securityaffairs.com/187309/bre…
#securityaffairs #hacking
Russia-linked Sandworm APT implicated in major cyber attack on Poland’s power grid - Security Affairs
Russia-linked APT Sandworm launched what was described as the largest cyber attack on Poland’s power grid in Dec 2025.Pierluigi Paganini (Security Affairs)
Cybersecurity & cyberwarfare reshared this.
Quando il Malware si Nasconde nei Video! La Tecnica PixelCode Smonta le Regole
📌 Link all'articolo : redhotcyber.com/post/quando-il…
#redhotcyber #news #pixelcode #steganografia #crittografia #sicurezzainformatica #hacking #malware #cybersecurity #informatica #codicebinario
Quando il Malware si Nasconde nei Video! La Tecnica PixelCode Smonta le Regole
Scopri come i ricercatori hanno sviluppato una tecnica per nascondere dati binari all'interno di immagini e video, sfruttando i pixel per veicolare malware.Redazione RHC (Red Hot Cyber)
Cybersecurity & cyberwarfare reshared this.
Come un semplice file di Visual Studio Code può diventare una backdoor per hacker statali
📌 Link all'articolo : redhotcyber.com/post/come-un-s…
#redhotcyber #news #cybersecurity #hacking #malware #git #visualstudiocode #sicurezzainformatica #minacceinformatiche #evoluzione
Come un semplice file di Visual Studio Code può diventare una backdoor per hacker statali
La Corea del Nord utilizza Visual Studio Code per attacchi informatici tramite repository GitHub e ingegneria sociale.Redazione RHC (Red Hot Cyber)
reshared this
🚀 RHC CONFERENCE 2026 (V EDIZIONE) - Termine massimo 28 febbraio
Se siete ancora indecisi, è ora di decidersi. Scrivete a sponsor@redhotcyber.com.
📍 Pagina dell'evento: redhotcyber.com/red-hot-cyber-…
#redhotcyber #rhcconference #conferenza #informationsecurity #ethicalhacking #dataprotection
RHC Conference 2026
Red Hot Cyber è lieta di annunciare la prossima RHC Conference 2026. In questa pagina potete trovare tutte le informazioni relative all'evento.Red Hot Cyber
Cybersecurity & cyberwarfare reshared this.
Microsoft Teams saprà dove sei: la posizione geografica verrà dedotta dal Wi-Fi
📌 Link all'articolo : redhotcyber.com/post/microsoft…
#redhotcyber #news #microsoftteams #posizionefisica #retewifi #utentewindows #utentemacos #istanzecloud #cloudstandard #multitenant
Microsoft Teams saprà dove sei: la posizione geografica verrà dedotta dal Wi-Fi
Microsoft Teams introduce un aggiornamento che rileva automaticamente la posizione fisica dei lavoratori tramite la rete Wi-Fi, suscitando preoccupazioni sulla privacy.Redazione RHC (Red Hot Cyber)
Cybersecurity & cyberwarfare reshared this.
Khaby Lame vende i diritti della sua identità digitale per 900 milioni di dollari. Ma c’è da riflettere
📌 Link all'articolo : redhotcyber.com/post/khaby-lam…
#redhotcyber #news #khobylame #creatoritaliano #diritticommerciali #partnership #licenze #ecommerce #marchio #italianisucces #socialmedia
Khaby Lame vende i diritti della sua identità digitale per 900 milioni di dollari. Ma c'è da riflettere
Khaby Lame, il creator italiano più seguito al mondo, ha venduto parte dei diritti commerciali legati alla sua identità digitale per 900-975 milioni di dollari.Redazione RHC (Red Hot Cyber)
Ricardo Antonio Piana likes this.
Cybersecurity & cyberwarfare reshared this.
Bike Spokes, Made of Rope
We know this one is a few years old, but unless you’re deep into the cycling scene, there’s a good chance this is the first time you’ve heard of [Ali Clarkson’s] foray into home made rope spokes.
The journey to home-made rope spoke begun all the way back in 2018, shortly after the company Berd introduced their very expensive rope spokes. Berd’s spokes are made of a hollow weaved ultrahigh molecular weight polyethylene (UHMWPE) rope with very low creep. They claim wheels stronger than steel spoke equivalents at a fraction of the weight. Naturally forum users asked themselves, “well why can’t we make our own?” As it turns out, there are a handful of problems with trying this at home.
There are a number of ways to skin this proverbial cat, but they all center around some very special nautical ropes, namely, Robline DM20. This rope has excellent wear and creep characteristics, in a hollow weave much like what Berd developed. The hubs also require the addition of a bevel around the spoke holes to prevent wear. Beyond those two similarities, there are quite a number of ways to lace the spokes between the hub and wheels.
