Премьер Таиланда заявил, что "не помнит" (!) о мирном соглашении с Камбоджей, которое заключалось при посредничестве Трампа

Несколько дней назад возобновились военные действия между Таиландом и Камбоджей. Ранее Трамп сообщал, что война между странами больше невозможна, так как он заключил с ними сделку в сентябре.

Евросоюз настаивает на ускорении создания Специального трибунала для рассмотрения российских преступлений

Как заявил еврокомиссар по вопросам юстиции Майкл Макграт:

🔹должна быть полная ответственность за преступления России в Украине.

🔹следующая неделя станет очень важной вехой: Евросоюз планирует присоединиться к созданию "трибунала для Путина".

MagQuest: Measuring Earth’s Magnetic Field with Space-Based Quantum Sensors

Recently the MagQuest competition on improving the measuring of the Earth’s magnetic field announced that the contestants in the final phase have now moved on to launching their satellites within the near future. The goal here is to create a much improved World Magnetic Model (WMM), which is used by the World Geodetic System (WGS). The WGS is an integral part of cartography, geodesy and satellite-based navigation, which includes every sat nav, smartphone and similar with built-in GNSS capabilities.

Although in this age of sat navs and similar it can seem quaint to see anyone bother with using the Earth’s magnetic field with a compass, there is a very good reason why e.g. your Android smartphone has an API for estimating the Earth’s magnetic field at the current location. After your sat nav or smartphone uses its magnetometer, the measurements are then corrected so that ‘north’ really is ‘north’. Since this uses the WMM, it’s pertinent that this model is kept as up to date as possible, with serious shifts in 2019 necessitating an early update outside of the usual five-year cycle.

Goal of the MagQuest competition is thus to find a method that enables much faster, even real-time updates. The three candidate satellites feature three different types of magnetometers: a scalar-vector magnetometer (COSMO), a nitrogen-vacancy (NV) quantum sensor, and the Io-1 satellite containing both a vector fluxgate and atomic scalar magnetometer.

The NV quantum magnetometer is quite possibly the most interesting one, featuring a new, quantum-level approach for magnetic sensing. This effectively uses a flaw in a diamond’s carbon matrix to create a quantum spin state that interacts with magnetic fields and can subsequently be read out. The advantage of this method is its extreme sensitivity, which makes it an interesting sensor for many other applications where measuring the Earth’s magnetic field is essential.

hackaday.com/2025/12/09/magque…

Making Glasses That Detect Smartglasses

[NullPxl]’s Ban-Rays concept is a wearable that detects when one is in the presence of camera-bearing smartglasses, such as Meta’s line of Ray-Bans. A project in progress, it’s currently focused on how to reliably perform detection without resorting to using a camera itself. Right now, it plays a well-known audio cue whenever it gets a hit.
Once software is nailed down, the device aims to be small enough to fit into glasses.
Currently, [NullPxl] is exploring two main methods of detection. The first takes advantage of the fact that image sensors in cameras act as tiny reflectors for IR. That means camera-toting smartglasses have an identifying feature, which can be sensed and measured. You can see a sample such reflection in the header image, up above.

As mentioned, Ban-Rays eschews the idea of using a camera to perform this. [NullPxl] understandably feels that putting a camera on glasses in order to detect glasses with cameras doesn’t hold much water, conceptually.

The alternate approach is to project IR in a variety of wavelengths while sensing reflections with a photodiode. Initial tests show that scanning a pair of Meta smartglasses in this way does indeed look different from regular eyeglasses, but probably not enough to be conclusive on its own at the moment. That brings us to the second method being used: wireless activity.

Characterizing a device by its wireless activity turned out to be trickier than expected. At first, [NullPxl] aimed to simply watch for BLE (Bluetooth Low-Energy) advertisements coming from smartglasses, but these only seem to happen during pairing and power-up, and sometimes when the glasses are removed from the storage case. Clearly a bit more is going to be needed, but since these devices rely heavily on wireless communications there might yet be some way to actively query or otherwise characterize their activity.

This kind of project is something that is getting some interest. Here’s another smartglasses detector that seems to depend entirely on sniffing OUIs (Organizationally Unique Identifiers); an approach [NullPxl] suspects isn’t scalable due to address randomization in BLE. Clearly, a reliable approach is still in the works.

