Cybersecurity & cyberwarfare
Cybersecurity & cyberwarfare
Catalin CimpanuFIRSTCON 2025 videos: https://www.youtube.com/playlist?list=PLBAUUhONOrO81e07ErZclykFgacbncbSZ
VULNCON 2025 videos: https://www.youtube.com/playlist?list=PLBAUUhONOrO8iOYvs3pAbuzb-A07ZdT9C
Cybersecurity & cyberwarfareElon Musk denuncia Apple per manipolazione dellâApp Store
Elon Musk ha annunciato che la sua azienda xAI si sta preparando a fare causa ad Apple. Il motivo è la manipolazione delle classifiche dellâApp Store, che, a suo dire, metterebbe ChatGPT di OpenAI in una posizione piĂš vantaggiosa rispetto ai suoi concorrenti. Secondo Musk, si tratta di una violazione diretta delle leggi antitrust .
âIl comportamento di Apple, tale per cui nessuna azienda di intelligenza artificiale, a parte OpenAI, è riuscita a raggiungere il primo posto nellâApp Store, costituisce una chiara violazione delle norme antitrust. Noi di xAI avvieremo immediatamente unâazione legale.â
Il miliardario non ha fornito alcuna prova a sostegno delle accuse. Anche i rappresentanti di Apple, OpenAI e xAI si sono astenuti dal rilasciare dichiarazioni.
ChatGPT è attualmente in testa alla sezione delle app gratuite dellâApp Store statunitense per iPhone, conGrok di xAI al quinto posto e Gemini di Google solo al 57°. La stessa situazione si riscontra su Google Play: su Android, ChatGPT detiene anche il primo posto, secondo Sensor Tower.
Detto questo, Apple e OpenAI hanno una partnership: ChatGPT è già integrato in iOS, iPadOS e macOS.
Questo gli conferisce un notevole vantaggio, soprattutto considerando la competizione per le prime posizioni nellâapp store, dove Grok semplicemente non può competere ad armi pari.
L'articolo Elon Musk denuncia Apple per manipolazione dellâApp Store proviene da il blog della sicurezza informatica.
Cybersecurity & cyberwarfareThe Worldâs First Podcaster?
When do you think the first podcast occurred? Did you guess in the 1890s? Thatâs not a typo. TelefonhĂrmondĂł was possibly the worldâs first true âtelephone newspaper.â People in Budapest could dial a phone number and listen to what we would think of now as radio content. Surprisingly, the service lasted until 1944, although after 1925, it was rebroadcasting a radio stationâs programming.
Tivadar PuskĂĄs, the founder of Budapestâs âTelephone Newspaperâ (public domain)
The whole thing was the brainchild of Tivadar PuskĂĄs, an engineer who had worked with Thomas Edison. At first, the service had about 60 subscribers, but PuskĂĄs envisioned the service one day spanning the globe. Of course, he wasnât wrong. There was a market for worldwide audio programs, but they were not going to travel over phone lines to the customer.
The Hungarian government kept tight control over newspapers in those days. However, as we see in modern times, new media often slips through the cracks. After two weeks of proving the concept out, PuskĂĄs asked for formal approval and for a 50-year exclusive franchise for the city of Budapest. They would eventually approve the former, but not the latter.
Unfortunately, a month into the new venture, PuskĂĄs died. His brother Albert took over and continued talks with the government. The phone company wanted a piece of the action, as did the government. Before anything was settled, Albert sold the company to IstvĂĄn Popper. He finalized the deal, which included rules requiring signed copies of the news reports to be sent to the police three times a day. The affair must have been lucrative. The company would eventually construct its own telephone network independent of the normal phone system. By 1907, they boasted 15,000 subscribers, including notable politicians and businesses, including hotels.
Invention
This was all possible because of PuskĂĄsâ 1892 invention of a telephone switchboard with a mechanism that could send a signal to multiple lines at once. The Canadian patent was titled âTelephonic News Dispenser.â
There had been demonstrations of similar technology going back to 1881 when ClĂŠment Ader piped stereo music (then called the slightly less catchy binauriclar audition) from the Paris Grand OpĂŠra to the cityâs Electrical Exhibition. Fictionally, the 1888 novel Looking Backward: 2000-1887also predicted such a service:
All our bedchambers have a telephone attachment at the head of the bed by which any person who may be sleepless can command music at pleasure, of the sort suited to the mood.â
âŚthe arrangement which he adopts is to have a separate primary and secondary coil for each subscriber, all the primaries being connected in series with the single transmitterâŚ
Cybersecurity & cyberwarfarePCB Business Card Plays Pong, Attracts Employer
Facing the horrifying realization that heâs going to graduate soon, EE student [Colin Jackson] AKA [Electronics Guy] needed a business card. Not just any business card: a PCB business card. Not just any PCB business card: a PCB business card that can play pong.
