Computers and cellphones can do so many things, but sometimes if you want to doodle or take a note, pencil and paper is the superior technology. You could carry a device and a pocket notebook, or you could combine the best of analog and digital with the KeyMo.

[NuMellow] wanted a touchpad in addition to a keyboard for his portable terminal since he felt Raspbian wouldn’t be so awesome on a tiny touchscreen. With a wider device than something like Beepy, and a small 4″ LCD already on hand, he realized he had some space to put something else up top. Et voila, a cyberdeck with a small notebook for handwritten/hand drawn information.

The device lives in a 3D printed case, which made some iterations on the keyboard placement simpler, and [NuMellow] even provided us with actual run time estimates in the write-up, which is something we often are left wondering about in cyberdeck builds. If you’re curious, he got up to 7.5 hours on YouTube videos with the brightness down or 3.5 hours with it at maximum. The exposed screen and top-heaviness of the device are areas he’s pinpointed as the primary cons of the system currently. We hope to see an updated version in the future that addresses these.

If you’d like to check out some other rad cyberdecks, how about a schmancy handheld, one driven by punch cards in a child’s toy, or this one with a handle and a giant scroll wheel?

hackaday.com/2025/07/24/keymo-…

“Combattere il cybercrime è come estirpare le erbacce: se non elimini le radici a fondo, queste ricresceranno” e oggi, più che mai, questa verità si conferma essere vera. Infatti il gruppo hacktivista filorusso NoName057(16) continua a far parlare di sé rivendicando nuove azioni di disturbo e sabotaggio che colpiscono infrastrutture critiche e siti istituzionali italiani.

Tutto questo avviene dopo pochi giorni dall’operazione Eastwood, durante la quale paesi come Italia, Germania, Stati Uniti, Paesi Bassi, Svizzera, Svezia, Francia e Spagna hanno contribuito a rallentare le attività del gruppo di hacker filorussi.

In un recente post pubblicato sul loro canale Telegram (in versione inglese), il collettivo ha annunciato di aver “collassato” diversi siti italiani legati alla gestione portuale e alla difesa, mostrando screenshot di portali irraggiungibili e messaggi di errore come “403 Forbidden” o “Service Unavailable”.

Tra gli obiettivi dichiarati nel post ci sono:

• Associazione dei porti dell’Alto Adriatico
• Forze aeree di Varo d’Italia
• Guardia di finanza italiana
• Gestione del sistema portuale dell’Adriatico Centrale
• Porti di Olbia e Golfo Aranci

Il gruppo ha anche condiviso link a report di monitoraggio (tramite check-host.net) per dimostrare la caduta dei siti presi di mira, accompagnando il messaggio con la consueta retorica provocatoria e l’uso di emoji minacciose. Questa azione conferma la strategia di NoName057(16), che negli ultimi mesi ha intensificato attacchi DDoS e operazioni di defacement contro paesi europei considerati “ostili” alla Russia, tra cui l’Italia.

Ma il quadro diventa ancora più inquietante se si guarda a un altro annuncio recente dello stesso gruppo. Due giorni fa, NoName057(16) ha dichiarato di essersi infiltrato nel sistema di controllo dell’impianto di trattamento delle acque di Ostrava, una città nel nord-est della Repubblica Ceca.

Secondo il messaggio diffuso, gli hacktivisti avrebbero alterato parametri critici del sistema, causando guasti a compressori e pompe, rallentando la filtrazione e creando falsi allarmi che ostacolano il monitoraggio e la manutenzione.

Nella loro rivendicazione, gli hacktivisti hanno spiegato in dettaglio come avrebbero:

• Ridotto artificialmente la pressione dell’aria, portando a cedimenti dei compressori.
• Sbilanciato la logica di funzionamento delle pompe, generando errori di flusso.
• Modificato parametri di differenziale di pressione per far apparire costanti malfunzionamenti.

