them hidden and flexible. Oh, and watch out for Dcsync, a credential-stealing tool that can pretty much let an attacker stroll through the entire network if not found quickly. Salt Typhoon’s skillset is impressive: this group rooted around major US ISPs for over a year—including giants like AT&T and Verizon—using default credential exploits and sideloaded payloads to spy, even after supposed “detection.” What’s different this week? There's a major push by Chinese attackers into critical and sensitive sectors—think nonprofits influencing policy, legal firms working on US-China relations, and government offices like the CBO. Meanwhile, over in the private sector, threat researchers at ESET spotted groups like PlushDaemon redirecting DNS to hijack software updates—think ‘man-in-the-middle’ but on steroids—while IIS server attacks with SEO cloaking and stealthy backdoors are ramping up, courtesy of groups like REF3927. Let’s not skip the elephant in the situation room: the US government response. Instead of tightening the bolts, the current administration is yanking cybersecurity rules back. The FCC, under Brendan Carr, is moving to repeal minimum requirements on telecom providers to secure their own networks—these were rules put in after the Salt Typhoon debacle. Just this week, the Cyber Safety Review Board, the very team tasked with unpacking major hacks, was quietly axed. So for those counting, attackers are hitting harder, while the US is giving up basic armor. That’s not just a bad look; as Above the Law puts it, the current approach is nearly “indistinguishable from a foreign attack.” So, what’s the expert advice? Patch, patch, patch, especially for legacy bugs like Log4j and Atlassian injects. Lock down administrative credentials—if your default password isn’t changed, you’re low-hanging fruit. Heighten monitoring, especially for scheduled tasks and unusual outbound connections. And urge your representatives to demand—not beg—real standards and transparency from telecom and critical infrastructure providers. Most importantly: resist the urge to click links in any suspicious emails, even if they’re from Congress. Thanks for tuning in to Digital Dragon Watch. Subscribe for more cyber sleuthing with yours truly, Ting! This has been a quiet please production, for more check out quiet please dot ai. For more http://www.quietplease.ai Get the best deals https://amzn.to/3ODvOta This content was created in partnership and with the help of Artificial Intelligence AI

    5 min

  2. FA 3 DIES

    Sizzling Cyber Secrets: China's AI Attacks Skyrocket as US Fights Back!

    This is your Digital Dragon Watch: Weekly China Cyber Alert podcast. Listeners, it’s Ting here with your Digital Dragon Watch: Weekly China Cyber Alert for November 5, 2025. There’s no time for fluff – the past week in China-related cyber news has been nothing short of electrifying, and yes, there are dragons in the data streams. First up, let’s talk about scale. According to the latest House Committee on Homeland Security “Cyber Threat Snapshot,” attacks linked to China have rocketed up 150 percent since last year. And if you work in manufacturing, finance, insurance, or professional and business services, keep your firewalls close—these sectors are squarely in Beijing’s crosshairs. The report draws from both IBM and CrowdStrike data, warning that Chinese attackers are burrowing into critical infrastructure—think energy grids, telecom, and water systems—likely to build digital beachheads for potential use in a crisis. Take that chilling Massachusetts power utility breach: China-backed operatives were lurking for months without raising alarms, which is about as reassuring as a power outage during finals. But attackers aren’t sticking with their old tricks. New this week, researchers have flagged AI-driven attacks as a rising threat vector—one in six data breaches so far in 2025 involve artificial intelligence elements. These clever intrusions don’t just break in, they adapt in real time, shifting their tactics when detected. According to a recent government report, Salt Typhoon—a campaign linked to Chinese state interests—quietly burrowed into at least nine top telecom firms to suck up sensitive data and even poke around presidential candidates’ phone records. If that doesn’t give you dystopian chills, I don’t know what will. Now, defense isn’t just about shutting the windows after the cyber fox is in the henhouse. The US government is counter-punching: the Department of Commerce is scrutinizing Chinese tech more aggressively for supply chain risks. Meanwhile, the Defense Department’s Austin Dahmer has outlined a clear approach—deterrence through stronger military presence in the Pacific and ramping up joint cyber initiatives with allies. The focus is not just on technical shields, but on overwhelming scale, “peace through strength.” All this while White House cyber strategy gets an AI upgrade, with new national guardrails for automated response to cyber incursions. Let’s flip the lens to China. On October 28th, Beijing’s top lawmakers adopted broad amendments to their own Cybersecurity Law, not so much tightening the net as electrifying it. There’s a heavier focus on responsible AI development and, more ominously for foreign companies, much stiffer penalties for missing mandates. We’re talking fines shooting up to $1.4 million, mandatory compliance audits, and the threat of business suspension for failing to fix vulnerabilities or report cyber incidents. In plain language: if you handle data or critical tech in China, it’s time to review your playbook before January 1, when these regulations bite. For the security pros tuning in, experts this week recommend layering up: multi-factor authentication everywhere, continuous threat hunting, rigorous supply chain reviews, and—don’t laugh—human training so Kevin in finance doesn’t click that suspicious PowerPoint. Expect increased phishing with AI-generated lures, and keep your incident response plan sharp enough to slice through bureaucratic gridlock. If there’s one through-line, it’s the blurring of lines between statecraft, corporate espionage, and AI-powered chaos. Cyber defense is now a geopolitical contact sport. Thanks for tuning in to Digital Dragon Watch. Subscribe for your weekly dose of cyber intel that won’t put you to sleep. This has been a quiet please production, for more check out quiet please dot ai. For more http://www.quietplease.ai Get the best deals https://amzn.to/3ODvOta This content was created in partnership and with the help of Artificial Intelligence AI

