Friendica Social Network

#Germany group of students conducted #OSINT analysis of patterns of movement of #Russia ships correlated with recent #drone incidents across Europe. And guess what? They did find such patterns in most of these incidents - such as this one:

Meanwhile, 115 kilometers away off the Dutch island of Schiermonnikoog, her sister ship the HAV Snapper had sailed out and parked in open water. It positioned itself exactly two hours before seven drones appeared over a Russian freighter being escorted by German police through the North Sea. It stayed there for four days and made silly circles.

digitaldigging.org/p/they-dron…

They Droned Back

Young journalists expose Russian-linked vessels circling off the Dutch and German coast

^{Henk van Ess (Digital Digging with Henk van Ess)}

#russia #germany #osint #drone

Redhotcyber

2 mesi fa • •

Redhotcyber
2 mesi fa • •

Telegram perde il suo status di piattaforma comoda per i criminali informatici

📌 Link all'articolo : redhotcyber.com/post/telegram-…

#redhotcyber #news #telegram #kasperskylab #cybersecurity #hacking #malware #privacy #sicurezzainformatica

Telegram perde il suo status di piattaforma comoda per i criminali informatici

Telegram non è più un rifugio sicuro per i criminali informatici a causa della crescente moderazione e pressione.

^{Redazione RHC (Red Hot Cyber)}

#privacy #redhotcyber #hacking #cybersecurity #malware #News #sicurezzainformatica #telegram #kasperskylab

Friendica Statistics

2 mesi fa • •

Friendica Statistics
2 mesi fa • •

#Friendica #Statistics 2025-12-12 07:00 CEST
Number of active instances: 217
Number of users: 20 800
Number of statuses: 2 846 871
Number of new users last 1D: 0
Number of new statuses last 1D: 1597

#Fediverse

#fediverse #friendica #Statistics

Martin Kostera likes this.

Boerps ☑️

2 mesi fa • •

Boerps ☑️
2 mesi fa • •

@classicalmusic
12.12.2025, 20 Uhr
Live aus der Kölner Philharmonie.

Jörg Widmann
Babylon-Suite

Robert Schumann
Sinfonie Nr. 2 C-Dur op. 61

WDR Sinfonieorchester
Jörg Widmann, Leitung

@Pierrette

youtube.com/watch?v=DWHMFIcU-e…

#music #classic #concert #live #theatre

LIVE: Lebensklänge - Schumanns Zweite | WDR Sinfonieorchester

Die "Babylon-Suite" des Münchner Komponisten Jörg Widmann bringt den gesamten Konzertsaal zum Vibrieren. Das Werk ist ein Orchesterauszug aus seiner 2012 ura...

^YouTube

#music #classic #live #concert #theatre @Pierrette @About classical music

Boerps ☑️

2 mesi fa • •

Boerps ☑️
2 mesi fa • •

@classicalmusic
Robert Schumann - Piano Sonata No.1 in f-sharp minor, Op.11

Performer: Eliso Virsaladze

1980.12.27

@Pierrette ?

youtube.com/watch?v=CS29DPXRcD…

#music #classic #piano #history

Robert Schumann - Piano Sonata No.1 in f-sharp minor, Op.11 (Eliso Virsaladze)

Robert Schumann - Piano Sonata No.1 in f-sharp minor, Op.11Performer: Eliso Virsaladze1980.12.27 Tchaikovsky-Konvervatorium Moskau00:00 - I. Introduzione: Un...

^YouTube

#history #music #classic #piano @Pierrette @About classical music

Unknown parent

Boerps ☑️

Unknown parent • 2 mesi fa • •

Never heard about. Have to ask Wikipedia.

Ulfh3dnar

2 mesi fa • •

Ulfh3dnar
2 mesi fa • •

Sensitive content

#ukraine #russia #UkraineRussiaWar #RussianLosses

Russia-Ukraine Daily News

2 mesi fa • •

Russia-Ukraine Daily News
2 mesi fa • •

ISW:

🇷🇺 🇺🇦 The Kremlin is attempting to portray the claimed fall of Siversk as the start of the battle for Slovyansk — a battle the Kremlin has not set conditions on the ground to begin.

understandingwar.org/research/…

#russia #ukraine

Russian Offensive Campaign Assessment, Dec. 11, 2025 | ISW

Lavrov rejected key parts of the US 28-point peace plan, including territorial swap proposals and security guarantees for Ukraine.

^{Christopher Solomon (Understanding War)}

#ukraine #russia

Questa voce è stata modificata (2 mesi fa)

Stefan Bartsch

2 mesi fa • •

Stefan Bartsch
2 mesi fa • •

Heute haben wir von #linuxworks unsere #weihnachtsfeier mit #glühmate , veganen #zitronenkuchen und anderen Leckereien im #kieztreff_undine

Nächstes Jahr dann wieder mit neuen Ideen jeden 2. Donnerstag im Monat.

#linux #linuxusergroup #berlin

Angeschnitter veganer Zitronenkuchen. Davor ein Tortenheber

#linux #berlin #linuxworks #weihnachtsfeier #gluhmate #zitronenkuchen #kieztreff_undine #linuxusergroup

Questa voce è stata modificata (2 mesi fa)

Europe Says

2 mesi fa • •

Europe Says
2 mesi fa • •

europesays.com/2628545/ We must kick all ruzzians’ asses out of Ukrainian Sovereignty and Democracy for good #Ukraine

We must kick all ruzzians’ asses out of Ukrainian Sovereignty and Democracy for good - EUROPE SAYS

by Icy_Till_7254

^{EUROPE SAYS}

#ukraine

Cybersecurity & cyberwarfare

2 mesi fa • •

Cybersecurity & cyberwarfare
2 mesi fa • •

Step into my Particle Accelerator

If you get a chance to visit a computer history museum and see some of the very old computers, you’ll think they took up a full room. But if you ask, you’ll often find that the power supply was in another room and the cooling system was in yet another. So when you get a computer that fit on, say, a large desk and maybe have a few tape drives all together in a normal-sized office, people thought of it as “small.” We’re seeing a similar evolution in particle accelerators, which, a new startup company says, can be room-sized according to a post by [Charles Q. Choi] over at IEEE Spectrum.

Usually, when you think of a particle accelerator, you think of a giant housing like the 3.2-kilometer-long

... mostra di più

Step into my Particle Accelerator

Usually, when you think of a particle accelerator, you think of a giant housing like the 3.2-kilometer-long SLAC accelerator. That’s because these machines use magnets to accelerate the particles, and just like a car needs a certain distance to get to a particular speed, you have to have room for the particle to accelerate to the desired velocity.

A relatively new technique, though, doesn’t use magnets. Instead, very powerful (but very short) laser pulses create plasma from gas. The plasma oscillates in the wake of the laser, accelerating electrons to relativistic speeds. These so-called wakefield accelerators can, in theory, produce very high-energy electrons and don’t need much space to do it.

The startup company, TAU Systems, is about to roll out a commercial system that can generate 60 to 100 MeV at 100 Hz. They also intend to increase the output over time. For reference, SLAC generates 50,000 MeV. But, then again, it takes two miles of raceway to do it.

The initial market is likely to be radiation testing for space electronics. Higher energies will open the door to next-generation X-ray lithography for IC production, and more. There are likely applications for accelerated electrons that we don’t see today because it isn’t feasible to generate them without a massive facility.

On the other hand, don’t get your checkbook out yet. The units will cost about $10 million at the bottom end. Still a bargain compared to the alternatives.

You can do some of this now on a chip. Particle accelerators have come a long way.

Photo from Tau Systems.

hackaday.com/2025/12/11/step-i…

Tendar

2 mesi fa • •

Tendar
2 mesi fa • •

The refinery in Yaroslavl, Russia, has been struck and is burning.

This large refinery produces more than 15.7 million tons in oil products, annually.

Eugene McParland 🇺🇦

2 mesi fa • •

Eugene McParland 🇺🇦
2 mesi fa • •

"Shall this crazed old man drag a whole ship’s company down to doom?" - Melville, Moby-Dick

170 years later, the warning stands.

Leadership shouldn’t be about ego, grievance, or recklessness. America deserves better than a captain obsessed with vengeance.

#DemocracyOverDemagogues

#democracyoverdemagogues

reshared this

Hanse Mina

2 mesi fa • •

Hanse Mina
2 mesi fa • •

From 24.02.2022 to 12.12.2025 (Day 1388), estimated losses #Russia suffered in #Ukraine.

Milestones: 35,000 Artillery

Highlights:
+1400 Personnel
+2 MLRS
+3 Anti-aircraft Systems
+1 Aircraft
+253 UAVs
+107 Other Vehicles

Statistics: redd.it/1pkjd5f

#RussianLosses

Reddit - The heart of the internet

^redd.it

#ukraine #russia #RussianLosses

Hanse Mina

2 mesi fa • •

Hanse Mina
2 mesi fa • •

Yaroslavl Refinery in #Yaroslavl Russia was reportedly hit.

t.me/exilenova_plus/14637

#Ukraine #Russia

Exilenova+

Еще репортаж с места движа

^Telegram

#ukraine #russia #Yaroslavl

Hanse Mina

2 mesi fa • •

Hanse Mina
2 mesi fa • •

The UN approved a resolution on Dec. 10 to boost international cooperation and reduce the impact of the #Chornobyl nuclear disaster, with 97 countries voting in favor and eight against.

Russia, Belarus, China, North Korea, and the US voted against the document.

kyivindependent.com/us-sides-w…

#Ukraine #Russia #Chernobyl #UN #US

US sides with Russia on UN resolution on Chornobyl disaster

Washington's representative said the U.S. voted against the resolution not because it opposed nuclear safety measures, but because it objected to references to the UN's 2030 Agenda for Sustainable Development.

^{Kateryna Denisova (The Kyiv Independent)}

#ukraine #russia #us #un #chernobyl #Chornobyl

Hanse Mina

2 mesi fa • •

Hanse Mina
2 mesi fa • •

The administration of Baikal State University (BSU) in #Irkutsk is forcing students to install the state messenger app Max or risk being denied entry to exams.

moscowtimes.ru/2025/12/11/irku…

#Ukraine #Russia

Иркутских студентов отказались допускать к сессии без установки MAX

Руководство Байкальского госуниверситета (БГУ) в Иркутске вынуждает студентов устанавливать госмессенджер Max под угрозой недопуска к сессии, сообщили «Люди Байкала» со ссылкой на учащихся.

^{Русская служба The Moscow Times}

#ukraine #russia #irkutsk

Hanse Mina

2 mesi fa • •

Hanse Mina
2 mesi fa • •

Orthodox oligarch Konstantin Malofeev has called for the creation of Russia's own version of artificial intelligence, trained on a block of "correct" texts, like Alexander Dugin for example.

moscowtimes.ru/2025/12/11/v-ro…

#Ukraine Russia

В России предложили создать искусственный интеллект на основе Домостроя и трудов Дугина

Православный олигарх Константин Малофеев призвал создать в России свою версию искусственного интеллекта, обученную на блоке «правильных» текстов.

^{Русская служба The Moscow Times}

#ukraine

Hanse Mina

2 mesi fa • •

Hanse Mina
2 mesi fa • •

Russian consumers are increasingly saving on purchases, switching to cheaper goods, and visiting shopping malls less often, the Central Bank of the Russian Federation reported in its "Regional Economy" review.

moscowtimes.ru/2025/12/11/ross…

#Ukraine #Russia

ЦБ сообщил о массовом переходе россиян в режим экономии

Российские потребители все больше экономят на покупках, переходят на более дешевые товары и реже посещают торговые центры, сообщил ЦБ РФ в обзоре «Региональная экономика».

^{Русская служба The Moscow Times}

#ukraine #russia

Hanse Mina

2 mesi fa • •

Hanse Mina
2 mesi fa • •

How Ukrainian and Belarusian hackers wreaked havoc on Russia’s flagship airline and exposed its role in the war.

meduza.io/en/feature/2025/12/1…

#Ukraine #Russia #Belarus #Aeroflot

How Ukrainian and Belarusian hackers wreaked havoc on Russia’s flagship airline and exposed its role in the war

On the morning of July 28, 2025, all of Aeroflot’s information systems went down — from corporate email to passenger check-in.

^Meduza

#ukraine #russia #belarus #aeroflot

Hanse Mina

2 mesi fa • •

Hanse Mina
2 mesi fa • •

Lawmakers in Russia have prepared a package of draft laws that will impose new restrictions on Russian citizens who have been found guilty of violating Russia’s laws on wartime censorship, “foreign agents,” and “undesirable organizations,” among others.

meduza.io/en/feature/2025/12/1…

#Ukraine #Russia

Russian lawmakers draft new repressive laws targeting citizens abroad convicted on political charges

Lawmakers in Russia have prepared a package of draft laws that will impose new restrictions on Russian citizens convicted in absentia of political crimes.

^Meduza

#ukraine #russia

Hanse Mina

2 mesi fa • •

Hanse Mina
2 mesi fa • •

Russian President Vladimir Putin expressed “solidarity with the Venezuelan people” on Thursday amid growing tensions between Venezuela’s leader, Nicolás Maduro, and the Trump administration.

apnews.com/article/maduro-russ…

#Ukraine #Russia #US #Putin #Trump #Venezuela

#ukraine #trump #russia #us #putin #venezuela

Hanse Mina

2 mesi fa • •

Hanse Mina
2 mesi fa • •

The EU’s ambassadors handed emergency powers to the European Commission to keep €210 billion in Russian state assets blocked until the Kremlin pays post-war reparations to Ukraine, the Danish Council presidency announced on Thursday.

politico.eu/article/eu-approve…

#Ukraine #Russia #EU

EU approves legal workaround to sideline Orbán, keep Russian assets frozen forever

The EU’s decision undermines the Kremlin’s hopes of unfreezing the money under a post-war peace settlement.

^{Gregorio Sorgi (POLITICO)}

#ukraine #russia #eu

NOELREPORTS 🇪🇺 🇺🇦

2 mesi fa • •

NOELREPORTS 🇪🇺 🇺🇦
2 mesi fa • •

A German court has again refused to allow the seizure of the damaged oil tanker Eventin, part of Russia’s shadow fleet, citing legal uncertainties over whether such action is justified.

The Federal Fiscal Court (BFH) said there are “reasonable doubts” about the legal basis for confiscation, and it’s also unclear if the vessel can legally enter EU waters in an emergency.

NOELREPORTS 🇪🇺 🇺🇦

2 mesi fa • •

NOELREPORTS 🇪🇺 🇺🇦
2 mesi fa • •

Air raid alert ongoing in Smolensk since 19:00. Local reports mention recent explosions. It’s not yet clear whether the glow seen near the thermal power plant is connected to these events.

NOELREPORTS 🇪🇺 🇺🇦

2 mesi fa • •

NOELREPORTS 🇪🇺 🇺🇦
2 mesi fa • •

🗓️ The 11/12/25 Ukraine SitRep is out: threadreaderapp.com/thread/199…

For 3+ years, we've delivered real-time, verified updates—not noise or clickbait. Help us grow and keep independent coverage alive.

💙 Support: patreon.com/NOELREPORTS

☕ One-time: buymeacoffee.com/noelreports

Thread by @NOELreports on Thread Reader App

@NOELreports: SitRep - 11/12/25 - A day full of US-EU politics An overview of the daily events in Russia's invasion of Ukraine. Today, lots of news about the US 'peace plan' came out. Trump is allegedly...…

^{threadreaderapp.com}

NOELREPORTS 🇪🇺 🇺🇦

2 mesi fa • •

NOELREPORTS 🇪🇺 🇺🇦
2 mesi fa • •

🇪🇺🇺🇸 Ursula von der Leyen advised Trump to stay out of European democracy. Responding to his recent attacks on Europe, she said: “It’s not up to us to decide a country’s leader during elections, that’s the voters’ sovereign right, and it must be protected.”

NOELREPORTS 🇪🇺 🇺🇦

2 mesi fa • •

NOELREPORTS 🇪🇺 🇺🇦
2 mesi fa • •

🇺🇦🇵🇱 Ukraine and Poland will establish three joint security working groups in early 2026, focusing on anti-drone defense for critical infrastructure, civil protection including evacuations and alert systems, and countering Russian disinformation. Interior Minister Klymenko confirmed after talks in Lviv.

