Quattro giorni di caos negli scali europei: attacco ransomware e un sospetto arrestato
Il 19 settembre si è verificato un grave incidente informatico in Europa , che ha colpito Collins Aerospace, uno dei maggiori fornitori mondiali di tecnologia aerospaziale. L’attacco ha interrotto le operazioni aeree e ha interessato i voli nei principali hub europei.
L’impatto è stato particolarmente evidente all’aeroporto di Londra Heathrow, dove i passeggeri hanno subito ritardi e cancellazioni dei voli per tutto il fine settimana.
Secondo le forze dell’ordine, l’attacco ha preso di mira i sistemi di Collins Aerospace che supportano e coordinano una serie di processi tecnologici relativi alla sicurezza aerea e alle operazioni di volo. L’interruzione di questi servizi ha avuto un impatto rapido sulla catena di approvvigionamento e sui processi operativi, causando interruzioni del trasporto aereo in diversi paesi dell’UE.
La sera del 23 settembre, agenti della National Crime Agency (NCA) del Regno Unito, insieme al South East Regional Organized Crime Team, hanno condotto un’operazione nel West Sussex.
A seguito di ciò, un uomo sulla quarantina è stato arrestato. È sospettato di aver violato il Computer Misuse Act.
Ha rilasciato una dichiarazione durante l’interrogatorio ed è stato successivamente rilasciato su cauzione, con limitazioni alle sue attività in attesa delle indagini.
Paul Foster, responsabile della National Cyber Unit dell’agenzia, ha dichiarato che, sebbene l’arresto rappresenti un passo importante, l’indagine è ancora nelle sue fasi iniziali ed è prematuro trarre conclusioni definitive sulla portata e sugli autori dell’attacco.
Ha affermato che l’incidente dimostra quanto le infrastrutture critiche siano vulnerabili agli attacchi mirati. Ha sottolineato che la criminalità informatica continua ad avere un impatto globale, minacciando la sicurezza e la stabilità dei settori chiave.
Le autorità britanniche considerano questo incidente non solo come un’interruzione localizzata, ma anche come parte di un quadro più ampio in cui le minacce informatiche colpiscono i settori dei trasporti, dell’energia e della difesa.
Per Collins Aerospace, l’incidente ha rappresentato una sfida seria, poiché l’azienda fornisce servizi a decine di compagnie aeree e collabora a stretto contatto con le agenzie governative per la sicurezza aerea.
L'articolo Quattro giorni di caos negli scali europei: attacco ransomware e un sospetto arrestato proviene da il blog della sicurezza informatica.
Joe Vinegar reshared this.
manifestazione nazionale Svizzera (decenttalizzata)
Oggi manifestazione nazionale a Bellinzona, ore 14:00.
#manifestazione #palestina #Consigliofederalesvizzero #Bellinzona #dirittiumani
reshared this
Una riga di codice aggiunta e migliaia di aziende violate. Questa la magia della Supply Chain!
Gli sviluppatori hanno imparato ad avere fiducia negli strumenti che aiutano i loro assistenti AI a gestire le attività di routine, dall’invio di email all’utilizzo dei database. Ma questa fiducia si è rivelata vulnerabile: il pacchetto postmark-mcp, scaricato oltre 1.500 volte a settimana dalla versione 1.0.16, ha inoltrato silenziosamente copie di tutte le email a un server esterno di proprietà del suo autore. Corrispondenza aziendale interna, fatture, password e documenti riservati erano a rischio.
L’incidente ha dimostrato per la prima volta che i server MCP possono essere utilizzati come un vero e proprio canale per attacchi alla supply chain. I ricercatori di Koi Security hanno identificato il problema quando il loro sistema ha rilevato un improvviso cambiamento nel comportamento dei pacchetti.
Un’indagine ha rivelato che lo sviluppatore aveva aggiunto una singola riga di codice che inseriva automaticamente un indirizzo CCN nascosto e inviava tutti i messaggi a giftshop.club. Quindici release avevano precedentemente funzionato perfettamente e lo strumento era diventato parte dei flussi di lavoro di centinaia di organizzazioni.
La particolare pericolosità della situazione è sottolineata dalla natura apparentemente affidabile dell’autore: un profilo GitHub pubblico, dati reali e progetti con cronologie attive. Per mesi, gli utenti non hanno avuto motivo di dubitare della sua sicurezza. Ma l’aggiornamento ha trasformato uno strumento familiare in un meccanismo di fuga di notizie. Un classico hijacking ha giocato un ruolo chiave: npm ha aggiunto un clone del repository Postmark, aggiungendo solo una riga sull’inoltro.
L’entità del danno è difficile da stimare, ma le stime suggeriscono che centinaia di organizzazioni inviassero inconsapevolmente migliaia di email al giorno a un server esterno. Non sono stati utilizzati exploit o tecniche sofisticate: gli amministratori stessi hanno concesso pieno accesso agli assistenti di intelligenza artificiale e hanno permesso al nuovo server di funzionare senza restrizioni.
Gli strumenti MCP dispongono di autorizzazioni “god-mode”: possono inviare e-mail, connettersi a database, eseguire comandi e inviare richieste API. Tuttavia, non sono sottoposti a controlli di sicurezza o verifiche da parte dei fornitori e non sono inclusi nell’inventario delle risorse. Questi moduli rimangono invisibili alla sicurezza aziendale.
Questo incidente ha evidenziato una falla fondamentale nell’architettura MCP. A differenza dei pacchetti normali, questi sono creati specificamente per l’uso autonomo da parte di assistenti AI. Le macchine non sono in grado di riconoscere il codice dannoso: per loro, l’invio di email con un indirizzo aggiuntivo appare come un’esecuzione corretta di un comando. Pertanto, una semplice backdoor rimane inosservata e attiva finché non viene scoperta.
