Nelle ultime settimane, il panorama delle minacce è stato scosso dall’emergere di attacchi che sfruttano la combinazione letale di due vulnerabilità zero-day, CVE-2024-9680 e CVE-2024-49039, collegate rispettivamente a Firefox e a Windows. L’obiettivo è stato identificato in una campagna mirata guidata dal gruppo di cybercriminali dietro la backdoor RomCom. Questa operazione dimostra una sofisticazione crescente nei metodi di attacco e una pericolosa rapidità nello sfruttamento di vulnerabilità.

Le vulnerabilità e il meccanismo di attacco

CVE-2024-9680, una vulnerabilità use-after-free nelle timeline di animazione di Firefox, permette l’esecuzione di codice malevolo senza necessità di interazione da parte della vittima. Gli attacchi che sfruttano questa vulnerabilità sono stati confermati in-the-wild, con un punteggio di gravità pari a 9.8 su 10, evidenziando la sua pericolosità e criticità.

La seconda vulnerabilità, CVE-2024-49039, una falla di elevazione dei privilegi in Windows, consente agli attaccanti di compromettere il sistema sfruttando la combinazione con lo zero-day di Firefox, guadagnando accesso completo al dispositivo della vittima.

La catena di compromissione, scoperta da Damien Schaeffer di ESET, ha avuto inizio con un sito web malevolo progettato per reindirizzare gli utenti a un server che ospitava un exploit zero-click. Non è stata necessaria alcuna interazione da parte dell’utente: una volta attivato, l’exploit scaricava e installava RomCom Backdoor, un malware avanzato che consente agli attaccanti di eseguire comandi remoti, raccogliere informazioni sensibili e scaricare moduli aggiuntivi per ampliare le capacità del malware.

La campagna, attiva tra ottobre e novembre 2024, ha colpito principalmente utenti in Europa e Nord America, mirandoli in particolare nei settori governativo, energetico e sanitario. La scelta di questi settori strategici sottolinea l’interesse di RomCom per dati sensibili e operazioni di sabotaggio.

Mappa delle potenziali vittime che riporta ESET

RomCom: Il gruppo dietro gli attacchi

RomCom (noto anche come Tropical Scorpius o UNC2596) è un gruppo di cybercriminali allineato con la Russia, coinvolto in numerose campagne di cybercrimine e spionaggio. Già nel 2023, aveva sfruttato un attacco zero-day tramite Microsoft Word, dimostrando la sua capacità di adattarsi alle nuove vulnerabilità. Nel 2024, RomCom ha espanso la sua attività colpendo settori critici in Ucraina, Europa e Stati Uniti, confermando l’intensificazione della sua operatività nel rubare dati strategici e danneggiare infrastrutture critiche.

Tempestività nelle Patch

La tempestività nella risposta alle vulnerabilità è stata cruciale per mitigare l’impatto di questa campagna. Mozilla, ad esempio, ha dimostrato una reattività eccezionale: entro 48 ore dalla segnalazione da parte di ESET, sono stati distribuiti aggiornamenti per Firefox e Thunderbird, garantendo protezione agli utenti contro CVE-2024-9680. Anche Microsoft ha seguito rapidamente con il rilascio della patch per CVE-2024-49039 il 12 novembre, chiudendo un’importante porta di accesso sfruttata dagli attaccanti. Questi interventi rapidi hanno dimostrato l’importanza di una collaborazione efficace tra ricercatori di sicurezza e aziende tecnologiche per contenere le minacce prima che possano espandersi su scala più ampia.

Raccomandazioni

1. Aggiornamenti immediati: Applicare prontamente le patch per i browser e i sistemi operativi è fondamentale per proteggere i propri dispositivi da vulnerabilità simili a quelle sfruttate in questa campagna.
2. Monitoraggio continuo: Implementare strumenti avanzati di rilevamento per identificare movimenti laterali e comandi malevoli è cruciale per evitare che gli attaccanti possano passare inosservati.
3. Consapevolezza del personale: Formare i dipendenti sui rischi legati a siti web fasulli e vulnerabilità zero-click può fare la differenza nella prevenzione degli attacchi.

Conclusione

La campagna RomCom evidenzia una crescente sofisticazione nelle operazioni dei gruppi di cybercriminali allineati a stati nazionali, con un utilizzo sempre più frequente di vulnerabilità zero-day per eseguire attacchi mirati e devastanti. La combinazione di falle in Firefox e Windows ha dimostrato come gli exploit possano aggirare le protezioni tradizionali, colpendo senza alcuna interazione da parte delle vittime. Tuttavia, la tempestività nella distribuzione delle patch da parte di Mozilla e Microsoft sottolinea l’importanza di una risposta rapida e coordinata per limitare i danni. Questa vicenda ci ricorda l’urgenza di mantenere sistemi aggiornati, monitorare attivamente le minacce e investire nella sicurezza informatica, poiché i rischi non solo evolvono, ma colpiscono con una velocità senza precedenti.

L'articolo Scoperto l’attacco zero-day più sofisticato del 2024 e RomCom e la Backdoor invisibile proviene da il blog della sicurezza informatica.

There can be few among those of us who produce printed circuit boards, who have not at some point placed a component the wrong way round, or with the wrong footprint. Usually this can be rectified with a bit of rework and a fresh board spin, but just occasionally these mishaps make it into the wild undetected. It seems nobody is immune, as [Doug Brown] is here to tell us with a tale of an Apple product with a misplaced capacitor.

The LC series of Macs came out through the early 1990s, and their pizza-box style cases could be found slowly turning yellow in universities and schools throughout that decade. Of them there was a persistent rumor of the LCIII had a misplaced capacitor, so when he received an unmodified original machine he took a look. The investigation is quite simple, but revealing — there are three power supply rails and one of the capacitors does have a significant leak.

The explanation is simple enough, the designer had placed a capacitor on each rail, with its negative side to the ground plane, but one of the rails delivers -5 volts. Thus the capacitor is the wrong way round, and must have failed pretty early in the lifetime of each LCIII. We’re curious then since so many of them went through their lives without the component being replaced, how the circuit remained functional. We’re guessing that there were enough other capacitors in the -5 volt line to provide enough smoothing.

hackaday.com/2024/11/27/even-a…

If you think your job sucks, be grateful you’re not this homebrew sewer inspection robot.

