About this episode
This is your Tech Shield: US vs China Updates podcast.Hey listeners, Ting here, your go-to cyber sleuth on all things China hacks and US shields. Buckle up, because the past week in the US-China cyber showdown has been a wild ride of embedded spies, zero-days, and frantic patches—think Volt Typhoon's evil cousins burrowing deeper into our grids while we're scrambling to plug the holes.Dragos dropped their annual OT threat report on Tuesday, and it's a gut punch: China's Volt Typhoon—now tracked as Voltzite by Dragos CEO Robert M. Lee—is still squatting in US electric, oil, and gas networks, not for IP theft, but straight-up sabotage prep. They hit Sierra Wireless AirLink devices to slurp pipeline sensor data, tweak control systems, and snag configs to force shutdowns. Three new crews joined the party in 2025: Sylvanite, Voltzite's access broker exploiting F5, Ivanti, and SAP vulns in under 48 hours; Azurite, overlapping Flax Typhoon, yoinking engineering workstation files from manufacturing and defense; and Pyroxene, IRGC-tied but China-adjacent, wiping data in Israel amid tensions. Lee's blunt: these Beijing-backed goons are in the control loops for disruption, not dollars.Meanwhile, Google's Mandiant and Threat Intelligence crew blew the lid off UNC6201—Silk Typhoon cousins—exploiting a Dell RecoverPoint zero-day, CVE-2026-22769, since mid-2024. Hardcoded admin creds in VMware backups let 'em drop Brickstorm and upgrade to stealthier Grimbolt backdoors, plus "ghost NICs" for sneaky pivots. Dell patched Tuesday after limited exploits hit less than a dozen orgs, but CISA's Nick Andersen warns they're embedding for long-term sabotage. Texas AG Ken Paxton sued TP-Link routers over China supply-chain ties and firmware holes exposing millions—Governor Greg Abbott already banned 'em statewide.US defenses? FCC urged telecoms to beef up ransomware shields after a 4x spike. Treasury rolled out AI cyber tools with industry for financial resilience, per Deputy Assistant Secretary Cory Wilson. OMB ditched CISA's software attestation form for risk-based vibes, and Cyber Command's eyeing Parsons for Joint Cyber Hunt Kits. AI race heats up too—Time mag notes China's closing gaps despite chip curbs, but US scaling laws might pull ahead.Effectiveness? Patches like Dell's are clutch, but dwell times over 400 days scream gaps in EDR-poor edges. We're reactive; China's proactive with "Bounty-as-a-Service" per Google Threat Intelligence. Need AI-driven hunts and supply-chain lockdowns, stat—or Voltzite flips the switch.Thanks for tuning in, listeners—subscribe for more cyber spice! This has been a Quiet Please production, for more check out quietplease.ai.For more http://www.quietplease.aiGet the best deals https://amzn.to/3ODvOtaThis content was c
