Friday, December 31, 2021
Show HN: Stream-write-ods – Make OpenDocument Spreadsheets on the fly in Python https://ift.tt/3mHxJPW
Show HN: Stream-write-ods – Make OpenDocument Spreadsheets on the fly in Python https://ift.tt/3FIoczv December 31, 2021 at 10:09AM
Show HN: I made it easy to create personalized pages https://ift.tt/3zlZmTW
Show HN: I made it easy to create personalized pages https://lnkky.com December 31, 2021 at 12:10PM
Why More Businesses Will be Creating Their Own Chips in 2022
Stung by delays and shortages, a growing number of businesses are bringing chip development in-house. But are the risks worth the effort?
Show HN: 8Bit Computers Book https://ift.tt/3EFLNj5
Show HN: 8Bit Computers Book Hi everybody! Due to Covid 19 pandemic I was forced in my home, so I revamped my book https://ift.tt/3eFzU1X It is a huge collection of information about the 8bit comnputer era (1980-1985) up to the NES console. I collected information from various source including “The 8bit Guy” videos and specific site (like C64 wiki, nesdev etc). I am using docusaurus to give a pleasnt look to the whole site. Please give me you feedback (and happy new year btw)! December 31, 2021 at 09:59AM
Thursday, December 30, 2021
In the Fight Against Cybercrime, Takedowns Are Only Temporary
Disrupting access to servers and infrastructure continues to interfere with cybercrime activity, but it's far from a perfect strategy.
Show HN: How I completed a project I abandoned 5 years ago https://ift.tt/3qDOrRm
Show HN: How I completed a project I abandoned 5 years ago https://ift.tt/3qDrLAG December 30, 2021 at 01:06PM
Show HN: Pick a Paw – How well do you know your dog breeds? https://ift.tt/3HgihSA
Show HN: Pick a Paw – How well do you know your dog breeds? https://ift.tt/32N3Si4 December 29, 2021 at 10:55PM
Wednesday, December 29, 2021
Show HN: Ansible Doc Generator – Easy documentation for your Ansible roles https://ift.tt/3JBeMIG
Show HN: Ansible Doc Generator – Easy documentation for your Ansible roles https://ift.tt/3JBc8Tg December 29, 2021 at 10:33AM
The Log4j Flaw Will Take Years to be Fully Addressed
Over 80% of Java packages stored on Maven Central Repository have log4j as an indirect dependency, with most of them burying the vulnerable version five levels deep, says Google's Open Source Insights Team.
source https://www.darkreading.com/tech-trends/the-log4j-flaw-will-take-years-to-be-fully-addressed
source https://www.darkreading.com/tech-trends/the-log4j-flaw-will-take-years-to-be-fully-addressed
Show HN: Hoppscotch (Postman alternative) now support Team Collaboration https://ift.tt/3FJvZgM
Show HN: Hoppscotch (Postman alternative) now support Team Collaboration Hoppscotch is an open-source API development ecosystem - an online alternative to Postman API tool. Today we're launching Teams Collaboration support in Hoppscotch. • Unlimited teams • Unlimited shared collections • Unlimited team members • Role-based access control • Cloud sync • Multiple devices GitHub: https://ift.tt/3kVgcRJ Web app: https://hoppscotch.io Read more on our blog: https://ift.tt/3mGEBgn December 29, 2021 at 08:25AM
Tuesday, December 28, 2021
Show HN: We built a platform for video-based discussions https://ift.tt/3mFsss5
Show HN: We built a platform for video-based discussions http://edudo.app December 28, 2021 at 02:27PM
Show HN: Query HN points of any url with this API https://ift.tt/3z3yzeR
Show HN: Query HN points of any url with this API https://ift.tt/3JpVRjW December 28, 2021 at 01:06PM
How 5G Networks are Secured and Enabled by SASE
Secure Access Service Edge (SASE) delivers end-to-end security, visibility, and telemetry for 5G infrastructure and services.