Auschwitz Memorial

2 mesi fa • •

Auschwitz Memorial
2 mesi fa • •

11 December 1937 | A Dutch Jewish boy, Louis Salomon Goudsmid, was born in Kampen.

In October 1942 he was deported to #Auschwitz and murdered in a gas chamber after the selection.
---

Children at Auschwitz

Lesson: lekcja.auschwitz.org/dzieci_EN…
Podcast: youtu.be/aYKx_zpLSqA

Vintage black and white portrait of a boy holding a small cloth, looking directly at the camera.

"On Auschwitz" (8): Children at Auschwitz

Using only estimates based on the examination of the existing incomplete documentation, it can only be acknowledged that there were around 232,000 children a...

^YouTube

#auschwitz

NOELREPORTS 🇪🇺 🇺🇦

2 mesi fa • •

NOELREPORTS 🇪🇺 🇺🇦
2 mesi fa • •

Soldiers of the 33rd Separate Assault Brigade successfully repelled a Russian attempt to break through toward Dobropillia. The outcome: 14 enemy troops eliminated, 4 motorcycles and a truck destroyed.

Iryna Voichuk

2 mesi fa • •

Iryna Voichuk
2 mesi fa • •

Russia dropped an aerial bomb on a small shop in Sumy Oblast.

Rescuers recovered the bodies of two women who were killed beneath the rubble.

kravietz 🦇

2 mesi fa • •

kravietz 🦇
2 mesi fa • •

#Poland media report that in June 2022 a Polish citizen was tortured to death in the infamous #Russia prison Taganrog. In early 2022 as a lorry driver he was working in Eastern Ukraine, made a wrong turn and ended up on Russian checkpoint. After several months of imprisonment and torture he died.

wprost.pl/swiat/12198579/polak… (in Polish)

Polak zakatowany w rosyjskim więzieniu. Wstrząsający raport o zbrodniach wojennych

Polak był torturowany w jednym z jednym z najgorszych rosyjskich więzień. Trwa próba ustalenia tożsamości ofiary. Sprawę skomentowało MSZ.

^{Krystian Winogrodzki (Wprost)}

#russia #poland

kravietz 🦇

2 mesi fa • •

kravietz 🦇
2 mesi fa • •

#Ukraine Zelensky made another statement about the elections in a video call with Keir Starmer. Not exact words, but I’m trying to reproduce the diplomatic depth behind what he actually said:

Ukraine, of course, does not evade elections, and as any democratic country is ready to conduct them as soon as the respectable President Trump in his endless wisdom will convince his peace loving partner President Putin to guarantee a full ceasefire for the whole electoral process.

And I find it brilliant move 😄

#ukraine

NOELREPORTS 🇪🇺 🇺🇦

2 mesi fa • •

NOELREPORTS 🇪🇺 🇺🇦
2 mesi fa • •

Russian channels report that at Kacha airfield in occupied Crimea there has been an UAV strike on an AN‑26 military transport aircraft. There are reportedly casualties and fatalities among personnel.

NOELREPORTS 🇪🇺 🇺🇦

2 mesi fa • •

NOELREPORTS 🇪🇺 🇺🇦
2 mesi fa • •

The EU Council has approved a €2.3 billion sixth tranche for Ukraine under the Ukraine Facility. This funding reflects Ukraine’s completion of eight required steps and progress on a step from the fourth tranche. The money is aimed at strengthening macro‑financial stability and supporting public administration.

Disbursements are tied to Ukraine’s Reform Plan, which outlines recovery, reconstruction, modernization, and EU accession‑aligned reforms.

NOELREPORTS 🇪🇺 🇺🇦

2 mesi fa • •

NOELREPORTS 🇪🇺 🇺🇦
2 mesi fa • •

White House Press Secretary Karoline Leavitt stated: “Trump is extremely frustrated with both sides of the war. He’s sick of meetings for the sake of meetings. He doesn’t want more talk, he wants action.”

Donny, this isn’t up to a babbling profiteer who’s only in it for PR points.

kravietz 🦇

2 mesi fa • •

kravietz 🦇
2 mesi fa • •

Zelenskyy says the U.S. floated a plan to make the rest of the Donbas a “free economic zone,” which would mean #Ukraine troops pull back while #Russia also stays out of areas it hasn’t occupied.

I will tell you what would really happen: the same second ZSU leaves the towns, crowds of “men wearing military uniforms with no identification signs” will rush from the other direction and form a “local self-defense”.

Then the arrests and looting will start.

How do we know? Because that’s precisely what happened in #Donbas in 2014 while Western diplomacies were raising lukewarm “concerns” and “condemnations”.

#ukraine #russia #donbas

Auschwitz Memorial

2 mesi fa • •

Auschwitz Memorial
2 mesi fa • •

11 December 1920 | A Pole, Edward Kopiec, was born.

He was deported to #Auschwitz on 14 June 1940 from Tarnów in the first transport of Poles to the camp.
No. 570
He was released on 15 October 1942. He survived the war.
---

Watch a short video about the first transport of Poles to Auschwitz: youtu.be/kKOZLEUo2QM

Video history | First transport of Poles to KL Auschwitz, June 14, 1940

The Auschwitz camp was the first concentration camp established by the German after the outbreak of WW2 in the occupied Poland. The reason for its constructi...

^YouTube

#auschwitz

NOELREPORTS 🇪🇺 🇺🇦

2 mesi fa • •

NOELREPORTS 🇪🇺 🇺🇦
2 mesi fa • •

Zelensky: We held a meeting of the “Coalition of the Willing”, a key format for Ukraine’s current and future security support. We're working to ensure that security guarantees include robust European deterrence components and are reliable. It's important that the U.S. stands with us in support.

No one wants to see a third Russian invasion. Right now, Ukraine's defensive support is especially critical, as Russia continues its attacks. More protection of lives is needed to give diplomacy a chance

NOELREPORTS 🇪🇺 🇺🇦

2 mesi fa • •

NOELREPORTS 🇪🇺 🇺🇦
2 mesi fa • •

Russian forces attempted a flanking maneuver near Pokrovsk with dozens of vehicles, trying to strike Ukrainian positions from the rear. Ukraine’s 425th Skelya Regiment detected the convoy in time. Coordinated actions afterwards successfully dismantled the column and halted the assault.

Eugene McParland 🇺🇦

2 mesi fa • •

Eugene McParland 🇺🇦
2 mesi fa • •

#EU banks should reduce their reliance on US Big Tech, top supervisor says

by Kathryn Carlson and Mathieu Pollet

Dutch central bank exec warns 'concentration risk' could lead to 'major operational problems.'

politico.eu/article/eu-banks-b…

EU banks should reduce their reliance on US Big Tech, top supervisor says

Dutch central bank exec warns ‘concentration risk’ could lead to ‘major operational problems.’

^{Kathryn Carlson (POLITICO)}

#eu

reshared this

DOXA 🏳️‍🌈🏳️‍⚧️

2 mesi fa • •

DOXA 🏳️‍🌈🏳️‍⚧️
2 mesi fa • •

Осторожно, новости!

Sensitive content

⚛️Revertron

2 mesi fa • •

⚛️Revertron
2 mesi fa • •

#Islam #Muhammad

#islam #muhammad

Eugene McParland 🇺🇦

2 mesi fa • •

Eugene McParland 🇺🇦
2 mesi fa • •

Ukrainian families are suing Intel, AMD, and Texas Instruments, accusing them of supplying chips used in russian missiles that killed civilians, including children.

Lawsuits demand accountability, not money, to stop the flow of US tech into russian weapons.

Families say: "Make the missiles stop." euromaidanpress.com/2025/12/11…

reshared this

DOXA 🏳️‍🌈🏳️‍⚧️

2 mesi fa • •

DOXA 🏳️‍🌈🏳️‍⚧️
2 mesi fa • •

Осторожно, новости!

Sensitive content

Eugene McParland 🇺🇦

2 mesi fa • •

Eugene McParland 🇺🇦
2 mesi fa • •

#EU approves legal workaround to sideline Orbán, keep russian assets frozen forever

by Gregorio Sorgi

The EU's decision undermines the kremlin's hopes of unfreezing the money under a post-war peace settlement.

politico.eu/article/eu-approve…

EU approves legal workaround to sideline Orbán, keep Russian assets frozen forever

The EU’s decision undermines the Kremlin’s hopes of unfreezing the money under a post-war peace settlement.

^{Gregorio Sorgi (POLITICO)}

#eu

reshared this

Eugene McParland 🇺🇦

2 mesi fa • •

Eugene McParland 🇺🇦
2 mesi fa • •

Don't meddle in European democracy, von der Leyen tells #Trump

by Ketrin Jochecová

#EU Commission president hits back at U.S. plan to undermine the European orthodoxy it says will lead to "civilizational erasure."

politico.eu/article/european-d…

Don’t meddle in European democracy, von der Leyen tells Trump

Commission president hits back at U.S. plan to undermine the European orthodoxy it says will lead to “civilizational erasure.”

^{Ketrin Jochecová (POLITICO)}

#trump #eu

reshared this

Eugene McParland 🇺🇦

2 mesi fa • •

Eugene McParland 🇺🇦
2 mesi fa • •

President of Ukraine Volodymyr #Zelenskyy took part in a meeting of the Coalition of the Willing Discussed Diplomatic Engagement with the United States Aimed at Achieving a Dignified Peace in #Ukraine

More detail 📎 president.gov.ua/en/news/koali…

#ukraine #zelenskyy

reshared this

Eugene McParland 🇺🇦

2 mesi fa • •

Eugene McParland 🇺🇦
2 mesi fa • •

#UK Royal Navy tracked russian submarine krasnodar through English Channel, ensuring UK waters’ safety.

Operation used RFA tanker & helicopter; UK warns of rising russian naval & cyber threats near its borders.

bbc.com/news/articles/cm2v7j4m…

Royal Navy shadows Russian submarine through English Channel

The UK says it tracked the Krasnodar as it sailed from the North Sea through the Strait of Dover.

^{André Rhoden-Paul (BBC News)}

#UK

reshared this

⚛️Revertron

2 mesi fa • •

⚛️Revertron
2 mesi fa • •

#RustRover :(

#rustrover

Eugene McParland 🇺🇦

2 mesi fa • •

Eugene McParland 🇺🇦
2 mesi fa • •

Life in Kharkiv continues amid the sounds of nearby explosions, a grim hallmark of russia's war against #Ukraine where children are growing accustomed to blasts as the backdrop of their daily routines. 💔

📽️: labsmystar

United 24 Media / Instagram

#ukraine

reshared this

Eugene McParland 🇺🇦

2 mesi fa • •

Eugene McParland 🇺🇦
2 mesi fa • •

#Ukraine Facility: #EUCouncil approves sixth payment of around €2.3 billion to Kyiv

Press release 📎

consilium.europa.eu/en/press/p…

#ukraine #eucouncil

reshared this

Eugene McParland 🇺🇦

2 mesi fa • •

Eugene McParland 🇺🇦
2 mesi fa • •

#EU leaders to push defense readiness amid russia 'hybrid attack' warnings

by Gabriel Gavin

Shared capabilities and funding for #Ukraine will be top of the agenda for next week's European Council summit.

politico.eu/article/eu-leaders…

EU leaders to push defense readiness amid Russia ‘hybrid attack’ warnings

Shared capabilities and funding for Ukraine will be top of the agenda for next week’s European Council summit.

^{Gabriel Gavin (POLITICO)}

#ukraine #eu

reshared this

Eugene McParland 🇺🇦

2 mesi fa • •

Eugene McParland 🇺🇦
2 mesi fa • •

Address by the President #Zelenskyy to the Participants of the Meeting of the Coalition of the Willing

president.gov.ua/en/news/zvern…

#zelenskyy

reshared this

Eugene McParland 🇺🇦

2 mesi fa • •

Eugene McParland 🇺🇦
2 mesi fa • •

Ukrainian Team Led by the President #Zelenskyy Held a Conversation with the U.S. Side on the Security Guarantees Document

president.gov.ua/en/news/ukray…

#zelenskyy

reshared this

DOXA 🏳️‍🌈🏳️‍⚧️

2 mesi fa • •

DOXA 🏳️‍🌈🏳️‍⚧️
2 mesi fa • •

Осторожно, новости!

Sensitive content

Please open Telegram to view this post

VIEW IN TELEGRAM

Провластное издание Ura. ru приостановило работу

Уральское издание Ura. ru, поддерживающеевойну и российскую власть, приостановило работу. Как сообщил «РБК» новый директор фирмы-учредительницы «Сибирско-Уральская медиакомпания» Андрей Ткаченко, редакция прекращает деятельность на семьдесят два часа — до 14 декабря, чтобы провести «переговоры» с журналист:ками.

По словам Ткаченко, несколько ключевых руководитель:ниц якобы «противодействовали» новому управлению и были уволены.

Он также заявил, что в редакции накопились серьезные долги: ежегодные выплаты бывшему главе редколлегии Михаилу Вьюгину составляли 30-35 миллионов рублей и оформлялись как премии.

В чем заключаются кадровые перестановки?

▪️ Ткаченко принял решение уволить сразу четырех руководитель:ниц: Михаила Вьюгина, главредку Диану Козлову, ее заместителя Антона Ольшанникова и руководителя региональных редакций Игоря Сергеева.

▪️ По словам Ткаченко, Вьюгин находился за границей около полугода, несмотря на рабочие обязанности в Москве и Екатеринбурге, а Козлова была уволена как представительница руководящего состава.

▪️ Ткаченко не исключил возможности обращения в правоохранительные органы с заявлениями в отношении Вьюгина.

Что думают в редакции?

▪️ По словам источни:цы, близкой к Ura. ru, в коллективе сейчас царит неопределенность:

«атмосфера непонятная, люди ждут чего-то».

Михаил Вьюгин, по ее словам, «вроде как в Италии»: он давно туда ездил, а после обысков почти перестал появляться в России.

▪️ Источни:ца подчеркивает, что Вьюгин «не под санкциями»: бизнесмены Артем Биков и Алексей Бобров

«имеют много недвижимости в Италии», и «по многим данным, Вьюгин там давно».

Сначала он

«переживал, что попадёт под санкции — много лет же пропагандой занимался», но позже «успокоился: денег много заработал, по ЕС тусуется».

▪️ На вопрос DOXA о том, остаются ли сотрудни:цы в редакции, собеседни:ца отвечает:

«Кто-то ушел, кого-то увольняют, кто-то ждет».

Она отмечает, что в Ura. ru

«зарплаты всегда были очень высокие, в два–три раза выше рыночных», что удерживало людей даже в условиях турбулентности.

Как провластное издание попало под удар властей — читайте на сайте DOXA

Подписаться | Поддержать нашу работу | Написать нам

Провластное издание Ura.ru приостановило работу и готовится к кадровым перестановкам - DOXA
Как сообщил «РБК» новый директор Андрей Ткаченко, редакция прекращает деятельность на семьдесят два часа — до 14 декабря

src: t.me/doxajournal/44813

Провластное издание Ura.ru приостановило работу и готовится к кадровым перестановкам

^DOXA

quinta - Stefano Quintarelli

2 mesi fa • •

quinta - Stefano Quintarelli
2 mesi fa • •

Erik Soelberg Blames ChatGPT for a Murder-Suicide That Shattered His Family – WSJ blog.quintarelli.it/2025/12/er…

Erik Soelberg Blames ChatGPT for a Murder-Suicide That Shattered His Family – WSJ – Quinta’s weblog

^{blog.quintarelli.it}

quinta - Stefano Quintarelli

2 mesi fa • •

quinta - Stefano Quintarelli
2 mesi fa • •

Satelliti LEO D2C e D2D: mai sostitutivi delle torri mobili – Key4biz blog.quintarelli.it/2025/12/sa…

Satelliti LEO D2C e D2D: mai sostitutivi delle torri mobili – Key4biz – Quinta’s weblog

^{blog.quintarelli.it}

cR0w

2 mesi fa • •

cR0w
2 mesi fa • •

RE: infosec.exchange/@catsalad/115…

I wonder what happens if I quote your toot and you edit yours to quote mine.

Cat 🐈🥗 (D.Burch) :blobcatrainbow: (@catsalad@infosec.exchange)

Hey @cR0w, I heard if you post, quote that post, then edit the first to quote the second it does this: :aneobot_explode:

^{Cat 🐈🥗 (D.Burch) :blobcatrainbow: (Infosec Exchange)}

in reply to cR0w

Jerry 🦙💝🦙

in reply to cR0w • 2 mesi fa • •

why do I get the feeling I’m gonna get an outage alert for this instance sometime tonight?