Gli specialisti di Koi raccomandano di rimuovere postmark-mcp versione 1.0.16 e successive, di modificare le credenziali eventualmente trasmesse via email e di controllare attentamente i log per l’inoltro a giftshop.club. Inoltre, l’azienda raccomanda di riconsiderare l’utilizzo dei server MCP in generale: senza una verifica indipendente, tali strumenti diventano un vettore di attacco primario per le aziende.
Gli indicatori di compromissione includono il pacchetto postmark-mcp versione 1.0.16 o successiva, l’indirizzo phan@giftshop[.]club e il dominio giftshop[.]club. La verifica è possibile analizzando le intestazioni delle email per individuare eventuali Ccn nascosti, verificando le configurazioni MCP e verificando le installazioni npm.
L'articolo Una riga di codice aggiunta e migliaia di aziende violate. Questa la magia della Supply Chain! proviene da il blog della sicurezza informatica.
Joe Vinegar reshared this.
UNIX for a Legacy TI
Although now mostly known as a company who cornered the market on graphing calculators while only updating them once a decade or so, there was a time when Texas Instruments was a major force in the computing world. In the late 70s and early 80s they released a line of computers called the TI-99 to compete (unsuccessfully) with various offerings from Commodore, and these machines were fairly robust for the time. They did have limited memory but offered a 16-bit CPU and plenty of peripherals, and now there’s even a UNIX-like OS that they can run.
This version of UNIX is called UNIX99 and is the brainchild of AtariAge forum member [mrvan] who originally wasn’t looking to develop a full operating system for this computer but rather a set of standard C libraries to help with other projects. Apparently the step from that to a UNIX-flavored OS wasn’t too big so this project was born. While the operating system doesn’t have a UNIX certification, it has most of the tools any of us would recognize on similar machines. The OS has support for most of the TI-99 hardware, file management, a basic user account system, and a command shell through which scripts can be written and executed.
That being said, the limitations of the hardware do come through in the operating system. There’s no multitasking, for example, and the small amount of memory is a major hurdle as well. But that’s what makes this project all the more impressive, and [mrvan] isn’t stopping here. He’s working on a few other improvements to this platform, and we look forward to seeing future releases. UNIX itself is extremely influential in the computing world, and has been used a the model for other homebrew UNIX-like operating systems on similar platforms of this era such as the Z80.
Thanks to [Stephen] for the tip!
Photo courtesy of Rama & Musée Bolo via Wikimedia Commons
The 19th Century Quantum Mechanics
While William Rowan Hamilton isn’t a household name like, say, Einstein or Hawking, he might have been. It turns out the Irish mathematician almost stumbled on quantum theory in the or around 1827. [Robyn Arianrhod] has the story in a post on The Conversation.
Famously, Newton worked out the rules for the motion of ordinary objects back in 1687. People like Euler and Lagrange kept improving on the ideas of what we call Newtonian physics. Hamilton produced an especially useful improvement by treating light rays and moving particles the same.
Sure, he was using it as an analogy. But fast forward a bit, and we find out that while light is like a wave, it is also like a particle. In 1924, de Broglie proposed that perhaps, then, matter could also be a particle or a wave. He was right, and this was the birth — or at least the conception — of what we now call quantum mechanics. This led to work from Schrödinger, Dirac, and others. Schrödinger, in particular, was intrigued with Hamilton’s analogies and joined them to de Broglie’s ideas. This led to his famous wave equation.
Hamilton did many other things, too. He was an amateur poet and developed the algebra of quaternions, although another mathematician, Benjamin Rodrigues, had written about an early version of them a few years earlier. He was also famous, or perhaps infamous, for being struck by inspiration while on a walk and carving an equation into a nearby bridge.
Active Probe Reaches 3 GHz
When you think of a scope probe, you usually think of what is basically a wire with a spring hook and an attenuator. Those are passive probes. [Kerry Wong] shows off a pre-release active probe that sidesteps some problems with those ordinary passive probes.
The trick is that passive probes have input capacitance that interferes with very high-frequency signals. They also tend to have less noise. Although the probe isn’t on the market yet, it is set to debut at a price lower than competitive probes. Still, be warned. The reason you don’t see them more often is that $1,000 is relatively inexpensive for an active probe.
Because the probe is pretty hefty, it comes with a tripod that can hold it while you use it. [Kerry] connects some probe adapters to a PCB with two square wave oscillators. Square waves are a good test waveform because they have odd-numbered harmonics that rise well above the target frequency.
The probe adapters are a little longer than you might like, which causes some ringing on the input signal. However, if you compare the results to a standard passive probe, you’ll quickly see the value of the active probe setup.
You can save some money if you roll your own, of course. Most of the ones we’ve seen don’t quite make 3 GHz, though.
youtube.com/embed/pN8wHRxeny4?…
Lug Bolzano - Meet the board-members personally !
lugbz.org/meet-the-board-membe…
Segnalato da Linux Italia e pubblicato sulla comunità Lemmy @GNU/Linux Italia
At the last meeting of the board we decided for the future: — to hold it’s traditional monthly meetings “only online” (*), but to organize additionally monthly meetings “in
Leone XIV: “viviamo tempi difficili, il male sembra sopraffare le nostre vite ma non dobbiamo perdere la speranza in un mondo migliore” - AgenSIR
“Viviamo tempi difficili. Il male sembra sopraffare le nostre vite. Le guerre mietono sempre più vittime innocenti”.Riccardo Benotti (AgenSIR)
Detecting Surveillance Cameras With The ESP32
These days, surveillance cameras are all around us, and they’re smarter than ever. In particular, many of them are running advanced algorithms to recognize faces and scan license plates, compiling ever-greater databases on the movements and lives of individuals. Flock You is a project that aims to, at the very least, catalogue this part of the surveillance state, by detecting these cameras out in the wild.
