Alessandro Di Battista al TPI Fest 2024: “Israele è il peggior stato terrorista al mondo”
@Politica interna, europea e internazionale
“Israele è il peggior stato terrorista al mondo”: lo dichiara senza troppi giri di parole Alessandro Di Battista al TPI Fest 2024, in programma per il terzo anno consecutivo presso la “Tettoia Nervi”, in piazza Lucio Dalla a Bologna. “Nel 2016 – afferma l’ex deputato del
Upgraded Raster Laser Projector Goes RGB
We’ve covered a scanning laser project by Ben Make’s Everything last year, and now he’s back with a significant update. [Ben]’s latest project now offers a higher resolution and RGB lasers. A couple of previous versions of the device used the same concept of a rotating segmented mirror synchronised to a pulsed laser diode to create scanlines. When projected onto a suitable surface, the distorted, pixelated characters looked quite funky, but there was clearly room for improvement.More scanlines and a faster horizontal pixel rate
The previous device used slightly inclined mirrors to deflect the beam into scanlines, with one mirror per scanline limiting the vertical resolution. To improve resolution, the mirrors were replaced with identically aligned mirrors of the type used in laser printers for horizontal scanning. An off-the-shelf laser galvo was used for vertical scanning, allowing faster scanning due to its small deflection angle. This setup is quicker than then usual vector galvo application, as the smaller movements require less time to complete. Once the resolution improvement was in hand, the controller upgrade to a Teensy 4 gave more processing bandwidth than the previous Arduino and a consequent massive improvement in image clarity.
Finally, monochrome displays don’t look anywhere near as good as an RGB setup. [Ben] utilised a dedicated RGB laser setup since he had trouble sourcing the appropriate dichroic mirrors to match available lasers. This used four lasers (with two red ones) and the correct dichroic mirrors to combine each laser source into a single beam path, which was then sent to the galvo. [Ben] tried to find a DAC solution fast enough to drive the lasers for a proper colour-mixing input but ended up shelving that idea for now and sticking with direct on-off control. This resulted in a palette of just seven colours, but that’s still a lot better than monochrome.
The project’s execution is excellent, and care was taken to make it operate outdoors with a battery. Even with appropriate safety measures, you don’t really want to play with high-intensity lasers around the house!
Here’s the previous version we covered, a neat DIY laser galvo using steppers, and a much older but very cool RGB vector projector.
youtube.com/embed/fEPicBSYeNQ?…
Thanks to [Chan] for the tip!
PODCAST GARAGEPUNK
iyezine.com/the-saint-and-allk…
The Saint and allkillersnofillers present: Adventure with the Saint Episode n° 48 The Work of Art 31
The Saint and allkillersnofillers present: Adventure with the Saint Episode n° 48 The Work of Art 31 - PODCAST The Saint and allkillersnofillers present: Adventure with the Saint Episode n° 48 The Work of Art 31 -Il Santo (In Your Eyes ezine)
FLOSS Weekly Episode 801: JBang — Not Your Parents Java Anymore
This week Jonathan Bennett and Jeff Massie chat with Max Rydahl Andersen about JBang, the cross-platform tool to run Java as a system scripting language. That’s a bit harder than it sounds, particularly to take advantage of Java’s rich debugging capabilities and the ecosystem of libraries that are available. Tune in to get the details, as well as how polyglot files are instrumental to making JBang work!
youtube.com/embed/5qTyyMyU2hQ?…
Did you know you can watch the live recording of the show Right on our YouTube Channel? Have someone you’d like us to interview? Let us know, or contact the guest and have them contact us! Take a look at the schedule here.
play.libsyn.com/embed/episode/…
Direct Download in DRM-free MP3.
If you’d rather read along, here’s the transcript for this week’s episode.
Places to follow the FLOSS Weekly Podcast:
hackaday.com/2024/09/18/floss-…
Fediforum happened this week, mozilla.social shuts down, and Mastodon announces the Fediverse Discovery Project.
𝔻𝕚𝕖𝕘𝕠 🦝🧑🏻💻🍕 likes this.
reshared this
Elena Basile al TPI Fest 2024: “Nei due conflitti in corso non ci sono buoni e cattivi, anche il nemico ha le sue ragioni. A Gaza stiamo assistendo a un genocidio”
@Politica interna, europea e internazionale
“Nei due conflitti in corso non ci sono i buoni da una parte e i terroristi dall’altra, solo quando ci renderemo conto che ci sono degli opposti interessi, e che quindi bisogna trovare i compromessi giusti per una
Onu a Israele: stop a presenza illegale nei Territori palestinesi entro 12 mesi
@Notizie dall'Italia e dal mondo
La risoluzione ha ricevuto 124 voti favorevoli, 43 paesi si sono astenuti, Israele, gli Usa e altri 12 Stati hanno votato contro. L’Italia si è astenuta
L'articolo Onu a Israele: stop a presenza illegale nei Territori palestinesi entro 12 mesi
Riceviamo e pubblichiamo da Leonardo Cribio
🌍 TRE GIORNI PER LA PACE 2024 🌍
"Assange e Guerra al giornalismo"
🎤 Dibattito con i giornalisti:
Germana Leoni
Fabrizio Cassinelli
Giuliano Marrucci
Massimo Alberizzi
Alberto Negri (in collegamento)…
FREE ASSANGE Italia
Riceviamo e pubblichiamo da Leonardo Cribio 🌍 TRE GIORNI PER LA PACE 2024 🌍 "Assange e Guerra al giornalismo" 🎤 Dibattito con i giornalisti: Germana Leoni Fabrizio Cassinelli Giuliano Marrucci Massimo Alberizzi Alberto Negri (in collegamento)…Telegram
Commission ends probe of Microsoft-Inflection AI merger
The European Commission will stop looking into whether Microsoft's hiring of Inflection AI staff breached EU merger rules after seven EU countries dropped their requests for an investigation, the EU executive said in a press release on Wednesday (18 September).