Show HN: MetaMove – Batch renaming operations based on file metadata https://ift.tt/3sBW7Gs
Show HN: MetaMove – Batch renaming operations based on file metadata https://ift.tt/3Hephj1 December 27, 2021 at 11:52PM
Monday, December 27, 2021
Show HN: Server-side SVG price chart library that needs no front end JavaScript https://ift.tt/3JfClGN
Show HN: Server-side SVG price chart library that needs no front end JavaScript https://ift.tt/3ptgB2i December 27, 2021 at 04:02PM
The CISO as Sustaining Force: Helping Infosec Staff Beat Burnout
To protect their staffers, leaders should focus on identifying and alleviating root causes of burnout.
source https://www.darkreading.com/careers-and-people/the-ciso-as-sustaining-force-helping-infosec-staff-beat-burnout
source https://www.darkreading.com/careers-and-people/the-ciso-as-sustaining-force-helping-infosec-staff-beat-burnout
Show HN: Wodo.io is a gaming platform with crypto capabilities https://ift.tt/3EsyrXj
Show HN: Wodo.io is a gaming platform with crypto capabilities https://wodo.io/ December 27, 2021 at 01:52PM
Show HN: React hooks library to build powerful components UI framework agnostic https://ift.tt/3puqfBw
Show HN: React hooks library to build powerful components UI framework agnostic https://ift.tt/3mBARwD December 27, 2021 at 11:49AM
Show HN: Nap – A File-Based HTTP Execution Framework https://ift.tt/3qqA82w
Show HN: Nap – A File-Based HTTP Execution Framework https://ift.tt/3z4AAHQ December 27, 2021 at 06:01AM
How to Choose a Red Team Service Provider
Service providers that offer high-level Red Teaming bring expertise that might be missing in some companies. They also have their own tools and prepared approaches.
Sunday, December 26, 2021
Show HN: wrk-utils: run wrk in clusters and have stats https://ift.tt/3qjDCUk
Show HN: wrk-utils: run wrk in clusters and have stats https://ift.tt/3qjwUO8 December 26, 2021 at 01:48PM
Show HN: Terminal interface to search the LLVM-C API https://ift.tt/3End4Xq
Show HN: Terminal interface to search the LLVM-C API https://ift.tt/3pru9ez December 26, 2021 at 11:50AM
Show HN: One-Sentence Album Reviews https://ift.tt/32DbyTG
Show HN: One-Sentence Album Reviews https://ift.tt/3qsfor1 December 25, 2021 at 11:47PM
Show HN: I'm building a non-profit search engine https://ift.tt/3z66B23
Show HN: I'm building a non-profit search engine https://ift.tt/3swpqdp December 26, 2021 at 11:11AM
Show HN: Made a e-4917 emulator with a short tutorial https://ift.tt/3EtZlxS
Show HN: Made a e-4917 emulator with a short tutorial https://ift.tt/2ZlzuKn December 26, 2021 at 09:51AM
Saturday, December 25, 2021
Show HN: I hype drivingly recreated my website and it was awesome https://ift.tt/3yWptR9
Show HN: I hype drivingly recreated my website and it was awesome Hello HN, I had some christmas free time over the last two weeks (Merry Christmas btw ;-)) and used that time to completely recreate the website of my app[1]. I used all the fancy new tools. I didn't know some of them when I started. What was my goal? * Pretty website * Blazing fast * Mobile first * SSR * Webp support * Generally all the best website practices (high lighthouse score) What did I use? * Tailwindcss (https://ift.tt/2vB1u9d) * Tailwind Components (https://tailwindui.com/) * React (https://reactjs.org/) * ViteJs (https://vitejs.dev/) * Kubernetes (https://kubernetes.io/) Well what can I say. I hate creating websites, but this was an awesome experience. Never have I created a website more efficiently. Tailwindcss + Components is just the best. ViteJS is so so so much easier to setup compared to webpack and has SSR support on top of it. React has been around somewhat longer and I did a lot of projects with it, so that was a nobrainer. Special thanks to all the people who created these awesome tools. PS: If you work with lots of images, do yourself a favor and use something like https://ift.tt/3qhEKYM. It saved me hours of dreadful work. [1] https://stockevents.app December 25, 2021 at 01:10PM
Show HN: A Virtual Xmas Party Experiment https://ift.tt/3FoEaia
Show HN: A Virtual Xmas Party Experiment https://ift.tt/3EmrKGp December 25, 2021 at 03:00PM
Show HN: A Reassuring Parables Generator https://ift.tt/3Hb9QrJ
Show HN: A Reassuring Parables Generator https://ift.tt/3Fx07vy December 25, 2021 at 09:50AM
Show HN: A Tiny HTML5 Christmas Puzzle Game in Parenscript https://ift.tt/3yW0mOn
Show HN: A Tiny HTML5 Christmas Puzzle Game in Parenscript https://ift.tt/3ppE3gE December 25, 2021 at 05:58AM
Friday, December 24, 2021
Show HN: Liar's Dice AI from reinforcement learning https://ift.tt/3Fr2ct5
Show HN: Liar's Dice AI from reinforcement learning https://dudo.ai December 24, 2021 at 12:32PM
Log4j: A CISO's Practical Advice
Working together is going to make getting through this problem a lot easier.