The system is most specifically set up to detect surveillance cameras from Flock Safety, though it’s worth noting a wide range of companies produce plate-reading cameras and associated surveillance systems these days. The device uses an ESP32 microcontroller to detect these devices, relying on the in-built wireless hardware to do the job. The project can be built on a Oui-Spy device from Colonel Panic, or just by using a standard Xiao ESP32 S3 if so desired. By looking at Wi-Fi probe requests and beacon frames, as well as Bluetooth advertisements, it’s possible for the device to pick up telltale transmissions from a range of these cameras, with various pattern-matching techniques and MAC addresses used to filter results in this regard. When the device finds a camera, it sounds a buzzer notifying the user of this fact.
Meanwhile, if you’re interested in just how prevalent plate-reading cameras really are, you might also find deflock.me interesting. It’s a map of ALPR camera locations all over the world, and you can submit your own findings if so desired. The techniques used by in the Flock You project are based on learnings from the DeFlock project. Meanwhile, if you want to join the surveillance state on your own terms, you can always build your own license plate reader instead!
[Thanks to Eric for the tip!]
I sindacati baschi convocano lo sciopero generale per Gaza
@Notizie dall'Italia e dal mondo
La maggior parte delle organizzazioni sindacali dei Paesi Baschi ha promosso uno sciopero generale per chiedere la rottura della Spagna con Israele e la sospensione del trattato di associazione da parte dell'Unione Europea
L'articolo I sindacati baschi convocano lo sciopero generale per Gaza
Robot Bartender Is The Life of the Party
As the old saying goes, when the only tool you have is a 6 DOF industrial robotic arm, every problem looks like an opportunity to make it serve up adult beverages. [benkokes] found himself in this familiar predicament and did what any of us would do, but his process wasn’t without a few party fouls as well as a few head-scratchers.
One of the common problems that people who suddenly find themselves with an old industrial robot have is that there’s usually no documentation or instructions. This was true here with the added hiccup of the robot’s UI being set to Chinese. Luckily no one had changed the root password, and eventually he was able to get the robot up and working.
Getting it to make drinks was a different matter altogether. [benkokes] needed a custom tool to hold the cup as well as shake it, and 3D printed a claw-style end effector with a lid. Out of his multi-colored pack of party cups, however, the orange cups were different enough in dimension to cause problems for the shaking lid which was discovered when the robot spilled a drink all over the table.
Eventually, though, the robot was successfully serving drinks at a party. One of [benkokes]’s friends happened to be a puppet maker and was able to outfit it with a tailored tuxedo for the party as well, and he also programmed it to dance in between serving drinks, completing the AI revolution we have all been hoping for. Perhaps unsurprisingly, this is a common project for people who suddenly come to posses a large general-purpose industrial robot, while others build robots specifically for this task alone.
youtube.com/embed/gczwmDvI31E?…
Ministero dell'Istruzione
#NoiSiamoLeScuole questa settimana è dedicato al Piemonte e alle Marche. I nuovi Asili nido di Lagnasco e di Castelletto Stura, nel cuneese, integreranno il ciclo di preparazione alla scuola delle Scuole dell’infanzia, sia in questi Comuni, sia in qu…Telegram
Schiacciato da un suv che parcheggia, morto un pedone - Ultima ora - Ansa.it
Un 48enne di nazionalità moldava, residente a Cavriana, è stato travolto e ucciso oggi pomeriggio in un parcheggio a Monzambano, in provincia di Mantova. (ANSA)Agenzia ANSA
Americans rallied for Kimmel. It’s time to do the same for Mario Guevara
When ABC suspended “Jimmy Kimmel Live!” last week following a shakedown from the Trump administration, celebrities, free speech advocates, and ordinary Americans voiced their outrage. They were right to sound the alarm — and it (mostly) worked. Kimmel’s back on the air.
But where is that same outrage against the government’s effort to deport Mario Guevara, an Atlanta-area journalist with a work visa who has lawfully resided in the U.S. for 20-plus years? His only “offense” is informing the public of protests against the government.
This week, a final removal order was issued against Guevara, who was arrested (with the baseless criminal charges since dropped) while livestreaming a July “No Kings” protest in Georgia. He might not have a late-night comedy show, but his right to report news is every bit as important as Kimmel’s right to tell jokes.
The stakes in Guevara’s case — both for him and for the country — are even higher than in the Kimmel fiasco that has dominated headlines. Guevara could be deported at any moment, likely to his birthplace, El Salvador, which he fled decades ago to escape political persecution.
Despite the extremely serious constitutional implications of Kimmel’s case, his worst-case scenario was moving from prime time to a podcast. There is no telling what fate might await Guevara if he’s thrown out of the country.
And if that happens, the chilling effect on journalists — particularly noncitizen ones, even those like Guevara with legal status — will be impossible to measure. After all, we only know what news we hear. We don’t know what news we don’t hear because journalists didn’t report it out of fear for their safety or freedom.
Kimmel‘s worst-case scenario was moving from prime time to a podcast. There is no telling what fate might await Guevara.
Kimmel’s professional peers — famous comedians and other celebrities — might feel relieved that Kimmel ultimately got his show back. But most journalists (or comedians, for that matter) aren’t famous and don’t have a Rolodex of Hollywood A-listers ready to come to their defense. Kimmel’s win offers them little comfort.