[Colin] was heavily inspired by the card [Ben Eater] was handing out at OpenSauce last year, and openly admits to copying the button holder from it. We canât blame him: the routed-out fingers to hold a lithium button cell were a great idea. The original idea, a 3D persistence-of-vision display, was a little too ambitious to fit on a business card, so [Colin] repurposed the 64 LED matrix and STM32 processor to play Pong. Aside from the LEDs and the microprocessor, it looks like the board has a shift register to handle all those outputs and a pair of surface-mount buttons.
Of course you canât get two players on a business card, so the microprocessor is serving as the opponent. With only 64 LEDs, thereâs no room for score-keeping â but apparently even the first, nonworking prototype was good enough to get [Colin] a job, so not only can we not complain, we offer our congratulations.
The video is a bit short on detail, but [Colin] promises a PCB-business card tutorial at a later date. If you canât wait for that, or just want to see other hackers take on the same idea, take a gander at some of the entries to last yearâs Business Card Challenge.
youtube.com/embed/x8Cdz36BOXc?âŚ
hackaday.com/2025/08/13/pcb-buâŚ
Cybersecurity & cyberwarfareLâintelligenza artificiale spinge le aziende a tornare ai colloqui di persona
Il processo di ricerca di lavoro è stato profondamente alterato dallâintelligenza artificiale, spingendo numerose aziende a riesumare un approccio piĂš tradizionale: i colloqui faccia a faccia, come sottolinea il WSJ.
I colloqui virtuali sono diventati la nuova norma negli ultimi anni, grazie allâaumento del lavoro da remoto e al desiderio dei datori di lavoro di assumere piĂš rapidamente. Tuttavia, i reclutatori affermano che sempre piĂš candidati utilizzano lâintelligenza artificiale per ingannare, ad esempio ricevendo indizi nascosti durante i colloqui tecnici.
Raramente, ma si verificano casi piĂš pericolosi: gli strumenti di intelligenza artificiale consentono ai truffatori di impersonare chi cerca lavoro per rubare dati o denaro dopo aver ottenuto un impiego.
In risposta a ciò, le aziende stanno tornando agli incontri di persona. Cisco e McKinsey ora includono almeno un incontro di persona in diverse fasi del processo di assunzione, e questâanno Google ha reintrodotto i colloqui di persona per alcune posizioni per testare competenze chiave come la programmazione.
âVogliamo assicurarci di effettuare almeno un giro di colloqui di persona per accertarci che il candidato abbia le conoscenze fondamentaliâ, ha affermato il CEO di Google Sundar Pichai nel podcast di Lex Friedman.
Ciò è particolarmente vero per i lavori di sviluppo e ingegneria, dove le attivitĂ di codifica in tempo reale sono diventate troppo facili da eseguire con lâintelligenza artificiale. âSiamo tornati al punto di partenzaâ, afferma Mike Kyle di Coda Search/Staffing.
Secondo lui, la percentuale di datori di lavoro che richiedono riunioni di persona è aumentata dal 5% nel 2024 al 30% nel 2025.
Si tratta di una fase inaspettata nella corsa agli armamenti dellâintelligenza artificiale, in cui i datori di lavoro, sopraffatti dal flusso di candidature, si sono rivolti a software per esaminare i curriculum e filtrarli in massa. I candidati, a loro volta, hanno iniziato a utilizzare lâintelligenza artificiale per rispondere automaticamente a centinaia di annunci di lavoro e creare curriculum personalizzati.
Le nuove tecnologie deepfake consentono non solo di impersonare uno specialista piĂš qualificato, ma anche di organizzare truffe su larga scala. LâFBI ha lanciato lâallarme su migliaia di nordcoreani che si spacciano per americani per lavorare da remoto negli Stati Uniti.
