💣 Quando il regalo per la Festa della Mamma diventa un infostealer interno!
In un mondo in cui l’ingegneria sociale è la regina degli attacchi informatici, nessuno è al sicuro. Neanche papà. Un gesto tenero? No, una breccia nei sistemi familiari.
🧠 Morale della favola: Puoi difenderti da ransomware, phishing e malware… ma non da tua figlia sotto interrogatorio emotivo.
👉 Buona Festa della Mamma a tutte le donne che sanno tutto… prima ancora che succeda.
Per anni, Reddit è rimasto uno dei pochi angoli di Internet in cui era possibile discutere in tutta sicurezza di qualsiasi argomento, dai videogiochi alle criptovalute, dalla politica alle teorie sugli UFO. Ma ora si scopre che anche lì le persone spesso non discutevano con altre persone, ma con l’intelligenza artificiale.
La causa della preoccupazione è stato un incidente avvenuto nel subreddit r/changemyview , un luogo popolare per dibattiti civili e scambi di opinioni. A quanto pare, gli scienziati dell’Università di Zurigo hanno lanciato dei bot di intelligenza artificiale per studiare quanto sia facile influenzare le opinioni degli utenti.
I bot si sono comportati nel modo più realistico possibile: sono stati addestrati a riconoscere le sfumature della comunicazione umana e hanno persino discusso meglio di molti partecipanti reali. Tutto questo è avvenuto in segreto, senza preavviso o consenso. Solo dopo la pubblicazione della bozza dei risultati dell’esperimento è diventato chiaro che migliaia di persone avevano inconsapevolmente discusso con le macchine.
I moderatori del subreddit hanno reagito duramente all’esperimento, definendolo “manipolativo e ingiusto”. Nella comunità si aprì un dibattito etico: da un lato si trattava di un lavoro scientifico, dall’altro si trattava di una palese ingerenza nella comunicazione in tempo reale, peraltro senza il consenso dei partecipanti.
In seguito allo scandalo, la dirigenza di Reddit ha deciso di introdurre ulteriori controlli per confermare che l’utente sia un essere umano. Secondo il CEO Steve Huffman, Reddit rimarrà anonimo, ma diventerà più “umano”. Tuttavia, non è ancora chiaro come verrà implementato esattamente il sistema di protezione e se scoraggerà gli utenti reali dal visitare i loro thread preferiti.
In un modo o nell’altro, su una delle ultime piattaforme in cui l’autenticità della comunicazione è stata ancora preservata, sorge una nuova domanda: “Sei davvero umano?”
The Thinkpad line of laptops, originally from IBM, and then from Lenovo, have long been the choice of many in our community. They offer a level of robustness and reliability missing in many cheaper machines. You may not be surprised to find that this article is being written on one. With such a following, it’s not surprising that a significant effort has gone into upgrading older models. For example, we have [Franck Deng]’s new motherboard for the Thinkpad X200 and X201. These models from the end of the 2000s shipped as far as we can remember with Core 2 Duo processors, so we can imagine they would be starting to feel their age.
It’s fair to say the new board isn’t a cheap option, but it does come with a new Core Ultra 7 CPU, DDR5 memory, M.2 interfaces for SSDs alongside the original 2.5″ device, and USB-C with Thunderbolt support. There are a range of screen upgrade options. For an even more hefty price, you can buy a completely rebuilt laptop featuring the new board. We’re impressed with the work, but we have to wonder how it would stack up against a newer Thinkpad for the price.
Microsoft’s latest Phi4 LLM has 14 billion parameters that require about 11 GB of storage. Can you run it on a Raspberry Pi? Get serious. However, the Phi4-mini-reasoning model is a cut-down version with “only” 3.8 billion parameters that requires 3.2 GB. That’s more realistic and, in a recent video, [Gary Explains] tells you how to add this LLM to your Raspberry Pi arsenal.
The version [Gary] uses has four-bit quantization and, as you might expect, the performance isn’t going to be stellar. If you are versed in all the LLM lingo, the quantization is the way weights are stored, and, in general, the more parameters a model uses, the more things it can figure out.
As a benchmark, [Gary] likes to use what he calls “the Alice question.” In other words, he asks for an answer to this question: “Alice has five brothers and she also has three sisters. How many sisters does Alice’s brother have?” While it probably took you a second to think about it, you almost certainly came up with the correct answer. With this model, a Raspberry Pi can answer it, too.
The first run seems fairly speedy, but it is running on a PC with a GPU. He notes that the same question takes about 10 minutes to pop up on a Raspberry Pi 5 with 4 cores and 8GB of RAM.
We aren’t sure what you’d do with a very slow LLM, but it does work. Let us know what you’d use it for, if anything, in the comments.
The Sinclair C5 was Sir Clive’s famous first venture into electric mobility, a recumbent electric-assisted tricycle which would have been hardly unusual in 2025. In 1985, though, the C5 was so far out there that it became a notorious failure. The C5 retains a huge following among enthusiasts, though, and among those is [JSON Alexander, who has bought one and restored it.
