Christina Lekati
LightNews LightNews
banner
christinalekati.bsky.social
Christina Lekati
@christinalekati.bsky.social
3.5K followers 93 following 110 posts
#SocialEngineering, #Psychology, #HUMINT & #OSINT intertwined for the sake of security.
Posts Media Videos Starter Packs
Pinned
christinalekati.bsky.social
Christina Lekati @christinalekati.bsky.social Β· Sep 30
Beyond excited to share that one of our most fun, interactive & knowledge-dense classes returns, this time at @BlackHatEvents Europe! πŸŽ‰

The talented @OSINTgeek & I will be teaching our "Fundamentals of Cyber Investigations & Human Intelligence" class on the 9-10th of December in London!
1 2
christinalekati.bsky.social
Christina Lekati @christinalekati.bsky.social Β· Aug 4
Report by Google (government-backed threat actor use of the Gemini): cloud.google.com/blog/topics/...
Adversarial Misuse of Generative AI | Google Cloud Blog
We share our findings on government-backed and information operations threat actor use of the Gemini web application.
cloud.google.com
1 2
christinalekati.bsky.social
Christina Lekati @christinalekati.bsky.social Β· Aug 4
2 additional reports on how GenAI has been used in social engineering attacks. They provide a more holistic understanding on how these tools are being used by adversaries:

Report by Anthropic (Claude): www.anthropic.com/news/detecti...
Detecting and Countering Malicious Uses of Claude
Detecting and Countering Malicious Uses of Claude
www.anthropic.com
1 1
christinalekati.bsky.social
Christina Lekati @christinalekati.bsky.social Β· Aug 4
πŸ”Ή I know that some of you in my network (and some of our clients) had to deal with the attacks documented. This will hit home.

πŸ”Ή Ultimately, we can use this report help us further improve our defense strategies with reality in mind.
1
christinalekati.bsky.social
Christina Lekati @christinalekati.bsky.social Β· Aug 4
πŸ”Ή The operations described in the report help give us a better understanding of how threat actors are *realistically* trying to abuse GenAI models. No guesses, no fancy assumptions, just the observed TTPs.
1
christinalekati.bsky.social
Christina Lekati @christinalekati.bsky.social Β· Aug 4
3 resources in 1 post:
Open AI has released a new report outlining the ways in which threat actors used their generative AI products to support their social engineering attack operations. They provide the case studies.

openai.com/global-affai...

Why is this useful? 🧡
Disrupting malicious uses of AI: June 2025
Our latest report featuring case studies of how we’re detecting and preventing malicious uses of AI.
openai.com
1 4
christinalekati.bsky.social
Christina Lekati @christinalekati.bsky.social Β· Jul 16
Happy news!! This September at @brucon we will be taking a deep dive into #socialengineering and #OSINT through a 3-day, hands-on training class!
I SO look forward to it and to meeting the participants!! πŸ€©πŸ‘©πŸ»β€πŸ’»

Full class content & details: www.brucon.org/training-det...
3
christinalekati.bsky.social
Christina Lekati @christinalekati.bsky.social Β· Jun 17
Always fun hanging out with you @cyber.coffee! πŸ™ŒπŸ»
1
christinalekati.bsky.social
Christina Lekati @christinalekati.bsky.social Β· Jun 17
Very grateful for last week spent at X33fcon in Poland!
It started with 2 days full of #socialengineering & #OSINT training where I had the privilege to teach a class that was present, curious, and ready to try things out.
Big bonus: reconnecting with friends during the conference days afterwards😊
1 1 3
Reposted by Christina Lekati
christinalekati.bsky.social
Christina Lekati @christinalekati.bsky.social Β· May 21
Agentic AI has opened new frontiers for adversaries looking to automate and scale attacks.

I wrote an article explaining what Agentic AI really is & how it can shape the future of the social engineering threat landscape.

christina-lekati.medium.com/when-ai-goes...
When AI Goes Rogue: How Agentic AI Will Reshape Social Engineering Attacks
Cyber criminals are rarely late to the game when it comes to new technologies. In fact, they’re often among the first ones to experiment…
christina-lekati.medium.com
2
christinalekati.bsky.social
Christina Lekati @christinalekati.bsky.social Β· May 21
Agentic AI has opened new frontiers for adversaries looking to automate and scale attacks.

I wrote an article explaining what Agentic AI really is & how it can shape the future of the social engineering threat landscape.

christina-lekati.medium.com/when-ai-goes...
When AI Goes Rogue: How Agentic AI Will Reshape Social Engineering Attacks
Cyber criminals are rarely late to the game when it comes to new technologies. In fact, they’re often among the first ones to experiment…
christina-lekati.medium.com
2
christinalekati.bsky.social
Christina Lekati @christinalekati.bsky.social Β· May 7
There are a few things different this time around. πŸ‘‡πŸ»

New class modules:
πŸ”ΈοΈState-Sponsored social engineering schemes
πŸ”ΈοΈUsing AI for OSINT tasks (responsibly)
πŸ”ΈοΈHow attackers are using AI to supercharge their SE.