Show HN: Retire 35 https://ift.tt/3sxqxtC
Show HN: Retire 35 https://retire35.com/ December 24, 2021 at 07:26AM
Show HN: PG Extras – a set of tools for debugging PostgreSQL performance issues https://ift.tt/3mrttny
Show HN: PG Extras – a set of tools for debugging PostgreSQL performance issues https://ift.tt/30fz59u December 24, 2021 at 04:47AM
Show HN: A Ruby gem to convert images into custom ASCII art https://ift.tt/3muiV76
Show HN: A Ruby gem to convert images into custom ASCII art https://ift.tt/3mu0Jut December 24, 2021 at 02:52AM
Show HN: Tact – A simple chat app for iOS, iPadOS and macOS https://ift.tt/3H62iXp
Show HN: Tact – A simple chat app for iOS, iPadOS and macOS https://justtact.com/ December 21, 2021 at 01:40PM
Show HN: Jupyter kernel using Poetry for reproducible Python package management https://ift.tt/30Vm6gB
Show HN: Jupyter kernel using Poetry for reproducible Python package management https://ift.tt/3H6E0MS December 24, 2021 at 12:54AM
Show HN: Causelink Root Cause Analysis https://ift.tt/3eltZPA
Show HN: Causelink Root Cause Analysis https://ift.tt/32knied December 23, 2021 at 10:44PM
Thursday, December 23, 2021
Show HN: Linkhorse – A Simple Bookmark Organizer https://ift.tt/32x18oV
Show HN: Linkhorse – A Simple Bookmark Organizer https://link.horse December 23, 2021 at 04:04AM
Show HN: Embed your source code in PNG files https://ift.tt/32qK040
Show HN: Embed your source code in PNG files https://ift.tt/3H0VoT2 December 23, 2021 at 02:02AM
Microsoft Customer Source Code Exposed via Azure App Service Bug
Researchers found an insecure default behavior in Azure App Service exposing source code of some customer applications deployed using "Local Git."
Show HN: Jig – a tool to define, compute and monitor metrics https://ift.tt/30ShZ4V
Show HN: Jig – a tool to define, compute and monitor metrics https://www.jigdev.com December 22, 2021 at 11:58PM
Microsoft Customer Source Code Exposed via Azure App Service Bug
Researchers found an insecure default behavior in Azure App Service exposing source code of some customer applications deployed using "Local Git."
source https://www.darkreading.com/threat-intelligence/microsoft-customer-source-code-exposed-via-azure-app-service-bug
source https://www.darkreading.com/threat-intelligence/microsoft-customer-source-code-exposed-via-azure-app-service-bug
Nearly 50% of People Will Abandon Sites Prohibiting Password Reuse
A new study investigating consumer password use found 25% of online shoppers would abandon their carts of $100 if prompted to reset a password at checkout.
Show HN: Cowbells – A Clojure library for musical experiments and live coding https://ift.tt/3FobmGG
Show HN: Cowbells – A Clojure library for musical experiments and live coding https://ift.tt/3Ek7nJR December 22, 2021 at 04:18PM
Wednesday, December 22, 2021
Show HN: Aftertext https://ift.tt/3Enqfrb
Show HN: Aftertext https://ift.tt/3GQbFdM December 22, 2021 at 01:16AM
Meta Files Federal Lawsuit Against Phishing Operators
The Facebook parent company seeks court's help in identifying the individuals behind some 39,000 websites impersonating its brands to collect login credentials.
source https://www.darkreading.com/attacks-breaches/meta-files-federal-lawsuit-against-phishing-operators
source https://www.darkreading.com/attacks-breaches/meta-files-federal-lawsuit-against-phishing-operators
93% of Tested Networks Vulnerable to Breach, Pen Testers Find
Data from dozens of penetration tests and security assessments suggest nearly every organization can be infiltrated by cyberattackers.