However, a number of other methods have been tried on the forum threads. Namely, a number of users have attempted to varying degrees of success putting a length of spoke inside the hollow rope weave and “Chinese finger trapping” it together. The key issue here is sourcing a glue strong enough to hold the spoke piece on at lower tensions, but flexible enough to not crack with the cyclical loading on a rim.
Ultimately, this is a great look at the properties of some extremely special rope. This also isn’t the first time we have seen strange bicycle wheels made with UHMWPE.
youtube.com/embed/6hXOYfnhStI?…
Truffe dei falsi abbonamenti in scadenza - Marco Camisani Calzolari testimonial della Polizia di Stato -
Video del nuovo episodio della campagna "Cyber Hygiene", promossa dalla di Polizia Postale. In questo episodio le truffe dell'abbonamento alle piattaforme diWeb Staff MCC (Marco Camisani Calzolari)
reshared this
Hackaday Links: January 25, 2026
If predictions hold steady, nearly half of the United States will be covered in snow by the time this post goes live, with the Northeast potentially getting buried under more than 18 inches. According to the National Weather Service, the “unusually expansive and long-duration winter storm will bring heavy snow from the central U.S. across the Midwest, Ohio Valley, and through the northeastern U.S. for the remainder of the weekend into Monday.” If that sounds like a fun snow day, they go on to clarify that “crippling to locally catastrophic impacts can be expected”, so keep that in mind. Hopefully you didn’t have any travel plans, as CNBC reported that more than 13,000 flights were canceled as of Friday night. If you’re looking to keep up with the latest developments, we recently came across StormWatch (GitHub repo), a slick open source weather dashboard that’s written entirely in HTML. Stay safe out there, hackers.
Speaking of travel, did you hear about Sebastian Heyneman’s Bogus Journey to Davos? The entrepreneur (or “Tech Bro” to use the parlance of our times) was in town to woo investors attending the World Economic Forum, but ended up spending the night in a Swiss jail cell because the authorities thought he might be a spy. Apparently he had brought along a prototype for the anti-fraud device he was hawking, and mistakenly left it laying on a table while he was rubbing shoulders. It was picked up by security guards and found to contain a very spooky ESP32 development board, so naturally he was whisked off for interrogation. A search of his hotel room uncovered more suspicious equipment, including an electric screwdriver and a soldering iron. Imagine if a child had gotten their hands on them?
But the best part of the story is when Sebastian tries to explain the gadget’s function to investigators. When asked to prove that the code on the microcontroller wasn’t malicious, he was at a loss — turns out our hero used AI to create the whole thing and wasn’t even familiar with the language it was written in. In his own words: “Look, I’m not a very good hardware engineer, but I’m a great user of AI. I was one of the top users of Cursor last year. I did 43,000 agent runs and generated 25 billion tokens.” Oof. Luckily, the Swiss brought in a tech expert who quickly determined the device wasn’t dangerous. He was even nice enough to explain the code line-by-line to Sebastian before he was released. No word on whether or not they charged him for the impromptu programming lesson.
It wasn’t hard for the Swiss authorities to see what was inside the literal black box Sebastian brought with him, but what if that wasn’t possible? Well, if you’ve got an x-ray machine handy, that could certainly help. The folks at Eclypsium recently released a blog post that describes how they compared a legit FTDI cable with a suspect knock-off by peering at their innards. What we thought was particularly interesting was how they were able to correctly guess which one was the real deal based on the PCB design. The legitimate adapter featured things like ground pours and decoupling caps, and the cheap one…didn’t. Of course, this makes sense. If you’re looking to crank something out as cheaply as possible, those would be the first features to go. (Editor’s note: sarcasm.)
It doesn’t take an x-ray machine or any other fancy equipment to figure out that the Raspberry Pi 5 is faster than its predecessors. But quantifying just how much better each generation of Pi is compared to the other members of the family does require a bit more effort, which is why we were glad to see that The DIY Life did the homework for us. It’s not much of a spoiler to reveal that the Pi 5 won the head-to-head competition in essentially every category, but it’s still interesting to read along to see how each generation of hardware fared in the testing.
Finally, Albedo has released a fascinating write-up that goes over the recent flight of their Very Low Earth Orbit (VLEO) satellite, Clarity-1. As we explained earlier this week, operating at a lower orbit offers several tangible benefits to spacecraft. One of the major ones is that such an orbit decays quickly, meaning a spacecraft could burn up just months or even days after its mission is completed. For Albedo specifically, they’re taking advantage of the lower altitude to snap closeup shots of the Earth. While there were a few hiccups, the mission was overall a success, providing another example of how commercial operators can capitalize on this unique space environment.
