Qual è stata l’incidenza di attacchi e incidenti informatici nel corso del mese di luglio? I cyber criminali sono andati in vacanza o hanno approfittato del momento particolare per incrementare le proprie azioni? A rispondere a queste domande ci pensa l’Agenzia per la Cybersicurezza Nazionale e, nello specifico, il CSIRT, la sua articolazione tecnico-operativa che, […]
Continua a leggere

The post Sole, mare e malware: l’estate della cybersecurity appeared first on InsideOver.

Monorails aren’t just the core reason why The Simpsons remains on air after thirty-six seasons, twenty-six of which are unredeemable garbage. They’re also an interesting example of oddball rail travel which has never really caught on beyond the odd gadgetbahn project here and there. [Hyperspace Pirate] recently decided to investigate the most interesting kind of monorail of all—the gyro stabilized type—on a small scale for our viewing pleasure.

The idea of a gyro-stabilized monorail is to use active stability systems to allow a train to balance on a single very thin rail. The benefits of this are questionable; one ends up with an incredibly expensive and complex rail vehicle that must always run perfectly or else it will tip over. However, it is charming to watch in action.

[Hyperspace Pirate] explains how the monorail vehicle uses control moment gyroscopes to keep itself upright. The video also explains the more common concept of reaction wheels so the two systems can be contrasted and compared. It all culminates in a wonderful practical demonstration with a small 3D-printed version of a 20th-century gyro monorail running on a 24″ track.

If you’re studying mechanical engineering this is a great project to pore over to see theoretical principles put into obvious practice. Video after the break.

youtube.com/embed/OpyLmIjZaxY?…

hackaday.com/2024/08/27/buildi…

One of our favorite parts of Hackaday Supercon is seeing all the incredible badge add-ons folks put together. These expansions are made all the more impressive by the fact that they had to design their hardware without any physical access to the badge, and with only a few weeks’ notice. Even under ideal conditions, that’s not a lot of time to get PCBs made, 3D print parts, or write code. If only there was some standard for badge expansions that could speed this process up…
The SAO Wall at Supercon 2023
But there is! The Simple Add-On (SAO) standard has been supported by the Supercon badges since 2019, and the 2×3 pin connector has also popped up on badges from various other hacker events such as HOPE and DEF CON. There’s only one problem — to date, the majority of SAOs have been simply decorative, consisting of little more than LEDs connected to the power pins.

This year, we’re looking to redefine what an SAO can be with the Supercon Add-On Contest. Don’t worry, we’re not changing anything about the existing standard — the pinout and connector remains the same. We simply want to challenge hackers and makers to think bigger and bolder.

Thanks to the I2C interface in the SAO header, add-ons can not only communicate with the badge, but with each other as well. We want you to put that capability to use by creating functional SAOs: sensors, displays, buttons, switches, rotary encoders, radios, we want to see it all! Just make sure you submit your six-pin masterpiece to us by the October 15th deadline.

Best of the Best

What’s in it for the winners? Why, nothing short of Hackaday immortality: we’ll put the top SAOs into production and distribute them to each attendee at Hackaday Europe in 2025. Because we actually have to get these things made, entries will have to meet all of the manufacturing requirements outlined on the Hackaday.io page Contest page to qualify.

In addition to a single Best Overall winner, we’ll be picking a top entry for each of the following categories:

• Functional: This challenge is about pushing the envelope for SAOs, so for this category we’ll be looking for the most capable add-on.
• Fine Art: We’ve seen some absolutely gorgeous SAOs over the years, so even though we’re largely pushing for function over form this year, we still want to acknowledge the incredible artistry that goes into them.
• Fun: It’s not all about business. SAOs are often a bit tongue in cheek, with many referencing online memes or parts of hacker culture. If you want to win in this category, you’ll need to lighten up a bit.

Honorable Mention

We know this community too well to believe you’ll all stick to the predefined categories, so as usual in our contests, we’ll be keeping an eye out for entries that best exemplify the following Honorable Mention categories.