    4 min

  3. FA 5 DIES

    China's Hacking Spree: Backdoors, Blind Spots, and Body Blows - Ting Dishes the Deets on Digital Dragon Watch

    This is your Digital Dragon Watch: Weekly China Cyber Alert podcast. Hey listeners, Ting here with your Digital Dragon Watch weekly China cyber alert. Let's dive straight into what's been heating up in the past seven days because trust me, it's been absolutely wild out there. So here's the thing that's got everyone's attention right now. According to the House Committee on Homeland Security, China-linked threat actors just pulled off something absolutely audacious in July. Three PRC-associated groups, Storm-2603, Linen Typhoon, and Violet Typhoon, compromised over four hundred organizations through Microsoft SharePoint, and we're talking about some serious targets here. The Department of Energy, the Department of Homeland Security, and the Department of Health and Human Services all got hit. This wasn't some random targeting either. These actors were basically doing a masterclass in supply chain infiltration. But here's where it gets even spicier. The U.S. National Security Agency director recently warned that China is actively hacking into American electrical infrastructure. We're not talking about probing or testing anymore. These guys are pre-positioning backdoors in power grid control systems. They're essentially laying groundwork that could let them disrupt or degrade services if things escalate, especially around Taiwan scenarios. Think of it like they're installing pressure valves that they could turn whenever they feel like it. Moving to this week specifically, the Chinese hacker group Bronze Butler just exploited a zero-day vulnerability in Lanscope Endpoint Manager from Motex. According to Sophos and Thailand's CERT, these attacks started in mid-2025, way before Motex even patched it on October twentieth. They deployed something called GoKC P Door malware to steal data. That's the kind of precision timing that shows these aren't amateur hour operations. Meanwhile, UNC5221, another China-linked threat actor cluster, straight up stole source code and internal vulnerability data from F5's BIG-IP development environment. They grabbed actual CVE information before patches even existed. It's like they're getting shopping lists of future vulnerabilities. The manufacturing sector's been taking absolute body blows. The Homeland Security Committee snapshot shows manufacturing experienced twenty-six percent of all cyberattacks this year, with finance and insurance at twenty-three percent. So far in twenty twenty-five, major cyberattacks on state and local governments have been recorded in at least forty-four U.S. states. What's particularly concerning is that Chinese cyber espionage efforts rose one hundred fifty percent in twenty twenty-four compared to the previous year according to CrowdStrike. Their targeted attacks on financial services, media, manufacturing, and industrial sectors jumped three hundred percent. That's not gradual escalation, that's a sprint. The real problem right now is that the federal government shutdown coupled with the lapse of the Cybersecurity Information Sharing Act of twenty fifteen is seriously hampering defensive coordination. The House Homeland Security Committee chairman Andrew Garbarino literally said we're creating blind spots in our networks when we need visibility most. For protection, experts recommend treating Chinese cyber and supply chain exposure as a standing threat in your overall strategic planning. This is about whole-of-society resilience now. Thanks for tuning in to Digital Dragon Watch. Don't forget to subscribe for next week's update. This has been a Quiet Please production. For more, check out quietplease dot ai. For more http://www.quietplease.ai Get the best deals https://amzn.to/3ODvOta This content was created in partnership and with the help of Artificial Intelligence AI