Before anyone gets upset, yes we know what [Stargate System] built here isn’t a robot at all; it’s more of a remotely operated vehicle. That doesn’t take away from the fact that this is a very cool build, especially since it has to work in one of the least hospitable and most unpleasant environments possible. The backstory of this project is that the sewer on a 50-year-old house kept backing up, and efforts to clear it only temporarily solved the problem. The cast iron lateral line was reconfigured at some point in its history to include a 120-degree bend, which left a blind spot for the camera used by a sewer inspection service. What’s worse, the bend was close to a joint where a line that once allowed gutters and foundation drains access to the sewer.

To better visualize the problem, [Stargate] turned to his experience building bots to whip up something for the job. The bot had to be able to fit into the pipe and short enough to make the turn, plus it needed to be — erm, waterproof. It also needed to carry a camera and a light, and to be powered and controlled from the other end of the line. Most of the body of the bot, including the hull and the driving gear, was 3D printed from ABS, which allowed the seams to be sealed with acetone later. The drive tracks were only added after the original wheels didn’t perform well in testing. Controlling the gear motors and camera was up to a Raspberry Pi Zero, chosen mostly due to space constraints. An Ethernet shield provided connectivity to the surface over a Cat5 cable, and a homebrew PoE system provided power.

As interesting as the construction details were, the real treat is the down-hole footage. It’s not too graphic, but the blockage is pretty gnarly. We also greatly appreciated the field-expedient chain flail [Stargate] whipped up to bust up the big chunks of yuck and get the pipe back in shape. He did a little bit of robo-spelunking, too, as you do.

And no, this isn’t the only sewer bot we’ve ever featured.

youtube.com/embed/adGp3PADKsk?…

hackaday.com/2024/11/27/diy-pi…

[Angus] of Maker’s Muse has a video with a roundup of different 3D-printable hinge designs, and he points out that a great thing about 3D printing objects is that adding printable features to them is essentially free.
These hinges have an indexing feature that allows them to lock into place, no additional parts needed.
A great example of this is his experimental print-in-place butt hinge with indexing feature, which is a hinge that can lock without adding any additional parts. The whole video is worth a watch, but he shows off the experimental design at the 7:47 mark. The hinge can swing normally but when positioned just right, the squared-off pin within slots into a tapered track, locking the part in place.

Inspired by a handheld shopping basket with a lockable handle, [Angus] worked out a design of his own and demonstrates it with a small GoPro tripod whose legs can fold and lock in place. He admits it’s a demonstration of the concept more than a genuinely useful tripod, but it does show what’s possible with some careful design. Being entirely 3D printed in a single piece and requiring no additional hardware is awfully nice.

3D printing is very well-suited to this sort of thing, and it’s worth playing to a printer’s strengths to do for pennies what one would otherwise need dollars to accomplish.

Want some tips on designing things in a way that take full advantage of what a 3D printer can achieve? Check out printing enclosures at an angle with minimal supports, leveraging the living hinge to print complex shapes flat (and fold them up for assembly), or even print a one-piece hinge that can actually withstand a serious load. All of those are full of tips, so keep them in mind the next time you design a part.

hackaday.com/2024/11/27/would-…

Le Ransomware Gang colpiscono anche le squadre del cuore. Il Bologna FC, uno dei club storici della Serie A, è stata rivendicata come vittima di un attacco ransomware presumibilmente condotto dal gruppo RansomHub.

Questo attacco evidenzia come i cybercriminali non risparmino neanche il mondo dello sport, utilizzando l’esfiltrazione di dati sensibili come leva per estorcere denaro. Secondo quanto riportato, sarebbero stati sottratti 200 GB di dati riservati, inclusi documenti aziendali, strategie di mercato e informazioni personali di tifosi, calciatori e staff.

Al momento, non possiamo confermare la veridicità della notizia, poiché l’organizzazione non ha ancora rilasciato alcun comunicato stampa ufficiale sul proprio sito web riguardo l’incidente. Pertanto, questo articolo deve essere considerato come ‘fonte di intelligence’.

RansomHub e il modello RaaS

RansomHub opera con il modello di Ransomware-as-a-Service (RaaS), una struttura che consente agli affiliati di lanciare attacchi utilizzando strumenti forniti dal gruppo centrale. Questo sistema non si limita al blocco dei dati tramite crittografia, ma punta sull’esfiltrazione delle informazioni e sulla successiva minaccia di pubblicarle per aumentare la pressione sulle vittime.

Nel caso del Bologna FC, il gruppo avrebbe dichiarato che il club non dispone di misure di sicurezza adeguate, utilizzando il GDPR come ulteriore strumento di coercizione. Le sanzioni previste dal regolamento europeo per la mancata protezione dei dati possono raggiungere i 10 milioni di euro o il 2% del fatturato, un fattore che potrebbe spingere le vittime a considerare il pagamento del riscatto.

Dati sottratti

RansomHub afferma di aver trafugato una vasta quantità di informazioni, inclusi:

• Contratti di sponsorizzazione con dettagli economici.
• Strategie aziendali e commerciali del club.
• Dati personali di giocatori, tifosi e dipendenti.
• Documenti medici completi dei calciatori.
• Informazioni su trasferimenti e giovani talenti.
• Scansioni di passaporti e dettagli bancari, tra cui quello dell’allenatore Vincenzo Italiano.

Alcuni screenshot di questi documenti sarebbero stati già pubblicati nel dark web, dimostrando l’autenticità del furto e intensificando la pressione sul Bologna FC.

Conclusione

Se confermato, l’attacco al Bologna FC rappresenta un segnale d’allarme per tutte le organizzazioni, sportive e non. La combinazione ditecnologie avanzate e tattiche di pressionesta trasformando i ransomware in una delle minacce più insidiose del nostro tempo. Con un attacco simile, il mondo dello sport non può più ignorare la crescente minaccia cyber. È cruciale adottare strategie di sicurezza che comprendano monitoraggi costanti, l’implementazione di tecnologie avanzate e una cultura della cybersecurity condivisa tra tutte le figure aziendali. Solo così sarà possibile evitare che il prossimo club a essere colpito possa vedere i propri dati, e la propria reputazione, messi in pericolo.

