Mikkonen.bio

TLDR on the ‘adyingnobody’ crypto case

June 15, 2022 by Juho Mikkonen

A saga made by currently suspended Twitter used with the username adyingnobody was rather interesting to be followed in the end. Everything began on 7th June 2022 when the following post about promised crypto scene leaks was published on the TwitLonger service. The leak promised to uncover secret assassinations and orgies among the crypto scene, … Read more

Going to PageSpeed score 100 with GeneratePress

June 15, 2022 by Juho Mikkonen

Well, at least on mobile and with desktop to the 98/100. I’ve been recently looking at how different themes behave under WordPress installation from the performance point of view, and I’ve started to use the GeneratePress under my website installation. Why? Because it appears, that this theme really is one of the best optimized themes … Read more

WordPress userdata extractor

June 15, 2022 by Juho Mikkonen

I’ve created a simple Python based utility to extract WordPress userdata. It is now available at my Github profile here. How it works then? The utility relies and uses nothing but publicly available information of any WordPress website. It is provided neatly by WordPress provided REST API which can be then used for the described … Read more

What can be faked, anyway? Mostly anything

June 8, 2021March 11, 2021 by Juho Mikkonen

Deepfakes have been around now for a while but it seems that people are still failing to understand how easy and fast it is to fake any kind of information. This is just a quick summary and a reminder that e.g. screenshots of people’s tweets should not qualify for a newspaper neither screenshots about SMSes or emails for evidence in court.

How to scam 26 thousand people with “LEAF Healthcare” face masks that don’t exists

November 24, 2020 by Juho Mikkonen

Well, this is surprisingly easy to do with simple marketing and photo-manipulation, and then you’ll have about 4.4M USD out of which 3.3M USD is currently frozen by the Indiegogo crowdfunding platform, which is still quite a lot of money. The point is, that with simple fact checking a lot of this damage could’ve been avoided, and many future legal processes.

Using TOR browser to investigate geofenced phishing sites

October 6, 2020 by Juho Mikkonen

Geofenced, country-specific phishing websites are becoming more common which makes investigating those websites harder, especially when the investigator has no direct access to files or the server where the website is located.

5 different ways to counter Cloudflare DDoS protection

September 30, 2020 by Juho Mikkonen

Cloudflare is a company known very much for its great DDoS protection services which are able to mitigate great attacks against online services, technically by providing such service with a reverse proxy technique which also hides the IP address of the server behind the reverse proxy.

In this post, I’ll describe some of the most common pitfalls end-users of this service face. Hopefully, this information helps some OSINT researchers, journalists, and sysadmins to secure their websites.

Finnish Institute for Health and Welfare (THL) shares your COVID-19 letter complaints with an insecure direct marketing company

April 29, 2020 by Juho Mikkonen

Finnish Institute for Health and Welfare (THL) has asked SSM Suomen Suoramainonta to deliver a letter about the best practices against the COVID-19. However if you never received such a letter like I didn’t, you could’ve complained about it in the address provided by THL in their own blog post. Unfortunately I think I’m going to pass this one. This is mainly because of 3 reasons.

Geolocating SSIDs and why you should not share funny WIFI names around your place

April 11, 2020 by Juho Mikkonen

…because it’s really easy to find your location just based on your funny screenshot. Let’s see how and with code samples. To do this, we’re using the wonderful, open wardriving database WiGLE.

Let’s review app security: FinPandem – Crowdsourced COVID-19 heatmap

April 6, 2020 by Juho Mikkonen

At the moment of writing this post it has been ~9 hours since FinPandem released a demo video of their product, apparently developed by Tarento (Indian, Finnish and Swedish company, who knows where the app is developed ) and Coredo.