When you think of making something using a lathe, you usually think of turning a screw, a table leg, or a toothpick. [Uri Tuchman] had a different idea. He wanted to make a clock out of the gears used in the lathe. Can he do it? Of course, as you can see in the video below.

Along the way, he used several tools. A mill, a laser cutter, and a variety of hand tools all make appearances. There’s also plenty of CAD. Oh yeah, he uses a lathe, too.

Initially, the clock ran a little fast. A longer pendulum was the answer, but that required the clock to sit on a table edge because the pendulum now extends below the bottom of the clock!

We have to admit there is a lot going into this, but it looks great by the time it is done. We are impressed with the range of different tools used and the clever design. Of course, he could have made the gears, too, but using the metal gears already available is a nice touch.

You can, of course, get by with less. Much less. Or, you might elect to try something even more elaborate.

youtube.com/embed/CFVxZ0DowQg?…

hackaday.com/2024/12/27/lathe-…

Many things have combined to make very high-frequency RF gear much more common, cheaper, and better performing. Case in point: [dereksgc] is tearing apart a 20 GHz low-noise block (LNB). An LNB is a downconverter, and this one is used for some Irish satellite TV services.

The scale of everything matters when your wavelength is only 15 mm. The PCB is small and neatly laid out. There are two waveguides printed on the board, each feeding essentially identical parts of the PCB. Printed filters use little patterns on the board that have particular inductance and capacitance — no need for any components. Try doing that at 2 MHz!

The LNB is a single-band unit, so it only needs to worry about the two polarizations. However, [dereksgc] shows that some have multiple bands, which makes everything more complex. He also mentions that this LNB doesn’t use a PLL, and he’d like to find a replacement at this frequency that is a bit more modern.

After the teardown, it is time to test the device to see how it works. If you want to experiment at this frequency, you need special techniques. For example, we’ve seen people try to push solderless breadboards this high (spoiler: it isn’t easy). Maybe that’s why many people settle for modifying existing LNBs like this one.

youtube.com/embed/5xBqoIFQGb0?…

hackaday.com/2024/12/27/20-ghz…

Alfred Vail (public domain)
We talk about Morse code, named after its inventor, Samuel Morse. However, maybe we should call it Vail code after Alfred Vail, who may be its real inventor. Haven’t heard of him? You aren’t alone. Yet he was behind the first telegraph key and improved other parts of the fledgling telegraph system.

The story starts in 1837 when Vail visited his old school, New York University, and attended one of Morse’s early telegraph experiments. His family owned Speedwell Ironworks, and he was an experienced machinist. Sensing an opportunity, he arranged with Morse to take a 25% interest in the technology, and in return, Vail would produce the necessary devices at the Ironworks. Vail split his interest with his brother George.

By 1838, a two-mile cable carried a signal from the Speedwell Ironworks. Morse and Vail demonstrated the system to President Van Buren and members of Congress. In 1844, Congress awarded Morse $30,000 to build a line from Washington to Baltimore. That was the same year Morse sent the famous message “What Hath God Wrought?” Who received and responded to that message? Alfred Vail.

The Original Telegraph

Telegraphs were first proposed in the late 1700s, using 26 wires, one for each letter of the alphabet. Later improvements by Wheatstone and Cooke reduced the number of wires to five, but that still wasn’t very practical.

Samuel Morse, an artist by trade, was convinced he could reduce the number of wires to one. By 1832, he had a crude prototype using a homemade battery and a relatively weak Sturgeon electromagnet.

Morse’s original plan for code was based on how semaphore systems worked. Messages would appear in a dictionary, and each message would be assigned a number. The telegraph produced an inked line on a paper strip like a ticker tape. By counting the dips in the line, you could reconstruct the digits and then look up the message in the dictionary.

Morse’s partners, Vail and a professor named Gale, didn’t get their names on the patents, and for the most part, the partners didn’t take any credit — Vail’s contract with Morse did specify that Vail’s work would benefit Morse. However, there is evidence that Vail came up with the dot/dash system and did much of the work of converting the hodgepodge prototype into a reliable and manufacturable system.

Improvements

Vail’s sending key is instantly recognizable (photo from Smithsonian Institute) 3D View
For example, Morse’s telegraph used a pencil to mark paper, while Vail used a steel-pointed pen. The sending key was also Vail’s work, along with other improvements to the receiving apparatus (we’ve seen some nice replicas of this key).
A typical case for type used by printers (public domain)
As you may have noticed, the length of Morse code characters is inversely proportional to their frequency in English. That is, “E,” a common letter, is much shorter than a “Z,” which is far less common. Supposedly, Vail went to a local newspaper and used the type cases as a guide for letter frequencies.

Two Types of Code

American Morse Code (public domain)
It is worth noting that the code in question isn’t the one we use today. It was “American Morse Code” which was used most often by railroads. The modern International Morse Code is somewhat similar, but several differences exist. The most notable is that dashes are not always the same length. An L is a “long dash,” and a zero is an even longer dash (you occasionally hear this as shorthand on the ham bands if the sender uses a straight key).

In addition, some letters use longer than normal spaces. For example, the letters “A” and “B” are exactly like modern code, but the letter “C” is two dots, a double space, and another dot. An “O” is a dot, a double space, and another dot.
Gerke’s code from 1848 (Public Domain)
The gaps and different lengths caused problems with long cables, which led to Friedrich Gerke developing a derivative code in 1848. His code is essentially what we use today and uses a fixed length for dots, dashes, and spaces. There is one exception. The original Gerke code used the long-dash zero. Most of the letters in the International code are the same as the ones in the Gerke code, although when International Morse was codified in 1865, there were a few changes to some letters and numbers.

The telegraph was a huge success. By 1854, around 23,000 miles of lines were in operation. Western Union formed in 1851, and by 1866, there was a trans-Atlantic cable.

Will Success Spoil Alfred Vail?

Vail, however, was not a huge success. Morse took on an influential congressman as a partner and cut Vail’s shares in half. That left the Vail brothers with 12.5% of the profits. In 1848, Vail was disillusioned with his $ 900-a-year salary for running the Washington and New Orleans Telegraph Company. He wrote to Morse:

“I have made up my mind to leave the Telegraph to take care of itself, since it cannot take care of me. I shall, in a few months, leave Washington for New Jersey, … and bid adieu to the subject of the Telegraph for some more profitable business.”

He died less than 11 years later, in 1859. Other than researching genealogy, we didn’t find much about what he did in those years.

The Lone Inventor Fiction

Like most inventions, you can’t just point to one person who made the leap alone. In addition to Vail and his assistant William Baxter, Joseph Henry (the inductor guy) created practical electromagnets that were essential to the operation of the telegraph. In fact, he demonstrated how an electromagnet could ring a bell at a distance, which is really all you need for a telegraph, so he has some claim, too.

Part of the Speedwell Ironworks is now a historic site you can visit. It might not be a coincidence that the U.S. Army Signal Corps school was located in New Jersey at Camp Alfred Vail in 1919. Camp Alfred Vail would later become Fort Monmouth and was the home to the Signal Corps until the 1970s.

These old wired telegraphs made a clicking noise instead of a beep. Of course, wired telegraphs would give way to radio, and telegraphy of all kinds would mostly succumb to digital modes. However, you can still find the occasional Morse station.

hackaday.com/2024/12/27/do-you…

LEGO bricks might look simplistic, but did you know there’s an actual science behind their sizes? Enter LDUs — LEGO Draw Units — the minuscule measurement standard that allows those tiny interlocking pieces to fit together seamlessly. In a recent video [Brick Sculpt] breaks down this fascinating topic.

So, what is an LDU precisely? It’s the smallest incremental size used to define LEGO’s dimensions. For context, a standard LEGO brick is 20 LDUs wide, and a single plate is 8 LDUs tall. Intriguingly, through clever combinations of headlight bricks, jumper plates, and even rare Minifig neck brackets, builders can achieve offsets as tiny as 1 LDU! That’s the secret sauce behind those impossibly detailed LEGO creations.