In un sondaggio di Gartner, il 6% dei candidati ha ammesso di aver partecipato a âtruffe durante i colloquiâ e, secondo le previsioni dellâazienda, entro il 2028 un quarto dei profili dei candidati in tutto il mondo sarĂ falso.
Un anno e mezzo fa, McKinsey ha introdotto un incontro personale obbligatorio prima di presentare unâofferta. Inizialmente, questo ha aiutato a valutare il modo in cui un candidato stabilisce un contatto, una competenza importante per lavorare con i clienti.
Ora lâazienda ammette che lâaumento delle frodi basate sullâintelligenza artificiale non ha fatto altro che rafforzare questa pratica.
L'articolo Lâintelligenza artificiale spinge le aziende a tornare ai colloqui di persona proviene da il blog della sicurezza informatica.
Cybersecurity & cyberwarfareMedia Freedom Act: Stampa Romana sostiene esposto alla Commissione europea per riforma Rai
Entra in vigore oggi lâEuropean Media Freedom Act (EMFA), regolamento dellâUe che impone agli stati membri norme per garantire lâ indipendenza e lâautonomia dei mezzi di informazione e la libertĂ dei giornalisti intervenendo, tra lâaltro, sulle concentrazioni editoriali, il mercato pubblicitario, la trasparenza dei finanziamenti le autoritĂ di controllo, la tutela delle fonti, la nomina dei vertici del Servizio Pubblico. Questioni su cui lâItalia è in evidente ritardo. Nonostante un dibattito pubblico che si trascina da mesi e lo stallo nellâelezione del presidente della Rai, il Parlamento non è riuscito a varare una legge perchè viale Mazzini possa avere risorse certe, una prospettiva industriale svincolata dalla durata dei governi, vertici nominati in base alle competenze. Articolo Quinto, lâassociazione (cui Stampa Romana ha aderito) nata per sollecitare lâadeguamento delle norme ai canoni stabiliti dallâEMFA ha presentato tramite il suo presidente Stefano Balassone un esposto alla Commissione europea per queste inadempienze, unâiniziativa che ha il pieno e convinto sostegno di Stampa Romana.
La Segreteria dellâASR
dicorinto.it/associazionismo/mâŚ
Cybersecurity & cyberwarfareBattaglia per il Cervello! OpenAI e Sam Altman lanciano Merge Labs, rivale di Neuralink
OpenAI e il suo co-fondatore Sam Altman si preparano a sostenere unâazienda che rivaleggerĂ con Neuralink di Elon Musk sviluppando una tecnologia per collegare il cervello umano a un computer. La nuova impresa, chiamata Merge Labs, sta cercando finanziamenti per 250 milioni di dollari, con una valutazione di 850 milioni di dollari, con una parte significativa del denaro potenzialmente proveniente dalla divisione venture capital di OpenAI.
Altman è un convinto sostenitore del lancio, secondo alcune fonti, e co-fonda Merge Labs con Alex Blania, responsabile del progetto di identitĂ digitale tramite scansione oculare World, anchâesso finanziato da Altman. Tuttavia, non sarĂ coinvolto nella gestione quotidiana.
Merge Labs è tra le startup in crescita che sfruttano i piĂš recenti progressi dellâintelligenza artificiale per creare interfacce cervello-computer piĂš efficaci. Il nome dellâazienda si riferisce al concetto di âfusioneâ, il momento in cui esseri umani e macchine si fondono. Altman ha scritto in un post sul blog nel 2017 che questo potrebbe accadere giĂ nel 2025, e questâanno ha affermato che âinterfacce ad alta velocitĂ â saranno presto disponibili grazie alle innovazioni tecnologiche.
Il prossimo progetto sarĂ un concorrente diretto di Neuralink, fondata da Musk nel 2016. Neuralink sviluppa sistemi per collegare direttamente il cervello a un computer e questâanno ha raccolto 650 milioni di dollari, per una valutazione di 9 miliardi di dollari. Tra i suoi investitori figurano Sequoia Capital, Thrive Capital e Vy Capital. Lo stesso Altman aveva giĂ investito in Neuralink.
Altman e Musk hanno co-fondato OpenAI, ma Musk ha lasciato il consiglio di amministrazione nel 2018 dopo una divergenza di opinioni. Da allora, i due imprenditori sono diventati acerrimi rivali, con Musk che ha lanciato la sua startup di intelligenza artificiale, xAI, e ha intentato causa per impedire a OpenAI di diventare unâorganizzazione a scopo di lucro.