We’re treated to a teardown and frank examination of the vehicle’s strengths and weaknesses, during which we see the Sinclair brand unusually on a set of tyres, and the original motor, which is surprisingly more efficient than expected. Sir Clive may be gone, but this C5 will live again.
We’ve had the chance to road test a C5 in the past, and it’s fair to say that we can understand why such a low-down riding position was not a success back in the day. It’s unusual to see one in as original a condition as this one, it’s more usual to see a C5 that’s had a few upgrades.
Wow this got popular, I haven't really done a massive writeup like this since I was working on the PDP-11, and I forgot to finish that in the excitement that followed when I got it to boot, so now I feel obliged to continue.
Sadly I can't really do much active tests without the battery; I ordered one from Halfords for next day in store pickup, but that was on Friday, and still no word; for now it's just a standard 12v lead acid car battery just to make this thing go, but I at least for now know the control electronics are working from my rather flawed test with the power supply.
I'll take this time to talk a little more about the C5 and what I'm planning on doing with it. To start, I've had a couple of people repeat some misconceptions about the C5 and question why I am doing this.
The C5 uses a custom motor made by the Italian company Polymotor, who did make washing machine motors, and also torpedo motors; it very likely needed this custom motor as for the time, it's efficiency is incredible...
In 2022 I used to make a daily 10 mile (16km) round commute on a first generation Pure Air e-scooter, it could just about manage it doing 13mph (20km/h), coincidently, this is almost exactly the average performance and range of the C5 with it's original 80 AH lead acid battery, and yet the Pure Air is 40 years newer, weighs half as much and is absolutely packed full of lithium batteries!
A bag of various unrelated projects with varying levels of serviceability and destructiveness. - zfspasskey: a server to decrypt ZFS datasets with age and passkeys · FiloSottile/mostly-harmless@b453995
The age file header is sent to the client, which decrypts it using typage's new passkey support (github.com/FiloSottile/typage?…) and sends back the file key. The server decrypts the password with it and mounts the dataset.
Can use it from my phone via iCloud Keychain, or could use YubiKeys, too!
Interesting idea. I wonder if this could be packaged for initrd for the decryption of the root file system
Does this check for the CTAP protocol version? I don't know if it is transparent in the browser. Unfortunately, CTAP2.0 had a user validation bypass for PRF which is fixed with CTAP2.1.
If you had asked us yesterday “How do you 3D Print a Photo”, we would have said “well, that’s easy, do a lithopane”– but artist, hacker and man with a very relaxing voice [Wyatt Roy] has a much more impressive answer: Gaussian splats, rendered in resin.
Gaussian splats are a 3D scanning technique aimed at replicating a visual rather than geometry, like the mesh-based 3D-scanning we usually see on Hackaday. Using photogrammetry, a point cloud is generated with an associated 3D Gaussian function describing the colour at that point. Blend these together, and you can get some very impressive photorealistic 3D environments. Of course, printing a Gaussian smear of colour isn’t trivial, which is where the hacking comes in.
14-face isospheres do a good job of replicating the complicated Gaussian, as seen with this experimental long-exposure shot. [Wyatt] first generates the Gaussian splats with an app called Polycam, which outputs inscrutable binary .ply files. With AI assistance of dubious quality, [Wyatt] first created a python script to decompile this data into an ASCII file, which is then fed into a Rhino script to create geometry for printing. Rather than try and replicate the Gaussian splat at each point perfectly, which would melt his PC, [Wyatt] uses 14-face isospheres to approximate the 3D Gaussian functions. These then get further postprocessing to create a printable mesh.
Printing this isn’t going to be easy for most of us, because [Wyatt] is using a multi-color DLP resin printer. The main body is clear resin, and black or white resin used for the space defined by the isospheres created from the Gaussian Splat. When the interior color is white, the effect is quite similar to those acrylic cubes you sometimes see, where a laser has etched bubbles into their depths, which makes us wonder if that might be a more accessible way to use this technique.
If you’ve been designing parts for 3D printing, you probably have some tricks and standards for your designs. [Rahix] decided to write out a well-thought-out set of design rules for FDM prints, and we can all benefit.
One of the things we liked about the list is that it’s written in a way that explains everything. Every so often, there’s a box with a summarized rule for that topic. At the end, there’s a list of all the rules. The rules are also in categories, including part strength, tolerance, optimization, integration, machine elements, appearance, and vase mode.
For example, section two deals with tolerance and finish. So, rule R2.8 says, “Do not use circular holes for interference fits. Use hexagon or square holes instead.”
We also appreciate that [Rahix] touched on some of the counter-intuitive aspects of designing for FDM printing. For example, you might think adding voids in your part will reduce the filament and time required to print it, but in many cases it can have the opposite effect.
Some of these — maybe even most of these — won’t surprise you, but you still might take away a tidbit or two. But having it all down in a checklist and then the ability to scroll up and find the rationale for the rule is great.