Come nostra consuetudine, lasciamo sempre spazio ad una dichiarazione da parte dell’azienda qualora voglia darci degli aggiornamenti sulla vicenda. Saremo lieti di pubblicare tali informazioni con uno specifico articolo dando risalto alla questione.

RHC monitorerà l’evoluzione della vicenda in modo da pubblicare ulteriori news sul blog, qualora ci fossero novità sostanziali. Qualora ci siano persone informate sui fatti che volessero fornire informazioni in modo anonimo possono utilizzare la mail crittografata del whistleblower.

L'articolo Il Bologna FC nel mirino di RansomHub che rivendica 200 GB di dati! proviene da il blog della sicurezza informatica.

This week, Jonathan Bennett and Lars Wikman chat about Elixir and Nerves — a modern language that’s a take on Erlang, and an embedded Linux approach for running Elixir code on devices.

• underjord.io/feed/
• elixir-lang.org/
• nerves-project.org/
• Introducing Elixir and the ecosystem from Oredev 2023
• Introducing Nerves from Oredev 2024 (just released)
• The Soul of Erlang & Elixir, by Sasa Juric

Subscribe to catch the show live, and come to Hackaday for the rest of the story!

youtube.com/embed/ZGKxutJVw_g?…

Did you know you can watch the live recording of the show Right on our YouTube Channel? Have someone you’d like us to interview? Let us know, or contact the guest and have them contact us! Take a look at the schedule here.

play.libsyn.com/embed/episode/…

Direct Download in DRM-free MP3.

If you’d rather read along, here’s the transcript for this week’s episode.

Places to follow the FLOSS Weekly Podcast:

• Spotify
• RSS

Theme music: “Newer Wave” Kevin MacLeod (incompetech.com)

Licensed under Creative Commons: By Attribution 4.0 License

hackaday.com/2024/11/27/floss-…

Un attore malevolo ha pubblicato su un forum nel dark web due annunci in cui afferma di aver ottenuto accesso non autorizzato alla piattaforma cloud di Oracle e ai server di un’importante azienda globale nel settore sanitario.

Le dichiarazioni del cybercriminale sollevano preoccupazioni significative riguardo alla sicurezza delle infrastrutture critiche e alla protezione dei dati personali a livello globale.

Attualmente, non possiamo confermare l’autenticità della notizia, poiché l’organizzazione non ha ancora pubblicato un comunicato ufficiale sul proprio sito web in merito all’incidente. Le informazioni riportate provengono da fonti pubbliche accessibili su siti underground, pertanto vanno interpretate come una fonte di intelligence e non come una conferma definitiva.

Primo Post: Vendita di Accesso API di Oracle Cloud

Nel primo post, il cybercriminale ha dichiarato di aver compromesso l’accesso alla piattaforma cloud di Oracle, offrendolo in vendita al miglior offerente per la cifra di 100.000 dollari in cripto.

Oracle, è un colosso globale nel campo del software aziendale e delle soluzioni cloud, rappresenta una colonna portante della tecnologia mondiale. La compromissione di un accesso API esclusivo alla sua piattaforma potrebbe avere ripercussioni devastanti, potenzialmente aprendo la porta a exploit su larga scala contro aziende clienti e interi ecosistemi digitali.

Secondo Post: Dati Sanitari Globali Esposti

Nel secondo annuncio, l’attore malevolo ha alzato ulteriormente la posta, dichiarando di aver violato i server di un’importante azienda sanitaria globale sfruttando le infrastrutture Oracle. Secondo quanto riportato, l’attacco avrebbe portato all’accesso e alla vendita di dati sensibili relativi a milioni di cittadini in tutto il mondo. Tra le informazioni compromesse si troverebbero:

• Dati identificativi personali
• Numeri di telefono
• Nomi completi
• Indirizzi email
• Dettagli sensibili aggiuntivi

L’attore sostiene inoltre di avere pieno controllo sui server cloud e sulle applicazioni utilizzate dall’azienda sanitaria, mettendo i dati rubati in vendita per una cifra di 15.000 dollari, accettando criptovalute come Bitcoin, Ethereum o Litecoin.

Per contattare direttamente il criminale, è stato persino fornito un indirizzo Tox, segnalando l’intento di negoziare o vendere informazioni senza lasciare tracce attraverso canali anonimi e criptati.

Le conseguenze potenziali di queste violazioni, se confermate, sono estremamente gravi. I dati personali di milioni di persone potrebbero finire nelle mani sbagliate, alimentando frodi finanziarie, furti d’identità e altre attività criminali. Inoltre, la vendita di accesso API alla piattaforma cloud di Oracle potrebbe dare a ulteriori attori malevoli la possibilità di perpetrare attacchi su scala ancora maggiore, danneggiando clienti aziendali e infrastrutture critiche.

Di fronte a queste minacce, è imperativo agire rapidamente e con decisione. Alcune misure chiave includono:

1. Monitorare i forum del dark web: Tracciare l’attività legata a queste dichiarazioni per rilevare sviluppi e rischi imminenti.
2. Verificare l’autenticità delle affermazioni: Collaborare con esperti di sicurezza per identificare le vulnerabilità e limitarne immediatamente l’impatto.
3. Proteggere clienti e utenti finali: Comunicare con trasparenza e offrire supporto a coloro che potrebbero essere stati colpiti.
4. Implementare audit approfonditi: Rafforzare la sicurezza dei sistemi Oracle e dei partner aziendali attraverso controlli e aggiornamenti rigorosi.

Le dichiarazioni di questo attore malevolo non sono solo un segnale d’allarme, ma un vero e proprio invito all’azione. Oracle e le aziende coinvolte devono reagire con urgenza, adottando misure preventive e correttive per proteggere i propri sistemi e la privacy degli utenti.

Come nostra consuetudine, lasciamo sempre spazio ad una dichiarazione da parte dell’azienda qualora voglia darci degli aggiornamenti sulla vicenda. Saremo lieti di pubblicare tali informazioni con uno specifico articolo dando risalto alla questione.

