Master Your Passwords

Every month millions of people have their passwords stolen. Here we explain how to keep your passwords secure | Originally written for F-Secured - Your complete guide to online security in 2023 ... Read More
Uncovering a long-lasting porn spam campaign on YouTube | (NSFW, maybe)

Uncovering a long-lasting porn spam campaign on YouTube | (NSFW, maybe)

In December 2022 I stumbled upon an interesting YouTube comment-based campaign, which promoted a shady camgirl / porn website through a clever use of YouTube features. I screengrabbed some video evidence and took a quick look at the campaign, but I didn’t have time to allocate for this back then ... Read More

What are social media countermeasures?

As the guy who pretty much owns the #socialmediacountermeasures on Twitter, I figured it makes sense to give the term some proper definition beyond just 280 characters. In short, social media countermeasures are those techniques – both automated and manual – of which social media services use when trying to ... Read More

Everyman’s Cyber Defence

The following is my translation of “Jokamiehen kyberpuolustus”, Everyman’s Cyber Defence, a short snippet from publicly available document #kyberpuolustus : kyberkäsikirja Puolustusvoimien henkilöstölle (2019) by Laari, Flyktman, Härmä, Timonen and Tuovinen. Source material is encrypted in Finnish and free to download from National Defence University of Finland’s website. I intend ... Read More
Social Media Misinformation

Social Media Countermeasures – Battling Long-Running Scams on YouTube, Facebook, Twitter and Instagram

For the past few years, I’ve been documenting, screenshotting, and sharing examples of criminal campaigns on the three big social media platforms: Facebook, YouTube and Twitter. I’m not that interested in speculating whether or not something is fake content, falsely amplified by nation-state sponsored threat actors (i.e. coordinated inauthentic behavior), ... Read More

What is Ransomware 3.0?

| | Infosec, Privacy & Security
I believe there’s a pretty clear consensus within the industry that ransomware should not be mistaken anymore to limit itself to just encrypting files and demanding payment for a decryption key. Dubbed by F-Secure “Ransomware 2.0”, now the standard practice for ransomware groups includes also stealing files from the target ... Read More
Dual Core - 0x0A Hack Commandments [FREE DL]

Cyber Security in Gaming – Extensive Show Notes for KOVA Podcast X F-Secure

Recently I was invited to KOVA Esports podcast to talk about cyber security, online privacy and identity management from the perspective of gamers and gaming industry in general. Hosted by KOVA’s General Manager Timo Tarvainen and joined by their streamer Teemu “Spamned” Rissanen, we had a great one-hour long discussion ... Read More
YouTube Channel Phishing, Part 2: The Enemy Evolves

YouTube Channel Phishing, Part 2: The Enemy Evolves

Last year I took a first look at a phishing campaign that was interestingly targeting YouTube channel owners’ email addresses. The aim of the campaign was to guide people to fake YouTube sign in page and phish their login credentials. Note, this did not target YouTube accounts in general, but ... Read More

Wearables & Privacy – What You Need To Know

Continuing my seemingly never-ending quest of digging through privacy policies, this time I analyzed how the most popular wearables companies handle their customers’ data. Fitbit, Biostrap, Motiv, Oura and Whoop all are on the cutting edge of health technology, but are their privacy practices on par with that or not? ... Read More
“YouTube channel will be disabled within 24 hours!” Phishing Campaign First Look

“YouTube channel will be disabled within 24 hours!” Phishing Campaign First Look

During past few months I’ve witnessed and been targeted by rather simple, but still interesting phishing campaign. Well, not me personally, but instead a YouTube channel that I run. This campaign has noticeably sped up in November, so I decided to take a closer look at these phishing emails and ... Read More