93% of Tested Networks Vulnerable to Breach, Pen Testers Find
Data from dozens of penetration tests and security assessments suggest nearly every organization can be infiltrated by cyberattackers.
source https://www.darkreading.com/attacks-breaches/93-of-tested-networks-vulnerable-to-breach-pentesters-find
source https://www.darkreading.com/attacks-breaches/93-of-tested-networks-vulnerable-to-breach-pentesters-find
Show HN: WikiAccents, an Audio Repository for the World's Spoken Languages https://ift.tt/3Fj4XN1
Show HN: WikiAccents, an Audio Repository for the World's Spoken Languages https://ift.tt/3ebWGhM December 21, 2021 at 11:32PM
Tuesday, December 21, 2021
Russian National Extradited for Illegal Hacking & Trading
Vladislav Klyushin was allegedly involved in a global operation to trade on nonpublic data stolen from US computer networks.
New Log4j Attack Vector Discovered
Meanwhile, Apache Foundation releases third update to logging tool in 10 days to address yet another flaw.
Show HN: I've made a Figma plugin that converts design to HTML with TailwindCSS https://ift.tt/3yLLl1n
Show HN: I've made a Figma plugin that converts design to HTML with TailwindCSS https://ift.tt/3GXaMA3 December 20, 2021 at 11:14PM
Russian National Extradited for Illegal Hacking & Trading
Vladislav Klyushin was allegedly involved in a global operation to trade on nonpublic data stolen from US computer networks.
source https://www.darkreading.com/threat-intelligence/russian-national-extradited-for-illegal-hacking-trading
source https://www.darkreading.com/threat-intelligence/russian-national-extradited-for-illegal-hacking-trading
New Log4j Attack Vector Discovered
Meanwhile, Apache Foundation releases third update to logging tool in 10 days to address yet another flaw.
source https://www.darkreading.com/application-security/researchers-uncover-new-attack-vector-for-log4j-flaw
source https://www.darkreading.com/application-security/researchers-uncover-new-attack-vector-for-log4j-flaw
Show HN: Lisp with GC in 436 Bytes https://ift.tt/3mlBZEE
Show HN: Lisp with GC in 436 Bytes https://ift.tt/3qgIs4M December 20, 2021 at 11:06PM
Monday, December 20, 2021
Show HN: Got is like Git, but with an 'o' https://ift.tt/3q9Iz21
Show HN: Got is like Git, but with an 'o' https://ift.tt/3qgAFnP December 20, 2021 at 04:38PM
Show HN: Make My Screen Black https://ift.tt/3skCthX
Show HN: Make My Screen Black https://ift.tt/3ea9Qfi December 20, 2021 at 11:54AM
Show HN: Platform to learn about crypto with visual storytelling https://ift.tt/3mg44NK
Show HN: Platform to learn about crypto with visual storytelling https://ift.tt/3Ec2MJu December 20, 2021 at 05:33AM
Show HN: Mum's 80th birthday present- a rotary phone from the 1970's https://ift.tt/3JewyBk
Show HN: Mum's 80th birthday present- a rotary phone from the 1970's https://ift.tt/3GUAkxG December 20, 2021 at 02:31AM
Show HN: Interpretable Text Classification and Clustering in the Browser https://ift.tt/3e7uoFm
Show HN: Interpretable Text Classification and Clustering in the Browser https://ift.tt/3GWKptV December 20, 2021 at 02:22AM
Show HN: Turn a Raspberry Pi into a Bluetooth MIDI Device https://ift.tt/3H1yknr
Show HN: Turn a Raspberry Pi into a Bluetooth MIDI Device https://ift.tt/3E5mOFC December 19, 2021 at 11:10PM
Sunday, December 19, 2021
Show HN: A Chrome extension to generate markup link reference for current page https://ift.tt/3H2xfvH
Show HN: A Chrome extension to generate markup link reference for current page https://ift.tt/33xs4Fk December 19, 2021 at 02:55PM
Show HN: Extract email attachments into shareable links https://ift.tt/3IXZ5uR