• Coolest Toys: We’re suckers for interesting parts, so the SAO selected for this category will be the one with the most unique or impressive electronic components onboard.
• Light Show: We want to challenge the idea that SAOs are just for blinking LEDs, so naturally, at least one of you is going to go against the grain and add as many LEDs as possible.
• Most Ambitious: Sometimes, it’s the thought that counts. Whether or not the final product worked as expected, the SAO selected for this category will be the one that took the biggest swing.
• Best Communication: Getting SAOs to talk to the badge and each other is what this contest is really all about, so we’re looking for the one example that really ran with the concept.
• Least Manufacturable: SAOs often employ design or assembly hacks (like mounting LEDs upside-down) that don’t scale well. In this category we’re looking for hand-crafted masterpieces. To quote Hunter S. Thompson, “A high-powered mutant of some kind never even considered for mass production.”

A Little Inspiration

There’s no shortage of gorgeous SAOs out there already, just search Hackaday.io or Tindie, and you’ll come up with dozens of badge add-ons that you didn’t even know you needed until right now. But as for examples of functional SAOs that do more than just blink LEDs…that’s quite a bit harder. We weren’t joking when we said they’ve been quite rare so far.

But we can point you towards a couple resources that should help you get started. Our own [Arya Voronova] wrote up her tale of creating a Jolly Wrencher SAO back in 2022 that goes over the basics, and we’d also recommend taking a look at her ongoing “I2C for Hackers” series of articles if you need to brush up on the communication side of things. If you need some pointers on the artistic front, you can’t go wrong following in the footsteps of [TwinkleTwinkie]. His Supercon 2019 talk PCB Art is Pain is a fantastic look at pushing the envelope of PCB design and production, and his Hackaday.io post about backlighting board art is required reading around these parts.

L’aeroporto internazionale di Seattle-Tacoma (SEA-TAC) sta subendo gravi interruzioni del sistema IT causate da un possibile attacco informatico. L’incidente, iniziato il 24 agosto, ha causato ritardi nei voli e problemi con il check-in dei passeggeri, complicando seriamente le operazioni nel più grande aeroporto della regione.

Il 24 agosto, è stato riferito che le reti dell’agenzia, compresi i sistemi aeroportuali SEA, avevano subito un’interruzione. Gli esperti hanno suggerito che il fallimento sia stato causato da un attacco informatico. I sistemi critici sono stati isolati per prevenire ulteriori problemi. I rappresentanti dell’aeroporto hanno riportato che al momento non è possibile definire quando sarà ripristinato il normale funzionamento, anche se i lavori per riportare i sistemi al normale funzionamento continuano.

I passeggeri sono pregati di essere preparati ai ritardi e di controllare le informazioni del volo sui siti web delle compagnie aeree. Il sito web ufficiale dell’aeroporto non è disponibile e i terminali per il check-in sono temporaneamente fuori servizio.

Si consiglia ai passeggeri di effettuare il check-in per i voli tramite le applicazioni della compagnia aerea e di tenere conto anche del tempo aggiuntivo impiegato per arrivare in aeroporto e svolgere tutte le procedure.

Nonostante i problemi con i sistemi informatici, i voli non sono stati cancellati, ma molti passeggeri segnalano ritardi di diverse ore. Particolari difficoltà sono sorte con il sistema di smistamento dei bagagli, come ha comunicato Alaska Airlines. Si consiglia vivamente ai passeggeri di limitarsi al bagaglio a mano ove possibile ed evitare di registrare il bagaglio per ridurre al minimo possibili ritardi.

Ad oggi nessun gruppo di hacker noto ha rivendicato la responsabilità dell’attacco. L’FBI ha detto ai media che è a conoscenza della situazione e sta lavorando con i partner per chiarire tutte le circostanze dell’incidente, ma non sono state ancora fornite ulteriori informazioni.

Essendo il principale aeroporto internazionale di Seattle e il più trafficato del Pacifico nordoccidentale, SEA-TAC ha servito quasi 51 milioni di passeggeri nel 2023. L’aeroporto è un hub chiave per Alaska Airlines e Delta Air Lines, che serve 91 destinazioni nazionali e 28 internazionali.

L'articolo Caos a Seattle: Un Attacco Informatico Paralizza l’Aeroporto SEA-TAC proviene da il blog della sicurezza informatica.