The increasing numbers of smartglasses raises questions about the impact of normalizing tech companies turning people into always-on recording devices. Of course, the average person is already being subtly recorded by a staggering number of hidden cameras. But at least it’s fairly obvious when an individual is recording you with a personal device like their phone. That may not be the case for much longer.

hackaday.com/2025/12/09/making…

G4 iMac Becomes a Monitor with a MagSafe Secret

The G4 iMac is one of the more popular computers in the restomodding scene given its charm and unparalleled ergonomics. Most modern machines that people squeeze in don’t have a disc drive anymore though, so [EasternBloc Engineering] has fitted a retractable MagSafe charger into the drive bay of the machine.

In this example, the iMac has become simply a monitor, instead of an entire all-in-one computer, and the original 15″ display has been replaced with a lightweight 22″ monitor on a 3D printed VESA mount. The narrow confines of the iMac neck meant [EasternBloc Engineering] had to sever the connectors from the HDMI and power cable before reconnecting them once they were fed through.

The really novel part of this restomod is the engineering of the retractable MagSafe charger mount that pops out of the drive bay. [EasternBloc Engineering] started by looking at repurposing an original disc drive, but quickly turned to a bespoke 3D printed solution. Using a LEGO motor and gears for the drive, the system can stick its tongue out at you in a more modern way. A straight in-and-out mechanism like on an original disc drive would’ve been easier to implement, but we appreciate the extra time for angling the phone that respects the ergonomics of the machine. We hope the files will become available soon for this part of the mod since electromechanical components are more interesting than the VESA mount.

We’ve taken a look at how to implement MagSafe (or Qi2) into your own projects and also a few different G4 iMac restomods whether you prefer Apple Silicon or a PC-based approach.

youtube.com/embed/CVLD5OtLygU?…

hackaday.com/2025/12/09/g4-ima…

E alla fine… Dietrofront! Trump riapre le vendite dei chip Nvidia H200 alla Cina

Sembra che alla Casa Bianca non abbiano molto le idee chiare… almeno a giudicare dall’ennesimo cambio di rotta sulla vendita dei chip avanzati di Nvidia alla Cina, con l’amministrazione Trump che dopo mesi di restrizioni ha deciso di autorizzare nuovamente l’export dell’H200 verso clienti selezionati.

Il presidente degli Stati Uniti Donald Trump ha autorizzato Nvidia a riprendere la vendita del chip avanzato H200 a una selezione di clienti in Cina, dopo mesi di restrizioni imposte nell’ambito delle tensioni tecnologiche tra Washington e Pechino. L’annuncio è arrivato l‘8 dicembre attraverso un messaggio pubblicato dal presidente sui social media, in cui ha ribadito la volontà di garantire la sicurezza nazionale, sostenere l’occupazione negli Stati Uniti e mantenere l’industria americana dell’intelligenza artificiale in una posizione di leadership globale.

La nuova disposizione non riguarda soltanto Nvidia, ma si estenderà anche ad altri produttori statunitensi di semiconduttori, tra cui AMD. La decisione arriva a pochi giorni dalla visita a Washington di Jensen Huang, amministratore delegato di Nvidia, impegnato in colloqui intensivi con l’amministrazione statunitense.

Negli ultimi mesi, Nvidia è stata al centro del confronto strategico tra Stati Uniti e Cina: le precedenti restrizioni imposte da Washington avevano bloccato l’esportazione verso Pechino dei modelli di chip più avanzati dell’azienda. A luglio, la Casa Bianca aveva già allentato parte dei vincoli, pur imponendo a Nvidia un contributo obbligatorio del 15% sui ricavi generati in Cina. In risposta, secondo fonti locali, le autorità cinesi avrebbero invitato le aziende tecnologiche nazionali a sospendere gli acquisti di chip Nvidia progettati appositamente per quel mercato.

In una dichiarazione diffusa a BBC News, Nvidia ha espresso apprezzamento per la nuova posizione dell’amministrazione statunitense, sottolineando che la possibilità di operare nel mercato cinese può contribuire alla crescita del settore manifatturiero americano e tutelare migliaia di posti di lavoro qualificati.

Il chip H200 rappresenta un prodotto di fascia alta, seppur inferiore di una generazione rispetto all’attuale piattaforma Blackwell, considerata uno degli standard più avanzati nel campo dei semiconduttori dedicati all’intelligenza artificiale. L’annuncio della Casa Bianca ha avuto un immediato impatto positivo sui mercati, con un lieve incremento del valore delle azioni Nvidia.

Trump ha precisato che, nell’ambito del nuovo accordo, il 25% dei ricavi derivanti dalle vendite approvate confluirà nelle casse degli Stati Uniti. La BBC ha chiesto ulteriori chiarimenti sul meccanismo di questo contributo, un tema che potrebbe alimentare il dibattito tra i membri del Congresso più rigidi nei confronti della Cina.

