Le autorità statunitensi e olandesi hanno recentemente smantellato una rete di 39 domini web e i relativi server, utilizzati per facilitare frodi online su larga scala. Questa operazione, denominata “Operation Heart Blocker“, ha preso di mira una serie di marketplace online originari del Pakistan, gestiti dal gruppo noto come Saim Raza o HeartSender.

Questi siti offrivano strumenti per il phishing e kit per frodi, utilizzati da gruppi criminali organizzati per condurre attacchi di Business Email Compromise (BEC), causando perdite superiori ai 3 milioni di dollari negli Stati Uniti.

I marketplace gestiti da Saim Raza fungevano da piattaforme per la vendita di kit di phishing, pagine di scam e strumenti per l’estrazione di email, fornendo anche video tutorial su YouTube per istruire gli utenti sull’uso di questi strumenti. Questa strategia ha permesso anche a criminali con competenze tecniche limitate di condurre operazioni fraudolente su vasta scala.

Le autorità olandesi hanno sottolineato che il gruppo criminale vendeva programmi per facilitare frodi digitali, utilizzati dai cybercriminali per inviare email di phishingsu larga scala o rubare credenziali di accesso. Si stima che il servizio avesse migliaia di clienti prima della sua chiusura. Gli utenti possono verificare se le proprie credenziali sono state compromesse visitando il sito “www.politie[.]nl/checkjehack” e inserendo il proprio indirizzo email.

Il gruppo, noto anche come The Manipulaters, era stato inizialmente esposto dal giornalista di sicurezza Brian Krebs nel maggio 2015. Un rapporto successivo di DomainTools ha evidenziato falle nella sicurezza operativa del gruppo, indicando che diversi sistemi associati agli attori delle minacce erano stati compromessi da malware di tipo stealer.

Nonostante la mancanza di sofisticazione tecnica rispetto ad altri grandi venditori di cybercrime, The Manipulaters si distingue per essere uno dei primi marketplace focalizzati sul phishing ad aver integrato orizzontalmente il proprio modello di business, espandendo le operazioni su diversi shop con marchi separati. Evidenze suggeriscono che nuovi membri si siano uniti al gruppo e che almeno un membro iniziale lo abbia lasciato. Si ritiene che abbiano una presenza fisica in diverse città del Pakistan, tra cui Lahore, Fatehpur, Karachi e Faisalabad.

Questa operazione segue lo smantellamento di altri marketplace criminali online, come Cracked, Nulled, Sellix e StarkRDP, avvenuto verso la fine di gennaio 2025 nell’ambito di un’operazione di polizia coordinata denominata Talent. Queste azioni dimostrano l’impegno continuo delle forze dell’ordine internazionali nel contrastare le attività criminali online e nel proteggere le potenziali vittime da frodi digitali sempre più sofisticate.

L'articolo Operazione “Heart Blocker” : colpo grosso al cuore delle frodi online internazionali proviene da il blog della sicurezza informatica.

Red Hot Cyber, punto di riferimento nell’ambito tecnologico, è lieta di annunciare il lancio della Red Hot Cyber Academy. Questa nuova iniziativa rappresenta un ampliamento significativo del nostro impegno nel fornire formazione di qualità e nella promozione della cultura digitale.

La nostra Academy è stata progettata per offrire corsi di e-learning e in live-class che coprono non solo la sicurezza informatica, ma anche un ampio spettro di argomenti legati all’Information Technology che mano a mano si andrà ad arricchire nel tempo.

Un’Offerta Formativa Completa e Innovativa

La Red Hot Cyber Academy offrirà una gamma di corsi in e-learning, pensati per soddisfare le esigenze di chiunque desideri accrescere le proprie competenze nell’ambito dell’Information Technology. I corsi, disponibili sul nuovo portale Red Hot Cyber Academy, spazieranno dalla cybersecurity allo sviluppo software, alla gestione delle reti alla data science, e molto altro ancora.

Ogni corso è pensato come un ponte tra la formazione scolastica/accademica e quella pratica, offrendo alle persone l’opportunità di approfondire le attività sul campo e di avvicinarsi gradualmente al mondo del lavoro.

Ogni corso è supervisionato dai nostri esperti, che non solo curano la qualità dei contenuti, ma sono anche a disposizione degli studenti per supporto continuo. Gli studenti avranno l’opportunità di apprendere in modo interattivo, con la possibilità di confrontarsi anche all’interno delle community di Red Hot Cyber per chi ne avrà la voglia e la motivazione.

youtube.com/embed/5uUp8AdQYTQ?…

Corsi in e-learning che in live-class

La formazione offerta da Red Hot Cyber si articola in due modalità principali: Live Class ed E-Learning, ciascuna pensata per soddisfare esigenze diverse in termini di interazione, flessibilità e approccio didattico.