Meet the Winners of the 2024 Tiny Games Contest
Over the years, we’ve figured out some pretty sure-fire ways to get hackers and makers motivated for contests. One of the best ways is to put arbitrary limits on different aspects of the project, such as how large it can be or how many power it can consume. Don’t believe us? Then just take a look at the entries of this year’s Tiny Games Contest.
Nearly 80 projects made it across the finish line this time, and our panel of judges have spent the last week or so going over each one to try and narrow it down to a handful of winners. We’ll start things off with the top three projects, each of which will be awarded a $150 gift certificate from our friends at DigiKey.
First: Sub-Surface Simon
While this contest saw a lot of excellent entries, we don’t think anyone is going to be surprised to see this one take the top spot. Earning an exceptionally rare perfect ten score from each of our judges, Sub-Surface Simon from [alnwlsn] grabbed onto the theme of this contest and ran like hell with it.
Exploiting the fact that many integrated circuits are actually far smaller than their external packages, [alnwlsn] milled away the inert plastic surrounding the DIP-14 version of the ATtiny84A, which left just enough room to install some LEDs and buttons. This means the complete game is housed within the boundaries of the chip itself — just plug it into a powered breadboard and get playing.
Second: Morse Quest
Coming in at second place is Morse Quest, from [felix]. Basically, [felix] took the classic text-based adventure game formula, and replaced the keyboard and monitor with a microswitch and an LED. Players not only need to correctly decode the flashing LED to figure out what the game is saying about their immediate environment, but they have to compose their response and key it in manually.
Always wanted to learn Morse code, but didn’t know how to get started? Well, this game probably isn’t it. While you can select the rate at which the same blinks out the game to make things a little easier on yourself, you’ll still need a pretty solid knowledge of Morse to explore very far.
Third: WS2812B Othello
Easily the most traditional game of the of the top three, this handheld Othello allows the player to challenge a computerized opponent on an 8×8 matrix of WS2812B LEDs. As the LED board is an off-the-shelf module, [Dave] was able to hide most of the main PCB’s electronics underneath it, giving the overall device a particularly clean look.
As nice as the hardware is, the software is equally impressive. Running on an 80 MHz STM32L412KBT6, [Dave] wrote the entire firmware without using any external libraries. Most of us would have been reaching for a common library just to get the hardware working, but he wrote everything from the button debounce routines to the actual logic by which the game is played.
Honorable Mentions
There’s no way we can pick just three of these incredible projects to showcase, so as usual, we have a few additional categories for entries that really stood out to the judges.
One Dimensional: For this category we wanted to get people thinking about what they could do with a common addressable LED strip, and T1Duino from [Andrea Trentini] didn’t disappoint. This large-format game re-imagines Tetris in a single dimension by focusing on the colors of the falling blocks instead of their shapes. But we’ve also got to give credit to [senily64dx], who really thumbed their nose at this one. Zero Dimensional PONG recreates the classic game with just a single LED. The players are meant to interpret the changing brightness of the LED as it moving closer or farther away from them, and time their button presses accordingly.
The Classics: This category was devoted to entries that brought back the iconic games of yesteryear, so it’s little surprise that the judges singled out this miniature Space Invaders arcade cabinet from [Nick Cranch] as a prime example. Just one classic game not enough? Then take a look at the μRetro from [bobricius]. This gorgeous handheld uses ATtiny85 cartridges that let’s you swap between a collection of arcade standards.
The Controls: Nintendo has spent the last couple of decades proving that how players interact with the hardware can be just as important as the games themselves, and these entries are no different. Salsa ONE by [Alex] is a minimalistic handheld that you play with just a single button, while Blind Maze from [penumbriel] tasks the player with navigating an invisible maze using an interface consisting of a trio of buttons and LEDs.
Pocket Arcade: Each judge agreed that, as far as being pocket-friendly, the Wibraboy was the project to beat. By repurposing the enclosure from a cheapo handheld game, [x3e] was able to give their DIY recreation a remarkably professional look. For those with even smaller pockets, the Tiny OLED by [deʃhipu] offers up classic gameplay in an exceptionally small footprint.
Fancy!: Finally, this category was devoted to the most polished and professional looking builds. Among all the projects, the LED Matrix Arcade from [Ryan Shill] may be the most attractive of the bunch. With its vibrant 32×32 LED array and walnut enclosure, it’s a build we’d be proud to have on display at home. The all-digital Mini Virtual Pinball Cabinet created by [mircemk] was also a favorite for this category, as it does an excellent job of recreating the authentic pinball look with a sideways-mounted 17 inch monitor.
Shall We Play a Game?
