Microsoft ha annunciato che integrerà il popolare strumento Sysmon direttamente in Windows 11 e Windows Server 2025 nel 2026. L’annuncio è stato fatto dal creatore di Sysinternals, Mark Russinovich.

Sysmon (System Monitor) è uno strumento gratuito di Microsoft Sysinternals per il monitoraggio e il blocco di attività sospette in Windows. Gli eventi vengono registrati nel registro eventi di Windows, rendendo lo strumento indispensabile per rilevare minacce e diagnosticare problemi.

Per impostazione predefinita, Sysmon tiene traccia di eventi di base come la creazione e la terminazione dei processi, ma è possibile utilizzare file di configurazione personalizzati per monitorare manomissioni dei processi, query DNS, creazione di file eseguibili, modifiche agli appunti, backup automatici dei file eliminati e altro ancora.

Attualmente, Sysmon deve essere installato individualmente su ciascun dispositivo, rendendone difficile la gestione in ambienti IT di grandi dimensioni.

Il supporto nativo dovrebbe risolvere questo problema, poiché gli utenti potranno installare lo strumento tramite le funzionalità opzionali di Windows 11 e ricevere gli aggiornamenti direttamente tramite Windows Update.

Microsoft promette di mantenere tutte le funzionalità standard, incluso il supporto per configurazioni personalizzate e il filtraggio avanzato degli eventi.

Una volta installato, gli amministratori potranno abilitare Sysmon tramite la riga di comando ( sysmon -io per il monitoraggio con una configurazione personalizzata sysmon -i ).

I rappresentanti di Microsoft hanno inoltre annunciato che pubblicheranno la documentazione completa di Sysmon nel 2026, aggiungendo nuove funzionalità di gestione per le aziende e capacità di rilevamento delle minacce tramite intelligenza artificiale.

L'articolo Sysmon verrà finalmente integrato in Windows 11 e Windows Server 2025 nel 2026 proviene da Red Hot Cyber.

Gli specialisti di Push Security hanno notato che la piattaforma di phishing Sneaky2FAora supporta attacchi browser-in-the-browser, che consentono la creazione di finestre di accesso false e il furto di credenziali e sessioni.

Sneaky2FA e gli altri PhaaS (phishing-as-a-service)

Sneaky2FA è uno dei servizi PhaaS (phishing-as-a-service) più diffusi tra i criminali informatici. Insieme a Tycoon2FA e Mamba2FA, Sneaky2FA e mira principalmente al furto di account Microsoft 365.

Questo kit di phishing è noto per gli attacchi che utilizzano SVG e la tattica “attacker-in-the-middle”: il processo di autenticazione viene inoltrato tramite una pagina di phishing al servizio reale, consentendo agli aggressori di intercettare i token di sessione.

Di conseguenza, anche con l’autenticazione a due fattori (2FA) abilitata, gli aggressori ottengono l’accesso all’account della vittima.

La tecnica dell’attacco browser-in-the-browser (BitB)

La tecnica di attacco browser-in-the-browser (BitB) è stata descritta per la prima volta nel 2022 da un ricercatore di sicurezza noto con lo pseudonimo mr.d0x. Ha dimostrato che il browser-in-the-browser consente la creazione di moduli di accesso di phishing utilizzando finestre di browser false.

L’attacco si basa sul fatto che, quando si accede a un sito web, spesso viene visualizzato un messaggio che richiede di effettuare l’accesso utilizzando un account Google, Microsoft, Apple, Twitter, Facebook, Steam e altri. Cliccando su un pulsante di questo tipo (ad esempio, “Accedi con Google“), viene visualizzata una finestra di Single Sign-On (SSO) nel browser, che richiede di inserire le proprie credenziali e di accedere con quell’account.

Queste finestre vengono troncate, mostrando solo il modulo di accesso e una barra degli indirizzi che mostra l’URL. Questo URL verifica che l’accesso al sito avvenga tramite un dominio reale (ad esempio, google.com), rafforzando ulteriormente la fiducia dell’utente nel processo.

