Col. John Mills did a few minutes on this near the end of the warroom Friday afternoon show at 5:00 pm eastern with Natale winters sitting in for Steve.
Unfortunately, she cut him off likely for a hard break.
Steve needs to teach her that when you get someone like the Col. who has the goods on Volt Typhoon you blow through any break!! Hard or not! You let him go on. Never do you cut someone like the Col. who is providing "the" intel that we need to stop the chicoms from taking us down.
Big error there! Steve is to blame. He should have told her what to do in times like that.
Any way Volt Typhoon is likely responsible for numerous attacks possibly the ship at Baltimore that took down the bridge we don't know yet.
Its here:
You can hear what he was allowed to say:
https://gettr.com/streaming/p341ld0579f
Here's more:
Who is volt typhoon
Volt Typhoon is a Chinese state-sponsored threat actor that utilizes stealth techniques(living off theland) to conduct cyber espionage operations against government and other critical infrastructure organizations.
The group, also known as Vanguard Panda, Bronze Silhouette, Dev-0391, UNC3236, Voltzite, and Insidious Taurus, has been detected by U.S. government agencies, Microsoft, and international partners targeting critical infrastructure in the United States and Guam.
The primary goal of Volt Typhoon's attacks is to gather information on U.S. critical infrastructure and military capabilities, potentially preparing for a future attack on U.S. critical infrastructure.
Above is an AI-generated answer! Please verify critical facts.
I'm still amazed that AI is the first link on brave.
..........................................'
What is Volt Typhoon? .. Read more at:
http://timesofindia.indiatimes.com/articleshow/109439265.cms?utm_source=contentofinterest&utm_medium=text&utm_campaign=cppst China is developing the "ability to physically wreak havoc"
...........................
Read more at: ...........................
https://www.reuters.com/technology/what-is-volt-typhoon-alleged-china-backed-hacking-group-2023-05-25/ 
April 19 (Reuters) - China is developing the "ability to physically wreak havoc" on U.S. critical infrastructure and its hackers are waiting "for just the right moment to deal a devastating blow", FBI Director Christopher Wray said on Thursday.
The comments were in relation to a Chinese government-linked hacking campaign dubbed Volt Typhoon. The campaign was disclosed by the U.S. and its key allies in May 2023, when analysts at Microsoft found it had targeted everything from U.S. telecommunication networks to transportation hubs. On Thursday, Wray said Volt Typhoon had successfully gained access to American targets across the telecommunications, energy, water and other critical sectors.
Here is what is known about Volt Typhoon and its potential threat:
'FUTURE CRISES'
Nearly every country in the world uses hackers to gather intelligence. Major powers like the United States and Russia have large stables of such groups - many of which have been given colourful nicknames by cybersecurity experts, such as "Equation Group" or "Fancy Bear."
Experts begin to worry when such groups turn their attention from intelligence gathering to digital sabotage. So when Microsoft Corp (MSFT.O), opens new tab said in a blog post, opens new tab in May last year that Volt Typhoon was "pursuing development of capabilities that could disrupt critical communications infrastructure between the United States and Asia region during future crises," it immediately brought to mind escalating tensions between China and the United States over Taiwan.
Any conflict between those two countries would almost certainly involve cyberattacks across the Pacific.
TAIWAN BOTNET
Does this mean a group of destructive hackers is preparing to sabotage U.S. infrastructure in the event of a conflict over Taiwan?
Microsoft qualified its assessment last year as "moderate confidence," intelligence jargon that typically means a theory is plausible and credibly sourced but has yet to be fully corroborated. Different researchers have identified various aspects of the group.
It is now clear that Volt Typhoon has functioned by taking control of swathes of vulnerable digital devices around the world - such as routers, modems, and even internet-connected security cameras - to hide later, downstream attacks into more sensitive targets. This constellation of remotely controlled systems, known as a botnet, is of primary concern to security officials because they limit the visibility of cyber defenders that monitor for foreign footprints in their computer networks.
In a report earlier this month,opens new tab cybersecurity ratings firm SecurityScorecard said Cisco Systems (CSCO.O), opens new tab devices were particularly vulnerable to Volt Typhoon's activity. The firm said it had identified a "network of covert infrastructure operating in Europe, North America, and Asia Pacific that appears to be composed of compromised routers and other network edge devices".