There’s only so many projects we can call out individually, so we strongly recommend you head over to Hackaday.io and browse all of the incredible entries into this contest. There’s some truly impressive work in there, and we’re willing to bet you’ll find something in there that will help inspire your own projects.
We’d like to thank DigiKey for helping to make this contest possible, and of course the Hackaday community for consistently rising to our latest challenge. Speaking of which, you’ve still got some time before the deadline to submit your best Simple Supercon Add-On for our latest contest.
Underwater high-tech. Fincantieri lancia il nuovo simulatore a realtà aumentata
@Notizie dall'Italia e dal mondo
[quote]Cetena, società del gruppo Fincantieri, leader nella ricerca e simulazione navale, ha sviluppato il primo simulatore avanzato che combina realtà virtuale e aumentata per la guida e la manutenzione di veicoli subacquei filoguidati (Remotely operated vehicles – Rov), destinati
Ministero dell'Istruzione
Oggi il Ministro Giuseppe Valditara ha firmato il decreto a favore di 19 nuove Fondazioni #ITSAcademy, che nel 2023 hanno avviato almeno un percorso formativo. Grazie al provvedimento riceveranno oltre 55 milioni di euro.Telegram
Airline Seats Are for Dummies
You normally don’t think a lot would go into the construction of a chair. However, when that chair is attached to a commercial jet plane, there’s a lot of technology that goes into making sure they are safe. According to a recent BBC article, testing involves crash dummies and robot arms.
Admittedly, these are first-class and business-class seats. Robots do repetitive mundane tasks like opening and closing the tray table many, many times. They also shoot the seats with crash dummies aboard at up to 16 Gs of acceleration. Just to put that into perspective, a jet pilot ejecting gets about the same amount of force. A MiG-35 pilot might experience 10 G.
We didn’t realize how big the airline seat industry is in Northern Ireland. Thompson, the company that has the lab in question, is only one of the companies in the country that builds seats. Apparently, the industry suffered from the global travel slowdown during the pandemic but is now bouncing back.
While people worry about robots taking jobs, we can’t imagine anyone wanting to spend all day returning their tray table to the upright and locked position repeatedly. We certainly don’t want to be 16 G crash dummies, either.
Crash dummies have a long history, of course. Be glad airliners don’t feature ejector seats.
M5S, pubblicati i 20 possibili temi della costituente: ci sono anche nome, simbolo e limite due mandati
@Politica interna, europea e internazionale
Sul sito del Movimento 5 Stelle è stato pubblicato l’elenco dei 20 temi che potrebbero essere discussi nell’assemblea costituente in programma a ottobre. Di questi, solo 12 saranno effettivamente oggetto di approfondimento. A selezionarli saranno, nei prossimi giorni,
Guerra di tecnologie. Droni, missili e AI nel conflitto in Medio Oriente
@Notizie dall'Italia e dal mondo
[quote]Il Medio Oriente dilaniato dalla guerra è divenuto, suo malgrado, una vetrina per l’uso di nuove tecnologie militari da parte di tutti gli attori coinvolti. Difatti non solo le Israeli Defence Forces, storicamente caratterizzate dall’impiego di tecnologie all’avanguardia nel tentativo di sopperire alle
Catching The BOAT: Gamma-Ray Bursts and The Brightest of All Time
Down here at the bottom of our ocean of air, it’s easy to get complacent about the hazards our universe presents. We feel safe from the dangers of the vacuum of space, where radiation sizzles and rocks whizz around. In the same way that a catfish doesn’t much care what’s going on above the surface of his pond, so too are we content that our atmosphere will deflect, absorb, or incinerate just about anything that space throws our way.
Or will it? We all know that there are things out there in the solar system that are more than capable of wiping us out, and every day holds a non-zero chance that we’ll take the same ride the dinosaurs took 65 million years ago. But if that’s not enough to get you going, now we have to worry about gamma-ray bursts, searing blasts of energy crossing half the universe to arrive here and dump unimaginable amounts of energy on us, enough to not only be measurable by sensitive instruments in space but also to effect systems here on the ground, and in some cases, to physically alter our atmosphere.
Gamma-ray bursts are equal parts fascinating physics and terrifying science fiction. Here’s a look at the science behind them and the engineering that goes into detecting and studying them.
Collapsars and Neutron Stars
Although we now know that gamma-ray bursts are relatively common, it wasn’t all that long ago that we were ignorant of their existence, thanks in part to our thick, protective atmosphere. The discovery of GRBs had to wait for the Space Race to couple with Cold War paranoia, which resulted in Project Vela, a series of early US Air Force satellites designed in part to watch for Soviet compliance with the Partial Test Ban Treaty, which forbade everything except underground nuclear tests. In 1967, gamma ray detectors on satellites Vela 3 and Vela 4 saw a flash of gamma radiation that didn’t match the signature of any known nuclear weapon. Analysis of the data from these and subsequent flashes revealed that they came from space, and the race to understand these energetic cosmic outbursts was on.Trust, but verify. Vela 4, designed to monitor Soviet nuclear testing, was among the first satellites to detect cosmic gamma-ray bursts. Source: ENERGY.GOV, Public domain, via Wikimedia Commons
Gamma-ray bursts are the most energetic phenomena known, with energies that are almost unfathomable. Their extreme brightness, primarily as gamma rays but across the spectrum and including visible light, makes them some of the most distant objects ever observed. To put their energetic nature into perspective, a GRB in 2008, dubbed GRB 080319B, was bright enough in the visible part of the spectrum to just be visible to the naked eye even though it was 7.5 billion light years away. That’s more than halfway across the observable universe, 3,000 times farther away than the Andromeda galaxy, normally the farthest naked-eye visible object.