In sostanza, gli aggressori creano finestre di browser false all’interno di finestre di browser reali e presentano alle vittime pagine di accesso o altri moduli per rubare credenziali o codici di accesso monouso (OTP).
Esempio di attacco browser-in-the-browser (BitB)

Sneaky2F e browser-in-the-browser (BitB)

BitB è ora attivamente utilizzato in Sneaky2F: la pagina falsa si adatta dinamicamente al sistema operativo e al browser della vittima (ad esempio, imitando Edge su Windows o Safari su macOS).

L’attacco funziona come segue:

• viene richiesto di accedere con un account Microsoft per visualizzare il documento;
• Dopo aver cliccato, viene visualizzata una finestra BitB falsa con una barra degli indirizzi Microsoft falsa;
• All’interno della finestra viene caricata una pagina di phishing reverse proxy che sfrutta il vero processo di accesso per rubare le credenziali e un token di sessione.

In sostanza, l’uso della tecnica di BitB aggiunge un ulteriore livello di inganno alle capacità già esistenti di Sneaky2FA.

I ricercatori notano che il kit di phishing utilizza un offuscamento avanzato di HTML e JavaScript per eludere il rilevamento statico (il testo è intervallato da tag invisibili e gli elementi dell’interfaccia sono immagini codificate). Sebbene tutto appaia normale all’utente, questo ostacola il funzionamento degli strumenti di sicurezza. Inoltre, Sneaky2FA reindirizza bot e ricercatori a una pagina separata e innocua.

L'articolo Sneaky2FA: il phishing che ruba credenziali con attacchi browser-in-the-browser proviene da Red Hot Cyber.

The history of the game Zork is a long and winding one, starting with MUDs and kin on university mainframes – where students entertained themselves in between their studies – and ending with the game being ported to home computers. These being pathetically undersized compared to even a PDP-10 meant that Zork got put to the axe, producing Zork I through III. Originally distributed by Infocom, eventually the process of Microsoft gobbling up game distributors and studies alike meant that Microsoft came to hold the license to these games. Games which are now open source as explained on the Microsoft Open Source blog.

Although the source had found its way onto the Internet previously, it’s now officially distributed under the MIT license, along with accompanying developer documentation. The source code for the three games can be found on GitHub, in separate repositories for Zork I, Zork II and Zork III.

We previously covered Zork’s journey from large systems to home computers, which was helped immensely by the Z-machine platform that the game’s code was ported to. Sadly the original games’s MDL code was a bit much for 8-bit home computers. Regardless of whether you prefer the original PDP-10 or the Z-machine version on a home computer system, both versions are now open sourced, which is a marvelous thing indeed.

hackaday.com/2025/11/21/micros…

You have that slide rule in the back of the closet. Maybe it was from your college days. Maybe it was your Dad’s. Honestly. Do you know how to use it? Really? All the scales? That’s what we thought. [Amen Zwa, Esq.] not only tells you how slide rules came about, but also how to use many of the common scales. You can also see his collection and notes on being a casual slide rule collector and even a few maintenance tips.

The idea behind these computing devices is devilishly simple. It is well known that you can reduce a multiplication operation to addition if you have a table of logarithms. You simply take the log of both operands and add them. Then you do a reverse lookup in the table to get the answer.

For a simple example, you know the (base 10) log of 10 is 1 and the log of 1000 is 3. Adding those gives you 4, and, what do you know, 10⁴ is 10,000, the correct answer. That’s easy when you are working with numbers like 10 and 1000 with base 10 logarithms, but it works with any base and with any wacky numbers you want to multiply.

The slide rule is essentially a log table on a stick. That’s how the most common scales work, at least. Many rules have other scales, so you can quickly, say, square or cube numbers (or find roots). Some specialized rules have scales for things like computing power.

We collect slide rules, too. Even oddball ones. We’ve often said that the barrier of learning to use a slide rule weeded out many bad engineers early.

hackaday.com/2025/11/21/how-to…

Les Pléiades, M45, est un amas dominé par des étoiles bleues chaudes et lumineuses qui se sont formées au cours des 100 derniers millions d'années. Il est situé dans le constellation du Taureau. À une distance d'environ 444 années-lumière, il fait partie des amas d'étoiles les plus proches de la Terre. Il fait 8 années-lumière de diamètre et se caractérise par la poussière spatiale enveloppante illuminée par les étoiles.

Les soleils les plus brillants sont: Alcyone, Atlas, Electre, Maia, Mérope, Taygeta, Pléione, Celaeno et Astérope.