RHC monitorerà l’evoluzione della vicenda in modo da pubblicare ulteriori news sul blog, qualora ci fossero novità sostanziali. Qualora ci siano persone informate sui fatti che volessero fornire informazioni in modo anonimo possono utilizzare la mail crittografata del whistleblower.

L'articolo Attacco Hacker su Scala Globale: Oracle e Salute Pubblica nel Mirino proviene da il blog della sicurezza informatica.

Fossil fuels can be a bit fussy to access, and geopolitics tends to make prices volatile. Burning them also takes carbon out of the ground and puts it into the atmosphere, with undesirable climate implications. The hunt for a solution has been on for quite some time.

Various synthetic fuels have been proposed as a solution, wherein carbon dioxide is captured from the air and chemically processed into useful fuel. Done properly, this could solve the climate issue where any fuel burned has its carbon later captured to make more fuel. The problem, though, is that this process is very energy intensive. Given the demands, it’s no surprise that some are looking towards nuclear reactors for the answer.

Hot To Go

Synthetic fuels are typically designed to replace conventional gasoline, diesel, or jet fuel. Credit: DOE, public domain
Burning fossil fuels is bad for the environment, but the problem is that they’re so very useful. Take transport, for example. Fossil fuels are perfect for this application because they pack a huge amount of energy into very little space while weighing relatively little to boot. At the same time, more than a third of global carbon emissions in 2021 came from transportation, according to the International Energy Agency. While electric vehicles are rapidly gaining market share in some areas, the complete phase out of internal combustion engines is by no means a sure thing. Meanwhile, sectors like aviation are proving especially difficult to fully electrify. We want to get off fossil fuels, but circumstances demand we continue to use them.

Enter synthetic fuels. They’re essentially drop-in replacements for gasoline, diesel and jet fuel that are produced from CO2, water and clean energy rather than being refined from petroleum. When made using captured CO2 and cleanly-produced hydrogen, they have the potential to significantly reduce transport emissions when taking the whole system into account. All this, without requiring an entirely new fueling infrastructure or any changes for the end user.

By capturing carbon and then chemically processing it into a useful combustible fuel, we could keep using existing technologies that we already find practical, like combustion-engined vehicles. Their emissions would still be undesirable, but they’d be offset by the capture process used to make new fuel. The idea is to create a closed loop for carbon emissions. The problem is finding a synfuel production process that’s efficient—both in terms of carbon capture and chemical processing—and to find the energy to run it.

Indeed, synthesizing hydrocarbons is an energy-intensive process. The process is well-understood at this point. Capturing CO2 from the air, generating hydrogen via electrolysis, and catalytically combining them into fuels at high temperatures and pressures all require a lot of energy input. For synfuels to deliver real climate benefits, this energy must come from clean, non-fossil sources.
The Department of Energy has a strong interest in nuclear synfuel production. Credit: Argonne National Laboratory
What do we do when we need a lot of power with minimum emissions? We look at nuclear! Several U.S. Department of Energy labs are actively researching nuclear-powered synfuel production, and the DOE is funding a $20 million demonstration project in Utah. Meanwhile, in the United Kingdom, the Nuclear Industry Association has been urging the country to seize a leadership position in this emerging field as well.

On a very basic level, a conventional nuclear power plant could provide electricity for various processes involved in synthetic fuel production. However, that’s not the only way to go. For some processes, the heat from a nuclear reactor could be directly used to power the synfuel production process. That is, rather than using heat from a nuclear reaction to create steam to turn a turbine, a purpose-built synfuel reactor could just deliver heat directly to a chemical process that needs it. Nuclear heat could be useful for desalinating seawater for hydrogen electrolysis, or for carbon capture, too.
The chemistry involved in synfuel production is well understood. The problem is figuring out how to do it cheaply enough to be competitive with fossil fuels, while using clean sources of CO2 and hydrogen. Credit: Argonne National Laboratory
The question is whether all the effort will be worthwhile. Competing with regular old fossil fuels on price will be a must, even if some degree of subsidy is used to lean the scales in the favor of synfuels. There are hopes that nuclear-produced synfuels could reach prices of $3 a gallon with the right feedstocks and input costs, but that’s words on a page at this stage. There is plenty of engineering to be done before you’ll be filling your car with 20 gallons of nuke gas at your local station.

Efficiency also comes into it, and this could play a big role in how synfuels pan out. Take cars, for example. Automakers have figured out how to make supremely efficient electric vehicles in the past decade. Electrical engineers have become experts at squirting power efficiently all over the country, and there are more EV charging stations than ever. Does it make sense to spin up bespoke nuclear synfuel plants to keep internal combustion alive, when the technology to replace it already exists? Arguments could be made for more demanding applications like trucking or aviation, but then the market for synfuels grows smaller.
Synthetic fuels are particularly attractive for the aviation industry, which has found electrification hard to achieve due to the limits of battery technology. Credit: US Air Force, public domain
In any case, nuclear synfuel holds great promise. Whether it can overcome the general resistance towards all nuclear technologies remains to be seen. Still, the tides may be changing on that front, and the future is anyone’s guess. If you’re a fan of fossil fuels and the like, be happy—there is hope yet that the flammable fluid market will roll on.

hackaday.com/2024/11/27/could-…

During World War II, shipboard life in the United States Navy was a gamble. No matter which theater of operations you found yourself in, the enemy was all around on land, sea, and air, ready to deliver a fatal blow and send your ship to the bottom. Fast forward a couple of decades and Navy life was just as hazardous but in a different way, as this Navy training film on the shipboard hazards of low-voltage electricity makes amply clear.

With the suitably scary title “115 Volts: A Deadly Shipmate,” the 1960 film details the many and various ways sailors could meet an untimely end, most of which seemed to circle back to attempts to make shipboard life a little more tolerable. The film centers not on the risks of a ship’s high-voltage installations, but rather the more familiar AC sockets used for appliances and lighting around most ships. The “familiarity breeds contempt” argument rings a touch hollow; given that most of these sailors appear to be in their 20s and 30s and rural electrification in the US was still only partially complete through the 1970s, chances are good that at least some of these sailors came from farms that still used kerosene lamps. But the point stands that plugging an unauthorized appliance into an outlet on a metal ship in a saltwater environment is a recipe for being the subject of a telegram back home.