See something interesting that you think would be a good fit for our weekly Links column? Drop us a line, we’ve love to hear about it.
Gli utenti di TikTok impazziscono per la raccolta di "stati di immigrazione" dell'app: ecco cosa significa
Molti utenti stanno anche postando sui social media commenti sul testo dell'informativa, in cui si afferma che TikTok potrebbe raccogliere informazioni sensibili sui suoi utenti, tra cui la loro "vita sessuale o orientamento sessuale, stato di transgender o non binario, cittadinanza o stato di immigrazione".
techcrunch.com/2026/01/23/tikt…
TikTok users freak out over app's 'immigration status' collection -- here's what it means | TechCrunch
TikTok users are freaking out over a mention of "immigration status" data collection, but lawyers explain the disclosure is related to state privacy laws.Sarah Perez (TechCrunch)
adhocfungus likes this.
reshared this
La Cina ti spia. Gli USA di più. TikTok USA si impegna a raccogliere dati precisi sulla posizione degli utenti
La nuova joint venture statunitense di TikTok ha apportato modifiche alla propria politica sulla privacy, tra cui l'ampliamento del tipo di dati sulla posizione che l'azienda può raccogliere dai suoi 200 milioni di utenti americani.
bbc.com/news/articles/cvgnj7v2…
TikTok US venture to collect precise user location data
Details on the expanded access to location information was published in a new privacy policy for the popular social media app.Lily Jamali (BBC News)
like this
reshared this
@anon_4601
> chi potrà impedire loro di inserirlo in tutti i vari play store e app store, compresi quelli dell'UE?
Al momento sono proprio le leggi europee che lo impediscono
Ecco Rayhunter: un nuovo strumento open source di EFF per rilevare lo spionaggio cellulare (post di marzo 2025)
Rayhunter è un nuovo strumento open source che abbiamo creato, basato su un hotspot mobile conveniente, che speriamo consenta a chiunque, indipendentemente dalle competenze tecniche, di cercare CSS in tutto il mondo
eff.org/deeplinks/2025/03/meet…
Meet Rayhunter: A New Open Source Tool from EFF to Detect Cellular Spying
Rayhunter is a new open source tool we’ve created that runs off an affordable mobile hotspot that we hope empowers everyone, regardless of technical skill, to help search out cell-site simulators (CSS) around the world.Electronic Frontier Foundation
reshared this
L'ICE chiede alle aziende informazioni sugli strumenti "Ad Tech e Big Data" che potrebbero utilizzare nelle indagini
Un nuovo documento federale dell'ICE dimostra come il governo stia prendendo sempre più in considerazione gli strumenti commerciali per l'applicazione della legge e la sorveglianza.
adhocfungus likes this.
reshared this
Una nuova guida al Fediverso. Ce n'è davvero bisogno? E a voi cosa piacerebbe sapere? (Edit: PUBBLICATA!)
Sono in procinto di pubblicare una nuova guida esperienziale rivolta a chi desidera capire il fediverso a 360 gradi.
Il titolo sarà probabilmente questo:
«La scuola guida per esplorare il Fediverso, goderselo e vivere meglio»
Ma c'è una sorpresa...
Eccola qui:
mastodon.uno/@informapirata@ww…
like this
reshared this
No certo è che non avevo considerato i divulgatori come content creator, quando chiaramente lo sono.
Che succede nel Fediverso? reshared this.
Balancing a Turbine Rotor to 1 mg With a DIY Dynamic Balancer
In the previous part of the series the turbine disc was machined out of inconel alloy, as the part will be subjected to significant heat as well when operating. To make sure that the disc is perfectly balanced, a dynamic balancing machine is required. The design that was settled on after a few failed attempts uses an ADXL335 accelerometer and Hall sensor hooked up to an ESP32, which is said to measure imbalance down to ~1 mg at 4,000 RPM.
A big part of the dynamic balancing machine is the isolation of external vibrations using a bearing-supported free-floating structure. With that taken care of, this made measuring the vibrations caused by an imbalanced rotor much easier to distinguish. The ESP32 is here basically just to read out the sensors and output the waveforms to a connected PC via serial, with the real work being a slow and methodical data interpretation and balancing by hand.
youtube.com/embed/oMzTQzkCGVw?…
Allarme CISA: exploit in corso contro VMware vCenter. Rischio RCE senza autenticazione
📌 Link all'articolo : redhotcyber.com/post/allarme-c…
#redhotcyber #news #cybersecurity #hacking #vulnerabilita #vmware #broadcom #cisa #sicurezzainformatica
Allarme CISA: exploit in corso contro VMware vCenter. Rischio RCE senza autenticazione
Scopri la vulnerabilità critica CVE-2024-37079 in VMware vCenter Server e come proteggere la tua rete aziendale da questo attacco.Redazione RHC (Red Hot Cyber)
Cybersecurity & cyberwarfare reshared this.