On pensait autrefois que les nébuleuses de réflexion autour des étoiles les plus brillantes restaient du matériel de leur formation, mais sont maintenant considérées comme susceptibles d'être un nuage de poussière sans rapport avec le milieu interstellaire à travers lequel les étoiles passent actuellement. On estime que ce nuage de poussière se déplace à une vitesse d'environ 18 km/s par rapport aux étoiles de l'amas.

Des simulations informatiques ont montré que les Pléiades étaient probablement formées à partir d'une configuration compacte qui ressemblait à la nébuleuse d'Orion. Les astronomes estiment que l'amas survivra encore environ 250 millions d'années, après quoi il se dispersera en raison des interactions gravitationnelles avec son voisinage galactique.

L'amas contient plus de 3000 membres confirmés, un chiffre qui exclut un nombre supplémentaire probable non résolu d'étoiles binaires. Sa lumière est dominée par de jeunes étoiles bleues chaudes, dont jusqu'à 14 peuvent être vues à l'œil nu.

La masse totale contenue dans l'amas est estimée à environ 800 masses solaires et est dominée par des étoiles plus faibles et plus rouges.

Une estimation de la fréquence des étoiles binaires dans les Pléiades est d'environ 57%.

arxiv.org/pdf/astro-ph/0101139

En analysant des images dans l'infrarouge profond obtenues par le télescope spatial Spitzer et le télescope Gemini North, les astronomes ont découvert que l'une des étoiles de l'amas, HD 23514, qui a une masse et une luminosité légèrement supérieures à celles du Soleil, est entourée d'un nombre extraordinaire de particules de poussière chaudes. Cela pourrait être une preuve de la formation de planètes autour de HD 23514.

sciencedaily.com/releases/2007…

Pour savoir où est située HD 23514, allez sur l'image de la page suivante et utilisez la molette de votre souris pour élargir le champ. Vous verrez que cette étoile est très modeste dans l'amas. Notre Soleil paraît aussi modeste vu des Pléiades.

simbad.u-strasbg.fr/simbad/sim…

[Andrew Greenberg] has some specific ideas for how open-source hardware hackers could do a better job with their KiCad schematics.

In his work with students at Portland State University, [Andrew] finds his students both reading and creating KiCad schematics, and often these schematics leave a little to be desired.

To help improve the situation he’s compiling a checklist of things to be cognisant of when developing schematics in KiCad, particularly if those schematics are going to be read by others, as is the hope with open-source hardware projects.

In the video and in his checklist he runs us through some of the considerations, covering: visual design best practices; using schematic symbols rather than packages; nominating part values; specific types of circuit gotchas; Design for Test; Design for Fail; electric rule checks (ERC); manufacturer (MFR), part number (MPN), and datasheet annotations for Bill of Materials (BOM); and things to check at the end of a design iteration, including updating the date and version number.

(Side note: in the video he refers to the book The Visual Display of Quantitative Information which we have definitely added to our reading list.)

Have some best practices of your own you would like to see on the checklist? Feel free to add your suggestions!

If you’re interested in KiCad you might like to read about what’s new in version 9 and how to customize your KiCad shortcut keys for productivity.

youtube.com/embed/X0hd_v8qRiY?…

hackaday.com/2025/11/21/making…

Dear Friend of Press Freedom,

Rümeysa Öztürk has been facing deportation for 241 days for co-writing an op-ed the government didn’t like. Read on for more about the federal government targeting noncitizen journalists for what they write, say and think.

Journalist-hating president kisses up to journalist-killing crown prince

President Donald Trump shamefully welcomed Saudi Crown Prince Mohammed bin Salman to the White House this week. He brushed aside questions about Crown Prince Mohammed’s role in the gruesome 2018 murder of Washington Post journalist Jamal Khashoggi, commenting that “things happen” and “You don’t have to embarrass our guest by asking a question like that.”

Freedom of the Press foundation (FPF) Director of Advocacy Seth Stern remarked:

“Somehow calling a female reporter ‘piggy’ was only the second-most offensive anti-press utterance to come out of the president’s mouth in recent days. And somehow Biden’s infamous fist bump is now only the second-most disgusting public display of flattery by a U.S. president to journalist-murderer Mohammed bin Salman.”