STEALTHY STORM
Nearly all cyber spies work to cover their tracks. The use of so-called botnets by both government and criminal hackers to launder their cyber operations is not new. The approach is often used when an attacker wants to quickly target numerous victims simultaneously or seeks to hide their origins.
China routinely denies hacking and has done so in the case of Volt Typhoon. But documentation of Beijing's cyberespionage campaigns has been building for more than two decades. The spying has come into sharp focus over the past 10 years as Western researchers tied breaches to specific units within the People's Liberation Army, and U.S. law enforcement charged a string of Chinese officers with stealing American secrets.
Secureworks, an arm of Dell Technologies (DELL.N), opens new tab, said in a blog post, opens new tab last year that Volt Typhoon's interest in operational security likely stemmed from embarrassment over the drumbeat of U.S. indictments and "increased pressure from (Chinese) leadership to avoid public scrutiny of its cyberespionage activity."
The Biden administration has increasingly focused on hacking, not only for fear nation states may try to disrupt the U.S. election in November, but because ransomware wreaked havoc on Corporate America in 2023.
The Technology Roundup newsletter brings the latest news and trends straight to your inbox. Sign up here.
Reporting by James Pearson and Raphael Satter; Editing by Bill Berkrot, Sharon Singleton and Neil Fullick Our Standards: The Thomson Reuters Trust Principles. .................................
living off the land https://www.microsoft.com/en-us/security/blog/2018/09/27/out-of-sight-but-not-invisible-defeating-fileless-malware-with-behavior-monitoring-amsi-and-next-gen-av/ Microsoft has uncovered stealthy and targeted malicious activity focused on post-compromise credential access and network system discovery aimed at critical infrastructure organizations in the United States. The attack is carried out by Volt Typhoon, a state-sponsored actor based in China that typically focuses on espionage and information gathering. Microsoft assesses with moderate confidence that this Volt Typhoon campaign is pursuing development of capabilities that could disrupt critical communications infrastructure between the United States and Asia region during future crises.
Living off the land:,p> https://www.microsoft.com/en-us/security/blog/2018/09/27/out-of-sight-but-not-invisible-defeating-fileless-malware-with-behavior-monitoring-amsi-and-next-gen-av/
Out of sight but not invisible: Defeating fileless malware with behavior monitoring, AMSI, and next-gen AV
By Microsoft Threat Intelligence
Consider this scenario: Two never-before-seen, heavily obfuscated scripts manage to slip past file-based detection and dynamically load an info-stealing payload into memory. The scripts are part of a social engineering campaign that tricks potential victims into running the scripts, which use the file names install_flash_player.js and BME040429CB0_1446_FAC_20130812.XML.PDF.js, to distribute and run the payload.
The payload is sophisticated and particularly elusive, given that it:
Doesn't touch the disk, and does not trigger antivirus file scanning
Is loaded in the context of the legitimate process that executed the scripts (i.e., wscript.exe)
Leaves no traces on the disk, such that forensic analysis finds limited evidence
These are markers of a fileless threat. Still, Windows Defender Advanced Threat Protection (Windows Defender ATP) antivirus capabilities detect the payload, stopping the attack in its tracks.
How is this possible?
In this scenario, Anti-malware Scan Interface (AMSI) facilitates detection. AMSI is an open interface that allows antivirus solutions to inspect script behavior by exposing script contents in a form that is both unencrypted and unobfuscated.
AMSI is part of the range of dynamic next-gen features that enable antivirus capabilities in Windows Defender ATP to go beyond file scanning. These features, which also include behavior monitoring, memory scanning, and boot sector protection, catch a wide spectrum of threats, including new and unknown (like the two scripts described above), fileless threats (like the payload), and other sophisticated malware.
Generically detecting fileless techniques
much much more https://www.criticalstart.com/volt-typhoon-hiding-in-plain-sight/
https://www.cisa.gov/news-events/alerts/2024/03/19/cisa-and-partners-release-joint-fact-sheet-leaders-prc-sponsored-volt-typhoon-cyber-activity
https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-038a?utm_source=CISACyber&utm_medium=post&utm_campaign=VT_020724
https://techcrunch.com/2024/02/07/china-backed-volt-typhoon-hackers-have-lurked-inside-us-critical-infrastructure-for-at-least-five-years/
excellent read above,tells more about https://techcrunch.com/2024/02/07/china-backed-volt-typhoon-hackers-have-lurked-inside-us-critical-infrastructure-for-at-least-five-years/