Secondo Alex Capri, docente della National University of Singapore, la riapertura alla vendita degli acceleratori H200 potrebbe consentire ai due Paesi di guadagnare tempo per affrontare questioni più delicate, come la gestione delle terre rare – materiali cruciali per la produzione di componenti elettronici, di cui Pechino detiene una posizione quasi monopolistica. Capri ha aggiunto che, pur potendo trarre vantaggio dall’accesso agli H200, la Cina continuerà a lavorare per ridurre la propria dipendenza dai chip statunitensi. In passato, le autorità cinesi avevano già invitato le imprese locali a rinunciare ai modelli H20 prodotti da Nvidia e a privilegiare semiconduttori sviluppati internamente.

Sul fronte della sicurezza, un’analisi dei ricercatori del Center for Security and Emerging Technologies (CSET) della Georgetown University segnala che l’Esercito popolare di liberazione ha già fatto ricorso a chip avanzati progettati da aziende statunitensi per rafforzare capacità militari basate sull’intelligenza artificiale. Cole McFaul, analista senior del CSET, ha affermato che l’accesso a semiconduttori più performanti potrebbe facilitare ulteriormente lo sviluppo di sistemi militari cinesi basati su IA e contribuire a rafforzare il vantaggio strategico di Pechino in scenari operativi futuri.

L'articolo E alla fine… Dietrofront! Trump riapre le vendite dei chip Nvidia H200 alla Cina proviene da Red Hot Cyber.

Taiwan rafforza la difesa dei cavi sottomarini: pene più dure dopo anni di sabotaggi

Negli ultimi anni le infrastrutture sottomarine che circondano Taiwan – cavi elettrici, condotte del gas e sistemi idrici – sono state danneggiate in più occasioni, con particolare attenzione ai cavi di comunicazione. Il 9 dicembre lo Yuan Legislativo ha approvato in terza lettura una serie di emendamenti alla Legge sull’elettricità, alla Legge sulle attività del gas naturale e alla Legge sull’approvvigionamento idrico, all’interno del pacchetto normativo noto come “Sette leggi sui cavi sottomarini”.

Le nuove norme stabiliscono pene più severe per chi manomette intenzionalmente tali infrastrutture: la reclusione può arrivare fino a sette anni, con una multa massima di 10 milioni di dollari taiwanesi. È prevista inoltre la confisca delle imbarcazioni o delle attrezzature utilizzate per commettere il reato, indipendentemente dal loro proprietario.

Il tema è particolarmente sensibile perché, secondo le autorità taiwanesi, diverse navi provenienti dalla Cina avrebbero danneggiato i cavi sottomarini in più episodi recenti. Preoccupazioni analoghe sono state espresse anche dalla Commissione USA-Cina per la Revisione Economica e della Sicurezza, che ha definito la rete sottomarina taiwanese altamente vulnerabile. Un’interruzione coordinata di tutti i cavi, secondo la Commissione, causerebbe perdite economiche stimate in 1,73 miliardi di dollari taiwanesi al giorno.

Gli emendamenti approvati il 9 dicembre aggiornano l’articolo 71-1 della Legge sull’elettricità, l’articolo 55-1 della Legge sulle attività del gas naturale e l’articolo 97-1 della Legge sull’approvvigionamento idrico. Le nuove disposizioni introducono pene da uno a sette anni per chi danneggia o mette in pericolo strutture legate allo stoccaggio, alla distribuzione del gas naturale o alle condotte e ai cavi utilizzati per il servizio idrico. Nei casi di danno colposo, è prevista la reclusione fino a sei mesi o una multa fino a 2 milioni di dollari taiwanesi.

Una novità rilevante riguarda la gestione delle prove e la prevenzione della recidiva: qualsiasi strumento impiegato per il reato – inclusi mezzi nautici e macchinari – dovrà essere sequestrato e smaltito.

Durante la stessa sessione plenaria è stata inserita anche una risoluzione per rendere pubbliche, tramite il Ministero dell’Interno, le mappe delle condotte e dei cavi sottomarini, così da evitare che eventuali indagati possano dichiarare di non essere a conoscenza della loro posizione. La diffusione delle informazioni, secondo il legislatore, dovrebbe agevolare sia la cittadinanza sia il lavoro delle forze dell’ordine e dei pubblici ministeri.