We already knew that LEGO is far more than a toy, but this solidifies that theory. It’s a means of constructing for anyone with an open mind – on its own scale. The video below explains in detail how to achieve every dimension possible. If that inspires you to build anything, dive into these articles and see if you can build upon this discovery!

youtube.com/embed/opRelue2ypU?…

hackaday.com/2024/12/27/ldu-de…

We’re covering two weeks of news today, which is handy, because the week between Christmas and New Years is always a bit slow.

And up first is the inevitable problem with digital license plates. Unless very carefully designed to be bulletproof, they can be jailbroken, and the displayed number can be changed. And the Reviver plates were definitely not bulletproof, exposing a physical programming port on the back of the plate. While it’s not explicitly stated, we’re guessing that’s a JTAG port, given that the issue is considered unpatchable, and the port allows overwriting the firmware. That sort of attack can be hardened against with signed firmware, and using an MCU that enforces it.

This does invite comparisons to the James Bond revolving license plate — and that comparison does put the issue into context. It’s always been possible to swap license plates. If someone really wants to cause mischief, traditional plates can be stolen, or even faked. What a digital plate adds to the equation is the ability to switch plate numbers on the fly, without stopping or turning a screwdriver. Regardless, this seems like it will be an ongoing problem, as so many manufacturers struggle to create secure hardware.

Malicious RDP

There’s a clever attack, that uses Microsoft’s Remote Desktop Protocol (RDP), to give away way too much control over a desktop. That’s accomplished by sending the target a .rdp file that shares local resources like the clipboard, filesystem, and more. What’s new is that it seems this theoretical attack has now shown up in the wild.

The attack campaign has been attributed to APT29, CozyBear, a threat actor believed to be associated with Russia’s Foreign Intelligence Service. This attribution tracks with the victims of choice, like government, research, and Ukrainian targets in particular. To escape detection, the malicious RDP endpoints are set up behind RDP proxies, running on services like AWS. The proxies and endpoints are accessed through TOR and other anonymous proxies. The .rdp files were spread via spear-phishing emails sent through compromised mail servers. The big push, with about 200 targets, was triggered on October 22nd. Researchers at TrendMicro believe this was the end of a targeted campaign. The idea being that at the end of the campaign, it no longer matters if the infrastructure and methods get discovered, so aim for maximum impact.

Free* Mcdonalds?

Here we learn that while McDonald’s USA dosn’t have a bug bounty program, McDonald’s India does — and that’s why researcher [Eaton Zveare] looked there. And found a series of Broken Object Level Authorization (BOLA) bugs. That’s a new term to this column, but a concept we’ve talked about before. BOLA vulnerabilities happen when a service validates a user’s authentication token, but doesn’t properly check that the user is authorized to access the specific resources requested.

In the McDonald’s case, any user of the web app is issued a guest JWT token, and that token is then valid to access any Order ID in the system. That allows some interesting fun, like leaving reviews on other users’ orders, accessing delivery maps, and getting copies of receipts. But things got really interesting when creating an account, and then ordering food. A hidden, incomplete password login page allowed breaking the normal user verification flow, and creating an account. Then after food is added to the cart, the cart can be updated to have a total price of a single rupee, about the value of a penny.

This research earned [Eaton] a $240 Amazon gift card, which seems a little stingy, but the intent behind the gesture is appreciated. The fixes landed just over 2 months after reported, and while [Eaton] notes that this is slower than some companies, it’s significantly faster than some of the less responsive vendors that we’ve seen.

Banning TP-Link

The US Government has recently begun discussing a plan to ban TP-Link device purchases in the United States. The reported reason is that TP-Link devices have shipped with security problems. One notable example is a botnet that Microsoft has been tracking, that primarily consists of TP-Link devices.

This explanation rings rather hollow, particularly given the consistent security failings from multiple vendors that we’ve covered on this very column over the years. Where it begins to make more sense is when considered in light of the Chinese policy that all new vulnerabilities must first be reported to the Chinese government, and only then can fixes be rolled out. It suggests that the US Commerce Department suspects that TP-Link is still following this policy, even though it’s technically now a US company.

I’m no stranger to hacking TP-Link devices. Many years ago I wrote a simple attack to put the HTTPD daemon on TP-Link routers into debug mode, by setting the wifi network name. Because the name was used to build a command run with bash, it was possible to do command injection, build a script in the device’s /tmp space, and then execute that script. Getting to debug mode allowed upgrading to OpenWRT on the device. And that just happens to be my advice for anyone still using TP-Link hardware: install OpenWRT on it.

Developers Beware

We have two separate instances of malware campaigns directly targeting developers. The first is malicious VSCode extensions being uploaded to the marketplace. These fakes are really compelling, too, with lots of installs, reviews, and links back to the real pages. These packages seem to be droppers for malware payloads, and seem to be targeting cryptocurrency users.

If malware in your VSCode extensions isn’t bad enough, OtterCookie is a campaign believed to come from North Korea, spreading via fake job interviews. The interview asks a candidate to run a Node.js project, or install an npm package as part of prep. Those are malicious packages, and data stealers are deployed upon launch. Stay frosty, even on the job hunt.

Bits and Bytes

PHP has evolved over the years, but there are still a few quirks that might trip you up. One of the dangerous ones is tied up in $_SERVER['argv'], a quick way to test if PHP is being run from the command line, or on a server. Except, that relies on register_argc_argv set to off, otherwise query strings are enough to fool a naive application into thinking it’s running on the command line. And that’s exactly the footgun that caught Craft CMS with CVE-2024-56145.

Australia may know something we don’t, setting 2030 as the target for retiring cryptography primitives that aren’t quantum resistant. That’s RSA, Elliptic-curve, and even SHA-256. It’s a bit impractical to think that those algorithms will be completely phased out by then, but it’s an interesting development to watch.

Fuzzing is a deep subject, and the discovery of 29 new vulnerabilities found in GStreamer is evidence that there’s still plenty to discover. This wasn’t coverage-guided fuzzing, where the fuzzer mutates the fuzzing input to maximize. Instead, this work uses a custom corpus generator, where the generator is aware of how valid MP4 files are structured.

hackaday.com/2024/12/27/this-w…

Un team di ricercatori del Korea Advanced Institute of Technology (KAIST), guidato dal professor Kwang-Hyun Cho, ha presentato un metodo in grado di trasformare le cellule tumorali in cellule sane. In futuro, lo sviluppo sostituirà i metodi esistenti di trattamento del cancro, che spesso hanno gravi effetti collaterali.

Gli scienziati hanno osservato a lungo il processo di oncogenesi: come le cellule sane degenerano gradualmente in cellule maligne. Durante lo studio è stato possibile stabilire: durante la trasformazione perdono le loro caratteristiche specializzate e ritornano allo stato primitivo. Così è nata un’idea: perché non invertire questo processo?

Per implementare l’idea, il team ha creato un modello digitale della rete genetica che controlla il normale sviluppo cellulare. Utilizzando la modellazione computerizzata, hanno ricostruito il percorso di maturazione cellulare e hanno trovato gli interruttori molecolari chiave che innescano il processo. Quando gli interruttori furono attivati ​​nel tumore del colon, il tessuto cominciò effettivamente a ritornare al suo stato sano originale.

La tecnica si basa sulla reinclusione dei geni responsabili della differenziazione cellulare. Nei tumori, questi geni sono solitamente inattivi o contengono mutazioni. Quando il loro lavoro viene ripristinato, i tessuti non solo ritornano alle normali funzioni, ma in alcuni casi possono anche trasformarsi in un altro tipo di cellule specializzate: avviene la transdifferenziazione. Ad esempio, le cellule del cancro al seno possono essere convertite in cellule epatiche sane.

Studi simili sono stati condotti in precedenza. Gli scienziati sono riusciti a ottenere risultati simili anche per diversi tipi di cancro: leucemia mieloide, tumori al seno e carcinoma epatocellulare del fegato. Tuttavia, mentre in precedenza la scienza si basava su scoperte casuali, il nuovo approccio è molto più sistematico. La tecnologia sviluppata consente di determinare con precisione i geni e le proteine ​​che controllano la trasformazione cellulare.