Independent journalists like Guevara also don’t have money for lawyers, lobbyists, or PR firms to make their case to judges, politicians, or the public (although fortunately, organizations like the ACLU, Free Press, the Committee to Protect Journalists, and others have stepped up).
Federal Communications Commission Chair Brendan Carr tried to manufacture plausible deniability in Kimmel’s case, arguing that it wasn’t his public ultimatum but pressure from local audiences that led ABC and its affiliates to pull Kimmel. That’s nonsense, but in Guevara’s case — much like the case against Rümeysa Öztürk, the Tufts University student facing removal for co-writing an op-ed critical of Israel — the government is hardly attempting to hide its agenda.
The federal government seeks to deport Guevara — despite his work visa and despite local prosecutors dropping their case against him for livestreaming in public — because, to them, his reporting makes him an “undesirable.” How did journalism, the only career protected by the Constitution, become a disfavored profession in America?
Guevara’s reporting often focused on immigration enforcement abuses. That earns him no friends in a government that considers U.S. Immigration and Customs Enforcement agents to be secret police. From seeking to punish social media users who identify ICE agents to investigating radio stations that report on ICE raids to threatening whistleblowers who undermine the official narrative, the administration has made every effort to intimidate those who speak the truth about its immigration policy.
The secrecy is by no means limited to ICE — while Kimmel’s show was in limbo and Guevara wrote letters from his cramped jail cell, the Pentagon announced it would force reporters to pledge to only report authorized information.
What this administration cannot seem to comprehend is that the First Amendment exists for the sole purpose of protecting the right to publish information the government does not want published. There would be no need for a constitutional right to publish what the government wants. Everyone loves free speech when the speaker is on their side.
Guevara is exactly who the constitution was intended to protect — and his retaliatory deportation is exactly the kind of authoritarian censorship it was intended to prevent.
Kimmel will be all right with or without ABC, and with or without you. That doesn’t mean not to protest efforts to censor him — the FCC’s antics are unconstitutional, un-American, and fully deserving of contempt. Carr should be fired and disbarred, and the corporations that caved to him should be ashamed.
But free speech is not only for celebrities. The real battles for our rights are not fought in television studios and theme parks but at protests and in citizen journalists’ home newsrooms. And these days, in detention centers and immigration courts.
Alessio reshared this.
Mobilize for Mario Guevara like you did for Jimmy Kimmel
Dear Friend of Press Freedom,
It’s now been over 100 days since journalist Mario Guevara has been imprisoned for covering a protest, and Rümeysa Öztürk has faced deportation for nearly 200 days over an op-ed the government didn’t like. Read on for why cases like these deserve as much outrage as the Federal Communications Commission’s latest attempt at silencing free speech.
Journalist facing deportation deserves same energy as Kimmel
When ABC suspended Jimmy Kimmel Live! last week following a shakedown from the Trump administration, celebrities, free speech advocates, and ordinary Americans voiced their outrage. They were right to sound the alarm — and it (mostly) worked. Kimmel’s back on the air.
But where is that same outrage against the government’s effort to deport Mario Guevara, an Atlanta-area journalist who has lawfully resided in the U.S. for 20-plus years? His only “offense” is informing the public of protests against the government, but he faces imminent deportation.
Speaking of Kimmel, our advocacy director, Seth Stern, went on the “Legal AF” podcast on the MeidasTouch network to talk about our supplement to our July attorney disciplinary complaint against FCC Chair Brendan Carr. Read more about Guevera’s case here.
How noncitizen journalists can prepare for ICE
The immediate priority is getting Guevara’s case dropped, but we also don’t want there to be any more baseless deportation cases against journalists. Many newsrooms — not to mention freelancers — have little experience dealing with immigration authorities, though. Luckily, we know people who do.
We hosted a panel discussion featuring immigration lawyers, civil rights advocates, and journalists to talk about what to do when a journalist is detained by Immigration and Customs Enforcement — and what must happen before that day ever comes. Read about it and watch it here.
Pentagon seeks to control the press
The Pentagon faced bipartisan backlash for its ridiculous policy requiring journalists to agree not to obtain or report “unauthorized” information. We called them out in The New York Times, CNN, The Intercept, and elsewhere. Stern also discussed the disturbing move on NPR’s Los Angeles affiliate, KCRW, and FPF’s Lauren Harper discussed this and other threats to press freedom on NPR’s 1A.
First, President Donald Trump tried to downplay the policy. Now, in a letter responding to an inquiry from the Reporters Committee for Freedom of the Press, officials are trying to walk it back. Unfortunately, the response offers little reassurance that the Pentagon’s intentions are anything but censorial, and doubles down on restricting routine constitutionally protected newsgathering. Read more here.
Drop charges against Cincinnati journalists
Jury trials of journalists arrested while reporting news are exceedingly rare in the United States, but the next two are coming next week unless prosecutors come to their senses.
Journalists Madeline Fening and Lucas Griffith, both of whom were arrested while covering a protest on July 17 for Cincinnati-based CityBeat, are set to be tried Sept. 30 and Oct. 2, respectively. In an unfortunate irony, the protest was in opposition to the recently dropped immigration case against Ayman Soliman, who himself fled Egypt to escape persecution for his journalism. We led a letter to prosecutors from rights organizations and local journalism professors urging them to drop the baseless charges. Read more here.
Proposed ‘safety’ bill would undermine accountability for lawmakers
FPF’s Caitlin Vogus writes for The Minnesota Star Tribune that a bill sponsored by Sens. Amy Klobuchar and Ted Cruz to protect lawmakers won’t fully stop data brokers from trafficking their personal information but will stop journalists and watchdogs from holding them accountable.