Telegram chiaramente non riesce a soddisfare questa definizione più forte per un semplice motivo: non crittografa end-to-end le conversazioni di default. Se vuoi usare la crittografia end-to-end in Telegram, devi attivare manualmente una funzionalità di crittografia end-to-end opzionale chiamata "Chat segrete" per ogni singola conversazione privata che vuoi avere.

Qui l'articolo completo di Matthew Green sul blog Cryptography Engineering

In June 2024, we discovered a macOS version of the HZ Rat backdoor targeting users of the enterprise messenger DingTalk and the social network and messaging platform WeChat. The samples we found almost exactly replicate the functionality of the Windows version of the backdoor and differ only in the payload, which is received in the form of shell scripts from the attackers’ server. We noticed that some versions of the backdoor use local IP addresses to connect to C2, which led us to believe the threat may be targeted. This also points to an intention to exploit the backdoor for lateral movement through the victim’s network.

First detected by DCSO researchers in November 2022, HZ Rat initially targeted Windows systems and received commands in the form of PowerShell scripts.

Technical details

Despite not knowing the malware’s original distribution point, we managed to find an installation package for one of the backdoor samples. The file is named
OpenVPNConnect.pkg:

OpenVPNConnect.pkg on VirusTotal

It was uploaded to VirusTotal in July 2023 and, at the time of research, wasn’t detected by any vendor, like other backdoor samples. The installer takes the form of a wrapper for the legitimate “OpenVPN Connect” application, while the
MacOS package directory contains two files in addition to the original client: exe and init.

Structure of the malicious installation package

The system determines which file to run when the application is opened using the
Info.plist configuration file. The first one to be launched is the exe file – a shell script that runs the init file, then launches the OpenVPN application:

Contents of the “exe” file

The
init file is the actual backdoor. When launched, it establishes a connection to C2 based on the list of IP addresses specified in the backdoor itself. In most cases, the samples used port 8081 for connection. Additionally, we found backdoor samples using private IP addresses to connect to C2.

C2 IP addresses in the backdoor code

All communication with C2 is encrypted using XOR with the key 0x42. To initialize a session, the backdoor sends a random four-byte value, labeled
cookie in the code. Each message has the following structure:

1. Message code (1 byte);
2. Message length (4 bytes);
3. Message text, where the first 4 bytes contain the data size.

The executable file is written in C++ and contains debugging information, making it easy to identify:

Trojan class with malicious payload

The backdoor supports only four basic commands:

As part of our investigation, we obtained shell commands from the C2 server used to collect the following data about the victim:

• System Integrity Protection (SIP) status;
• System and device information, including:
  
  • Local IP address;
  • Information about Bluetooth devices;
  • Information about available Wi-Fi networks, available wireless network adapters and the network the device is connected to;
  • Hardware specifications;
  • Data storage information;

  
  

• List of applications;
• User information from WeChat;
• User and organization information from DingTalk;
• Username/website value pairs from Google Password Manager.

Getting data from WeChat

The malware attempts to obtain the victim’s WeChatID, email and phone number from WeChat. This data is stored in plain text in the
userinfo.data file.
As for DingTalk, attackers are interested in more detailed victim data:

• Name of the organization and department where the user works;
• Username;
• Corporate email address;
• Phone number.

The script tries to get this data from the
orgEmployeeModel file. If this file is missing, the malware searches for the user’s phone number and email in the sAlimailLoginEmail file. If it fails again, it attempts to find the user’s email in one of the DingTalk cache files named <date>.holmes.mapping. These files are also not encrypted and store data in plain text.

Getting data from DingTalk

Infrastructure

At the time of the study, four control servers were active and returning malicious commands. In some cases, as mentioned, among the specified IP addresses there were private ones as well. Such samples were likely used to control a victim’s device with a previously infected computer within their local network that was used as a proxy to redirect the connection to the C2 server. Typically, this helps to hide the presence of malware on the network, since only the device with the proxy will communicate with C2.

Some of the detected IP addresses have already been seen in malware attacks targeting Windows devices. Their appearance dates back to 2022, with one of the addresses showing up in HZ Rat attacks of that time.

Almost all of the C2 servers we found are sited in China. The exceptions are two addresses located in the US and the Netherlands.

