QUESTION: Recently, the US government & @Microsoft disabled -probably temporarily -"Trickbot" one of the world’s largest hacking operations, for fear it would interfere with the U.S. election.
What is Trickbot? Our friends at @NCSC explained. Follow this thread for the answer.
ANSWER: "Trickbot is an established banking trojan used in cyber attacks against businesses and individuals in the UK and overseas. Trickbot attacks are designed to access online accounts, including bank accounts, in order to obtain personally identifiable information
In some cases, Trickbot is used to infiltrate a network. Once inside it can be used to deploy other malware, including ransomware and post-exploitation toolkits. Trickbot targets victims with well-crafted phishing emails, designed to appear as though sent from trusted commercial
or government brands. These emails will often contain an attachment (or link to an attachment) which victims are instructed to open, leading to their machine being exploited.
What can Trickbot do?
Trickbot can download new capabilities onto a victim’s device (as well as updating those it has already deployed) without interaction from the victim; steal sensitive info, including banking login details and memorable info, gather detailed info about
infected devices and networks
steal saved online account passwords, cookies and web history; steal login credentials for infected devices, including domain credentials; connect infected devices to malicious, criminally-controlled networks over the internet,
giving criminals full control of them
spread across a victim’s network by infecting other devices, including those on trusted domains, often using SMB shares download further malicious files such as Remote Access Tools, VNC clients and ransomware"
For details on what to do about it, you can visit the U.K. National Cyber Security Centre ncsc.gov.uk/news/trickbot-…
If you have questions about national security, follow @NatSecAnswers, send us your question and we'll get the answer. @threadreaderapp unroll #A12
• • •
Missing some Tweet in this thread? You can try to
force a refresh
QUESTION: Who are the "Proud Boys"? We asked Scott Stewart @stick631. Follow this thread for the answer.
ANSWER: First, they are a group with an organized national and regional structure. Second, they are not classified as white supremacists as many press reports claim. While some Proud Boy members have links to white supremacists,
the Proud Boys group has members of different ethnicities and its current leader, Enrique Tarrio, is a Cuban. The group is self-avowedly “western chauvinist” meaning that they believe western civilization is superior to others.
ALERT: @FBI & @CISAgov have sent out an alert warning the public about FALSE CLAIMS OF HACKED VOTER INFORMATION: "Foreign actors and cyber criminals are spreading false and inconsistent information through various online platforms in an attempt to...
to manipulate public opinion, discredit the electoral process, and undermine confidence in U.S. democratic institutions. These malicious actors could use these forums to also spread disinformation suggesting successful cyber operations have compromised election infrastructure and
facilitated the “hacking” and “leaking” of U.S. voter registration data. In reality, much U.S. voter information can be purchased or acquired through publicly available sources. While cyber actors have in recent years obtained voter registration information,
QUESTION: Recently, we learned, the CIA Worldwide Intelligence Review had been leaked. What exactly is that? We asked former CIA clandestine service member @douglaslondon5. Follow this thread for the answer.
ANSWER: "The product to which you're referring is from the world intelligence review which is a strong product from the agency’s analytical directorate that is updated daily with new articles.
It covers all issues of the world as well, geographic and functional alike. It's intended for senior policy makers below the level of the president or cabinet secretary who would receive the president's daily brief. It tends to target substantive people.
QUESTION: A new scandal has arisen after allegations of hysterectomies practiced on immigrant women in a detention center in Georgia. What are the implications of these accusations? We asked our venerable colleague @GCorreaCabrera. Follow this thread for the answer.
ANSWER: "Advocacy groups have filed a complaint against this migrant detention center appealing to these accusations, as well as supposed medical neglect during the COVID-19 pandemic and lack of virus safety measures.
The information about alleged hysterectomies without proper "informed consent" was provided by a whistleblower, a nurse who used to work there.
QUESTION: How does #COVID19 impact the families of national security professionals? We asked Jo-Anne Sears @JoAnnePSears , Former Sr. Advisor to the Secretary of the Air Force and Partner, with Velocity Government Relations. Follow this thread for the answer.
ANSWER: "There is a growing challenge adversely affecting Defense Department and Intelligence Community personnel. It is not Russia or China – this time. It is the fact public schools are shuttered for in-person learning due to the #Covid19 pandemic.
This challenge has turned into a crisis for working parents in the region involved in classified programs critical to national security. They have to choose between being at home or protecting the homeland.
QUESTION: Considering the racial unrest sweeping the nation, are domestic terrorist organizations likely planning attacks in the U.S.? We asked @stick631 Scott Stewart. Follow this thread for the answer.
ANSWER: "Absolutely, 100%. Some white supremacists somewhere are definitely planning an attack as we speak. The problem under leaderless resistance is identifying and stopping them.
White supremacy is one of several right-wing extremist ideologies that pose a domestic terrorism threat in the U.S. White supremacism is the belief that whites are superior to other races and therefore should either dominate or be separate from other races.