finx

I came across this chart and I think this can be good base to restructure the current Malaysian OSINT resource startme page🤔. Keep your eyes peeled on the startme page update somewhere on this week👍 #malaysia #OSINT

After almost 4 years of hard work, I'm very happy to share something which I hope will be a game-changer for election data in Malaysia: electiondata.my To cut a (very) long story short, the site gives you access to Malaysia's COMPLETE electoral history. Every election, every candidate, every party, every seat - all there at your fingertips. There are 5 types of datasets available: • Parlimen/DUN-level results (the 'official' results, covering every single election since 1955) • Parlimen/DUN-level maps (covering every single boundary-drawing exercise since 1954) • Anonymised individual-level voter rolls for GE-13, GE-14, and GE-15, as well as Johor 2022 and N9 2023 (more to come soon) • Saluran (!!!!) level results for GE-13, GE-14, and GE-15, as well as Johor 2022 and N9 2023 (also more to come soon) • DM-level maps for the latest set (versions going back to 2003 will follow eventually) Enjoy! Data-cleaning and curation is bitter work, but once it's done once, everyone can reap the benefits.

Health Ministry confirms website hack, urges public to use official channels while recovery efforts continue. ebx.sh/a5GaaQ

OSINT of Malaysia is out! Many Thanks to @thisisfinx for building this toolkit. The toolkit contains open data portals, company registries, land and property records, geospatial data, people search, and more. Link: unishka.substack.com/p/osint-of-mal…

‼️🚨 BREAKING: 320,000 Fortinet firewall devices have been targeted in a campaign that has been dubbed 'FortiBleed'. Attackers were able to confirm 75,000 working credentials against the admin and SSL VPN interfaces. The victims include really big names like Samsung, Oracle, Spotify, Sony, and more. The data was first surfaced by researcher Volodymyr "Bob" Diachenko and analyzed by Hudson Rock and SOCRadar. The operation runs as a self-feeding loop. Attackers scan the internet for exposed Fortinet devices, then test each one against a curated list of passwords leaked from earlier Fortinet breaches and infostealer logs. Every successful login gets recorded into a verified database. They then turn each compromised box into a listening post, sniffing the traffic passing through the firewall to harvest fresh credentials, which go straight back into the scanner. The scale is large. The group ran an estimated 1.16 billion credential attempts against more than 320,000 FortiGate targets, plus 2.1 billion brute-force tries against 160,000 MSSQL servers. In the deeper intrusions they intercept SSL VPN authentication hashes, crack them on a dedicated 45-GPU cluster, and move into internal Active Directory. Diachenko confirmed full network compromises in Japan, Taiwan, Vietnam, Iraq, and Turkey, including a Turkish NATO defense contractor that had classified defense documents stolen. If you run Fortinet, act now: rotate every VPN and admin credential, enforce MFA on all external gateways, restrict management access to approved sources, segment internal networks, and audit gateway logs for unusual logins. Hudson Rock has a free domain lookup at hudsonrock.com/fortinet. Data surfaced via the Hunt Intelligence, Inc. feed.

Researching Malaysia from open sources? This Start.me page brings OSINT resources for landmarks, traffic, military vessel tracking, environment monitoring, and more into one clear dashboard. start.me/p/KMqwBB/osint… #OSINT #Malaysia

📢⚠️ A government-backed cyber campaign targeting Malaysian organizations used Cloudflare storage services to move stolen data and hide malicious activity. Source: hackread.com/government-bac… #CyberSecurity #Malaysia #Cloudflare #CyberAttack #DataBreach