Podcast: Salt Typhoon Exposed: Breaking Down the CISA Alert AA25-236A

Episode Description:

In this special episode of The Cyber Resilience Brief, hosts Tova Dvorin and Adrian Culley unpack the newly released CISA Advisory AA25-239, a joint warning from CISA, the NSA, the FBI, and international partners, on the persistent Chinese state-sponsored threat group known as Salt Typhoon.

Salt Typhoon has been quietly infiltrating critical infrastructure worldwide by exploiting outdated routers, weak credentials, and “living off the land” techniques, such as PowerShell, WMI, and scheduled tasks—often remaining undetected for years. This episode explores:

This episode covers:

• Key TTPs & IOCs called out in the advisory, including router exploits, credential abuse, and stealthy exfiltration techniques.
• Mitigation strategies every organization should implement now: patching, MFA enforcement, segmentation, and proactive monitoring.
• How Breach and Attack Simulation (BAS), Adversarial Exposure Validation (AEV), and Continuous Automated Red Teaming (CART) can help organizations proactively defend against advanced, long-term adversaries.