In futuro, il metodo potrebbe costituire la base di una terapia personalizzata che tenga conto delle caratteristiche genetiche di ciascun paziente. Il gruppo di ricerca sta ora lavorando per espandere l’uso della tecnologia per trattare altre forme di cancro.

L'articolo Cellule tumorali Riprogrammate: il futuro della medicina rigenerativa parte da qui proviene da il blog della sicurezza informatica.

When you think of languages you might read about on Hackaday, COBOL probably isn’t one of them. The language is often considered mostly for business applications and legacy ones, at that. The thing is, there are a lot of legacy business applications out there, so there is still plenty of COBOL. Not only is it used, but it is still improved, too. So [Meyfa] wanted to set the record straight and created a Minecraft server called CobolCraft.

The system runs on GnuCOBOL and has only been tested on Linux. There are a few limitations, but nothing too serious. The most amazing thing? Apparently, [Meyfa] had no prior COBOL experience before starting this project!

Even if you don’t care about COBOL or Minecraft, the overview of the program is interesting because it shows how many things require workarounds. According to the author:

Writing a Minecraft server was perhaps not the best idea for a first COBOL project, since COBOL is intended for business applications, not low-level data manipulation (bits and bytes) which the Minecraft protocol needs lots of. However, quitting before having a working prototype was not on the table! A lot of this functionality had to be implemented completely from scratch, but with some clever programming, data encoding and decoding is not just fully working, but also quite performant.

Got the urge for Cobol? We’ve been there. Or write Minecraft in… Minecraft.

hackaday.com/2024/12/27/minecr…

Statistics across all threats

In the third quarter of 2024, the percentage of ICS computers on which malicious objects were blocked decreased by 1.5 pp to 22% when compared to the previous quarter.

Percentage of ICS computers on which malicious objects were blocked, by quarter, 2022–2024

Compared to the third quarter of 2023, the percentage decreased by 1.7 pp.

The percentage of ICS computers on which malicious objects were blocked during the third quarter of 2024 was highest in July and September, and lowest in August. In fact, the percentage in August 2024 was the lowest of any month in the observation period.

Percentage of ICS computers on which malicious objects were blocked, Jan 2023–Sep 2024

Region rankings

Regionally^[1], the percentage of ICS computers that blocked malicious objects during the quarter ranged from 9.7% in Northern Europe to 31.5% in Africa.

Regions ranked by percentage of ICS computers where malicious objects were blocked, Q3 2024

Six regions: Africa, South Asia, South-East Asia, the Middle East, Latin America and East Asia, saw their percentages increase from the previous quarter.

Regions and the world. Changes in the percentage of attacked ICS computers in Q3 2024

Selected industries

The biometrics sector led the surveyed industries in terms of the percentage of ICS computers on which malicious objects were blocked.

Percentage of ICS computers on which malicious objects were blocked in selected industries

In the third quarter of 2024, the percentage of ICS computers on which malicious objects were blocked decreased across most industries, with the exception of the biometrics and manufacturing sectors.

Changes in the percentage of ICS computers on which malicious objects were blocked in selected industries

Diversity of detected malicious objects

In the third quarter of 2024, Kaspersky’s protection solutions blocked malware from 11,882 different malware families in various categories on industrial automation systems.

Percentage of ICS computers on which the activity of malicious objects in various categories was prevented

The most notable proportional growth during this period was in the percentage of ICS computers on which malicious scripts and phishing pages were blocked, representing an increase of 1.1 times.

Main threat sources

The internet, email clients and removable storage devices remain the primary sources of threats to computers in an organization’s technology infrastructure. Note that the source of the blocked threats cannot be reliably identified every time.

In the third quarter of 2024, the percentage of ICS computers on which threats from various sources were blocked decreased for all threat sources described in this report.

Percentage of ICS computers on which malicious objects from various sources were blocked

Moreover, the percentage of ICS computers on which threats from email clients, removable media and network folders were blocked in the third quarter was the lowest in the observation period.

Threat categories

Malicious objects used for initial infection

Malicious objects used for initial infection of ICS computers include denylisted dangerous internet resources, malicious scripts and phishing pages, and malicious documents.

In the third quarter of 2024, the percentage of ICS computers on which denylisted internet resources and malicious documents were blocked increased to 6.84% (by 0.21 pp) and 1.97% (by 0.01 pp), respectively. The rate of malicious scripts and phishing pages increased more significantly to 6.24% (by 0.55 pp), although in the previous quarter it reached its lowest level since the beginning of 2022.

Next-stage malware

Malicious objects used to initially infect computers deliver next-stage malware: spyware, ransomware, and miners, to victims’ computers. As a rule, the higher the percentage of ICS computers on which the initial infection malware is blocked, the higher the percentage for next-stage malware.

The percentage of ICS computers on which spyware (spy Trojans, backdoors and keyloggers) was blocked decreased by 0.17 pp to 3.91% when compared to the previous quarter.

The percentage of ICS computers on which ransomware was blocked continued to vary from quarter to quarter within 0.03 p.p. It decreased to 0.16% in the observation period.

The percentage of ICS computers on which miners in the form of executable files for Windows were blocked decreased by 0.18 pp to 0.71%.

The percentage of ICS computers on which web miners were blocked decreased by 0.09 pp to 0.41%.

Self-propagating malware

Self-propagating malware (worms and viruses) is a category unto itself. Worms and virus-infected files were originally used for initial infection, but as botnet functionality evolved, they took on next-stage characteristics.

To spread across ICS networks, viruses and worms rely on removable media, network folders, infected files including backups, and network attacks on outdated software.

In the third quarter of 2024, the percentage of ICS computers on which worms were blocked continued to decrease (by 0.18 pp), reaching 1,30%. This is the lowest point since the beginning of 2022. The rate of viruses decreased slightly to 1.53%.

AutoCAD malware

AutoCAD malware is typically a low-level threat, coming last in the malware category rankings in terms of the percentage of ICS computers on which it was blocked.

In the third quarter of 2024, the percentage of ICS computers on which AutoCAD malware was blocked showed a slight decrease to 0.40%.

You can find the full Q3 2024 report on the Kaspersky ICS CERT website.

^[1] The report takes into account statistics for the USA received before September 29, 2024.

securelist.com/ics-cert-q3-202…

Do you ever have clothes that you only wore for a few hours, so you don’t want to wash them, but it still seems icky to put them back in the drawer or closet? What if you had a dedicated place to put them instead of on your floor or piled on a chair in the corner? [Simone Giertz] has a tidier solution for you.

On top of the quasi-dirty clothing conundrum, [Giertz]’s small space means she wanted to come up with a functional, yet attractive way to wrangle these clothes. By combining the time-honored tradition of hanging clothes on the back of a chair and the space-saving efficiency of a Lazy Susan, she was able to create a chair with a rotating rack to tuck the clothes out of the way when not wearing them.

The circular rack attached to the chair orbits around a circular seat and arm rests allowing clothes to be deposited on the chair from the front and conveniently pushed to the back so they remain out of sight and out of mind until you need them. The hardware chosen seems to be pretty strong as well given the number of items placed on the rail during the demonstration portion of the video. We also really like how [Giertz] challenged herself to “CAD celibacy” for the duration of the build to try to build it quick.

If you want to see some other clever furniture hacks, how about repurposing the seats from an old subway, or hacking IKEA furniture to be more accessible?

youtube.com/embed/H175G8NH2Cg?…

hackaday.com/2024/12/27/uncann…

Il gruppo di hacker APT29 (Midnight Blizzard) ha lanciato una massiccia campagna utilizzando 193 server proxy per attacchi man-in-the-middle (MiTM) tramite Remote Desktop Protocol (RDP ). Lo scopo degli attacchi è rubare dati, account e installare malware.

Per eseguire attacchi MiTM, i Red Team utilizzano lo strumento PyRDP, che consente di scansionare i file system delle vittime, estrarre dati in background e avviare in remoto applicazioni dannose in un ambiente compromesso.