Read his full statement.

DHS targets journalists for speaking out about Gaza

Texas journalist Ya’akub Ira Vijandre and British journalist and commentator Sami Hamdi are the two latest examples of the Department of Homeland Security targeting journalists.

Hamdi self-deported to England after 18 days enduring inhumane conditions in Immigration and Customs Enforcement custody. Vijandre, a Filipino American Deferred Action for Childhood Arrivals recipient who has lived in the U.S. since 2021, remains in custody as he awaits deportation proceedings.

Hamdi and his wife, Soumaya, joined us for an online event this week alongside attorneys and friends of both Hamdi and Vijandre. As Hamdi said, “If the American public finds out the realities of what’s happening, ICE will be dismantled in an instant.”

Watch the discussion here

A $50 lesson in press freedom

Prosecutors in Kentucky have finally dropped charges against journalist Madeline Fening, who was arrested while covering a July protest on the Roebling Bridge for CityBeat.

But, as Stern wrote in an op-ed for CityBeat, the damage is already done. Kenton County drew condemnation from civil liberties advocates across the country and sacrificed any credibility it had when it came respecting First Amendment rights — and all to recover a combined grand total of $50 from Fening and her colleague, Lucas Griffith.

Read the op-ed.

Journalists targeted at Oregon protests

You’ve probably seen the inflatable frogs, the dance parties, the naked bike ride. Maybe you’ve also seen the darker images: a federal officer aiming a weapon at protesters, or federal agents hurling tear gas and flash bangs into peaceful demonstrations at a Portland, Oregon, immigration facility.

FPF Senior Adviser Caitlin Vogus writes about how journalists in Portland have been attacked for bringing images like these to the world.

Read more here.

Court suspends journalist injunction in Chicago

A judicial order won by Chicago area journalists that limited protest policing tactics by federal law enforcement was put on hold this week, with a federal appellate court calling the order overbroad.

As Stern told FPF’s U.S. Press Freedom Tracker, “It is difficult to understand how it is overbroad to ‘enjoin all law enforcement officers within the Executive Branch’ when the president, who last I checked runs the executive branch, expressly demands that those under him brutalize, censor and arrest activists and journalists who interfere with their narrative — the exact conduct restricted by the injunction.”

Read more here.

Immigration agents claim routine reporting violates federal law

Independent news outlet Status Coup reported Wednesday that federal immigration agents threatened its reporter, Jon Farina, with arrest for following and filming them, despite well-established First Amendment protections.

Stern said in a statement, “It looks like these officers believe transparency itself is obstructive to their operations, which is a pretty good indicator that their operations are in need of obstruction. The First Amendment is intended to obstruct government abuses. … If they’re too thin-skinned for the public scrutiny that comes with being a part of that, they can go find a job that doesn’t involve abducting people for an authoritarian regime.”

Read the full statement.

What we’re reading

The secrecy surrounding the Trump’s immigration agenda (NPR). FPF’s Daniel Ellsberg Chair on Government Secrecy joined NPR’s “1A” to talk about the shroud of secrecy at virtually every level of the immigration system.

Vindman demands release of Trump-Mohammed bin Salman call after Khashoggi murder: ‘You will be shocked’ (The Hill). This is exhibit “A” for why the National Security Council should be subject to the Freedom of Information Act.

Larry Ellison discussed axing CNN hosts with White House in takeover bid talks (The Guardian). So the president went from feigning outrage about allegedly biased public media to making deals with centibillionaire friends to make corporate media more biased. Got it.

After Donald Trump’s attack on correspondent Mary Bruce, White House goes after ABC again with ‘fake news’ press release (Deadline). It looks like $16 million – the amount ABC paid to settle Trump’s frivolous lawsuit last year – only buys you so much protection these days.

Will Trump destroy the BBC? (Unherd). “So I presume by the name of your organization that you’re not very keen on sitting presidents suing news organizations.” That’s correct! Listen to our interview with Unherd about Trump’s lawsuit threat against BBC.

The SLAPP Back Initiative (First Amendment Watch). Congratulations to First Amendment Watch at New York University for launching the first database in the U.S. documenting alleged strategic lawsuits against public participation.

freedom.press/issues/press-mur…

Il 23 e il 24 di novembre i cittadini e le cittadine di Campania, Puglia e Veneto andranno a votare per il rinnovo del Consiglio Regionale e del Presidente di Regione.