I corsi Live Class prevedono la presenza di un docente che guida gli studenti in un percorso strutturato, garantendo un’interazione diretta e un supporto continuo. Questa modalità consente di partecipare a lezioni in tempo reale, fare domande e confrontarsi con altri partecipanti, creando un’esperienza più coinvolgente e dinamica. Inoltre, per alcuni corsi, gli studenti possono entrare in gruppi di approfondimento all’interno della community di Red Hot Cyber, proseguendo il confronto con esperti anche dopo la conclusione del corso.

D’altra parte, i corsi in E-Learning offrono la massima autonomia, permettendo agli studenti di accedere ai materiali didattici in qualsiasi momento e da qualsiasi luogo. Questa modalità è ideale per chi ha impegni lavorativi o personali e ha bisogno di gestire il proprio tempo in modo flessibile. Nonostante l’assenza di lezioni dal vivo, il supporto non manca: ogni studente può contattare il docente per chiarimenti o approfondimenti, assicurandosi un percorso formativo efficace e personalizzato.

Sia i corsi Live Class che quelli in E-Learning garantiscono un alto livello di qualità, con programmi aggiornati e incentrati sulle competenze più richieste nel settore della cybersicurezza e della tecnologia. La scelta tra le due modalità dipende dalle preferenze personali e dagli obiettivi di apprendimento di ciascuno.

Program Partner: I creator sono fondamentali

Un elemento fondamentale per il successo della Red Hot Cyber Academy è la collaborazione con i creatori di contenuti attraverso il nostro Program Partner. Collaboriamo strettamente con Professori, Aziende leader nell’Information Technology, istituzioni educative e partner tecnologici per garantire che i nostri corsi siano sempre aggiornati, rilevanti e in linea con le esigenze del mercato.

Il Program Partner consente ai creatori di corsi di proporre le proprie idee formative e sviluppare contenuti che saranno distribuiti attraverso la nostra Academy. Il programma offre una revenue share del 30% su ogni corso venduto per chiunque desideri creare corsi di formazione per la Red Hot Cyber Academy, valorizzando così le competenze dei creatori e offrendo loro una piattaforma per raggiungere un pubblico ampio e qualificato.

Aiutaci quindi a costruire un’Academy di alto livello e a condividere le tue competenze. Proporsi per il Partner Program è semplice: scrivi a academy@redhotcyber.com.

youtube.com/embed/y0wSXUJoQI4?…

Un’Opportunità Unica per Professionisti e Appassionati

La Red Hot Cyber Academy è progettata per essere accessibile a tutti, dai principianti agli esperti. Saranno presenti all’interno sia corsi a pagamento che corsi gratuiti. Che tu sia un professionista IT in cerca di aggiornamento, un neolaureato che desidera entrare nel mondo della tecnologia, o un appassionato che vuole ampliare le proprie conoscenze, troverai corsi adatti alle tue esigenze.

Invitiamo tutti gli interessati al mondo dell’Information Technology a visitare il nostro sito e scoprire i primi corsi messi a disposizione. Con la Red Hot Cyber Academy, potrai acquisire le competenze necessarie per rimanere all’avanguardia nel campo tecnologico.

Scopri di più e iscriviti oggi stesso su Red Hot Cyber Academy.

L'articolo Red Hot Cyber Academy: Formazione e cultura digitale a 360 Gradi proviene da il blog della sicurezza informatica.

Ignoring the International Cycling Union‘s mostly arbitrary rules for what a bicycle is “supposed” to look like (at least if you want to race), there are actually reasons that the bicycling world has standardized around a few common parts and designs. Especially regarding the drivetrain, almost all bikes use a chain, a freewheel, and a derailleur if there are gears to shift because these parts are cheap, reliable, and easy to repair. But if you’re off grid in a place like Africa, even the most reliable bikes won’t quite cut it. That’s why a group called World Bicycle Relief designed and built the Buffalo bicycle, and the latest adds a second gear with a unique freewheel.

Bicycling YouTuber [Berm Peak] takes us through the design of this bike in his latest video which is also linked below. The original Buffalo bicycle was extremely rugged and durable, with a rear rack designed to carry up to 200 pounds and everything on the bike able to be repaired with little more than an adjustable wrench. The new freewheel adds a second gear to the bike which makes it easier to use it in hilly terrain, but rather than add a complicated and hard-to-repair derailleur the freewheel adds a second chain instead, and the rider can shift between the two gears by pedaling backwards slightly and then re-engaging the pedals.