We also found that the installation package mentioned above, according to VirusTotal, was previously downloaded from a domain belonging to MiHoYo, a Chinese video game developer:
hxxp://vpn.mihoyo[.]com/uploads/OpenVPNConnect.zip.
It is not yet known for sure how this file got to the legitimate domain and whether the company was hacked.

Conclusion

The macOS version of HZ Rat we found shows that the threat actors behind the previous attacks are still active. During the investigation, the malware was only collecting user data, but it could later be used to move laterally across the victim’s network, as suggested by the presence of private IP addresses in some samples. The collected data about victims’ companies and contact information could be used to spy on people of interest and lay the groundwork for future attacks. Also noteworthy is the fact that at the time of the study we had not encountered the use of two of the backdoor commands (write file to disk and send file to server), so the full scope of the attackers’ intentions remains unclear.

Indicators of compromise

MD5 file hashes
Backdoor
0c3201d0743c63075b18023bb8071e73 – Mach-O 64-bit x86_64 executable
6cc838049ece4fcb36386b7a3032171f – Mach-O 64-bit x86_64 executable
6d478c7f94d95981eb4b6508844050a6 – Mach-O 64-bit x86_64 executable
7a66cd84e2d007664a66679e86832202 – Mach-O 64-bit x86_64 executable
7ed3fc831922733d70fb08da7a244224 – Mach-O 64-bit x86_64 executable
9cdb61a758afd9a893add4cef5608914 – Mach-O 64-bit x86_64 executable
287ccbf005667b263e0e8a1ccfb8daec – Mach-O 64-bit x86_64 executable
7005c9c6e2502992017f1ffc8ef8a9b9 – Mach-O 64-bit x86_64 executable
7355e0790c111a59af377babedee9018 – Mach-O 64-bit x86_64 executable
a5af0471e31e5b11fd4d3671501dfc32 – Mach-O 64-bit x86_64 executable
da07b0608195a2d5481ad6de3cc6f195 – Mach-O 64-bit x86_64 executable
dd71b279a0bf618bbe9bb5d934ce9caa – Mach-O 64-bit x86_64 executable

Malicious installation package
8d33f667ca135a88f5bf77a0fab209d4 – Apple software package

C2 IP addresses
111.21.246[.]147
123.232.31[.]206
120.53.133[.]226
218.193.83[.]70
29.40.48[.]21
47.100.65[.]182
58.49.21[.]113
113.125.92[.]32
218.65.110[.]180
20.60.250[.]230

securelist.com/hz-rat-attacks-…

The United States and a few other countries have an astounding array of homeowners’ associations (HOAs), local organizations that exert an inordinate influence on what homeowners can and can’t do with their properties, with enforcement mechanisms up to foreclosure. In the worst cases they can get fussy about things like the shade of brown a homeowner can paint their mailbox post, so you can imagine the problems they’d have with things like ham radio antennas. [Bob] aka [KD4BMG] has been working on tuning up his rain gutters to use as “stealth” antennas to avoid any conflicts with his HOA.

With the right antenna tuner, essentially any piece of metal can be connected to a radio and used as an antenna. There are a few things that improve that antenna’s performance, though. [Bob] already has an inconspicuous coax connector mounted on the outside of his house with an antenna tuner that normally runs his end-fed sloper antenna, which also looks like it includes a fairly robust ground wire running around his home. All of this is coincidentally located right beside a metal downspout, so all this took to start making contacts was to run a short wire from the tuner to the gutter system.

With the tuner doing a bit of work, [Bob] was able to make plenty of contacts from 10 to 80 meters, with most of the contacts in the 20 – 30 meter bands. Although the FCC in the US technically forbids HOAs from restricting reasonable antennas, if you’d rather not get on the bad side of your least favorite neighbors there are a few other projects from [Bob] to hide your gear.

youtube.com/embed/IjWJ_byOD0A?…

hackaday.com/2024/08/27/hidden…

3D scanning is important because the ability to digitize awkward or troublesome shapes from the real world can really hit the spot. One can reconstruct objects by drawing them up in CAD, but when there isn’t a right angle or a flat plane in sight, calipers and an eyeball just doesn’t cut it.

