The FBI Spent a Generation Relearning How to Catch Spies. Then Came Kash Patel.
As China’s spies grow more aggressive, the FBI is distracted and off-balance.
reshared this
Non tutte le attese portano al risultato desiderato. A volte passi ore aspettando invano, con la luce che svanisce e il soggetto che non compare. Tuttavia, l’attesa è un investimento sul potenziale: anche quando non dà #frutti, insegna pazienza e presenza. Fotografare il #Mignattaio, ad esempio, può richiedere ore di osservazione..Continua a leggere: galassianatura.it/pixeldinatur…
Perché il tempo è il tuo miglior alleato quando fotografi il Mignattaio - Pixel di Natura
CACCIA FOTOGRAFICA - Come e quando fotografare il Mignattaio...Pixel di Natura
As you can see, I took the wrong (i.e. more exhausting) path but this way I got a photo with a foreground that couldn't bring any more contrast in it.
Taken with Sony Alpha 6000, Sony 70-350mm f/4.5-6.3 G OSS @ 70mm and f/8, 1/320s, ISO 100
#landscape #landscapephotography #landschaft #landschaftsfotografie #photography #fotografie #panoramic #panoramicview #panorama #nature #natur #naturaleza #mountain #mountains #berg #berge #allgäu #allgäueralpen #alpen #Alps #alp #outdoor #rural #Sony #telezoom #telephoto #hiking #winter #fall #autumn #Herbst #idyllic #germany #Bavaria #alpin #alpine #snow #природа #Германия #Бавария #Альпы #гора #горы #зима #осень #німеччина #осінь #сніг #снег
«Il modello Caivano del governo Meloni? È servito ma sul territorio ci vuole ascolto». Parla il neo sindaco di Azione del comune napoletano - L'intervista
https://www.open.online/2025/12/14/modello-caivano-servito-sbaglia-chi-dice-contrario-neo-sindaco-azione-antonio-angelino/?utm_source=flipboard&utm_medium=activitypub
Pubblicato su GIORGIA MELONI @giorgia-meloni-OpenGiornale
«Il modello Caivano del governo Meloni? È servito ma sul territorio ci vuole ascolto». Parla il neo sindaco di Azione del comune napoletano – L’intervista
Si chiama Antonio Angelino ed è stato eletto il 25 novembre. Sui rapporti con il governo: «Siamo un’istituzione e lavoriamo con tutti: chiunque voglia darci una mano troverà le porte aperte»Sofia Spagnoli (Open)
rag. Gustavino Bevilacqua reshared this.
Salut et adelphité les #sallesconnes de la #fediverse et du #mastodon
Il pleut.
On est lundi, cet après-midi rendez-vous chez ma néphrologue.
1h 1/2 aller, autant pour le retour, c'est à Montpellier.
Cat vient avec moi. Les deux vont pouvoir échanger professionnellement, je n'aurai aucun effort intellectuel à faire, pour une fois, ça me convient.
N'empêche, je n'ai pas réellement une grosse envie d'y aller…
Je vous souhaite un douce semaine, camarades !
🫶 ✊🏼 🤗 🥰 🫶 ✊🏼 🤗 🥰 🫶 ✊🏼 🤗 🥰
Tutti gli italiani sognano di vivere in questa città e fanno bene
https://www.esquire.com/it/lifestyle/viaggi/a69303268/borgo-italiano-piu-sognato/?utm_source=flipboard&utm_medium=activitypub
Pubblicato su Lifestyle @lifestyle-Esquireitalia2
Tutti gli italiani sognano di vivere in questa città e fanno bene
Otranto è in vetta alla classifica dei borghi più cercati online nel 2025, seguono Maratea e LocorotondoRiccardo Castrichini (Esquire)
Perché tutti dovremmo salvare i messaggi importanti su WhatsApp
https://www.esquire.com/it/lifestyle/tecnologia/a69513032/salvare-messaggi-canali-whatsapp/?utm_source=flipboard&utm_medium=activitypub
Pubblicato su Lifestyle @lifestyle-Esquireitalia2
Perché tutti dovremmo salvare i messaggi importanti su WhatsApp
Archiviare i contenuti più interessanti trasmessi dalle aziende, significa poter recuperarli in un istante. Un vantaggio prezioso per gli utenti che seguono tanti canaliAlessio Caprodossi (Esquire)
Canklow meadows: a place in labour history
In our continuing series on places in labour history, Joe Stanley draws on his family's history to recall the pit pony races that raised money and the morale of Rotherham miners during the 1926 general strike. In 1997, my great uncle Denis Stanley (1920-2011) published a history of his childhood in Brinsworth, Rotherham, in the Ivanhoe Review, a journal of local history in his home town.