Of course a few compromises had to be made here. While the new freewheel is nearly as rugged as the old one, it’s slightly more complex. However, they can be changed quite easily with simple tools and are small, affordable, and easy to ship as well. The bike also had to abandon the original coaster brake, but the new rim brakes are a style that are also easy to repair and also meant that the bike got a wheel upgrade as well. Bicycles like these are incredibly important in places where cars are rare or unaffordable, or where large infrastructure needed to support them is unreliable or nonexistent. We’ve seen other examples of bicycles like these being put to work in places like India as well.

Thanks to [Keith] for the tip!

youtube.com/embed/NnSWDKfT7FQ?…

hackaday.com/2025/02/03/bicycl…

The DeepSeek large language models (LLM) have been making headlines lately, and for more than one reason. IEEE Spectrum has an article that sums everything up very nicely.

We shared the way DeepSeek made a splash when it came onto the AI scene not long ago, and this is a good opportunity to go into a few more details of why this has been such a big deal.

For one thing, DeepSeek (there’s actually two flavors, -V3 and -R1, more on them in a moment) punches well above its weight. DeepSeek is the product of an innovative development process, and freely available to use or modify. It is also indirectly highlighting the way companies in this space like to label their LLM offerings as “open” or “free”, but stop well short of actually making them open source.

The DeepSeek-V3 LLM was developed in China and reportedly cost less than 6 million USD to train. This was possible thanks to developing DualPipe, a highly optimized and scalable method of training the system despite limitations due to export restrictions on Nvidia hardware. Details are in the technical paper for DeepSeek-V3.

There’s also DeepSeek-R1, a chain-of-thought “reasoning” model which handily provides its thought process enclosed within easily-parsed <think> and </think> pseudo-tags that are included in its responses. A model like this takes an iterative step-by-step approach to formulating responses, and benefits from prompts that provide a clear goal the LLM can aim for. The way DeepSeek-R1 was created was itself novel. Its training started with supervised fine-tuning (SFT) which is a human-led, intensive process as a “cold start” which eventually handed off to a more automated reinforcement learning (RL) process with a rules-based reward system. The result avoided problems that come from relying too much on RL, while minimizing the human effort of SFT. Technical details on the process of training DeepSeek-R1 are here.

DeepSeek-V3 and -R1 are freely available in the sense that one can access the full-powered models online or via an app, or download distilled models for local use on more limited hardware. It is free and open as in accessible, but not open source because not everything needed to replicate the work is actually released. Like with most LLMs, the training data and actual training code used are not available.

What is released and making waves of its own are the technical details of how researchers produced what they did, and that means there are efforts to try to make an actually open source version. Keep an eye out for Open-R1!

hackaday.com/2025/02/03/more-d…

When the first artificial satellite, Sputnik, was put into orbit around Earth, anyone in the path of the satellite could receive the beeps transmitted by the satellite provided they had some simple radio equipment. Of course, there was no two-way communication with this satellite, and it only lasted a few weeks before its batteries died. Here in the future, though, there are many more satellites in orbit and a few are specifically meant for ham radio operators. And, like the ’50s, it doesn’t take too much specialized equipment to communicate with them, although now that communication can be two-way.

The first step in this guide by [W2PAK] is to know where these satellites are in the sky. The simplest way to do that is to use a smartphone app called GoSatWatch and, when configured for a specific location, shows the satellites currently overhead. After that it’s time to break out the radio gear, which can be surprisingly inexpensive. A dual-band handheld is required since satellite uplink and downlink can be on different bands, and the antenna can be made from simple parts as well as [W2PAK] demonstrates in a separate video. Combined, this can easily be done for less than $100. [W2PAK] also goes over the proper format and etiquette for a satellite contact as well, so a new operator can pick it up quickly.

Using satellites as repeaters opens up a lot of capabilities when compared to terrestrial communications. Especially for operators with entry-level licenses who are restricted to mostly VHF and UHF, it adds a challenge as well as significantly increased range compared to ground-based repeaters and line-of-sight communications. There are plenty of activities around satellites that don’t require a license at all, too, like this project which downloads weather imagery from weather satellites.

youtube.com/embed/eztKfPp2NY4?…

hackaday.com/2025/02/03/commun…

Large language models (LLMs) are wholly dependent on the quality of the input data with which these models are trained. While suggestions that people eat rocks are funny to you and me, in the case of LLMs intended to help out medical professionals, any false claims or statements dripping out of such an LLM can have dire consequences, ranging from incorrect diagnoses to much worse. In a recent study published in Nature Medicine by [Daniel Alexander Alber] et al. the ease with which this data poisoning can occur is demonstrated.

According to their findings, only 0.001% of training tokens have to be replaced with medical misinformation to order to create models that are likely to produce medically erroneous statement. Most concerning is that such a corrupted model isn’t readily discovered using standard medical LLM benchmarks. There are filters for erroneous content, but these tend to be limited in scope due to the overhead. Post-training adjustments can be made, as can the addition of RAG, but none of this helps with the confident bull excrement due to corruption.