    4 min

  4. FA 6 DIES

    Cyber Sleuth Ting Uncovers China's Hack Pack: UNC6384 Crashes Diplomatic Party with PlugX Surprise

    This is your Digital Dragon Watch: Weekly China Cyber Alert podcast. Hey listeners, Ting here—your friendly neighborhood cyber sleuth with a dash of zero-day wit. Let’s jump right into the digital dragon’s den, because the past week in China cyber has been anything but dull. First up, the hot news is UNC6384, a China-linked hacking crew that’s been busy targeting European diplomatic missions. According to the team at Arctic Wolf and coverage in The Hacker News and Daily News Hungary, these cyber ninjas exploited a fresh Windows shortcut vulnerability—CVE-2025-9491—using slick spear-phishing emails themed around European Commission meetings and NATO workshops. The bad emails lured Hungarian, Belgian, Italian, Dutch, and Serbian officials into clicking links that unleashed PlugX malware—a remote access trojan that’s been the gift nobody wants at diplomatic parties since the early 2010s. PlugX, also known as Destroy RAT, SOGU, or Korplug, opens the digital door for pesky intruders to log keystrokes, swipe files, and monitor sensitive government chatter. The attack chain is a thing of crafty beauty: spear-phishing emails lead to malicious LNK files, which in turn run PowerShell to unpack an archive disguised as a Canon printer utility, but containing the CanonStager malware and a PlugX payload. CanonStager’s been on a diet—shrinking from 700 KB to 4 KB in a month, making it almost as sneaky as my last Wi-Fi password. Memory-resident “SOGU.SEC” variants mean even forensic teams need a stiff coffee before they start searching volatile RAM for clues. And if HTML applications with JavaScript don’t fool victims, well, UNC6384’s got decoy websites in the arsenal. Mustang Panda, another notorious China-backed crew, is sharing tactics and infrastructure, as if we needed even more cyber commotion. Why, you ask? The goal’s classic espionage—intel on EU defense, coordination, and the strength of alliances. This is all about outsmarting rivals diplomatically, not causing outages. But just in case you’re wondering, airports from London Heathrow to Brussels did report disruptions from external providers last September, and several government web portals took a hit too. Clearly, you don’t need to be wearing a diplomat’s pin to be on China’s radar. Stateside, things got spicy for TP-Link: The Washington Post reports US agencies—including Commerce and Homeland Security—are floating a complete ban on TP-Link routers over concerns that the company’s US arm is still susceptible to Beijing’s bidding. TP-Link holds up to 65% of the home router market, so that’s not just a minor move; it’s more like pulling the plug out of the middle of America’s living room. The feds haven’t made it official yet, but if you’re a TP-Link user, security audits, firmware updates, and changing default passwords aren’t just good hygiene—they’re your personal firewall until further notice. And let’s not forget Ribbon Communications, which suffered a near year-long supply chain attack by a likely nation-state actor—think Salt Typhoon, China’s telecom boogeyman. Ribbon’s breach gave hackers access to customer files stored on laptops outside the main network, causing headaches for government, Fortune 500, and critical infrastructure partners. Ribbon responded with law enforcement, forensics, and by cranking up network monitoring and segmentation. Takeaway: supply chain security is now your new job if you work anywhere near telecom. US leadership hasn’t been napping, either. Defense Secretary Pete Hegseth announced direct military-to-military communication channels with China, but followed up at the ASEAN forum with warnings that China’s behavior in the South China Sea remains, in his words, “destabilizing.” He’s pushing shared maritime surveillance among ASEAN members—which, let’s be honest, sounds like cyber for the high seas. So, what should you do to stay ahead of the dragons? Experts repeat the core gospel: patch systems immediately, train staff in phishing awareness, enforce strict access controls, and monitor for memory-resident malware. If you’re a supply chain or diplomatic org, add segmenting your network and vetting vendors to your playbook. And for home users, update devices, avoid default settings, and consider a cybersecurity audit before your smart fridge starts speaking Mandarin. Thanks for tuning in to Digital Dragon Watch! Don’t forget to subscribe for weekly alerts and sharp cyber analysis. This has been a quiet please production, for more check out quiet please dot ai. For more http://www.quietplease.ai Get the best deals https://amzn.to/3ODvOta This content was created in partnership and with the help of Artificial Intelligence AI

