@[email protected]
110 Followers
103 Following
149 Posts

I'm the Bad Guys' Blue Nightmare.
Senior Theat Analyst @ Truesec.

For my other endeavors:
🎹 Composer and Music Producer 👨🏻‍🎤
(https://mastodon.social/@paleskinnyswede)
🎙️ Podcast Host (https://enlitenpoddomit.se)
đź“· Photographer (https://vero.co/paleskinnyswede)

#infosec #cybersecurity #blueteam #purpleteam #threathunting #threatanalysis #threatintel #threatintelligence #soc #csirt #truesec

ThreatHunter Chronicleshttps://threathunter-chronicles.com
LinkedInhttps://www.linkedin.com/in/dlilja/
Truesechttps://www.truesec.com/experts/david-lilja
BlueSkyhttps://bsky.app/profile/paleskinnyswede.bsky.social
Swecybhttps://swecyb.com/@dlilja
     Jan 20
BleepingComputerJan 20

Using only natural language instructions, researchers were able to bypass Google Gemini's defenses against malicious prompt injection and create misleading events to leak private Calendar data.

https://www.bleepingcomputer.com/news/security/gemini-ai-assistant-tricked-into-leaking-google-calendar-data/

Gemini AI assistant tricked into leaking Google Calendar data

Using only natural language instructions, researchers were able to bypass Google Gemini's defenses against malicious prompt injection and create misleading events to leak private Calendar data.

BleepingComputer
     Jan 19

I’ve been tasked with writing some processes, procedures and related documentation and immediately thought about information mapping. I worked a lot with that 18-20 years ago.

When I now try to google it, I get very few results. It’s like the world has moved on and invented something else.

What have I missed?

#informationmapping #documentation #process #procedure #standsrdoperatingprocedure #flowcharts

     Jun 18, 2025

New blog post coming tomorrow (Thursday). After the success and almost viral post about Atomic Red Team, it’s time to use histograms to analyse data and find repetition and silence.

Here’s the Atomic Red Team post:
https://threathunter-chronicles.medium.com/logwatchers-zenit-02-simulating-attacks-with-atomic-red-team-d9071d42eaeb

#cybersecurity #threathunting #threatdetection #loganalysis #incidentresponse #mvpbuzz #blog

Logwatcher’s Zenit #02: Simulating Attacks with Atomic Red Team

At the summit of signal and noise lies the Logwatcher’s Zenit — a quiet place for analysts who squint at timestamps and whisper to correlation engines. Bring your coffee, leave your assumptions at…

Medium
     Jun 18, 2025
BleepingComputerJun 18, 2025

Microsoft has announced that it will soon update security defaults for all Microsoft 365 tenants to block access to SharePoint, OneDrive, and Office files via legacy authentication protocols.

https://www.bleepingcomputer.com/news/microsoft/microsoft-365-to-block-file-access-via-legacy-auth-protocols-by-default/

Microsoft 365 to block file access via legacy auth protocols by default

Microsoft has announced that it will soon update security defaults for all Microsoft 365 tenants to block access to SharePoint, OneDrive, and Office files via legacy authentication protocols.

BleepingComputer
     Jun 6, 2025

Are you annoyed that the #Windows #Sandbox always starts in a bright and light mode even if your host is set to a dark theme?

Look no further. Here’s my Dirty Bit how to fix it. Forever. Or at least until Microsoft changes things around again.

https://threathunter-chronicles.medium.com/dirty-bits-01-dark-theme-sandbox-f517f00639a6

#blog #cybersecurity #darkmode #darktheme #mvpbuzz

Dirty Bit #01: Dark Theme Sandbox - ThreatHunter Chronicles - Medium

1. Edit your .wsb file and map a folder and add a command 2. Create a .cmd file with the dark theme command 3. Done The Dirty Bits category celebrates the unsung heroes of quick hacks, undocumented…

Medium
     May 29, 2025

New post in the Logwatcher's Zenit category has been published. It's the first part about how VS Code is a great tool for Cyberthreat Analysts. We're starting with key commands to speed up the workflow.

#threathunter #threathunting #threatanalysis #cybersecurity #blog

https://threathunter-chronicles.medium.com/logwatchers-zenit-01-vs-code-for-analysts-part-1-b7ead9123ed9

Logwatcher’s Zenit #01: VS Code for Analysts, part 1

At the summit of signal and noise lies the Logwatcher’s Zenit — a quiet place for analysts who squint at timestamps and whisper to correlation engines. This category explores log analysis, data…

Medium
     May 28, 2025
Odd_JayyMay 28, 2025
Finally, I took some decent family photos
     May 28, 2025

My first post is up on my new blog, ThreatHunter Chronicles. It mainly just describes what I want to publish on the blog and what you can expect.

The first post in the Logwatcher’s Zenit category is scheduled at 10am CEST tomorrow (29th of May).

https://medium.com/@threathunter-chronicles

#cybersecurity #threathunting #blog

ThreatHunter Chronicles – Medium

Read writing from ThreatHunter Chronicles on Medium. Cybersecurity and Threat Hunting Nerd. Microsoft MVP. Sharing knowledge and ideas when it comes to data parsing and investigation. Logs don't lie.

Medium
     Feb 14, 2025

I’m staring at a scam. I didn’t fall for it, but I see others who have.

I’ve got a high pulse and I’m almost shaking. I’m pissed, but I’m also fueled and determined to take their site down and get their LinkedIn account blocked.

Does anyone here work for #linkedin ? I’d like to chat and share my research.

#security #scammers #conference #scam

     Jan 23, 2025

Great talk about cryptojacking by @ScottHelme at the NDC { Security } conference.

#ndcsecurity