The film shows just how dangerous mains voltage can be through a series of vignettes, many of which seem contrived but which were probably all too real to sailors in 1960. Many of the scenarios are service-specific, but a few bear keeping in mind around the house. Of particular note is drilling through a bulkhead and into a conduit; we’ve come perilously close to meeting the same end as the hapless Electrician’s Mate in the film doing much the same thing at home. As for up-cycling a discarded electric fan, all we can say is even brand new, that thing looks remarkably deadly.

The fact that they kept killing the same fellow over and over for each of these demonstrations doesn’t detract much from the central message: follow orders and you’ll probably stay alive. In an environment like that, it’s probably not bad advice.

youtube.com/embed/ylhf1dLD6QA?…

hackaday.com/2024/11/27/retrot…

Ciao a tuttə del Poliverso! 😺

Io sono Synth, è un anno ormai che sono nel #Fediverse e ho deciso di espandermi su Friendica per esplorarne le possibilità dato che è un po' di tempo che nutro curiosità per questo software.

Questo account non è il mio main, quello lo potete trovare su Misskey.social sul mio profilo @synthBirba , quello rimarrà il mio profilo "generico" ITA/ENG, qui vorrei concentrarmi nel comunicare esclusivamente in italiano e con persone che parlano la stessa lingua.

Ho scelto questa istanza perchè mi è capitato diverse volte di interagire con utenti che vengono da qui ^^

Presto farò l'annuncio anche sul mio main su Misskey per confermare il "collegamento" degli account (e sempre presto spero di approdare su PixelFed per caricare foto di gatti e quel che capita!)

Spero di trovarmi bene, di conoscere sempre più gente e di interagire in maniera interessante anche per voi c:

La squadra del presidente eletto Donald Trump sta discutendo la possibilità di creare una nuova posizione: quella di curatore dell’intelligenza artificiale. Questo specialista coordinerà la politica federale e l’uso delle tecnologie di intelligenza artificiale nelle agenzie governative

La scelta del candidato sarà influenzata in modo significativo da Elon Musk e Vivek Ramaswamy, che guidano l’organizzazione non governativa Department of Governance Effectiveness (DOGE). Tuttavia, lo stesso Musk, proprietario della società xAI, non si candida per questa posizione, ma è attivamente coinvolto nella definizione della politica nel campo dell’intelligenza artificiale. Alcuni rivali sostengono che i suoi legami con l’amministrazione Trump potrebbero dare un vantaggio alle sue aziende.

Il compito principale del curatore sarà l’allocazione delle risorse pubbliche e private per mantenere la posizione di leadership degli Stati Uniti nel campo dell’intelligenza artificiale. Si prevede che lavorerà con i leader dell’intelligenza artificiale presso le agenzie governative le cui posizioni sono state create dall’ordine esecutivo del presidente Biden e che utilizzerà l’intelligenza artificiale per rilevare frodi e appropriazione indebita di fondi.

Si sta discutendo la possibilità di combinare questa posizione con l’incarico di curatore per le criptovalute. In precedenza, secondo Bloomberg, l’amministrazione Trump avrebbe già intervistato per questa posizione i leader delle società di criptovaluta. La nomina di un curatore dell’IA non richiede l’approvazione del Senato, consentendo ai piani dell’amministrazione di andare avanti più rapidamente.

La creazione di questa posizione fa parte della strategia di Trump per sviluppare nuove tecnologie. Nell’ambito della stessa strategia, era stata precedentemente annunciata la creazione del Consiglio nazionale per l’energia, che sarà guidato dal governatore del Nord Dakota Doug Burgum, nominato per la carica di Segretario degli Interni. Il consiglio includerà anche Chris Wright, il candidato a ministro dell’energia.

Il Consiglio coordinerà il lavoro delle agenzie responsabili di autorizzare, produrre, generare, distribuire e regolare tutti i tipi di energia negli Stati Uniti. Gli obiettivi principali del consiglio includono la semplificazione delle procedure burocratiche, l’attrazione di investimenti privati ​​e il sostegno all’innovazione.

L’amministrazione Biden, incontrando scarso sostegno al Senato e difficoltà nel confermare i candidati, non è riuscita a nominare un capo della tecnologia statunitense, una posizione creata sotto il presidente Obama. Invece, le questioni legate all’intelligenza artificiale sono state coordinate da altri alti funzionari della Casa Bianca, con il vicepresidente Harris che rappresentava gli Stati Uniti nei negoziati internazionali sulle questioni legate all’intelligenza artificiale.

L'articolo Donald Trump vuole lo Zar Dell’Intelligenza Artificiale! Scelta influenza da Elon Musk? proviene da il blog della sicurezza informatica.

So now we’ve talked about all kinds of byproducts, including man-made (Fordite), nature-made (fulgurites), and one that’s a little of both (calthemites). Each of these is beautiful in its own way, but I’m not sure about the beauty and merit of corium — that which is created in a nuclear reactor core during a meltdown.
A necklace made to look like corium. Image via OSS-OSS
Corium has the consistency of lava and is made up of many things, including nuclear fuel, the products of fission, control rods, any structural parts of the reactor that were affected, and products of those parts’ reaction with the surrounding air, water, and steam.

If the reactor vessel itself is breached, corium can include molten concrete from the floor underneath. That said, if corium is hot enough, it can melt any concrete it comes in contact with.

So, I had to ask, is there corium jewelry? Not quite. Corium is dangerous and hard to come by. But that doesn’t stop artisans from imitating the substance with other materials.

Forming Corium

Chernobyl corium in steam discharge corridor. Image via ICTP
Corium lava was produced at both Chernobyl and Fukushima Dai’ichi, and on a smaller scale at Three Mile Island. It’s a rare thing, this man-made lava, and it’s only produced when humans gather enough highly-radioactive isotopes to start a chain reaction.

When a nuclear meltdown occurs, the fission reaction occurring within the reactor is no longer sufficiently cooled and contained to keep the rods, cases, core containment vessel, et cetera cool. Heat builds rapidly, produced by the fission of uranium-235 and plutonium-239.