Do you have any rules you’d add? Or change? Let us know. Meanwhile, we were eyeing our favorites about adding machine elements to prints.
This is definitely one of my favorite things in systemd services. I don't even want to imagine what kind of hell you would have to go through to get this to work nicely with init scripts.
Leone XIV, nel nome la cura dell’umano nell’era dell’AI. #RerumNovarum 2.0
ho pensato di prendere il nome di Leone XIV principalmente perché Leone XIII, con la Rerum novarum, affrontò la questione sociale nel contesto della prima grande rivoluzione industriale; oggi la Chiesa deve rispondere a un’altra rivoluzione industriale e agli sviluppi dell’intelligenza artificiale, con nuove sfide per la difesa della dignità umana, della giustizia e del lavoro.”
Giustizia, infatti, oggi significa anche garantire che l’accesso alla conoscenza, ai dati, alle opportunità generate dall’AI non diventi privilegio di pochi.
Quindi DeepSeek dovrebbe essere visto positivamente da Papa Leone XIV, giusto?
Le autorità statunitensi continuano a cercare soluzioni per fermare la fuga di chip avanzati verso la Cina, nonostante le rigide restrizioni all’esportazione in vigore. Il senatore Tom Cotton ha proposto una soluzione piuttosto semplice: integrare nei chip in questione un sistema di tracciamento in grado di segnalare se il dispositivo si trova nel posto sbagliato. Secondo il suo piano, ciò contribuirà a contrastare il mercato grigio delle GPU ad alte prestazioni, che continuano a entrare in Cina aggirando i divieti.
Il disegno di legge di Cotton, denominato Chip Security Act, obbligherebbe il Dipartimento del Commercio a richiedere che tutti i chip avanzati esportati, o i dispositivi che li contengono, siano dotati di un meccanismo di “verifica della posizione” entro sei mesi dalla sua approvazione. Sebbene il disegno di legge sia stato solo proposto e non ancora adottato, l’idea ha già suscitato interesse e interrogativi.
Secondo il documento, il meccanismo può essere implementato sia tramite software e firmware, sia a livello di hardware fisico. Gli esportatori saranno tenuti a segnalare alle autorità qualsiasi tentativo di disattivare o manomettere il sistema di tracciamento, nonché casi di riassegnazione o uso improprio dei chip. Allo stesso tempo, la legge non fornisce ancora una definizione chiara di come verrà implementato esattamente il controllo: ci sono formulazioni abbastanza vaghe, secondo le quali, in teoria, anche un semplice tag come AirTag potrebbe essere considerato conforme ai requisiti. La protezione non è un’opzione. È una necessità.
Gli autori prevedono che il tracciamento potrebbe essere integrato nei chip stessi o in assemblaggi più grandi come i moduli di elaborazione HGX e OAM. Allo stesso tempo, il Ministero del Commercio avrà il diritto di scegliere i metodi di attuazione più “appropriati e realistici” del momento. Nel lungo termine, si propone di elaborare requisiti obbligatori per tali meccanismi, congiuntamente al Pentagono, e di aggiornarli regolarmente.
Tuttavia, i critici stanno già evidenziando una potenziale vulnerabilità: se il sistema viene facilmente aggirato o contraffatto, l’intera idea sarà inutile. E dato che molti chip moderni contengono già firme digitali univoche, la verifica periodica degli identificatori crittografici nei data center potrebbe essere molto più efficace, un po’ come avvenne con gli ispettori che un tempo monitorarono il disarmo dell’ex Unione Sovietica.
È interessante notare che il disegno di legge non fa alcun accenno alla possibilità di “kill switch” integrati, meccanismi che consentirebbero di disattivare o distruggere a distanza i chip se cadono nelle mani sbagliate. Sebbene l’idea di tali fondi sia già stata sollevata in passato, la sua attuazione comporta seri rischi ed è controversa all’interno del settore.
Infine, la proposta di Cotton arriva nel bel mezzo delle discussioni sulla revisione di alcune norme dell’era Biden volte a limitare l’esportazione della tecnologia di intelligenza artificiale. Il Dipartimento del Commercio degli Stati Uniti ha già annunciato l’intenzione di abbandonare alcune delle restrizioni precedenti. In questo contesto, il disegno di legge sul tracciamento potrebbe diventare un nuovo strumento nella lotta per la superiorità tecnologica e il controllo del mercato globale dei semiconduttori.
Every time we end up talking about 3D printers, Al Williams starts off on how bad he is in a machine shop. I’m absolutely sure that he’s exaggerating, but the gist is that he’s much happier to work on stuff in CAD and let the machine take care of the precision and fine physical details. I’m like that too, but with me, it’s the artwork.
I can’t draw to save my life, but once I get it into digital form, I’m pretty good at manipulating images. And then I couldn’t copy that out into the real world, but that’s what the laser cutter is for, right? So the gameplan for this year’s Mother’s Day gift (reminder!) is three-way. I do the physical design, my son does the artwork, we combine them in FreeCAD and then hand it off to the machine. Everyone is playing to their strengths.