SwiftOnSecurity

2 mesi fa • •

SwiftOnSecurity
2 mesi fa • •

Months ago I got a nut milk maker.

"I don't remember being drunk enough to buy this."

Put it away.

Today, pick up box - curious. Look at label. It's my neighbor's lol.

in reply to SwiftOnSecurity

Jerry 🦙💝🦙

in reply to SwiftOnSecurity • 2 mesi fa • •

🏴‍☠️

Matt Nordhoff

2 mesi fa • •

Matt Nordhoff
2 mesi fa • •

The advantage of December birthday is that you can beg your parents for one really expensive present, instead of separate birthday and Christmas presents like normal.

The disadvantage is shit's only festive once per year and they're both sort of diluted.

Questa voce è stata modificata (2 mesi fa)

in reply to Matt Nordhoff

Jerry 🦙💝🦙

in reply to Matt Nordhoff • 2 mesi fa • •

I can relate to that. Mine is shortly after Xmas

quinta - Stefano Quintarelli

2 mesi fa • •

quinta - Stefano Quintarelli
2 mesi fa • •

Scammers are poisoning AI search results to steer you straight into their traps – here’s how | ZDNET blog.quintarelli.it/2025/12/sc…

Scammers are poisoning AI search results to steer you straight into their traps – here’s how | ZDNET – Quinta’s weblog

^{blog.quintarelli.it}

in reply to quinta - Stefano Quintarelli

GaMe

in reply to quinta - Stefano Quintarelli • 2 mesi fa • •

a proposito del tema "come fa un LLM ha valutare la reputazione" dei link che utilizza per fornire la risposta, do per scontato che i chatbot usino un indice esterno (Google o Bing) per fare la ricerca, affidandosi quindi al ranking di questi motori.
Ma non è detto che questo aiuti per contrastare il poisoning

in reply to GaMe

quinta - Stefano Quintarelli

in reply to GaMe • 2 mesi fa • •

@game credo che google, competitor di openai, non lasci openai verificare i suoi dati... potrebbero avere quelli di microsoft, che non sono certamente parimente equivalenti

@GaMe

Dr. Jim Ellsworth

2 mesi fa • •

Dr. Jim Ellsworth
2 mesi fa • •

RE: union.place/@jaythurbershow/11…

This IS a good time to help @jerry for a last-minute...I was GOING to say "tax writeoff," but I honestly don't know whether he's got it set up as a charity or not.

So maybe just a good feeling, at Christmastime 😇

Jay Thurber Show (@jaythurbershow@union.place)

Attached: 1 image Fediverse pals, if your instance is run by a non-profit organization or a volunteer, now is a good time to see if they need a donation.

^{Jay Thurber Show (The Union Place)}

@Jerry 🦙💝🦙

in reply to Dr. Jim Ellsworth

Jerry 🦙💝🦙

in reply to Dr. Jim Ellsworth • 2 mesi fa • •

well, I have no income and the donations go to hosting expenses so it is a wash on taxes.

Questa voce è stata modificata (2 mesi fa)

in reply to Jerry 🦙💝🦙

Jerry 🦙💝🦙

in reply to Jerry 🦙💝🦙 • 2 mesi fa • •

and thank you for the support!

in reply to Jerry 🦙💝🦙

Dr. Jim Ellsworth

in reply to Jerry 🦙💝🦙 • 2 mesi fa • •

Thank you for YOUR hard work!

in reply to Jerry 🦙💝🦙

Dr. Jim Ellsworth

in reply to Jerry 🦙💝🦙 • 2 mesi fa • •

I meant for your donors. If you've incorporated the instance as a 501(c)(3) then they could deduct their contributions....

in reply to Dr. Jim Ellsworth

Jerry 🦙💝🦙

in reply to Dr. Jim Ellsworth • 2 mesi fa • •

ah - fair point. I should do look into that. Sorry

macfranc

2 mesi fa • •

macfranc
2 mesi fa • •

Liam Neeson presta la propria voce a un documentario novax e pro-RFK e definisce i vaccini mRNA contro il COVID "esperimenti pericolosi"

Il "documentario" Plague of Corruption: 80 Years of Pharmaceutical Corruption Exposed presenta una serie di affermazioni screditate sui vaccini, tra cui il fatto che causino autismo e tossicità da alluminio, e presenta la leadership di Kennedy nella politica sanitaria degli Stati Uniti come promettente.

Il film è basato su un libro scritto a quattro mani dalla ricercatrice caduta in disgrazia Dr. Judy Mikovits, nota per il suo ruolo nella serie Plandemic , e dall'avvocato Kent Heckenlively. Il libro è stato pubblicato da Children's Health Defense, il gruppo anti-vaccino multimilionario fondato da Kennedy.

L'addetto stampa di Neeson si troverà costretto a gestire una tempesta reputazionale che si profila ricca di criticità

... mostra di più

Liam Neeson Narrates Anti-Vax, Pro-RFK Documentary

The Taken actor can be heard calling mRNA COVID vaccines “dangerous experiments.”

^{Walker Bragman (Important Context)}

@Il Disinformatico @Dr Alex 🩺🚼 @Pills of Science 🧬 @Scienza e tecnologia @Enrico Bucci @Gerardo D’Amico

macfranc

2 mesi fa • •

macfranc
2 mesi fa • •

Contro la casa di vetro. Opacità, schedatura e potere nell’età digitale. 17° Convegno Nexa su Internet & Società a Torino Lunedì 15 dicembre 2025

Lunedì 15 dicembre 2025
ore 9.00 – 18.00

Sala Conferenze “Luigi Ciminiera”
DAUIN, Politecnico di Torino, 5° piano
Corso Castelfidardo 34/D, Torino (mappa)

Hashtag del convegno: #nexa2025

Per motivi organizzativi, è gradita la segnalazione della propria partecipazione all’indirizzo: Mobilizon

Con @smaurizi @RL @RossellaLatempa @avetro e altri che non sono ancora su mastodon 😅

L’ingresso è libero e gratuito fino ad esaurimento posti.

nexa.polito.it/conv2025/

@eticadigitale

17° Convegno Nexa su Internet & Società - Nexa Center for Internet & Society

Contro la casa di vetro. Opacità, schedatura e potere nell'età digitale | Lunedì 15 dicembre 2025 | Sala Luigi Ciminiera, DAUIN, Politecnico di Torino

^{Nexa Admin (Nexa Center for Internet & Society)}

#nexa2025 @stefania maurizi @Etica Digitale (Feddit) @Antonio Vetrò @Rossella Latempa

reshared this

Cybersecurity & cyberwarfare

2 mesi fa • •

Cybersecurity & cyberwarfare
2 mesi fa • •

Designing a Simpler Cycloidal Drive

A man's hands are holding an assembly of 3D-printed parts. There is a white backplate, with a yellow circular piece running through the middle. The yellow piece is surrounded by metal rods. Another blue shaft runs through the left side of the assembly. A rougly-diamond shaped plate encompasses both of these shafts.

Cycloidal drives have an entrancing motion, as well as a few other advantages – high torque and efficiency, low backlash, and compactness among them. However, much as [Sergei Mishin] likes them, it can be difficult to 3D-print high-torque drives, and it’s sometimes inconvenient to have the input and output shafts in-line. When, therefore, he came across a video of an industrial three-ring reducing drive, which works on a similar principle, he naturally designed his own 3D-printable drive.

The main issue with 3D-printing a normal cycloidal drive is with the eccentrically-mounted cycloidal plate, since the pins which run through its holes need bearings to keep them from quickly wearing out the plastic plate at high torque. This puts some unfortunate constraints on the size of the drive. A three-ring drive also uses an eccentric drive shaft to cause cycloidal plates to oscillate around a set of pins, but the input and output shafts are offset so that the plates encompass both the pins and the eccentric driveshaft. This simplifies construction significantly, and also makes it possible to add more than one input or output shaft.

As the name indicates, these drives use three plates 120 degrees out of phase with each other; [Sergei] tried a design with only two plates 180 degrees out of phase, but since there was a point at which the plates could rotate just as easily in either direction, it jammed easily. Unlike standard cycloidal gears, these plates use epicycloidal rather than hypocycloidal profiles, since they move around the outside of the pins. [Sergei] helpfully wrote a Python script that can generate profiles, animate them, and export to DXF. The final performance of these drives will depend on their design parameters and printing material, but [Sergei] tested a 20:1 drive and reached a respectable 9.8 Newton-meters before it started skipping.

Even without this design’s advantages, it’s still possible to 3D-print a cycloidal drive, its cousin the harmonic drive, or even more exotic drive configurations.

youtube.com/embed/WMgny-yDjvs?…

hackaday.com/2025/12/11/design…

Cybersecurity & cyberwarfare

2 mesi fa • •

Cybersecurity & cyberwarfare
2 mesi fa • •

Amiibo Emulator Becomes Pocket 2.4 GHz Spectrum Analyzer

As technology marches on, gear that once required expensive lab equipment is now showing up in devices you can buy for less than a nice dinner. A case in point: those tiny displays originally sold as Nintendo amiibo emulators. Thanks to [ATC1441], one of these pocket-sized gadgets has been transformed into 2.4 GHz spectrum analyzer.

These emulators are built around the Nordic nRF52832 SoC, the same chip found in tons of low-power Bluetooth devices, and most versions come with either a small LCD or OLED screen plus a coin cell or rechargeable LiPo. Because they all share the same core silicon, [ATC1441]’s hack works across a wide range of models. Don’t expect lab-grade performance; the analyzer only covers the range the Bluetooth chip inside supports. But that’s exactly whe

... mostra di più

Cybersecurity & cyberwarfare

2 mesi fa da Open app • •

Cybersecurity & cyberwarfare
2 mesi fa da Open app • •

Extremely Rare Electric Piano Restoration

Not only are pianos beautiful musical instruments that have stood the test of many centuries of time, they’re also incredible machines. Unfortunately, all machines wear out over time, which means it’s often not feasible to restore every old piano we might come across. But a few are worth the trouble, and [Emma] had just such a unique machine roll into her shop recently.

What makes this instrument so unique is that it’s among the first electric pianos to be created, and one of only three known of this particular model that survive to the present day. This is a Vivi-Tone Clavier piano which dates to the early 1930s. In an earlier video she discusses more details of its inner workings, but essentially it uses electromagnetic pickups like a guitar to detect vibrations in plucked metal re

... mostra di più

Extremely Rare Electric Piano Restoration

To begin the restoration, [Emma] removes the action and then lifts out all of the keys from the key bed. This instrument is almost a century old so it was quite dirty and needed to be cleaned. The key pins are lubricated, then the keys are adjusted so that they all return after being pressed. From there the keys are all adjusted so that they are square and even with each other. With the keys mostly in order, her attention turns to the action where all of the plucking mechanisms can be filed, and other adjustments made. The last step was perhaps the most tedious, which is “tuning” the piano by adjusting the pluckers so that all of the keys produce a similar amount or volume of sound, and then adding some solder to the reeds that were slightly out of tune.

With all of those steps completed, the piano is back in working order, although [Emma] notes that since these machines were so rare and produced so long ago there’s no real way to know if the restoration sounds like what it would have when it was new. This is actually a similar problem we’ve seen before on this build that hoped to model the sound of another electric instrument from this era called the Luminaphone.

youtube.com/embed/cEG7hD28dW4?…

Thanks to [Eluke] for the tip!

hackaday.com/2025/12/11/extrem…

Cybersecurity & cyberwarfare

2 mesi fa da Open app • •

Cybersecurity & cyberwarfare
2 mesi fa da Open app • •

CSRA: Perché serve un nuovo modo di percepire ciò che non riusciamo più a controllare

La cybersecurity vive oggi in una contraddizione quasi paradossale: più aumentano i dati, più diminuisce la nostra capacità di capire cosa sta accadendo. I SOC traboccano di log, alert, metriche e pannelli di controllo, eppure gli attacchi più gravi — dai ransomware alle campagne stealth di spionaggio — continuano a sfuggire alla vista proprio nel momento decisivo: quando tutto sta per cominciare.

Il problema non è l’informazione. Il problema è lo sguardo: la capacità di visualizzare ciò che conta!

Esistono strumenti perfetti per contare, classificare, correlare; molti meno per percepire.

Così, mentre la superficie digitale cresce in com

... mostra di più

CSRA: Perché serve un nuovo modo di percepire ciò che non riusciamo più a controllare

Il problema non è l’informazione. Il problema è lo sguardo: la capacità di visualizzare ciò che conta!

Esistono strumenti perfetti per contare, classificare, correlare; molti meno per percepire.

Così, mentre la superficie digitale cresce in complessità e velocità, continuiamo a osservare il cyberspace come un inventario di oggetti — server, IP, pacchetti — quando in realtà è un ambiente vivo, dinamico, pulsante, fatto di relazioni che cambiano forma.

Per provare a cambiare le cose nasce il Cyber Situational-Relational Awareness (CSRA): un modello che mette al centro la percezione.

1. Il vero problema non è tecnico: è percettivo.

Viviamo in un ecosistema digitale dove tutto produce segnali. Ogni servizio, applicazione, sensore, utente, processo automatico lascia una o più tracce. Non c’è mai stata così tanta “visibilità” a disposizione dei difensori. Eppure il paradosso persiste: gli attacchi vanno a segno, gli indicatori non bastano, la complessità ci sovrasta.

Il motivo è semplice: abbiamo un’enorme quantità di dati e di informazioni, ma pochissima consapevolezza del loro significato nel momento in cui cambia.

Gli strumenti tradizionali ci dicono cosa è successo, a volte cosa sta succedendo al momento, quasi mai cosa sta per accadere.
Manca la percezione del mutamento, di quella variazione sottile che precede l’incidente.

Il CSRA, concettualmente, nasce proprio per cogliere queste trasformazioni minime, che oggi si perdono nei rumori di fondo.

2. Il cyberspace non è un inventario di oggetti, ma un ecosistema di relazioni

Per trent’anni abbiamo sentito descrivere il cyberspace come un insieme di entità isolate: host, server, IP, router. Abbiamo costruito strumenti pensati per monitorare questi oggetti, ciascuno con i propri attributi e comportamenti misurabili. Ma la realtà degli attacchi moderni mostra un quadro completamente diverso.

Quando una minaccia si manifesta, non è l’oggetto a tradirla, ma la relazione tra oggetti.
Non è il server anomalo a dirci che sta succedendo qualcosa: è il modo in cui sta comunicando con altri nodi.
Non è un singolo pacchetto strano: è il ritmo delle sue interazioni.
Non è un evento isolato: è il cambiamento di una costellazione di micro-eventi.

Ecco la prima grande intuizione del CSRA: il nodo cyber non è un dispositivo, ma un piccolo ecosistema composto da un’entità — umana o automatica — e dalla tecnologia che usa per comunicare. Per comprenderlo occorre osservare come evolve nel tempo, non cosa è staticamente.

3. Comprendere un attacco significa ascoltare il ritmo della rete.

Ogni rete possiede un suo proprio ritmo: qualcuna presenta un alternarsi di picchi e quiete, altre una regolarità nelle connessioni, e poi ci sono le reti di lavoro con un andamento che si ripete giorno dopo giorno.
È proprio quando questo ritmo naturale si spezza — anche in maniera quasi impercettibile — che qualcosa comincia a muoversi.

Il CSRA si concentra su questo: sulla capacità di percepire un cambiamento di ritmo prima che diventi un incidente conclamato. Naturalmente non ogni deviazione implica un attacco: a volte si tratta di un malfunzionamento o di un cambio di abitudini. Ma è sempre meglio verificare.

Un attacco nelle prime fasi è quasi invisibile. Modifica una sequenza di azioni, altera un’abitudine, crea una piccola vibrazione nella rete. Una procedura automatica che diventa più attiva del solito; un nodo che stabilisce collegamenti imprevisti; un cluster che sembra muoversi in modo più irrequieto.

Queste vibrazioni sono i segnali precoci dell’incidente. Il CSRA è progettato per ascoltarli.

4. Lo “spazio locale”: dove la rete ci dice di guardare.

La rete è troppo vasta per essere osservata tutta allo stesso modo.
E qui nasce la seconda intuizione del CSRA: non tutto merita attenzione, almeno non nello stesso momento. Ogni trasformazione significativa parte da un punto preciso della rete. È lì, in quella piccola regione, che il ritmo si altera. Il CSRA identifica questa regione emergente e la trasforma in un “spazio locale”: una sorta di lente dinamica che si concentra proprio dove sta avvenendo il cambiamento.