sslh.org.uk/2025/12/15/canklow…
Canklow meadows: a place in labour history
In our continuing series on places in labour history, Joe Stanley draws on his family’s history to recall the pit pony races that raised money and the morale of Rotherham miners during the 19…Society for the Study of Labour History
Donne in Cybersecurity: da Outsider a Cornerstone
📌 Link all'articolo : redhotcyber.com/post/donne-in-…
#redhotcyber #news #cybersecurity #donneininformatica #informatica #sicurezzainformatica #lavorotecnico
Donne in Cybersecurity: da Outsider a Cornerstone
La cybersecurity è un settore in crescita, ma con poche donne. Una professionista racconta la sua esperienza e le barriere culturali che le donne devono affrontare.Ada Spinelli (Red Hot Cyber)
Cybersecurity & cyberwarfare reshared this.
A few things you might not know about us:
- All of our articles are written by experts in their field
- We're a non-profit newsroom
- We share our content for free
If you value our unique model of non-profit news by experts, donate today: tcnv.link/diKQ8lr
Support The Conversation
An independent source of news, views and ideas, sourced from the academic and research community and delivered direct to readers. Our work is fueled by the generous contributions of people like you.tcnv.link
Dans les rues d'un village provençal abandonné
Ongles est un village des Alpes-de-Haute-Provence , immédiatement à côté de Banon, perché à 613 mètres d'altitude, sur un rocher comme un...chezmarketmarcel.blogspot.com
UK buyers - you still have a few days to order art for Christmas gifts. I'm sending everything UK Tracked24 and I can send direct with a message if you need...
folksy.com/shops/theweeowlart
#FediGiftShop #ScottishArtist #MastoArt #CreativeToots
#Birds #BirdArt #BirdGifts #OriginalArt #Drawing #Painting #Artwork #TraditionalArtist #ArtFromScotland #GiftIdeas #ArtShop #ShopIndy #SupportSmallBusiness #Christmas #ChristmasGifts
Moin Leute! ✌️🙂
Ich wünsche euch allen einen guten Morgen. Habt alle einen guten Start in die neue Woche und bleibt alle sicher und gesund. 🌻🍀
Viele Grüße
Houbey
#montag, #gutenmorgen, #deutschland, #fediverse, #mastodon, #troetcafe, #troet_cafe
Non tutti gli istituti resteranno chiusi, ma ai genitori si consiglia di contattare direttamente scuole e asili per verificare.
Foto: EPA-EFE/CLEMENS BILAN
ilmitte.com/2025/12/18-dicembr…
18 dicembre: sciopero di scuole e asili di Berlino
Il 18 dicembre rappresenterà una giornata complicata per numerose famiglie della capitale tedesca. Il sindacato Ver.di ha proclamato uno sciopero che coinvolgerà l'intero comparto pubblico del Land eRedazione (il Mitte)
Apple computer says no.
Anyone got a lawyer to recommend to help me write a nastygram to Apple and/or help me sue them?
reshared this
your story has now been surfaced in Kagi news under global technology
Hopefully the attention it’s getting will help unlock some solutions 🤞
Apple account lock wipes user’s two decades of data
A longtime Apple customer reports losing access to about twenty years of purchased apps, media, and iCloud data after Apple locked and then deleted their Apple ID, leaving them unable to recover the account or its contents.Kagi News
Aiutaci a rendere la #scuola più laica e a dare supporto a studenti e genitori che si rivolgono all'Uaar.
