This is your Red Alert: China's Daily Cyber Moves podcast. Hey listeners, Ting here—and wow, what a week to cover China’s cyber shenanigans. You want fresh drama? You want Salt Typhoon? Pull up your dashboards, because it’s Red Alert all around and I’m about to decode, demystify, and occasionally roast some Chinese hacking maneuvers for you. Let’s start with Salt Typhoon, China’s own league of cyberspies. The FBI confirmed this week that Salt Typhoon scored years-long access to American telecoms, drilling into networks like Verizon and AT&T, but also reaching hundreds of administration officials. I mean, they didn’t just snoop—they geolocated users, monitored traffic, and sometimes even recorded actual phone calls. I’d call it creepy, but honestly, in cyber terms it’s pure James Bond stuff. Three companies—Sichuan Juxinhe, Beijing Huanyu Tianqiong, and Sichuan Zhixin Ruijie—are linked directly to these escapades. Supposedly they’re champions of China’s security services and military, but this week’s revelations suggest the CCP’s reliance on private companies for hacking is more “risky partnership” than “master plan”. Skip forward to August 24: Nevada is the unlucky star in America’s latest cyber reality show. A pretty bold attack forced state offices closed, knocked websites and phone lines offline, and sent Governor Joe Lombardo’s tech team into DEFCON mode. CISA—the Cybersecurity and Infrastructure Security Agency—jumped in with threat hunting teams, and the FBI partnered up, all to restore critical services and hunt for malware. No group’s claimed responsibility, but past attacks like this point to ransomware as the likely culprit. Personal data, for now, is reportedly safe, but state employees had a two-day paid cyber vacation, with slow reopening as systems crawled back. CISA’s Madhu Gottumukkala sets the tone: “We’re embedded, collaborating, restoring services—and we’re not leaving till Nevada’s safe.” This is your U.S. cyber defense playbook in action. Want new attack patterns? Salt Typhoon’s hackers are hotwiring routers—backbone, provider edge, customer edge routers—modifying firmware for persistent access. They pivot between networks using compromised devices and trusted connections, proving that the game’s not just about stealing secrets, but staying embedded long-term. Google researchers found attacks leveraging adversary-in-the-middle techniques, signed malware, and AI-powered phishing, targeting juicy targets like AWS and Snowflake keys. In another twist, zero-day flaws in Citrix and Git forced CISA into emergency patch deadline mode, pushing federal agencies to lock down fast. Now, let’s look at escalation. The NSA, CISA, and FBI issued a global joint advisory on Wednesday: China-backed actors aren’t stopping at America. International partnerships—from Germany to Japan—are joining the hunt, listing indicators of compromise, sharing technical details, and calling on critical infrastructure defenders to mount active threat hunting. The worry is that persistent access will allow China to track global movement and communications with near impunity. If defensive measures lag, infrastructure could be compromised at scale—think transportation shut-downs, telecom blackouts, even targeted military disruption. So what should defenders do right now? Update router and device firmware, review CISA’s advisory for IOC lists and mitigation tactics, patch exploited vulnerabilities—especially those flagged this week—and coordinate across federal and local teams. Threat hunting can’t be a one-day affair; it needs persistent, real-time ops. International collaboration is now part of daily cyber hygiene. Listeners, thanks for tuning in to Ting’s take on China’s daily cyber moves. Subscribe for more fun, fearless, expert cyber talk. This has been a quiet please production, for more check out quiet please dot ai. For more http://www.quietplease.ai Get the best deals https://amzn.to/3ODvOta