Lo spazio locale non è predefinito: viene generato dalla rete stessa. È lei a segnalare dove posare lo sguardo. È questo meccanismo che permette a un sistema CSRA di non affogare nei dati e, allo stesso tempo, di accorgersi dei segnali giusti nel momento giusto.

5. La rete come paesaggio: quando ciò che era invisibile diventa evidente

Uno dei punti più affascinanti del CSRA è la sua capacità di trasformare la rete in un paesaggio visivo. Non una dashboard piena di numeri, ma una rappresentazione quasi geografica delle attività: alture che indicano intensità, valli che rivelano stabilità, creste che segnalano turbolenze.

Per la prima volta, l’analista può “vedere” l’incidente come si vede una perturbazione meteorologica: una zona che si scalda, si deforma, si muove. È un modo più naturale, quasi intuitivo, di percepire il cyberspace, che consente di cogliere immediatamente ciò che non torna, anche senza sapere in anticipo di cosa si tratti.

Questa rappresentazione non è un vezzo grafico: è una forma di consapevolezza.

Ciò che era nascosto diventa visibile.

6. Perché il CSRA potenzialmente potrebbe vedere ciò che gli altri strumenti non vedono.

La ragione è semplice e, allo stesso tempo, rivoluzionaria: il CSRA non cerca ciò che conosce, osserva ciò che cambia. Gli strumenti basati su firme, regole e pattern riconoscono solo ciò che è già stato codificato. Funzionano benissimo contro minacce note, molto meno contro tecniche nuove, attacchi creativi o comportamenti deliberatamente irregolari.

Il CSRA, invece, affronta il cyberspace come un organismo in continuo mutamento.
Quando un nodo inizia a comportarsi in modo inusuale, quando due sistemi improvvisano un dialogo imprevisto, quando una parte della rete si anima in modo anomalo, il CSRA lo percepisce immediatamente.

È un’attenzione simile a quella umana: istintiva, sensibile al movimento, orientata alla variazione. Dietro questa capacità percettiva c’è una matematica precisa: quella delle variazioni, dell’entropia e dei cambiamenti tra nodi connessi. Non servono formule per capirlo: conta il principio, quello di misurare come la rete si trasforma nel tempo.

7. Il CSRA è prima di tutto un nuovo modo di pensare.

Non è un software da aggiungere, né un modulo da integrare. È una nuova mentalità per affrontare la sicurezza in un mondo che cambia troppo velocemente. Il CSRA porta con sé un messaggio chiaro: non possiamo più limitarci a raccogliere dati. Dobbiamo imparare a percepire le trasformazioni.

Una rete osservata con il CSRA non è una collezione di oggetti tecnici, ma un ambiente vivo. Il SOC smette di essere un centro di allarmi e diventa un luogo di interpretazione, in cui la difesa non è una reazione tardiva ma un esercizio continuo di comprensione.

Conclusione: il CSRA è la percezione cyber del XXI secolo.

Il CSRA non introduce un altro strumento nell’infinita collezione già esistente. Introduce qualcosa di più importante: un nuovo modo di guardare il cyberspace.

Non come un elenco di entità isolate, ma come un tessuto di relazioni che respira, cambia e ci parla — se sappiamo ascoltarlo.

In un’epoca in cui gli attacchi si trasformano più rapidamente dei nostri modelli di difesa, percepire il cambiamento diventa una necessità strategica. E il CSRA rappresenta il primo passo verso questa nuova forma di consapevolezza.

Non è solo tecnologia. È una nuova capacità umana: vedere ciò che prima era invisibile.

L'articolo CSRA: Perché serve un nuovo modo di percepire ciò che non riusciamo più a controllare proviene da Red Hot Cyber.

Cybersecurity & cyberwarfare

2 mesi fa da Open app • •

Cybersecurity & cyberwarfare
2 mesi fa da Open app • •

Jenny’s Daily Drivers: Haiku R1/beta5

Back in the mid 1990s, the release of Microsoft’s Windows 95 operating system cemented the Redmond software company’s dominance over most of the desktop operating system space. Apple were still in their period in the doldrums waiting for Steve Jobs to return with his NeXT, while other would-be challengers such as IBM’s OS/2 or Commodore’s Amiga were sinking into obscurity.

... mostra di più

Jenny’s Daily Drivers: Haiku R1/beta5

Into this unpromising marketplace came Be inc, with their BeBox computer and its very nice BeOS operating system. To try it out as we did at a trade show some time in the late ’90s was to step into a very polished multitasking multimedia OS, but sadly one which failed to gather sufficient traction to survive. The story ended in the early 2000s as Be were swallowed by Palm, and a dedicated band of BeOS enthusiasts set about implementing a free successor OS. This has become Haiku, and while it’s not BeOS it retains API compatibility with and certainly feels a lot like its inspiration. It’s been on my list for a Daily Drivers article for a while now, so it’s time to download the ISO and give it a go. I’m using the AMD64 version.

A Joy To Use, After A Few Snags

If you ignore the odd font substitution in WebPositive, it’s a competent browser.
This isn’t the first time I’ve given Haiku a go in an attempt to write about it for this series, and I have found it consistently isn’t happy with my array of crusty old test laptops. So this time I pulled out something newer, my spare Lenovo Thinkpad X280. I was pleased to see that the Haiku installation USB volume booted and ran fine on this machine, and I was soon at the end of the install and ready to start my Haiku journey.

Here I hit my first snag, because sadly the OS hadn’t quite managed to set up its UEFI booting correctly. I thus found myself unexpectedly in a GRUB prompt, as the open source bootloader was left in place from a previous Linux install. Fixing this wasn’t too onerous as I was able to copy the relevant Haiku file to my UEFI partition, but it was a little unexpected. On with the show then, and in to Haiku.

In use, this operating system is a joy. Its desktop look and feel is polished, in a late-90s sense. There was nothing jarring or unintuitive, and though I had never used Haiku before I was never left searching for what I needed. It feels stable too, I was expecting the occasional crash or freeze, but none came. When I had to use the terminal to move the UEFI file it felt familiar to me as a Linux user, and all my settings were easy to get right.

Never Mind My Network Card

If only the network setup on my Thinkpad was as nice as the one in the VM.
I hit a problem when it came to network setup though, I found its wireless networking to be intermittent. I could connect to my network, but while DHCP would give it an IP address it failed to pick up the gateway and thus wasn’t a useful external connection. I could fix this by going to a fixed IP address and entering the gateway and DNS myself, and that gave me a connection, but not a reliable one. I would have it for a minute or two, and then it would be gone. Enough time for a quick software update and to load Hackaday on its WebPositive web browser, but not enough time to do any work. We’re tantalisingly close to a useful OS here, and I don’t want this review to end on that note.

The point of this series has been to try each OS in as real a situation as possible, to do my everyday Hackaday work of writing articles and manipulating graphics. I have used real hardware to achieve this, a motley array of older PCs and laptops. As I’ve described in previous paragraphs I’ve reached the limits of what I can do on real hardware due to the network issue, but I still want to give this one a fair evaluation. I have thus here for the first time used a test subject in a VM rather than on real hardware. What follows then is courtesy of Gnome Boxes on my everyday Linux powerhouse, so please excuse the obvious VM screenshots.

This One Is A True Daily Driver

There’s plenty of well-ported software, but nothing too esoteric.
With a Haiku install having a working network connection, it becomes an easy task to install software updates, and install new software. The library has fairly up-to-date versions of many popular packages, so I was easily able to install GIMP and LibreOffice. WebPositive is WebKit-based and up-to-date enough that the normally-picky Hackaday back-end doesn’t complain at me, so it more than fulfils my Daily Drivers requirement for an everyday OS I can do my work on. In fact, the ’90s look-and-feel and the Wi-Fi issues notwithstanding, this OS feels stable and solid in a way that many of the other minority OSes I’ve tried do not. I could use this day-to-day, and the Haiku Thinkpad could accompany me on the road.

There is a snag though, and it’s not the fault of the Haiku folks but probably a function of the size of their community; this is a really great OS, but sadly there are software packages it simply doesn’t have available for it. They’ve concentrated on multimedia, the web, games, and productivity in their choice of software to port, and some of the more esoteric or engineering-specific stuff I use is unsurprisingly not there. I can not fault them for this given the obvious work that’s gone into this OS, but it’s something to consider if your needs are complex.

Haiku then, it’s a very nice desktop operating system that’s polished, stable, and a joy to use. Excuse it a few setup issues and take care to ensure your Wi-Fi card is on its nice list, and you can use it day-to-day. It will always have something of the late ’90s about it, but think of that as not a curse but the operating system some of us wished we could have back in the real late ’90s. I’ll be finding a machine to hang onto a Haiku install, this one bears further experimentation.

hackaday.com/2025/12/11/jennys…

Cybersecurity & cyberwarfare

2 mesi fa • •

Cybersecurity & cyberwarfare
2 mesi fa • •

tinyCore Board Teaches Core Microcontroller Concepts

Looking for an educational microcontroller board to get you or a loved one into electronics? Consider the tinyCore – a small and nifty hexagon-shaped ESP32 board by [MR. INDUSTRIES], simplified for learning yet featureful enough to offer plenty of growth, and fully open.

The tinyCore board’s hexagonal shape makes it more flexible for building wearables than the vaguely rectangular boards we’re used to, and it’s got a good few onboard gadgets. Apart from already expected WiFi, BLE, and GPIOs, you get battery management, a 6DoF IMU (LSM6DSOX) in the center of the board, a micro SD card slot for all your data needs, and two QWIIC connectors. As such, you could easily turn it into, say, a smartwatch, a motion-sensitive tracker, or a controller for a small robot

... mostra di più

Droppie [opensoc]

2 mesi fa da Straya • •

Droppie [opensoc]
2 mesi fa da Straya • •

Hello @Raroun hope you're well. every now & then, when i have joined a different #Friendica instance in the past, i ask this same question of its Owners / Admins. always it's the same negative answer, but i live in hope!

on Masto & Sharkey instances, if the Admins are willing, it is technically possible to add FOSS emojis to the servers. consequently, on many of my instances i've been able to include these in various posts when applicable:

:linux: :archlinux: :kde: :plasma: :zenbrowser: :floorp: :firefox_nightly: :firefox: :thunderbird: :fedora: :opensuse: :debian:

so... is there yet any way that such emojis can be added to your instance, please?

cc: @Friendica Support

#FOSSemojis

#friendica #FOSSemojis @Friendica Support @Raroun

in reply to Droppie [opensoc]

Rainer "friendica" Sokoll

in reply to Droppie [opensoc] • 1 mese fa • •

Use UTF-8.

Unknown parent

Droppie [opensoc]

Unknown parent • 1 mese fa da Straya • •

@gme 🇺🇸🇺🇦🏳️‍⚧️🏳️‍🌈 thank you... albeit afaik i, as a mere end-user of this instance, cannot personally do anything with that info per se. @Raroun

@Raroun @users/gme

securityaffairs

2 mesi fa • •

securityaffairs
2 mesi fa • •

Critical #Gogs zero-day under attack, 700 servers hacked
securityaffairs.com/185593/hac…
#securityaffairs #hacking

Critical Gogs zero-day under attack, 700 servers hacked

Hackers exploited an unpatched Gogs zero-day, allowing remote code execution and compromising around 700 Internet-facing servers.

^{Pierluigi Paganini (Security Affairs)}

#hacking #securityaffairs #gogs

Cybersecurity & cyberwarfare

2 mesi fa • •

Cybersecurity & cyberwarfare
2 mesi fa • •

700.000 record di un Registro Professionale Italiano in vendita nel Dark Web

Un nuovo allarme arriva dal sottobosco del cybercrime arriva poche ore fa. A segnalarlo l’azienda ParagonSec, società specializzata nel monitoraggio delle attività delle cyber gang e dei marketplace clandestini, che ha riportato la comparsa su un forum underground di un presunto database contenente oltre 700.000 record appartenenti ad un Registro Professionale Italiano non meglio precisato.

L’annuncio, pubblicato da un utente che si firma gtaviispeak, descrive la disponibilità di una “fresh db” contenente una quantità impressionante di informazioni sensibili di un database ad oggi sconosciuto che contiene

... mostra di più

700.000 record di un Registro Professionale Italiano in vendita nel Dark Web

Disclaimer: Questo rapporto include screenshot e/o testo tratti da fonti pubblicamente accessibili. Le informazioni fornite hanno esclusivamente finalità di intelligence sulle minacce e di sensibilizzazione sui rischi di cybersecurity. Red Hot Cyber condanna qualsiasi accesso non autorizzato, diffusione impropria o utilizzo illecito di tali dati. Al momento, non è possibile verificare in modo indipendente l’autenticità delle informazioni riportate, poiché l’organizzazione coinvolta non ha ancora rilasciato un comunicato ufficiale sul proprio sito web. Di conseguenza, questo articolo deve essere considerato esclusivamente a scopo informativo e di intelligence.
Print Screen fornito da Paragon Sec a Red Hot Cyber

Il contenuto del database: un rischio elevatissimo

Secondo quanto riportato nel post, il database includerebbe una lunga lista di campi, tra cui:

Dati anagrafici completi: nome, cognome, sesso, luogo di nascita, data di nascita
Codice fiscale
Email e numeri telefonici (fissi e cellulari)
Password (non è noto di quale sito siano riferite)
Dati lavorativi: ente di lavoro, ruolo, categoria professionale
Indirizzi di residenza e domicilio
CAP, provincia, comune
Eventuali informazioni di gruppo e stato professionale
Dati amministrativi di registrazione
Indirizzo IP associato all’utente

La presenza di password in chiaro (o comunque disponibili nel dump) aumenta notevolmente il rischio di compromissioni successive, soprattutto se gli utenti riutilizzano le stesse credenziali su altri servizi.

La vendita avviene su Telegram

Il venditore invita gli interessati a contattarlo tramite un canale Telegram dedicato, una prassi ormai consolidata nelle dinamiche di vendita di database sottratti illegalmente. Nel post è presente anche un link a un presunto sample del dataset, finalizzato a dimostrare l’autenticità del materiale.

Una minaccia concreta per cittadini e aziende

Se confermato, questo leak rappresenta un rischio significativo per:

Frodi fiscali grazie alla disponibilità del codice fiscale
Phishing altamente mirato (spear phishing) basato su dati personali e professionali
Furti d’identità attraverso combinazioni di dati anagrafici, contatti e credenziali
Attacchi contro enti pubblici o professionali, sfruttando i dati lavorativi e l’email associata

Il livello di dettaglio dei campi elencati suggerisce che si tratti di un database istituzionale o comunque proveniente da una piattaforma amministrativa con dati certificati.

Sebbene un utente del forum abbia precisato che gli account non sarebbero ‘fresh’, ciò incide ben poco: informazioni come dati anagrafici, codice fiscale e recapiti non cambiano nel tempo. Di conseguenza, il materiale resta estremamente sensibile e può essere sfruttato con facilità per diverse tipologie di frodi.

Le fughe di dati provenienti da enti pubblici e registri professionali stanno aumentando in tutta Europa. I cybercriminali puntano sempre più su database certificati e ufficiali, poiché consentono attacchi più credibili e redditizi.

L'articolo 700.000 record di un Registro Professionale Italiano in vendita nel Dark Web proviene da Red Hot Cyber.

Cybersecurity & cyberwarfare

2 mesi fa • •

Cybersecurity & cyberwarfare
2 mesi fa • •

NetSupport RAT: il malware invisibile che gli antivirus non possono fermare

Gli specialisti di Securonix hanno scoperto una campagna malware multilivello volta a installare segretamente lo strumento di accesso remoto NetSupport RAT. L’attacco si sviluppa attraverso una serie di fasi accuratamente nascoste, ciascuna progettata per garantire la massima discrezione e lasciare tracce minime sul dispositivo compromesso.

Il download iniziale del codice dannoso inizia con un file JavaScript iniettato nei siti web hackerati. Questo script ha una struttura complessa e una logica nascosta che si attiva solo quando vengono soddisfatte determinate condizioni.