Trend Micro sta monitorando le attività di un gruppo chiamato “Earth Koshchei” e riferisce che gli attacchi sono mirati a organizzazioni governative e militari, missioni diplomatiche, società IT, fornitori di servizi cloud, società di telecomunicazioni e sicurezza informatica. La campagna si rivolge a organizzazioni negli Stati Uniti, Francia, Australia, Ucraina, Portogallo, Germania, Israele, Grecia, Turchia e Paesi Bassi.

Il metodo di attacco prevede di indurre gli utenti a connettersi a falsi server RDP creati dopo aver eseguito un file ricevuto tramite e-mail di phishing. Una volta stabilita una connessione, le risorse del sistema locale (dischi, reti, appunti, stampanti e dispositivi I/O) diventano disponibili agli aggressori.

Il rapporto Trend Micro rivela i dettagli dell’infrastruttura, che comprende 193 server proxy RDP che reindirizzano le connessioni a 34 server controllati dagli aggressori. Ciò consente agli hacker di dirottare le sessioni RDP utilizzando PyRDP. I criminali informatici possono registrare le credenziali in testo non crittografato o come hash NTLM, rubare dati dagli appunti e dai file system ed eseguire comandi tramite la console o PowerShell.

Gli esperti notano che la tecnica è stata descritta per la prima volta nel 2022 da Mike Felch, il che potrebbe aver ispirato APT29 a utilizzarla. Una volta stabilita la connessione, il server falso imita il comportamento di un server RDP legittimo, consentendo agli aggressori di inserire script dannosi, modificare le impostazioni di sistema e manipolare il file system della vittima.

Tra le configurazioni dannose ce n’è una che invia all’utente una falsa richiesta di connessione ad AWS Secure Storage Stability Test, creando l’impressione di un processo legittimo e fuorviando l’utente.
Richiesta di connessione falsa (Trend Micro)
Per mascherare gli attacchi, gli aggressori utilizzano servizi VPN commerciali che pagano in criptovaluta, nodi di uscita TOR e servizi proxy che utilizzano gli indirizzi IP di altri utenti. Tali misure rendono difficile risalire ai reali indirizzi IP dei server dannosi.

Gli esperti sottolineano che prevenire gli attacchi richiede maggiore attenzione alle e-mail di phishing inviate da indirizzi legittimi precedentemente compromessi. Si consiglia di utilizzare connessioni RDP solo con server attendibili ed evitare di eseguire applicazioni ricevute tramite posta elettronica.

L'articolo APT29 Svela la Nuova Arma: Attacchi MITM con RDP per Rubare Dati e Installare Malware proviene da il blog della sicurezza informatica.

I ricercatori di sicurezza informatica di Akamai hanno identificato una nuova rete botnet basata su Mirai che sta sfruttando attivamente una vulnerabilità legata all’esecuzione di codice in modalità remota nei DVR DigiEver DS-2105 Pro. La vulnerabilità è Zero-day, non le è stato ancora assegnato un CVE e non è stata rilasciata alcuna correzione. Questo fatto rende i dispositivi delle vittime un facile bersaglio per gli hacker.

L’attacco informatico è iniziato in ottobre e ha colpito diversi videoregistratori e router di rete TP-Link dotati di software obsoleto. Una delle vulnerabilità utilizzate nella campagna è stata presentata dal ricercatore TXOne Ta-Lun Yen alla conferenza DefCamp a Bucarest. Secondo lui, il problema riguarda molti dispositivi DVR.

Akamai ha rilevato uno sfruttamento attivo di questa vulnerabilità da metà novembre, anche se le prove indicano che gli attacchi sono iniziati già a settembre. Oltre a DigiEver, la botnet prende di mira le vulnerabilità CVE-2023-1389 nei dispositivi TP-Link e CVE-2018-17532 nei router Teltonika RUT9XX.

La vulnerabilità del dispositivo DigiEver sfrutta un bug nella gestione dell’URI ‘/cgi-bin/cgi_main.cgi’, che non convalida correttamente i dati dell’utente. Ciò consente agli aggressori non autenticati di iniettare in remoto comandi come curl e chmod tramite parametri di richiesta HTTP come il campo ntp.

Gli hacker utilizzano il command injection per scaricare un file dannoso da un server esterno, dopodiché il dispositivo viene connesso alla botnet. I payload vengono aggiunti in Cron per mantenere l’accesso. I dispositivi compromessi vengono utilizzati per sferrare attacchi DDoS o per diffondere ulteriormente la botnet.

La nuova versione di Mirai si distingue per l’utilizzo della crittografia XOR e ChaCha20, nonché per il supporto di più architetture, tra cui x86, ARM e MIPS. Secondo Akamai ciò indica un’evoluzione nel modo in cui operano gli operatori di botnet.

La maggior parte di queste reti utilizza ancora gli algoritmi di crittografia originali del codice sorgente di Mirai. Tuttavia, nuovi metodi come ChaCha20 indicano un aumento del livello di minaccia. Il rapporto Akamai fornisce inoltre indicatori di compromissione (IoC) e regole Yara che aiuteranno a rilevare e bloccare questa minaccia.

Le moderne botnet mostrano una crescente sofisticazione e adattabilità, trasformando ogni vulnerabilità in uno strumento per attacchi su larga scala. Una difesa digitale adeguatamente costruita richiede non solo aggiornamenti tempestivi, ma anche un’analisi proattiva delle minacce.

L'articolo Nuova botnet Mirai sfrutta vulnerabilità Zero-Day nei DVR DigiEver proviene da il blog della sicurezza informatica.

Gli hacktivisti filorussi di NoName057(16) non mollano la presa nemmeno nel giorno di Santo Stefano. Le loro attività ostili hanno colpito diversi siti istituzionali attraverso attacchi di Distributed Denial-of-Service (DDoS). Colpire in questo periodo dell’anno significa sfruttare il momento in cui le aziende sono meno presidiate sul fronte della sicurezza informatica.

NoName057(16) è un gruppo di hacker che si è dichiarato a marzo del 2022 a supporto della Federazione Russa. Hanno rivendicato la responsabilità di attacchi informatici a paesi come l’Ucraina, gli Stati Uniti e altri vari paesi europei. Questi attacchi vengono in genere eseguiti su agenzie governative, media e siti Web di società private come protesta verso il supporto all’Ucraina.

I siti rivendicati nella giornata del 26 Dicembre 2024 dagli hacktivisti filorussi sono:

• Ministero italiano delle Infrastrutture e dei Trasporti
• Ministero dello Sviluppo Economico
• Guardia di Finanza
• Forze Armate Italiane
• L’industria aerospaziale italiana di potenza
• Carabinieri
• Marina Militare

Di seguito quanto riportato all’interno del loro canale telegram:
Lunedì il governo italiano ha prorogato la fornitura di equipaggiamento militare a Kiev fino alla fine del 2025. Il primo ministro Giorgia Meloni ha dichiarato di essere pronta a sostenere l'Ucraina fino alla fine della guerra, nonostante i possibili cambiamenti nella posizione degli Stati Uniti dopo l'insediamento di Donald Trump.

Il capo della NATO Mark Rutte ha esortato gli alleati a intensificare il sostegno militare all'Ucraina per rafforzare la sua posizione in vista di potenziali colloqui di pace🤬

Mentre il governo russofobico italiano continua a sostenere il regime criminale di Zelensky, noi sosteniamo gli attacchi all'infrastruttura internet di quel Paese

❌Ministero italiano delle Infrastrutture e dei Trasporti (morto al ping)
check-host.net/check-report/21c2c12bk6c4

Ministero dello Sviluppo Economico
check-host.net/check-report/21c2c114k417

❌Guardia di Finanza d'Italia (chiuso per motivi geo)
check-host.net/check-report/21c2c15ck998

❌Forze Armate Italiane (morto su ping)
check-host.net/check-report/21c2ca8ekde

❌L'industria aerospaziale italiana di potenza
check-host.net/check-report/21c2c7bdkd43

❌Organizzazione dei Carabinieri d'Italia (morto al ping)
check-host.net/check-report/21c2ceafkc00

❌Marina Militare Italiana (morto su ping)
check-host.net/check-report/21c2ccfek9e6

#OpItaly

Che cos’è un attacco Distributed Denial of Service

Un attacco DDoS (Distributed Denial of Service) è un tipo di attacco informatico in cui vengono inviate una grande quantità di richieste a un server o a un sito web da molte macchine diverse contemporaneamente, al fine di sovraccaricare le risorse del server e renderlo inaccessibile ai suoi utenti legittimi.