Il messaggio si chiude con una minaccia esplicita: “Se non ripristinate il controllo e non migliorate la vostra patetica sicurezza informatica, le conseguenze potrebbero essere più gravi: arresto del sistema, contaminazione dell’acqua o danni irreversibili alle apparecchiature. Possiamo ripristinare il controllo, ma solo alle nostre condizioni. Pensate a chi ha davvero il controllo della situazione.”

Questa escalation dimostra come NoName057(16) stia passando da azioni principalmente dimostrative a tentativi di sabotaggio mirati, che puntano a colpire infrastrutture civili essenziali, aumentando così la pressione psicologica e politica sui paesi bersaglio.

Il caso dell’impianto di Ostrava segna un salto di qualità nelle attività del gruppo: non più soltanto attacchi DDoS per bloccare temporaneamente l’accesso a siti istituzionali, ma intrusioni che incidono sul funzionamento reale di sistemi critici.

Un campanello d’allarme per tutti i paesi europei, chiamati a rafforzare la sicurezza delle proprie infrastrutture, che si confermano sempre più nel mirino di gruppi hacktivisti e cyber criminali con finalità politiche.

L'articolo Nuovi attacchi all’Italia da NoName057(16) e una Infiltrazione nel sistema idrico ceco proviene da il blog della sicurezza informatica.

After World War II, as early supersonic military aircraft were pushing the boundaries of flight, it seemed like a foregone conclusion that commercial aircraft would eventually fly faster than sound as the technology became better understood and more affordable. Indeed, by the 1960s the United States, Britain, France, and the Soviet Union all had plans to develop commercial transport aircraft capable flight beyond Mach 1 in various stages of development.
Concorde on its final flight
Yet today, the few examples of supersonic transport (SST) planes that actually ended up being built are in museums, and flight above Mach 1 is essentially the sole domain of the military. There’s an argument to be made that it’s one of the few areas of technological advancement where the state-of-the-art not only stopped moving forward, but actually slid backwards.

But that might finally be changing, at least in the United States. Both NASA and the private sector have been working towards a new generation of supersonic aircraft that address the key issues that plagued their predecessors, and a recent push by the White House aims to undo the regulatory roadblocks that have been on the books for more than fifty years.

The Concorde Scare

Those with even a passing knowledge of aviation history will of course be familiar with the Concorde. Jointly developed by France and Britain, the sleek aircraft has the distinction of being the only SST to achieve successful commercial operation — conducting nearly 50,000 flights between 1976 and 2003. With an average cruise speed of around Mach 2.02, it could fly up to 128 passengers from Paris to New York in just under three and a half hours.

But even before the first paying passengers climbed aboard, the Concorde put American aircraft companies such as Boeing and Lockheed into an absolute panic. It was clear that none of their SST designs could beat it to market, and there was a fear that the Concorde (and by extension, Europe) would dominate commercial supersonic flight. At least on paper, it seemed like the Concorde would quickly make subsonic long-range jetliners such as the Boeing 707 obsolete, at least for intercontinental routes. Around this time, the Soviet Union also started developing their own SST, the Tupolev Tu-144.

The perceived threat was so great that US aerospace companies started lobbying Congress to provide the funds necessary to develop an American supersonic airliner that was faster and could carry more passengers than the Concorde or Tu-144. In June of 1963, President Kennedy announced the creation of the National Supersonic Transport program during a speech at the US Air Force Academy. Four years later it was announced that Boeing’s 733-390 concept had been selected for production, and by the end of 1969, 26 airlines had put in reservations to purchase what was assumed to be the future of American air travel.
Boeing’s final 2707-300 SST concept shared several design elements with the Concorde. Original image by Nubifer.
Even for a SST, the 733-390 was ambitious. It didn’t take long before Boeing started scaling back the design, first deleting the complex swing-wing mechanism for a fixed delta wing, before ultimately shrinking the entire aircraft. Even so, the redesigned aircraft (now known as the Model 2707-300) was expected to carry nearly twice as many passengers as the Concorde and travel at speeds up to Mach 3.