Se puoi votare o conosci qualcuno che può votare in queste Regioni, puoi sostenere le candidature espresse o appoggiate da Possibile. Aiutaci a portare nei consigli regionali le persone che portano avanti le battaglie in cui crediamo! Passaparola: il tuo sostegno è fondamentale!

CAMPANIA

Per una Campania più giusta e più verde, in cui nessuno sia lasciato indietro, in cui nessuno sia costretto a emigrare, barra il simbolo della lista Alleanza Verdi e Sinistra con Roberto Fico Presidente. A Napoli e provincia scrivi il nome di Andrea Davide e Souzan Fatayer (detta Susan). Ti basta scrivere “Davide” e “Susan” nell’apposito spazio per le preferenze.

PUGLIA

In Puglia, barra il simbolo della lista Alleanza Verdi e Sinistra con Antonio Decaro Presidente. A Taranto e provincia scrivi il nome di Rosa d’Amato. A Bari e provincia scrivi il nome di Francesca Sbiroli.

VENETO

In Veneto, per cambiare passo alla Regione, barra il simbolo della lista Alleanza Verdi e Sinistra con Giovanni Manildo Presidente. A Padova e provincia scrivi il nome di Elena Ostanel. A Vicenza e provincia scrivi il nome di Carlo Cunegato.

Puoi esprimere fino a due preferenze purché siano in alternanza di genere.

L'articolo Campania, Puglia, Veneto. Si vota: portiamo le nostre battaglie in consiglio regionale! proviene da Possibile.

Across Europe, a new concept known as chat scanning has entered the public debate. Supporters claim it will protect children from online harm. Chat control is formally part of the Child Sexual Abuse Regulation (CSAR), aimed at combating CSAM (child sexual abuse material). However, many experts, privacy groups, and digital rights advocates warn that it poses a greater risk for everyone who uses a phone, especially young people who message daily.

What is chat scanning?

In simple terms, it is a system that checks your private messages before or as soon as you send them. The app you use would need to scan your texts, photos, or videos and determine whether they seem suspicious. If the scanner thinks something is “unsafe,” it can report the sender, even if the message was completely innocent.

This means the scanning occurs within your phone, not on a server elsewhere. Every typed or uploaded message is checked before it reaches a friend or family member. It is like having a digital security guard watching over your shoulder every time you write something personal.

For digital rights advocates, including the Pirate Party, this raises a serious concern: privacy is not something that can be switched on and off. Once a system is built to monitor everyone’s conversations, it becomes a permanent gateway to surveillance. It does not take much for such tools to be expanded, misused, or accessed by actors who do not have the public’s interest at heart.

Why Chat Control Is a Real Threat

Chat control systems are not theoretical risks. Automated scanners genuinely make mistakes. They often cannot understand teenage slang, humour, or personal images. A tool meant to protect vulnerable users can easily turn into one that falsely accuses innocent people. Meanwhile, determined bad actors can simply switch to apps that do not follow these rules, while ordinary citizens remain under constant monitoring.

This approach also weakens secure communication. End-to-end encryption is designed to protect everyone from hackers, identity theft, and even misuse of state power. Scanning messages before they are encrypted breaks that protection. Instead of keeping society safe, it exposes activists, families, journalists, and children to new dangers.

The Ripple Effect on Democracy

If chat controls become law with a full majority, the long-term consequences could spread slowly but deeply. The ripple effect would impact multiple pillars of democracy.

Privacy Erosion

What begins as limited scanning to target harmful content can gradually expand to include most users. When every message is subject to scrutiny, personal privacy is the first casualty.

Overwhelmed Law Enforcement

A flood of false positives would strain police resources. German experts who reviewed the proposal warned that law enforcement would be unable to handle the volume of inaccurate reports. This waste of time and energy increases the risk of people being wrongly investigated or prosecuted, ultimately making the public less safe.

Chilling of Free Expression

Journalists, activists, and vulnerable groups may start to self-censor because they no longer trust their communication channels. When private conversations feel monitored, open dialogue becomes rare.