The mitigation approach that the researchers developed cross-references LLM output against biomedical knowledge graphs, to reduce the LLM mostly for generating natural language. In this approach LLM outputs are matched against the graphs and if LLM ‘facts’ cannot be verified, it’s marked as potential misinformation. In a test with 1,000 random passages detected issues with a claimed effectiveness of 91.9%.

Naturally, this does not guarantee that misinformation does not make it past these knowledge graphs, and largely leaves the original problem with LLMs in place, namely that their outputs can never be fully trusted. This study also makes it abundantly clear how easy it is to corrupt an LLM via the input training data, as well as underlining the broader problem that AI is making mistakes that we don’t expect.

hackaday.com/2025/02/03/examin…

Have you ever wished you could experiment with different layouts super easily, just by adding or removing a few switches here and there and printing a new case? Well, [heyisjambo] says that it’s more than possible with menura, the modular keyboard system.

So many lovely options! Image by [heyisjambo] via GitHub[heyisjambo] is happy with 36 keys, but is reduced-count-curious and wanted a way to explore without a lot of wasted time and PCBs.

At the same time, [heyisjambo] wanted to experiment with split vs. uni-body construction, and especially the different shapes that are possible when tweaking the angle and distance between them.

And as if that weren’t enough, there’s support for [Sadek Baroudi]’s VIK standard for interfacing data between PCBs, which calls for an FPC 12-pin, 0.5 mm pitch connector and allows for ultra-cool magnetic connectors. This way, you can easily add things like displays, trackpads, and trackballs in the between the halves.

Thanks for the tip, [calculus]!

Cosmos Keyboard Configurator Is Out of This World

Well, this is probably the coolest thing I’ve seen this week. Cosmos is an utterly customizable keyboard configurator by [Lost Pistachio] that uses a scan of your hand to figure out what thumb clusters, curvature, and layout are right for you, without wasting time and plastic on physical prototypes. You should go check it out, especially to see the cool and noodly finger animations in the demo.

Image by [LostPistachio] via Cosmos Keyboard ConfiguratorAt the top left you’ll find Basic, Advanced, and Expert modes, where Expert is playing directly with the code. You can mess with the thumb cluster keys by moving them around directly with the mouse. You want a trackball? Boom, trackball.

Did I mention that it does all this in the browser? Oh, except for a couple of things things, which are accessible with a PRO account. This costs a measly $10 and is good for a lifetime, yours or theirs.

Yes, there are a lot of settings, but it’s easy enough to get started with the docs page, which outlines some recommendations for everything from the layout to the microcontroller.

Thanks for the tip, [Timothée]!

The Centerfold: The Hacktrick

Image by [tschibo00] via redditNo, this isn’t some sci-fi prop. It’s real, and it’s spectacular. This is [tschibo00]’s Hacktrick — a gasket-mounted keyboard that uses converted key tops from an IBM Selectric I typewriter. The golf ball type element is not just for looks — it’s mounted on a special adapter and acts as encoder to scroll up/down, left/right, and push down.

The switches are mounted sideways in order to accept the keycaps without an adapter. Since the Selectric key tops are normally mounted on levers and wider in the north-south direction, the switches must be rotated, and a cross-slit Dremeled into the underside of each beautiful, double-shot key top. This way, they can still be used on a Selectric. In case you’re wondering, that case was resin-printed by a board house, although [tschibo00] sanded, painted, and clear-coated it many times.

Do you rock a sweet set of peripherals on a screamin’ desk pad? Send me a picture along with your handle and all the gory details, and you could be featured here!

Historical Clackers: the Bennett/Junior

Introduced in 1907, the Junior was Charles Almon Bennett’s first typewriter. It had no paper table and utilized ink rollers. Evidently, it had numerous issues with alignment. But one thing is certain; this was truly a pocket-sized typewriter.

Image by [Lucas Dul] via The Mechanical TypeThese issues were all addressed with Bennett’s second machine, which he named after himself. The Bennett had a paper table, ribbon spools, and no alignment issues. Even so, it was difficult to type on.

First off, the keys are way too close together, which is just bad for typing in general, plus it made the wrists begin to ache after a while.

And you see how they overlap? Pressing one depresses the keys beneath it as well — hit Q, and A and Z go down with it. But hey, at least it’s ortholinear, eh? And plus, look where the Space bar is.

These things are small: just 11″ x 5″ x 2″ and a mere 4.5 pounds. They have the honor of being the smallest typewriters ever manufactured with full keyboards. If you want to take a deeper dive into one of these machines, be sure to check out [Lucas Dul]’s exploration of a Junior. You may remember [Lucas] from a previous Keebin’.