A Change in the Wind

But by the dawn of the 1970s it was clear that the Concorde, and the SST concept in general, wasn’t shaping up the way many in the industry expected. Even though it had yet to make its first commercial flight, demand for the Concorde among airlines was already slipping. It was initially predicted that the Concorde fleet would number as high as 350 by the 1980s, but by the time the aircraft was ready to start flying passengers, there were only 76 orders on the books.

Part of the problem was the immense cost overruns of the Concorde program, which lead to a higher sticker price on the aircraft than the airlines had initially expected. But there was also a growing concern over the viability of SSTs. A newer generation of airliners including the Boeing 747 could carry more passengers than ever, and were more fuel efficient than their predecessors. Most importantly, the public had become concerned with the idea of regular supersonic flights over their homes and communities, and imagined a future where thunderous sonic booms would crack overhead multiple times a day.

Although President Nixon supported the program, the Senate rejected any further government funding for an American SST in March of 1971. The final blow to America’s supersonic aspirations came in 1973, when the Federal Aviation Administration (FAA) enacted 14 CFR 91.817 “Civil Aircraft Sonic Boom” — prohibiting civilian flight beyond Mach 1 over the United States without prior authorization.

In the end, the SST revolution never happened. Just twenty Concorde aircraft were built, with Air France and British Airways being the only airlines that actually went through with their orders. Rather than taking over as the standard, supersonic air travel turned out to be a luxury that only a relatively few could afford.

The Silent Revolution

Since then, there have been sporadic attempts to develop a new class of civilian supersonic aircraft. But the most promising developments have only occurred in the last few years, as improved technology and advanced computer modeling has made it possible to create “low boom” supersonic aircraft. Such craft aren’t completely silent — rather than creating a single loud boom that can cause damage on the ground, they produce a series of much quieter thumps as they fly.

The Lockheed Martin X-59, developed in partnership with NASA, was designed to help explore this technology. Commercial companies such as Boom Supersonic are also developing their own takes on this concept, with eyes on eventually scaling the design up for passenger flights in the future.
The Boom XB-1 test aircraft, used to test the Mach cutoff effect.
In light of these developments, on June 6th President Trump signed an Executive Order titled Leading the World in Supersonic Flight which directs the FAA to repeal 14 CFR 91.817 within 180 days. In its place, the FAA is to develop a noise-based certification standard which will “define acceptable noise thresholds for takeoff, landing, and en-route supersonic operation based on operational testing and research, development, testing, and evaluation (RDT&E) data” rather than simply imposing a specific “speed limit” in the sky.

This is important, as the design of the individual aircraft as well as the environmental variables involved in the “Mach Cutoff” effect mean that there’s really no set speed at which supersonic flight becomes too loud for observers on the ground. The data the FAA will collect from these new breed of aircraft will be key in establishing reasonable noise standards which can protect the public interest without unnecessarily hindering the development of civilian supersonic aircraft.

hackaday.com/2025/07/24/supers…

😍😍😍

youtu.be/18QQWa5MEcs?si=tFj9-s…

#marvel #Fantastic4

Immagina di aprire, come ogni sera, il bookmark del tuo forum preferito per scovare nuove varianti di stealer o l’ennesimo pacchetto di credenziali fresche di breach. Invece della solita bacheca di annunci, ti appare un banner con tre loghi in bella vista: la Brigata francese per la lotta alla cyber‑criminalità, il Dipartimento Cyber dell’intelligence ucraina ed Europol.

Sotto, una scritta secca: «Questo dominio è stato sequestrato». Così è calato il sipario su XSS.IS, la sala d’aste clandestina che per dodici anni ha fatto incontrare sviluppatori di malware, broker di accessi e affiliati ransomware.

Quello che segue non è soltanto il racconto di un blitz all’alba: è la storia di un’indagine a orologeria che, in quattro anni, ha trasformato log di chat cifrate e transazioni Bitcoin in un mandato d’arresto internazionale. È il viaggio dietro le quinte di un’operazione che, colpendo l’infrastruttura e la fiducia, ha dato uno scossone a tutto il mercato nero del cyber‑crime. Se credi che un forum oscuro sia al riparo da occhi indiscreti, questa storia potrebbe farti cambiare idea.