    5 min

  5. 31 D’OCT.

    Salt Typhoon Hacks Haunt Telcos | FCC Rethinks Security | China Cracks Down on Data Skeletons

    This is your Digital Dragon Watch: Weekly China Cyber Alert podcast. Happy Halloween, listeners! Or as I like to call it, the perfect day for a Digital Dragon cyber scare. I’m Ting and this is your weekly China Cyber Alert, breaking down the past seven days in infosec with just enough wit to keep you awake, even if you stayed up all night patching vulnerabilities. The big headline: Salt Typhoon is giving telecom execs more nightmares than the new reboot of The Ring. This Chinese cyberespionage group has been living rent-free in the servers of Ribbon Communications, not for weeks, but for months. Ribbon is basically the backbone for major phone and internet providers—think AT&T, Verizon, even Lumen and some Canadian outfits. The U.S. government says Salt Typhoon, which reports pin back to the Ministry of State Security, was hunting for phone records and call data on senior officials. Why? Well, if you ask U.S. intelligence, it’s all in prep for any future friction over Taiwan. According to TechCrunch, these hackers were only recently discovered after stealing who-knows-how-much data since December 2024. They’ve targeted more than 200 U.S. companies so far, and the campaign is a global affair[TechCrunch]. The FCC, with Chairman Brendan Carr at the helm, thinks telecom security rules brought in during the closing months of the Biden administration may be a swing and a miss. These rules forced telcos to lock down wiretap request systems—where law enforcement demands data—and required annual security posture check-ins. But Carr argues it’s regulatory overkill that “exceeded the agency’s authority.” So, next month, the FCC might pull back on these requirements[Nextgov]. Some cybersecurity folks think that’s like leaving the candy bowl unattended on Halloween: asking for mischief, given Salt Typhoon’s recent rampage. On the China side, the Ministry of Public Security released six new cases from its “Cybersecurity Protection - 2025” campaign. The focus: corporate data skeletons in the closet. Shanghai CAC, along with several ministries, is clamping down on facial recognition and surveillance, especially in high-traffic commercial zones. The MPS handed out fines to a luxury brand and an AI provider for botching personal information protection—yes, even fancy shopping apps need to worry about data privacy these days. The Cyberspace Administration is rolling out draft provisions to beef up oversight for giant internet platforms, with fresh standards for cross-border personal data[TwoBirds]. Meanwhile, in D.C., the FCC just voted unanimously to close lingering loopholes that let Huawei, ZTE, and other blacklisted Chinese manufacturers sneak gear into the U.S. The updated ban catches components, not just branded boxes. Millions of unauthorized listings have vanished from U.S. websites. Brendan Carr summed it up: foreign adversaries will exploit any digital open window. Still, some on the vendor side say the FCC is going too far, hurting small businesses relying on cheap Chinese tech[Tech Policy Press]. Now, how do you stay out of the Salt Typhoon’s crosshairs? Experts stress zero trust and constant monitoring. Assume every router and switch might have a hidden dragon waiting to exhale malicious packets. Patch, log, audit, repeat. NIST’s latest report urges scrutiny for Chinese-made generative AI solutions like DeepSeek, warning about possible code-level backdoors. For organizations in telecom, cloud infrastructure, and retail, treat any new device with suspicion and schedule that penetration test before the weekend. Also, consider endpoint security that spots anomalous traffic, and brush up on incident response plans—because if Salt Typhoon isn’t in your logs now, you can bet they’re knocking. Thanks for spending your cyber minute with me, Ting. Don’t forget to subscribe, because every week the dragons get sneakier. This has been a quiet please production, for more check out quiet please dot ai. For more http://www.quietplease.ai Get the best deals https://amzn.to/3ODvOta This content was created in partnership and with the help of Artificial Intelligence AI

    4 min

  6. 29 D’OCT.

