I ricercatori hanno scoperto un nuovo malware chiamato Cyclops, probabilmente sviluppato dal gruppo Charming Kitten (APT 35). Questo software è apparso per la prima volta nel dicembre 2023 e ha iniziato ad essere utilizzato contro obiettivi in ​​Medio Oriente nel 2024.

Cyclops consente agli aggressori di eseguire comandi sui dispositivi infetti e di penetrare nelle reti per ulteriori attacchi. Il malware viene gestito tramite un’API REST HTTP, a cui è possibile accedere tramite un tunnel SSH.

Sulla base dei dati, Cyclops è stato creato per sostituire il malware BellaCiao. Ciò è confermato dalla somiglianza dei metodi di lavoro e degli obiettivi di entrambi i programmi. Le funzionalità principali di Cyclops includono l’esecuzione di comandi arbitrari, la manipolazione del file system e l’utilizzo di un dispositivo infetto per propagare un attacco all’interno di una rete.

Finora sono stati rilevati solo pochi casi di questo malware, il che indica la sua recente comparsa e forse una distribuzione limitata. Cyclops è stato probabilmente utilizzato per attaccare organizzazioni operanti in Libano e Afghanistan.

Si segnala che lo sviluppo di Cyclops è terminato a dicembre 2023, poco dopo la cessazione dell’utilizzo di BellaCiao. Ciò indica una connessione diretta tra questi due malware e i loro autori.

I ricercatori ritengono che Cyclops possa rappresentare una nuova fase nelle attività di Charming Kitten, nota per i suoi attacchi contro vari obiettivi, compresi i tentativi di interferire nelle elezioni statunitensi. L’analisi di Cyclops e della sua infrastruttura aiuta a comprendere meglio le azioni di questo gruppo e a contrastare le sue nuove minacce.

L'articolo Gli hacker Iraniani pronti a colpire con il malware Cyclops proviene da il blog della sicurezza informatica.

Ian from Dangerous Prototypes demonstrating the RP2350-E9 issue in a Bus Pirate prototype without pull-ups.
There’s currently a significant amount of confusion around the full extent of the GPIO hardware issue in the Raspberry Pi RP2350 microcontroller, with [Ian] over at [Dangerous Prototypes] of Bus Pirate fame mentioning that deliveries of the RP2350-based Bus Pirate 5XL and 6 have been put on hold while the issue is further being investigated. Recorded in the RP2350 datasheet as erratum RP2350-E9, it was originally reported as only being related to the use of internal pull-downs, but [Ian] has since demonstrated in the primary issue ticket on GitHub that the same soft latching behavior on GPIO pins occurs also without pull-downs enabled.

When we first reported on this hardware bug in the RP2350’s A2 (and likely preceding) stepping there was still a lot of confusion about what this issue meant, but so far we have seen the Bus Pirate delay and projects like [Agustín Gimenez Bernad]’s LogicAnalyzer have opted for taking the RP2350 port out back. There are also indications that the ADC and PIO peripherals are affected by this issue, with workarounds only partially able to circumvent the hardware issue.

In the case of the Bus Pirate a potential workaround is the addition of 4.7 kOhm external pull-downs, but at the cost of 0.7 mA continuous load on the GPIO when pulled high and part of that when pulled low. Although a final solution for Bus Pirate is still being investigated, this kind of ugly hardware hack might at least save existing boards. It also shows the lengths that hardware developers who seek to use this MCU have to go to to make it work.

Meanwhile there are lively discussions about the issue on the Raspberry Pi forums, both on the E9 erratum as well as the question of when there will be a new stepping. The official statement by Raspberry Pi is still that ‘they are investigating’. Presumably there will be a Bx stepping at some point, but for now it is clear that the RP2350’s A2 stepping is probably best avoided.

hackaday.com/2024/09/04/the-wo…

This week Jonathan Bennett chats with Lori Lorusso and Steve Hoffman, the Head of Community and SVP of engineering at Percona, the open source database experts.

• percona.com/

youtube.com/embed/tGbOt9HkQhA?…

Did you know you can watch the live recording of the show Right on our YouTube Channel? Have someone you’d like us to interview? Let us know, or contact the guest and have them contact us! Take a look at the schedule here.

play.libsyn.com/embed/episode/…

Direct Download in DRM-free MP3.

If you’d rather read along, here’s the transcript for this week’s episode.