Iscriviti o rinnova già da ora per tutto il 2026! 👇
uaar.it/adesione
reshared this
Indonesia’s Danantara Marks First Overseas Deal With Mecca Asset Purchase
https://www.bloomberg.com/news/articles/2025-12-15/danantara-marks-first-overseas-deal-with-mecca-asset-purchase?utm_source=flipboard&utm_medium=activitypub
Posted into Markets @markets-bloomberg
Ich suche eine Radiologische Praxis, die eine Kassenzulassung für ein Offenes MRT hat.
Angeblich gibt es eine in Dortmund, aber die KVs sowie die gKV sind keine Hilfe bei der Suche.
Nehme auch jeden anderen Tipp für NRW, RP oder Hessen.
Please share, thx!
reshared this
#Fantasy time now - What if a person being #president is in one group [you choose], then he/she chooses as the #vicepresident someone from the opposite group of #politics? Then we'd have 1 P and 1 VP as 1 Red and 1 Blue?
Would those four years be something strange?
Has that happened before in past?
Perché l’amichettismo di Giorgia Meloni e Fratelli d’Italia è un affare molto più serio di quanto pensate
Sidney, i poliziotti perquisiscono la casa dei sospetti attentatori. Il vicino: "Un dramma"
https://www.lastampa.it/esteri/2025/12/15/video/sidney_i_poliziotti_perquisiscono_la_casa_dei_sospetti_attentatori_il_vicino_un_dramma-15435086/?utm_source=flipboard&utm_medium=activitypub
Pubblicato su La Stampa Video @la-stampa-video-LaStampa
Sidney, i poliziotti perquisiscono la casa dei sospetti attentatori. Il vicino: "Un dramma"
La polizia di Sidney concentrano le indagini sulla casa di quelli che potrebbero essere gli attentatori di Bondi Beach. Non c'è ancora nulla di uffi…La Stampa
Moi, au sujet de la panne qui a affecté 6000 avions Airbus :
theconversation.com/airbus-dou…
(J'avais prévu des liens vers des documents techniques mais on m'a dit que c'était trop de détails, je peux les fournir aux curieuses et aux curieux.)
Airbus : D’où vient la panne qui a conduit l’entreprise à immobiliser des milliers d’avions ?
Les radiations solaires peuvent-elles mettre en danger un avion ? Les mesures de sécurité existantes devraient pourtant prévenir ces incidents.The Conversation
A może by tak nie kupować wielkiej choinki? #jm 2025/12/14 20:21:18 ♥
2025/12/14 20:21:18 przez www, 4 ♥
(Feed generated with FetchRSS)
blabler.pl/s/1juwX
Obraz przedstawia widok z góry na podłogę pokoju. Na podłodze leży kilka podarunków w kolorowych opakowaniach. Z lewej strony znajduje się podarunek w czerwonym opakowaniu z motywami kwiatów, obok podarunek w zielonym opakowaniu z motywami roślinnymi. W centrum znajdują się dwa podarunki: jeden w zielonym opakowaniu z motywami roślinnymi, a drugi w czerwonym opakowaniu z motywami roślinnymi. Z prawej strony znajduje się podarunek w kolorowych kratkach. Z sufitu zwisa ozdoba w kształcie choinki. Na podłodze znajdują się również inne przedmioty, w tym elementy mebli i dywan.
Alt-text: Obraz przedstawia podłogę pokoju z kilkoma podarunkami w kolorowych opakowaniach. Z lewej strony podarunek w czerwonym papierze z motywami kwiatów i zielonym papierze z motywami roślinnymi. W centrum znajdują się podarunki w zielonym i czerwonym papierze z motywami roślinnymi. Z prawej strony podarunek w kolorowych kratkach. Z sufitu zwisa ozdoba w kształcie choinki. Na podłodze są również dywan oraz elementy mebli.