    China's AI Ambitions Skyrocket While Cyber Crackdowns Loom Large

    This is your Digital Dragon Watch: Weekly China Cyber Alert podcast. Hey listeners, Ting here with your Digital Dragon Watch weekly briefing. Buckle up because China's cyber regulatory landscape just got a massive upgrade, and it's happening faster than you can say zero-day vulnerability. Let's jump straight into it. Just three days ago, on October 26th, China's top legislature approved sweeping amendments to the Cybersecurity Law, marking the first major overhaul since 2017. These changes take effect January 1st, 2026, and they're essentially China's way of saying AI isn't just a tech buzzword anymore—it's now baked into their entire cyber governance framework. The Standing Committee of the National People's Congress approved explicit legal support for AI development, including basic theoretical research, core algorithm innovation, and training data infrastructure. Think of it as Beijing hitting the accelerator on AI while simultaneously installing better brakes. But here's where it gets spicy. The same regulatory body that just green-lit AI innovation also announced new cybersecurity incident reporting requirements taking effect November 1st. The Cyberspace Administration of China issued these Measures on National Cybersecurity Incident Reporting, and they're surprisingly aggressive. Network operators now have four hours to report incidents that cause harm to networks or data systems with negative impacts on the country. Critical infrastructure operators? One hour. That's tighter than most Western frameworks, positioning China as having one of the most rigorous incident notification regimes in Asia. What incidents are we talking about? The framework covers incidents that "cause harm to the network, information system or the data and business applications" with negative public interest implications. The National Computer Virus Emergency Response Center released data showing network attacks jumped to 29 percent of incidents in 2025, with data breaches hitting 26 percent. That's a significant uptick, especially considering China now has over 1.1 billion internet users with a 79.7 percent penetration rate. The penalty structure got serious too. The amended law increases fines for violations and allows for business suspension, closure, or license revocation for serious offenses. Officials emphasized stronger alignment between the Cybersecurity Law and related frameworks like the Data Security Law and Personal Information Protection Law. Hao Ping, an NPC Standing Committee member, stressed that forward-looking assessments and continuous monitoring are essential for AI compliance. Meanwhile, across the Pacific, the FCC voted unanimously to block new approvals for devices from nine Chinese entities deemed national security risks. This geo-targeted approach reflects broader Western strategy of compartmentalizing digital access rather than complete isolation. So what's the takeaway? China's doubling down on innovation while tightening enforcement and incident reporting. It's a high-wire act designed to accelerate AI development while maintaining state control. Organizations operating in or connected to Chinese infrastructure need to understand these timelines and requirements, especially that November 1st deadline for incident reporting. Thanks for tuning in, listeners. Make sure to subscribe to stay ahead of these regulatory shifts. This has been a Quiet Please production. For more, check out quietplease dot ai. For more http://www.quietplease.ai Get the best deals https://amzn.to/3ODvOta This content was created in partnership and with the help of Artificial Intelligence AI

    3 min

  7. 27 D’OCT.