So why does it feel a little like cheating to just laser-cut out a present? I’m not honestly sure. My grandfather was a trained architectural draftsman before he let his artistic side run wild and went off to design jewellery. He could draw a nearly perfect circle with nothing more than a pencil, but he also used a French curve set, a pantograph, and a rolling architect’s ruler when they were called for. He had his tools too, and I bet he’d see the equivalence in mine.
People have used tools since the stone age, and the people who master their tools transcend them, and produce work where the “human” shines through despite having traced a curve or having passed the Gcode off to the cutter. If you doubt this, I’ll remind you of the technological feat that is the piano, with which people nonetheless produce music that doesn’t make you think of the hammers or of the tremendous cast metal frame. The tech disappears into the creation.
I’m sure there’s a parable here for our modern use of AI too, but I’ve got a Mother’s Day present to finish.
This article is part of the Hackaday.com newsletter, delivered every seven days for each of the last 200+ weeks. It also includes our favorite articles from the last seven days that you can see on the web version of the newsletter. Want this type of article to hit your inbox every Friday morning? You should sign up!
A recent campaign targeting Southern European organizations demonstrates advanced evasion techniques combining social engineering, trusted platforms, and geolocation filtering. The attack chain unfolds through four precision stages: 1.
A recent analysis of newly discovered payloads linked to the DOGE Big Balls ransomware operation reveals a complex infection chain combining open-source tools, kernel-level exploits, and psychological warfare.
@Informatica (Italy e non Italy 😁) I community college statunitensi stanno affrontando un’ondata senza precedenti di iscrizioni fraudolente da parte di “bot studente”, entità digitali progettate per sottrarre fondi pubblici attraverso l’uso di identità false e lavoro accademico generato da IA. Questo fenomeno, emerso in modo
In the world of (expensive) lab test equipment the GPIB (general purpose interface bus) connection is hard to avoid if you want any kind of automation, but nobody likes wrangling with the bulky cables and compatibility issues when they can just use Ethernet instead. Here [Chris]’s Ethernet-GPIB adapter provides an easy solution, with both Power over Ethernet (PoE) and USB-C power options. Although commercial adapters already exist, these are rather pricey at ~$500.
Features of this adapter include a BOM total of <$50, with power provided either via PoE (802.3af) or USB-C (5V-only). The MCU is an ATmega4809 with the Ethernet side using a Wiznet W5500 SPI Ethernet controller. There is also a serial interface (provided by a CH340X USB-UART adapter), with the firmware based on the AR488 project.
The adapter supports both the VXI-11.2 and Prologix protocols, though not at the same time (due to ROM size limitations). All design documents are available via the GitHub repository, with the author also selling assembled adapters and providing support primarily via the EEVBlog forums.
Per la prima volta nella storia giudiziaria americana, una vittima di omicidio è “salita alla sbarra” durante il processo per il proprio omicidio.
Un tribunale dell’Arizona ha mostrato un videoclip di un avatar digitale di Christopher Pelkey, un veterano dell’esercito americano morto in un incidente stradale nel 2021, mentre parla sullo schermo. La sua voce e il suo aspetto sono stati ricreati utilizzando modelli di reti neurali. Il video è stato creato dalla sorella della vittima e faceva parte dell’udienza di condanna che ha portato all’omicidio la pena massima di 10,5 anni di carcere.
L’omicidio è avvenuto più di tre anni fa. Gabriel Orcasitas ha sparato e ucciso Pelkey durante un episodio di violenza stradale. La famiglia della vittima ha dovuto sopportare due processi e la visione ripetuta di filmati dell’omicidio, tra cui quello in cui Pelkey viene ferito a morte e cade a terra. Ai parenti non era consentito mostrare emozioni in aula per evitare precedenti che avrebbero potuto portare all’invalidità del processo. Ma nella fase della sentenza, affermano, hanno avuto la loro prima possibilità di parlare e di controllare il modo in cui la storia di Christopher sarebbe stata raccontata.
La sorella del defunto, Stacey Wales, ha avuto difficoltà a scrivere la sua testimonianza in tribunale. Ammette di aver riscritto la sua dichiarazione per mesi, finché non ha deciso di fare qualcosa di diverso: lasciare che fosse suo fratello a “dirlo da solo”. Lei e suo marito Tim, che lavora nel settore tecnologico, hanno creato un video in cui si esibisce una controfigura digitale di Pelkey. Hanno utilizzato Stable Diffusion con pre-addestramento LoRA per generare l’immagine visiva e strumenti di sintesi vocale per creare una voce a partire da frammenti audio. Tutte le parole pronunciate dall’avatar sono state scritte da Stacy stessa. Sottolinea che il suo obiettivo era la sincerità, non la vendetta: secondo lei, il discorso doveva essere una “coperta d’amore” perché così era suo fratello. La paranoia digitale è il nuovo buon senso.