Dostarczone przez @altbot, wygenerowane lokalnie i prywatnie za pomocą Gemma3:27b
🌱 Zużyta energia: 0.180 Wh
@anarchia
Diffondiamo Corteo in solidarietà ai detenuti di Santa Maria Maggiore 14 dicembre ore 15 Piazzale Roma (Venezia) Contro il carcere e la società che ne ha bisogno
rivoluzioneanarchica.it/venezi…
reshared this
As The Resolution Foundation (quoted in the Guardian) points out:
'The fall in employment over both the past 12 months & the past five years is entirely accounted for by higher unemployment, not rising economic inactivity as many people assume & young people are bearing the brunt of Britain’s jobs downturn'....
Govt. policy on tackling labour market participation may be focussed on the wrong issue, while young people's opportunities evaporate!
resolutionfoundation.org/publi…
Labout Market Outlook Q4 2025 • Resolution Foundation
Employment has fallen over the past two years and is substantially lower than it was before the pandemic.Resolution Foundation
@nini
yes, we've not heard as much about quiet quitting recently (or working to rule as the unions used to call it), but I'd say this is a key issue for productivity.
Most incremental improvements in productivity come through organic worker-led innovation - a disengaged workforce has no interest in handing their bosses yet more money
Hong Kong - X5826, Extra 1959.
1 photograph : color transparency ; 35 mm (slide format)
Title: "Sightseeing in Hong Kong" ( Sports Illustrated Assignment)
Date: July 1959
Description: This photograph by Toni Frissell features a scene from Hong Kong, capturing the city's vibrant atmosphere. The image includes people enjoying golf and taking in the harbor views.
People:
Toni Frissell was an American photographer known for her work with Sports Illustrated magazine. She began her career as a photographer at National Geographic Society in 1947 and continued working with various publications until her death in 1988.
Locations: Hong Kong, China
Keywords: Hong Kong, Sports Illustrated, Toni Frissell, Photography
#HongKong-X5826 #HongKong #ToniFrissell #American #SportsIllustrated #hongkong #china #photography
loc.gov/pictures/item/20217178…
Le souffle de décembre 1995
monde-diplomatique.fr/2025/12/…
"Lorsque les mouvements sociaux piétinent, que l'austérité budgétaire domine le débat public, qu'un président français et une bureaucratie européenne voient dans le réarmement et la rhétorique guerrière les remèdes à leur folle impopularité, il est bon de se rappeler qu'en novembre-décembre 1995 (…)
/ France, Politique, Idées, Mouvement de contestation, Économie, Libéralisme"
Le souffle de décembre 1995
Lorsque les mouvements sociaux piétinent, que l’austérité budgétaire domine le débat public, qu’un président français et une bureaucratie européenne voient dans le réarmement et la rhétorique guerrière les remèdes à leur folle impopularité, il est bo…Frédéric Lebaron (Le Monde diplomatique)
THE WHITE STRIPES
White Blood Cells
2021 U.S. 20th Anniversary reissue
I haven’t sat down and listened to a White Stripes album front to back in quite some time.
And although I like all of the White Stripes records, I think White Blood Cells will always be my favorite on whole.
Dead Leaves, Hotel Yorba, Fell In Love With A Girl, We’re Going To Be Friends, I Think I Smell A Rat… just so many killer tunes that, when they first hit, came at the right time in my life.
As close to a perfect rock record as you can get.
#vinyl #vinylrecords #vinylcommunity #vinylcollection #retro #vintage #art #music #alternative #thewhitestripes #jackwhite #whitebloodcells #2000s #2000smusic
Il materiale esplosivo era stato consegnato al ragioniere di Oneglia a Sanremo
Sanremo (IM): l'ex stazione ferroviaria Il Vice questore Comp/le di P.S., Dott. Salan, informava la Divisione Polizia Frontiera e Trasporti,...aspettirivieraschi.blogspot.com
【じゃんけん】最後に何が出るのか予想しよう!ピタゴラスイッチ!#marblerun #dominos #ピタゴラスイッチ #tiktok #as...
youtube.com/shorts/6EvQmncHGK0
- YouTube
Profitez des vidéos et de la musique que vous aimez, mettez en ligne des contenus originaux, et partagez-les avec vos amis, vos proches et le monde entier.youtube.com
12 min
In the world we live in you’ve got the crazy Nazi types and or people outraged over what’s happening in in Gaza.