L’indagine francese prende forma (2021‑2023)

Quando, il 2 luglio 2021, la Procura nazionale francese per la criminalità informatica (JUNALCO) apre un dossier su XSS.SI, l’obiettivo è capire come quel forum riesca a restare online malgrado continui riferimenti a estorsioni e intrusioni contro aziende francesi. Gli investigatori della Brigata per la lotta alla cybercriminalità della Préfecture de Police (BL2C) cominciano dal basso: enumerano DNS, analizzano certificati TLS “freschi” e ricostruiscono una mappa di server bullet‑proof in Olanda, Russia e Malesia.

L’intuizione chiave arriva quando un analista nota che, ogni volta che un grosso affare viene concluso sul forum, parecchi utenti citano lo stesso dominio Jabber, thesecure.biz. BL2C chiede al giudice istruttore di monitorare quel server: non un’acquisizione massiva, ma un “log chirurgico” delle chat usate dallo staff. L’ordinanza di intercettazione svela i turni di lavoro dell’amministratore – sempre fra le 9 e le 18 di Kiev – e soprattutto i wallet Bitcoin su cui confluiscono le commissioni del 3 % trattenute sugli escrow (AP News, SecurityWeek).

A fine 2023 il fascicolo è già una pila di prove tecniche: indirizzi IP, timestamp, importi in criptovaluta, screenshot di back‑end e perfino gli hash dei backup automatici salvati dall’admin su un NAS remoto.

Dal nickname al passaporto (2023‑2025)

Individuare il vero nome dietro al nickname richiede pazienza. Europol – entrata in scena con il suo European Cybercrime Centre – incrocia tre famiglie di dati:

• Open‑source e leak: avatar riutilizzati in forum minori, vecchi commit su GitHub e una PGP‑key del 2014 generata a Kyiv.
• Stilometria: gli esperti di linguistica forense confrontano grammatica, emoji e lunghezza media delle frasi con migliaia di post di XSS e con i suddetti commit: la corrispondenza supera il 90 %.
• Follow‑the‑money: grazie a un ordine europeo di indagine, due exchange forniscono i dati Know‑Your‑Customer di chi ha convertito BTC in Tether e poi in contanti presso un chiosco cripto di Kyiv. Le cifre coincidono con i guadagni dell’admin stimati in oltre 7 milioni di euro (Reuters, CyberScoop).

Quando la sicurezza interna ucraina (Služba Bezpeky Ukraïny, Dipartimento Cyber) verifica che l’uomo abita davvero nel quartiere indicato dall’analisi, le tessere del puzzle combaciano.

L’alba del 22 luglio 2025

Alle 06:00 del mattino, gli agenti della SBU suonano alla porta di un appartamento al quarto piano di un condominio di Kyiv. All’interno vengono trovati un portatile Linux, un NAS Synology e due token FIDO: il tutto viene clonato sul posto con kit forensi portatili Europol. Le frasi‑pass – scritte a mano su un taccuino – permettono di decifrare i dischi prima ancora che l’indagato raggiunga la centrale di polizia.

In parallelo, i registrar che gestiscono xss.is ricevono un ordine di sequestro francese, controfirmato da Europol, e reindirizzano il DNS verso un server a Parigi con il banner di presa in carico. Lo stesso succede al nodo Jabber: il traffico residuo confluisce in un sinkhole sotto controllo della polizia, utile per mappare affiliati ignari che tentano di collegarsi (Hackread, Ars Technica).

Nel giro di due ore il forum scompare dal web e il presunto amministratore – un trentacinquenne ucraino – è in custodia cautelare con accuse di associazione a delinquere, estorsione e riciclaggio di denaro.