Queste richieste possono essere inviate da un grande numero di dispositivi infetti da malware e controllati da un’organizzazione criminale, da una rete di computer compromessi chiamata botnet, o da altre fonti di traffico non legittime. L’obiettivo di un attacco DDoS è spesso quello di interrompere le attività online di un’organizzazione o di un’azienda, o di costringerla a pagare un riscatto per ripristinare l’accesso ai propri servizi online.

Gli attacchi DDoS possono causare danni significativi alle attività online di un’organizzazione, inclusi tempi di inattività prolungati, perdita di dati e danni reputazionali. Per proteggersi da questi attacchi, le organizzazioni possono adottare misure di sicurezza come la limitazione del traffico di rete proveniente da fonti sospette, l’utilizzo di servizi di protezione contro gli attacchi DDoS o la progettazione di sistemi resistenti agli attacchi DDoS.

Occorre precisare che gli attacchi di tipo DDoS, seppur provocano un disservizio temporaneo ai sistemi, non hanno impatti sulla Riservatezza e Integrità dei dati, ma solo sulla loro disponibilità. pertanto una volta concluso l’attacco DDoS, il sito riprende a funzionare esattamente come prima.

Che cos’è l’hacktivismo cibernetico

L’hacktivismo cibernetico è un movimento che si serve delle tecniche di hacking informatico per promuovere un messaggio politico o sociale. Gli hacktivisti usano le loro abilità informatiche per svolgere azioni online come l’accesso non autorizzato a siti web o a reti informatiche, la diffusione di informazioni riservate o il blocco dei servizi online di una determinata organizzazione.

L’obiettivo dell’hacktivismo cibernetico è di sensibilizzare l’opinione pubblica su questioni importanti come la libertà di espressione, la privacy, la libertà di accesso all’informazione o la lotta contro la censura online. Gli hacktivisti possono appartenere a gruppi organizzati o agire individualmente, ma in entrambi i casi utilizzano le loro competenze informatiche per creare un impatto sociale e politico.

È importante sottolineare che l’hacktivismo cibernetico non deve essere confuso con il cybercrime, ovvero la pratica di utilizzare le tecniche di hacking per scopi illeciti come il furto di dati personali o finanziari. Mentre il cybercrime è illegale, l’hacktivismo cibernetico può essere considerato legittimo se mira a portare all’attenzione pubblica questioni importanti e a favorire il dibattito democratico. Tuttavia, le azioni degli hacktivisti possono avere conseguenze legali e gli hacktivisti possono essere perseguiti per le loro azioni.

Chi sono gli hacktivisti di NoName057(16)

NoName057(16) è un gruppo di hacker che si è dichiarato a marzo del 2022 a supporto della Federazione Russa. Hanno rivendicato la responsabilità di attacchi informatici a paesi come l’Ucraina, gli Stati Uniti e altri vari paesi europei. Questi attacchi vengono in genere eseguiti su agenzie governative, media e siti Web di società private

Le informazioni sugli attacchi effettuati da NoName057(16) sono pubblicate nell’omonimo canale di messaggistica di Telegram. Secondo i media ucraini, il gruppo è anche coinvolto nell’invio di lettere di minaccia ai giornalisti ucraini. Gli hacker hanno guadagnato la loro popolarità durante una serie di massicci attacchi DDOS sui siti web lituani.

Le tecniche di attacco DDoS utilizzate dal gruppo sono miste, prediligendo la “Slow http attack”.

La tecnica del “Slow Http Attack”

L’attacco “Slow HTTP Attack” (l’articolo completo a questo link) è un tipo di attacco informatico che sfrutta una vulnerabilità dei server web. In questo tipo di attacco, l’attaccante invia molte richieste HTTP incomplete al server bersaglio, con lo scopo di tenere occupate le connessioni al server per un periodo prolungato e impedire l’accesso ai legittimi utenti del sito.

Nello specifico, l’attacco Slow HTTP sfrutta la modalità di funzionamento del protocollo HTTP, che prevede che una richiesta HTTP sia composta da tre parti: la richiesta, la risposta e il corpo del messaggio. L’attaccante invia molte richieste HTTP incomplete, in cui il corpo del messaggio viene inviato in modo molto lento o in modo incompleto, bloccando la connessione e impedendo al server di liberare le risorse necessarie per servire altre richieste.

Questo tipo di attacco è particolarmente difficile da rilevare e mitigare, poiché le richieste sembrano legittime, ma richiedono un tempo eccessivo per essere elaborate dal server. Gli attacchi Slow HTTP possono causare tempi di risposta molto lenti o tempi di inattività del server, rendendo impossibile l’accesso ai servizi online ospitati su quel sistema.

Per proteggersi da questi attacchi, le organizzazioni possono implementare soluzioni di sicurezza come l’uso di firewall applicativi (web application firewall o WAF), la limitazione delle connessioni al server e l’utilizzo di sistemi di rilevamento e mitigazione degli attacchi DDoS

L'articolo Santo Stefano con DDoS! Carabinieri, MISE, Marina colpiti dagli attacchi di NoName057(16) proviene da il blog della sicurezza informatica.

Can you use brake cleaner for flux removal on PCBs? According to [Half Burnt Toast], yes you can. But should you? Well, that’s another matter.

In our experience, flux removal seems to be far more difficult than it should be. We’ve seen plenty of examples of a tiny drop of isopropyl alcohol and a bit of light agitation with a cotton swab being more than enough to loosen up even the nastiest baked-on flux. If we do the same thing, all we get is a gummy mess embedded with cotton fibers smeared all over the board. We might be doing something wrong, or perhaps using the wrong flux, but every time we get those results, we have to admit toying with the idea of more extreme measures.
The LED bar graphs were not a fan of the brake cleaner.
[Toast] went there, busting out a fresh can of brake cleaner and hosing down some of the crustier examples in his collection. The heady dry-cleaner aroma of perchloroethylene was soon in the air, and the powerful solvent along with the high-pressure aerosol blast seemed to work wonders on flux. The board substrate, the resist layer, and the silkscreen all seemed unaffected by the solvent, and the components were left mostly intact; one LED bar graph display did a little melty, though.

So it works, but you might want to think twice about it. The chlorinated formula he used for these tests is pretty strong stuff, and isn’t even available in a lot of places. Ironically, the more environmentally friendly stuff seems like it would be even worse, loaded as it is with acetone and toluene. Whichever formula you choose, proceed with caution and use the appropriate PPE.

What even is flux, and what makes it so hard to clean? Making your own might provide some answers.

youtube.com/embed/ViLTSRl3sek?…

hackaday.com/2024/12/26/blast-…

[Den Delimarsky] had a Stream Deck and wanted to be free of the proprietary software, so he reverse-engineered it. Now, he has a Stream Deck Plus, and with the same desire, he reverse-engineered it as well.

The device has eight buttons, a narrow screen, and four encoder dials. The device looks like a generic HID device to the host machine, and once it has been configured, doesn’t need any special software to function. By configuring the device using the official software in a virtual machine under the watchful eye of Wireshark, it was possible to figure out how that initial setup worked and recreate it using a different software stack.

If you’ve never done this kind of thing before, there is a lot of information about how to find USB data and draw inferences from it. The buttons send messages when pressed, of course. But they also accept a message that tells them what to display on their tiny screen. The device screen itself isn’t very big at 800×100.