Il mercato delle interfacce cervello-computer è in piena espansione. Oltre a Neuralink, anche le startup Precision Neuroscience e Synchron sono attive nel settore. La tecnologia degli impianti è in circolazione da decenni, ma i progressi nellâelettronica e negli algoritmi di elaborazione dei segnali cerebrali lâhanno avvicinata molto di piĂš allâuso pratico.
Altman ha anche investito in altre iniziative tecnologiche legate a OpenAI, la cui valutazione è di 300 miliardi di dollari. Tra i suoi progetti figurano lâazienda di fissione nucleare Oklo e il progetto di fusione nucleare Helion. OpenAI ha rifiutato di commentare.
L'articolo Battaglia per il Cervello! OpenAI e Sam Altman lanciano Merge Labs, rivale di Neuralink proviene da il blog della sicurezza informatica.
Cybersecurity & cyberwarfareOre Formation: Introduction and Magmatic Processes
Hackaday has a long-running series on Mining and Refining, that tracks elements of interest on the human-made road from rocks to riches. What author Dan Maloney doesnât address in that series is the natural history that comes before the mine. You canât just plunk down a copper mine or start squeezing oil from any old stone, after all: first, you need ore. Ore has to come from somewhere. In this series, weâre going to get down and dirty into the geology of ore-forming processes to find out from wither come the rocks that hold our elements of interest.
Whatâs In an Ore?
Though weâre going to be talking about Planetary Science in this series, we should recognize the irony that âoreâ is a word without any real scientific meaning. What distinguishes ore from other rock is its utility to human industry: it has elements or compounds, like gems, that we want, and that we think we can get out economically. That changes over time, and one generationâs ârockâ can be another generationâs âore depositsâ. For example, these days prospectors are chasing copper in porphyry deposits at concentrations as low as 1000 ppm (0.1%) that simply were not economic in previous decades. The difference? Improvements in mining and refining, as well as a rise in the price of copper.
This may or may not be the fabled âmile of goldâ. Image: âMain Street Kirkland Lakeâ by P199.
Thereâs a story everyone tells in my region, about a street in Kirkland Lake, Ontario that had been paved using waste rock from one of the local gold mines and then torn up when the price of gold rose enough to reprocess the pavement a part-per-million of microscopic flakes of yellow metal. That story is apocryphal: history records that there was mine product accidentally used in road works, but it does not seem it has ever been deemed economic to dig it back up. (Or if it was, thereâs no written record of it I could find.)
It is established fact that they did drain and reprocess 20th century tailings ponds from Kirkland Lakeâs gold mines, however. Tailings are, by definition, what you leave behind when concentrating the ore. How did the tailings become ore? When somebody wanted to process them, because it had become economic to do so.
Itâs similar across the board. âAluminum oreâ was a meaningless phrase until the 1860s; before that, Aluminum was a curiosity of a metal extracted in laboratories. Even now, the concentration of aluminum in its main ore, Bauxite, is lower than some aluminum silicate rocksâ but we canât get aluminum out of silicate rock economically. Bauxite, we can. Bauxite, thus, is the ore, and concentration be damned.
So, there are two things needed for a rock to be an ore: an element must be concentrated to a high enough level, and it be in a form that we can extract it economically. No wonder, then, that almost all of the planetâs crust doesnât meet the criteriaâ and that that will hold on every rocky body in the solar system.
Blame Archimedes
Itâs not the planetary crustsâ fault; blame instead Archimedes and Sir Issac Newton. Rocky crusts, you see, are much depleted in metals because of those twoâ or, rather, the physical laws they are associated with. To understand, we have to go back, way back, to the formation of the solar system.
It might be metal, but thereâs no ore in the core. Image: nau.edu, CC3.0
Thereâs a primitive elemental abundance in the solid bodies that first coalesced out of the protoplanetary disk around a young Sol and our crust is depleted in metals compared to it. The reason is simple: as unaltered bodies accreted to form larger objects, the collisions released a great deal of energy, causing the future planetoid to melt, and stay molten. Heat rejection isnât easy in the thermos vacuum of space, after all. Something planetoid sized could stay molten long enough for gravity to start acting on its constituent elements.
Like a very slow centrifuge, the heavier elements sunk and the lighter ones rose by Archimedes principle. Thatâs where almost all of Earthâs metals are to this day: in the core. Even the Moon has an iron core thanks to this process of differentiation.
