『Digital Dragon Watch: Weekly China Cyber Alert』のカバーアート

Digital Dragon Watch: Weekly China Cyber Alert

Digital Dragon Watch: Weekly China Cyber Alert

著者: Quiet. Please
無料で聴く

このコンテンツについて

 This is your Digital Dragon Watch: Weekly China Cyber Alert podcast.

Digital Dragon Watch: Weekly China Cyber Alert is your go-to podcast for an in-depth analysis of the latest China-related cybersecurity incidents and threats. Updated weekly, the podcast covers the past seven days' most significant events, including new attack vectors, targeted sectors, and U.S. government responses. Listeners can expect expert recommendations for protection, all based on verifiable incidents and official statements. Stay informed and secure with host insights on the cutting-edge tactics and defensive measures in the ever-evolving cyber landscape.

For more info go to

https://www.quietplease.ai

Check out these deals https://amzn.to/48MZPjsCopyright 2024 Quiet. Please 政治・政府 政治学
エピソード
  • SentinelOne Hacked, Mobile Meltdown, & Salt Typhoons Spying Spree—China Cyber Tea, Freshly Brewed!

    SentinelOne Hacked, Mobile Meltdown, & Salt Typhoons Spying Spree—China Cyber Tea, Freshly Brewed!
    2025/06/28
    This is your Digital Dragon Watch: Weekly China Cyber Alert podcast.

    Welcome to Digital Dragon Watch: Weekly China Cyber Alert. I’m Ting—your expert in China cyber shenanigans, translating the week’s headlines into human-speak so you don’t have to read through a thousand threat intel feeds.

    Let’s dive right into the hotspots from the last seven days. At the top of the pile is the ongoing saga of SentinelOne, the U.S. cybersecurity firm that found itself in the crosshairs of a China-linked hacking collective. Over seventy organizations spanning manufacturing, finance, telecom, government, and research were caught in this months-long campaign, but it was SentinelOne’s hardware supplier that became the key target. The attackers, identified as part of the PurpleHaze group—closely associated with China’s infamous APT15 and UNC5174—used this vendor as a potential springboard for supply chain infiltration, even mapping internet-facing servers and evaluating them for follow-up attacks. SentinelOne’s researchers Aleksandar Milenkoski and Tom Hegel confirmed the attackers managed to breach all seventy targets, with some holding persistent access for extended periods. A staggering reminder: it’s not just your crown jewels—your supply chain is absolutely fair game too.

    Another red alert this week: Salt Typhoon, a state-sponsored crew also linked to China, exploited the Cisco CVE-2023-20198 flaw to worm into global telecom networks. Notable targets included Canadian telecom devices, with the attackers leveraging this vulnerability for deep reconnaissance. If you’re not patching your Cisco gear, you’re basically taping a “hack me” sign to your data center.

    Meanwhile, the mobile front is a growing minefield. Investigators from iVerify flagged a wave of mysterious crashes on smartphones—sometimes affecting journalists, government workers, and tech insiders. The sneaky part? These attacks seem to require no user interaction. Just having a vulnerable phone could open you up to infiltration, and guess what? Most victims worked in sectors of interest to Beijing. Rocky Cole at iVerify summed it up: “The world is in a mobile security crisis right now. No one is watching the phones.” Ominous, but true.

    U.S. government response? The State Department and CISA haven’t been silent. There’s been an uptick in official security advisories, especially for critical infrastructure and telecom sectors, urging immediate Cisco patching, increased insider vigilance, and air-gapping of particularly sensitive systems. Behind the scenes, partnerships with allied countries are intensifying, likely to ensure early warnings and rapid threat intelligence sharing.

    So, what’s on the expert cheat sheet this week? First, patch early, patch often—especially network gear and anything remotely related to supply chains. Second, don’t sleep on your mobile device protections; enterprise mobile device management should be standard, especially for execs and VIPs. Last, reevaluate who has access to what, both inside your walls and across vendors—zero trust isn’t a buzzword, it’s survival.

    That’s your China cyber wrap for this week. Stay patched, stay paranoid, and I’ll catch you on the next Digital Dragon Watch!

    For more http://www.quietplease.ai


    Get the best deals https://amzn.to/3ODvOta
    続きを読む 一部表示
    3 分
  • China's Cyber Typhoon Strikes Again! Telcos, Hospitals & Govs Beware - Ting Dishes the Deets

    China's Cyber Typhoon Strikes Again! Telcos, Hospitals & Govs Beware - Ting Dishes the Deets
    2025/06/26
    This is your Digital Dragon Watch: Weekly China Cyber Alert podcast.

    Welcome to another episode of Digital Dragon Watch: Weekly China Cyber Alert. I’m Ting, your friendly cyber-sleuth, here to cut through the digital smoke and mirrors and bring you the very latest on China-related cybersecurity from the past seven days.

    Let’s start with the headline-grabber: Salt Typhoon is back, folks, and this time the China-linked group zeroed in on a juicy Cisco vulnerability, catalogued as CVE-2023-20198. Over the weekend, we saw coordinated attempts to breach global telecommunications providers, with a special focus on Canada. This flaw, if you missed the memos, allowed attackers to escalate privilege and deploy malware on networking gear—prime real estate for a cyber espionage operation. Cisco responded by issuing urgent patches, and both US and Canadian agencies urged telcos to update firewalls and segment their networks pronto.