For all their energy, GRBs tend to be very short-lived. GRBs break down into two rough groups. Short GRBs last for less than about two seconds, with everything else falling into the long GRB category. About 70% of GRBs we see fall into the long category, but that might be due to the fact that the short bursts are harder to see. It could also be that the events that precipitate the long variety, hypernovae, or the collapse of extremely massive stars and the subsequent formation of rapidly spinning black holes, greatly outnumber the progenitor event for the short category of GRBs, which is the merging of binary neutron stars locked in a terminal death spiral.
The trouble is, the math doesn’t work out; neither of these mind-bogglingly energetic events could create a burst of gamma rays bright enough to be observed across half the universe. The light from such a collapse would spread out evenly in all directions, and the tyranny of the inverse square law would attenuate the signal into the background long before it reached us. Unless, of course, the gamma rays were somehow collimated. The current thinking is that a disk of rapidly spinning material called an accretion disk develops outside the hypernova or the neutron star merger. The magnetic field of this matter is tortured and twisted by its rapid rotation, with magnetic lines of flux getting tangled and torn until they break. This releases all the energy of the hypernova or neutron star merger in the form of gamma rays in two tightly focused jets aligned with the pole of rotation of the accretion disk. And if one of those two jets happens to be pointed our way, we’ll see the resulting GRB.
youtube.com/embed/rofLQgMxM78?…
Crystals and Shadows
But how exactly do we detect gamma-ray bursts? The first trick is to get to space, or at least above the bulk of the atmosphere. Our atmosphere does a fantastic job shielding us from all forms of cosmic radiation, which is why the field of gamma-ray astronomy in general and the discovery of GRBs in particular had to wait until the 1960s. A substantial number of GRBs have been detected by gamma-ray detectors carried aloft on high-altitude balloons, especially in the early days, but most dedicated GRB observatories are now satellite-borne
Gamma-ray detection technology has advanced considerably since the days of Vela, but a lot of the tried and true technology is still used today. Scintillation detectors, for example, use crystals that release photons of visible light when gamma rays of a specific energy pass through them. The photons can then be amplified by photomultiplier tubes, resulting in a pulse of current proportional to the energy of the incident gamma ray. This is the technology used by the Gamma-ray Burst Monitor (GBM) aboard the Fermi Gamma-Ray Space Telescope, a satellite that was launched in 2008. Sensors with the GBT are mounted around the main chassis of Fermi, giving it a complete very of the sky. It consists of twelve sodium iodide detectors, each of which is directly coupled to a 12.7-cm diameter photomultiplier tube. Two additional sensors are made from cylindrical bismuth germanate scintillators, each of which is sandwiched between two photomultipliers. Together, the fourteen sensors cover from 8 keV to 30 MeV, and used in concert they can tell where in the sky a gamma-ray burst has occurred.The coded aperture for Swift’s BAT. Each tiny lead square casts a unique shadow pattern on the array of cadmiun-zinc-telluride (CZT) ionization sensors, allowing an algorithm to work out the characteristics of the gamma rays falling on it. Source: NASA.
Ionization methods are also used as gamma-ray detectors. The Niel Gehrels Swift Observatory, a dedicated GRB hunting satellite that was launched in 2004, has an instrument known as the Burst Alert Telescope, or BAT. This instrument has a very large field of view and is intended to monitor a huge swath of sky. It uses 32,768 cadmium-zinc-telluride (CZT) detector elements, each 4 x 4 x 2 mm, to directly detect the passage of gamma rays. CZT is a direct-bandgap semiconductor in which electron-hole pairs are formed across an electric field when hit by ionizing radiation, producing a current pulse. The CZT array sits behind a fan-shaped coded aperture, which has thousands of thin lead tiles arranged in an array that looks a little like a QR code. Gamma rays hit the coded aperture first, casting a pattern on the CZT array below. The pattern is used to reconstruct the original properties of the radiation beam mathematically, since conventional mirrors and lenses don’t work with gamma radiation. The BAT is used to rapidly detect the location of a GRB and to determine if it’s something worth looking at. If it is, it rapidly slews the spacecraft to look at the burst with its other instruments and instantly informs other gamma observatories about the source so they can take a look too.
The B.O.A.T.
On October 9, 2022, both Swift and Fermi, along with dozens of other spacecraft and even some ground observatories, would get to witness a cataclysmically powerful gamma-ray burst. Bloodlessly named GRB 221009A but later dubbed “The BOAT,” for “brightest of all time,” the initial GRB lasted for an incredible ten minutes with a signal that remained detectable for hours. Coming from the direction of the constellation Sagittarius from a distance of 2.4 billion light years, the burst was powerful enough to saturate Fermi’s sensors and was ten times more powerful than any signal yet received by Swift.The BOAT. A ten-hour time-lapse of data from the Fermi Large Area Telescope during GRB 221009A on October 8, 2022. Source: NASA/DOE/Fermi LAT Collaboration, Public domain
Almost everything about the BOAT is fascinating, and the superlatives are too many to list. The gamma-ray burst was so powerful that it showed up in the scientific data of spacecraft that aren’t even equipped with gamma-ray detectors, including orbiters at Mars and Voyager 1. Ground-based observatories noted the burst, too, with observatories in Russia and China noting very high-energy photons in the range of tens to hundreds of TeV arriving at their detectors.