È in grado di rilevare il tipo di dispositivo dell’utente e

... mostra di più

NetSupport RAT: il malware invisibile che gli antivirus non possono fermare

È in grado di rilevare il tipo di dispositivo dell’utente e anche di registrare se è la prima volta che visita la pagina, consentendogli di eseguire azioni dannose una sola volta per dispositivo. Se le condizioni sono soddisfatte, lo script inietta un frame invisibile nella pagina o carica la fase successiva: un’applicazione HTML.

La seconda fase, riportano i ricercatori, prevede l’avvio di un file HTA, un’applicazione nascosta eseguita tramite lo strumento nativo di Windows mshta.exe. Estrae lo script PowerShell crittografato, lo decrittografa utilizzando un processo a più fasi e lo esegue direttamente in memoria. Ciò garantisce che tutte le attività dannose si verifichino senza creare file persistenti, ostacolando significativamente il rilevamento da parte del software antivirus.

Il passaggio finale prevede il download e l’installazione del NetSupport RAT. Per farlo, uno script di PowerShell scarica l’archivio, lo decomprime in una directory poco visibile e avvia il file eseguibile tramite un wrapper JScript. Per mantenerne la presenza nel sistema, viene creato un collegamento nella cartella di avvio, camuffato da componente di Windows Update. Questo approccio consente agli aggressori di mantenere l’accesso anche dopo il riavvio del dispositivo.

NetSupport RAT è uno strumento di amministrazione remota inizialmente legittimo, utilizzato attivamente dagli aggressori per attività di spionaggio, furto di dati e controllo remoto. Durante questa campagna, ottiene il pieno controllo del sistema infetto, intercettando l’input da tastiera, gestendo i file, eseguendo comandi e utilizzando funzioni proxy per navigare all’interno della rete.

Gli esperti stimano che l’infrastruttura dannosa sia costantemente sottoposta a manutenzione e aggiornamento e che la sua architettura indichi l’elevata competenza degli sviluppatori. L’attacco prende di mira gli utenti dei sistemi aziendali e si diffonde attraverso siti web falsi e reindirizzamenti nascosti. Nonostante l’elevato livello di sofisticazione, non è stato ancora possibile stabilire l’esatta affiliazione degli operatori con alcun gruppo criminale informatico noto.

La campagna rilevata evidenzia l’importanza di bloccare l’esecuzione di script non firmati, rafforzare il controllo sul comportamento dei processi di sistema, monitorare le directory di avvio e analizzare le attività di rete sospette. Si raccomanda particolare attenzione nel limitare l’uso di mshta.exe e nel monitorare i tentativi di download di file nelle cartelle %TEMP% e ProgramData.

L'articolo NetSupport RAT: il malware invisibile che gli antivirus non possono fermare proviene da Red Hot Cyber.

Antonella Ferrari

2 mesi fa da Fedilab • •

Antonella Ferrari
2 mesi fa da Fedilab • •

Repubblica e La Stampa. Una vicenda destinata a stravolgere quello che resta del mercato editoriale e del pluralismo dell’informazione

articolo21.org/2025/12/repubbl…

securityaffairs

2 mesi fa • •

securityaffairs
2 mesi fa • •

#GeminiJack zero-click flaw in #Gemini Enterprise allowed corporate data exfiltration
securityaffairs.com/185574/hac…
#securityaffairs #hacking

GeminiJack zero-click flaw in Gemini Enterprise allowed corporate data exfiltration

Google fixed GeminiJack, a zero-click Gemini Enterprise flaw that could leak corporate data via crafted emails, invites, or documents.

^{Pierluigi Paganini (Security Affairs)}

#hacking #gemini #securityaffairs #geminijack

Random Penguin

2 mesi fa • •

Random Penguin
2 mesi fa • •

In the new theme I'm working on I've implemented an option to show a blue checkmark in posts for local accounts that have been self-verified. I was considering expanding the usefulness of that by having it show some other icon/color for Moderators and Administrators on that server, but when I looked into how to figure out who a Moderator is I learned there is no way to distinguish a Moderator from an Admin because there is no actual Moderator role in Friendia.

In UserSession.php the isModerator() function references the same function in User.php which says:

	/**
	 * Returns if the given uid is valid and a moderator
	 *
	 * @param int $uid
	 *
	 * @return bool
	 * @throws Exception

... mostra di più

In UserSession.php the isModerator() function references the same function in User.php which says:

	/**
	 * Returns if the given uid is valid and a moderator
	 *
	 * @param int $uid
	 *
	 * @return bool
	 * @throws Exception
	 */
	public static function isModerator(int $uid): bool
	{
		// @todo Replace with a moderator check in the future
		return self::isSiteAdmin($uid);
	}

So it seems there is no actual "Moderator" role, just "Administrator." And isSiteAdmin() just checks the user's email against getAdminEmailList() which, in turn, just gets the list of email addresses from the "admin_email" line of the site config file?

Is that "todo" slated to happen in the next release? Is Friendica going to have that actual "Moderator" role added so moderation can be delegated to people who are not also Admins? I assume it would be implemented similarly to the Admin Emails in the site config with similar functions for checking users against that list, and of course, anyone with Admin privileges would automatically also be a Moderator.

Still, this almost feels like something that should be part of the "Delegation" feature so someone with "Admin" privileges could just designate some other user as a "Moderator" without also granting them control of the admin account or giving them admin privileges. Since the "Moderation" screens are separate from the "Admin" ones anyway.

@Friendica Developers

in reply to Random Penguin

Hypolite Petovan

in reply to Random Penguin • 2 mesi fa • •

@Random Penguin The admin screen separation was the first step to have a proper Moderator role. I don’t know what Michael has in mind for granting the role but I think it’d be best to have a flag on the User model that wouldn’t require a config change for promotions/demotions.

@Random Penguin

in reply to Hypolite Petovan

Random Penguin

in reply to Hypolite Petovan • 2 mesi fa • •

Yeah, it feels like there should be another column in the user table for "role" or "capabilities." I suppose it would be relatively easy to copy the existing functions used for Admins and have a "moderator_emails" hard-coded into the config file. But as you say it would be nice if promotion/demotion didn't require editing the config file.

I know WordPress originally had a "user_level" meta key in the wp_usermeta table that was just an integer between 0-10. Zero basically couldn't do or see anything. 10 was a site Admin. In the Registered Users list the level had a minus sign before it and a plus sign after it, which Admins or Authors could click, respectively, to demote or promote a user. They abandoned this system sometime after version 2 in favor of a "capabilities" meta key (which is actually the user's "roles"). It's an array that allows fine-grain control of multiple roles:

array( 
       'administrator' => false, 
       'editor' => false,
       'author' => true,
       'contributor' => true,
       'su

... mostra di più

array( 
       'administrator' => false, 
       'editor' => false,
       'author' => true,
       'contributor' => true,
       'subscriber' => true
)

Which looks like this in the database:
"a:5:{s:13:"administrator";b:0;s:6:"editor";b:0;s:6:"author";b:1;s:11:"contributor";b:1;s:10:"subscriber";b:1;}"

The actual capabilities corresponding to each role are stored in the wp_options table under option_name "wp_user_roles" the value of which is also an array. A HUGE array, because there are so many capabilities.

WordPress clearly switched from integers to arrays so plugins (membership, e-commerce, forum, etc.) could define custom roles and capabilities, which could also be descriptive and immediately understood better than "user_level = 6" could.

The WordPress model might be a good way to implement proper roles in Friendica that could also mean being able to delegate to another user but have checkboxes for which of YOUR capabilities you want to extend to THEM, or better yet have sub-roles that can be delegated to them like "Group Moderator" or "Page Contributor" etc. And add-ons could add new roles and capabilities for some custom context. I mean, if Friendica is supposed to be a "Swiss Army Knife" of social media who knows what third-party devs might do with that?

As for implementing this and in a secure way, I'm not sure what all would need to be taken into account.

in reply to Random Penguin

Hypolite Petovan

in reply to Random Penguin • 2 mesi fa • •

@Random Penguin Capabilities are really flexible, but it would have to be wired in so many parts of the Friendica codebase that it isn't realistic given the (lack of) manpower Friendica enjoys at the moment.

It will have to be a simple flag at first, and then if need arises it could be made more complex.

@Random Penguin

in reply to Random Penguin

Michael 🇺🇦

in reply to Random Penguin • 2 mesi fa • •

I would like to have a separated "Moderator" role, but the sad truth is that I guess that I don't have the capacity to add it. There are a lot of things that would be nice to see them being added to Friendica, but my available time is limited. The list of issues on our repository is constantly growing and just maintaining and improving already existing functionality eats up most of my time.

I guess that we will only have this in the system when we find additional coding resources.

Cybersecurity & cyberwarfare

2 mesi fa da Open app • •

Cybersecurity & cyberwarfare
2 mesi fa da Open app • •

Hunting for Mythic in network traffic

Post-exploitation frameworks

Threat actors frequently employ post-exploitation frameworks in cyberattacks to maintain control over compromised hosts and move laterally within the organization’s network. While they once favored closed-source frameworks, such as Cobalt Strike and Brute Ratel C4, open-source projects like Mythic, Sliver, and Havoc have surged in popularity in recent years. Malicious actors are also quick to adopt relatively new frameworks, such as Adaptix C2.

... mostra di più

Hunting for Mythic in network traffic

Post-exploitation frameworks

Analysis of popular frameworks revealed that their development focuses heavily on evading detection by antivirus and EDR solutions, often at the expense of stealth against systems that analyze network traffic. While obfuscating an agent’s network activity is inherently challenging, agents must inevitably communicate with their command-and-control servers. Consequently, an agent’s presence in the system and its malicious actions can be detected with the help of various network-based intrusion detection systems (IDS) and, of course, Network Detection and Response (NDR) solutions.

This article examines methods for detecting the Mythic framework within an infrastructure by analyzing network traffic. This framework has gained significant traction among various threat actors, including Mythic Likho (Arcane Wolf) и GOFFEE (Paper Werewolf), and continues to be used in APT and other attacks.

The Mythic framework

Mythic C2 is a multi-user command and control (C&C, or C2) platform designed for managing malicious agents during complex cyberattacks. Mythic is built on a Docker container architecture, with its core components – the server, agents, and transport modules – written in Python. This architecture allows operators to add new agents, communication channels, and custom modifications on the fly.

Since Mythic is a versatile tool for the attacker, from the defender’s perspective, its use can align with multiple stages of the Unified Kill Chain, as well as a large number of tactics, techniques, and procedures in the MITRE ATT&CK® framework.

Pivoting is a tactic where the attacker uses an already compromised system as a pivot point to gain access to other systems within the network. In this way, they gradually expand their presence within the organization’s infrastructure, bypassing firewalls, network segmentation, and other security controls.
Collection (TA0009) is a tactic focused on gathering and aggregating information of value to the attacker: files, credentials, screenshots, and system logs. In the context of network operations, collection is often performed locally on compromised hosts, with data then packaged for transfer. Tools like Mythic automate the discovery and selection of data sought by the adversary.
Exfiltration (TA0010) is the process of moving collected information out of the secured network via legitimate or covert channels, such as HTTP(s), DNS, or SMB, etc. Attackers may use resident agents or intermediate relays (pivot hosts) to conceal the exfiltration source and route.
Command and Control (TA0011) encompasses the mechanisms for establishing and maintaining a communication channel between the operator and compromised hosts to transmit commands and receive status updates. This includes direct connections, relaying through pivot hosts, and the use of covert protocols. Frameworks like Mythic provide advanced C2 capabilities, such as scheduled command execution, tunneling, and multi-channel communication, which complicate the detection and blocking of their activity.

This article focuses exclusively on the Command and Control (TA0011) tactic, whose techniques can be effectively detected within the network traffic of Mythic agents.

Detecting Mythic agent activity in network traffic

At the time of writing, Mythic supports data transfer over HTTP/S, WebSocket, TCP, SMB, DNS, and MQTT. The platform also boasts over a dozen different agents, written in Go, Python, and C#, designed for Windows, macOS, and Linux.

Mythic employs two primary architectures for its command network:

In this model, agents communicate with adjacent agents forming a chain of connections which eventually leads to a node communicating directly with the Mythic C2 server. For this purpose, agents utilize TCP and SMB.
In this model, agents communicate directly with the C2 server via HTTP/S, WebSocket, MQTT, or DNS.

P2P communication

Mythic provides pivoting capabilities via named SMB pipes and TCP sockets. To detect Mythic agent activity in P2P mode, we will examine their network traffic and create corresponding Suricata detection rules (signatures).

P2P communication via SMB

When managing agents via the SMB protocol, a named pipe is used by default for communication, with its name matching the agent’s UUID.

Although this parameter can be changed, it serves as a reliable indicator and can be easily described with a regular expression. Example:
[a-z0-9]{8}\-[a-z0-9]{4}\-[a-z0-9]{4}\-[a-z0-9]{4}\-[a-z0-9]{12}

For SMB communication, agents encode and encrypt data according to the pattern: base64(UUID+AES256(JSON)). This data is then split into blocks and transmitted over the network. The screenshot below illustrates what a network session for establishing a connection between agents looks like in Wireshark.

Commands and their responses are packaged within the MythicMessage data structure. This structure contains three header fields, as well as the commands themselves or the corresponding responses:

Total size (4 bytes)
Number of data blocks (4 bytes)
Current block number (4 bytes)
Base64-encoded data

The screenshot below shows an example of SMB communication between agents.

The agent (10.63.101.164) sends a command to another agent in the MythicMessage format. The first three Write Requests transmit the total message size, total number of blocks, and current block number. The fourth request transmits the Base64-encoded data. This is followed by a sequence of Read Requests, which are also transmitted in the MythicMessage format.

Below are the data transmitted in the fourth field of the MythicMessage structure.

The content is encoded in Base64. Upon decoding, the structure of the transmitted information becomes visible: it begins with the UUID of the infected host, followed by a data block encrypted using AES-256.

The fact that the data starts with a UUID string can be leveraged to create a signature-based detection rule that searches network packets for the identifier pattern.

To search for packets containing a UUID, the following signature can be applied. It uses specific request types and protocol flags as filters (Command: Ioctl (11), Function: FSCTL_PIPE_WAIT (0x00110018)), followed by a check to see if the pipe name matches the UUID pattern.
alert tcp any any -> any [139, 445] (msg: "Trojan.Mythic.SMB.C&C"; flow: to_server, established; content: "|fe|SMB"; offset: 4; depth: 4; content: "|0b 00|"; distance: 8; within: 2; content: "|18 00 11 00|"; distance: 48; within: 12; pcre: "/\x48\x00\x00\x00[\x00-\xFF]{2}([a-z0-9]\x00){8}\-\x00([a-z0-9]\x00){4}\-\x00([a-z0-9]\x00){4}\-\x00([a-z0-9]\x00){4}\-\x00([a-z0-9]\x00){12}$/R"; threshold: type both, track by_src, count 1, seconds 60; reference: url, github.com/MythicC2Profiles/sm… classtype: ndr1; sid: 9000101; rev: 1;)
Agent activity can also be detected by analyzing data transmitted in SMB WriteRequest packets with the protocol flag Command: Write (9) and a distinct packet structure where the BlobOffset and BlobLen fields are set to zero. If the Data field is Base64-encoded and, after decoding, begins with a UUID-formatted string, this indicates a command-and-control channel.
alert tcp any any -> any [139, 445] (msg: "Trojan.Mythic.SMB.C&C"; flow: to_server, established; dsize: > 360; content: "|fe|SMB"; offset: 4; depth: 4; content: "|09 00|"; distance: 8; within: 2; content: "|00 00 00 00 00 00 00 00 00 00 00 00|"; distance: 86; within: 12; base64_decode: bytes 64, offset 0, relative; base64_data; pcre: "/^[a-z0-9]{8}\-[a-z0-9]{4}\-[a-z0-9]{4}\-[a-z0-9]{4}\-[a-z0-9]{12}/"; threshold: type both, track by_src, count 1, seconds 60; reference: url, github.com/MythicC2Profiles/sm… classtype: ndr1; sid: 9000102; rev: 1;)
Below is the KATA NDR user interface displaying an alert about detecting a Mythic agent operating in P2P mode over SMB. In this instance, the first rule – which checks the request type, protocol flags, and the UUID pattern – was triggered.

It should be noted that these signatures have a limitation. If the SMBv3 protocol with encryption enabled is used, Mythic agent activity cannot be detected with signature-based methods. A possible alternative is behavioral analysis. However, in this context, it suffers from low accuracy and a high false-positive rate. The SMB protocol is widely used by organizations for various legitimate purposes, making it difficult to isolate behavioral patterns that definitively indicate malicious activity.