In some ways, you can consider this the first ore-forming process, though geologists donât yet count planetary differentiation on their lists of such. If we ever start to mine the nickel-iron asteroids, theyâll have to change their tune, though: those metallic space-rocks are fragments of the core of destroyed planetoids, concentrated chunks of metal created by differentiation. Thatâs also where most of the metal in the Earthâs crust and upper mantle is supposed to have come from, during the Late Heavy Bombardment.
Thank the LHB
Image: âComet Crashâ by Ben Crowder. Repeat 10000x.
The Late Heavy Bombardment is exactly what it sounds like: a period in the history of this solar system 3.8 to 4.1 billion years ago that saw an uncommonly elevated number of impacts on inner solar system objects like the Earth, Moon, and Mars. Most of our evidence for this event comes from the Moon, in the form of isotopic dating of lunar rocks brought back by the Apollo missions, but the topography of Mars and what little geologic record we have on Earth are consistent with the theory. Not all of these impactors were differentiated: many are likely to have been comets, but those still had the primordial abundance of metals. Even cometary impacts, then, would have served to enrich the planetâs crust and upper mantle in metals.
Is that the story, then? Metal ores on Earth are the remnants of the Late Heavy Bombardment? In a word: No. Yes, those impacts probably brought metals back to the lithosphere of this planet, but there are very few rocks of that age left on the surface of this planet, and none of them are ore-bearing. There has been a lot of geology since the LHBâ not just on Earth, but on other worlds like the Moon and Mars, too. Just like the ore bodies here on Earth, any ore we find elsewhere is likely to be from other processes.
It looks impressive, but donât start digging just yet. (Image: Stromboli Eruption by Petr Novak)
One thing that seems nearly universal on rocky bodies is volcanism, and the so-called magmatic ore-forming processes are among the easiest to understand, so weâll start there.
Igneous rocks are rocks formed of magma â or lava, if it cools on surface. Since all the good stuff is down below, and there are slow convection currents in the Earthâs mantle, it stands to reason some material might make its way up. Yet no one is mining the lava fields of Hawaii or Icelandâ itâs not just a matter of magma = metals. Usually some geochemical processes has to happen to that magma in order to enrich it, and those are the magmatic ore forming processes, with one exception.
Magmatic Ore Formation: Kimberlite Pipes
Cross-sectional diagram of a kimberlite deposit. You can see why itâs called a pipe. The eruption would be quite explosive. (Image: Kansas Geological Survey)
Kimberlite pipes are formations of ultramaphic (very high in Magnesium) rock that explode upwards from the mantle, creating vertical, carrot-shaped pipes. The olivine that is the main rock type in these pipes isnât a desirable magnesium ore because itâs too hard to refine.
Whatâs interesting economically is what is often brought to surface in these pipes: diamonds, and occasionally gold. Diamonds can only form under the intense pressures beneath the Earthâs crust, so the volcanic process that created kimberlite pipes are our main source of them. (Though not all pipes contain diamonds, as many a prospector has discovered to their disappointment.)
The kimberlite pipes seem to differ from ordinary vulcanism both due to the composition of the rock â ultramaphic rocks from relatively deep in the mantle â and the speed of that rockâs ascent at up to 400 m/s. Diamonds arenât stable in magma at low pressures, so the magma that makes up a kimberlite pipe must erupt very quickly (in geologic terms) from the depths. The hypothesis is that these are a form of mantle plume.
A different mantle plume is believed to drive volcanism in Hawaii, but that plume expresses itself as steady stream and contains no diamonds. Hawaiiâs lava creates basalt, less magnesium-rich rocks than olivine, and come from a shallower strata of the Earthâs mantle. Geochemically, the rocks in Hawaii are very similar to the oceanic crust that the mantle plume is pushing through. Kimberlite pipes, on the other hand, have only been found in ancient continental crusts, though no one seems entirely sure why.
You bet your Tanpi that Mars has had mantle plumes! (Image: NASA)
The great shield volcanoes on Mars show that mantle plumes have occurred on that planet, and thereâs no reason to suppose kimberlite-type eruptions could not have occurred there as well. While some of the diamond-creating carbon in the Earthâs mantle comes from subducted carbonate rocks, some of it seems to be primordial to the mantle.