Il video iniziava con un avvertimento: “Ciao. Giusto perché tutti lo sappiano, sono una versione di Chris Pelkey, ricreata dall’intelligenza artificiale usando la mia immagine e la mia voce”. In seguito, agli spettatori viene mostrato un frammento reale con un Pelki dal vivo, che parla del servizio nell’esercito e della fede in Dio, e poi di nuovo un passaggio a un avatar digitale, che fa la sua affermazione. Ringrazia tutti coloro che sono venuti all’udienza, hanno sostenuto la famiglia, ricorda amici e parenti e passa all’appello chiave: l’assassino.
“A Gabriel Orcasitas, l’uomo che mi ha sparato”, dice Christopher digitale, “mi dispiace che ci siamo incontrati in quelle circostanze. In un’altra vita, forse saremmo potuti essere amici. Credo nel perdono e in un Dio che perdona. Ci ho sempre creduto. E ci credo ancora.”
Il giudice Todd Lang ha affermato che il video ha lasciato una profonda impressione. Ha dichiarato di essere convinto della sincerità di quanto aveva sentito e si è persino rifiutato di rivolgersi formalmente al defunto usando il suo cognome, chiamandolo per nome. Il giudice ha sottolineato che, nonostante la famiglia avesse chiesto la pena massima, le parole della Pelka digitale non invocavano vendetta, ma solo perdono. E questo, a suo avviso, rifletteva la vera essenza nobile dell’intera famiglia del defunto.
L’avvocato di Orcasitas ha cercato di usare le stesse parole dell’avatar nella sua difesa, affermando che il defunto e l’imputato avrebbero potuto effettivamente avere interessi in comune e sarebbero potuti diventare amici. Tuttavia, il tribunale non ha attenuato la pena. Stacey Wales ammise in seguito che il loro obiettivo era quello di “far piangere il giudice” e “resuscitare Christopher almeno per qualche minuto”.
Da un punto di vista tecnico e giuridico, l’uso dell’intelligenza artificiale non ha suscitato controversie. L’Arizona ha una Carta dei diritti delle vittime che consente ai familiari di scegliere come presentare le richieste di risarcimento. L’avvocato Jessica Gattuso, che ha rappresentato la famiglia, ha osservato che il video era accompagnato fin dall’inizio da una spiegazione della sua natura di intelligenza artificiale, nessuno ha cercato di far passare il discorso per le reali parole di Pelkey e nessuna delle due parti ha sollevato obiezioni. Secondo lei la decisione è stata attuata in modo corretto e onesto.
Il contrasto con altri casi di intelligenza artificiale in contenzioso è stato netto: all’inizio di quest’anno, un avvocato del Wyoming è stato pubblicamente rimproverato per aver utilizzato precedenti fittizi generati da un modello linguistico. A marzo, un altro team legale è stato multato di 15.000 dollari per aver fatto riferimento a casi “allucinatori”. Nel caso della famiglia Pelkey, la tecnologia è stata utilizzata come strumento emotivo, non per sostituire i fatti, ma per mettere in luce la voce umana che altrimenti non sarebbe stata ascoltata.
La procura ha chiesto nove anni di reclusione; il massimo era dieci e mezzo. Il giudice ha dato il massimo. E secondo la stessa Stacey, il video ha avuto un ruolo decisivo: “Ha mostrato chi era Chris e ci ha dato la possibilità di parlare a suo nome. Non vendicatevi. E di farci sentire”.
@Informatica (Italy e non Italy 😁) Il caso di una dipendente di una società in house della Regione Calabria fa emergere criticità nel controllo dei lavoratori in modalità agile: in gioco privacy, trasparenza e limiti dell’art. 4 dello Statuto dei
Today we are happy to present a web-based GUI for making a web-based GUI! If you’re a programmer then web front-end development might not be your bag. But a web-based graphical user interface (GUI) for administration and reporting for your microcontroller device can look very professional and be super useful. The Mongoose Wizard can help you develop a device dashboard for your ESP32-based project.
In this article (and associated video) the Mongoose developers run you through how to get started with their technology. They help you get your development environment set up, create your dashboard layout, add a dashboard page, add a device settings page, add an over-the-air (OTA) firmware update page, build and test the firmware, and attach the user-interface controls to the hardware. The generated firmware includes an embedded web server for serving your dashboard and delivering its REST interface, pretty handy.
You will find no end of ESP32-based projects here at Hackaday which you could potentially integrate with Mongoose. We think the OTA support is an excellent feature to have, but of course there are other ways of supporting that functionality.
Il gruppo Qilin, da noi intervistato qualche tempo fa, è in cima alla lista degli operatori di ransomware più attivi nell’aprile 2025, pubblicando i dettagli di 72 vittime sul suo sito Data Leak Site (DLS). Secondo Group-IB si tratta di una cifra record: da luglio 2024 a gennaio 2025 il numero di tali pubblicazioni raramente superava le 23 al mese, ma da febbraio la curva ha registrato un forte aumento: 48 casi a febbraio, 44 a marzo e già 45 nelle prime settimane di aprile.