Take your pick.
The right wing, the richest men in the world, conservatives are responsible for all of it.
Do you know what Milo is?
- Yes (38%, 7 votes)
- No (61%, 11 votes)
Contrast in the canopy: living leaves meet the quiet beauty of the bare branch.
Mannum, South Australia.
© 𝓐𝓵𝓵 𝓡𝓲𝓰𝓱𝓽𝓼 𝓡𝓮𝓼𝓮𝓻𝓿𝓮𝓭 𝓫𝔂 𝓚𝓮𝓿 𝓟𝓮𝓲𝓻𝓬𝓮.
#photo #photography #australia #southaustralia #BlackAndWhitePhotography #AustralianTrees #Deadwood #trees
Twitter hatte ein paar Dinge, die irgendwann einmal in der Community entstanden sind, von der UI/UX nicht wirklich vorgesehen waren, und lange nur in den Clients und in Third Party apps wirklich Sinn machten. Zum Beispiel die @user Notation, Hashtags, und natürlich Threads.
Threads waren die Community-Antwort auf Twitter's absolut wissenschafts- und diskussionsfeindlichen 280 Zeichen. Mit unter 1000 Zeichen kann keine freundliche Unterhaltung stattfinden, das System förderte Slogans und Proklamation über Daten und menschlichen Umgang miteinander auf Augenhöhe. Dieses eine Ding, die kurzen Statuse, waren (IMHO, aber nicht nur my humble opinion) der Grund für die Verrohung und den Rand-Drift der Plattform.
Sehr lange gab es nur die Nutzung von Drittdiensten wie Tweetlonger oder RiverTweet um das Ganze lesbar zu machen.
Mastodon, die am meisten genutzte Server-Software im Fediverse, hat einige dieser Probleme geerbt: die kurzen Statuse, und die nicht optimale Darstellung von Threads.
Im Fediverse helfen andere Reader-Frontends wie Phanpy oder Elk da extrem, auch einige Smartphone Apps machen das Lesen im Thread einfacher.
Das reichte im Englischen für ein paar schnippische Bemerkungen, aber im Deutschen meist nur für Steno-, Kommandoton oder Beleidigungen.
Nemůžu vědět "jak to je", nemůžu vědět "jak to bude", můžu věřit a věřím, s podporou rozumu, s podporou citu, že "ten náš způsob dělání věcí" je řádově silnější, úspěšnější, vítěznější než systém Módiů, Putinů, Siů a Trumpů. Ukrajina vyhraje. Euro-unijní ukrajinská Koalice ochotných vyhraje. Rusko bude poraženo. Klidně a efektivně na tom pracujme.
---
#tg253036870 Věřím.
Ist schon ein paar Tage her, aber analoge Fotografie braucht eben ein bisschen Geduld: erster Schnee am Morgen des 24. November.
#ersterSchnee #neuschnee #schnee #snow #freshsnow #analogfotografie #analogphotography #35mm #ishootfilm #shootfilm #nikonf4s #afnikkor50mmf18d #kodakektar100 #kodakfilm
reshared this
Hackaday Links: December 14, 2025
Fix stuff, earn big awards? Maybe, if this idea for repair bounties takes off. The group is dubbed the FULU Foundation, for “Freedom from Unethical Limitations on Users,” and was co-founded by right-to-repair activist Kevin O’Reilly and perennial Big Tech thorn-in-the-side Louis Rossman. The operating model works a bit like the bug bounty system, but in reverse: FULU posts cash bounties on consumer-hostile products, like refrigerators that DRM their water filters or bricked thermostats. The bounty starts at $10,000, but can increase based on donations from the public. FULU will match those donations up to $10,000, potentially making a very rich pot for the person or team that fixes the problem.