SSH over USB on a Raspberry Pi
Setting up access to a headless Raspberry Pi is one of those tasks that should take a few minutes, but for some reason always seems to take much longer. The most common method is to configure Wi-Fi access and an SSH service on the Pi before starting it, which can go wrong in many different ways. This author, for example, recently spent a few hours failing to set up a headless Pi on a network secured with Protected EAP, and was eventually driven to using SSH over Bluetooth. This could thankfully soon be a thing of the past, as [Paul Oberosler] developed a package for SSH over USB, which is included in the latest versions of Raspberry Pi OS.
The idea behind rpi-usb-gadget is that a Raspberry Pi in gadget mode can be plugged into a host machine, which recognizes it as a network adapter. The Pi itself is presented as a host on that network, and the host machine can then SSH into it. Additionally, using Internet Connection Sharing (ICS), the Pi can use the host machine’s internet access. Gadget mode can be enabled and configured from the Raspberry Pi Imager. Setting up ICS is less plug-and-play, since an extra driver needs to be installed on Windows machines. Enabling gadget mode only lets the selected USB port work as a power input and USB network port, not as a host port for other peripherals.
An older way to get USB terminal access is using OTG mode, which we’ve seen used to simplify the configuration of a Pi as a simultaneous AP and client. If you want to set up headless access to Raspberry Pi desktop, we have a guide for that.
Thanks to [Gregg Levine] for the tip!
This Unlikely Microsoft Prediction Might Just Hit The Mark
It’s fair to say that there are many people in our community who just love to dunk on Microsoft Windows. It’s an easy win, after all, the dominant player in the PC operating system market has a long history of dunking on free software, and let’s face it, today’s Windows doesn’t offer a good experience. But what might the future hold? [Mason] has an unexpected prediction: that Microsoft will eventually move towards offering a Windows-themed Linux distro instead of a descendant of today’s Windows.
The very idea is sure to cause mirth, but on a little sober reflection, it’s not such a crazy one. Windows 11 is slow and unfriendly, and increasingly it’s losing the position once enjoyed by its ancestors. The desktop (or laptop) PC is no longer the default computing experience, and what to do about that must be a big headache for the Redmond company. Even gaming, once a stronghold for Windows, is being lost to competitors such as Valve’s Steam OS, so it wouldn’t be outlandish for them to wonder whether the old embrace-and-extend strategy could be tried on the Linux desktop.
We do not possess a working crystal ball here at Hackaday, so we’ll hold off hailing a Microsoft desktop Linux. But we have to admit it’s not an impossible future, having seen Apple reinvent their OS in the past using BSD, and even Microsoft bring out a cloud Linux distro. If you can’t wait, you’ll have to make do with a Windows skin, WINE, and the .NET runtime on your current Linux box.
Inside a Sketchy Mains Voltage Touch Control Dimmer
These unassuming little boxes are built around the Tontek TT6061A, listed as a ‘touch dimmer’, which uses a triac to control the output current. There are four levels, ranging from off to full brightness, before the next touch event turns the output off again.
With the output off, [Clive] measured 0.7 W power usage. After popping open the plastic enclosure, the circuitry turned out to largely follow the recommended application circuit from the datasheet — as can be seen in the above screenshot — with apparently a few cost optimizations, in the form of omitted diodes and a capacitor.
The problem with these devices is that they are only really suitable for dimming low-power resistive loads like incandescent lights, with LED lights likely requiring the unpopulated capacitor spot on the PCB to be populated to tweak the chip’s triac timing, among other changes. There are also the slight issues with no real concern with them radiating EMI, and the exciting possibility of getting shocked at mains voltage without at least a class-Y capacitor installed.
Perhaps using a capacitive touch controller instead that works through plastic, for example, isn’t such a crazy alternative here, especially since they’re not really much more expensive and less likely to shock you. Want to create your own triac designs? We have just the post to get you started.
youtube.com/embed/J6cFAqZdzFw?…
Commodore 64 Helps Revive the BBS Days
Before the modern Internet existed, there were still plenty of ways of connecting with other computer users “online”, although many of them might seem completely foreign to those of us in the modern era. One of those systems was the Bulletin Board System, or BBS, which would have been a single computer, often in someone’s home, connected to a single phone line. People accessing the BBS would log in if the line wasn’t busy, leave messages, and quickly log out since the system could only support one user at a time. While perhaps a rose-tinted view, this was a more wholesome and less angsty time than the modern algorithm-driven Internet, and it turns out these systems are making a bit of a comeback as a result.