Timeline sintetica

Gli “sportelli bancari” del dark‑web

Se XSS era la piazza, il suo vero tesoro era il servizio di escrow: un amministratore‑garante che custodiva i fondi finché compratore e venditore non dichiaravano “ok, tutto a posto”. Commissione fissa: 3 % – a volte 5 % per le vendite più rischiose (securitymagazine.com, ReliaQuest). Il pagamento avveniva in Bitcoin, l’ok finale via Jabber. È lo stesso modello che vediamo su Exploit e WWH‑Club, ma XSS aveva due plus: arbitri veloci (entro 24 ore) e un canale “VIP” per transazioni sopra i 50 000 dollari.

Un altro indizio: anche thesecure.biz è irraggiungibile

Anche thesecure.biz – il server Jabber usato dallo staff di XSS per gestire le dispute e gli escrow – risulta completamente offline. Una semplice “multiloc check” (vedi screenshot) mostra timeout da tutti i nodi di test, dall’Australia alla Finlandia: nessuna risposta HTTP, nessun banner sostitutivo, soltanto silenzio di rete.

Dentro il database sequestrato

Secondo fonti vicine all’inchiesta, il dump recuperato nel blitz contiene:

• 13 TB di post, messaggi privati e log Jabber;
• 93 000 escrow chiusi (2019‑2025) con importi e wallet associati;
• oltre 1 000 arbitrati con prove di truffe interne (screenshot, file crittati, PGP‑sign).

Per le forze dell’ordine è oro puro: incrociando i wallet con le blacklist di Chainalysis e il database di reclami antiriciclaggio, è possibile risalire a broker di accessi, sviluppatori di ransomware e persino mule che riciclavano il denaro. Gli incident‑responders, invece, potranno avvisare le aziende i cui dati compaiono tra i “pacchetti” venduti: un’occasione rara per chiudere la filiera degli attacchi prima che si concretizzino.

Domino effect: i forum tremano

Con XSS offline, i flussi migrano su Exploit e su piccoli canali Telegram. Ma la “garanzia” manca: aumentano le truffe, come dimostrano i primi thread di scam‑report pubblicati su Exploit meno di 48 ore dopo il sequestro. È la stessa dinamica vista dopo i blitz contro Genesis Market (aprile 2023) e BreachForums (2023‑2024): senza un arbitro credibile, il dark‑web diventa Far West e i margini di profitto crollano (Ministero della Giustizia, CyberScoop).

Uno sguardo al futuro

• Indagini a cascata – Come per Genesis, il banner di sequestro potrebbe presto invitare gli utenti a “farsi vivi” in cambio di uno sconto di pena.
• Forum più piccoli, più privati – Gli operatori migreranno su reti Tox, session “ghost” in Matrix e canali Telegram one‑to‑one.
• Escrow decentralizzati – Si parla già di smart‑contract su blockchain anonime per non dipendere da un singolo garante. Ma la storia insegna che, senza fiducia umana, i contratti automatici durano poco.

Conclusione

Il sequestro di XSS non è solo un arresto in più: è un attacco diretto al meccanismo di fiducia che sorregge i mercati criminali. Senza escrow, il dark‑web rischia di implodere in micro‑comunità sospettose. E ogni nuova micro‑community sarà, a sua volta, un bersaglio più facile da infiltrare.

Fonti utilizzate per questo articolo

Europol, Reuters, Associated Press, SecurityWeek, Infosecurity‑Magazine, CyberScoop, ReliaQuest, Digital Shadows, Department of Justice (Genesis Market), Trend Micro (Operation Cronos), Europol (Operation Endgame) (AP News, Reuters, CyberScoop, SecurityWeek, Europol, trendmicro.com, Ministero della Giustizia, ReliaQuest)

L'articolo XSS.IS messo a tacere! Dentro l’inchiesta che ha spento uno dei bazar più temuti del cyber‑crime proviene da il blog della sicurezza informatica.

redhotcyber.com/post/xss-is-me…

Neha Madhira grew up in North Texas with the TV constantly buzzing with world news. Madhira, now 24, recognized that journalism was key to keeping her family informed on the happenings back home in India. But with state-sanctioned violence limiting journalists on the ground from reporting, and few legacy media outlets with reporters that looked like her left to report on it, Madhira also knew there were gaps to be filled.