So far, it looks like FULU has awarded two $14,000 bounties for separate solutions to the bricked Nest thermostats. A second $10,000 bounty, for an air purifier with DRM’d filters, is under review. There’s also a $30,000 bounty outstanding for a solution to the component pairing problem in Xbox Series X gaming consoles. While we love the idea of putting bounties on consumer-unfriendly products and practices, and we celebrate the fixes discovered so far, we can’t help but worry that this could go dramatically wrong for the bounty hunters, if — OK, when — someone at a Big Tech company decides to fight back. When that happens, any bounty they score is going to look like small potatoes compared to a DMCA crackdown.
From the “Interesting times, interesting problems” Department comes this announcement by NASA of a change in vendor for the ground support vehicles for the Artemis program. The US space agency had been all set to use EVs manufactured by Canoo to whisk astronauts on the nine-mile trip from their prep facility to the launch pad, but when the company went belly up earlier this year, things abruptly changed. Now, instead of the tiny electric vans that look the same coming and going, NASA will revert to type and use modified Airstream coaches to do the job. Honestly, we think this will be better for the astronauts. The interior of the Airstream is spacious, allowing for large seats to accommodate bulky spacesuits and even providing enough headroom to stand up, a difficult proposition in the oversized breadloaf form-factor of the Canoo EV. If they’re going to strap you into a couple of million pounds of explosives and blast you to the Moon, the least they can do is make the last few miles on Earth a little more comfortable.
Speaking of space, we stumbled across an interesting story about time on Mars that presented a bit of a “Well, duh!” moment with intriguing implications. The article goes into some of the details about clocks running slower on Mars compared to Earth, thanks to the lower mass of the Red Planet and the reduced gravity. That was the “duh” part for us, as was the “Einstein was right” bit in the title, but we didn’t realize that the difference would be so large — almost half a millisecond. While that might not sound like much, it could have huge implications when considering human exploration of Mars or even eventual colonization. Everything from the Martian equivalent of GPS to a combined Earth-Mars Internet would need to take the differing concept of what a second is into account. Taking things a bit further, would future native-born Martians even want to use units of measurement based on those developed around the processes and parameters of the Old World? Seems like they might prefer a system of time based on their planet’s orbital and rotational characteristics. And why would they measure anything in meters, being based (at least originally) on the distance between the North Pole and the equator on a line passing through Paris — or was it Greenwich? Whatever; it wasn’t Mars, and that’s probably going to become a sticking point someday. And you thought the U.S. versus the metric system war was bad!
Sticking with space news, what does it take to be a U.S. Space Force guardian? Brains and brawn, apparently, as the 2025 “Guardian Arena” competition kicked off this week at Florida’s Space Force Base Patrick. Guardians, as Space Force members are known, compete as teams in both physical and mental challenges, such as pushing Humvees and calculating orbital properties of a satellite. Thirty-five units from across the Space Force compete for the title of Best Unit, with the emphasis on teamwork. It’s not quite the Colonial Marines, but it’s pretty close.
And finally, Canada is getting in on the vintage computer bandwagon with the first-ever VCF Montreal. In just a couple of weeks, Canadian vintage computer buffs will get together at the Royal Military College of Saint-Jean-sur-Richelieu for an impressive slate of speakers, including our friend “Curious Marc” Verdiell, expounding on his team’s efforts to unlock the secrets of the Apollo program’s digital communications system. Along with the talks, there’s a long list of exhibitors and vendors. The show kicks off on January 24, so get your tickets while you can.
Quando l’EDR diventa un cavallo di Troia: Storm-0249 abusa di SentinelOne
Un noto broker di accesso iniziale (IAB) denominato “Storm-0249“, ha modificato le proprie strategie operative, utilizzando campagne di phishing ma anche attacchi altamente mirati, i quali sfruttano proprio gli strumenti di sicurezza pensati per la protezione delle reti come mezzo per raggiungere i propri obiettivi.
Il gruppo utilizza una nuova tecnica allarmante che include un metodo chiamato DLL sideloading. I pacchetti MSI dannosi vengono diffusi da Storm-0249 tramite campagne di phishing, sfruttando spesso tattiche di ingegneria sociale denominate “ClickFix”, le quali spingono gli utenti a eseguire comandi per risolvere presunti problemi tecnici fasulli.