There’s Nothing Wooden About This Design

Look, I don’t happen to have any experience clacking on a wooden keyboard, although I welcome it with open arms. And unless I get some serious skills and/or cash, it’s probably going to be a while.
Image via Yanko Design
That said, the folks at Yanko Design got their hands on an Alice60 made (almost) completely out of wood, and rave about the sound, the tactility, the whole nine.

We know what plastic sound and feels like. But even the nicest plastics get slick over time with finger oils. I’m not saying that will magically go away with a wooden keyboard, only that one can imagine the oils seasoning the wood rather that ruining it.

This offering from Epomaker x Feker is currently available for pre-order for a cool $549. Not bad for something so lovely, which will undoubtedly provide a keyboarding experience like none other.

This is certainly not the first wooden keyboard we’ve seen, and it’s not even the first commercial offering. If you’re not into ergonomics and have the means to spend twice as much, check out this wooden rectangle from Hacoa. If you want to make one yourself, take a look at [Bo Yao]’s carpenter tau number, or [Steve M. Potter]’s Scrabble tile affair.

Got a hot tip that has like, anything to do with keyboards? Help me out by sending in a link or two. Don’t want all the Hackaday scribes to see it? Feel free to email me directly.

hackaday.com/2025/02/03/keebin…

Join us on Wednesday, February 5 at noon Pacific for the Underwater Robotics Hack Chat with Tony White!

Almost anywhere you look, there’s a good chance you can see a robot at work. Whether they’re sweeping your floors, delivering a snack, building a car, or even driving one, robots are everywhere on this planet. And since over 70% of this planet is covered in water, it makes sense that robots should be there, too. Getting a robot to work underwater at all is one thing, but getting it to work underwater reliably can be quite a challenge. Water always finds a way to ruin your day, after all, and this reality only worsens when you add a little salt into the mix.

Tony White knows the marine engineering field well, having worked in the space for over a decade. He’s currently an applications engineer at Blue Robotics, where he’s worked on everything from full-size autonomous surface vessels to underwater swarm robots. He’s stopping by the Hack Chat to talk about the harsh engineering realities of underwater automation, so if you’ve ever wanted to take the plunge, you’ll want to come to this Hack Chat for sure.

Our Hack Chats are live community events in the Hackaday.io Hack Chat group messaging. This week we’ll be sitting down on Wednesday, February 5 at 12:00 PM Pacific time. If time zones have you tied up, we have a handy time zone converter.

hackaday.com/2025/02/03/underw…

Many decades ago, when soldering was an activity more often associted with copper fabrication than with electronics, a soldering iron would have been a large lump of copper on a shaft, with a wooden handle. You would heat it in a gas flame, and use its pointed end for your soldering. Electric irons have made this a thing of the past, but the basic idea is still one with some merit. [Shake the Future] is here with a modern take on such an iron, one that is heated in the microwave oven.

The business end of the iron is a normal soldering iron bit, but behind it is a piece of sintered silicon carbide, wrapped in ceramic fibre and covered with Kapton tape and a high-teperature-resin 3D printed shield. On the back of that is a 3D printed handle. The whole thing is put in the microwave oven for a few tens of seconds to heat to temperature, and thereafter you have however long the thermal mass of the silicon carbide holds the temperature, in which to do your soldering.

It’s an interesting idea which we can see has some use in situations where you need an iron for a quick job away from your bench but within reach of the kitchen. We like the lateral thinking, and it’s certainly fascinating to see the construction. But in an age of USB-C power packs and irons we have more convenient soldering on the go, so we’re not sure how useful it would be to us.

Silicon carbide is an interesting material, it’s not the first time we’ve written about it being used in a high temperature application.

youtube.com/embed/FbCeJVBJzuY?…

hackaday.com/2025/02/03/a-cord…

settimana scorsa mi sono registrata su mastodon, subito dopo ho scoperto friendica e ora ho deciso che voglio restare solo qui.

Avevo scritto questa presentazione, che trascrivo per completare la descrizione del mio profilo.

Il mio vero nome è Daniela.
Sogno un mondo senza confini e senza passaporti.
Amo lo sport e la natura. Mangio sano e variato e, anche se non mi sento ancora pronta al 100%, vorrei passare a uno stile di vita completamente vegano.
Discendo, in parte, da una famiglia di partigiani friulani e sono antifascista.
Sono femminista.

Mi affascinano le lingue e gli alfabeti stranieri.
Amo viaggiare, da sola.
Dedico un sacco di tempo al volontariato, in particolare a progetti di accoglienza e integrazione di persone con un passato migratorio.

