It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
The start of a cyberwar?
page: 1share:
It's been awhile for me to be posting here, so please bear with me...
I've been watching for last couple days and seeing interesting events happening.
The first event was this executive order... Probably geared towards tiktok.
Followed up by today's twitter attack, disguised as a bitcoin fraud thing, but affecting much more than just trying to grab a few bitcoin from stupid people. with the possibility of a compromised admin control panel (This thread)
This has prompted senator Josh Hawley to send a letter to twitter ceo Jack Dorsey...
Senator Hawley's twitter feed
Letter from Senator
Was the twitter attack a cyber "Shot across the Bow" response to yesterday's executive order?
I know the bitcoin thing has been going for a bit now, it's not just something new today. but it definitely jumped into a higher gear today. Apparently, some of the accounts compromised were using 2 factor authentication. How does that happen?
I've been watching for last couple days and seeing interesting events happening.
The first event was this executive order... Probably geared towards tiktok.
Followed up by today's twitter attack, disguised as a bitcoin fraud thing, but affecting much more than just trying to grab a few bitcoin from stupid people. with the possibility of a compromised admin control panel (This thread)
This has prompted senator Josh Hawley to send a letter to twitter ceo Jack Dorsey...
Senator Hawley's twitter feed
Letter from Senator
Was the twitter attack a cyber "Shot across the Bow" response to yesterday's executive order?
I know the bitcoin thing has been going for a bit now, it's not just something new today. but it definitely jumped into a higher gear today. Apparently, some of the accounts compromised were using 2 factor authentication. How does that happen?
edit on 15-7-2020 by gspat because:
Spelling
a reply to: FlyinHeadlock
I don't work in I.T,
Any chance you can put into laymans terms why you think that?
I don't work in I.T,
Any chance you can put into laymans terms why you think that?
originally posted by: Tim2win
a reply to: FlyinHeadlock
I don't work in I.T,
Any chance you can put into laymans terms why you think that?
Hear Here.
a reply to: carewemust
Damn you, you wet knickered rube.
Your posts infuriaate me, please don't agree with me.
Damn you, you wet knickered rube.
Your posts infuriaate me, please don't agree with me.
No it doesn't. All it takes is one compromised admin account with access to the leaked admin dashboard. Breaches occur far more often as a result of
phishing privileged accounts.
a reply to: FlyinHeadlock
a reply to: FlyinHeadlock
edit on 15-7-2020 by hombero because: (no reason given)
a reply to: Tim2win
You'll want to look into APT groups APT Wiki Article, that's going to be your first start. Then you'll want to look into how tech hiring is done, specifically the H1B visa program, which allows foreign nationals to work in the US, specifically in the tech sector. Most large firms, even medium firms, are absolutely awful at the execution of data loss prevention (DLP), which if properly implemented and tuned would help mitigate exfiltration of some data.
This is my personal opinion on how this could have occurred, without personal inside knowledge of what happened. Thus, only speculation at this point.
You'll want to look into APT groups APT Wiki Article, that's going to be your first start. Then you'll want to look into how tech hiring is done, specifically the H1B visa program, which allows foreign nationals to work in the US, specifically in the tech sector. Most large firms, even medium firms, are absolutely awful at the execution of data loss prevention (DLP), which if properly implemented and tuned would help mitigate exfiltration of some data.
This is my personal opinion on how this could have occurred, without personal inside knowledge of what happened. Thus, only speculation at this point.
originally posted by: Tim2win
a reply to: carewemust
Damn you, you wet knickered rube.
Your posts infuriaate me, please don't agree with me.
LMAO..I just about spit out my drink
It's ok to find common ground on something.
a reply to: hombero
A compromised admin account with multiple layers of security control failure in place? Zero day attack then? Because I would imagine Twitter has at bare minimum; a PAM solution, two-factor auth., a jump host or other enclave for admin access, an EDR solution, some sort of logging and monitoring platform (Splunk?), and a SOC capable of eyes on glass. Who knows what else they may have in place.
