Jussi Leskinen
@jussileskinen.fi
Tech, nature, photography, cyber, guitar, dogs
🇫🇮🇧🇪🇪🇺
🇫🇮🇧🇪🇪🇺
Questions: How resilient Google Maps is for hostile manipulation attacks? How resilient out society is for such kind of attacks? What could evil actor be able to do with huge resources - what could be the worst case scenario?
www.engadget.com/apps/google-...
www.engadget.com/apps/google-...
Google Maps falsely told drivers in Germany that roads across the country were closed
To make matters worse, the technical error happened during a public holiday.
www.engadget.com
May 31, 2025 at 9:46 AM
Questions: How resilient Google Maps is for hostile manipulation attacks? How resilient out society is for such kind of attacks? What could evil actor be able to do with huge resources - what could be the worst case scenario?
www.engadget.com/apps/google-...
www.engadget.com/apps/google-...
Google Maps gathers traffic data from various sources, including user location data and third-party providers. In 2020 Simon Weckert triggered Maps show empty streets as congested by dragging a wagon with 99 phones.
www.simonweckert.com/googlemapsha...
www.simonweckert.com/googlemapsha...
SIMON WECKERT
www.simonweckert.com
May 31, 2025 at 9:42 AM
Google Maps gathers traffic data from various sources, including user location data and third-party providers. In 2020 Simon Weckert triggered Maps show empty streets as congested by dragging a wagon with 99 phones.
www.simonweckert.com/googlemapsha...
www.simonweckert.com/googlemapsha...
At the olden times people uploaded their private stuff in GitHub, Virustotal etc. which was quite limited... Now we have entered the GenAI times:
cybersecuritynews.com/3-in-4-enter...
cybersecuritynews.com/3-in-4-enter...
3 in 4 Enterprise Users Upload Data to GenAI Including Passwords and Keys
A new report indicates that three out of four enterprise users are uploading data to generative AI (genAI) applications.
cybersecuritynews.com
March 26, 2025 at 5:05 PM
At the olden times people uploaded their private stuff in GitHub, Virustotal etc. which was quite limited... Now we have entered the GenAI times:
cybersecuritynews.com/3-in-4-enter...
cybersecuritynews.com/3-in-4-enter...
Just to reminder that even the most professionals can fall for phishing:
www.troyhunt.com/a-sneaky-phi...
#phishing #cybercrime
www.troyhunt.com/a-sneaky-phi...
#phishing #cybercrime
A Sneaky Phish Just Grabbed my Mailchimp Mailing List
You know when you're really jet lagged and really tired and the cogs in your head are just moving that little bit too slow? That's me right now, and the penny has just dropped that a Mailchimp phish h...
www.troyhunt.com
March 25, 2025 at 2:14 PM
Just to reminder that even the most professionals can fall for phishing:
www.troyhunt.com/a-sneaky-phi...
#phishing #cybercrime
www.troyhunt.com/a-sneaky-phi...
#phishing #cybercrime
I don't just photograph birds. All the nature is in my scope. I don't have macro yet but sometimes I manage snap a pic of insects as well. This one was taken with my Sony 200-600. Camera itself is Sony A7III.
#naturephotography
#naturephotography
March 16, 2025 at 12:04 PM
I don't just photograph birds. All the nature is in my scope. I don't have macro yet but sometimes I manage snap a pic of insects as well. This one was taken with my Sony 200-600. Camera itself is Sony A7III.
#naturephotography
#naturephotography
A phishing campaign collecting ChatGPT premium account credentials. Interesting to know what is the motivation behind this?
www.broadcom.com/support/secu...
#phishing #cybersecurity #cybercrime
www.broadcom.com/support/secu...
#phishing #cybersecurity #cybercrime
Phishing campaign disguises as ChatGPT Subscription
Phishing campaign disguises as ChatGPT Subscription
www.broadcom.com
February 24, 2025 at 8:41 AM
A phishing campaign collecting ChatGPT premium account credentials. Interesting to know what is the motivation behind this?
www.broadcom.com/support/secu...
#phishing #cybersecurity #cybercrime
www.broadcom.com/support/secu...
#phishing #cybersecurity #cybercrime
Years back when I started my career in infosec, when I was working in a bank and advicing people on infosec practices, I would have laughed and make memes and jokes about this book. After over a decade I'm starting to think that this is not such a bad thing anymore. 😀
February 23, 2025 at 11:07 AM
Years back when I started my career in infosec, when I was working in a bank and advicing people on infosec practices, I would have laughed and make memes and jokes about this book. After over a decade I'm starting to think that this is not such a bad thing anymore. 😀
Reposted by Jussi Leskinen
🚨 Alert: New Hacktivist Alliance🚨
RABBIT CYBER TEAM and Arab Ghosts Hackers have officially announced a new alliance.