In gioventù ero una smanettona: Napster, MySpace, chat IRC, ICQ e forum online facevano parte del mio quotidiano. Volevo studiare informatica, ma poi chissà perché ho cambiato idea. Linux? Sì, l'ho usato, ma distribuzioni semplici come Mint o Ubuntu. Adesso non più 😒

Al momento sono disoccupata e allergica agli ambienti di lavoro tossici.

Per trattamento illecito di dati personali, il Garante per la Privacy ha disposto a E.On Energia spa di pagare una sanzione che supera gli 890mila euro per violazione Gdpr. Ecco come l'Authority aumenta la pressione nei confronti del telemarketing

L'articolo Telemarketing e trattamento illecito dei dati: la sanzione privacy a E.On sia monito per tutti proviene da Cyber Security 360.

The Universal Serial Bus. The one bus to rule them all. It brought peace and stability to the world of computer peripherals. No more would Apple and PC users have to buy their own special keyboards, mice, and printers. No more would computers sprout different ports for different types of hardware. USB was fast enough and good enough for just about everything you’d ever want to plug in to a computer.

We mostly think of USB devices as being plug-and-play; that you can just hook them up and they’ll work as intended. Fiddle around around with some edge cases, though, and you might quickly learn that’s not the case. That’s just what I found when I started running complicated livestreams from a laptop…

Fool To Try

You’d think an i7 with 16 GB of RAM would be well equipped to handle some audio software, 40 plugins, and a couple of webcams.
When I’m not writing 5,000 words a day as the most forgettable journalist online, I’m running a musical livestream on Twitch. I invented Drumbeats and Dicerolls— a show in which I roll dice in order to write music in Ableton Live. The dice choose the instruments and sometimes even the notes, and then it’s up to me to turn all that into a coherent song.

The concept is simple enough, but on the technical side, it gets a little complicated. Video-wise, I use two webcams—one for me, one to film the dice as I roll them. That’s two USB devices right there. Then I have my mouse and keyboard, both running via a single Logitech wireless dongle. Finally, I have my Steinberg UR22 audio interface—basically a soundcard in an external box that has musician-friendly hookups for professional-grade mics and speakers.

It all adds up to four USB devices in total, all with USB-A ports. That doesn’t sound like much. Only, since my desktop was stolen, I only have a laptop to run the whole show. That presented an immediate hurdle, as my laptop only has two USB-A ports on board, plus a USB-C port on the rear.

I figured I’d hook up a USB-C hub with a few extra ports, and along with my monitor’s additional USB hub, I’d be all good. Trouble struck as I first attempted to stream in this way. Both webcams worked, with one of them even running through a separate NVIDIA Broadcast tool to do some background removal. However, the audio was problematic. Every ten to twenty seconds or so, the sound would drop out or stutter. It was incredibly jarring for a music stream.

Not So Simple

My Razer Kiyo webcam, complete with aftermarket privacy shield.
I was frustrated. This was a problem I’d never had before. In normal life, I’d always just plugged whatever device into whatever USB port with no problems. Even when I’d chained hubs off hubs, I’d seen little issue, even with high-bandwidth devices like HD webcams or portable hard drives. And yet, here I stood. I was plugging, but the gear wasn’t playing.

At first, I figured I just had to tweak my software setup. I was using the Steinberg UR-22 via the Windows Wave drivers in Ableton. I figured if I just used the professional-grade ASIO sound driver instead, my stuttering problem would go away. However, then I found that my streaming software couldn’t naturally capture audio from this device. This necessitated pulling in the Reastream plugin to truck audio from Ableton into Streamlabs, but that wasn’t so hard. I tried a test recording offline, and it all worked great. No stutters, no problems. Only, as soon as I tried streaming live… the stuttering was back, in a big way.
My Logitech C920E webcam. Forgive the beige walls.
For my second stream, I switched things up. I ended up using a USB headset plugged right into my laptop’s native ports for audio, back with the Windows drivers, and kept the Steinberg UR-22 just for recording vocals into the machine. This worked great, with no stuttering on playback. But I had a new problem—only one of my webcams would work at a time. Oh, and the mic feed from the Steinberg was dropping out randomly, ruining my vocal recordings.

Looking at the mess of cables and daisy-chained hubs in front of me, I realized I had to simplify. I put the Steinberg device on the most direct hookup, straight to the laptop’s USB-A port, and set it back up in ASIO mode. Then I connected both webcams to a Lenovo docking station, hooked up by USB-C. I eliminated any extra hubs, ditched the USB headset, and had the most critical device—the Steinberg—connected by a single cable. This had to solve it, right?
My Steinberg UR22 interface, which has never faltered at a gig—but flatly refuses to stop stuttering when I’m livestreaming.
Well, the webcams were now humming along nicely, probably because they now had enough power from the docking station instead of an unpowered hub. But were all the problems fixed? Alas, no. Try as I might, the Steinberg device would stutter every few seconds or so. I double-checked that I didn’t have a CPU, RAM, or hard drive issue—everything came back clear. But for some reason, two webcams and an ASIO device was making the audio choke.