If the chain reaction of fission and decays is allowed to go on, the heat will build up enough that the fuel rods start to bend and eventually melt. Usually, this is controlled by cooling water and control rods that are able to absorb some of the neutrons created by fission and decay. But if the fuel rods become fully molten, then you’ve got a meltdown on your hands.

April 26, 1986

The largest formation of corium in existence occurred during the Chernobyl disaster. In fact, so much corium issued forth that the molten mass dripped underneath to form stalactites, stalagmites, and lava flows such as the Elephant’s Foot.
The Chernobyl Elephant’s Foot, a large mass of corium. Image via Wikipedia
Chernobyl’s corium was formed over several days in three phases, the first of which lasted only seconds. The second stage lasted six days and comprised the interaction of the lava with silica-based structural materials like sand, concrete, and serpentinite. Finally, fuel lamination took place, and the molten corium penetrated the floors and solidified.

The corium at Chernobyl consists of uranium dioxide fuel, zircaloy cladding, concrete, and the serpentinite that had been packed around the reactor to serve as thermal insulation. Analysis has since shown that the corium reached a maximum temperature of 2,255 °C (4,091 °F). Far from cooling quickly, it remained above 1,660 °C (3,020 °F) for several days.

Chernobyl Corium

There are five types of material in Chernobyl’s corium:

• black ceramics: dark black, glassy material with a highly pitted surface
• brown ceramics: brown, glassy material that is both glossy and dull
• slag-like granulated corium: these are glassy granules with a crust and range from gray-magenta to a dark brown. These were formed by extended contact of brown ceramics with water
• pumice: grayish-brown porous formations that were formed when molten brown ceramic came into contact with water
• metal: both molten and solidified

The Elephant’s Foot is a large mass comprised of black corium and has many layers. It resembles tree bark on its surface. In order to get to where it was discovered in December 1986 (15 meters southeast of the reactor in a maintenance corridor), the corium burned through 2 m (6 ft) of reinforced concrete, then traveled through pipes and fissures and flowed down a hallway.

Three Mile Island

By comparison, the accident at Three Mile Island was a slow, partial meltdown. Within two minutes, over 40,000 pounds of various materials melted and relocated. And although a pool of corium formed at the bottom of the reactor vessel, it wasn’t breached.

Eventually, scientists took samples from the reactor and discovered two masses of dull, grey corium with a few yellow areas — one in the fuel assembly, and the other on the lower head of the reactor vessel. They found the corium to be mostly molten fuel and cladding. Elementally, it was mostly uranium, along with zirconium, oxygen, stainless steel, and an alloy called Inconel. Some of the samples included silver and indium from the control rods.

Melting and Smelting

Man-made lava is a terrible, amazing thing that, ideally, will remain rare. But not all byproducts are rare, and certainly not all of them have cool names. What could I possibly be talking about? Stay tuned!

hackaday.com/2024/11/27/boss-b…

Sembra che il problema dei falsi specialisti IT nordcoreani si sia diffuso non solo nelle aziende degli Stati Uniti. Secondo gli analisti di Microsoft, schemi simili sono operativi in ​​tutto il mondo, tra cui Cina, Russia e altri paesi.

Ricordiamo che negli ultimi mesi sono arrivate segnalazioni secondo cui gli hacker nordcoreani ottengono segretamente lavoro in aziende americane. Successivamente tentano di installare malware sui computer da lavoro, oltre a rubare dati dalle reti aziendali e chiedere riscatti.

Allo stesso tempo, gli specialisti di sicurezza informatica ritengono che non tutti gli specialisti IT della Corea del Nord siano coinvolti in attività dannose e spionaggio informatico. Alcuni effettivamente lavorano, e gli alti stipendi che ricevono, secondo i ricercatori, “generano entrate per il programma nucleare della Corea del Nord”.

A loro volta, le autorità americane stanno combattendo questo fenomeno scoprendo persone che aiutano a realizzare tali operazioni negli Stati Uniti. In sintesi stanno creando delle factory di laptop per trasferire il denaro rubato all’estero.

Ora gli specialisti Microsoft hanno redatto un rapporto e lo hanno presentato alla conferenza CYBERWARCON. Secondo Microsoft, la Corea del Nord aggira sanzioni e barriere finanziarie. Lo fa introducendo i suoi “specialisti IT” in aziende di Russia, Cina e altri paesi. Migliaia di dipendenti sono stati collocati con l’aiuto di terze parti. Queste forniscono conti bancari, telefoni, carte SIM e account sui social media e portali di lavoro.

Su GitHub sono stati scoperti centinaia di profili e portfolio falsi di falsi professionisti IT nordcoreani.Il mese scorso, Microsoft ha scoperto un archivio pubblico collegato a queste operazioni. L’archivio conteneva curriculum, e-mail, dati di account VPS e VPN, e vari tutorial. Erano presenti anche informazioni su portafogli, account (LinkedIn, GitHub, Upwork, TeamViewer, Telegram, Skype) e persino buste paga.
Profili falsi di specialisti nordcoreani

Microsoft ha ribadito un fenomeno già segnalato. I falsi specialisti IT usano dati personali rubati per candidarsi. Aggiungono foto rubate ai documenti. Utilizzano strumenti di intelligenza artificiale per creare curriculum e moduli di domanda.Inoltre, i ricercatori avvertono che gli aggressori utilizzano attivamente programmi per cambiare la voce.

“Anche se non abbiamo rilevato aggressori che utilizzano la tattica del cambio della voce e del video attraverso l’intelligenza artificiale, è sicuro che in futuro tali strumenti verranno utilizzati per poter ingannare le aziende”, avverte Microsoft.

L'articolo Impiegati Infedeli 2.0: Quando il Tecnico IT Usa ha quel Certo Accento Nordcoreano proviene da il blog della sicurezza informatica.

Samples taken from the space-returned piece of asteroid Ryugu were collected and prepared under strict anti-contamination controls. Inside the cleanest of clean rooms, a tiny particle was collected from the returned sample with sterilized tools in a nitrogen atmosphere and stored in airtight containers before being embedded in an epoxy block for scanning electron microscopy.