[Den] packages everything up in the DeckSurf SDK, an open source project that lets you control Stream Decks. So if you just want to control the Deck, you don’t need to know all these details. But, for us, that’s where the fun is.

Way back in 2015, we covered some guy who had sniffed out a USB signal generator. That was easy since it was a serial port. However, you can go pretty far down the rabbit hole.

hackaday.com/2024/12/26/stream…

It’s a fair bet that most of us have a ton of wireless doo-dads around the house, from garage door remotes to wireless thermometers. Each of these gadgets seems to have its own idea about how to encode data and transmit it, all those dedicated receivers seem wasteful. Wouldn’t it be great to use existing RF infrastructure to connect your wireless stuff?

[Malte Pöggel] thinks so, and this LoRa rain gauge is the result. The build starts with a commercially available rain transmitter, easily found on the cheap as an accessory for a wireless weather station and already equipped with an ISM band transmitter. The rain-collection funnel and tipping-bucket mechanism were perfectly usable, and the space vacated by the existing circuit boards left plenty of room to play, not to mention a perfectly usable battery compartment. [Malte] used an ATmega328P microcontroller to count the tipping of the bucket, either through the original reed switch or via Hall Effect or magnetoresistive sensors. An RFM95W LoRa module takes care of connecting into [Malte]’s LoRaWAN gateway, and there’s an option to add a barometric pressure and temperature sensor, either by adding the BMP280 chip directly to the board or by adding a cheap I2C module, for those who don’t relish SMD soldering.

[Malte] put a lot of work into power optimization, and it shows. A pair of AA batteries should last at least three years, and the range is up to a kilometer—far more than the original ISM connection could have managed. Sure, this could have been accomplished with a LoRa module and some jumper wires, but this looks like a fantastic way to get your feet wet in LoRa design. You could even print your own tipping bucket collector and modify the electronics if you wanted.

hackaday.com/2024/12/26/a-lora…

There was a brief period through the 1960s into the 1970s when the last word in electronics was the calculator. New models sold for hundreds of dollars, and owning one made you very special indeed. Then the price of the integrated circuit at their heart fell to the point at which anyone could afford one, and a new generation of microcomputers stole their novelty for ever. But these machines were by no means the first calculators, and [What Will Makes] shows us in detail the workings of a mechanical calculator.

His machine is beautifully made with gears hand-cut from plywood, and follows a decimal design in which the rotation of a gear with ten teeth represents the numbers 0 to 9. We’re taken through the mechanical processes behind addition, subtraction, multiplication, and division, showing us such intricacies as the carry lever or a sliding display mechanism to implement a decimal equivalent of a bitwise shift multiplication.

We have to admit to be particularly impressed by the quality of the work, more so because these gears are hand made. To get such a complex assembly to work smoothly requires close attention to tolerance, easy with a laser cutter but difficult by hand. We heartily recommend watching the video, which we’ve placed below the break.

Meanwhile if you’d like more mechanical calculators, take a look at one of the final generation of commercial models.

youtube.com/embed/E0pJST5mL3A?…

hackaday.com/2024/12/26/a-mech…

What do you do when a crowdfunded product you really liked gets cancelled? Naturally, you take the idea and build your own version of it. That’s what [Salim Benbouziyane] did when the Focus Dial project on Kickstarter saw its launch cut short. This device allows you to set a ‘no distractions’ timer, during which notifications on one’s phone and elsewhere are disabled, making it something similar to those Pomodoro timers. What this dial also is supposed to do is integrate with home automation to set up clear ‘focus’ periods while the timer runs.

A quick prototype was set up using an ESP32 and other off-the-shelf components. The firmware has to run the timer, toggle off notifications on iOS and trigger firewall traffic rules to block a batch of social media addresses. Automating this with iOS was the hardest part, as Apple doesn’t make such automation features easy at all, ultimately requiring a Bluetooth audio board just to make iOS happy.

After this prototyping phase, the enclosure and assembly with the modules were drawn up in Autodesk Fusion 360 before the plastic parts were printed with a resin printer. The end result looks about as good as the Kickstarter one did, but with a few changes, because as [Salim] notes, if you are going to DIY such a failed crowdfunding project, why not make it work better for you?

youtube.com/embed/nZa-Vqu-_fU?…

hackaday.com/2024/12/26/the-fo…

When ships moved from muscle- and wind power to burning coal and other fossil fuels for their propulsion, they also became significantly faster and larger. Today’s cargo ships and ferries have become the backbone of modern civilization, along with a range of boat types. Even though tugs and smaller pleasure vessels are a far cry from a multi-thousand ton cargo or cruise ship, one would be hard-pressed to convert these boats back to a pure muscle or wind-based version. In short, we won’t be going back to the Age of Sail, but at the same time the fossil fuel-burning engines in these boats and ship come with their own range of issues.

Even if factors like pollution and carbon emissions are not something which keep you up at night, fuel costs just might, with these and efficiency regulations increasing year over year. Taking a page from alternative propulsions with cars and trucks, the maritime industry has been considering a range of replacements for diesel and steam engines. Here battery-electric propulsion is somewhat of an odd duck, as it does not carry its own fuel and instead requires on-shore recharging stations. Yet if battery-electric vehicles (BEVs) can be made to work on land with accompanying low ‘refueling’ costs, why not ships and boats?

A recent study by Lawrence Berkeley National Laboratory (LBNL) researchers Hee Seung Moon et al. as published in Nature Energy claims that a significant part of US maritime traffic can be electrified this way. Yet as a theoretical model, how close does it hit to the harsh realities imposed by this physical world which we live in?

Different Scales

Justine McAllister (IMO 8107878), a tug boat in New York Harbor. (Credit: Eric Baetscher, Wikimedia)
An important aspect with any battery-powered craft is matching the battery capacity with the expected range. For BEVs like cars, the goal is to put as much battery capacity into the vehicle as possible, constrained mostly by factors such as the cost per kWh and how much physical volume is available in the vehicle for batteries without intruding on the driver and passengers. This is how we ended up with a range of BEVs that can cover a sizeable chunk of daily usage cases, as well as specific cases like buses where the daily range requirement is planned in advance and thus very easy to optimize for. Even so, a number of road-bound vehicles are hard to electrify with just batteries, such as cross-country trucks due to the sheer weight of the batteries required in most scenarios. Unlike a fuel tank, these batteries also do not lose weight as they become more empty.

In the case of boats, these smaller vessels tend to have pretty limited range. For example: tugs put in a lot of work, but either remain bound to a specific harbor or slowly follow a set watercourse like a river with a gaggle of barges in tow. Here you can have recharging infrastructure set up and charging points ready to go with relatively little difficulty in the harbor or at mooring spots along the route. More challenging are vessels with more erratic routes, not to mention ships with routes that are so long that no reasonable amount of batteries could power it without recharging or swapping batteries. The main case in point here is container ships.

In a 2022 study by Jessica Kersey et al. in Nature Energy it was found that for routes of less than 1,500 km electrification would be economical, assuming a battery price of $100 per kWh. At that point the main question remains how many batteries you can fit into the ship without negatively impacting the cargo load that it can carry. A container ship can travel around 540 km per day at its average cruising speed, with a shipping route like Los Angeles to Yokohama of 7,792 km (4,207.6 nautical miles) taking over two weeks:Putting enough batteries on cargo ships to allow them to travel these routes without recharging in between is too much to ask. This is why the focus with battery-electric propulsion for ships and boats is on these shorter routes, where the total volume of batteries combined with electric motor(s) does not significantly exceed the volume (and weight) previously taken up by the diesel engine(s) and fuel tanks. As modelled by Kersey et al., for a small neo-Panamax container ship this would be the case if the route is kept below 3,000 km. Yet if the route is extended to something like 20,000 km the batteries would take up 32% of the containership’s carrying capacity.

Using batteries with higher energy density could help here, but as seen with today’s favorite battery chemistries using the higher density Li-ion comes with fewer charge cycles and worse stability, while LiFePO₄ with its common use in especially BEVs and grid-storage and solar-storage batteries has much better longevity and safety record, at the cost of more weight per kWh.