Nearly a decade later, Madhira is bridging the gaps in Western media’s health and education coverage of the Middle East-North Africa region, South Asia, and their diasporas. The contacts she’s built have allowed her to expand her reporting focus — she recently collaborated with Freedom of the Press Foundation (FPF) on an article for The Intercept featuring testimonials from journalists targeted by the Israeli military.

“In a time where press freedom is definitely in question in the U.S. right now, and censorship on social media and in newsroom settings is even becoming more and more common, it’s really important for me that I stay true to my values of why I started reporting,” Madhira said. “I use freelancing to try my best to cover that gap in reporting when it comes to Western media, and try to cover the communities that I know deserve a platform.”

Madhira first spent years covering breaking news, the COVID-19 pandemic, and the social movements of 2020 for local newsrooms in Austin, Texas, while studying journalism and women’s and gender issues. But with activism movements roaring overseas, coupled with the lack of coverage on the impacts of the pandemic in India, she saw freelancing as an opportunity to cover issues happening in countries that face extreme press censorship for audiences overseas and in the U.S.

“A big part of my job during the pandemic, and even now, is reaching out to health care officials, regardless of what’s happening, to actually see who it’s affecting, why it’s affecting them, and what resources people need,” Madhira said. “If there’s a possibility that that information is being withheld from the public, that becomes a problem. How are we supposed to continue to inform and educate the public on how to stay safe during a pandemic or epidemic if we don’t even have that information to begin with?”

She has built close relationships with journalists on the ground in Iran, Afghanistan, India, Gaza, and the West Bank, relying on their reporting to reach audiences in the U.S. and abroad. Recognizing the privilege she holds, Madhira does her best to ensure their perspectives are reflected in her writing.

“I covered the Woman, Life, Freedom movement in Iran very extensively,” she said. “Two journalists who I really looked up to were arrested around this time last year. I wrote a story on that, and I noticed that a lot of Iranian and Iranian American activists were reaching out to me, appreciating the fact that the story was written, because even writing about their release and the details of how they are doing and how journalism and activism is continuing within the country is a privilege.”

Over the past year and a half, Madhira has covered the medical and humanitarian infrastructure collapses in Gaza and the West Bank, as well as the campus encampments in protest of Israel’s actions, and the shadowy organizations collaborating with the government to identify and persecute students and others who are critical of Israel.

“As we see less and less news coming out of Gaza, I urge people to not look away.”

Neha Madhira

With more than 180 journalists killed by Israel to date, media blackouts, and censorship on social media, Madhira writes to amplify the voices of her colleagues remaining on the ground, including those whose stories she wrote about in The Intercept.

“I have advocated for Palestine since I was a child, and at the beginning of October 2023, I was horrified at the language being used to dehumanize Palestinians,” she said. “As a journalist, I was seeing the gaps in Western media coverage and its support of Israel, and I wanted to help change this narrative in any way I could. As we see less and less news coming out of Gaza, I urge people to not look away and to pay closer attention to passive voice being used to describe the atrocities Palestinians continue to face every day.”

While the stories that Madhira tells are urgent and deserving of immediate attention, communicating with people on the ground in Gaza is a slow, challenging process. “Most of the people I’ve interviewed, whether that be journalists, or medical workers, or humanitarian workers, there is a small gap every single day that they have access to the internet, and we have used that to communicate with each other every single day,” she said. “I continue to do that because their voices are the most important and the most pertinent.”

Reporting from the U.S. on Palestine has not come without its own battles against censorship. Having experienced “shadow banning” that has limited visibility of her social media posts, she said the public must pay attention to the ways social media platforms moderate content to censor certain news, and she calls for users to consume content carefully. By amplifying journalists’ content on social media, independent reporting can reach wider audiences and fight against algorithmic suppression, Madhira added.

“There are a lot more people who are in the dark about what is happening than you would think,” she said. “There are so many nonprofit, independent newsrooms, not only in the U.S., but around the world who do incredible reporting for very little money, and it’s important to pay attention, because these journalists are some of the most skilled and experienced within their field.”

freedom.press/issues/freelanci…