The video by [The Retro Shack] sets up a lot of this history for context, then, towards the end, uses a modern FPGA-based recreation called the Commodore 64 Ultimate to access a BBS called The Old Net, a modern recreation of what these 80s-era BBS systems were like. This involves using a modern networking card that allows the C64 to connect to Wi-Fi access points to get online instead of an old phone modem, and then using a terminal program called CCGMS to connect to the BBS itself. Once there, users can access mail, share files, and even play a few games.
While the video is a very basic illustration of how these BBS systems worked and how to access one, it is notable in that it’s part of a trend of rejecting more modern technology and systems in favor of older ones, where the users had more control. A retro machine like a C64 or Atari is not required either; modern operating systems can access these with the right terminal program, too. A more in-depth guide to the BBS can be found here for those looking to explore, and we’ve also seen other modern BBS systems recently.
Thanks to [Charlie] for the tip!
youtube.com/embed/A2x3TKRB5X4?…
reshared this
Linux 7.0 dice addio alla reliquia HIPPI: eliminato un pezzo di storia del supercomputing
📌 Link all'articolo : redhotcyber.com/post/linux-7-0…
#redhotcyber #news #linux #kernel #linux7 #hippi #rete #interfaccia
Linux 7.0 dice addio alla reliquia HIPPI: eliminato un pezzo di storia del supercomputing
Linux 7.0 rimuoverà il supporto per HIPPI, un protocollo datato per il trasferimento dati. Scopri cosa significa questa scelta per gli utenti e gli sviluppatori.Redazione RHC (Red Hot Cyber)
Cybersecurity & cyberwarfare reshared this.
RE: infosec.exchange/@securityaffa…
Mica tanto "possiile", cara Nike =)
#Nike is investigating a possible data breach, after WorldLeaks claims
securityaffairs.com/187303/dat…
#securityaffairs #hackingNike is investigating a possible data breach, after WorldLeaks claims
Nike is investigating a possible cyber incident after the WorldLeaks group claimed it stole data from the company’s systems.Pierluigi Paganini (Security Affairs)
Cybersecurity & cyberwarfare reshared this.
securityaffairs.com/187303/dat…
#securityaffairs #hacking
Nike is investigating a possible data breach, after WorldLeaks claims
Nike is investigating a possible cyber incident after the WorldLeaks group claimed it stole data from the company’s systems.Pierluigi Paganini (Security Affairs)
Cybersecurity & cyberwarfare reshared this.
Meloni chiede una squadra congiunta ITA-CH per investigare sulle cause e sulle negligenze al Le Constellation.
La motivazione?
In CH non abbiamo ingerenze politiche nelle indagini di polizia e questa cosa non piace alla Gioggia nazionale.
Le responsabilità ci sono, le vittime ci sono e nessuna giustizia su carta le renderà alle loro famiglie.
Ma smettetela, italioti politicanti, di usare la leva della "giustizia per le vittime" quando non sapete ancora dare risposta alle vittime di Garlasco, via Poma, Erba, Mazara, Brembate, Cogne e tutte le altre vittime che non erano così mainstream da finire per anni nelle cronache.
reshared this
quando parlo di governo, aggiungo spesso l'espressione "pro tempore": il governo è transitorio (anche se poi, i peggiori governi non pssano mai rapidamente) e non vale la pena rinunciare alla cittadinanza del proprio paese a causa di un governo di persone indegne.
Comprendo benissimo però il tuo disagio, anche perché non si vedono ancora all'orizzione segni di inversione di tendenza...
@informapirata Ti posso parafrasare AG&G, nei "Corti", la scena della montagna?
Ecco: "un momento? È 50 anni che è un momento!"
Non credo più al transitorio, manca qualcosa di fondo. Cultura del rispetto. Si fanno governare dalle mafie, dai milionari, dai presidenti di altri paesi, dal flow di economia, dai soldi.
I soldi governano ogni aspetto.
Basta capire che prezzo abbiamo, perché tutti lo abbiamo. E, parafrasando J-Ax, "quando arrivi al top, resi intrappolato al pop come un topo". Questi sentono l'odore dei soldi, della bella vita, di un palco dal quale nessuno li tira giù, vogliono essere ascoltati, vogliono essere adorati, perché secondo loro ce l'hanno fatta. Vogliono essere democratici perché il popolo è sovrano ma decidono loro.
E democraticamente devono andare affanculo =)
informapirata ⁂ reshared this.
This Script Removes the AI Features From Chrome, Edge, and Firefox
This script disables AI and other annoyances in all major browsers.Justin Pot (Lifehacker)
reshared this
17 porta male, così come queste estensioni.
lifehacker.com/tech/delete-mal…
If You've Installed Any of These 17 Browser Extensions, Delete Them Now
These popular add-ons have been found across Chrome, Firefox, and Edge.Emily Long (Lifehacker)
reshared this
Interessante analisi che mostra come l’algoritmo di #X, sotto il dominio di Musk, amplifichi la polarizzazione, premiando i contenuti estremi e alterando il comportamento degli utenti.