It is thus not unreasonable to suppose that there may be some small diamond deposits on Mars, if anyone ever goes to look. Venus, too, though itâs doubtful anyone will ever go digging to check. The moon, on the other hand, lacks the pressure gradients required for diamond formation even if it does have vulcanism. What the moon likely does posses (along with the three terrestrial planets) is another type of ore body: layered igneous intrusions.
A Delicious Cake of Rock
Chromite layers in the Bushveld Igneous Complex. Image: Kevin Walsh.
Layered igneous intrusions are, as the name suggests, layered. They arenât always associated with ore bodies, but when they are, theyâre big names like Stillwater (USA) and Bushveld (South Africa). The principle of ore formation is pretty simple: magma in underground chambers undergoes a slow cooling that causes it to fractionate into layers of similar minerals.
Fractional crystallization also has its role to play in concentrating minerals: as the melt cools, itâs natural that some compounds will have higher melting points and freeze out first. These crystals may sink to the bottom of the melt chamber or float to the top, depending on their density relative to the surrounding lava. Like the process of differentiation writ in miniature, heavy minerals sink to the bottom and light ones float to the top, concentrating minerals by density and creating the eponymous layers. Multiple flows of lava can create layers upon layers upon layers of the same, or similar, stacks of minerals.
Thereâs really no reason to suspect that this ore formation process should not be possible on any terrestrial planet: all one needs is a rich magma and slow cooling. Layered igneous intrusions are a major source of chromium, mainly in the form of Chromatite, an iron-chromium-oxide, but also economically important sources of iron, nickel, copper and platinum group elements (PGEs) amongst other metals. If nickel, copper, or PGEs are present in this kind of deposit, if theyâre going to be economically extractable, it will be in the form of a sulfide. So-called sulfide melt deposits can coexist within layered igneous intrusions (as at Bushveld, where they produce a notable fraction of the worldâs nickel) or as stand-alone deposits.
When Magma Met Sulfur
One of the problems with igneous rocks from a minerâs perspective is that theyâre too chemically stable. Take olivine: itâs chock full of magnesium you cannot extract. If you want an an easily-refined ore, rarely do you look at silicate rock first. Igneous rocks, though, even when ultramafic like in Kimberlite pipes or layered melt deposits, are still silicates.
Thereâs an easy way to get ore from a magma: just add sulfur. Sulfur pulls metals out of the melt to create sulfide minerals, which are both very concentrated sources of metals and, equally importantly, very easy to refine. Sulfide melt deposits are some of the most economically important ones on this planet, and thereâs no reason to think we couldnât find them elsewhere. (The moon isnât terribly depleted in sulfur.)
The Bear Stream Quarry is one of many Ni/Cu mines created by the Siberian Traps. (Image: Nikolay Zhukov, CC3.0)
Have you heard of the Siberian Traps? That was a series of volcanoes that produced a flood basalt, like the lunar mare. The volcanoes of the Siberian Traps were a primary cause of the End-Perimian mass extinction, and they put out somewhere between two and four million cubic kilometers of rock. Most of that rock is worthless basalt Most, except in Norilsk.
The difference? In Norilsk, there was enough sulfur in the melt, thanks to existing sedimentary rocks, to pull metals out of the melt. 250 million years after it cooled, this became Eurasiaâs greatest source of Nickel and Platinum Group Elements, with tonnes and tonnes of copper brought to surface as a bonus.
Norilkâs great rival in the Cold War was Sudbury, Canadaâ another sulfide melt deposit, this one believed to be associated with the meteorite impact that created the Sudbury Basin. The titanic impact that created the basin also melted a great deal of rock, and as it cooled, terrestrial sulfur combined with metals that had existed in the base rock, and any brought down in the impactor, to freeze out of the melt as sulfides.
Most mining still ongoing in the Sudbury Basin is deep underground, like at Nickel Rim South Mine. (Image: P199.)
While some have called Sudbury âhumanityâs first asteroid mineâ, itâs a combination of sulfur and magma that created the ore body; there is little evidence to suggest the impactor was itself a nickel-iron asteroid. Once the source of the vast majority of the worldâs nickel, peaking at over 80% before WWI, Sudbury remains the largest hard-rock mining centre in North America, and one of the largest in the world, on the weight of all that sulfide.