RABBIT CYBER TEAM and Arab Ghosts Hackers have officially announced a new alliance.
February 23, 2025 at 9:09 AM
🚨 Alert: New Hacktivist Alliance🚨
RABBIT CYBER TEAM and Arab Ghosts Hackers have officially announced a new alliance.
RABBIT CYBER TEAM and Arab Ghosts Hackers have officially announced a new alliance.
Reposted by Jussi Leskinen
The RansomHouse ransomware gang has taken credit for a cyberattack that hit the Supreme Administrative Court of Bulgaria last week.
Officials have confirmed the attack and said they received a ransom.
offnews.bg/temida/haker...
Officials have confirmed the attack and said they received a ransom.
offnews.bg/temida/haker...
Хакерска група източи данни от системите на ВАС и ги публикува онлайн — OFFNews
Хакерска група източи данни от системите на ВАС и ги публикува онлайн ✔️ Вижте подробности на Offnews.bg от автор OFFNews
offnews.bg
February 23, 2025 at 12:28 AM
The RansomHouse ransomware gang has taken credit for a cyberattack that hit the Supreme Administrative Court of Bulgaria last week.
Officials have confirmed the attack and said they received a ransom.
offnews.bg/temida/haker...
Officials have confirmed the attack and said they received a ransom.
offnews.bg/temida/haker...
Reposted by Jussi Leskinen
Luca Casarini, co-founder of the Mediterranea Saving Humans charity, showed Reuters the spyware alert he had received from WhatsApp on Friday.
Just in case you're wondering what kinds of people governments are snooping on using Paragon Solutions' spyware:
www.reuters.com/world/italia...
Just in case you're wondering what kinds of people governments are snooping on using Paragon Solutions' spyware:
www.reuters.com/world/italia...
Italian sea rescue activist targeted with spyware, according to Meta alert
Meta Platforms warned a well-known Italian migrant rescue activist that he was recently targeted with spyware, according to a screenshot of the alert shared with Reuters, making it the second such case made public in Italy so far.
www.reuters.com
February 5, 2025 at 7:56 PM
Luca Casarini, co-founder of the Mediterranea Saving Humans charity, showed Reuters the spyware alert he had received from WhatsApp on Friday.
Just in case you're wondering what kinds of people governments are snooping on using Paragon Solutions' spyware:
www.reuters.com/world/italia...
Just in case you're wondering what kinds of people governments are snooping on using Paragon Solutions' spyware:
www.reuters.com/world/italia...
Reposted by Jussi Leskinen
The Italian government said in a press release on Wednesday that a spyware campaign revealed by WhatsApp, and carried out with spyware made by Israeli spyware company Paragon Solutions, targeted 90 people in over two dozen countries, including several countries in Europe.
Paragon spyware used to target citizens across Europe, says Italian government | TechCrunch
WhatsApp said users in several European countries were targeted with Paragon spyware, according to the Italian government.
techcrunch.com
February 5, 2025 at 9:49 PM
The Italian government said in a press release on Wednesday that a spyware campaign revealed by WhatsApp, and carried out with spyware made by Israeli spyware company Paragon Solutions, targeted 90 people in over two dozen countries, including several countries in Europe.
Reposted by Jussi Leskinen
DragonRank (Chinese hackers) spread BadIIS malware, exploiting IIS web app vulnerabilities. This causes SEO fraud & malicious injections, impacting 35+ servers. Patch, secure configs, and strong monitoring are crucial for mitigation.#DragonRankMalware
February 9, 2025 at 6:15 PM
DragonRank (Chinese hackers) spread BadIIS malware, exploiting IIS web app vulnerabilities. This causes SEO fraud & malicious injections, impacting 35+ servers. Patch, secure configs, and strong monitoring are crucial for mitigation.#DragonRankMalware
Reposted by Jussi Leskinen
Malicious "deepseeek" & "deepseekai" packages, mimicking DeepSeek AI tools, stole data from 222 US developers via PyPI on January 29, 2025. PyPI removed them, but affected users MUST change passwords & API keys.#DeepSeekDataTheft
February 3, 2025 at 4:47 PM
Malicious "deepseeek" & "deepseekai" packages, mimicking DeepSeek AI tools, stole data from 222 US developers via PyPI on January 29, 2025. PyPI removed them, but affected users MUST change passwords & API keys.#DeepSeekDataTheft
Reposted by Jussi Leskinen
Speaking of healthcare. Let's make @bsky.app the platform that fights misinformation. Some great follows are @drsusanoliver.bsky.social @jsm2334.bsky.social @therealtruther.bsky.social
Let's get them more followers and engagement than other platforms and let health science accounts find a home
Let's get them more followers and engagement than other platforms and let health science accounts find a home
January 25, 2025 at 5:55 PM
Speaking of healthcare. Let's make @bsky.app the platform that fights misinformation. Some great follows are @drsusanoliver.bsky.social @jsm2334.bsky.social @therealtruther.bsky.social
Let's get them more followers and engagement than other platforms and let health science accounts find a home
Let's get them more followers and engagement than other platforms and let health science accounts find a home
Reposted by Jussi Leskinen
Security researcher Monty has released YaraMonitor, a tool to continuously ingest, analyze, and alert on malware samples given a set of Yara rules
github.com/montysecurit...