Le dinamiche di visibilità spingono gli utenti ad adattarsi a quello che viene mostrato (scelto o meno, schifo o meno), con la scelta finale: disimpegnarsi (vabbé, resto fino a un certo punto) o lasciare la piattaforma - evidenziando il potere algoritmico influisca molto sul discorso pubblico.
L'articolo di partenza è di @valigiablu qui: valigiablu.it/identikit-algori…
Per la parte tecnica, il post di Andrea qui: x.com/Pinperepette/status/2015…
Identikit dell'algoritmo di Musk: restare o lasciare X? - Valigia Blu
L'algoritmo di X non premia la verità, ma l'attenzione sostenuta. Tu pensi di resistere postando contenuti "di qualità", ma stai già imparando a scrivere come vuole lui.Bruno Saetta (Valigia Blu)
SnowSnac likes this.
reshared this
securityaffairs.com/187299/mal…
#securityaffairs #hacking #malware
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 81
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscapePierluigi Paganini (Security Affairs)
Cybersecurity & cyberwarfare reshared this.
La bellezza dei response copia-incollati e spacciati come contenuti originali è pari solo alla credibilità di chi li pubblica.
Si riconoscono, e anche quelli meno evidenti hanno pattern che venogno ricoosciuti tramite tool appositi.
Di questo passo, già il giornalismo è morto (quello vero, fatto di giornalisti veri, fortuna sopravvive), ogni notizia spacciata in rete sarà falsa e/o dubitabile.
E nessuno sarà più in grado di scrivere due righe senza consultare l'AI.
#stikazzi preferisco spellarmi le mani sulla tastiera e scrivere contenuti originali, che non si perdono nella valle di lacrime artificiale.
/rant
Cybersecurity & cyberwarfare reshared this.
LA GUERRA: ALCUNE SUE DEFINIZIONI E CARATTERISTICHE (QUINTA PARTE)
@Informatica (Italy e non Italy 😁)
La guerra e le componenti “esterne”
Tra le varie “componenti esterne” della guerra vi sono l’ambiente naturale che può influire sull’economia, le tecnologie e le capacità militari di una popolazione.
L'articolo LA GUERRA: ALCUNE SUE DEFINIZIONI E CARATTERISTICHE (QUINTA PARTE)
Informatica (Italy e non Italy) reshared this.
Silenzio.
HR deglutisce.
Il CISO alza lo sguardo. 👀
Perché la vera cybersecurity non premia chi attacca,
ma chi pensa come un attaccante per difendere meglio.
🔐 Non è glorificazione dell’hacking
🔍 è consapevolezza del rischio
🛡️ è prevenzione prima dell’incidente
💭 Riflessione finale
non serve aspettare il crimine per parlare di sicurezza.
Serve ascoltare chi sa dove guardare prima che sia troppo tardi.
#redhotcyber #informationsecurity #ethicalhacking #dataprotection #hacking #cybersecurity #cybercrime #cybersecurityawareness #cybersecuritytraining #cybersecuritynews #privacy #infosecurity #memetime #meme
Ricardo Antonio Piana likes this.
Cybersecurity & cyberwarfare reshared this.
Lo scandalo Grok: 3 milioni di immagini a sfondo sessuale generate in 11 giorni
📌 Link all'articolo : redhotcyber.com/post/lo-scanda…
#redhotcyber #news #intelligenzaartificiale #elonmusk #grok #contenutosessuale #minori #ccdh #indagine
Lo scandalo Grok: 3 milioni di immagini a sfondo sessuale generate in 11 giorni
Grok, lo strumento di intelligenza artificiale di Elon Musk, ha generato milioni di immagini a sfondo sessuale, comprese 23.000 con minori, in soli 11 giorni.Redazione RHC (Red Hot Cyber)
Cybersecurity & cyberwarfare reshared this.
208 - Come deve cambiare la scuola ai tempi dell’AI - Marco Camisani Calzolari
Come deve cambiare la scuola ai tempi dell’Intelligenza Artificiale I compiti non li fanno più gli studenti. Li fa l’Intelligenza Artificiale. E la scuola deve urgentemente cambiare, profondamente.Web Staff MCC (Marco Camisani Calzolari)
Cybersecurity & cyberwarfare reshared this.