The total energy released by GRB 221009A is hard to gauge with precision, mainly because it swamped the very instruments designed to measure it. Estimates range from 1048 to 1050 joules, either of which dwarfs the total output of the Sun over its entire 10 billion-year lifespan. So much energy was thrown in our direction in such a short timespan that even our own atmosphere was impacted. Lightning detectors in India and Germany were triggered by the burst, and the ionosphere suddenly started behaving as if a small solar flare had just occurred. Most surprising was that the ionospheric effects showed up on the daylight side of the Earth, swamping the usual dampening effect of the Sun.
When the dust had settled from the initial detection of GRB 221009A, the question remained: What happened to cause such an outburst? To answer that, the James Webb Space Telescope was tasked with peering into space, off in the direction of Sagittarius, where it found pretty much what was expected — the remains of a massive supernova. In fact, the supernova that spawned this GRB doesn’t appear to have been particularly special when compared to other supernovae from similarly massive stars, which leaves the question of how the BOAT got to be so powerful.
Does any of this mean that a gamma-ray burst is going to ablate our atmosphere and wipe us out next week? Probably not, and given that this recent outburst was estimated to be a one-in-10,000-year event, we’re probably good for a while. It seems likely that there’s plenty that we don’t yet understand about GRBs, and that the data from GRB 221009A will be pored over for decades to come. It could be that we just got lucky this time, both in that we were in the right place at the right time to see the BOAT, and that it didn’t incinerate us in the process. But given that on average we see one GRB per day somewhere in the sky, chances are good that we’ll have plenty of opportunities to study these remarkable events.
Dal supercalcolo ai velivoli del futuro, Montrucchio spiega il cuore tecnologico di Leonardo a Torino
@Notizie dall'Italia e dal mondo
[quote]La digitalizzazione sta ridefinendo l’industria aerospaziale. Nuovi processi e strumenti, potenziati dall’intelligenza artificiale e dal supercalcolo, stanno rivoluzionando la progettazione e lo sviluppo dei velivoli moderni. In questa evoluzione, accelerata dagli
La lettera di Marina Berlusconi: “Basta con i falsi retroscena, nessuna trama contro Meloni”
@Politica interna, europea e internazionale
Marina Berlusconi smentisce pubblicamente presunte cospirazioni da parte della sua famiglia contro la presidente del Consiglio Giorgia Meloni. E nega anche che gli eredi del Cavaliere siano insoddisfatti di come Antonio Tajani sta guidando Forza Italia. La
Supply Chain del Terrore! I Cercapersone Manomessi in fase di Produzione e Spedizione
Da ieri, la percezione degli attacchi alla supply chain è cambiata radicalmente.
Non si tratta più solo di proteggere i dati, ma di garantire la sicurezza fisica delle persone. Gli eventi di ieri hanno evidenziato come la manipolazione dei dispositivi possa mettere a rischio la vita umana, trasformando la tecnologia in un’arma silenziosa e invisibile. Questo ci fa comprendere come la sicurezza informatica e quella fisica siano ora profondamente interconnesse, e il prezzo dell’inazione non è più solo la perdita di informazioni, ma la perdita di vite umane
Da quanto è stato riportato da alcuni media, all’interno dei dispositivi esplosi agli Hezbollah, sono state impiantate delle schede con dell’esplosivo in fase di produzione.
La vicenda rappresenta uno degli attacchi più significativi in termini di penetrazione delle reti di comunicazione di Hezbollah, e ha sollevato numerosi interrogativi sulla vulnerabilità delle forniture elettroniche destinate a gruppi militanti.
Manomissioni in fase di produzione
Secondo fonti di intelligence citate da Reuters, il Mossad avrebbe orchestrato un sabotaggio su larga scala inserendo esplosivi all’interno di migliaia di cercapersone ordinati da Hezbollah e fabbricati in Taiwan. Gli esplosivi sono stati inseriti durante la fase di produzione o di spedizione, rendendo i dispositivi quasi impossibili da distinguere dai normali cercapersone. Questi ordigni sarebbero stati progettati per detonare in risposta alla ricezione di specifici messaggi codificati inviati ai dispositivi.
Hezbollah aveva optato per l’utilizzo di cercapersone, in quanto considerati un’alternativa più sicura rispetto agli smartphone, ritenuti facilmente tracciabili dai servizi segreti israeliani. Tuttavia, questo incidente dimostra come anche tecnologie più semplici possano essere compromesse in maniera sofisticata. Il sabotaggio ha provocato un’esplosione simultanea dei dispositivi, causando un numero significativo di vittime, inclusi combattenti e affiliati del gruppo.
Una pianificazione da Stato
Le fonti vicine alla vicenda hanno riferito che il piano è stato attentamente orchestrato nei mesi precedenti, sfruttando l’ordinazione in blocco dei cercapersone da parte di Hezbollah. Questi dispositivi, prodotti dalla compagnia taiwanese Gold Apollo, erano destinati a migliorare la comunicazione tra i membri del gruppo, soprattutto in aree come Libano e Siria. Tuttavia, la loro alterazione a livello di produzione o spedizione ha trasformato questi strumenti di comunicazione in vere e proprie bombe a orologeria.