Use our action center tool to tell Congress to reject this bill.
Police records must stay public in California
A searchable public database known as the Police Records Access Project has made public for the first time more than 1.5 million pages of previously secret records about the use of force and misconduct by California police officers.
The California legislature, however, is trying to put police misconduct back under wraps. This month, it passed AB 1178, a new bill that would make it harder for the public to access these records. The bill is awaiting Gov. Gavin Newsom’s signature or veto. Read more here.
What we’re reading
Urgent ideas for defending press freedom in Gaza (Columbia Journalism School). Columbia followed up on last month’s important article in Columbia Journalism Review with a discussion about finding creative ways to help journalists in Gaza despite anti-press regimes both here and in Israel. FPF Executive Director Trevor Timm and board member and Pulitzer Prize-winning journalist Azmat Khan were both on the panel.
Israel killed 31 journalists in Yemen strike, press freedom group says (The Washington Post). It’s not just Gaza. The Committee to Protect Journalists says the strike in Yemen was “the deadliest strike on journalists in the Middle East” it has documented to date.
Letter from ICE detention facility (The Bitter Southerner). Guevara recounts the harrowing details of his detention in an Atlanta federal prison. You can also read his son’s plea for his release.
Investors rejoice over looming TikTok deal despite political concerns (Al Jazeera). Days after Trump said frequent criticism of his administration should be illegal, he is finalizing plans to steer control of TikTok to his billionaire friends. “It would be naive to think they won’t censor Trump’s critics while boosting content that pleases him,” Stern said.
It’s 2025. Do you know how secure your newsroom is? (Neiman Lab). “What’s really important is that sources know where to reach you in a way that helps them stay secure,” FPF’s Davis Erin Anderson said.
Trump signs order labeling antifa ‘domestic terrorist organization’ (The Hill). Trump’s executive orders on domestic terrorism and threats to use racketeering laws against protest movements can and will be used to threaten journalists and sources. Journalists who cover “antifa” or report on ICE must now risk being accused of terrorism.
Judge strikes down Trump’s $15 billion suit against The New York Times (The Washington Post). We’re glad a judge tossed this ridiculous lawsuit, but the attorneys behind it should have been sanctioned.
Alessio reshared this.
Alla Casa Bianca Trump ha sostituito il ritratto di Biden con la foto di un braccio meccanico che riproduce la sua firma
Si tratta dell'autopen, uno strumento utilizzato spesso dai presidenti Usa e perfettamente legale. Anche se il tycoon spesso ha puntato il dito contro il suo predecessore per l'averlo utilizzatoValentina Romagnoli (Open)
Leggete che condizioni impone Israele per i pacchi che "dovrebbero" entrare a Gaza.
Sono veramente dei demoni.
Le 300 tonnellate di cibo raccolto per Gaza sono bloccate al porto di Genova - Il Post
https://www.ilpost.it/2025/09/26/cibo-gaza-genova-bloccato/?utm_source=flipboard&utm_medium=activitypubPubblicato su News @news-ilPost
Le 300 tonnellate di cibo raccolto per Gaza sono bloccate al porto di Genova
La ong che voleva portarle via terra ha rifiutato le imposizioni di Israele, che vieta l'ingresso di prodotti con amidi e zuccheriIl Post
Poliversity - Università ricerca e giornalismo reshared this.
Un’Europa senza pilota. Il nuovo drone presentato da Helsing
@Notizie dall'Italia e dal mondo
Il percorso unmanned dell’Europa passa da “Europa”. Così si chiama infatti il nuovo drone Ca-1che l’azienda tedesca Helsing ha presentato a Tussenhausen, in Baviera, segnando il suo ingresso nel settore degli Unmanned Combat Aerial Vehicle. L’obiettivo dichiarato è coniugare autonomia strategica, intelligenza artificiale e produzione di
Hackaday Podcast Episode 339: The Vape Episode, a Flying DeLorean, and DIY Science
Hackaday Editors Elliot Williams and Tom Nardi start this week’s episode off with an update on the rapidly approaching 2025 Supercon in Pasadena, California. From there they’ll talk about the surprisingly high-tech world of vapes, a flying DeLorean several years in the making, non-contact pulse monitoring, and the potential of backyard radio telescopes to do real astronomy. You’ll hear about a dodecahedron speaker, a page turning peripheral, and 3D printed tools for unfolding boxes. They’ll wrap things up by taking a look at the latest generation of wearable smart glasses, and wonder if putting a bank of batteries in your home is really with the hassle.
Check out the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!
html5-player.libsyn.com/embed/…
Direct download in DRM-free MP3.
Where to Follow Hackaday Podcast
Places to follow Hackaday podcasts:
Episode 339 Show Notes:
News:
What’s that Sound?
- Think you know that sound? Fill out this form for a chance to win!