La causa principale dell’aumento dell’attività è stata la scomparsa improvvisa del gruppo concorrente RansomHub, che in precedenza si classificava al secondo posto per numero di attacchi. Dopo il crollo, un numero significativo di aggressori affiliati si è spostato a Qilin, causando una crescita esponenziale delle loro operazioni. Secondo Flashpoint, in un solo anno, da aprile 2024 ad aprile 2025, RansomHub è riuscito a colpire 38 organizzazioni del settore finanziario prima di scomparire dalla scena. La particolarità delle campagne Qilin è l’utilizzo di un nuovo pacchetto di componenti dannosi: il già noto modulo SmokeLoader e un nuovo loader .NET, nome in codice NETXLOADER.
I ricercatori di Trend Micro hanno studiato NETXLOADER in dettaglio e hanno notato il suo ruolo chiave nella distribuzione di malware. Questo downloader installa silenziosamente moduli dannosi, è protetto dall’analisi tramite .NET Reactor versione 6 e utilizza diverse tecniche di bypass.
NETXLOADER è estremamente difficile da analizzare: il codice è crittografato, i nomi dei metodi non sono informativi e la logica di esecuzione è confusa. Vengono utilizzate tecniche avanzate di occultamento, come gli hook JIT e il caricamento controllato delle DLL direttamente nella memoria, rendendo impossibile l’analisi statica o la ricerca di stringhe. Infatti, senza eseguirlo in un ambiente reale, è impossibile capire esattamente cosa fa questo bootloader.
Le catene di attacco iniziano molto spesso con il phishing o la compromissione di account reali, dopodiché NETXLOADER penetra nel sistema infetto. Successivamente, attiva SmokeLoader, che esegue controlli di anti-analisi, di virtualizzazione e disabilita i processi da un elenco predefinito. Nella fase finale, SmokeLoader contatta il server di controllo remoto e riceve da lì NETXLOADER, che carica già il ransomware Agenda utilizzando la tecnica Reflective DLL Loading, caricando la libreria direttamente nella memoria senza scriverla sul disco.
Agenda viene utilizzato attivamente per attaccare domini di rete, unità esterne, storage e hypervisor VCenter ESXi. Trend Micro ha osservato che le vittime più comuni sono le organizzazioni sanitarie, finanziarie, delle telecomunicazioni e delle infrastrutture IT in paesi come Stati Uniti, India, Brasile, Filippine e Paesi Bassi.
Con l’aumento del numero delle vittime e della maturità tecnica degli strumenti utilizzati, Qilin continua a consolidare la sua posizione come uno dei ransomware tecnologicamente più avanzati nel panorama della criminalità informatica.
Secondo un nuovo studio di Rubrik, quasi il 90% dei responsabili IT affronterà attacchi informatici nel 2024. I sistemi cloud e ibridi sono sempre più vulnerabili.
Il clone di Signal usato da funzionari USA, TeleMessage, è stato violato da un hacker. Scopri i retroscena e le implicazioni per la sicurezza nazionale.
Recently [Colin Leroy-Mira] found himself slipping into a bit of a rabbit hole while investigating why only under Apple II MAME emulation there was a lot of flickering when using the (emulated) Apple II MouseCard. This issue could not be reproduced on real (PAL or NTSC) hardware. The answer all comes down to how the card synchronizes with the system’s vertical blanking (VBL) while drawing to the screen.
The Apple II MouseCard is one of the many peripheral cards produced for the system, originally bundled with a version of MacPaint for the Apple II. While not a super popular card at the time, it nevertheless got used by other software despite this Apple system still being based around a command line interface.
According to the card’s documentation the interrupt call (IRQ) can be set to 50 or 60 Hz to match the local standard. Confusingly, certain knowledgeable people told him that the card could not be synced to the VBL as it had no knowledge of this. As covered in the article and associated MAME issue ticket, it turns out that the card is very much synced with the VBL exactly as described in The Friendly Manual, with the card’s firmware being run by the system’s CPU, which informs the card of synchronization events.
We always enjoy [The History Guy], and we wish he’d do more history of science and technology. But when he does, he always delivers! His latest video, which you can see below, focuses on the Cold War pursuit of creating transfermium elements. That is, the discovery of elements that appear above fermium using advanced techniques like cyclotrons.
There was a brief history of scientists producing unnatural elements. The two leaders in this work were a Soviet lab, the Joint Institute of Nuclear Research, and a US lab at Berkeley.
You’d think the discovery of new elements wouldn’t be very exciting. However, with the politics of the day, naming elements became a huge exercise in diplomacy.
Part of the problem was the difficulty in proving you created a huge atom for a few milliseconds. It was often the case that the initial inventor wasn’t entirely clear.
We were buoyed to learn that American scientists named an element(Mendelevium) after a Russian scientist as an act of friendship, although the good feelings didn’t last.
We wonder if a new element pops up, if we can get some votes for Hackadaium. Don’t laugh. You might not need a cyclotron anymore.