Gold Apollo ha negato qualsiasi coinvolgimento diretto nella manipolazione dei dispositivi, sottolineando che i cercapersone fabbricati erano stati venduti attraverso canali regolari e che non avevano il controllo su ciò che accadeva dopo la spedizione. L’azienda ha dichiarato di non essere responsabile per l’uso improprio dei suoi prodotti e ha puntato il dito verso la possibilità che i dispositivi siano stati sabotati durante il trasporto o in altre fasi della supply chain.
L’utilizzo del PETN
Questa operazione rappresenta un esempio clamoroso di attacco alla supply chain, in cui l’infiltrazione dei sistemi avviene prima che i dispositivi raggiungano i loro destinatari finali. L’uso di esplosivi miniaturizzati, come il PETN, inseriti all’interno dei vani batteria dei cercapersone, è stato identificato come la modalità principale con cui è stato attuato il sabotaggio. La possibilità che tali esplosivi possano essere detonati a distanza tramite un segnale radio codificato evidenzia l’elevato livello tecnologico raggiunto dall’intelligence israeliana.
La reazione di Hezbollah non si è fatta attendere: il gruppo ha subito accusato Israele di essere responsabile dell’attacco, e ha promesso vendetta. L’episodio ha inasprito ulteriormente le tensioni tra Israele e Hezbollah, rafforzando la percezione che il Mossad sia capace di colpire in profondità le infrastrutture e le comunicazioni del gruppo militante.
Questo scenario di sabotaggio tecnologico apre nuovi interrogativi sul futuro della sicurezza nelle comunicazioni per gruppi come Hezbollah, e pone l’accento sui rischi associati agli attacchi alla supply chain, una tecnica che sta diventando sempre più sofisticata e devastante. La vicenda potrebbe avere importanti implicazioni geopolitiche, non solo in Medio Oriente ma anche a livello internazionale, considerando l’utilizzo di tecnologie civili per fini militari.
L'articolo Supply Chain del Terrore! I Cercapersone Manomessi in fase di Produzione e Spedizione proviene da il blog della sicurezza informatica.
#TuttiAScuola, riviviamo insieme la cerimonia di inaugurazione del nuovo anno scolastico che si è svolta lunedì #16settembre presso il Convitto Nazionale “Vittorio Emanuele II” di Cagliari.
🎥 Qui il video ▶ https://youtu.
Ministero dell'Istruzione
#TuttiAScuola, riviviamo insieme la cerimonia di inaugurazione del nuovo anno scolastico che si è svolta lunedì #16settembre presso il Convitto Nazionale “Vittorio Emanuele II” di Cagliari. 🎥 Qui il video ▶ https://youtu.Telegram
The 30 new Commission initiatives to get Europe back in the tech game
Ursula von der Leyen’s commissioners-designate are to present 30 new strategies, acts, and initiatives to make Europe competitive and secure in tech.
roma, 21 settembre, studio campo boario: presentazione del “libro della natura e del continuo”, di mario corticelli
slowforward.net/2024/09/18/rom…
un libro straordinario! non mancate!
Poliversity - Università ricerca e giornalismo reshared this.
Bringing the Horror of Seaman into the Real World
A little under 25 years ago, a particularly bizarre game was released for Sega’s Dreamcast. In actually, calling it a “game” might be something of a stretch. It was more of a pet simulator, where you need to feed and care for a virtual animal as it grows. Except rather than something like a dog or a rabbit, your pet is a talking fish with a human face that doesn’t seem to like you very much. Oh, and Leonard Nimoy is there too for some reason.
Most people in the world don’t even know this game ever existed, and frankly, their lives are all the better for it. But for those who lovingly cared for (or intentionally killed) one of these rude creatures back in the early 2000s, it’s an experience that sticks with you. Which we assume is why [Robert Prest] decided to build this incredibly faithful physical recreation of Seaman.
The creature itself is a wireless animatronic that’s been fitted with several servos to operate not just its creepy human mouth, but its flippers, legs, and tail. [Robert] pulled the original speech clips from the game, and recreated most of the voice recognition prompts so he can converse with his pet monster. A Dreamcast controller is used to interact with the robo-seaman, but even that’s a bit of a hack. It’s actually just the shell of the controller which has been filled with new hardware, namely an ESP8266 and Nokia LCD that take the place of the original Visual Memory Unit (VMU).
[Robert] went the extra mile and also recreated the tank the creature lives in. The front glass is actually a transparent display that can show game information or “water”, and there’s sonar sensors that can detect when somebody has reached into it. The original game’s interactive elements involved adjusting the temperature of the tank and feeding your growing abomination, which are represented in this physical incarnation. There’s even little 3D printed versions of the bugs (which incidentally also have human faces) raise as food for the creature.
