What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2025-04-29 11:04:11 | Blackout d'Espagne: Cyber ou pas? Une analyse technique impartiale Spain\\'s blackout: Cyber or Not? An unbiased technical analysis (lien direct) |
 IntroductionYesterday afternoon, I was writing what should have been the regular newsletter when the power suddenly went out. I wasn\'t alarmed at all because I live in a mountain area, and power outages like this happen several times a year. It was a slightly windy day, so I assumed that maybe a tree had cracked and hit a low-voltage line or something similar. But, as it turns out, that wasn\'t the case. Instead, something unprecedented occurred, a \'zero energy\' event: the power grid in Spain and Portugal went down completely.As we can see from the following graph coming from Red Eléctrica Española (transmission system operator responsible for managing the Spanish electricity system), at 12:35pm suddenly 15 GW of generation power went \'missing\'. As the prime minister would explain during a press release: "in 5 seconds, 60% of the country\'s demand disappeared from the system". The interconnected power system is one of the most complex systems ever built. It is beyond the scope of this article to provide a detailed technical assessment of all possible non-cyber scenarios that could contribute to a \'black swan\' event. In fact, investigations into large-scale power outages typically take months to reach reliable conclusions. Therefore, I will leave this task to the experts, who have access to the necessary data to conduct such a complex analysis.However, there is specific information suggesting that a potential cyber attack could be behind this. For example:https://www.larazon.es/economia/cni-apunta-ciberataque-como-posible-causa-apagon_20250428680f7e19319ae75da4ba8c32.htmlThe President of the regional government of Andalusia (Spain) claims that, after consulting with cybersecurity experts, the massive power outage is likely the result of a cyber attack.https://www.eleconomista.es/energia/noticias/13337515/04/25/juanma-moreno-apunta-a-un-ciberataque-como-posible-causa-del-gran-apagon-en-espana.htmlMeanwhile, top European figures such as the European Council p |
Ransomware Malware Threat Studies Prediction Technical | APT 44 | ★★★ |
|
2025-04-01 16:18:36 | Analyse cyber-physique des armes des systèmes de détection de destruction massive: Partie 1 - Darpa \\ 's Sigma Cyber-Physical Analysis of Weapons of Mass Destruction Detection Systems: Part 1 - DARPA\\'s SIGMA (lien direct) |
Index1. Introduction2. Practical Gamma Spectroscopy for Security Researchers3. SIGMA Network4. ConclusionsDisclaimerTo avoid any misunderstandings, I want to clarify that all the information in this post is based on open-source intelligence, publicly available documents, and reverse engineering. I have not attempted to compromise or replicate any potential attacks on internet-facing SIGMA systems. Instead, I conducted a simple, non-invasive reconnaissance phase, which involved accessing public websites, reviewing their source code, and examining generic endpoints to gather general information, such as system versions. A month before publishing this post, I gave a heads-up about it to those who needed to be informed.Introduction  This is the first part of a series on the cyber-physical analysis of weapons of mass destruction detection systems, focusing on technologies like CBRN networks and nuclear safeguards. These posts will cover how these systems integrate physical methods with cyber capabilities to counter potential threats. By analyzing both the hardware and software components, I aim to highlight the challenges and advancements in ensuring these systems function effectively in real-world scenarios, as well as some of the vulnerabilities, exploits, and security-related issues discovered during the research. Above all, the goal is to contribute to a better understanding of these systems and encourage critical thinking, especially in these challenging times.Thirty years ago, the Japanese apocalyptic cult \'Aum Shinrikyo\' managed to fabricate sarin gas in-house and released it in multiple trains during rush hour on the Tokyo subway system. The deadly nerve agent killed 14 people, injured over 1000, and caused severe health issues for thousands more. Initial reports only mentioned \'an explosion in the subway,\' causing the first 30 police officers who arrived at the scene to overlook the possibility of a chemical attack. As a result, they were exposed to and harmed by the sarin gas, which also delayed their ability to provide a timely and proper response to the other victims.Could a similar event happen today in a modern city? Probably yes, but at least in theory, it would be orders of magnitude harder for the perpetrators to achieve their goals. Even if they succeeded, the immediate aftermath (essentially the ability to mitigate the consequences), would (is expected to) be managed much more effectively, due to technological progress in countering Chemical, Biological, Radiological, |