Intanto, il Comitato Trasporti dello Yuan Legislativo ha già completato la revisione preliminare delle restanti quattro leggi del pacchetto: la Legge sulla Gestione delle Telecomunicazioni, la Legge Meteorologica, la Legge sui Porti Commerciali e la Legge sulle Navi. Le versioni provvisorie introducono, tra le altre misure, la confisca immediata per chi mette a rischio apparecchiature sottomarine, multe fino a 2 milioni di dollari taiwanesi per danni a strutture meteorologiche e sanzioni fino a 10 milioni di dollari per violazioni delle norme di identificazione delle imbarcazioni.

Il legislatore Wang Ting-yu ha spiegato che l’intero pacchetto normativo consentirà di proteggere non solo i cavi per le telecomunicazioni ma anche condotte idriche, oleodotti, gasdotti e infrastrutture chimiche, garantendo così una tutela complessiva. Ha sottolineato che le nuove norme forniranno una base legale più solida alle autorità taiwanesi per intervenire, sia in mare sia sulla terraferma.

Wang ha però riconosciuto alcune criticità operative: individuare eventuali imbarcazioni coinvolte, soprattutto se registrate con bandiere di comodo, resta complesso. Secondo il legislatore, molte di queste navi risultano registrate in Paesi terzi, mentre gli effettivi controllori sarebbero cittadini cinesi o residenti di Hong Kong e Macao.

Per rafforzare l’attività investigativa, ha affermato, sarà necessario potenziare la ricognizione aerea della Guardia Costiera, accelerare l’individuazione dei punti danneggiati e aumentare la capacità di inseguimento. Solo con un’identificazione tempestiva sarà possibile applicare efficacemente le nuove sanzioni.

Wang Ting-yu ha inoltre evidenziato l’importanza della cooperazione internazionale. Molte navi sospettate di sabotaggio, ha spiegato, tendono a dirigersi rapidamente verso porti esteri dopo l’operazione. Una collaborazione con altri Stati sarebbe quindi indispensabile per assicurare alla giustizia chi danneggia intenzionalmente le infrastrutture sottomarine di Taiwan e per chiarire se dietro tali operazioni vi siano attori statali.

L'articolo Taiwan rafforza la difesa dei cavi sottomarini: pene più dure dopo anni di sabotaggi proviene da Red Hot Cyber.

A Deep Drive Deep Dive Into a Twin-Rotor Motor

Compromise is key to keeping a team humming along. Say one person wants an inrunner electric motor, and the other prefers outrunner. What to do? Well, if you work at [Deep Drive], the compromise position is a dual-rotor setup that they claim can be up to 20% more efficient than standard designs. In a recent video, [Ziroth] provides a deep dive into Deep Drive’s Twin-Rotor Motor.

This is specifically a radial flux permanent magnet motor, like most used in electric vehicles today — and don’t let talk of inrunners and outrunners fool you, that’s the size of motor we’re talking about here. This has been done before with axial flux motors, but it’s a new concept for team radial. As the names imply, the difference is the direction the magnetic field is orientated: axial flux motors have all the magnetism oriented along the axis, which leads to the short wide profile that inspired the nickname “pancake motors”. For various reasons, you’re more likely to see those on a PCB than in an electric car.

In a radial flux motor, the flux goes out the radius, so the coils and magnets are aligned around the shaft of the motor. Usually, the coils are held by an iron armature that directs their magnetic flux inwards (or outwards) at the permanent magnets in the rotor, but not here. By deleting the metal armature from their design and putting magnets on both sides of the stator coil, Deep Drive claims to have built a motor that is lighter and provides more torque, while also being more energy-efficient.

Of course you can’t use magnet wire if your coil is self-supporting, so instead they’re using hefty chunks of copper that could moonlight as busbars. In spite of needing magnets on both inner and outer rotors, the company says they require no more rare-earths than their competitors. We’re not sure if that is true for the copper content, though. To make the torque, those windings are beefy.

Still, its inspiring to see engineers continue to innovate in a space that many would have written off as fully-optimized. We look forward to seeing these motors in upcoming electric cars, but more than that, hope they sell a smaller unit for an air compressor so after going on a Deep Drive deep dive we can inflate our rubber raft with their twin rotor motor boater bloater. If it works as well as advertised, we might have to become twin-rotor motor boater bloater gloaters!

youtube.com/embed/Ir_JKMdWaUg?…

Thanks to [Keith Olson] for the tip.

hackaday.com/2025/12/09/a-deep…

Keebin’ with Kristina: the One with the C64 Keyboard

[Jean] wrote into the tips line (the system works!) to let all of us know about his hacked and hand-wired C64 keyboard, a thing of beauty in its chocolate-brown and 9u space bar-havin’ glory.