    Meanwhile, Taiwan remains the bullseye on China’s cyber dartboard, with attacks not just multiplying—they’re practically self-replicating. We’re talking 2.4 million daily cyber attempts, with about 80% targeting healthcare and government infrastructure. One jaw-dropping case involved MacKay Memorial Hospital: a 20-year-old hacker, Lo Chengyu, alias “Crazyhunter,” launched a ransomware blitz that crippled hundreds of systems and stole over 16 million patient records. The hospital stood firm, refusing the $100,000 ransom, and security teams eventually purged the malware without paying a dime. But Crazyhunter, not one to slink away quietly, published patient names online, ramping up pressure.

    These hospital attacks are all part of China’s grey-zone tactics. Not outright war, but digital harassment designed to wear down Taiwan’s resilience—targeting anything from hospitals to local government tax offices. Defensive measures? Taiwan’s own agencies have upped incident response drills and deployed advanced endpoint detection and response (EDR) systems, but officials admit the onslaught is straining resources.

    Across the Pacific, US government cybersecurity teams are still on high alert. After the December breach of a third-party US Treasury vendor by Chinese actors, this week’s guidance leans heavily on rapid patching, supply chain scrutiny, and stronger multi-factor authentication for government contractors.

    And if you thought enterprises were safe, think again. More than 70 organizations globally—including manufacturing, finance, research, and IT logistics—were hit in a PurpleHaze-linked wave of Chinese espionage from July 2024 to March 2025. SentinelOne’s cyber sleuths, Aleksandar Milenkoski and Tom Hegel, found reconnaissance and mapping of internet-facing servers, probably prepping for something bigger down the line.

    So, what are the pro tips from the experts this week? Patch, patch, patch—especially Cisco devices. Limit internet exposure of critical systems. Double down on EDR. And above all, rehearse incident response like you mean it, because the only thing scarier than a zero-day is being caught flat-footed.

    That’s your Digital Dragon Watch for the week. Stay patched, stay paranoid—Ting out.

    For more http://www.quietplease.ai


    Get the best deals https://amzn.to/3ODvOta
    続きを読む 一部表示
    3 分
  • Digital Dragons Gone Wild: SentinelOne Saga, Taiwan Targeted, and UK's China Woes!

    Digital Dragons Gone Wild: SentinelOne Saga, Taiwan Targeted, and UK's China Woes!
    2025/06/24
    This is your Digital Dragon Watch: Weekly China Cyber Alert podcast.

    Hello, cyber sleuths—Ting here with your Digital Dragon Watch, and trust me, this past week in China-linked cyber activity has been one for the books. Let’s jack in!

    First off, let’s talk about the headline-grabber: the SentinelOne saga. Between July 2024 and March 2025, more than 70 organizations got tangled in a sweeping set of attacks, with SentinelOne, a US cybersecurity firm, right in the crosshairs. The attackers? SentinelOne is putting the blame squarely on China, linking the activity to notorious clusters like PurpleHaze, APT15, and UNC5174. The victim list reads like a roll call for the global economy: government agencies, manufacturing giants, financial institutions, telecom players, research centers, and—get this—even the logistics company handling hardware for SentinelOne’s own team. These weren’t just drive-bys; some intrusions lasted for months, others got stomped out quickly, but all point to a sustained, high-stakes espionage campaign.

    What’s the big risk here? The hardware supply chain attack is especially chilling. The threat actors gained access to systems that could’ve been used to infect employee laptops before they even left the box, compromise OS images, or siphon off personal and location details. If you thought plugging in that brand new laptop was safe, well, time for a second opinion.

    While SentinelOne dodged a bullet, the threat vector rings alarm bells across the industry: third-party vendors have become a favorite playground for Chinese threat groups. The attackers focused on hardware logistics—knowing that if you own the supply chain, you own the company.

    Zooming out, this ties into a wider pattern. Chinese hackers have lately doubled down on reconnaissance—mapping internet-facing servers, sizing up vulnerabilities, and then pouncing. Just ask the government of Taiwan, where attacks have doubled and the targets are always high-value: government systems and telecom infrastructure. This dovetails with the UK’s own warnings earlier this month, naming China as the top national cybersecurity threat following a spate of breaches.

    US government response? Besides tightening its own third-party risk management, the Feds are beefing up requirements for vendors and pushing for zero-trust frameworks. The recommendations from experts are laser-focused: scrutinize your supply chain, segment your networks, keep an eye on internet-facing assets, and, above all, never underestimate reconnaissance. Today’s mapping is tomorrow’s breach.

    Final thought: As tensions keep simmering between China and its neighbors, cyber is the invisible front line. Stay patched, stay paranoid, and don’t let your guard down—because the digital dragons aren’t sleeping. Until next week, this is Ting, signing off but never logging out.

    For more http://www.quietplease.ai


    Get the best deals https://amzn.to/3ODvOta
    続きを読む 一部表示
    3 分

Digital Dragon Watch: Weekly China Cyber Alertに寄せられたリスナーの声

カスタマーレビュー:以下のタブを選択することで、他のサイトのレビューをご覧になれます。

Audible.co.jp

Amazon.co.jp
レビューはまだありません。