Or it's also possible that due to working at home due to Covid has exposed a vulnerability in their remote access process, which is alarmingly common. I'm interested to see how it all plays out in the end.
A compromised admin account with multiple layers of security control failure in place? Zero day attack then? Because I would imagine Twitter has at bare minimum; a PAM solution, two-factor auth., a jump host or other enclave for admin access, an EDR solution, some sort of logging and monitoring platform (Splunk?), and a SOC capable of eyes on glass. Who knows what else they may have in place.
Or it's also possible that due to working at home due to Covid has exposed a vulnerability in their remote access process, which is alarmingly common. I'm interested to see how it all plays out in the end.
a reply to: Hypntick
I'm clueless about this but from some articles that I have read, it seems that some moderators accounts were compromised allowing access to apparently secure accounts.
Is it not possible that this was just some very savy bitcoin scammer or is it something much bigger?
Thanks for the info, this is the first tim I have rad about APT.
I'm clueless about this but from some articles that I have read, it seems that some moderators accounts were compromised allowing access to apparently secure accounts.
Is it not possible that this was just some very savy bitcoin scammer or is it something much bigger?
Thanks for the info, this is the first tim I have rad about APT.
edit on 15-7-2020 by Tim2win because: because im a retard
a reply to: gspat
Twitter is now saying an employee gave access to the admin panel. Hacker has posted they paid the employee to give them access.
If this is true, this is an incredibly stupid twitter employee. No way did they get paid enough to have their life destroyed, which is what will surely happen once they figure out their identity.
Twitter is now saying an employee gave access to the admin panel. Hacker has posted they paid the employee to give them access.
If this is true, this is an incredibly stupid twitter employee. No way did they get paid enough to have their life destroyed, which is what will surely happen once they figure out their identity.
edit on 16-7-2020 by proximo because: (no reason given)
a reply to: Tim2win
If you want to read more into how organized some of these groups are APT1 Report from Mandiant. Dry if you're not really technical, but the executive summary is really damn interesting.
a reply to: proximo
Insider threat is a huge concern for a lot of companies. If this is what happened, I can't say that I'm shocked, useful idiots abound.
If you want to read more into how organized some of these groups are APT1 Report from Mandiant. Dry if you're not really technical, but the executive summary is really damn interesting.
a reply to: proximo
Insider threat is a huge concern for a lot of companies. If this is what happened, I can't say that I'm shocked, useful idiots abound.
edit on
7/16/20 by Hypntick because: Additional Reply
originally posted by: Tim2win
a reply to: carewemust
Damn you, you wet knickered rube.
Your posts infuriaate me, please don't agree with me.
Awesome! Thanks for the compliment.
originally posted by: Hypntick
a reply to: Tim2win
You'll want to look into APT groups APT Wiki Article, that's going to be your first start. Then you'll want to look into how tech hiring is done, specifically the H1B visa program, which allows foreign nationals to work in the US, specifically in the tech sector. Most large firms, even medium firms, are absolutely awful at the execution of data loss prevention (DLP), which if properly implemented and tuned would help mitigate exfiltration of some data.
This is my personal opinion on how this could have occurred, without personal inside knowledge of what happened. Thus, only speculation at this point.
So would that be a way to access secure data/info, in addition to generating chaos and headlines.
a reply to: carewemust
Absolutely. One of the common attack paths seen in a lot of APT or financially motivated groups (FIN), is obtain a foothold, escalate privileges in the environment, perform lateral movement into sensitive systems, and then exfiltrate data out. In doing so some groups will also drop ransomware in an unrelated area as a distraction, or possibly in this case, a campaign of posting bitcoin spam. Same principle as a magician, gotta have misdirection somewhere.