While this might not be our ideal office decoration, but we’ve got to hand it to [Robert], he did a hell of job bringing Seaman to life. Now let’s just hope it doesn’t escape its tank and get into the wild.
youtube.com/embed/-HH8HnN_mB4?…
Inizio del corso di Storia della filosofia francese
Lectio inauguralis del Corso di laurea in Filosofia e inizio delle lezioni del corso di Storia della filosofia francese (Corso di laurea triennale in Filosofia)
Con la Lectio Inauguralis tenuta dalla professoressa Federica Russo ci sarà l’inaugurazione dell’anno accademico 24-25 del Corso di Studi in Filosofia e Scienze Filosofiche. La lezione …fabiosulpizioblog
War on terror e politica estera americana oggi. Un dibattito ampio
@Notizie dall'Italia e dal mondo
[quote]Conoscere ed analizzare il dibattito negli Stati Uniti attorno alla “War on Terror” bushiana contro il terrorismo islamico significa comprendere la postura di Washington in politica estera oggi. Inutile negare che le guerre in Iraq ed Afghanistan abbiano lasciato uno strascico di profonda divisione in seno
Vadda Ghalughara: l’Olocausto dei Sikh
[quote]Introduzione Nel cuore del XVIII secolo, il Punjab vive un periodo di profonde trasformazioni. Le pianure fertili, attraversate dai cinque fiumi che danno nome alla regione, sono il teatro di conflitti tra potenze emergenti eContinue reading
The post
Cercapersone come bombe, il blitz di Israele contro Hezbollah che può allargare la guerra
L’esplosione di oltre un migliaio di cercapersone di membri di Hezbollah e di altri esponenti di istituzioni e apparati legati all’Iran nella giornata odierna a seguito di un’azione con ogni probabilità di stampo israeliana ha suscitato clamore e scalpore. Un’esplosione simultanea di un numero così ampio di dispositivi, che ha causato 1.200 feriti in Libano, […]
Continua a leggere
The post Cercapersone come bombe, il blitz di Israele contro Hezbollah che può allargare la guerra appeared first on InsideOver.
Exotic SambaSpy is now dancing with Italian users
Introduction
In May 2024, we detected a campaign exclusively targeting victims in Italy. We were rather surprised by this, as cybercriminals typically select a broader target to maximize their profits. For example, a certain type of malware might target users in France and Spain, with the phishing emails written in both of the respective languages. However, for such a campaign, the malware’s code includes no particular checks to ensure it only runs in France and Spain. What sets this campaign apart is that, at various stages of the infection chain, checks are made to ensure that only Italian users are infected. This prompted us to investigate further and discover that the attackers were delivering a new RAT as the final payload that we dubbed SambaSpy.
Infection chain
When we started our investigation, we discovered two (slightly) different infection chains, as can be seen in the two figures below.
Let’s discuss the second case in more detail as that infection chain is more elaborate. First, the victim receives an email from a German email address. The email was, however, written in Italian and looked like it came from a legitimate Italian real estate company.
The email urges the receiver to view an invoice by clicking on an embedded link. Then the user is redirected to a malicious website which, during our analysis and according to other open sources, redirects to FattureInCloud, a legitimate Italian cloud solution used to store and manage digital invoices and quotes, where a legitimate invoice is displayed. Unfortunately, we were unable to view this file directly. Luckily, we found such an invoice on the urlscan.io website as can be seen in the figure below.
Note that all the distribution campaigns seem to be designed around this legitimate invoice. We observed a variety of the malicious emails and in all of them, the sender, subjects, and content took advantage of the brand of the company that generated the invoice. Moreover, the attacker registered more than a dozen of malicious domains under the company’s name:
belliniepecuniaimmobili[.]com
immobilibelliniepecunia[.]xyz
immobilibelliniepecunia[.]online
immobilibelliniepecunia[.]site
bpecuniaimmobili[.]online
bpecuniaimmobili[.]info
belliniepecuniaimmobilisrl[.]shop
belliniepecuniaimmobilisrl[.]online
belliniepecuniaimmobilisrl[.]xyz
belliniepecuniaimmobili.com[.]br
bpecuniaimmobili[.]xyz
immobilibelliniepecunia[.]shop
immobilibelliniepecunia[.]me
immobiliarebelliniepecunia[.]info
immobiliarebelliniepecunia[.]online
Getting redirected to a legitimate resource seemed like a dead end but our telemetry provided information that some users were redirected by the same URL to a malicious web server running behind ngrok. This server provided an HTML page containing JS code with comments in Brazilian Portuguese. It redirects users to a malicious OneDrive URL but only if they are running Edge, Firefox, or Chrome with their language set to Italian. If the users don’t pass these checks, they stay on the page.
<title> FATTURA </title>
<script>
window.onload = function() {
var language = navigator.language || navigator.userLanguage;
if (language.startsWith("it")) {
var userAgent = navigator.userAgent.toLowerCase();
var browser;
if (userAgent.includes("edg")) {
browser = "Edge";
} else if (userAgent.includes("firefox")) {
browser = "Firefox";
} else if (userAgent.includes("chrome")) {
browser = "Chrome";
} else {
// Navegador desconhecido, pode lidar com isso de acordo com sua lógica
return;
}
switch (browser) {
case "Edge":
window.location.href = "hxxps://1drv.ms/b/s!AnMKZoF8QfODa92x201yr0GDysk?e=ZnX3Rm";
Users that match the target end up at a PDF document hosted on Microsoft OneDrive, luring the user to click on a hyperlink with the text “VISUALIZZA DOCUMENTO”, meaning “view document.” Finally, the URL redirects to a malicious JAR file hosted on MediaFire, which is either a dropper or a downloader.