Scanning an object can create a digital copy, aid in reverse engineering, or help ensure a custom fit to something. The catch is making sure that scanning fits one’s needs, and isn’t more work than it’s worth.

I’ve previously written about what to expect from 3D scanning and how to work with it. Some things have changed and others have not, but 3D scanning’s possibilities remain only as good as the quality and ease of the scans themselves. Let’s see what’s new in this area.

All-in-One Handheld Scanning

MIRACO all-in-one 3D scanner by Revopoint uses a quad-camera IR structured light sensor to create 1:1 scale scans.
3D scanner manufacturer Revopoint offered to provide me with a test unit of a relatively new scanner, which I accepted since it offered a good way to see what has changed in this area.

The MIRACO is a self-contained handheld 3D scanner that, unlike most other hobby and prosumer options, has no need to be tethered to a computer. The computer is essentially embedded with the scanner as a single unit with a touchscreen. Scans can be previewed and processed right on the device.

Being completely un-tethered is useful in more ways than one. Most tethered scanners require bringing the object to the scanner, but a completely self-contained unit like the MIRACO makes it easier to bring the scanner to the subject. Scanning becomes more convenient and flexible, and because it processes scans on-board, one can review and adjust or re-scan right on the spot. This is more than just convenience. Taking good 3D scans is a skill, and rapid feedback makes practice and experimentation more accessible.

Features

The MIRACO resembles a chunky digital camera with an array of sensors at the front and a large touchscreen on the back. As a nice touch, the screen can be flipped out to let the scanner be used in “selfie” mode.
The structured light pattern as seen in IR, projected from the front of the device.
At its core, the MIRACO is a quad-camera IR structured light sensor. A pattern of infrared light is projected, and based on how this known pattern is observed by cameras to land on an object, the object’s topology can be inferred and eventually turned into a 3D model.

This method is sensitive to both exposure and focal distance, but the MIRACO tries to cover these bases by offering near and far focal modes (for small and large objects, respectively) as well as a live preview from which the user can judge scan conditions on the fly. Since the human eye cannot see IR, and most of us lack an intuitive sense of how IR interacts with different materials, this last feature is especially handy.

It’s worth mentioning that the models generated by the MIRACO’s scans are 1:1 with real-world dimensions. Having 3D models scaled to match the object they came from is stupendously useful when it comes to anything related to objects fitting into or around other objects.

Limitations

3D scanning is in general still not a foolproof, point-and-shoot process. As with photography, there is both a skill and an art to getting the best results. An operator has to do their part to give the sensor a good view of everything it needs.

Conditions Have to be Right

• One needs to scan in an environment that is conducive to good results. Some materials and objects scan easier than others.
• The scanner is particularly picky about focal length and exposure settings, and can be sensitive to IR interference and reflections. In terms of scanning with the MIRACO, this means the projected IR should be bright enough to illuminate the object fully while not being so bright that it washes out important features.
• IR isn’t visible, so this isn’t easy to grasp intuitively. Happily, there’s a live display on the screen for both exposure and focus distance. This guides a user to stay within the sweet spots when scanning. Better results come easily with a bit of experience.

Scans Are Only as Good as the Weakest Link

• The scanner only models what it can see. The holes in this 1-2-3 block for example are incomplete.
  There is a long chain of processes to go from raw sensor data to finished 3D model, and plenty of opportunity for scans to end up less than ideal along the way.
• 3D scanners like to boast about scan quality with numbers like “0.02 mm accuracy”, but keep in mind that such numbers are best cases from the raw sensor itself.
• When it comes right down to it, a generated model can only be as good as the underlying point cloud. The point cloud is only as good as the sensor data, and the quality of the sensor data is limited by the object and its environment.
• Also, a scanner can only scan what it can see. If an internal void or channel isn’t visible from the scanner’s perspective, it won’t be captured in a scan.

It is not hard to get useful results with a little practice, but no one will be pointing a box and pressing a button to effortlessly receive perfect scans down to the last fraction of a millimeter anytime soon. Have realistic expectations about what is achievable.

Basic Workflow of a 3D Scan

Here is the basic process for scanning an object with the MIRACO that should give a good idea of what is involved.