Interesting Hacks of the Week:
- When Low SRAM Keeps The DOOM Off Your Vape
- Full Scale Styrofoam DeLorean Finally Takes Flight
- Full-Scale Flying DeLorean Gets Closer To Liftoff
- Mega-CNC Router Carves Styrofoam Into A Full-Size Flying Delorean
- Heart Rate Measurement Via WiFi, The DIY Way
- Low-Cost, High-Gain: A Smart Electronic Eyepiece For Capturing The Cosmos
- How A Failed Video Format Spawned A New Kind Of Microscope
- Listening For The Next Wow! Signal With Low-Cost SDR
- The Wow! Signal And The Search For Extraterrestrial Intelligence
- Damage To Arecibo Leaves Gaping Hole In Astronomy
- Roofing Radio Telescope Sees The Galaxy
Quick Hacks:
- Elliot’s Picks:
- Dodecahedron Speaker Is Biblically Accurate
- Robot Balances Ball On A Plate
- This Device Is A Real Page Turner
- Tom’s Picks:
- Calculator Battery Mod Lets You Go The Distance
- For A Robot Claw, The Eyes Have It
- Mandrel Magic: Small Box Assembly With 3D Printing
Can’t-Miss Articles:
- Meta’s Ray-Ban Display Glasses And The New Glassholes
- How Regulations Are Trying To Keep Home Battery Installs Safe
hackaday.com/2025/09/26/hackad…
This week, we discuss being journalism dorks, our new lawsuit against ICE, and working on bullshit.#BehindTheBlog
Behind the Blog: Behind 404 Media's ICE Lawsuit
This is Behind the Blog, where we share our behind-the-scenes thoughts about how a few of our top stories of the week came together. This week, we discuss being journalism dorks, our new lawsuit against ICE, and working on bullshit.JASON: I’m writing this from sunny Athens, Greece, where I’ve been invited to talk about 404 Media at the IMEDD International Journalism Forum, an annual conference. Over the years, I haven’t been to too many conferences, because honestly it was always too disruptive to the day-to-day journalism and work of managing a team to be able to get away. We’re more than two years into this, but one of the nice things about having this company is that I can mostly get my work done whenever makes sense for me, whether that’s late at night in Los Angeles or early in the morning in Greece.
This post is for subscribers only
Become a member to get access to all content
Subscribe now
La Cellula Cagliari – “Il testamento biologico quale atto d’amore”
Enzo Bonesu e Monica Murgia a Cagliari – “Il testamento biologico quale atto d’amore”
In occasione dell’incontro “Il testamento come ponte tra generazioni”, Enzo Bonesu e Monica Murgia, della Cellula Coscioni Cagliari, interverranno per l’Associazione Luca Coscioni con un intervento intitolato “Il testamento biologico quale atto d’amore”, dedicato a riflettere sul significato civile, personale e affettivo delle Disposizioni Anticipate di Trattamento (DAT).
L’iniziativa è promossa con il contributo di Fideuram ed è pensata come un’occasione di dialogo a più voci sul valore del testamento in tutte le sue forme: come eredità, come espressione di volontà e come strumento di autodeterminazione.
Intervengono anche:
- Giuseppe Werther Romagno, Notaio
- Francesca Frau e Gianbattista Cossu, Consulenti Patrimoniali Fideuram
A seguire, aperitivo e dibattito.
L'articolo La Cellula Cagliari – “Il testamento biologico quale atto d’amore” proviene da Associazione Luca Coscioni.
Rhadamanthys Stealer: introduce una funzione AI per estrarre seed phrase dalle immagini
Rhadamanthys è uno stealer di informazioni avanzato comparso per la prima volta nel 2022. Caratterizzato da un ciclo di sviluppo rapido — con almeno dieci rilascio diversi dall’esordio — il malware viene promosso e commercializzato nei forum sotterranei.
Nonostante il divieto imposto per il suo uso contro soggetti russi e/o di ex repubbliche sovietiche, il prodotto è ancora disponibile sul mercato clandestino; il prezzo parte da 250 dollari per 30 giorni di accesso, cifra che ne favorisce la diffusione tra i criminali informatici.
Funzionalità e tecniche di evasione
Rhadamanthys è progettato per raccogliere una vasta gamma di dati: informazioni di sistema, credenziali, wallet di criptovalute, password memorizzate nei browser, cookie e dati provenienti da numerose applicazioni. Integra numerose contromisure anti-analisi che complicano l’osservazione del codice e ne ostacolano l’esecuzione in ambienti sandbox.
Insikt Group di Recorded Future, ha acquisito e analizzato l’ultima release, la 0.7.0, evidenziando diverse novità. L’innovazione più significativa riguarda l’uso dell’intelligenza artificiale: tramite riconoscimento ottico dei caratteri (OCR), Rhadamanthys è ora in grado di individuare e estrarre automaticamente le “seed phrase” dei portafogli di criptovalute presenti in immagini. La funzione è suddivisa in componenti client e server: il client individua potenziali immagini contenenti seed phrase e, una volta esfiltrate al server di comando e controllo, il back-end esegue l’estrazione completa.
Tra le altre aggiunte, la versione 0.7.0 consente agli attori di minaccia di eseguire e installare pacchetti Microsoft Installer (MSI), un vettore che può eludere i controlli di sicurezza tradizionali perché i file MSI sono spesso associati a installazioni legittime. Inoltre, lo sviluppatore ha reso più resistente e “tamper-proof” la funzione che impedisce la riesecuzione del malware entro un intervallo di tempo configurabile, aggiornandola con meccanismi di cifratura e hashing.
Diffusione, autore e canali di vendita
Il malware è popolare nella comunità criminale; la sua rapida evoluzione e le funzionalità emergenti ne fanno una minaccia concreta per le organizzazioni. Il principale sviluppatore, noto con lo pseudonimo “kingcrete2022”, è stato bannato sia su XSS sia su Exploit Forums a causa delle accuse relative all’indirizzare soggetti russi e/o di ex repubbliche dell’URSS. Nonostante i divieti, l’autore continua a pubblicizzare nuove versioni attraverso messaggistica privata su TOX, Telegram e Jabber.
Nel rapporto di Insikt Group sono indicate strategie di mitigazione che le organizzazioni dovrebbero adottare. Sono inoltre disponibili rilevazioni per individuare Rhadamanthys e, come misura preventiva, è stato descritto un “killswitch” basato sull’impostazione di mutex noti sui sistemi non infetti per bloccarne l’esecuzione e proteggere macchine a rischio.