The downloader
The downloader runs some checks to see whether or not it is running in a VM.It then checks that the environment is set to Italian again and if not, exits. If all the checks are passed, the downloader downloads the final stage and executes it.
The dropper
The dropper does exactly the same thing as a downloader besides downloading the malware, as it is embedded inside the resources of the JAR file.
SambaSpy
SambaSpy is a full-featured RAT developed in Java and obfuscated using the Zelix KlassMaster protector. The strings are encrypted and class names and methods are obfuscated to prevent analysis and detection. The malware exhibits a wide range of functionalities. Below, we provided a partial description. For the full report, please contact us.
The many malware’s features include:
- File system management;
- Process management;
- Uploading/downloading files;
- Webcam control;
- Logging keystrokes and controlling the clipboard;
- Grabbing screenshots;
- Remote desktop management;
- Password stealing;
- Loading additional plugins at runtime;
- Starting a remote shell;
- Interacting with the victim;
Let’s look at some of these in more detail:
Loading plugins
The plugin loading mechanism is fairly simple. A class is supplied to the RAT and loaded using URLClassLoader to open a file on the disk previously downloaded by the RAT. It then invokes the addURL() method in the loaded class. See the figure below for the complete code.
Logging keystrokes and clipboard
SambaSpy uses the JNativeHook library to log every keystroke from the victim. Then, upon key release, each keystroke event is sent to the C2. It also uses Java Abstract Window native libraries to steal or modify the victim’s clipboard content.
Stealing browser credentials
The RAT can steal credentials from major browsers including Chrome, Edge, Opera, Brave, Iridium and Vivaldi.
Remote desktop control
SambaSpy implements a custom remote control system. It uses the Java Abstract Window library’s Robot class to control the mouse and keyboard from the system, along with the GraphicsDevice class to provide a screen display under the attacker’s control.
Who is behind the campaign?
We have yet to correlate the attackers behind this campaign to known actors. Nevertheless, there are indications that the threat actor speaks Brazilian Portuguese.
The language found in the malicious artifacts (i.e., code comments and error messages), and in the various sites utilized by the threat actor, was identified as Brazilian Portuguese as it features words not used in other dialects of the language.
We also know that the attacker is not exclusively interested in Italian targets, but has extended their activities to Spain and Brazil. During our investigation, we discovered other malicious domains attributed to the same attacker used in other campaigns. However, the infection chain involving these domains doesn’t include any language checks similar to those we observed in the Italian campaign.
The domains were attributed to the same attacker because they were used to manage or distribute other variants of the downloader observed in Italy.
Conclusion
There are several interesting aspects to this campaign. First, this campaign specifically targeted Italians by ensuring at multiple stages of the infection process that Italian was set as the language of the victim’s system. Second, there are various connections with Brazil, such as language artifacts in the code and domains targeting Brazilian users. This aligns with the fact that attackers from Latin America often target European countries with closely related languages, namely Italy, Spain, and Portugal.
Third, it is interesting to observe how the attackers based their distribution campaign on a legitimate document shared online, taking advantage of the brand of the company that generated the document. It is important to highlight that the company is completely unrelated to the campaign, as they are not directly involved in sending the messages or distributing the malware. They do not even appear to have published the invoice. Rather a customer presumably did so.
The attacker behind this campaign continuously changes its obfuscation methods, phishing emails, and C2 endpoints. Nevertheless, they reuse infrastructure-related second-level domains by creating new subdomains, which gives us a better overview of the attacker. This information can be used in future attribution efforts, while enhancing malware detection.
If you would like to stay up to date on the latest TTPs that criminals are using, or if you have questions about our private reports, contact us at crimewareintel@kaspersky.com.
Indicators of compromise
e6be6bc2f8e27631a7bfd2e3f06494aa Malicious PDF
1ec21bd711b491ad47d5c2ef71ff1a10 Downloader
d153006e00884edf7d48b9fe05d83cb4 Dropper
0f3b46d496bbf47e8a2485f794132b48 SambaSpy
Domain names embedded in email messages
officediraccoltaanabelacosta[.]net
belliniepecuniaimmobili[.]com
immobilibelliniepecunia[.]xyz
immobilibelliniepecunia[.]online
immobilibelliniepecunia[.]site
bpecuniaimmobili[.]online
bpecuniaimmobili[.]info
belliniepecuniaimmobilisrl[.]shop
belliniepecuniaimmobilisrl[.]online
belliniepecuniaimmobilisrl[.]xyz
belliniepecuniaimmobili.com[.]br
bpecuniaimmobili[.]xyz
immobilibelliniepecunia[.]shop
immobilibelliniepecunia[.]me
immobiliarebelliniepecunia[.]info
immobiliarebelliniepecunia[.]online
Domain names used to distribute malware
lamsnajs[.]site
appsabs[.]site
qpps[.]site
lskbd[.]site
serverakp[.]site
wedmail[.]site
66d68ce73c83226a.ngrok[.]app
hxxps://1drv[.]ms/b/s!AnMKZoF8QfODa92x201yr0GDysk?e=ZnX3Rm PDF hosted on OneDrive
hxxps://moduloj.lamsnajs[.]site/Modulo32.jpg URL embedded in downloader