Job Setup and Scan

A highly reflective object like a polished 1-2-3 block is best treated with a matte finish before scanning. Here I used AESUB Blue vanishing scanning spray, which evaporates in about an hour.
A scan begins by configuring the scanner via touchscreen with some basics like choosing Near or Far mode, object type, and whether to track features or markers. Because the scanner only sees a portion of the object at a time, the software stitches together many images from different angles to build the point cloud that is the foundation for everything else. Alignment of these partial scans is done on the fly either by tracking features (unique shapes on the object) or markers (reflective dots that can be applied as stickers, or printed on a mat.)

If an object is excessively glossy or reflective or otherwise difficult for the scanner to see properly, treat it with a surface coating for better results. One option is dusting it with talcum powder, another is a purpose-made 3D scanning spray like AESUB offers.

With object and scanner ready, The MIRACO is pointed like a camera and moved around the object (or the object spun on a turntable) while trying to stay an optimum distance away for best results. The screen gives feedback on this process, including a live display as the device stitches scans together.

Processing Results

Results can be viewed on the device, and generally speaking, if the scan quality is good then the automatic one-click model processing will easily generate a reasonable 3D model. If there’s a problem, one can continue scanning or try again.

Scans can be exported in a variety of formats via USB or over Wi-Fi. If Revopoint’s Revo Scan software is installed, additional editing and processing options are available such as merging multiple separate scans of an object or fine-tuning processing steps.

Using The Resulting Model

The resulting 3D model (a mesh output like .STL, .3MF, or .OBJ) may require additional processing or editing depending on what one wishes to do with it. A mesh editing program like Blender is full-featured, but Microsoft’s 3D Builder is pretty handy for many common tasks when it comes to editing and handling meshes. Most slicer software for 3D printers can handle basic things as well.

Example Scans and Projects

Here are a few scans and prints I did to illustrate the sort of results you should expect with a tool like this. Each of these highlights an important aspect of scanning from the context of part design and 3D printing. The MIRACO is also capable of scanning large objects, though I focus on smaller ones here.

Scanning a Part, Designing a Socket for that Part

This first example demonstrates scanning an object (in this case, a fan) in order to design a socket in another piece that will fit it perfectly.

To do this, I scanned the fan (including attached cable) then manually traced its vertical footprint in CAD. This created a sort of cutout object I could use to make a socket. Objects with more complex shapes can be cut into slices, and each slice traced individually.

I’d like to point out that because the scan is being used as a reference for a CAD sketch, imperfect or otherwise incomplete scans can still be perfectly serviceable as long as the right parts of the object are intact.

Scanning a Hole and Printing a Plug

This is a great way to show the different possibilities and features in action, such as the fact that scans are 1:1 with their real-world subject.

I roughly chopped a hole out of a chunk of packing foam, scanned the hole, then 3D printed a model of the hole to use as a plug. It fits perfectly, and its shape even accurately captured small details I hadn’t noticed.

Custom Ergonomic Grip

3D scanning is a great way to capture objects with complex shapes that cannot be modeled by calipers and squinted eyeballs alone. Wearables and handhelds are one example, and here I demonstrate creating a custom, ergonomic grip.

I use modeling clay to create a custom hand grip, then scan the result. The scan is easily edited in terms of separating into halves, making a central hole for mounting, and 3D printing the result.

Note that I scanned this object in color (which the MIRACO is capable of) but the color scan serves no real function here other than being more visual.

Remaining Challenges

So what’s not new in 3D scanning? The tools and software are certainly better and easier to use, but some things remain challenging.

Some Objects Scan Better Than Others

Scanning is still fussy about how a subject is framed and shot, as well as how reflective it is or isn’t. Taking these into account is part of getting good results.

3D Scanners Output Meshes, Not CAD Models

I’ve explained before how meshes are fundamentally different from what one is usually working with in a CAD program when designing physical parts. “Widen this hole by 0.5 mm” or “increase this angle by 5 degrees” simply aren’t the kind of edits one easily does with a mesh.

Converting a Mesh to a CAD Format Remains Imperfect

Turning an .stl into an .stp (for example) still doesn’t have great options. Tools exist, but the good ones are mostly the domain of non-free CAD suites; the kind with hefty price tags on annual licenses.