Everyone knows what its like to get a hankering for a specific food. In [Attoparsec]’s case, he wanted waffles. Not any waffles would do, though; he needed waffles in the form of a labyrinth. Those don’t exist, so he had to machine his own waffle maker. When computers were the size of rooms, these stood in where we’d use CNC today. Most of us would have run this off on a CNC, but [Attoparsec] isn’t into CNCing–manual machining is his hobby, and he’s not interested in getting into another one, no matter how much more productive he admits it might make him. We can respect that. After a bit of brain sweat thinking of different ways to cut out the labyrinth shape, he has the opportunity to pick up an antique Deckle pantograph mill.
These machines were what shops used to do CNC before the ‘computer numeric’ part was a thing. By tracing out a template (which [Attoparsec] 3D prints, so he’s obviously no Luddite) complex shapes can be milled with ease. Complex shapes like a labyrnthine wafflemaker. Check out the full video below; it’s full of all sorts of interesting details about the machining process and the tools involved.
[Martin Lorton] has a vintage Harmon 4200B selective voltmeter that needed repair. He picked it up on eBay, and he knew it wasn’t working, but it was in good condition, especially for the price. He’s posted four videos about what’s inside and how he’s fixing it. You can see the first installment below.
The 4200B is an RMS voltmeter and is selective because it has a tuned circuit to adjust to a particular frequency. The unit uses discrete components and has an analog meter along with an LCD counter.
The initial tests didn’t work out well because the analog meter was stuck, so it wouldn’t go beyond about 33% of full scale.
Since there are four videos (so far), there is a good bit of information and detail about the meter. However, it is an interesting piece of gear and part 3 is interesting if you want to see inside an analog meter movement.
By the fourth video, things seem to be working well. You might want to browse the manual for the similar 4200A manual to get oriented.
The Intel 8051 series of 8-bit microcontrollers is long-discontinued by its original manufacturer, but lives on as a core included in all manner of more recent chips. It’s easy to understand and program, so it remains a fixture despite much faster replacements appearing.
If you can’t find an original 40-pin DIP don’t worry, because [mit41301] has produced a board in a compatible 40-pin format. It’s called the single chip computer not because such a thing is a novelty in 2025, but because it has no need for the support chips which would have come with the original.
The modern 8051 clone in use is a CH558 or CH559, both chips with far more onboard than the original. The pins are brought out to one side only of the board, because on the original the other side would interface with an external RAM chip. It speaks serial, and can be used through either a USB-to-serial or Bluetooth-to-serial chip. There’s MCS-BASIC for it, so programming should be straightforward.
We can see the attraction of this board even though we reach for much more accomplished modern CPUs by choice. Several decades ago the original 8051 on Intel dev boards was our university teaching microcontoller, so there remains here a soft spot for it. We certainly see other 8051 designs, as for example this Arduino clone.
When you’ve had some kind of injury, rehabilitation can be challenging. You often need to be careful about how you’re using the affected parts of your body, as well as pursue careful exercises for repair and restoration of function. It can be tedious and tiring work, for patients and treating practitioners alike.
Juan Diego Zambrano, Abdelrahman Farag, and Ivan Hernandez have been working on new technology to aid those going through this challenging process. Their talk at the 2024 Hackaday Supercon covers an innovative motion monitoring device intended to aid rehabilitation goals in a medical context.
As outlined in the talk, the team took a measured and reasoned approach to developing their device. The project started by defining the problem at hand, before proposing a potential solution. From there, it was a case of selecting the right hardware to do the job, and developing it alongside the necessary software to make it all work. The Arduino Nano BLE33 had most of the necessary functionality for this project, out of the box. The problem in question regarded helping children through rehabilitative therapies. Structured activities are used to help develop abilities in areas like motor skills, coordination, and balance. These can be particularly challenging for children with physical or developmental difficulties, and can be repetitive at the best of times, leading to a lack of engagement. “We wanted to solve that… we wanted to make it more interactive and more useful for the therapies and for the doctors,” Ivan explains, with an eye to increasing motivation for the individual undergoing rehabilitation.
Other challenges also exist in this arena. Traditional rehabilitation methods offer no real-time feedback to the individual on how they’re performing. There is also a need for manual monitoring and record keeping of the individual’s performance, which can be tedious and often relies on subjective assessments. The device was demonstrated mounted on a patient’s chest, while being used in a game designed for balance work. Having explored the literature on game-based therapy techniques, the team figured a wearable device with sensors could aid in solving some of these issues. Thus they created their immersive motion rehabilitation device.
At the heart of the build is an Arduino Nano BLE33, so named for its Bluetooth Low Energy wireless communications hardware. Onboard is an nRF52840 microcontroller, which offers both good performance and low power consumption. The real benefit of this platform, though, is that it includes an inertial measurement unit (IMU) and magnetometer on board and ready to go. The IMU in question is the BMI270, which combines a high-precision 3-axis accelerometer and 3-axis gyroscope into a single package. If you want to track motion in three dimensions, this is a great way to do it.