    China's Cyber Storm Surges! Hacks, Smishing & Espionage Explode as US-China Tech Tussle Boils

    This is your Digital Dragon Watch: Weekly China Cyber Alert podcast. Welcome back, listeners—Ting here with your weekly blast of caffeinated code and straight-up drama from the world of China cyber. Let’s skip the fanfare and jump headfirst into the bytes: it’s Digital Dragon Watch, and if you thought the last seven days would bring calm, guess again. First up, DDoS attacks across the Asia-Pacific region have absolutely mushroomed, with China standing in the center of the storm. StormWall experts reported a 116% surge compared to this time last year. Their data shows government agencies, telecom giants, and financial institutions are getting hammered, with one 2.3 terabit-per-second attack being the stuff of cyber legend. What’s scarier? Probing assaults—mini scans, the hacker’s pre-game warmup—went up by 3,500-fold, with China shouldering 22% of all attacks. Ramil Khantimirov called this the most challenging DDoS threat landscape ever, and the fact that botnet power is quadrupling means defenders are playing chess against AI grandmasters powered by crowds of zombie devices. But that’s not all, folks. Last Wednesday, the Cyberspace Administration of China dropped the mother of compliance updates: the National Cybersecurity Incident Reporting Management Measures. Coming into force next week, these new rules finally yank the patchwork of incident-reporting obligations into something resembling order. Every network operator in China—from social media kingpins to scrappy startup cloud hosts—now faces stricter, unified standards, with clear technical criteria and centralized channels for reporting. This harmonization is huge. If you’re doing business in China, the era of guesswork is over. Miss an incident and you’ll be sweating under CAC’s gaze. Meanwhile, espionage is getting stickier. APT group Earth Estries (yes, I see you) has expanded global reach using old-school persistence and new tactics to siphon government, research, and telecom secrets. Brandefense’s threat sheet spotlights their adaptability—even if their tools aren’t bleeding-edge, they compensate with relentless campaigns and strategic alignment to Beijing’s goals. Defensive moves? Patch anything facing the internet, lock down on phishing, and keep eyes out for sneaky DNS tricks or unauthorized VPN logins. Don’t get blindsided by scheduled task weirdness or web shells in the basement of your infrastructure. On the user-targeted front, ongoing smishing campaigns—think text-message phishing—have been burning since early last year, with threat actors leveraging nearly 200,000 domains in scams. They’re impersonating everything from delivery apps to government portals, trying to snatch credentials and financial data with scary efficiency. Zooming out for government response, reports from the Foundation for Defense of Democracies reveal progress but warn of big fragilities: the US still faces leadership gaps at CISA and the State Department's Bureau of Cyberspace and Digital Policy, which we absolutely need staffed up ASAP. Sean Cairncross, America’s cyber czar, says deterrence is working, but adversaries—especially China—aren’t feeling enough pain to stop. One remedy? More authority for the Office of the National Cyber Director and sustainable multi-year funding for CISA. Meanwhile, the Cyber Diplomacy Act and allied funding have helped keep Chinese firms from dominating core tech supply chains abroad—think HarmonyOS nudging out American operating systems in Shenzhen. And the cyber tit-for-tat is heating up. As of today, China’s Ministry of Foreign Affairs loudly accused the NSA of sophisticated cyberattacks against the national time system. This mutual finger-pointing, amplified by export controls and local bans, only deepens U.S.–China tech decoupling and sharpens the risk of retaliatory action from both sides. Experts say don’t wait for the breach—start continuous monitoring of the dark web, keep your backups up to date and offline, and drill your teams with realistic phishing simulations. Eliminate persistence by running full compromise assessments, and when in doubt, bring in cyber response pros before you start any backchannel ransom negotiations. That’s your digital intel drop for this week. Thanks for tuning in to Digital Dragon Watch—subscribe now, because next week will be even wilder. This has been a quiet please production, for more check out quiet please dot ai. For more http://www.quietplease.ai Get the best deals https://amzn.to/3ODvOta This content was created in partnership and with the help of Artificial Intelligence AI

    5 min

  8. 26 D’OCT.