Image by [Jean] via GitHubThis Arduino Pro Micro-based brain transplant began as a sketch, and [Jean] reports it now has proper code in QMK. But how is a person supposed to use it in 2025, almost 2026, especially as a programmer or just plain serious computer user?

The big news here is that [Jean] added support for missing characters using the left and right Shift keys, and even added mouse controls and Function keys that are accessed on a layer via the Shift Lock key. You can see the key maps over on GitHub.

I’ll admit, [Jean]’s project has got me eyeing that C64 I picked up for $12 at a thrift store which I doubt still works as intended. But don’t worry, I will test it first.

Fortunately, it looks like [Jean] has thought of everything when it comes to reproducing this hack, including the requisite C64-to-Arduino pinout. So, what are you waiting for?

ArcBoard MK20 Proves That Nothing Is Ever Finished

I find it so satisfying that [crazymittens-r] is never quite satisfied with his ArcBoard, which is now in its 20th revision.

Image by [crazymittens-r] via redditWhen asked ‘WTF am I looking at?’, [crazymittens-r] responded thusly: ‘my interpretation of how you might use a keyboard and trackball without moving your hands.’ Well, there you have it.

This is one of those times where the longer you look, the crazier it gets. Notice the thumb trackball, d-pad thingy, and the green glowy bit, all of which move. Then there are those wheels up by the YHN column.

A bit of background: [crazymittens-r] needed something to help him keep on working, and you know I can relate to that 100%. There’s even a pair of pedals that go with it, and you’ll see those in the gallery.

You may remember previous ArcBoards, and if not, know this: it’s actually gotten a lot smaller since mk. 19 which I featured here in May 2024. It still looks pretty bonkers in the best possible way, though, and I’m here for it.

Via reddit

The Centerfold: KaSe

Image by [harrael] via redditSo I have become fond of finding fuller-figured centerfolds for you such as KaSe by [harrael]. As the top commenter put it, KaSe gives off nice Esrille NISSE vibes. Boy howdy. And I think that’s probably just enough thumb keys for me.

[harrael] had noble goals for this project, namely learning more about ESP32-S3s, USB/BLE HID, and firmware design, but the most admirable of all is sharing it with the rest of us. (So, if you can’t afford a NISSE…)

Do you rock a sweet set of peripherals on a screamin’ desk pad? Send me a picture along with your handle and all the gory details, and you could be featured here!

Historical Clackers: Typewriter Tom’s Typewriter Throng

I’m going to take a brief detour from the normal parade of old typewriters to feature Typewriter Tom, who has so many machines lying around that Hollywood regularly comes knocking to borrow his clacking stock.
Image via The Atlanta-Journal Constitution
And how many is that? Around 1,000 — or six storage units full. Tom received a call once. The caller needed six working IBM Selectrics ASAP. Of course, Tom could deliver, though he admits he’s probably the one person in all of Georgia who could.

Another thing Tom delivers is creativity in the form of machines he sells to artists and students. He also co-founded the Atlanta Typewriter Club, who have been known to hold typewriter petting zoo events where people can come and — you guessed it — put their hands on a typewriter or two.

Go for the story and stay for the lovely pictures, or do things the other way around if you prefer. But Typewriter Tom deserves a visit from you, even if he already got one from Tom Hanks once.

Finally, PropType AR Can Turn Anything Into a Keyboard

Yes, literally anything with enough real estate can now become a keyboard, or at least it would seem from TechExplore and the short video embedded below. Watch as various drinking vessels and other things become (split!) keyboards, provided you have your AR goggles handy to make the magic happen.

Image by [PropType] via YouTubeWhile this setup would be immensely helpful to have around given the right circumstances, the chances that you’re going to have your AR goggles on you while running or running around the mall seem somewhat slim.

But the point here is that for augmented reality users, typing is notoriously difficult and causes something known as ‘gorilla arm’ from extended use. So in all seriousness, this is pretty cool from a problem-solving standpoint.

So how does it work? Basically you set the keyboard up first using the PropType editing tool to customize layouts and apply various effects, like the one you’ll see in the video. Be sure to stick around for the demo of the editing tool, which is cool in and of itself. I particularly like the layout on the soda can, although it might be difficult to actually use without spilling.

youtube.com/embed/7ZcFbvHClcU?…

Got a hot tip that has like, anything to do with keyboards? Help me out by sending in a link or two. Don’t want all the Hackaday scribes to see it? Feel free to email me directly.

hackaday.com/2025/12/09/keebin…

Super Simple Deadbuggable Bluetooth Chip

We’re all used to Bluetooth chips coming in QFN and BGA formats, at a minimum of 30-40 pins, sometimes even a hundred. What about ten pins, with 1.27 mm pitch? [deqing] from Hackaday.io shows us a chip from WCH, CH571K, in what’s essentially a SO-10 package (ESSOP10). This chip has a RISC-V core, requires only three components to run, and can work Bluetooth through a simple wire antenna.