“Ho rubato 120.000 Bitcoin”: la confessione dell’hacker di Bitfinex che ora vuole difendere il cyberspazio
📌 Link all'articolo : redhotcyber.com/post/ho-rubato…
#redhotcyber #news #hacker #cybersecurity #criptovalute #sicurezzainformatica #pentimento #secondaschance
“Ho rubato 120.000 Bitcoin”: la confessione dell’hacker di Bitfinex che ora vuole difendere il cyberspazio
L'ex hacker Ilya Lichtenstein, che ha rubato 120.000 bitcoin, vuole cambiare vita e lavorare nella sicurezza informatica dopo aver trascorso quasi 4 anni in carcere.Redazione RHC (Red Hot Cyber)
Ricardo Antonio Piana likes this.
Cybersecurity & cyberwarfare reshared this.
Building A Little Quadruped Robot
Robots don’t have to be large and imposing to be impressive. As this tiny quadruped from [Dorian Todd] demonstrates, some simple electronics and a few servos can create something altogether charming on their own.
This little fellow is named Sesame. A quadruped robot, it’s built out of 3D-printed components. Each leg features a pair of MG90S hobby servos, one of which rotates the leg around the vertical axis, while the other moves the foot. The ESP32 microcontroller controls all eight servos, enabling remote control of Sesame via its built-in wireless connectivity. Sesame also gets a 128×64 OLED display, which it uses to display a range of emotions.
Mechanically, the Sesame design isn’t particularly sophisticated. Where it shines is that even with such a limited range of motion, between its four legs and its little screen, this robot can display a great deal of emotion. [Dorian] shows this off in the project video, in which Sesame scampers around a desktop with all the joy and verve of a new puppy. It’s also very cheap; [Dorian] estimates you can build your own Sesame for about $60. Files are on GitHub for the curious.
If you prefer your quadrupeds built for performance over charm, you might consider an alternative build. Video after the break.
youtube.com/embed/1UDsWkcQZhc?…
Tamper Detection with Time-Domain Reflectometry
For certain high-security devices, such as card readers, ATMs, and hardware security modules, normal physical security isn’t enough – they need to wipe out their sensitive data if someone starts drilling through the case. Such devices, therefore, often integrate circuit meshes into their cases and regularly monitor them for changes that could indicate damage. To improve the sensitivity and accuracy of such countermeasures, [Jan Sebastian Götte] and [Björn Scheuermann] recently designed a time-domain reflectometer to monitor meshes (pre-print paper).
Many meshes are made from flexible circuit boards with winding traces built into the case, so cutting or drilling into the case breaks a trace. The problem is that most common ways to detect broken traces, such as by resistance or capacitance measurements, aren’t easy to implement with both high sensitivity and low error rates. Instead, this system uses time-domain reflectometry: it sends a sharp pulse into the mesh, then times the returning echoes to create a mesh fingerprint. When the circuit is damaged, it creates an additional echo, which is detected by classifier software. If enough subsequent measurements find a significant fingerprint change, it triggers a data wipe.
The most novel aspect of this design is its affordability. An STM32G4-series microcontroller manages the timing, pulse generation, and measurement, thanks to its two fast ADCs and a high-resolution timer with sub-200 picosecond resolution. For a pulse-shaping amplifier, [Jan] and [Björn] used the high-speed amplifiers in an HDMI redriver chip, which would normally compensate for cable and connector losses. Despite its inexpensive design, the circuit was sensitive enough to detect when oscilloscope probes contacted the trace, pick up temperature changes, and even discern the tiny variations between different copies of the same mesh.
It’s not absolutely impossible for an attacker to bypass this system, nor was it intended to be, but overcoming it would take a great deal of skill and some custom equipment, such as a non-conductive drill bit. If you’re interested in seeing such a system in the real world, check out this teardown of a payment terminal. One of the same authors also previously wrote a KiCad plugin to generate anti-tamper meshes.
Thanks to [mark999] for the tip!
Wireless MIDI Controller Has Lots Of Knobs
We live in a golden age for MIDI controllers. [rheslip]’s contribution to the milieu is a twisty take on the format, in that it’s covered in an array of knobs. Thus the name—Twisty 2.
The controller can be built using the Raspberry Pi Pico or Pico 2. It’s set up to read a 4×4 array of clickable encoders, plus two bonus control knobs to make 18 in total, which are read via a 74HC4067 analog mux chip. There’s also an SK6812 RGB LED for each encoder, and an OLED display for showing status information. MIDI output is via USB, or, if you purchased the W variant of the Pi Pico/Pico 2, it can operate wirelessly over Bluetooth MIDI instead. The controller is set up to send MIDI CC messages, program changes, or note on/off messages depending on its configuration. Flipping through different modes is handled with the bottom set of encoders and the OLED display.