For user feedback, some additional hardware was needed. The team added a vibration motor, RGB LED, and buzzer for this reason. Controlling the device is simple, with the buttons on board. In order to make the device easy to use for therapists, it’s paired with a Windows application, programmed in C#. It’s used for monitoring and analysis of the wearer’s performance during regular rehabilitation activities. The user’s motions are recorded while playing a simple game, providing useful clinical data. The talk explains how this simple, off-the-shelf hardware was used to aid the rehabilitation experience. By gamifying things, users are prompted to better engage with the therapy process by completing tasks monitored by the device’s sensors. Fun graphics and simple gameplay ideas are used to make a boring exercise into something more palatable to children going through rehabilitation.
The team go on to explain the benefits on the clinical side of things, regarding how data collection and real time monitoring can aid in delivery. The project also involved the creation of a system for generating reports and accessing patient data to support this work, as well as a fun connection assistant called Sharky.
Overall, the talk serves as a useful insight as to how commonly-available hardware can be transformed into useful clinical tools. Indeed, it’s not so different from the gamification we see all the time in the exercise space, where smartwatches and apps are used to increase motivation and provide data for analysis. Ultimately, with a project like this, if you can motivate a patient to pursue their rehabilitation goals while collecting data at the same time, that’s useful in more ways than one.
NEW: FBI and Dutch police seized and shut down a botnet made of hacked routers.
U.S. authorities also indicted three Russians and a Kazakhstan national for hacking the devices, running the botnet, and selling access to it as a service.
U.S. authorities indicted three Russians and one Kazakhstan national for hacking and selling access to a botnet made of vulnerable internet-connected devices.
This week, Hackaday’s Elliot Williams and Kristina Panos met up across the universe to bring you the latest news, mystery sound, and of course, a big bunch of hacks from the previous week.
In Hackaday news, the 2025 Pet Hacks Contest rolls on. You have until June 10th to show us what you’ve got, so head over to Hackaday.IO and get started today!
On What’s That Sound, Kristina actually got it this time, although she couldn’t quite muster the correct name for it, however at Hackaday we’ll be calling it the “glassophone” from now on. Congratulations to [disaster_recovered] who fared better and wins a limited edition Hackaday Podcast t-shirt!
After that, it’s on to the hacks and such, beginning with a complete and completely-documented wireless USB autopsy. We take a look at a lovely 3D-printed downspout, some DIY penicillin, and a jellybean iMac that’s hiding a modern PC. Finally, we explore a really cool 3D printing technology, and ask what happened to typing ‘www.’.
Check out the links below if you want to follow along, and as always, tell us what you think about this episode in the comments!
You’re designing an oscilloscope with modest storage — only 15,000 samples per channel. However, the sample rate is at 5 Gs/s, and you have to store all four channels at that speed and depth. While there is a bit of a challenge implied, this is quite doable using today’s technology. But what about in the 1990s when the Tektronix TDS 684B appeared on the market? [Tom Verbure] wondered how it was able to do such a thing. He found out, and since he wrote it up, now you can find out, too.
Inside the scope, there are two PCBs. There’s a CPU board, of course. But there’s not enough memory there to account for the scope’s capability. That much high-speed memory would have been tough in those days, anyway. The memory is actually on the analog board along with the inputs and digitizers. That should be a clue.
The secret is the ADG286D from National Semiconductor. While we can’t find any info on the chip, it appears to be an analog shift register, something all the rage at the time. These chips often appeared in audio special effect units because they could delay an analog signal easily.
In practice, the device worked by charging a capacitor to an input signal and then, using a clock, dumping each capacitor into the next one until the last capacitor produced the delayed output. Like any delay line, you could feed the output to the input and have a working memory device.
The scope would push samples into the memory at high speed. Then the CPU could shift them back out on a much slower clock. A clever design and [Tom] gives us a great glimpse inside a state-of-the-art 1990s-era scope.
While we haven’t seen the ADG286D before, we have looked at analog shift registers, if you want to learn more.
Filippo Valsorda
in reply to Filippo Valsorda • • •The age file header is sent to the client, which decrypts it using typage's new passkey support (github.com/FiloSottile/typage?…) and sends back the file key. The server decrypts the password with it and mounts the dataset.
Can use it from my phone via iCloud Keychain, or could use YubiKeys, too!
GitHub - FiloSottile/typage: A TypeScript implementation of the age file encryption format, available as an npm package or as a bundled .js file.
GitHubVarbin
in reply to Filippo Valsorda • • •Interesting idea. I wonder if this could be packaged for initrd for the decryption of the root file system
Does this check for the CTAP protocol version? I don't know if it is transparent in the browser. Unfortunately, CTAP2.0 had a user validation bypass for PRF which is fixed with CTAP2.1.
Rogan Dawes
in reply to Filippo Valsorda • • •:bongoCat:
in reply to Filippo Valsorda • • •