    Smishing Triad's Billion-Dollar Phishing Frenzy | Qilin's Ransomware Factory | State Hackers Pounce on Fresh Vulns

    This is your Digital Dragon Watch: Weekly China Cyber Alert podcast. Listeners, it’s Ting with the latest on Digital Dragon Watch: Weekly China Cyber Alert, and trust me, the cyber skies over China and beyond have been stormy this week. Let’s jump right in, because if you blink, you’ll miss at least three zero-day exploits. First stop: the Smishing Triad, a China-linked syndicate orchestrating the most relentless SMS-based phishing campaign we’ve seen in years. Since early 2024, this crew has deployed over 194,000 malicious domains—yes, one hundred ninety-four thousand!—to spoof everything from USPS to E-ZPass, IRS, and top banks. They’re hitting mobile users in over 120 countries, but the US gets a special, ahem, ‘focus.’ The playbook is familiar but fiendishly effective: fake alerts, threaten you with unpaid fees, and funnel you into credential-stealing sites spun up and taken down faster than you can hit “mark as spam.” This PhaaS—or Phishing as a Service—operation leans on US-based cloud infrastructure, Chinese nameservers, and a who's-who of domain registrars, churning through URLs so fast even threat trackers need a vacation. And let’s talk profit—the projected haul over the past three years? More than $1 billion, with no slowdown in sight. Now, moving from phishing to full-on breach, the ransomware group Qilin is practically running a cyberattack factory. As of yesterday, Qilin publicly threatened the City of Sugar Land in Texas, demanding ransom or they’ll dump sensitive data. And they’re not just picking on US towns: According to analysis by Comparitech, Qilin logged its 700th claimed ransomware attack in 2025, mostly targeting manufacturers, finance, retailers, health care, education, and government agencies, but with plenty of US victims—375 at last count, by far the most globally. Nissan Creative Box in Japan, Asahi Holdings, and even municipal courts have fallen victim, and the education sector alone saw attacks spike by more than 400% this year. Qilin’s secret sauce? Ransomware-as-a-Service, where their malware is basically for rent and affiliates do the dirty work. Typical ransoms swing from two to ten million dollars, but the real pain is the business downtime and data exfiltration. But let’s not forget the state-sponsored actors. Security Affairs reports that China-linked hackers, notably Salt Typhoon and unnamed threat groups, have exploited freshly patched vulnerabilities like CVE-2025-53770 in Microsoft SharePoint and Citrix NetScaler Gateway to breach telecom networks in the Middle East and Europe. The speed with which they exploit patched flaws—sometimes within hours of disclosure—shows just how sophisticated these crews have become. The US government, meanwhile, has ramped up joint cyber exercises and public-private partnerships. Agencies like CISA and DOE are pushing for broader info-sharing and resilience training, but there’s worry: recent funding cuts to federal cyber agencies have experts warning about a widening resilience gap, especially as China and Russia keep up the offensive. So, what can you do? Experts hammer on the basics: implement multi-factor authentication everywhere, keep threat intel feeds up to date—especially those dark web alerts—validate your offline, immutable backups, and conduct regular phishing drills for every employee, from the C-suite to interns. For incident response, don’t DIY—call in professionals, legal counsel, and threat analysts before you even think about responding to extortionists. Thanks for tuning in to Digital Dragon Watch. Subscribe so you’re never caught off guard, and remember: if you get a suspicious SMS about your package, double-check before you click. This has been a quiet please production, for more check out quiet please dot ai. For more http://www.quietplease.ai Get the best deals https://amzn.to/3ODvOta This content was created in partnership and with the help of Artificial Intelligence AI

    4 min
Veure-ho tot (148)

Informació

This is your Digital Dragon Watch: Weekly China Cyber Alert podcast. Digital Dragon Watch: Weekly China Cyber Alert is your go-to podcast for an in-depth analysis of the latest China-related cybersecurity incidents and threats. Updated weekly, the podcast covers the past seven days' most significant events, including new attack vectors, targeted sectors, and U.S. government responses. Listeners can expect expert recommendations for protection, all based on verifiable incidents and official statements. Stay informed and secure with host insights on the cutting-edge tactics and defensive measures in the ever-evolving cyber landscape. For more info go to https://www.quietplease.ai Check out these deals https://amzn.to/48MZPjs

Fitxa tècnica

  • Creació
    Inception Point Ai
  • Anys en actiu
    2024 - 2025
  • Episodis
    148
  • Qualificació
    Apte
  • Copyright
    © Copyright 2025 Inception Point Ai
  • Lloc web del programa
    Digital Dragon Watch: Weekly China Cyber Alert
  • Proveïdor

També et pot agradar