Absolutely. One of the common attack paths seen in a lot of APT or financially motivated groups (FIN), is obtain a foothold, escalate privileges in the environment, perform lateral movement into sensitive systems, and then exfiltrate data out. In doing so some groups will also drop ransomware in an unrelated area as a distraction, or possibly in this case, a campaign of posting bitcoin spam. Same principle as a magician, gotta have misdirection somewhere.
edit on 7/16/20 by Hypntick because: Typo
Anyone that tries to expose Twitter and Dorsey is doing the United States and the world a favor. I doubt it is an enemy of America that did this.
new topics
-
VP's Secret Service agent brawls with other agents at Andrews
Mainstream News: 13 minutes ago -
Sunak spinning the sickness figures
Other Current Events: 54 minutes ago -
Nearly 70% Of Americans Want Talks To End War In Ukraine
Political Issues: 1 hours ago -
Late Night with the Devil - a really good unusual modern horror film.
Movies: 2 hours ago -
Cats Used as Live Bait to Train Ferocious Pitbulls in Illegal NYC Dogfighting
Social Issues and Civil Unrest: 4 hours ago -
The Good News According to Jesus - Episode 1
Religion, Faith, And Theology: 6 hours ago -
HORRIBLE !! Russian Soldier Drinking Own Urine To Survive In Battle
World War Three: 8 hours ago -
Bobiverse
Fantasy & Science Fiction: 11 hours ago -
Florida man's trip overseas ends in shock over $143,000 T-Mobile phone bill
Social Issues and Civil Unrest: 11 hours ago
top topics
-
Florida man's trip overseas ends in shock over $143,000 T-Mobile phone bill
Social Issues and Civil Unrest: 11 hours ago, 8 flags -
SETI chief says US has no evidence for alien technology. 'And we never have'
Aliens and UFOs: 15 hours ago, 7 flags -
Cats Used as Live Bait to Train Ferocious Pitbulls in Illegal NYC Dogfighting
Social Issues and Civil Unrest: 4 hours ago, 7 flags -
This is our Story
General Entertainment: 17 hours ago, 4 flags -
Former Labour minister Frank Field dies aged 81
People: 13 hours ago, 4 flags -
Bobiverse
Fantasy & Science Fiction: 11 hours ago, 3 flags -
HORRIBLE !! Russian Soldier Drinking Own Urine To Survive In Battle
World War Three: 8 hours ago, 2 flags -
Nearly 70% Of Americans Want Talks To End War In Ukraine
Political Issues: 1 hours ago, 2 flags -
Late Night with the Devil - a really good unusual modern horror film.
Movies: 2 hours ago, 2 flags -
VP's Secret Service agent brawls with other agents at Andrews
Mainstream News: 13 minutes ago, 1 flags
active topics
-
VP's Secret Service agent brawls with other agents at Andrews
Mainstream News • 3 • : matafuchs -
President BIDEN Vows to Make Americans Pay More Federal Taxes in 2025 - Political Suicide.
2024 Elections • 119 • : Zanti Misfit -
Truth Social goes public, be careful not to lose your money
Mainstream News • 126 • : Zanti Misfit -
Nearly 70% Of Americans Want Talks To End War In Ukraine
Political Issues • 6 • : budzprime69 -
HORRIBLE !! Russian Soldier Drinking Own Urine To Survive In Battle
World War Three • 25 • : Freeborn -
Definitive 9.11 Pentagon EVIDENCE.
9/11 Conspiracies • 422 • : Zanti Misfit -
Breaking Baltimore, ship brings down bridge, mass casualties
Other Current Events • 482 • : IndieA -
How ageing is" immune deficiency"
Medical Issues & Conspiracies • 30 • : annonentity -
Remember These Attacks When President Trump 2.0 Retribution-Justice Commences.
2024 Elections • 55 • : Zanti Misfit -
SETI chief says US has no evidence for alien technology. 'And we never have'
Aliens and UFOs • 36 • : anthelion