Tool Vulnerability Threat General Information Legislation Mobile Prediction Cloud Commercial | ★★ | |
|
2025-01-08 18:35:29 | Aborder l'exploitation de la peur du rayonnement: un guide d'auto-évaluation pour contrer la désinformation Addressing the Exploitation of Radiation Fear: A Self-Assessment Guide to Counter Disinformation (lien direct) |
In December 2024, two events -drone sightings in the US and Israel\'s strike on Syria\'s weapon depots- were followed by orchestrated reports of detected radiation spikes. Some media outlets took these dubious reports (with millions of views) that originated from social media , and published pieces based on them. In one of these cases, the actors behind the disinformation campaign exploited a real-time radiation map, which is maintained by a private company that manufactures personal dosimeters, to sustain the narrative.Kim Zetter has recently published "Anatomy of a Nuclear Scare", an article that covers this issue.This trend does not come as a surprise, as radioactivity is one of those few things that can collectively trigger significant levels of societal anxiety and emotional, rather than rational, response, which is often disproportionate to the actual physical risks it poses. This radiation fear has been shaped during years by a mix of cultural, historical, and media-driven narratives. In recent years, increasing geopolitical instability, the ever-growing influence of social media, the return of magical thinking and the precariousness and discrediting of traditional sources of information have resulted in a constant flow of misinformation.. It\'s no coincidence that successful campaigns can be executed with limited resources, compared to traditional manipulation activities, and still have the potential to go viral, maximizing ROI.Despite the fact that these campaigns explicitly exploited-or leveraged-publicly available online resources providing real-time radiation levels, in most cases, the actions were simplistic and carried out without the need for specialized \'cyber\' skills or expertise. So far, the only exception to this trend can be found in Chernobyl\'s post-invasion radiation spikes from 2022.I see no reason to believe that we won\'t likely see similar campaigns in the near future. I also acknowledge that this topic is not everyone\'s cup of tea. You may not have the time or interest to go through detailed technical explanations of radioactivity from both physics and cybersecurity perspectives. However, for those who are really interested in that kind of in-depth reading, I\'ve published comprehensive research papers on this topic.So, I thought it might be useful to put together this publication, which is merely intended to serve as an \'emergency guide\' to quickly grasp a set of simple yet sound principles that hopefully can help everyone, regardless of their background, to approach radioactivity-related reports with a critical eye. Armed with these fundamentals of radiation monitoring, we\'ll learn how to quickly discern between stories that make sense and those that don\'t hold water.An Emergency Guide to Understanding Radioactivity and Radiation MonitoringLet\'s say that you want to build a simple cabin in a small plot of land you have in the woods. The foundations should be stable enough to ensure the structure does not collapse just right after finishing it. However, you have an unusual constraint: the only material you can use is balloons. Common sense suggests that, although balloons are not the ideal material, the best way to use them would be to keep them completely deflated. Anything built using inflated balloons will not last long; it depends on the quality of the material the balloon is made of, but everybody acknowl | Tool Threat Industrial Prediction Technical | ★★★ | |
|
2024-01-15 16:59:43 | Que s'est-il vraiment passé à Tchernobyl au début de l'invasion russe? What Really Happened in Chernobyl During the Beginning of the Russian Invasion? (lien direct) |
This blog post contains the web version of my research paper: "Seeing Through the Invisible: Radiation Spikes Detected in Chernobyl During the Russian Invasion Show Possible Evidence of Fabrication", which was unveiled at BlackHat USA 2023. It is intended to ease the indexing and dissemination of the information collected during this research. In a few days, I\'ll be in Brussels presenting this research. The original paper (PDF) can be downloaded here.Additional references:https://www.wired.com/story/chernobyl-radiation-spike-mystery/ (Kim Zetter)https://www.zetter-zeroday.com/p/radiation-spikes-at-chernobyl-a-mystery (Kim Zetter)https://medium.com/war-notes/chornobyl-3-92216d21b223 (Olegh Bondarenko) INDEXForeword Executive summary Introduction 1. Physical 1986 Resuspension Transport Humidity Traffic 2. Cyber |
Malware Vulnerability Mobile Industrial Prediction Cloud Conference Technical Commercial | ★★★ |
1
We have: 4 articles.
We have: 4 articles.
To see everything:
Our RSS (filtrered)