P2P communication via TCP

Mythic also supports P2P communications via TCP. The connection initialization process appears in network traffic as follows:

As with SMB, the MythicMessage structure is used for transmitting and receiving data. First, the data length (4 bytes) is sent as a big-endian DWORD in a separate packet. Subsequent packets transmit the number of data blocks, the current block number, and the data itself. However, unlike SMB packets, the value of the current block number field is always 0x00000000, due to TCP’s built-in packet fragmentation support.

The data encoding scheme is also analogous to what we observed with SMB and appears as follows: base64(UUID+AES256(JSON)). Below is an example of a network packet containing Mythic data.

The decoded data appears as follows:

Similar to communication via SMB, signature-based detection rules can be created for TCP traffic to identify Mythic agent activity by searching for packets containing UUID-formatted strings. Below are two Suricata detection rules. The first rule is a utility rule. It does not generate security alerts but instead tags the TCP session with an internal flag, which is then checked by another rule. The second rule verifies the flag and applies filters to confirm that the current packet is being analyzed at the beginning of a network session. It then decodes the Base64 data and searches the resulting content for a UUID-formatted string.
alert tcp any any -> any any (msg: "Trojan.Mythic.TCP.C&C"; flow: from_server, established; dsize: 4; stream_size: server, <, 6; stream_size: client, <, 3; content: "|00 00|"; depth: 2; pcre: "/^\x00\x00[\x00-\x5C]{1}[\x00-\xFF]{1}$/"; flowbits: set, mythic_tcp_p2p_msg_len; flowbits: noalert; threshold: type both, track by_src, count 1, seconds 60; reference: url, github.com/MythicC2Profiles/tc… classtype: ndr1; sid: 9000103; rev: 1;)

alert tcp any any -> any any (msg: "Trojan.Mythic.TCP.C&C"; flow: from_server, established; dsize: > 300; stream_size: server, <, 6000; stream_size: client, <, 6000; flowbits: isset, mythic_tcp_p2p_msg_len; content: "|00 00 00|"; depth: 3; content: "|00 00 00 00|"; distance: 1; within: 4; base64_decode: bytes 64, offset 0, relative; base64_data; pcre: "/^[a-z0-9]{8}\-[a-z0-9]{4}\-[a-z0-9]{4}\-[a-z0-9]{4}\-[a-z0-9]{12}/"; threshold: type both, track by_src, count 1, seconds 60; reference: url, github.com/MythicC2Profiles/tc… classtype: ndr1; sid: 9000104; rev: 1;)
Below is the NDR interface displaying an example of the two rules detecting a Mythic agent operating in P2P mode over TCP.

Egress transport modules

Covert Egress communication

For stealthy operations, Mythic allows agents to be managed through popular services. This makes its activity less conspicuous within network traffic. Mythic includes transport modules based on the following services:

Discord
GitHub
Slack

Of these, only the first two remain relevant at the time of writing. Communication via Slack (the Slack C2 Profile transport module) is no longer supported by the developers and is considered deprecated, so we will not examine it further.

The Discord C2 Profile transport module

The use of the Discord service as a mediator for C2 communication within the Mythic framework has been gaining popularity recently. In this scenario, agent traffic is indistinguishable from normal Discord activity, with commands and their execution results masquerading as messages and file attachments. Communication with the server occurs over HTTPS and is encrypted with TLS. Therefore, detecting Mythic traffic requires decrypting this.

Analyzing decrypted TLS traffic

Let’s assume we are using an NDR platform in conjunction with a network traffic decryption (TLS inspection) system to detect suspicious network activity. In this case, we operate under the assumption that we can decrypt all TLS traffic. Let’s examine possible detection rules for that scenario.

Agent and server communication occurs via Discord API calls to send messages to a specific channel. Communication between the agent and Mythic uses the MythicMessageWrapper structure, which contains the following fields:

message: the transmitted data
sender_id: a GUID generated by the agent, included in every message
to_server: a direction flag – a message intended for the server or the agent
id: not used
final: not used

Of particular interest to us is the message field, which contains the transmitted data encoded in Base64. The MythicMessageWrapper message is transmitted in plaintext, making it accessible to anyone with read permissions for messages on the Discord server.

Below is an example of data transmission via messages in a Discord channel.

To establish a connection, the agent authenticates to the Discord server via the API call /api/v10/gateway/bot. We observe the following data in the network traffic:

After successful initialization, the agent gains the ability to receive and respond to commands. To create a message in the channel, the agent makes a POST request to the API endpoint /channels/<channel.id>/messages. The network traffic for this call is shown in the screenshot below.

After decoding the Base64, the content of the message field appears as follows:

A structure characteristic of a UUID is visible at the beginning of the packet.

After processing the message, the agent deletes it from the channel via a DELETE request to the API endpoint /channels/{channel.id}/messages/{message.id}.

Below is a Suricata rule that detects the agent’s Discord-based communication activity. It checks the API activity for creating HTTP messages for the presence of Base64-encoded data containing the agent’s UUID.
alert tcp any any -> any any (msg: "Trojan.Mythic.HTTP.C&C"; flow: to_server, established; content: "POST"; http_method; content: "/api/"; http_uri; content: "/channels/"; distance: 0; http_uri; pcre: "/\/messages$/U"; content: "|7b 22|content|22|"; depth: 20; http_client_body; content: "|22|sender_id"; depth: 1500; http_client_body; pcre: "/\x22sender_id\x5c\x22\x3a\x5c\x22[a-z0-9]{8}\-[a-z0-9]{4}\-[a-z0-9]{4}\-[a-z0-9]{4}\-[a-z0-9]{12}/"; threshold: type both, track by_src, count 1, seconds 60; reference: url, github.com/MythicC2Profiles/di… classtype: ndr1; sid: 9000105; rev: 1;)
Below is the NDR user interface displaying an example of detecting the activity of the Discord C2 Profile transport module for a Mythic agent within decrypted HTTP traffic.

Analyzing encrypted TLS traffic

If Discord usage is permitted on the network and there is no capability to decrypt traffic, it becomes nearly impossible to detect agent activity. In this scenario, behavioral analysis of requests to the Discord server may prove useful. Below is network traffic showing frequent TLS connections to the Discord server, which could indicate commands being sent to an agent.

In this case, we can use a Suricata rule to detect the frequent TLS sessions with Discord servers:
alert tcp any any -> any any (msg: "NetTool.PossibleMythicDiscordEgress.TLS.C&C"; flow: to_server, established; tls_sni; content: "discord.com"; nocase; threshold: type both, track by_src, count 4, seconds 420; reference: url, github.com/MythicC2Profiles/di… classtype: ndr3; sid: 9000106; rev: 1;)
Another method for detecting these communications involves tracking multiple DNS queries to the discord.com domain.

The following rule can be applied to detect these:
alert udp any any -> any 53 (msg: "NetTool.PossibleMythicDiscordEgress.DNS.C&C"; content: "|01 00 00 01 00 00 00 00 00 00|"; depth: 10; offset: 2; content: "|07|discord|03|com|00|"; nocase; distance: 0; threshold: type both, track by_src, count 4, seconds 60; reference: url, github.com/MythicC2Profiles/di… classtype: ndr3; sid: 9000107; rev: 1;)
Below is the NDR user interface showing an example of a custom rule in operation, detecting the activity of the Discord C2 Profile transport module for a Mythic agent within encrypted traffic based on characteristic DNS queries.

The proposed rule options have low accuracy and can generate a high number of false positives. Therefore, they must be adapted to the specific characteristics of the infrastructure in which they will run. Threshold and count parameters, which control the triggering frequency and time window, require tuning.

GitHub C2 Profile transport module

GitHub’s popularity has made it an attractive choice as a mediator for managing Mythic agents. The core concept is the same as in other covert Egress communication transport modules. Communication with GitHub utilizes HTTPS. Successful operation requires an account on the target platform and the ability to communicate via API calls. The transport module utilizes the GitHub API to send comments to pre-created Issues and to commit files to a branch within a repository controlled by the attackers. In this model, the agent interacts only with GitHub: it creates and reads comments, uploads files, and manages branches. It does not communicate with any other servers. The communication algorithm via GitHub is as follows:

The agent posts a comment (check-in) to a designated Issue on GitHub, intended for agents to report their results.
The Mythic server validates the comment, deletes it, and posts a reply in an issue designated for server use.
The agent creates a branch with a name matching its UUID and writes a get_tasking file to it (performs a push request).
The Mythic server reads the file and writes a response file to the same branch.
The agent reads the response file, deletes the branch, pauses, and repeats the cycle.

Analyzing decrypted TLS traffic

Let’s consider an approach to detecting agent activity when traffic decryption is possible.

Agent communication with the server utilizes API calls to GitHub. The payload is encoded in Base64 and published in plaintext; therefore, anyone who can view the repository or analyze the traffic contents can decode it.

Analysis of agent communication revealed that the most useful traffic for creating detection rules is associated with publishing check-in comments, creating a branch, and publishing a file.

During the check-in phase, the agent posts a comment to register a new agent and establish communication.

The transmitted data is encoded in Base64 and contains the agent’s UUID and the portion of the message encrypted using AES-256.

This allows for a signature that detects UUID-formatted substrings within GitHub comment creation requests.
alert tcp any any -> any any (msg: "Trojan.Mythic.HTTP.C&C"; flow: to_server, established; content: "POST"; http_method; content: "api.github.com"; http_host; content: "/repos/"; depth: 8; http_uri; pcre: "/\/comments$/U"; content: "|22|body|22|"; depth: 8; http_client_body; base64_decode: bytes 300, offset 2, relative; base64_data; pcre: "/^[a-z0-9]{8}\-[a-z0-9]{4}\-[a-z0-9]{4}\-[a-z0-9]{4}\-[a-z0-9]{12}/"; threshold: type both, track by_src, count 1, seconds 60; reference: url, github.com/MythicC2Profiles/gi… classtype: ndr1; sid: 9000108; rev: 1;)
Another stage suitable for detection is when the agent creates a separate branch with its UUID as the name. All subsequent relevant communication with the server will occur within this branch. Here is an example of a branch creation request:

Therefore, we can create a detection rule to identify UUID-formatted strings within branch creation requests.
alert tcp any any -> any any (msg: "Trojan.Mythic.HTTP.C&C"; flow: to_server, established; content: "POST"; http_method; content: "api.github.com"; http_host; content: "/repos/"; depth: 100; http_uri; content: "/git/refs"; distance: 0; http_uri; content: "|22|ref|22 3a|"; depth: 10; http_client_body; content: "refs/heads/"; distance: 0; within: 50; http_client_body; pcre: "/refs\/heads\/[a-z0-9]{8}\-[a-z0-9]{4}\-[a-z0-9]{4}\-[a-z0-9]{4}\-[a-z0-9]{12}\x22/"; threshold: type both, track by_src, count 1, seconds 60; reference: url, github.com/MythicC2Profiles/gi… classtype: ndr1; sid: 9000109; rev: 1;)
After creating the branch, the agent writes a file to it (sends a push request), which contains Base64-encoded data.

Therefore, we can create a rule to trigger on file publication requests to a branch whose name matches the UUID pattern.
alert tcp any any -> any any (msg: "Trojan.Mythic.HTTP.C&C"; flow: to_server, established; content: "PUT"; http_method; content: "api.github.com"; http_host; content: "/repos/"; depth:8; http_uri; content: "/contents/"; distance: 0; http_uri; content: "|22|content|22|"; depth: 100; http_client_body; pcre: "/\x22message\x22\x3a\x22[a-z0-9]{8}\-[a-z0-9]{4}\-[a-z0-9]{4}\-[a-z0-9]{4}\-[a-z0-9]{12}\x22/"; threshold: type both, track by_src, count 1, seconds 60; reference: url, github.com/MythicC2Profiles/gi… classtype: ndr1; sid: 9000110; rev: 1;)
The screenshot below shows how the NDR solution logs all suspicious communications using the GitHub API and subsequently identifies the Mythic agent’s activity. The result is an alert with the verdict Trojan.Mythic.HTTP.C&C.

Analyzing encrypted TLS traffic

Communication with GitHub occurs over HTTPS; therefore, in the absence of traffic decryption capability, signature-based methods for detecting agent activity cannot be applied. Let’s consider a behavioral agent activity detection approach.

For instance, it is possible to detect connections to GitHub servers that are atypical in frequency and purpose, originating from network segments where this activity is not expected. The screenshot below shows an example of an agent’s multiple TLS sessions. The traffic reflects the execution of several commands, as well as idle time, manifested as constant polling of the server while awaiting new tasks.

Multiple TLS sessions with the GitHub service from uncharacteristic network segments can be detected using the rule presented below:
alert tcp any any -> any any (msg:"NetTool.PossibleMythicGitHubEgress.TLS.C&C"; flow: to_server, established; tls_sni; content: "api.github.com"; nocase; threshold: type both, track by_src, count 4, seconds 60; reference: url, github.com/MythicC2Profiles/gi… classtype: ndr3; sid: 9000111; rev: 1;)

Additionally, multiple DNS queries to the service can be logged in the traffic.

This activity is detected with the help of the following rule:
alert udp any any -> any 53 (msg: "NetTool.PossibleMythicGitHubEgress.DNS.C&C"; content: "|01 00 00 01 00 00 00 00 00 00|"; depth: 10; offset: 2; content: "|03|api|06|github|03|com|00|"; nocase; distance: 0; threshold: type both, track by_src, count 12, seconds 180; reference: url, github.com/MythicC2Profiles/gi… classtype: ndr3; sid: 9000112; rev: 1;)
The screenshot below shows the NDR interface with an example of the first rule in action, detecting traces of the GitHub profile activity for a Mythic agent within encrypted TLS traffic.

The suggested rule options can produce false positives, so to improve their effectiveness, they must be adapted to the specific characteristics of the infrastructure in which they will run. The parameters of the threshold keyword – specifically the count and seconds values, which control the number of events required to generate an alert and the time window for their occurrence in NDR – must be configured.

Direct Egress communication

The Egress communication model allows agents to interact directly with the C2 server via the following protocols:

HTTP(S)
WebSocket
MQTT
DNS

The first two protocols are the most prevalent. The DNS-based transport module is still under development, and the module based on MQTT sees little use among operators. We will not examine them within the scope of this article.

Communication via HTTP

HTTP is the most common protocol for building a Mythic agent control network. The HTTP transport container acts as a proxy between the agents and the Mythic server. It allows data to be transmitted in both plaintext and encrypted form. Crucially, the metadata is not encrypted, which enables the creation of signature-based detection rules.

Below is an example of unencrypted Mythic network traffic over HTTP. During a GET request, data encoded in Base64 is passed in the value of the query parameter.

After decoding, the agent’s UUID – generated according to a specific pattern – becomes visible. This identifier is followed by a JSON object containing the key parameters of the host, collected by the agent.

If data encryption is applied, the network traffic for agent communication appears as shown in the screenshot below.

After decrypting the traffic and decoding from Base64, the communication data reveals the familiar structure: UUID+AES256(JSON).

Therefore, to create a detection signature for this case, we can also rely on the presence of a UUID within the Base64-encoded data in POST requests.
alert tcp any any -> any any (msg: "Trojan.Mythic.HTTP.C&C"; flow: to_server, established; content: "POST"; http_method; content: "|0D 0A 0D 0A|"; base64_decode: bytes 80, offset 0, relative; base64_data; content: "-"; offset: 8; depth: 1; content: "-"; distance: 4; within: 1; content: "-"; distance: 4; within: 1; content: "-"; distance: 4; within: 1; pcre: "/[0-9a-fA-F]{8}\-[0-9a-fA-F]{4}\-[0-9a-fA-F]{4}\-[0-9a-fA-F]{4}\-[0-9a-fA-F]{12}/"; threshold: type both, track by_src, count 1, seconds 180; reference: md5, 6ef89ccee639b4df42eaf273af8b5ffd; classtype: trojan1; sid: 9000113; rev: 2;)
The screenshot below shows how the NDR platform detects agent communication with the server over HTTP, generating an alert with the name Trojan.Mythic.HTTP.C&C.

Communication via HTTPS

Mythic agents can communicate with the server via HTTPS using the corresponding transport module. In this case, data is encrypted with TLS and is not amenable to signature-based analysis. However, the activity of Mythic agents can be detected if they use the default SSL certificate. Below is an example of network traffic from a Mythic agent with such a certificate.