Since the Moon does not seem to be terribly depleted in sulfur, and has more flood basalt and impact craters than you can shake a stick at, itâs a fairly safe bet that if anyone ever tries to mine metals on Luna, they will be sulfide melt deposits. Thereâs no reason not to expect Mars to posses its fair share as well.
hackaday.com/2025/08/13/ore-foâŚ
Cybersecurity & cyberwarfare
RedhotcyberArriva Charon Ransomware. Supera EDR, è Stealh e strizza lâocchio ai migliori APT
đ
Link all'articolo : https://www.redhotcyber.com/post/arriva-charon-ransomware-supera-edr-e-stealh-e-strizza-locchio-ai-migliori-apt/
#redhotcyber #hacking #cti #ai #online #it #cybercrime #cybersecurity #technology #news #cyberthreatintelligence #innovation #privacy
Cybersecurity & cyberwarfareArriva Charon Ransomware. Supera EDR, è Stealh e strizza lâocchio ai migliori APT
Trend Micro ha rilevato un attacco mirato ai settori governativo e aeronautico in Medio Oriente, utilizzando un nuovo ransomware chiamato Charon. Gli aggressori hanno utilizzato una complessa catena di infezione con funzionalitĂ di sideload di DLL, iniezione di processi e bypass EDR, tipiche delle operazioni APT avanzate che dei normali ransomware.
Il vettore di attacco inizia con lâavvio di un file Edge.exe legittimo (in precedenza cookie_exporter.exe), che viene utilizzato per caricare una libreria msedge.dll dannosa, denominata SWORDLDR. Questâultima decifra lo shellcode crittografato dal file DumpStack.log e inietta il payload, ovvero Charon stesso, nel processo svchost.exe, mascherando lâattivitĂ come un servizio di sistema Windows.
Dopo aver decifrato tutti i livelli di mascheramento, gli esperti hanno confermato che lâeseguibile finale crittografa i dati e lascia un segno distintivo di infezione â âhCharon è entrato nel mondo reale!â â alla fine di ogni file crittografato. Tutti i file crittografati ricevono lâestensione .Charon e nelle directory compare una richiesta di riscatto â How To Restore Your Files.txt â che menziona una vittima specifica, confermando la natura mirata dellâattacco.
Charon supporta una varietĂ di opzioni da riga di comando, dalla specifica dei percorsi di crittografia alla definizione delle prioritĂ delle risorse di rete. Allâavvio, crea un mutex chiamato OopsCharonHere, termina i processi di protezione, disabilita i servizi di sicurezza, elimina le copie shadow e svuota il Cestino. Quindi procede alla crittografia in un thread multi-thread, evitando i file di sistema (.exe, .dll), cosĂŹ come i propri componenti e la richiesta di riscatto.
Per la crittografia viene utilizzato uno schema ibrido: Curve25519 per lo scambio di chiavi e ChaCha20 per la crittografia dei dati. Ogni file viene fornito con un footer di 72 byte contenente la chiave pubblica e i metadati della vittima, che consente la decrittografia dei dati se la chiave privata è disponibile.
Inoltre, Charon ha capacitĂ di movimento laterale: esegue la scansione della rete utilizzando NetShareEnum e WNetEnumResource, crittografa le condivisioni accessibili e funziona anche con percorsi UNC, bypassando solo ADMIN$ per ridurre le possibilitĂ di essere rilevato.
Il binario contiene anche, sebbene inattivo, un componente basato sul driver del progetto open source Dark-Kill, progettato per disabilitare le soluzioni EDR . Dovrebbe essere installato come servizio WWC, ma non è utilizzato nella versione attuale: probabilmente la funzione non è ancora abilitata ed è in fase di preparazione per future iterazioni.
Sebbene lâuso di strumenti simili a quelli del gruppo cinese Earth Baxia sia sospetto, non ci sono prove conclusive del loro coinvolgimento: forse stanno prendendo in prestito tattiche o sviluppando in modo indipendente gli stessi concetti.
Lâemergere di Charon è unâulteriore prova del fatto che il ransomware sta adottando attivamente sofisticati metodi APT. La combinazione di tecniche di evasione avanzate con danni aziendali diretti sotto forma di perdita di dati e tempi di inattivitĂ aumenta i rischi e richiede alle organizzazioni di rivedere la propria strategia di difesa.
L'articolo Arriva Charon Ransomware. Supera EDR, è Stealh e strizza lâocchio ai migliori APT proviene da il blog della sicurezza informatica.