This chip is a RISC-V MCU with a Bluetooth peripheral built in, and comes from the CH57x family of WCH chips that resemble the nRF series we’re all used to. You get a fair few peripherals: UART, SPI, and ADC, and of course, Bluetooth 4 with Low Energy support to communicate with a smart device of your choice. For extra hacker cred, [deqing] deadbugs it, gluing all components and a 2.54 mm header for FTDI comms onto the chip, and shows us a demo using webBluetooth to toggle an LED through a button in the browser.

You need not be afraid of SDKs with this one. There’s Arduino IDE support (currently done through a fork of arduino_core_ch32) and a fair few external tools, including at least two programming tools, one official and one third-party. The chip is under a dollar on LCSC, even less if you buy multiple, so it’s worth throwing a few into your shopping cart. What could you do with it once received? Well, you could retrofit your smoke alarms with Bluetooth, create your own tire pressure monitors, or just build a smartphone-connected business card!

hackaday.com/2025/12/09/super-…

Gli attacchi ransomware diminuiscono nel 2024, ma l’economia criminale rimane in espansione

Secondo un rapporto pubblicato di recente dal Financial Crimes Enforcement Network (FinCEN), l’attività globale del ransomware ha raggiunto il picco nel 2023, per poi crollare nel 2024. Questo calo è attribuito ai successivi attacchi ai gruppi ransomware su larga scala, tra cui ALPHV (BlackCat) e LockBit, attraverso indagini collaborative a livello internazionale.

Il FinCEN ha analizzato migliaia di segnalazioni ai sensi del Bank Secrecy Act (BSA) presentate da istituti finanziari tra gennaio 2022 e dicembre 2024, identificando 4.194 casi di ransomware e oltre 2,1 miliardi di dollari in riscatti. Questa cifra è quasi pari al totale segnalato negli otto anni dal 2013 al 2021.

4,5 miliardi di dollari: l’economia del ransomware tra il 2013 e il 2014

Considerando l’intero periodo (2013-2024), si arriva a circa 4,5 miliardi di dollari, il che dimostra che l’enorme economia criminale del settore ransomware è ancora in piena espansione. Secondo il rapporto, il 2023 è stato “l’anno più redditizio mai registrato” per i gruppi ransomware, con 1.512 attacchi e 1,1 miliardi di dollari in pagamenti di riscatto segnalati, con un aumento del 77% rispetto all’anno precedente.

Ma questa tendenza si è invertita nel 2024.

Mentre il numero di incidenti è leggermente diminuito a 1.476, il riscatto totale pagato è crollato a 734 milioni di dollari. Il rapporto attribuisce questo calo alle operazioni su larga scala condotte dalle autorità statunitensi ed europee contro Black Cat (fine 2023) e Lockbit (inizio 2024). In effetti, entrambi i gruppi sarebbero stati tra i gruppi di attacco “più attivi” all’epoca e, a quanto pare, stanno faticando a riorganizzarsi dopo la distruzione delle loro infrastrutture.

“La maggior parte dei pagamenti di riscatto era inferiore a 250.000 dollari”, ha affermato FinCEN, sottolineando che le piccole e medie imprese, così come le grandi aziende, continuano a subire perdite. I settori più colpiti sono quello manifatturiero, finanziario e sanitario.

I settori più colpiti dagli attacchi ransomware tra il 2022 e il 2024 sono:

• Produzione: 456 casse
• Servizi finanziari: 432 casi
• Settore medico: 389 casi
• Distribuzione al dettaglio: 337 casse
• Servizi legali: 334 casi

In termini di entità dei danni, il settore finanziario è stato quello che ha subito i maggiori danni, seguito da quello medico e da quello manifatturiero.

• Servizi finanziari: circa 365,6 milioni di dollari
• Settore sanitario: circa 305,4 milioni di dollari
• Produzione: circa 284,6 milioni di dollari
• Scienza e tecnologia: circa 186,7 milioni di dollari
• Vendite al dettaglio: circa 181,3 milioni di dollari

In particolare, si è scoperto che gli istituti finanziari rappresentano il settore più grande non solo in termini di portata degli attacchi, ma anche in termini di riscatto totale pagato. Sono attive 267 famiglie di ransomware, tra cui “Akira” è quella che compare più frequentemente.