For this purpose, the following signature is applied:
alert tcp any any -> any any (msg: "Trojan.Mythic.HTTPS.C&C"; flow: established, from_server, no_stream; content: "|16 03|"; content: "|0B|"; distance: 3; within: 1; content: "Mythic C2"; distance: 0; reference: url, github.com/its-a-feature/Mythi… classtype: ndr1; sid: 9000114; rev: 1;)

WebSocket

The WebSocket protocol enables full-duplex communication between a client and a remote host. Mythic can utilize it for agent management.

The process of agent communication with the server via WebSocket is as follows:

The agent sends a request to the WebSocket container to change the protocol for the HTTP(S) connection.
The agent and the WebSocket container switch to WebSocket to send and receive messages.
The agent sends a message to the WebSocket container requesting tasks from the Mythic container.
The WebSocket container forwards the request to the Mythic container.
The Mythic container returns the tasks to the WebSocket container.
The WebSocket container forwards these tasks to the agent.

It is worth mentioning that in this communication model, both the WebSocket container and the Mythic container reside on the Mythic server. Below is a screenshot of the initial agent connection to the server.

An analysis of the TCP session shows that the actual data is transmitted in the data field in Base64 encoding.

Decoding reveals the familiar data structure: UUID+AES256(JSON).

Therefore, we can use an approach similar to those discussed above to detect agent activity. The signature should rely on the UUID string at the beginning of the data field. The rule first verifies that the session data matches the data:base64 format, then decodes the data field and searches for a string matching the UUID pattern.
alert tcp any any -> any any (msg: "Trojan.Mythic.WebSocket.C&C"; flow: established, from_server; content: "|7B 22|data|22 3a 22|"; depth: 14; pcre: "/^[0-9a-zA-Z\/\+]+[=]{0,2}\x22\x7D\x0A$/R"; content: "|7B 22|data|22 3a 22|"; depth: 14; base64_decode: bytes 48, offset 0, relative; base64_data; pcre: "/^[a-z0-9]{8}\-[a-z0-9]{4}\-[a-z0-9]{4}\-[a-z0-9]{4}\-[a-z0-9]{12}/i"; threshold: type both, track by_src, count 1, seconds 30; reference: url, github.com/MythicAgents/; classtype: ndr1; sid: 9000115; rev: 2;)
Below is the Trojan.Mythic.WebSocket.C&C signature triggering on Mythic agent communication over WebSocket.

Takeaways

The Mythic post-exploitation framework continues to gain popularity and evolve rapidly. New agents are emerging, designed for covert persistence within target infrastructures. Despite this evolution, the various implementations of network communication in Mythic share many common characteristics that remain largely consistent over time. This consistency enables IDS/NDR solutions to effectively detect the framework’s agent activity through network traffic analysis.

Mythic supports a wide array of agent management options utilizing several network protocols. Our analysis of agent communications across these protocols revealed that agent activity can be detected by searching for specific data patterns within network traffic. The primary detection criterion involves tracking UUID strings in specific positions within Base64-encoded transmitted data. However, while the general approach to detecting agent activity is similar across protocols, each requires protocol-specific filters. Consequently, creating a single, universal signature for detecting Mythic agents in network traffic is challenging; individual detection rules must be crafted for each protocol. This article has provided signatures that are included in Kaspersky NDR.

Kaspersky NDR is designed to identify current threats within network infrastructures. It enables the detection of all popular post-exploitation frameworks based on their characteristic traffic patterns. Since the network components of these frameworks change infrequently, employing an NDR solution ensures high effectiveness in agent discovery.

Kaspersky verdicts in Kaspersky solutions (Kaspersky Anti-Targeted Attack with NDR module and Kaspersky NGFW)

Trojan.Mythic.SMB.C&C
Trojan.Mythic.TCP.C&C
Trojan.Mythic.HTTP.C&C
Trojan.Mythic.TLS.C&C
Trojan.Mythic.WebSocket.C&C

securelist.com/detecting-mythi…

Cybersecurity & cyberwarfare

2 mesi fa da Open app • •

Cybersecurity & cyberwarfare
2 mesi fa da Open app • •

Creating User-Friendly Installers Across Operating Systems

After you have written the code for some awesome application, you of course want other people to be able to use it. Although simply directing them to the source code on GitHub or similar is an option, not every project lends itself to the traditional configure && make && make install, with often dependencies being the sticking point.

Asking the user to install dependencies and set up any filesystem links is an option, but having an installer of some type tackle all this is of course significantly easier. Typically this would contain the precompiled binaries, along with any other required files which the installer can then copy to their final location before tackling any remaining tasks, like updating configuration files, tweaking a registry, setting up filesystem links and so on.

As simple as this sounds, it comes with a lot of gotchas, with Linux

... mostra di più

Creating User-Friendly Installers Across Operating Systems

As simple as this sounds, it comes with a lot of gotchas, with Linux distributions in particular being a tough nut. Whereas on MacOS, Windows, Haiku and many other OSes you can provide a single installer file for the respective platform, for Linux things get interesting.

Windows As Easy Mode

For all the flak directed at Windows, it is hard to deny that it is a stupidly easy platform to target with a binary installer, with equally flexible options available on the side of the end-user. Although Microsoft has nailed down some options over the years, such as enforcing the user’s home folder for application data, it’s still among the easiest to install an application on.

While working on the NymphCast project, I found myself looking at a pleasant installer to wrap the binaries into, initially opting to use the NSIS (Nullsoft Scriptable Install System) installer as I had seen it around a lot. While this works decently enough, you do notice that it’s a bit crusty and especially the more advanced features can be rather cumbersome.

This is where a friend who was helping out with the project suggested using the more modern Inno Setup instead, which is rather like the well-known InstallShield utility, except OSS and thus significantly more accessible. Thus the pipeline on Windows became the following:

Install dependencies using vcpkg.
Compile project using NMake and the MSVC toolchain.
Run the Inno Setup script to build the .exe based installer.

Installing applications on Windows is helped massively both by having a lot of freedom where to install the application, including on a partition or disk of choice, and by having the start menu structure be just a series of folders with shortcuts in them.

The Qt-based NymphCast Player application’s .iss file covers essentially such a basic installation process, while the one for NymphCast Server also adds the option to download a pack of wallpaper images, and asks for the type of server configuration to use.

Uninstalling such an application basically reverses the process, with the uninstaller installed alongside the application and registered in the Windows registry together with the application’s details.

MacOS As Proprietary Mode

Things get a bit weird with MacOS, with many application installers coming inside a DMG image or PKG file. The former is just a disk image that can be used for distributing applications, and the user is generally provided with a way to drag the application into the Applications folder. The PKG file is more of a typical installer as on Windows.

Of course, the problem with anything MacOS is that Apple really doesn’t want you to do anything with MacOS if you’re not running MacOS already. This can be worked around, but just getting to the point of compiling for MacOS without running XCode on MacOS on real Apple hardware is a bit of a fool’s errand. Not to mention Apple’s insistence on signing these packages, if you don’t want the end-user to have to jump through hoops.

Although I have built both iOS and OS X/MacOS applications in the past – mostly for commercial projects – I decided to not bother with compiling or testing my projects like NymphCast for Apple platforms without easy access to an Apple system. Of course, something like Homebrew can be a viable alternative to the One True Apple Way if you merely want to get OSS o MacOS. I did add basic support for Homebrew in NymphCast, but without a MacOS system to test it on, who knows whether it works.

Anything But Linux

The world of desktop systems is larger than just Windows, MacOS and Linux, of course. Even mobile OSes like iOS and Android can be considered to be ‘desktop OSes’ with the way that they’re being used these days, also since many smartphones and tablets can be hooked up to to a larger display, keyboard and mouse.

How to bootstrap Android development, and how to develop native Android applications has been covered before, including putting APK files together. These are the typical Android installation files, akin to other package manager packages. Of course, if you wish to publish to something like the Google Play Store, you’ll be forced into using app bundles, as well as various ways to signing the resulting package.

The idea of using a package for a built-in package manager instead of an executable installer is a common one on many platforms, with iOS and kin being similar. On FreeBSD, which also got a NymphCast port, you’d create a bundle for the pkg package manager, although you can also whip up an installer. In the case of NymphCast there is a ‘universal installer’ built into the Makefile after compilation via the fully automated setup.sh shell script, using the fact that OSes like Linux, FreeBSD and even Haiku are quite similar on a folder level.

That said, the Haiku port of NymphCast is still as much of a Beta as Haiku itself, as detailed in the write-up which I did on the topic. Once Haiku is advanced enough I’ll be creating packages for its pkgman package manager as well.

The Linux Chaos Vortex

There is a simple, universal way to distribute software across Linux distributions, and it’s called the ‘tar.gz method’, referring to the time-honored method of distributing source as a tarball, for local compilation. If this is not what you want, then there is the universal RPM installation format which died along with the Linux Standard Base. Fortunately many people in the Linux ecosystem have worked tirelessly to create new standards which will definitely, absolutely, totally resolve the annoying issue of having to package your applications into RPMs, DEBs, Snaps, Flatpaks, ZSTs, TBZ2s, DNFs, YUMs, and other easily remembered standards.

It is this complete and utter chaos with Linux distros which has made me not even try to create packages for these, and instead offer only the universal .tar.gz installation method. After un-tar-ing the server code, simply run [url=https://github.com/MayaPosch/NymphCast/blob/master/setup.sh]setup.sh[/url] and lean back while it compiles the thing. After that, run install_linux.sh and presto, the whole shebang is installed without further ado. I also provided an uninstall_linux.sh script to complete the experience.

That said, at least one Linux distro has picked up NymphCast and its dependencies like Libnymphcast and NymphRPC into their repository: Alpine Linux. Incidentally FreeBSD also has an up to date package of NymphCast in its repository. I’m much obliged to these maintainers for providing this service.

Perhaps the lesson here is that if you want to get your neatly compiled and packaged application on all Linux distributions, you just need to make it popular enough that people want to use it, so that it ends up getting picked up by package repository contributors?

Wrapping Up

With so many details to cover, there’s also the easily forgotten topic that was so prevalent in the Windows installer section: integration with the desktop environment. On Windows, the Start menu is populated via simple shortcut files, while one sort-of standard on Linux (and FreeBSD as corollary) are Freedesktop’s XDC Desktop Entry files. Or .desktop files for short, which purportedly should give you a similar effect.

Only that’s not how anything works with the Linux ecosystem, as every single desktop environment has its own ideas on how these files should be interpreted, where they should be located, or whether to ignore them completely. My own experiences there are that relying on them for more advanced features, such as auto-starting a graphical application on boot (which cannot be done with Systemd, natch) without something throwing an XDG error or not finding a display is basically a fool’s errand. Perhaps that things are better here if you use KDE Plasma as DE, but this was an installer thing that I failed to solve after months of trial and error.

Long story short, OSes like Windows are pretty darn easy to install applications on, MacOS is okay as long as you have bought into the Apple ecosystem and don’t mind hanging out there, while FreeBSD is pretty simple until it touches the Linux chaos via X11 and graphical desktops. Meanwhile I’d strongly advise to only distribute software on Linux as a tarball, for your sanity’s sake.

hackaday.com/2025/12/11/creati…

Boomerissimo.it

2 mesi fa • •

Boomerissimo.it
2 mesi fa • •

Dietro Has Fidanken, l’eroe di Drive In che non poteva sbagliare

Come è nato Has Fidanken: l'assurdo genius dell'immobilità. Aneddoti, il generale paracadutista, gli autori di Drive In e il tormentone che fece ridere l'Italia.

boomerissimo.it/2025/12/11/die…

Dietro Has Fidanken, l’eroe di Drive In che non poteva sbagliare - Boomerissimo

^{Antonio Pintér (Boomerissimo)}

Droppie [opensoc]

2 mesi fa da Straya • •

Droppie [opensoc]
2 mesi fa da Straya • •

this is an experimental quote-share from my #Friendica #newsbots #Circle, whose default Permissions disallow anyone outside this Circle being able to see or access it. i have now done a one-off flip of the Permissions, just for this individual post, to Public, so...

Hello? (Hello, hello, hello)
Is there anybody in there?
Just nod if you can hear me
Is there anyone home?
Come on (Come on, come on), now
I hear you're feeling down
Well, I can ease your pain
And get you on your feet again
Relax (Relax, relax, relax)
I'll need some information first
Just the basic facts
Can you show me where it hurts?

♲ Unofficial SBS News Bot - 2025-12-11 20:24:04 GMT

Time magazine names 'Architects of AI' as Person of the Year. Here's who's pictured sbs.com.au/news/article/time-m… #World

#friendica #world #circle #newsbots

in reply to Droppie [opensoc]

Grow Fediverse

in reply to Droppie [opensoc] • 2 mesi fa • •

@Unofficial SBS News Bot I see it if that was your intent

@Unofficial SBS News Bot

in reply to Grow Fediverse

Droppie [opensoc]

in reply to Grow Fediverse • 2 mesi fa da Straya • •

@Grow Fediverse @Unofficial SBS News Bot thank you!

experiment = successful.

🎉 🥳💃

@Unofficial SBS News Bot @Grow Fediverse

⁂ Fediverso e Social Network ⁂

2 mesi fa • •

⁂ Fediverso e Social Network ⁂
2 mesi fa • •

🔥 Mastodon NON è il Fediverso

Mastodon concentra oltre il 70% degli utenti e rischia di sembrare l’unica cosa che conti.

Ma il Fediverso è infinitamente più grande, ricco e variegato, c'è chi:
🎬 crea video
📸 condivide immagini
🎙️ produce podcast
📚 pubblica libri
🚴 traccia percorsi in bici
e molto altro.

Ridurre tutto a Mastodon significa limitare la nostra visione ma per conoscere gli altri progetti si può seguire:

👉 La lista di account: fedidevs.com/s/Nzcz/

👉 Il gruppo: @fediverso

@Fediverso - social federati indipendenti

Questa voce è stata modificata (2 mesi fa)

Psicospace

2 mesi fa • •

Psicospace
2 mesi fa • •

«I am proud to be a European citizen. 🇪🇺
A united, democratic and free Europe is our future.
Let’s protect it together.»

#Europe #EuropeanUnion #EuropeanCitizen #UnitedEurope #EUvalues #Democracy #HumanRights #Freedom #Unity #EuropeTogether #FutureOfEurope

«I am proud to be a European citizen. It would be extraordinary to be remembered in history as the generation that finally made the United States of Europe possible.» Psicospace

Europe is seen as a threat by those who want a world shaped by authoritarian powers or by superpowers unwilling to accept democratic limits.

This is why some states, political leaders, major corporations and powerful global figures work, openly or indirectly, to divide Europe and weaken it.

Not for the good of Europeans, but for their own interests.

Europe is far from perfect, but it remains the most democratic place in the world.

Defending Europe means protecting our rights, our freedom and our future.

And our future depends on our ability to stay united and build a continent that is stronger, freer and more humane.

#europe #humanrights #democracy #europeanunion #freedom #unity #europeancitizen #unitedeurope #euvalues #europetogether #futureofeurope

Luca Sironi

2 mesi fa • •

Luca Sironi
2 mesi fa • •

Per cortesia, causa crash della istanza, se mi seguite da una istanza friendica su @luca

potreste fare unfollow / follow ?

mi vengono in mente

@informapirata@poliverso.org @informapirata
@simona @lapo

ma ce ne saranno sicuramente altri

@informapirata ⁂ @Informa Pirata @Lapo Luchini @simona @Luca Sironi

in reply to Luca Sironi

simona

in reply to Luca Sironi • 2 mesi fa • •

@Luca Sironi @Informa Pirata @informapirata ⁂ @Lapo Luchini @Luca Sironi cosa devo fare?

@informapirata ⁂ @Informa Pirata @Lapo Luchini @Luca Sironi @Luca Sironi

in reply to simona

informapirata ⁂

in reply to simona • 2 mesi fa • •

devi solo smettere di seguire @underscorner e poi seguirlo di nuovo

@informapirata@poliverso.org @lapo

@Informa Pirata @Lapo Luchini @Luca Sironi

informapirata ⁂

2 mesi fa • •

informapirata ⁂
2 mesi fa • •

Come le big tech influenzano i governi per bloccare le leggi che dovrebbero regolamentarle

Da quando diversi fondatori e amministratori delegati delle grandi aziende tecnologiche hanno sposato l’agenda politica dell’amministrazione Trump, il governo degli Stati Uniti si è esposto in prima linea per difendere gli interessi di queste aziende.

valigiablu.it/big-tech-lobby-u…

@politica

Come le big tech influenzano i governi per bloccare le leggi che dovrebbero regolamentarle - Valigia Blu

Le Big Tech stanno diventando un potere politico globale, capace di influenzare governi e bloccare leggi che limitano i loro profitti e modelli di business. Un’inchiesta internazionale ha documentato quasi 3.