Brick Walls

Hours more troubleshooting rushed by. After all this, I’ve come to findings that confound me as an engineer. I can run two HD webcams and a USB headset with no dropouts, just using basic Windows audio drivers. And yet, trying to use the Steinberg audio interface, it just falters. Even with the webcams degraded to ultra low resolution! This interface has seen me through thick and thin, but it just won’t work under these conditions. Despite the fact it’s using the same sample rate as the USB headset, and should surely be using a similar amount of bandwidth. Regardless, its driver tells me there’s a USB problem and I can’t seem to solve it.
This error plagues me.
The one thing that itches my brain is that the stuttering seems to only happen when I’m streaming live online. When I’m not streaming video, the Steinberg happily operates as rock-solid as the cheap headset. The thing is, my network connection is via a PCI-Express WiFi chip baked into the laptop, so… that’s not even a USB thing.

When I started writing this a week ago, I thought I’d have solved it by now. I’d have a nice clear answer about what went wrong and how I figured it all out. That didn’t come to pass. Part of me wants to rush out and build a desktop PC with a real amount of ports to see if eliminating hubs and nonsense solves my problems. The other part of me wants to redouble my efforts to track down the issue with every last USB inspection utility out there. I’ll probably do the latter and update this article in due course.

Instead of a neat solution, all I’m left with is confusion and a cautionary tale. Just because you can plug a bunch of USB devices together, it doesn’t mean they’ll all work properly and play nicely together. Our computers are more complicated than we expect, it’s just they’re better at hiding it from us these days.

hackaday.com/2025/02/03/usb-hu…

Europol e Eurojust hanno detto quali sono i problemi da affrontare nella lotta alla criminalità informatica. La portata della criminalità digitale è in crescita, le indagini diventano più complesse e i criminali utilizzano metodi sempre più sofisticati per nascondersi. Un nuovo rapporto riassume il lavoro svolto e valuta l’efficacia delle nuove leggi.

Il problema delle prove volatili

Le indagini comportano sempre più spesso l’analisi di enormi quantità di dati. Terabyte di informazioni, distribuiti caoticamente tra server e archivi cloud, rendono il lavoro molto più difficile. Per accedere a dati importanti sono necessari strumenti e specialisti, di cui vi è una grave carenza. Tutto ciò rallenta la ricerca delle prove e rende i criminali meno vulnerabili.

Inoltre, quando le informazioni necessarie vengono improvvisamente perse, le indagini giungono a un punto morto. Se non vengono richiesti in tempo, i dati potrebbero scomparire nel giro di pochi giorni. Alcuni provider conservano i registri per settimane, mentre altri li eliminano quasi immediatamente. Di conseguenza, gli investigatori potrebbero semplicemente non avere il tempo di ottenere le prove necessarie.

Il problema delle VPN e dei Proxy

Ma c’è un altro problema. Quindi negli ultimi anni la crittografia è diventata una prassi comune. Anche i sistemi di messaggistica istantanea utilizzano la crittografia end-to-end, ma i criminali vanno oltre: si nascondono dietro VPN, proxy e server anonimi. L’accesso a questi dati è precluso anche alle agenzie di intelligence e molte aziende si rifiutano di collaborare. Di conseguenza, intere reti criminali restano nell’ombra.

Alcuni servizi sono creati appositamente per impedire alle forze dell’ordine di raggiungere i propri clienti. VPN, hosting underground, messaggistica crittografata: tutto questo offre ai criminali informatici invulnerabilità. Tuttavia, operazioni di successo come l’smantellamento di DoubleVPN e VPNLab dimostrano che la cooperazione internazionale può funzionare.

Tuttavia, le indagini internazionali sono un processo burocratico complesso. Mentre i dati vengono trasferiti da un Paese all’altro in pochi secondi, le richieste formali possono richiedere mesi. E se i criminali si avvalgono di giurisdizioni che non collaborano con Europol, le possibilità di ottenere l’accesso alle informazioni sono quasi pari a zero.

Ma sembra che ci siano miglioramenti in vista

In ogni caso, le leggi europee stanno gradualmente iniziando ad adattarsi alla dura realtà. Una nuova serie di normative sui servizi digitali accelererà il processo di acquisizione dei dati dalle aziende Internet. Ora sarà possibile richiedere informazioni senza complesse procedure burocratiche. La cosa più importante è che le nuove leggi funzionino davvero nella pratica.