The good news is that meshes not only 3D print just fine, they also work easily with basic Boolean operations (merge, subtract, intersect) and can be used as references when modeling a part. Having a scan that is scaled 1:1 to real-world dimensions is a big help.

What’s Your Experience?

3D scanning is still a process that depends on and benefits greatly from a skilled operator, but it’s getting easier to use and easier to experiment with.

Photogrammetry is still an accessible way to do 3D scanning that requires no special hardware, but it lacks immediate feedback, and the resulting 3D model will not be a 1:1 match to real-world dimensions.

Have you found 3D scanning useful for something? What was the best part? The worst? We’d love to hear about it, so share your experience in the comments.

When we think of programmable hardware, we think of FPGAs. But they’re not the only option. [Oliver Schmidt] has been exploring how the Raspberry Pi Pico can serve in such a role for the classic Apple II. The talk was presented at the KansasFest event this year, and it’s well worth diving into!

[Oliver] has developed A2Pico. It’s a series of Apple II peripheral cards that are based around the Raspberry Pi Pico, as you might have guessed. [Oliver] has been working in the area since 2021 with one [Glenn Jones], with the duo experimenting with connecting the versatile microcontroller directly to the slot bus of the Apple II. [Ralle Palaveev] then chimed in, developing the A2Pico hardware with solely through-hole components for ease of assembly.

A number of cards have been developed based on A2Pico, including a storage device, a Z80 CP/M card, and a specialized card to play Bad Apple on the IIGS. It’s all thanks to the versatility of the programmable I/O (PIO) peripheral inside the Raspberry Pi Pico. This device enables the Pico to be reprogrammed to handle all sorts of complicated tasks at great speed. This is particularly useful when using it to bit-bang a protocol or talk with another machine, and it serves perfectly well in this role. Basically, by reprogramming the Pico and its PIO, the A2Pico design can become any one of a number of different add-on cards.

It’s well worth diving into this stuff if you’ve ever contemplated building your own peripheral cards for 8-bit and 16-bit machines. We’ve seen some other great add-on cards for vintage machines before, too.

youtube.com/embed/onLL5Mmh90s?…

hackaday.com/2024/08/27/using-…

Un nuovo studio ha scoperto che l’uso eccessivo di smartphone, computer e TV da giovani può ridurre le possibilità di vivere fino a 60 anni.

Gli scienziati hanno seguito la salute di oltre 4.000 giovani per 30 anni e hanno scoperto che coloro che trascorrevano molto tempo davanti agli schermi quando avevano vent’anni avevano un rischio significativamente più elevato di malattie cardiache, inclusi infarto e ictus.

Si rileva inoltre che un tempo prolungato davanti allo schermo può diminuire attività importanti come il sonno e l’esercizio fisico, che sono particolarmente importanti per prevenire le malattie cardiovascolari.

Lo studio si basa sui dati longitudinali del programma CARDIA (Coronary Artery Risk and Development in Young Adults), che monitora i rischi di malattie cardiovascolari in migliaia di adulti nel corso di decenni. In particolare, è stato riscontrato che un’ora in più trascorsa davanti alla televisione all’età di 23 anni aumenta la probabilità di sviluppare malattie cardiovascolari del 26%, e aumenta anche il rischio di infarti e ictus del 16%.

Inoltre, i pericoli legati al tempo trascorso davanti allo schermo non si limitano solo ai giovani. L’analisi ha rilevato che ogni ora in più trascorsa quotidianamente davanti alla televisione nella mezza età aumenta il rischio di malattia coronarica del 55%, di ictus del 58% e il rischio complessivo di malattie cardiovascolari del 32%.

Gli autori dello studio sottolineano che le abitudini davanti allo schermo sviluppate in gioventù possono determinare lo stile di vita futuro.

L'articolo Vuoi Vivere più di 60 Anni? Diminuisci l’uso di smartphone, TV e PC proviene da il blog della sicurezza informatica.