Il ReliaQuest Threat Research Team (dopo che l’analisi era stata in parte sviluppata dagli specialisti di TrendMicro) ha pubblicato un rapporto aggiornato, il quale sottolinea che il gruppo di minaccia sta anche sfruttando indebitamente i processi legittimi di rilevamento e risposta agli endpoint (EDR), soprattutto le componenti SentinelOne, al fine di occultare le proprie tracce e facilitare l’avvio di attacchi del tipo ransomware.
Una volta eseguito con privilegi di SYSTEM, il programma di installazione rilascia una versione legittima e firmata digitalmente di SentinelAgentWorker.exe, un componente fondamentale dell’agente di sicurezza di SentinelOne , nella cartella AppData dell’utente. Insieme a essa, inserisce un file dannoso denominato SentinelAgentCore.dll.
“Quando il file binario SentinelOne portato con sé dall’aggressore viene avviato, carica la DLL dannosa invece di quella legittima che si trova accanto ad essa”, spiega il rapporto.
Questo trasforma di fatto lo strumento di sicurezza in un cavallo di Troia. Per chi si occupa della difesa della rete, l’attività appare come una normale operazione EDR, che consente agli aggressori di aggirare il rilevamento basato sulle firme e stabilire canali di comando e controllo (C2) crittografati mascherati da telemetria legittima.
I difensori dovrebbero monitorare:
- Caricamento laterale anomalo: file binari legittimi che caricano DLL da posizioni insolite come AppData.
- Traffico sospetto: connessioni a domini appena registrati provenienti da processi EDR attendibili.
- Abuso di LoLBin: utilizzo inaspettato di curl.exe o reg.exe da parte degli agenti di sicurezza.
Oltre al sideloading, Storm-0249 abusa anche delle utilità integrate di Windows per eludere il rilevamento. Il gruppo crea domini falsi che imitano gli URL di Microsoft (ad esempio, /us.microsoft.com/) per ingannare gli utenti e i filtri di sicurezza.
ReliaQuest sottolinea che questo non indica una vulnerabilità in SentinelOne in sé. “I processi legittimi all’interno dei comuni strumenti EDR, incluso SentinelOne, non vengono sfruttati, aggirati, elusi o compromessi con le tecniche descritte nel presente documento”. Al contrario, gli aggressori stanno abusando della fiducia riposta nei file binari firmati.
Utilizzano quindi curl.exe, uno strumento standard per il trasferimento dati, per recuperare script dannosi e inviarli direttamente nella memoria di PowerShell. “Invece di salvare lo script su disco, dove l’antivirus potrebbe intercettarlo, il comando invia il contenuto direttamente nella memoria di PowerShell per l’esecuzione immediata”, creando una catena di attacchi “fileless” che lascia prove forensi minime.
L’obiettivo finale di queste intrusioni è vendere l’accesso a gruppi di ransomware come LockBit e ALPHV. Il rapporto sottolinea che Storm-0249 conduce una ricognizione specifica per estrarre il MachineGuid, un identificatore di sistema univoco.
L'articolo Quando l’EDR diventa un cavallo di Troia: Storm-0249 abusa di SentinelOne proviene da Red Hot Cyber.
Monts du Bugey, France
Nikon F4 / Nikkor AF-D 50mm f1,4 / Ilford fp4
#fotografie #foto #photographie #filmisalive #filmisnotdead #believeinfilm #ilfordfp4 #blackandwhite #blackandwhitefilmphotography #35mm #nikon #argentique #france #ilford #analogphotography #path #photo #filmphotography #photography
notsoloud
in reply to Hanse Mina • • •Very interesting tales, but I get a queasy feeling when they blithely ignore the possibility that Tulsi Gabbard and Kash Patel may not have America's best interest at heart, especially considering Tulsis known pro-Russian work.
emptywheel.net/2025/08/14/kash…
Kash Patel Continues to Cover Up His Role in the HPSCI Investigations - emptywheel
emptywheelswggrkllr3rd
in reply to Hanse Mina • • •The Orange One dismantling USA on behalf of pooty.