Rischi operativi
Gli infostealer rappresentano un pericolo significativo per la sicurezza aziendale: la pratica diffusa del riutilizzo delle password facilita l’escalation dall’ambito personale a quello professionale. Credenziali sottratte da account privati — ad esempio da un social network — possono consentire l’accesso non autorizzato a account lavorativi, soprattutto quando indirizzi e-mail professionali sono facilmente reperibili su piattaforme di networking. Inoltre, l’uso promiscuo di dispositivi per attività personali e professionali aumenta il rischio di infezione: l’apertura di link malevoli o la navigazione su siti compromessi da parte di dipendenti o familiari può esporre credenziali aziendali.
Per questi motivi il rapporto sottolinea l’importanza di politiche di password robuste, formazione continua del personale su pratiche di navigazione sicura e controlli di accesso rigorosi per ridurre l’impatto degli infostealer.
Questo articolo si basa su informazioni, integralmente o parzialmente tratte dalla piattaforma di intelligence di Recorded Future, partner strategico di Red Hot Cyber e punto di riferimento globale nell’intelligence sulle minacce informatiche. La piattaforma fornisce analisi avanzate utili a individuare e contrastare attività malevole nel cyberspazio.
L'articolo Rhadamanthys Stealer: introduce una funzione AI per estrarre seed phrase dalle immagini proviene da il blog della sicurezza informatica.
Set Phone to… Hyperspectral
While our eyes are miraculous little devices, they aren’t very sensitive outside of the normal old red, green, and blue spectra. The camera in your phone is far more sensitive, and scientists want to use those sensors in place of expensive hyperspectral ones. Researchers at Purdue have a cunning plan: use a calibration card.
The idea is to take a snap of the special card and use it to understand the camera’s exact response to different colors in the current lighting conditions. Once calibrated to the card, they can detect differences as small as 1.6 nanometers in light wavelengths. That’s on par with commercial hyperspectral sensors, according to the post.
You may wonder why you would care. Sensors like this are useful for medical diagnostic equipment, analysis of artwork, monitoring air quality, and more. Apparently, high-end whisky has a distinctive color profile, so you can now use your phone to tell if you are getting the cheap stuff or not.
We also imagine you might find a use for this in phone-based spectrometers. There is plenty to see in the hyperspectral world.
A Firenze un incontro con Claudia Moretti e Piero Cipriano per l’Associazione Luca Coscioni a Firenze – “La salute mentale è politica”
Claudia Moretti per l’Associazione Luca Coscioni a Firenze – “La salute mentale è politica”
In occasione della Giornata mondiale della salute mentale, la Cellula Coscioni di Firenze parteciperà all’incontro di presentazione del libro “La salute mentale è politica” di Piero Cipriano, psichiatra, psicoterapeuta e autore.
Con l’autore, interverranno:
- Rocco Canosa, psichiatra ed ex presidente di Psichiatria Democratica
- Claudia Moretti, avvocata e membro del Consiglio Generale dell’Associazione Luca Coscioni, che modererà l’incontro
L’evento è organizzato in collaborazione con Cirkoloco, Libreria Malaparte, Casa del Popolo di San Niccolò, e Bottega del Tempo.
Un’occasione per riflettere su diritti, approcci terapeutici e dimensione politica della salute mentale, a partire da esperienze professionali e visioni critiche sul sistema attuale.
L'articolo A Firenze un incontro con Claudia Moretti e Piero Cipriano per l’Associazione Luca Coscioni a Firenze – “La salute mentale è politica” proviene da Associazione Luca Coscioni.
🎻 “Uto Ughi per i Giovani”, ieri presso il Duomo di Milano si è svolta la terza tappa del...
🎻 “Uto Ughi per i Giovani”, ieri presso il Duomo di Milano si è svolta la terza tappa del progetto!
L’iniziativa, volta a sensibilizzare e coinvolgere studentesse e studenti all'ascolto e alla conoscenza della musica classica e dell'arte, ha visto la…
Ministero dell'Istruzione
🎻 “Uto Ughi per i Giovani”, ieri presso il Duomo di Milano si è svolta la terza tappa del progetto! L’iniziativa, volta a sensibilizzare e coinvolgere studentesse e studenti all'ascolto e alla conoscenza della musica classica e dell'arte, ha visto la…Telegram
Tg del 26 settembre 2025
Conduzione: Elisa Ortuso Coordinamento: Irene Di Castelnuovo Ticker: Enza Savarese e Giacomo Basile Collegamento: Sofia Silveri Digiwall: Alessio Corsaro In redazione: Roberto Abela, Marco Bertolini, Vincenzo Cimmino, Tommaso Di Caprio,…
L'articolo Tg del 26 settembre 2025 su Lumsanews.
Roma, l’assedio dei venditori abusivi
Servizio di Tommaso Di Caprio e Flavia Falduto
L'articolo Roma, l’assedio dei venditori abusivi su Lumsanews.
Giubileo, bilancio in positivo per il maxi piano sicurezza
Servizio di Antonio Fera ed Elisabetta Guglielmi
L'articolo Giubileo, bilancio in positivo per il maxi piano sicurezza su Lumsanews.
Il Master Lumsa vince il premio Bisceglia per il sociale
[quote]ROMA – Il 25 settembre si è tenuta la IX edizione del Premio giornalistico Alessandra Bisceglia per la Comunicazione sociale. Si classifica al primo posto della sezione allievi di Master…
L'articolo Il Master Lumsa vince il premio Bisceglia lumsanews.it/il-master-lumsa-v…
The sudden reduction in the Chandler wobble, a deviation between Earth’s axis and crust, may primarily originate in a powerful La Niña event, reports a new study.#TheAbstract
Earth Was Mysteriously Thrown Off-Kilter In 2015. Now, Scientists Think They Know Why.