Hands-on, practical & realistic. See you at x33fcon in only 4 weeks! 😱πŸ₯³
christinalekati.bsky.social
Christina Lekati @christinalekati.bsky.social Β· May 2
Note: HUMINT in CTI is not meant to replace the technical analysis, but to complement it. It fills in gaps with intel that cannot be found through the technical analysis or other passive intel disciplines - e.g. motives, future targets, skill/group developments, future plans, etc
christinalekati.bsky.social
Christina Lekati @christinalekati.bsky.social Β· May 2
If you are using #HUMINT techniques in your #CTI process, this is a talk worth watching.
Eliska & Julien do a great job in breaking down important concepts, risks, benefits & analytical aspects of using HUMINT tactics in a CTI workflow ⬇️

youtu.be/o1TTO5d1DXQ?...
It's so overt it's covert: leveraging classic HUMINT tactics in CTI investigations
YouTube video by SANS Digital Forensics and Incident Response
youtu.be
1
Reposted by Christina Lekati
dutchosintguy.bsky.social
Dutch_OsintGuy @dutchosintguy.bsky.social Β· Apr 2
New blog: The Slow Collapse of Critical Thinking in OSINT due to AI

"OSINT used to be a thinking game. Now it’s becoming a trusting game and that should terrify you."

#OSINT #OSINT4good #AI

Read the blog here: www.dutchosintguy.com/post/the-slo...
7 22 58
christinalekati.bsky.social
Christina Lekati @christinalekati.bsky.social Β· Mar 31
Class Details & Registration:
www.x33fcon.com?fbclid=IwAR2...
x33fcon
www.x33fcon.com
christinalekati.bsky.social
Christina Lekati @christinalekati.bsky.social Β· Mar 31
...and of course:

πŸ”Ή Blue Team Countermeasures: How to disrupt social engineering attacks & create a defense strategy.

...but there will also be some surprises 🀫 ✨ ✨

If you're attending #x33fcon this year I look forward to seeing you there! πŸ‘‹πŸ»
x33fcon
www.x33fcon.com
1 2
christinalekati.bsky.social
Christina Lekati @christinalekati.bsky.social Β· Mar 31
πŸ”Ή The use of AI in all phases of the social engineering kill-chain.

πŸ”Ή OSINT: How to conduct reconnaissance on a target (business / person) and what to look for.

πŸ”Ή Highly practical open-source intelligence (OSINT) tools & techniques that facilitate attack scenarios.
1 1
christinalekati.bsky.social
Christina Lekati @christinalekati.bsky.social Β· Mar 31
We will cover:

πŸ”Ή Timeless Social Engineering Attack Scenarios: The tricks that keep working (and why).

πŸ”Ή The Psychology behind social engineering (we will go well beyond influence tactics!!)

πŸ”Ή Hybrid & advanced attack techniques that combine multiple attack verticals.
1
christinalekati.bsky.social
Christina Lekati @christinalekati.bsky.social Β· Mar 31
Surprise! Really excited to announce that the next "π‘Ίπ’π’„π’Šπ’‚π’ π‘¬π’π’ˆπ’Šπ’π’†π’†π’“π’Šπ’π’ˆ & 𝑢𝒑𝒆𝒏-𝒔𝒐𝒖𝒓𝒄𝒆 π‘°π’π’•π’†π’π’π’Šπ’ˆπ’†π’π’„π’† 𝒇𝒐𝒓 π‘Ίπ’†π’„π’–π’“π’Šπ’•π’š π‘»π’†π’‚π’Žπ’”" open class will be happening at x33fcon in Gdynia, Poland!!

This is an intensive, 2-day training 🧡
1 1 3
christinalekati.bsky.social
Christina Lekati @christinalekati.bsky.social Β· Mar 25
Sure, there is no perfect OPSEC, and there is no perfect intelligence department. However, that a pretty major error and we can all learn from it.
christinalekati.bsky.social
Christina Lekati @christinalekati.bsky.social Β· Mar 25
πŸ”ΉοΈ The fact that experienced, OPSEC-aware, national-security leaders in this administration don't act with security in mind, which we can assume happens in more than one ways. Even on such a fundamental level.
christinalekati.bsky.social
Christina Lekati @christinalekati.bsky.social Β· Mar 14
Not that hotel rooms have the best locking mechanisms, but leaving a room fully accessible after exiting is a whole other level. Check your doors when you leave, people.
2
Reposted by Christina Lekati
dell.bsky.social
dell cameron @dell.bsky.social Β· Mar 11
A WIRED must-read today on Boeing by @laurensmiley.bsky.social:
The Worst 7 Years in Boeing’s Historyβ€”and the Man Who Won’t Stop Fighting for Answers
Fatal crashes. A door blowout. Grounded planes. Inside the citizen-led, obsessive campaign to hold Boeing accountable and prevent the next disaster.
www.wired.com
2 41 180
Reposted by Christina Lekati
patrickcmiller.bsky.social
Patrick C Miller @patrickcmiller.bsky.social Β· Mar 11
Switzerland mandates 24-hour cyberattack reporting for critical infrastructure operators from April
Switzerland mandates 24-hour cyberattack reporting for critical infrastructure operators from April
Switzerland Mandates 24-hour Cyberattack Reporting for Critical Infrastructure, Effective April 1, with Fines Starting October 1.
buff.ly
2 1
christinalekati.bsky.social
Christina Lekati @christinalekati.bsky.social Β· Jan 28
Overall, this report is worth a read. If you are interested in the topic don't forget to check out the referenced resources within the report