I Ceppi dei ransomware

FinCEN ha riferito che tra il 2022 e il 2024 sono state segnalate in totale 267 diverse famiglie di ransomware.

Un piccolo numero di gruppi ha guidato l’attacco generale, e le seguenti famiglie sono quelle menzionate più frequentemente:

• Akira: al primo posto per numero di incidenti segnalati con 376 casi.
• Alphabet/BlackCat (ALPHV/BlackCat): al primo posto per ricavi derivanti dai riscatti, con circa 395 milioni di dollari.
• LockBit: circa 252,4 milioni di dollari

Tra gli altri personaggi ai vertici della classifica ci sono Black Basta, Royal, BianLian, Hive, Medusa e Phobos. Solo queste prime 10 organizzazioni hanno pagato riscatti per oltre 1,5 miliardi di dollari tra il 2022 e il 2024.

Circa il 97% dei pagamenti dei riscatti è stato effettuato in Bitcoin, a conferma che la criptovaluta rimane un mezzo di transazione fondamentale nell’economia del ransomware. Un colpo decisivo per le agenzie investigative: “Il riscatto diminuirà, ma gli attacchi continueranno.”

La cooperazione internazionale il punto di svolta

Il rapporto ha citato la cooperazione internazionale tra le agenzie investigative negli Stati Uniti e in Europa come fattore chiave nella significativa riduzione dei riscatti nel 2024. Con l’infrastruttura di Black Cat e Lockbit neutralizzata, la redditività degli aggressori è diminuita drasticamente e si ritiene che diverse organizzazioni stiano vivendo una fase di confusione durante la riorganizzazione.

Tuttavia, il fatto che il numero di attacchi non sia diminuito è un altro messaggio di allarme. Anche con riscatti più bassi, il numero di tentativi di attacco continua ad aumentare. Il rapporto prevede che “nuovi gruppi più piccoli continueranno a emergere e a riempire il mercato”.

FinCEN esorta tutte le organizzazioni a “segnalare immediatamente qualsiasi attacco ransomware all’FBI e a FinCEN”, sottolineando che è fondamentale monitorare le reti criminali e bloccare i fondi attraverso la condivisione di informazioni finanziarie.

L'articolo Gli attacchi ransomware diminuiscono nel 2024, ma l’economia criminale rimane in espansione proviene da Red Hot Cyber.

I am urgently looking for work. My unemployment ends soon and my family is approaching eviction. With Christmas near and kids in the house, the pressure has become extremely difficult. I’ve been interviewing since September and reached multiple final rounds, but have not secured a role yet.

I have over 15 years of experience in Cyber Threat Intelligence, OSINT, Social Engineering, Security Engineering, Vulnerability Management, and detection rule development. I’ve built CTI programs, developed Python automation, improved workflows, supported investigations, and authored Practical Social Engineering. I hold a US patent for a cybersecurity reconnaissance system.

I can support Sales and Sales Engineering teams as a subject matter expert when needed, adding technical depth and threat context to customer conversations. I also write white papers, blogs, and podcast material and speak regularly on security topics. Locally, I am a USCCA certified firearms instructor.

I am open to full time roles or contract work. Referrals and introductions are deeply appreciated as Christmas approaches.

#OpenToWork #Cybersecurity #JobSearch #ThreatIntel #OSINT #TechJobs #fedihired #getfedihired

PCB Design Review: TinySparrow, A Module For CAN Hacking, v2

A year ago, I’ve design reviewed an MCU module for CAN hacking, called TinySparrow. Modules are plenty cool, and even more so when they’re intended for remaking car ECUs. For a while now, every car has heavily depended on a computer to control the operation of everything inside it – the engine and its infrastructure, the lights, and Sadly, ECUs are quite non-hackable, so building your own ECUs only makes sense – which is why it’s heartwarming to see modules intended to make this easier on the budding ECU designer!

Last time we saw this module, it was quite a bit simpler. We talked about fixing a number of things – the linear regulator, the unprotected CAN transceiver, and the pinout; we also made the board cheaper to produce by reducing the layer count and instead pushing the clearance/track width limits. This time, we’re seeing TinySparrow v2 , redesigned accounting for the feedback and upgraded with a new MCU – it’s quite a bit more powerful!

For a start, it’s got ESD diodes, a switching-linear regulator chain for clean but efficient power supply, and most importantly, an upgraded MCU, now with USB and one more CAN channel for a total of two! There’s a lot more GPIOs to go around, too, so the PCB now uses all four of its sides for breakout out power, programming, and GPIO pads. Only a tiny bit bigger than its v1, this module packs a fair bit of punch.