Decline in Civic Participation

As trust in institutions weakens, people may disengage from democratic processes. Press freedom declines, and political debate becomes less open.

Shift in Social Norms

Over time, society may begin to accept the idea that monitoring private digital spaces is normal. Such a shift can alter the social contract itself, making surveillance an everyday expectation rather than an exception.

This is how a policy introduced in the name of protection can gradually erode the foundations of democracy.

Are there safer alternatives?

There are better ways to keep communities safe. Targeted investigations, stronger reporting channels, improved child protection services, and investment in digital literacy can genuinely support vulnerable groups without breaking the fundamental right to private communication.

Europe should not accept a future where every phone becomes a checkpoint. Safety should be built on rights, not surveillance. Protecting children and protecting privacy are not opposing goals. With smart policy and responsible technology, the EU can and must do both.

european-pirateparty.eu/why-ch…

BIBLIOTECA UNIVERSITARIA ALESSANDRINA ~ APERTURA STRAORDINARIA

𝐁𝐈𝐁𝐋𝐈𝐎𝐓𝐄𝐂𝐀 𝐔𝐍𝐈𝐕𝐄𝐑𝐒𝐈𝐓𝐀𝐑𝐈𝐀 𝐀𝐋𝐄𝐒𝐒𝐀𝐍𝐃𝐑𝐈𝐍𝐀 ~ 𝐀𝐏𝐄𝐑𝐓𝐔𝐑𝐀 𝐒𝐓𝐑𝐀𝐎𝐑𝐃𝐈𝐍𝐀𝐑𝐈𝐀

𝐒𝐀𝐁𝐀𝐓𝐎 𝟮𝟵 𝗡𝗢𝗩𝗘𝗠𝗕𝗥𝗘 𝟮𝟬𝟮𝟱 𝒐𝒓𝒆 𝟭𝟔:𝟑𝟬 ~ 𝑺𝒂𝒍𝒂 𝑩𝒊𝒐-𝒃𝒊𝒃𝒍𝒊𝒐𝒈𝒓𝒂𝒇𝒊𝒄𝒂

La 𝐁𝐢𝐛𝐥𝐢𝐨𝐭𝐞𝐜𝐚 𝐔𝐧𝐢𝐯𝐞𝐫𝐬𝐢𝐭𝐚𝐫𝐢𝐚 𝐀𝐥𝐞𝐬𝐬𝐚𝐧𝐝𝐫𝐢𝐧𝐚 𝐬𝐚𝐛𝐚𝐭𝐨 𝟐𝟗 𝐧𝐨𝐯𝐞𝐦𝐛𝐫𝐞 a partire dalle ore 𝟭𝟔:𝟑𝟬 ospiterà l’incontro 𝐃𝐈𝐀𝐋𝐎𝐆𝐇𝐈 𝐓𝐑𝐀 𝐁𝐈𝐁𝐋𝐈𝐎𝐓𝐄𝐂𝐀𝐑𝐈, durante il quale avverrà la presentazione del volume 𝙍𝙖𝙘𝙘𝙤𝙣𝙩𝙞 𝙁𝙡𝙪𝙩𝙩𝙪𝙖𝙣𝙩𝙞 di 𝐏𝐚𝐨𝐥𝐚 𝐌𝐚𝐝𝐝𝐚𝐥𝐮𝐧𝐨.

Dialogheranno con l’𝐀𝐮𝐭𝐫𝐢𝐜𝐞 il Direttore della Biblioteca 𝐃𝐚𝐧𝐢𝐞𝐥𝐚 𝐅𝐮𝐠𝐚𝐫𝐨 e 𝐑𝐨𝐬𝐚𝐧𝐧𝐚 𝐕𝐢𝐬𝐜𝐚, bibliotecaria.

#biblioteca#library#cultura#roma#CulturalHeritage#libri#libros#books#eventi#roma#paolamaddaluno#raccontifluttuanti

alessandrina.cultura.gov.it/%f…

È stato appena pubblicato il fascicolo gennaio-giugno 2025 della serie Musica a stampa della Bibliografia nazionale italiana.

Per i fascicoli precedenti e per le altre serie rimandiamo alla pagina BNI dedicata.

L'articolo BNI Musica – Primo semestre 2025 proviene da Biblioteca nazionale centrale di Firenze.