github.com/montysecurit...
GitHub - montysecurity/YaraMonitor: Framework for Monitoring File Ingestion Source for Yara Matches
Framework for Monitoring File Ingestion Source for Yara Matches - montysecurity/YaraMonitor
github.com
January 26, 2025 at 1:48 PM
Security researcher Monty has released YaraMonitor, a tool to continuously ingest, analyze, and alert on malware samples given a set of Yara rules
github.com/montysecurit...
github.com/montysecurit...
Reposted by Jussi Leskinen
The recent board changes at Meta suggest the social media giant is gearing up for war with foreign governments. If it plays its cards right, and if the Trump administration bullies other states on its behalf, this could be a battle it could win.
Depressing read from @davidallengreen.bsky.social
Depressing read from @davidallengreen.bsky.social
The coming battle between social media and the state
Behind the alignment of X and Meta with Trump is a cold business logic — and a position of weakness rather than strength
www.ft.com
January 11, 2025 at 7:34 PM
The recent board changes at Meta suggest the social media giant is gearing up for war with foreign governments. If it plays its cards right, and if the Trump administration bullies other states on its behalf, this could be a battle it could win.
Depressing read from @davidallengreen.bsky.social
Depressing read from @davidallengreen.bsky.social
Reposted by Jussi Leskinen
🚨Ivanti 0-day Exploited‼️
Ivanti has disclosed a critical zero-day vulnerability, CVE-2025-0282, in its Connect Secure appliances, which has been actively exploited by attackers to install malware.
bleepingcomputer.com/news/securit...
Ivanti has disclosed a critical zero-day vulnerability, CVE-2025-0282, in its Connect Secure appliances, which has been actively exploited by attackers to install malware.
bleepingcomputer.com/news/securit...
Ivanti warns of new Connect Secure flaw used in zero-day attacks
Ivanti is warning that a new Connect Secure remote code execution vulnerability tracked as CVE-2025-0282 was exploited in zero-day attacks to install malware on appliances.
bleepingcomputer.com
January 9, 2025 at 6:18 AM
🚨Ivanti 0-day Exploited‼️
Ivanti has disclosed a critical zero-day vulnerability, CVE-2025-0282, in its Connect Secure appliances, which has been actively exploited by attackers to install malware.
bleepingcomputer.com/news/securit...
Ivanti has disclosed a critical zero-day vulnerability, CVE-2025-0282, in its Connect Secure appliances, which has been actively exploited by attackers to install malware.
bleepingcomputer.com/news/securit...
Reposted by Jussi Leskinen
SUMMARY: Dell's Power Manager (versions <3.17) has a critical vulnerability (CVE-2024-49600) allowing local attackers elevated privileges. Update to version 3.17 immediately.
December 10, 2024 at 8:00 PM
SUMMARY: Dell's Power Manager (versions <3.17) has a critical vulnerability (CVE-2024-49600) allowing local attackers elevated privileges. Update to version 3.17 immediately.
Reposted by Jussi Leskinen
This is huge.
The EFJ represents over 295,000 journalists in 44 countries 👇
www.thelondoneconomic.com/news/media/e...
The EFJ represents over 295,000 journalists in 44 countries 👇
www.thelondoneconomic.com/news/media/e...
European Federation of Journalists to stop posting content on X
The EFJ represents over 295,000 journalists in 44 countries.
www.thelondoneconomic.com
December 2, 2024 at 9:19 AM
This is huge.
The EFJ represents over 295,000 journalists in 44 countries 👇
www.thelondoneconomic.com/news/media/e...
The EFJ represents over 295,000 journalists in 44 countries 👇
www.thelondoneconomic.com/news/media/e...