Yaroslav Yurchyshyn, liberal Ukrainian MP welcomed Pavel Durov's detention as it disrupts the communication networks of the Russian leadership, and wishes that the Telegram CEO will "provide information about the terrorist activities of the Russian authorities," in Ukraine.

euractiv.com/section/platforms…

L’America ha realizzato uno strumento di intelligenza artificiale capace di prevedere gli attacchi da parte dei Talebani. L’esperimento “Raven Sentry” ha riscosso un grande successo nel campo dell’OSINT, open source intelligence. Ecco come funziona e le sue peculiarità

L'articolo Raven Sentry, così gli USA hanno sfruttato l’AI per predire gli attacchi talebani proviene da Cyber Security 360.

Per trasformare la mentalità aziendale e creare una cultura di consapevolezza e responsabilità condivisa, può essere utile introdurre la "giornata della cyber sicurezza" finalizzata a sensibilizzare, educare e coinvolgere tutti i dipendenti su questo tema fondamentale. Ecco come

L'articolo La giornata della cyber sicurezza, per rafforzare consapevolezza e protezione proviene da Cyber Security 360.

I cosiddetti browser enterprise sono strumenti di nuova generazione che vanno ben oltre la semplice navigazione web offrendo un livello di sicurezza, produttività e personalizzazione specifico per l’ambiente lavorativo. Ecco un’utile guida per scegliere la versione più adatta alle esigenze aziendali

L'articolo I browser enterprise per proteggere il nostro lavoro: quali sono e vantaggi offerti proviene da Cyber Security 360.

Sviluppare algoritmi crittografici in grado di resistere alla computazione quantistica è prioritario per garantire comunicazioni digitali sicure negli anni 2030. In questo scenario, il NIST ha formalizzato i primi tre standard di crittografia post-quantistica. Facciamo il punto, tra tecnologie e nuove sigle

L'articolo Crittografia post quantistica: i nuovi standard NIST e la Quantum-Key Distribution (QKD) proviene da Cyber Security 360.

E' una buona notizia che le Nazioni Unite l’8 agosto 2024 hanno definitivamente approvato la bozza del Trattato globale sulla criminalità informatica. Vediamo perché e i contenuti

L'articolo Trattato globale Onu sulla criminalità informatica: perché è importante proviene da Cyber Security 360.

Il mondo del lavoro è percorso da dinamiche evolutive continue sotto la spinta dell’innovazione tecnologica e dell’intelligenza artificiale, che può avere influenze non solo sui processi di lavoro ma anche sugli stessi lavoratori. Per questo sarebbe utile la figura di un rappresentante dei lavoratori per la privacy. Ecco le motivazioni

L'articolo Rappresentante dei lavoratori per la privacy: un ruolo di tutela dei dati dall’IA proviene da Cyber Security 360.

L’Uptime Institute ha pubblicato l’Annual Outage analysis 2024 che analizza i dati sulle tendenze delle interruzioni dell'IT e dei data center in termini di cause, costi e conseguenze

L'articolo Quando l’IT va in tilt: come, perché e con quali costi aziendali proviene da Cyber Security 360.

La condanna in solido per Bper e Tim, colpevoli di non aver bloccato una serie di bonifici truffa ai danni di due aziende, riporta al centro del dibattito il “dovere di protezione” tra tutela dei dati personali e buone pratiche di sicurezza delle informazioni. Facciamo chiarezza

L'articolo SIM Swap e truffe bancarie: cosa impariamo dalla condanna a Bper e Tim proviene da Cyber Security 360.

Una corretta contrattualistica rappresenta, per gli attori nel mondo dei servizi di sicurezza informatica, che si tratti di freelance, startup o imprese strutturate, un pilastro imprescindibile per garantire una collaborazione trasparente, sicura e priva di fraintendimenti tra le parti

L'articolo Contratti per freelance e società cyber: regole di collaborazione trasparente con i clienti proviene da Cyber Security 360.

Bper e Tim dovranno risarcire in solido due aziende milanesi a cui sono stati sottratti 163 mila euro. I criminal hacker, in genere, riservano un posto speciale al mondo della finanza e questo episodio insegna che la cautela non è mai abbastanza

L'articolo Truffa bancaria, Bper e Tim chiamate a risarcire: quali considerazioni proviene da Cyber Security 360.