It’s hard to imagine what more one could do, but despite all the precautions taken, the samples were rapidly colonized by terrestrial microorganisms. Only the upper few microns of the sample surface, but it happened. That’s what the images above show.
The surface of Ryugu from Rover 1B’s camera. Source: JAXA
Obtaining a sample from asteroid Ryugu was a triumph. Could this organic matter have come from the asteroid itself? In a word, no. Researchers have concluded the microorganisms are almost certainly terrestrial bacteria that contaminated the sample during collection, despite the precautions taken.

You can read the study to get all the details, but it seems that microorganisms — our world’s greatest colonizers — can circumvent contamination controls. No surprise, in a way. Every corner of our world is absolutely awash in microbial life. Opening samples on Earth comes with challenges.

As for off-Earth, robots may be doing the exploration but despite NASA assembling landers in clean room environments we may have already inadvertently exported terrestrial microbes to the Moon, and Mars. The search for life to which we are not related is one of science and humanity’s greatest quests, but it seems life found on a space-returned samples will end up looking awfully familiar until we step up our game.

hackaday.com/2024/11/27/life-f…

Overview of 2024 consumer cyberthreats and trends predictions

Part of the Kaspersky Security Bulletin, our predictions for 2024 identified key consumer cyberthreats and trends shaped by global events, technological advances and evolving user behavior.

Last year, we suggested that charity-related scams would increase globally. While cybercriminals exploited humanitarian crises and charitable causes, taking advantage of both major conflicts and new donation methods, the anticipated boost could not be confirmed. We witnessed cases of abusing such efforts, particularly those associated with the Israeli-Hamas conflict, with Kaspersky researchers uncovering more than 540 scam emails and numerous fraudulent websites that imitated legitimate humanitarian aid campaigns. However, charity platforms’ ever-evolving protective measures and growing integration between charitable giving and day-to-day online shopping have provided more secure and convenient ways for users to make a contribution without exposing themselves to scammers, which also proves our prediction about such collaboration as accurate.

In line with our expectations regarding VPN usage and internet segmentation, 2024 saw a notable global surge in the popularity of VPN and proxy services, with applications gaining significant popularity across various countries. This trend is largely driven by users seeking to bypass regional content restrictions and enhance online privacy. However, this increased demand has attracted malicious actors. Cybercriminals are exploiting the popularity of VPN services by spreading potentially harmful applications disguised as legitimate VPN tools. Kaspersky has reported a surge in these malicious apps, capable of compromising user data and security.

In 2024, the prediction that national security concerns would lead to restrictions imposed on apps and services, thus creating new security issues, proved accurate. Governments worldwide used security as a justification for limiting access to popular platforms, often leaving users with fewer and potentially less secure alternatives in the process. Notable developments included the temporary suspension of X (formerly Twitter) in Brazil by a court ruling, ongoing discussions about TikTok’s ownership structure in the United States, and the removal of various messaging apps from Apple’s App Store in China.

Our prediction that play-to-earn (P2E) gaming platforms would attract cybercriminals was also fulfilled, with multiple cases highlighting the sector’s vulnerabilities. Kaspersky researchers uncovered phishing schemes targeting Hamster Kombat players, a popular Telegram-based clicker game, where attackers used fraudulent links to steal credentials and gain unauthorized access to user accounts. Similarly, Kaspersky GReAT discovered a scheme devised by the Lazarus group, which developed a malicious decoy game disguised as a legitimate P2E platform containing sophisticated malware designed to steal cryptocurrency and sensitive user data.

Despite the growing need driven by advancements in generative AI technology, the prediction about the development of a universal deepfake verification tool remained unfulfilled in 2024. While user-generated content (UGC) platforms like TikTok and Instagram have introduced policies requiring creators to label AI-generated content, the effectiveness of these measures is limited by their reliance on users’ honesty and awareness.

Just as predicted, the rise of voice deepfakes continued in 2024, fueling scams like vishing (voice phishing). A notable example is the proliferation of “fake kidnapping” scams, where attackers use voice imitation technology to impersonate real individuals and extort money from their families. The availability of open-source voice generation models expanded significantly, making these tools more accessible and lowering the technological threshold for malicious actors. The challenge of combating deepfakes extends beyond advances in tech and includes the need to raise public awareness and ensure the seamless integration of detection tools into everyday life.

Lastly, cybercriminals capitalized on the anticipation surrounding major film and game releases in 2024, which aligned with our earlier predictions. The release of “Joker 2” was accompanied by scams like phishing websites and fake streaming links, that aimed to deceive eager fans. Although “Grand Theft Auto VI” (GTA VI) is scheduled for release in 2025, scammers have already started to exploit its popularity by creating fake beta versions and unauthorized mobile releases to trick users into downloading malware or submitting personal information.

Overview of 2024 privacy predictions

The privacy landscape in 2024 was shaped by significant technological advances and evolving societal concerns, aligning with many of our predictions but leaving some areas underdeveloped.

Biometric data gained recognition as a critical aspect of privacy protection, with the European Union adopting the Artificial Intelligence (AI) Act to address privacy concerns associated with facial recognition and other biometric technologies. This marked a notable step towards expanding the concept of private data beyond traditional means of identification. However, while the EU led these efforts, global consensus and comprehensive implementation of similar standards remain ongoing challenges, rendering the anticipated trend of stricter regulation of biometric data usage only partially fulfilled.

Predicted privacy debates surrounding AI-enabled wearables, such as Humane’s AI Pin, did not gain much traction, as these devices struggled to make significant advancements in 2024. As a result, discussions surrounding these technologies often merged with those about AR and VR devices, which saw more tangible development. Devices like Apple Vision Pro and Meta’s Ray-Ban smart glasses highlighted similar concerns around data collection, biometric privacy, environmental mapping and bystanders’ consent. While these advancements brought privacy challenges to the forefront, the lack of robust regulatory frameworks left these predictions only partially realized. The immersive and pervasive nature of AR/VR technology underscores the urgency of establishing concrete regulatory measures to address these evolving concerns.