Places to follow the FLOSS Weekly Podcast:

• Spotify
• RSS

hackaday.com/2024/09/04/floss-…

While some byproducts recall an idyllic piece of Americana, others remind us that the past is not always so bright and cheerful. Trinitite, created unintentionally during the development of the first atomic bomb, is arguably one of these byproducts.
A Trinitite pendant. Image via Galactic Stone
Whereas Fordite kept growing back for decades, all Trinitite comes from a single event — the Trinity nuclear bomb test near Alamogordo, New Mexico on July 16, 1945. Also called ‘atomsite’ and ‘Alamogordo glass’, ‘Trinitite’ is the name that stuck.

There wasn’t much interest in the man-made mineral initially, but people began to take notice (and souvenirs) after the war ended. And yes, they made jewelry out of it.

Although there is still Trinitite at the site today, most of it was bulldozed over by the US Atomic Energy Commission in 1953, who weren’t too keen on the public sniffing around.

There was also a law passed that made it illegal to collect samples from the area, although it is still legal to trade Trinitite that was already on the market. As you might expect, Trinitite is rare, but it’s still out there today, and can even be bought from reputable sources such as United Nuclear.

The Formation Event

On that fateful day, the plutonium bomb nicknamed “Gadget” was strapped to a 100-foot tower atop a bed of sandy soil. The detonation left a crater half a mile across and eight feet deep of radioactive glass.
The Trinity blast. Public domain via Wikimedia Commons
While at first it was assumed that the sand that became Trinitite melted at ground level, it has somewhat recently been theorized that the sand was sucked up into the fireball, liquefied, then rained down to form a sheet of glass of varying thickness, composition, and topology.

It’s estimated that the glass was formed by 4,300 gigajoules of heat energy, and the sand was exposed to a minimum temperature of 1,470 °C (2,680 °F) and super-heated for two or three seconds before solidifying into Trinitite.

In September 1945, Time magazine reported that the site looked like “a lake of green jade”, with the glass taking strange shapes, like those of “lopsided marbles… broken, thin-walled bubbles, green, worm-like forms.” The marbles suggest that some material solidified in the air on the way down.

Not all Trinitite is bottle-green, although most of it is. Some red Trinitite was discovered in one part of the site, and there are rare black pieces that are thought to contain iron. It’s been theorized that green Trinitite gets its color from the material in the support tower, while red specimens include copper from the electrical wiring.

A Unique Composition

A stack of Trinitite. Image via the University of New Mexico
Geologically speaking, Trinitite is made up of a chaotic mixture that varies both its structure and composition. A typical sample has been described as 1 to 3 cm thick, with a smooth side and a rough side from landing in a molten state on the desert floor. The upper surface is usually sprinkled with dust, while the bottom is thicker and grades into the soil it came from. Far from completely solid, it is estimated that around 30% of Trinitite is void space, and usually has cracks.

Optically, there are two forms of Trinitite with different refraction indices — the lower-index type is mostly silicon dioxide, while the higher-index glass has mixed components. Although deemed safe to handle, Trinitite is measurably radioactive. The level of radioactivity fluctuates based on the size of the specimen and its distance from ground zero.

The First of Many Atomsites, Unfortunately

As you might imagine, glassy residues remain wherever nuclear weapons detonate at or near ground level. Some scientists prefer to call all other glasses ‘atomsite’, although plenty of site- and creator-specific names have been given to the byproducts of other detonations. It was discovered in 2016 that, following the bombing of Hiroshima, between 0.6% and 2.5% of the sand on local beaches consisted of fused glass spheres that had formed. It has been called Hiroshimaite.

Trinitite is known as a melt glass or glass melt, which basically means that the silica from the ground bonded with surrounding minerals originating from both the tower and the bomb itself. While this formation process is a man-made one, there are similar natural processes that produce glassy byproducts. Stay tuned!

hackaday.com/2024/09/04/boss-b…

Resistance to the Hungarian presidency's approach to the EU's draft law to combat online child sexual abuse material (CSAM) was still palpable during a member states' meeting on Wednesday (4 September).

euractiv.com/section/law-enfor…

!Programmer Humor
Hi, this is a question that popped into my mind when i saw an article about some AWS engineer talking about ai assistants taking over the job of programmers, this reminded me that it's not the first time that something like this was said.

My software engineering teacher once told me that a few years ago people believed graphical tools like enterprise architect would make it so that a single engineer could just draw a pretty UML diagram and generate 90% of the project without touching any code,
And further back COBOL was supposed to replace programmers by letting accountants write their own programs.

Now i'm curious, were there many other technologies that were supposedly going to replace programmers that you remember?

i hope someone that's been around much more than me knows something more or has some funny stories to share