^{Valigia Blu}

@Politica interna, europea e internazionale

reshared this

securityaffairs

2 mesi fa • •

securityaffairs
2 mesi fa • •

Google fixed a new actively exploited Chrome zero-day
securityaffairs.com/185566/hac…
#securityaffairs #hacking

Google fixed a new actively exploited Chrome zero-day

Google addressed three vulnerabilities in the Chrome browser, including a high-severity bug already exploited in the wild.

^{Pierluigi Paganini (Security Affairs)}

#hacking #securityaffairs

Redhotcyber

2 mesi fa • •

Redhotcyber
2 mesi fa • •

700.000 record di un Registro Professionale Italiano in vendita nel Dark Web

📌 Link all'articolo : redhotcyber.com/post/700-000-r…

Un nuovo allarme arriva dal sottobosco del cybercrime arriva poche ore fa. A segnalarlo l’azienda ParagonSec, società specializzata nel #monitoraggio delle #attività delle cyber gang e dei marketplace clandestini, che ha riportato la comparsa su un #forum #underground di un presunto #database contenente oltre 700.000 record #appartenenti ad un Registro Professionale Italiano.

A cura di Redazione RHC

#redhotcyber #news #cybersecurity #hacking #malware #database #registroprofessionale #nazionalitaliano #sicurezzainformatica #protezionedatidipersonali #databreach #furtodidati #informazionisensibili #violazione sicurezza

700.000 record di un Registro Professionale Italiano in vendita nel Dark Web

Un database con 700.000 record di un Registro Professionale Italiano è in vendita su un forum underground, con informazioni sensibili e dati personali.

^{Redazione RHC (Red Hot Cyber)}

#redhotcyber #hacking #cybersecurity #malware #News #forum #sicurezzainformatica #database #appartenenti #violazione #monitoraggio #databreach #underground #attivita #protezionedatidipersonali #registroprofessionale #nazionalitaliano #furtodidati #informazionisensibili

SaverioPhoto

2 mesi fa • •

SaverioPhoto
2 mesi fa • •

Osservare, immaginare, aspettare; l'atto di scattare è puramente marginale.

#photography #photo #fotografia #foto #Milano #christmas

#photography #fotografia #photo #milano #foto #christmas

SiestⒶcorta

2 mesi fa • •

SiestⒶcorta
2 mesi fa • •

#CluesBySam

Hébé ç'a été long.
Longtemps au début pour deviner de qui deux indices ne parlaient PAS mais disaient quelque chose ; et oubli de compter Will, me demande pas comment, il s'est mis derrière un autre je sais pas.

cluesbysam.com/

Clues by Sam

A daily logic puzzle where you deduce who is a criminal!

^{cluesbysam.com}

#CluesBySam

in reply to SiestⒶcorta

Hypolite Petovan

in reply to SiestⒶcorta • 2 mesi fa • •

@SiestⒶcorta Bien joué ! Pour moi il y avait beaucoup trop de 50/50 qui allaient dans tous les sens. 😵‍💫

Clues by Sam - Dec 11th 2025 (Tricky)
Less than 10 minutes
🟩🟩🟩🟩
🟩🟩🟩🟩
🟩🟩🟩🟩
🟩🟩🟩🟩
🟩🟩🟩🟩

@SiestⒶcorta

Boomerissimo.it

2 mesi fa • •

Boomerissimo.it
2 mesi fa • •

Winston Churchill, la scuola non era fatta per lui

🛑I fallimenti di un giovane troppo brillante👇

boomerissimo.it/2024/05/27/win…

Winston Churchill somaro: troppo geniale per una scuola normale - Boomerissimo

Winston Churchill è stato un gigante del suo tempo ma uno scolaro fallimentare. Aveva un problema che nemmeno la scuola moderna è riuscita a superare.

^{Antonio Pintér (Boomerissimo)}

Redhotcyber

2 mesi fa • •

Redhotcyber
2 mesi fa • •

NetSupport RAT: il malware invisibile che gli antivirus non possono fermare

📌 Link all'articolo : redhotcyber.com/post/netsuppor…

#redhotcyber #news #cybersecurity #hacking #malware #ransomware #netSupportRAT #javascript

NetSupport RAT: il malware invisibile che gli antivirus non possono fermare

Gli specialisti di Securonix hanno scoperto una campagna malware multilivello per installare NetSupport RAT. L'attacco si sviluppa attraverso fasi nascoste per garantire massima discrezione.

^{Redazione RHC (Red Hot Cyber)}

#redhotcyber #hacking #cybersecurity #malware #javascript #ransomware #News #netsupportrat

The 19th

2 mesi fa • •

The 19th
2 mesi fa • •

This single mom is squeezed by LA’s cost of living. Now she’s running for mayor.
https://19thnews.org/2025/12/rae-huang-la-mayor-campaign/?utm_source=flipboard&utm_medium=activitypub

Posted into The 19th @the-19th-19thnews

Rae Huang struggled with LA's affordability. Now she's running for mayor.

Progressive housing advocate and single mom Rae Huang is challenging Karen Bass for Los Angeles mayor, promising free transit and social housing.

^{Jireh Deng, LA Public Press (19th News)}

@The 19th

Rapita dagli alieni

2 mesi fa • •

Rapita dagli alieni
2 mesi fa • •

Sensitive content

#Mastocartolaio

Unknown parent

Rapita dagli alieni

Unknown parent • 2 mesi fa • •

Sensitive content

@giga 🔻

Redhotcyber

2 mesi fa • •

Redhotcyber
2 mesi fa • •

Terremoto? No, AI-Fake! Un’immagine generata dall’IA paralizza i treni britannici

📌 Link all'articolo : redhotcyber.com/post/terremoto…

#redhotcyber #news #intelligenzaartificiale #rete neurale #cybersecurity #sicurezzainformatica #treni #trasporti

Terremoto? No, AI-Fake! Un’immagine generata dall’IA paralizza i treni britannici

Treni sospesi in Inghilterra per un'immagine falsa di un ponte danneggiato generata da una rete neurale.

^{Redazione RHC (Red Hot Cyber)}

#redhotcyber #cybersecurity #intelligenzaartificiale #News #rete #sicurezzainformatica #treni #trasporti

Design Thinking! Comic

2 mesi fa • •

Design Thinking! Comic
2 mesi fa • •

While we're all having a pop at Disney and AI, here's one I did about them from the beginning of the year...

4 panel comic strip showing Mickey Mouse telling two marketing execs that hate will spread their product further than love, and so uses AI to create horrible movie posters to get more attention on social media.

Questa voce è stata modificata (2 mesi fa)

in reply to Design Thinking! Comic

Hypolite Petovan

in reply to Design Thinking! Comic • 2 mesi fa • •

@Design Thinking! Comic Prescient!

@Design Thinking! Comic

myrmepropagandist

2 mesi fa • •

myrmepropagandist
2 mesi fa • •

Is this geometry problem fun or is it evil?
“prove LMNO is a parallelogram” #matheducation

A geometric diagram that looks like a spiderweb at the center is a and around it three triangles joined by their mid segments a quadrilateral LMNO is highlighted in blue

#matheducation

in reply to myrmepropagandist

Hypolite Petovan

in reply to myrmepropagandist • 2 mesi fa • •

@myrmepropagandist Evil, too many steps.

@myrmepropagandist

⚛️Revertron

2 mesi fa • •

⚛️Revertron
2 mesi fa • •

Ух ты! Опять начали предлагать обновиться на 11-ку.

#Windows #Win10

#windows #win10

Tendar

2 mesi fa • •

Tendar
2 mesi fa • •

For the first time Ukrainian drones struck an oil rig belonging to Russia. The Filanovsky oil platform in the Caspian Sea was struck by at least 4 UAVs. This is one of Lukoil's key oil rigs in this region.

Auschwitz Memorial

2 mesi fa • •

Auschwitz Memorial
2 mesi fa • •

11 December 1904 | A German Jew, Felix Nussbaum, was born in Osnabrück. A painter.

From 1933 in exile. During the war he was interned in Saint-Cyprien camp. He escaped & went into hiding in Belgium. Arrested in 1944 & deported with his wife to Auschwitz where they perished.

Black and white portrait of a man, wearing a heavy knit sweater and staring thoughtfully to the side.

Painting titled 'Self-Portrait with Jewish Identity Card' by Felix Nussbaum, depicting an individual wearing a hat and coat with a yellow Star of David, holding an identity card and appearing anxious, set against a gloomy urban background with a barren tree.

Surreal painting featuring a diverse group of individuals in various attire, positioned around iconic artworks and artifacts, displayed both inside cases and in the open. Notable landmarks like the Brandenburg Gate and a classical statue are visible in the background, suggesting a historical and cultural theme. A whimsical flying figure and an automobile also appear, adding to the scene's eclectic nature.

Two stones, commemorating Felix Nussbaum and Felka Platek, embedded in a cobblestone walkway. The golden plaques provide names, birthplaces, deportation and assassination dates.

kravietz 🦇

2 mesi fa • •

kravietz 🦇
2 mesi fa • •

The UN General Assembly adopted a resolution initiated by #Ukraine and a group of states to strengthen international cooperation and mitigate the consequences of the #Chornobyl disaster.

You would think it’s a no brainer.

Guess who voted against it 😂

Results of the vote in UN where US, Russia, Belarus, China, North Korea, Nicaragua, and Niger voted against

#ukraine #Chornobyl

Lorenzo Franceschi-Bicchierai

2 mesi fa • •

Lorenzo Franceschi-Bicchierai
2 mesi fa • •

NEW: Right-wing messaging app Freedom Chat had security flaws that allowed a researcher to guess all numbers registered on the platform, and one that exposed user PINs to other users.

The researcher enumerated around 2,000 phone numbers.

techcrunch.com/2025/12/11/secu…

Security flaws in Freedom Chat app exposed users' phone numbers and PINs | TechCrunch

The founder of Freedom Chat said the company has reset user PINs and released a new version to app stores.

^{Zack Whittaker (TechCrunch)}

Adriana ☕️🦆🦋

2 mesi fa • •

Adriana ☕️🦆🦋
2 mesi fa • •

Ma come si fa a definire "accordi di pace" quello di Trump, che sono basati sul ricatto economico e sulla prepotenza? Come può la pace avere queste basi?

Unknown parent

Adriana ☕️🦆🦋

Unknown parent • 2 mesi fa • •

veramente non vedi la gravità e le future conseguenze delle sue azioni basate sul ricatto economico e su giochi di potere? Il punto non è solo ora nell'immediato, sono le conseguenze a lungo termine.

Questa voce è stata modificata (2 mesi fa)

Unknown parent

Adriana ☕️🦆🦋

Unknown parent • 2 mesi fa • •

@Lucatermite Gli americani sanno solo esportare la guerra, guarda tutti i casini in medio oriente. Descriverli come grandi pacificatori mi pare come minimo un falso storico. Per il resto mi fermo qui che trovo le tue argomentazioni assai discutibili.

@Ciubekka

Ricky Mondello

2 mesi fa • •

Ricky Mondello
2 mesi fa • •

okay, i’ll bite. what’s calibri?

in reply to Ricky Mondello

Eugen Rochko

in reply to Ricky Mondello • 2 mesi fa • •

E-book management software

in reply to Eugen Rochko

Cat 🐈🥗 (D.Burch) ⁠

in reply to Eugen Rochko • 2 mesi fa • •

@Gargron Also the now banned font for the US Govt 🤷‍♀️

@Eugen Rochko

Redhotcyber

2 mesi fa • •

Redhotcyber
2 mesi fa • •

Il Digital Wellness Coaching: i 3 passi per un mindsetfix e l’uso intenzionale della tecnologia

📌 Link all'articolo : redhotcyber.com/post/il-digita…

#redhotcyber #news #stressdigitale #crisidigitali #benesseredigitale #identitàdigitale #consapevolezzadigitale

Il Digital Wellness Coaching: i 3 passi per un mindsetfix e l'uso intenzionale della tecnologia

Viviamo nella dissociazione: lodiamo l’equilibrio tra lavoro e vita privata, eppure ci ritroviamo costantemente online, come marionette in balia di fili invisibili Il vero problema non è la tecnologia, ma come noi, esseri umani, rispondiamo ad essa Q…

^{Daniela Farina (Red Hot Cyber)}

#redhotcyber #News #identitadigitale #consapevolezzadigitale #stressdigitale #crisidigitali #benesseredigitale

Emanuele

2 mesi fa • •

Emanuele
2 mesi fa • •

Su Twitter/X la spunta blu è diventata un prodotto a pagamento.
Su Mastodon, invece, la verifica con la spunta verde nella bio è gratuita, trasparente e basata su standard aperti.

Ho scritto un post dove spiego tre modi reali per ottenere quella spunta verde che vedi in molti profili (e no, non è una semplice emoji):

#privacy #fediverso #mastodon #IdentitàOnline

@fediverso

emanuelegori.uno/twitter-x-com…

Twitter/X: come verificare la tua identità senza pagare con Mastodon

Da quando Elon Musk ha trasformato la storica spunta blu di Twitter in un servizio a pagamento da 3 a 38 euro al mese, molti si sono chiesti: esiste davvero un’alternativa gratuita e credibile per verificare la propria identità online? La risposta è …

^{Homelab Notes}

#mastodon #fediverso #privacy #identitaonline @Fediverso - social federati indipendenti

in reply to Emanuele

Ciriaco Niside

in reply to Emanuele • 2 mesi fa • •

quindi tecnicamente se non si ha un sito web (quindi penso anche un dominio pagato e hostato) non si può ottenere la spunta verde?

in reply to Ciriaco Niside

Emanuele

in reply to Ciriaco Niside • 2 mesi fa • •

No, non serve per forza avere un sito web o un dominio.
La verifica tramite dominio è solo uno dei tre metodi.

Se non hai un sito puoi comunque ottenere la spunta verde usando:

Gravatar — soluzione semplice per tutti

Keyoxide — più tecnica, basata su OpenPGP

Entrambe permettono la verifica senza possedere un dominio

Hypolite Petovan

2 mesi fa • •

Hypolite Petovan
2 mesi fa • •

#MiniReview #VideoGames I gave a fair shot to Pathfinder: Kingmaker (2018) even after realizing it was yet another D20 role-playing game system computer adaptation. While the game is very well produced, it trips the player at every possible turn to ruin the enjoyment.

For more details, I hijacked a thread from @silverwizard to describe the death by a thousand cuts I suffered at the hand of this game before eventually throwing in the towel 25 hours in: friendica.mrpetovan.com/displa…

Hypolite Petovan

2025-12-07 23:25:54

@silverwizard I’m playing yet another D&D-based Computer RPG, and I’m so tired of this game. It works around a table because the game isn’t the only thing you experience, but in a Single Player video game, it’s mega-cringe.

#videogames #MiniReview @silverwizard

Ambiente

2 mesi fa • •

Ambiente
2 mesi fa • •

La Grande Truffa del #greenwashing: Come Ci Manipolano Ogni Giorno

youtube.com/watch?v=9i41aDLsYJ…

Le aziende parlano di sostenibilità più di qualunque altra cosa: foglie verdi, packaging “eco”, slogan dolcissimi e campagne pensate per farci sentire dalla parte giusta. Ma cosa c’è davvero dietro questa immagine?

C'è la Grande Truffa Verde: un’indagine su come i brand usano la #sostenibilità come strumento di marketing, spesso senza cambiare nulla nella realtà.

Pubblicato nel gruppo @ambiente@diggita.com

La Grande Truffa dei Brand: Come Ci Manipolano Ogni Giorno

Le aziende parlano di sostenibilità più di qualunque altra cosa: foglie verdi, packaging “eco”, slogan dolcissimi e campagne pensate per farci sentire dalla ...

^YouTube

#greenwashing #sostenibilita @Ambiente - Mobilità sostenibile e giustizia climatica

Questo sito web utilizza cookie tecnici e di sessione. Proseguendo la navigazione su questo sito, accetti l'utilizzo dei cookie.

⇧