Removable Batteries

Currently a number of battery-electric boats and ships are in service, with ferries being one of the first to be outfitted with such propulsion, case in point being the Norwegian Bastø Electric ferry. This 600 passenger and 200 car ferry uses its 4.3 MWh battery as well as a diesel generator to travel the 10 kilometer route between Moss and Horten. While docked the batteries are charged up when a charging point is available. This makes it not a pure battery-electric boat, but rather a hybrid.
The Zhongyuan Haiyun Lu Shui 01 battery-electric 700 TEU containership. (Credit: COSCO Shipping)
More interesting are the two battery-electric containerships owned by China’s COSCO Shipping which recently began carrying shipping containers along the approximately 500 km route between Nanjing and Shanghai’s Yangshan Port. The Lu Shui (Green Water) 1 and 2 vessels are 700 TEU container ships that can travel at 10.4 knots over the Yangtze river. Perhaps most interesting about them is that they don’t have a battery bank integrated into their hulls, but rather take swappable batteries, with a standard capacity of 57.6 MWh, but with optional connection points for additional battery packs.

In the aforementioned LBNL study by Hee Seung Moon et al. the assumption was made that existing vessels would be retrofitted with batteries and electric motors, which would place a range of restrictions relative to newly designed and built vessels like COSCO’s newly commissioned ones. Being able to swap out battery packs along with shipping containers allows freshly charged packs to be ready when the containership docks and avoids the hassles of quick charging after each trip and replacing batteries after their approximately decade-long useful lifespan, for LiFePO₄.

Practical Within Limits

It’s clear that for shorter routes the use of battery-electric propulsion can make sense. Depending on the local grid this can also be less polluting than burning low-sulfur diesel fuel, and conceivably be cheaper, though it all has to be worked out on a case-by-case basis. In the case of COSCO the reasoning appears to have been that these custom container ships are perfect for such a shorter route, with cost savings to be expected over the use of direct-driven diesel or diesel-electric propulsion. Ultimately the success of battery-electric propulsion will come down to simple economics, especially in the cut-throat shipping business.

Featured image & thumbnail: Containership MSC Texas. (Source: Wikimedia Commons)

hackaday.com/2024/12/26/batter…

Gli sviluppatori del popolare strumento di analisi della sicurezza delle applicazioni mobili Mobile Security Framework (MobSF) hanno risolto una vulnerabilità scoperta da uno specialista di PT SWARM.

La vulnerabilità, registrata come CVE-2024-31215 ( BDU:2024-03055 ), ha ricevuto un punteggio CVSS 3.1 pari a 6,3. Per prevenire potenziali attacchi, si consiglia agli utenti di aggiornare la piattaforma alla versione 3.9.8 o successiva.

MobSF viene utilizzato attivamente sia da ricercatori indipendenti che da aziende che sviluppano applicazioni mobili e conducono penetration test. Questo strumento è incluso nelle più diffuse distribuzioni di test di penetrazione come BlackArch e ti aiuta a creare processi di sviluppo sicuri.

In assenza di un aggiornamento, la vulnerabilità ha consentito a un utente malintenzionato di sferrare un attacco caricando un’applicazione mobile dannosa in MobSF. Questa situazione potrebbe verificarsi, ad esempio, durante un’indagine su un incidente, quando gli specialisti della sicurezza informatica analizzano programmi che potrebbero rappresentare una minaccia.

Le app mobili utilizzano spesso i database cloud Firebase, forniti da Google come modello backend-as-a-service. Il sistema MobSF ne verifica la sicurezza durante il processo di analisi, compreso l’accesso senza autorizzazione. Un utente malintenzionato potrebbe configurare un’applicazione dannosa in modo che, invece di accedere al database Firebase, l’analizzatore MobSF invii una richiesta a un collegamento dannoso appositamente predisposto. Tale collegamento potrebbe reindirizzare verso risorse interne al circuito di rete dell’azienda o del ricercatore.

Le potenziali conseguenze variavano a seconda del software utilizzato nella rete. Le possibili minacce includevano l’esecuzione di codice dannoso, il furto di dati sensibili o altre violazioni.

Come ha osservato Oleg Surnin, capo del gruppo di ricerca sulla sicurezza delle applicazioni mobili PT SWARM, tali vulnerabilità appaiono dovute alla mancanza di meccanismi per verificare la legittimità delle risorse a cui vengono inviate le richieste. Tali errori evidenziano l’importanza di controlli rigorosi durante l’elaborazione dei dati negli strumenti di analisi della sicurezza.

L'articolo Penetration Tester contro Penetration Tester. Aggiornare subito MobSF proviene da il blog della sicurezza informatica.

Having a good set of (working) headlights is a crucial feature of any motor vehicle, assuming you want to be able to see the road ahead of you when there’s a lack of sunshine. Headlights are also essential to be noticed by other cars and traffic participants, but if installed improperly they can end up blinding an opposing driver with potentially fatal results. This is a major worry with LED lamps that are increasingly being installed in cars, often replacing the old-style halogen bulbs that have a very different color spectrum and beam patterns, to the dismay of fellow road participants.

This headlight glare can also be simulated in driving simulators, as in a 2019 article by [B.C. Haycock] et al. where the effect is of course diminished because displays can only get so bright. Of note is that it’s not just LED lights themselves, but also taller vehicles and misaligned headlights, all of which makes it important that the angle of your car’s headlights is proper. You want to see the road in front of you, after all, not illuminate every house in the nearest settlement two klicks away.

Compounding the problem is that the shorter wavelength, blue-ish light of LED headlights is more energetic than the more reddish, longer wavelength of halogens and are generally perceived as more intense by our eyes. Ultimately the solution appears to be adaptive driving beam headlights (ADB), a technology that constantly adjusts the headlights to the circumstances. ADB has been common in e.g. Europe already for the past 15 years, and is allowed in Canada since 2018 and in the US since 2022 after a rule change by the NHTSA.

With plenty of improper headlights on vehicles in North America still, it’s best to practice defensive driving, with a brighter dashboard illumination, anti-glare coatings and safety squinting when a miniature solar system passes by during an night-time drive.

hackaday.com/2024/12/26/blinde…

While they are dying out, you can still find incandescent bulbs. While these were once totally common, they’ve been largely replaced by LEDs and other lighting technology. However, you still see a number of them in special applications or older gear. If you are above a certain age, you might be surprised that youngsters may have never seen a standard incandescent lightbulb. Even so, the new bulbs are compatible with the old ones, so — mechanically, at least — the bulbs don’t look different on the outside.
You might have learned in school that Thomas Edison invented the light bulb, but the truth is much stranger (public domain)
It has been known for a long time that passing a current through a wire creates a glow. The problem is, the wire — the filament — would burn up quickly. The answer would be a combination of the right filament material and using an evacuated bulb to prevent the filament degrading. But it took over a century to get a commercially successful lightbulb.

We were all taught in school that Thomas Edison invented the light bulb, but the truth is much more complicated. You can go back to 1761 when Ebenezer Kinnersley first caused a wire to glow. Of course, wires would quickly burn up in the air. By the early 19th century, limelight was fairly common in theaters. Limelight — also known as the Drummond light — heated a piece of calcium oxide using a gas torch — not electric, but technically incandescence. Ships at sea and forts in the U.S. Civil War used limelights to illuminate targets and, supposedly, to blind enemy troops at night. Check out the video below to see what a limelight looks like.

youtube.com/embed/HIC7B3vt9ZE?…

Sir Humphry Davy demonstrated a dim, impractical light that used a huge battery and a thin strip of platinum. More practical was Davy’s electric arc lamp, which, after being refined by others, became common in some applications.

Arc lights had issues, though. They hissed and flickered. The carbon rods emitted carbon monoxide and ultraviolet light. They were extremely harsh and bright, and the rods burned up quickly. Everyone knew a better light bulb would be a winner, but no one knew how to create it.