Il rapporto sottolinea inoltre che le aziende private continuano a svolgere un ruolo importante nelle indagini. Sono in possesso di un’enorme quantità di informazioni, ma ostacoli legali impediscono loro di trasmetterle alle forze dell’ordine o ai servizi segreti. Le recenti modifiche alla normativa Europol ha conferito all’agenzia la possibilità di ricevere dati direttamente, ma i limiti di tale cooperazione restano aperti.

Secondo Europol, l’intelligenza artificiale viene utilizzata sempre più frequentemente nelle indagini. L’analisi automatizzata dei dati aiuta a individuare i criminali in tempi più rapidi.

La lotta alla criminalità informatica richiede quindi non solo progresso tecnologico e nuove leggi, ma anche cooperazione globale, rimozione delle barriere burocratiche e un equilibrio tra protezione dei dati e necessità di accesso agli stessi.

Solo unendo sforzi, tecnologie e meccanismi legali potremo creare una protezione sostenibile contro le minacce digitali, rendendo il cyberspazio più sicuro per tutti.

L'articolo Criminalità informatica: Europol lancia l’allarme, ma la soluzione è nella Collaborazione proviene da il blog della sicurezza informatica.

Il regolamento europeo sull'intelligenza artificiale inizia a dispiegare i suoi effetti. Da inizio febbraio 2025, con l'entrata in vigore dell'AI Act, scattano i divieti per le intelligenze artificiali identificate a rischio inaccettabile

L'articolo AI Act, scattano i primi divieti: chi rischia le sanzioni e le prossime tappe proviene da Cyber Security 360.

Ricercatori di Palo Alto dalla squadra Unit 42 hanno identificato delle vulnerabilità nel modello linguistico DeepSeek che consentono di aggirare i suoi meccanismi di difesa e di forzare la visualizzazione di contenuti proibiti. Utilizzando tre tecniche evasione – Deceptive Delight, Bad Likert Judge, sono riusciti a raggiungere alti tassi di aggiramento delle restrizioni senza la necessità di una conoscenza tecnica approfondita.

DeepSeek è un’azienda cinese che ha rilasciato due importanti modelli di linguaggio aperto: DeepSeek-V3 nel dicembre 2024 e DeepSeek-R1 nel gennaio 2025. Questi modelli stanno diventando concorrenti dei popolari modelli di OpenAI e si stanno sviluppando attivamente. La ricerca dell’Unità 42 ha dimostrato che anche la sua versione più avanzata resta vulnerabile alla manipolazione, consentendo la generazione di materiali potenzialmente pericolosi.

La tecnica Bad Likert Judge utilizza un sistema di scala di risposta in cui il modello classifica il contenuto in base alla nocività e poi produce esempi dettagliati basati su tali classificazioni.

Questo metodo ha permesso ai ricercatori di ottenere istruzioni su come creare strumenti per il furto di dati e keylogger. Nonostante gli iniziali fallimenti del modello, le query di perfezionamento hanno permesso di aggirare le limitazioni e di ottenere algoritmi dettagliati per gli sviluppatori di malware.

Si tratta di una tecnica di creazione graduale di query in cui il modello prima risponde a domande generali e poi, dopo diverse iterazioni, inizia a impartire istruzioni per azioni proibite. Nei test dei ricercatori, il metodo ha prodotto istruzioni dettagliate per la preparazione di bombe molotov, nonché altro materiale su argomenti correlati alla violenza, al traffico di droga e alla manipolazione sociale.

Deceptive Delight si basa sull’intreccio di contenuti dannosi in una narrazione positiva. Ad esempio, i ricercatori hanno chiesto al modello di creare una storia che collegasse una competizione sulla sicurezza informatica, una prestigiosa università e l’uso di DCOM per eseguire comandi da remoto. In risposta, DeepSeek ha generato un codice di esempio che potrebbe essere utilizzato per attaccare i computer basati su Windows.

Gli esperimenti hanno dimostrato che DeepSeek non solo è vulnerabile a tali attacchi, ma può anche fornire istruzioni dettagliate su come eseguire attacchi informatici, tecniche di ingegneria sociale e altre attività dannose. In alcuni casi, il modello includeva nelle risposte raccomandazioni su come mascherare gli attacchi ed eludere gli strumenti di rilevamento.

Gli esperti avvertono che le vulnerabilità in tali modelli potrebbero portare alla distribuzione su larga scala di strumenti di attacco tra gli intrusi. Sebbene gli sviluppatori LLM tentino di implementare meccanismi di protezione, l’evoluzione dei metodi di bypass rende la lotta contro i jailbreak una corsa continua. Le aziende che utilizzano tali modelli devono monitorarne attentamente l’utilizzo e implementare meccanismi per tracciare le richieste.

L'articolo Il Jailbreak Per DeepSeek è Servito! Come Palo Alto Ha Bypassato I controlli dell’AI proviene da il blog della sicurezza informatica.