In 2024, the prediction that leaked passwords would become less of a concern saw partial realization. The increased adoption of passwordless authentication, supported by passkeys and biometric logins from major tech companies like Google, Microsoft and Apple, reduced the reliance on traditional passwords and mitigated the impact of credential leaks. However, the transition remains incomplete, with gaps in adoption leaving room for continued exploitation.

Assistant bots showed promise in enhancing privacy, particularly in mitigating phishing risks through call transcription and incoming caller screening, as predicted. However, the rise of sophisticated scams targeting bot vulnerabilities underscored the dual role of these technologies, showcasing both their potential and the need for stronger safeguards.

Overall, 2024 demonstrated progress in addressing critical privacy concerns while highlighting the need for continued advancement, global collaboration and comprehensive regulatory efforts to fully realize the potential of emerging technology in safeguarding privacy.

Consumer and privacy predictions for 2025

AI becomes an everyday reality

In 2025, artificial intelligence (AI) will solidify its role as a core element of daily life, transitioning from an innovative tool to a mundane utility. The rapid adoption of AI-driven technology across various domains — from search engines to creative tasks — has already reshaped how people work, learn and communicate. Major platforms like Google and Bing have integrated AI into search results, while users increasingly rely on chatbots for everything from answering questions and editing media to learning languages and simplifying workflows.

This trend is set to expand further with the anticipated release of advanced AI features in key operating systems like iOS and Android, marking a new phase in AI accessibility. As these capabilities roll out, AI will influence not only personal convenience but also broader industries. In academia, for instance, AI has accelerated research processes, and its contributions may reach new heights, as highlighted by the potential for groundbreaking achievements like the Nobel Prize awarded to the cofounder and scientist behind the AI initiative DeepMind.

However, alongside this normalization, challenges remain. AI’s ability to produce personalized deepfakes continues to evolve, raising ethical and privacy concerns in the absence of robust detection tools. As AI systems increasingly interact with and shape the physical world, the need for safeguards and accountability will grow. By 2025, AI’s ubiquity will transform it from a novelty into an indispensable part of modern life, with both opportunities and risks becoming more pronounced.

Fraudsters to exploit high-profile entertainment releases in 2025

In 2025, cybercriminals are expected to capitalize on the excitement surrounding major gaming, console and film releases. The launch of highly anticipated games like Mafia: The Old Country, Civilization VII and Death Stranding 2 will likely be accompanied by scams involving fake pre-orders and counterfeit digital keys. Similarly, rumors about the release of Nintendo’s next-generation console may fuel scams tied to pre-orders, early sales and fake hacking tools, some of which could deliver malware disguised as rootkits.

On the cinematic front, anticipated sequels and remakes like Superman, Jurassic World Rebirth, Captain America: Brave New World, Return to Silent Hill, and Tron: Ares will provide scammers with ample opportunity. Fraudulent campaigns may target fan forums and social media platforms by promoting fake early screenings, counterfeit merchandise and phishing emails. As the hype around these premieres intensifies, so will the sophistication and scale of cybercriminal activity seeking to exploit eager fans and consumers.

Proliferating subscription services to fuel fraud risks

As the global economy increasingly shifts towards subscription-based models, a significant uptick in fraud related to fake subscription offerings is anticipated. Cybercriminals are expected to exploit the growing shift in habits regarding subscriptions and reliance on these by creating counterfeit services that mimic legitimate ones. These fraudulent platforms aim to deceive users into providing personal and financial information, leading to identity theft and financial loss.

Moreover, with the proliferation of subscription services, some users may turn to unofficial resources to access content at reduced prices or for free. These non-official channels often lack proper security and may serve as hotspots for malware distribution, phishing attacks and other cyberthreats. Engaging with these platforms not only undermines legitimate businesses’ interests but also exposes users to heightened risks of fraud and data breaches.

Prohibition of social media for children may lead to broader user restrictions

Australia is considering legislation to ban children under 16 from using social media platforms like Facebook, Instagram, TikTok and X (formerly Twitter). The success of this measure hinges on its technical implementation, particularly in establishing reliable and effective age verification systems. If these challenges are successfully resolved, this legislation could serve as a model for similar restrictions globally. Moreover, successful implementation of a stricter approach might create a precedent for projecting restrictive measures onto other user groups, potentially reshaping international norms for regulating online platform access and use.

While unrelated to Australia’s initiative, content sharing platforms like Instagram are independently exploring advanced solutions to address age-related access issues. Instagram, for example, plans to deploy artificial intelligence to detect users misrepresenting their age, demonstrating how technology can enhance compliance with age-based policies. These innovations highlight the potential for scalable enforcement solutions, even as they face significant hurdles in ensuring accuracy and fairness.

Political polarization to fuel cyberbullying

In 2025, the increasing political divides affecting countries worldwide are expected to fuel a rise in cyberbullying, exacerbated by the global reach of social media platforms. Economic disparities, social movements and geopolitical conflicts have heightened tensions across Europe, Asia, Africa and the Americas. Social media platforms amplify these divides through algorithms that promote echo chambers and inflammatory content, creating an environment ripe for targeted harassment. Emerging AI tools, such as those used to create deepfakes or doctored posts, further enable malicious actors to escalate harassment. Although there are measures taken by various social media platforms to protect the online community from abuse, offensive content is hard to distinguish comprehensively, leaving users exposed to cyberbullying.

This trend will lead to an increase in the frequency of targeted attacks, doxing and coordinated cyberbullying campaigns, often crossing national boundaries. Individuals may face harassment not only from domestic adversaries but also from users abroad, making cyberbullying a transnational issue.

New regulations to expand user ownership of their data

In 2025, privacy regulations are set to hand users more control over their personal data than ever before. New laws may enable individuals to monetize their data, turning it from a corporate commodity into a personal asset. Expanded portability rights could make it easier to move data across platforms, encouraging competition and giving users the freedom to switch services without losing their digital history. Simplified consent models and enhanced rights to correct or delete data will further empower users to manage their online presence.

Globally, privacy frameworks like California’s CPRA and the EU’s GDPR are inspiring similar reforms in regions such as Asia and across U.S. states. Innovations like decentralized data storage may also emerge, giving users direct control over their data. By the end of 2025, the balance of power in the digital ecosystem may shift decisively toward individuals.

securelist.com/ksb-consumer-an…