Few musicians we’ve ever met have told us they learned how to play the encoders, and yet. The cool thing about building your own MIDI controller is you can tune it to suit whatever method of performance strikes your fancy. If the name of this build alone has you inspired, you could always whip up a MIDI controller out of a Twister mat.
youtube.com/embed/-W1Gd_hKzS8?…
Ancient Egyptian Flatness
Making a truly flat surface is a modern engineering feat, and not a small one. Even making something straight without reference tools that are already straight is a challenge. However, the ancient Egyptians apparently made very straight, very flat stone work. How did they do it? Probably not alien-supplied CNC machines. [IntoTheMap] explains why it is important and how they may have done it in a recent video you can see below.
The first step is to define flatness, and modern mechanical engineers have taken care of that. If you use 3D printers, you know how hard it is to even get your bed and nozzle “flat” with respect to each other. You’ll almost always have at least a 100 micron variation in the bed distances. The video shows how different levels of flatness require different measurement techniques.
The Great Pyramid’s casing stones have joints measuring 0.5 mm, which is incredible to achieve on such large stones with no modern tools. A stone box in the Pyramid of Seostris II is especially well done and extremely flat, although we can make things flatter today.
The main problem with creating a flat surface is that to do a good job, you need some flat things to start with. However, there is a method from the 19th century that uses three plates and multiple lapping steps to create three very flat plates. In modern times, we use a blue material to indicate raised areas, much as a dentist makes you chomp on a piece of paper to place a crown. There are traces of red ochre on Egyptian stonework that probably served the same purpose.
Lapping large pieces is still a challenge, but moving giant stones at scale appears to have been a solved problem for the Egyptians. Was this the method they used? We don’t know, of course. But it certainly makes sense.
It would be a long time before modern people could make things as flat. While we can do even better now, we also have better measuring tools.
youtube.com/embed/vhv8fAqN1cw?…
Reviewing Tweezers for Microsoldering and SMD Work
![[nanofix] and his assortment of tweezers](https://poliverso.org/photo/link/393829 "[nanofix] and his assortment of tweezers")
Attributed to Picasso was the notion that when art critics get together they talk about content, style, trend, and meaning; but that when painters get together they talk about where to get the best turpentine. We can extend that sentiment into the digital age by saying that when philosophers get together they talk about ideas, theory, and meaning; but when hackers get together they talk about where to get the best tweezers.
In this video [nanofix] runs us through his collection of tweezers talking about what he likes and doesn’t like for each. If you’re just getting into microsoldering this video will have some tips about where you should start, and if you’ve been soldering tiny stuff for a while you might find some ideas for a helpful new bit of kit, or two.
If you’re interested in tweezers and novel applications you might want to check out “smart” tweezers, which can read capacitance and resistance values on the fly. Or read about a suction based SMD tool, which can securely hold SMD components with less risk of them flying across the bench and disappearing forever into the carpet on the floor.
youtube.com/embed/gt9MdfWkz1k?…
securityaffairs.com/187290/bre…
#securityaffairs #hacking #malware
Security Affairs newsletter Round 560 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs in your email boxPierluigi Paganini (Security Affairs)
Cybersecurity & cyberwarfare reshared this.
Plaoo
in reply to informapirata ⁂ • • •reshared this
Informatica (Italy e non Italy) e informapirata ⁂ reshared this.
[AF]2050
in reply to informapirata ⁂ • • •Non sto più capendo niente se TikTok è cinese o in realtà da poco che si stanno americanizzando per stronzate immonde come queste.
Che feccie naziste...
reshared this
Informatica (Italy e non Italy) reshared this.
informapirata ⁂
in reply to [AF]2050 • • •@AleF2050 TikTok è di proprietà della cinese ByteDance che per evitare il bando totale negli USA, ha conferito in TikTok USDS JV il SOLO ramo USA
Oggi l'80% appartiene a un consorzio USA (con Oracle, Silver Lake e MGX) e un 20% a ByteDance, che non dispone più del controllo operativo.
@informatica
reshared this
Informatica (Italy e non Italy) e [AF]2050 reshared this.
[AF]2050
in reply to informapirata ⁂ • • •reshared this
Informatica (Italy e non Italy) e informapirata ⁂ reshared this.
informapirata ⁂
in reply to [AF]2050 • • •@AleF2050 esattamente. Probabilmente biden avrebbe semplicemente fatto chiudere il Tik Tok statunitense, mentre Trump ha deciso di trasformarlo in un asset statunitense e di far entrare nel business i suoi amici della Silicon Valley.
Poi presto anche convinto del fatto che i cinesi una bella back door L'hanno sicuramente infilata dentro al codice
@informatica
reshared this
Informatica (Italy e non Italy) reshared this.
Plaoo
in reply to informapirata ⁂ • • •reshared this
Informatica (Italy e non Italy) reshared this.