Let’s revisit the design, and try to find anything still left to improve – there’s a few noteworthy things I found.

Protection Almost Perfect

It took me a bit to try and find the ESD diodes mentioned in the README – I didn’t notice that they’re basically the only thing on the bottom layer. This is fine – protection elements like ESD diodes can be on a different layer, and as they’re SOT-23, they’re easy to solder on post-factum. This is quite a nice placement choice, in my opinion – you can basically solder this board with cheaper single-side assembly, use ESD-less boards for your bench testing, and then simply solder the few bottom side components onto “production” versions!

There is but one hiccup with the way they’re placed. ESD diode appnotes will tell you – there’s some extra considerations you can try and put into ESD diode layout. This design pulls connector tracks directly to the CAN ICs on top layer, and directly to diodes on the bottom one. Instead, you should try and route the signal “through” the ESD diodes – letting track inductance play in your favour, and not impeding the ESD diode’s impact.

Fortunately, by lightly rerouting 3.3V CAN transceiver power inputs and a few surrounding signals, we can put CAN+ and CAN- signals through vias under the package, so that the signal flows “in series” with ESD diode pads. Similarly, the ESD diodes get vias to ground, shared with transceiver ground vias, but oh well. It’s not perfect, but to my eye, it’s better than before, as far as ESD protection is concerned.

About the only problem I can see with the reroute, is having to reshuffle USB signals, putting them closer together. However, as long as they’re intra-pair length-matched, they’ll do just fine.

Vias Fit Inside Pads, But Maybe Don’t?

This is not the only change to consider as far as signal routing goes, but it’s the most major one. The next issue I see, is vias – specifically, vias inside component pads.

I’ve had a few run-ins with via-in-pad related problems. Previously, I’ve failed to assemble some boards specifically because of via-in-pad related problems, with solder paste wicking through the board and onto the opposite side. For 0402 components I used, this made a number of boards essentially non-solderable depending on how lucky I got reflowing them, and I had to run a new board revision to get the yield up.

This board’s files have a fair few hints about getting assembled by JLCPCB, and JLC can definitely do plugged vias, preventing any sorts of solder flowing through the board. If the designer or someone else takes the board elsewhere, however, that might no longer apply, which would be disappointing. Also, you might have to pay extra for plugging holes – just like with the previous review, let’s see if we can avoid it. Most problematic areas are around the transceivers, still – especially given the board files now have a custom rule for 0.5mm via-to-via distances. This is not a constraint I’ve seen actually stressed by JLCPCB, but I don’t mind – with just a little bit more signal shuffling, every newly moved via landed within the 0.5mm target area.

Pinout Considerations, Again

The VDC pin now has GND pins to match, and in general, there’s a lot more GND pins to go around – which is great! It’s pretty surprising to me that the VDC pin is duplicated and its trace goes across the board on an inner layer. This is supposed to be an at least somewhat unfiltered and unprotected car power rail, after all, and I don’t think that’d help things like noise integrity. Maybe this helps with testing because all the core signals are brought to the same corner, but to my eye, it has bad vibes.

The module could perhaps use a key pin – there’s zero omissions in the outer dual-row, which leaves for a possibility of inserting this module rotated 180 degrees by accident, likely obliterating at least something on the module. If these modules are ever meant to be swapped during testing, i.e. using machined headers, I’d try and remove one of the pins from the equation – there’s a NC pin in one of the corners already, thankfully.

There’s a pair of 3.3 V signals and GND signals on the opposite sides of each other. This is geometrically satisfying pinout-wise, and, it would short-circuit the module’s onboard regulator if the module’s ever rotated inserted 180 degrees. This is generally harmless with modern modules, but it could very well make the switching or the linear regulator heat up to finger-burning temperatures – last thing you need when trying to remove a module inserted incorrectly!

Thankfully, at the top, there’s a few unconnected pads, so perhaps GND and NC could swap places, making sure that 3.3 V lands on NC once rotated 180 degrees. The VDC pads could perhaps use the same consideration, but I’m comfortable leaving those as homework.

Moving Forward

It’s a joy to see how much the TinySparrow module has grown in its v2. From vastly improved layout to higher consideration given to design rules, nicer silkscreen, and a way more powerful MCU while at it, it’s that much more of a viable heart for a somewhat modern car, and it’d be quite nice to see some boards utilizing it in the future. I hope this review can help!

As usual, if you would like a design review for your board, submit a tip to us with [design review] in the title, linking to your board files. KiCad design files strongly preferred, both repository-stored files (GitHub/GitLab/etc) and shady Google Drive/Dropbox/etc .zip links are accepted.