Getting Closer

Starting around 1835, there were many experiments and demonstrations, but none of them really caught on. A Belgian, Marcellin Jobard, was on the right track in 1838 with a lightbulb in a vacuum with a carbon filament, but nothing really came of it. He also came up with what amounts to early emojis, but that took a long time to catch on, too.

Since platinum has a high melting point, it was a popular filament candidate. In the 1840s and 1870s, many inventors used platinum or carbon with varying degrees of success. During that same time period, there were many patents and demonstrations, but none were successfully commercialized. However, a Russian named Alexander Lodygin did patent a working bulb with carbon rods in nitrogen gas.

It isn’t clear if Henry Woodward and Mathew Evans knew of the Russian patent. In 1874, they filed a Canadian patent for a similar bulb. Ultimately, they failed to commercialize it, but they sold their patent to Thomas Edison.

Edison

Edison got serious about electric lighting in 1878. He experimented with different carbonized materials and platinum but finally settled on carbon fed by platinum wires. Using carbonized threads resulted in a bulb that lasted just over 13 hours. However, he would discover that carbonized bamboo could last 1200 hours. You can see one of the oldest surviving Edison bulbs at the Port Huron Museum and in the video below.

youtube.com/embed/dS-5CgNDgrs?…

Many people worked on the problem throughout the 1800s. Edison arrived at a practical solution and had the mechanism in place to exploit it. However, others had light bulb patents. Albon Man and William Sawyer had bulbs that didn’t last as long as Edison’s but formed the basis for the United States Electric Lighting Company. That company’s chief engineer was Hiram Maxim, a name familiar to most ham radio operators, but this particular Hiram Maxim was the famous ham radio operator’s father.

The elder Maxim is one of several people who claimed they had actually invented the incandescent light before Edison. The courts eventually decided that some of Edison’s claims were preempted by William Sawyer’s patents, but that Edison still had other valid patent claims.

Modern Types

These early bulbs had little in common with modern bulbs. The inside of the bulb had to have very little oxygen and moisture, or the filament would oxidize or burn out. Initially, mercury vapor pumps and phosphoric anhydride were used, but this added expense to bulbs. Arturo Malignani found that red phosphorus would allow for a drier vacuum with cheaper pumps. Edison was quick to buy the patent.

However, Lodygin and others were on the right track, and using a metal filament and an inert gas to replace the oxygen would be more effective. This prevents the filament from burning and also reduces the evaporation of the filament. (See the video below if you want to see the effect of air on a tungsten filament.) He invented a process for forming thin metal filaments and sold the patent to General Electric in 1902.

youtube.com/embed/ZOM8Kkm62jM?…

The truly modern bulb is the result of a 1904 invention by Sándor Just and Franjo Hanaman. They created a tungsten filament that worked better in an argon or nitrogen atmosphere. The Hungarian company Tungsram sold these, and they could practically pass for a modern clear-glass bulb.

A modern bulb has a glass envelope and a tungsten filament, although they add a few impurities to increase the filament life. The bulb contains a low pressure of a gas like argon, nitrogen, krypton, or xenon. Modern glass bulbs are either clear or coated with kaolin clay from the inside. Some bulbs have pigments to change color or different glass to produce different colors. Bulbs used for heating sometimes have special glass or even fused quartz.

Real World Considerations

Light bulbs are one of those circuit elements we pretend are perfect, but they aren’t. Tungsten filaments have a low resistance when cold, which causes a bulb to draw a lot of current when it first turns on. As the filament gets hot, the resistance goes up, and the current goes down. Oddly enough, carbon filaments have the opposite problem. They draw more power as they get hot, which also makes them sensitive to power surges, since if they get hot, they draw more current, which causes them to draw even more current, which makes them even hotter, and the cycle repeats.

In high-reliability circuits, designers often highly derate a bulb’s specifications to get a dimmer light that lasts longer. A 5% reduction in voltage will roughly double a bulb’s lifetime but also make it about 16% dimmer. Some will also pass a small current through the bulb even when it is off to keep the filament warm. This reduces the current draw and heating associated with turning on a cold filament.

The other big problem with incandescent lights is that they are relatively inefficient since most of the energy produces heat and infrared light. A typical bulb is around 5% efficient in terms of visible light, and the best halogens come in around 10%.

Of course, this inefficiency is why there’s been a move to ban incandescent bulbs in favor of LEDs, fluorescents, and other technologies. LED lights, in contrast, can reach 30-40% efficiency. Still more light than heat, but almost an order of magnitude more efficient than plain-old incandescents.

So Much More

There’s a lot more to learn about light bulbs. In 1885, the U.S. had an estimated 300,000 carbon filament bulbs. By 1914, there were 88.5 million. In 1945, the market was around 795 million. When you deal with that kind of scale there are many innovations both in the technology and the machinery used to build them. Want to see how lightbulbs were made? Check out the video below.

youtube.com/embed/TPc7Dspn1_8?…

We’ve talked about the early lighting market and one of its pioneers, Lewis Latimer, a few years ago. We’ve looked at the checkered history many times.

Featured image: “Yellow Bulb” by [Daniel Reche]

hackaday.com/2024/12/26/tech-i…

La Apache Software Foundation ha rilasciato aggiornamenti di sicurezza per risolvere una vulnerabilità critica nel sistema di controllo del traffico. Il difetto rilevato ha ricevuto la valutazione molto alta: 9,9 punti su 10 possibili sulla scala CVSS.

La vulnerabilità, indicizzata CVE-2024-45387, consente agli aggressori di eseguire comandi SQL arbitrari nel database. Il problema riguarda le versioni di Apache Traffic Control 8.0.1 e precedenti.

Secondo gli sviluppatori, per sfruttare la vulnerabilità, l’aggressore necessita di diritti di accesso privilegiati con i ruoli “admin”, “federation”, “operazioni”, “portale” o “steering”. Un utente malintenzionato può effettuare un attacco inviando una richiesta PUT appositamente predisposta.

Apache Traffic Control è un’implementazione open source di una rete per la distribuzione di contenuti (CDN). Nel giugno 2018, il sistema ha ricevuto lo status di progetto di primo livello all’interno della Apache Software Foundation.

La vulnerabilità è stata scoperta dal ricercatore di sicurezza Yuan Luo del Tencent Security Lab. Per proteggersi da possibili attacchi, si consiglia agli utenti di aggiornare Apache Traffic Control alla versione 8.0.2.

La Apache Foundation ha inoltre corretto una vulnerabilità di bypass dell’autenticazione nel server Apache HugeGraph ( CVE-2024-43441 ) che interessa le versioni da 1.0 a 1.3. La correzione è stata rilasciata nella versione 1.5.0. Inoltre, gli sviluppatori hanno recentemente rilasciato una patch per una vulnerabilità critica in Apache Tomcat ( CVE-2024-56337 ), che in determinate condizioni può portare all’esecuzione di codice in modalità remota.

L'articolo Grave falla in Apache Traffic Control: rischio di SQL injection per gli amministratori! proviene da il blog della sicurezza informatica.

Lo so, lo sento; lo sono.
Ci provo a dare amore
Lento pesante ma senza far rumore
oggi si trascina il tempo mio; qual vecchio treno
fuori orario che ansa controvoglia
su binari da cambiare
Il telefono
ormai fuori uso
pure, sembra dir qualcosa
ma era falso allarme
La carrozza del pensiero
oggi davvero non parte

L’apparenza bugiarda riveste le cose
L’essenza rivela molto di più
La paranoia
nei volti delusi si rimira
e poi ancorara;
piega le labbra della gente all'ingiù
Io rimugino fantasie
mi fosse toccata un’altra sorte
Ho perso a carte con mezz’ora di pc
Oggi ho poca fame
e del resto
se non posso averti qui

La vita come Penelope
tesse e disfa una tela di notte
Talvolta s’eclissa, vile come ombra
all'accendersi del giorno. E per la strada
un’ombra
col biglietto già timbrato
per un’avventura
senza garanzia di ritorno
che mi faccia sentire ancora
Il grande gatto immobile della volta azzurra
Lo Spirito dell’Essere
prende a calci il tempo