🌘
Subscribe to 404 Media to get The Abstract, our newsletter about the most exciting and mind-boggling science news and studies of the week.Have you noticed anything out of whack about Earth since 2015? I’m speaking, of course, about how our planet’s wobble started shrinking that year, a mysterious shift that scientists have been puzzling over ever since.
Now, researchers think they might have an explanation for the sudden decrease in the Chandler wobble (CW), a deviation in Earth's rotational axis relative to its crust that causes a drift of about 20 feet over a cycle of roughly 14 months. The recent off-kilter wobble, known as the CW reduction event, may have been largely sparked by “mass anomalies” after the La Niña of 2010–2011, according to a new study published in Geophysical Research Letters.
That particular La Niña event was one of the strongest on record and it was “followed by significant ocean mass loss due to changed precipitation and evaporation patterns, providing a possible cause of the CW reduction event,” reports the study.
“Polar motion, like the Chandler wobble, reflects changes in Earth’s overall angular momentum,” said study authors Taehwan Jeon and Ki-Weon Seo, a geophysicist and associate professor at Seoul National University, respectively, in a joint email to 404 Media. “Changes in regional mass, and velocity fields of ocean currents and winds can affect the wobble’s amplitude. Because the wobble sums up effects from all over the globe, it is usually hard to tell exactly which region contributed how much.”
“Still, given the scale of the phenomenon, it makes sense that global climate events such as ENSO (El Niño Southern Oscillation) have a stronger influence than small local changes,” the pair continued. “Not every El Niño or La Niña does this, but as our study shows, the 2010-2011 La Niña produced an unusually strong anomaly when viewed from the perspective of Earth’s polar motion.”
The Chandler wobble is one of many wandering deviations between the axis and crust; for instance, we recently covered the effect of impounded dam water on Earth’s rotation. The wobble has also increased and decreased many times in the past in response to shifting global mass distributions, so the latest anomaly isn’t unprecedented.
Still, scientists are curious what might be driving the recent CW reduction, which reached its peak intensity between 2015 and 2020. To approach this mystery, Jeon, Seo, and their colleagues broke the wobble up into two components: the forced wobble and the free wobble.
“The Chandler wobble is actually a two-dimensional pendulum-like motion, but for simplicity it can be compared to a one-dimensional swing,” explained Jeon and Seo. “If you let a swing move without pushing it, it will eventually slow down and stop. That ‘natural’ motion without any external force is what we call the ‘free wobble.’”
“Now imagine giving the swing a push at just the right timing,” they continued. “The swing will keep moving. Depending on how you push, its amplitude can increase or decrease. On Earth, all moving masses (such as air, oceans and water on land) act like those pushes. The part of the wobble driven by these pushes is called the ‘forced wobble.’”
Because the Chandler wobble is the sum of these two parts, the reduction is caused by the free and forced phases cancelling each other out, according to the team’s models. In other words, the study showed that the strong 2010-2011 La Niña event drove the forced wobble out of phase, allowing it to interfere with the free wobble and reduce the overall CW amplitude.
Jeon and Seo said their results “were partly expected and partly surprising.” On the one hand, they noted that oscillations naturally decay over time, so they were expecting to see only recent changes reflected in the Chandler wobble, with ENSO events of the past few decades playing an outsized role in those shifts.
“What surprised us was that not every ENSO event seems to matter, and in particular, the 2010-2011 La Niña turned out to be the strongest contributor,” the pair said. “That was not something we had fully predicted before doing the analysis.”
With that in mind, it’s possible that the Chandler wobble will continue to go haywire in the coming decades, as ENSO events are being amplified by human-driven climate change.
“Large-scale and systematic shifts in Earth’s mass and motion can strongly affect the Chandler wobble, especially when they show a cycle close to the Chandler period (about 433 days), which can resonate more strongly,” Jeon and Seo said.
In particular, the pair pointed to how much ENSO events can disrupt rainfall patterns, which ended up being a main factor in how the 2010–2011 La Niña anomalies impacted on the CW reduction. Changes in global ice mass, however, have more influence over the long-term drift of Earth’s rotation axis, and don’t influence the short-term Chandler wobble as much.
“Since 2010-2011, mass and velocity field changes have continued around the globe, and separating their individual effects remains very challenging,” Jeon and Seo said. “Still, because the Chandler wobble’s amplitude has been increasing again since late 2020, we expect that it may soon return to levels comparable to those observed before 2010.”
“Although the amplitude drop during 2015-2020 was unusual, there were also earlier periods when the Chandler wobble was decreased or increased in amplitude,” the pair concluded. “We suspect that major ENSO events may have played a similar role during those times as well. A next step would be to investigate the broader patterns—what kinds of ENSO events tend to leave a mark on Earth’s polar motion, and what features make them most influential.”
🌘
Subscribe to 404 Media to get The Abstract, our newsletter about the most exciting and mind-boggling science news and studies of the week.Has climate change already affected ENSO?
The swings between El Niño and La Niña have been bigger in recent decades than earlier ones. Our guest blogger covers new research pointing the finger at human-caused climate change.NOAA Climate.gov
Cooperazione, Gcap, filiera produttiva. Quali prospettive per il futuro dell’Aereonautica
@Notizie dall'Italia e dal mondo
I caccia di sesta generazione e l’evoluzione dei motori aeronautici rappresentano una sfida cruciale per difesa, industria e ricerca. In questo contesto si è tenuto all’Istituto affari internazionali un incontro in cui è stato presentato uno studio sulle nuove frontiere della propulsione