Show HN: Extract email attachments into shareable links Link = https://ift.tt/3qdtrkt After having to upload images/json files one too many times to S3, I decided to build a process which allowed me to email files to a set email address and have the files appear in s3 with a shareable link. I can see a product like this being useful as a headless CMS, sharing a files outside Dropbox/GDrive, config files for web and IoT projects, and general backup. Let me know what you think, HN. Link = https://ift.tt/3qdtrkt December 19, 2021 at 08:57AM
Show HN: Full-featured+fast SIMD CSV lib, extensible utility & web playground https://ift.tt/3mhukr3
Show HN: Full-featured+fast SIMD CSV lib, extensible utility & web playground https://ift.tt/3FahqT1 December 19, 2021 at 12:19PM
Show HN: Generate typed and efficient APIs from a schema file https://ift.tt/3q8bOlY
Show HN: Generate typed and efficient APIs from a schema file https://ift.tt/30GqgZL December 19, 2021 at 12:39PM
Show HN: I made a to do list that integrates with Notion https://ift.tt/30GK8vR
Show HN: I made a to do list that integrates with Notion https://ift.tt/3J4bhKz December 19, 2021 at 02:22AM
Show HN: IR stove thermometer, firmware in Rust https://ift.tt/3e1ZCO2
Show HN: IR stove thermometer, firmware in Rust https://www.anyleaf.org December 19, 2021 at 02:02AM
Show HN: Play BangBang Against a NeuralNetwork https://ift.tt/3JcxdDk
Show HN: Play BangBang Against a NeuralNetwork https://ift.tt/3qfB6yK December 19, 2021 at 12:42AM
Show HN: I am not a dev, but published a Chrome extension: Cowboy Copy https://ift.tt/3q6Yb6s
Show HN: I am not a dev, but published a Chrome extension: Cowboy Copy https://ift.tt/3p8WW7z December 18, 2021 at 09:29PM
Saturday, December 18, 2021
Show HN: Timeless articles posted on Hacker News, written 1321 to 2021 https://ift.tt/3e76sBI
Show HN: Timeless articles posted on Hacker News, written 1321 to 2021 https://ift.tt/3e7qXOB December 18, 2021 at 06:00PM
Show HN: ReleaseChurch – a fun-website to cast a prayer for your release https://ift.tt/3GVzd0Q
Show HN: ReleaseChurch – a fun-website to cast a prayer for your release https://ift.tt/3qaVcda December 18, 2021 at 03:36PM
Show HN: Searchall – search all major indexes on one page (with iframes) https://ift.tt/3q67KTg
Show HN: Searchall – search all major indexes on one page (with iframes) https://ift.tt/3skUmxd December 18, 2021 at 03:38AM
Show HN: Engula – A serverless storage engine in Rust for building databases https://ift.tt/33sVc0r
Show HN: Engula – A serverless storage engine in Rust for building databases https://ift.tt/3E1oxf3 December 17, 2021 at 09:47AM
Drawing a Concise Road Map for Enterprise Edge Computing Deployments
Edge computing is quickly transitioning from a theoretical concept to a realistic deployment option in the enterprise. What’s been missing, however, is a detailed technical framework that IT architects can use as a guide.
How Risky Is the Log4J Vulnerability?
Security teams around the world are on high alert dealing with the Log4j vulnerability, but how risky is it, really?
Friday, December 17, 2021
Why Log4j Mitigation Is Fraught With Challenges
The Log4j flaw exists in a component that is not always easy to detect and is widely used beyond an organization's own networks and systems.
Why Log4j Mitigation Is Fraught With Challenges
The Log4j flaw exists in a component that is not always easy to detect and is widely used beyond an organization's own networks and systems.
source https://www.darkreading.com/application-security/why-log4j-mitigation-is-fraught-with-challenges
source https://www.darkreading.com/application-security/why-log4j-mitigation-is-fraught-with-challenges
Phorpiex Botnet Variant Spread Across 96 Countries
A new variant dubbed "Twizt" has hijacked 969 transactions and stolen the equivalent of nearly $500,000 USD.
Show HN: Termius (YC W19) – Share your terminal session like Google Docs https://ift.tt/3GSH7rt
Show HN: Termius (YC W19) – Share your terminal session like Google Docs Hi everybody, I’m Roman from Termius (YC W19, HN launch https://ift.tt/3GMvAdt ). I want to share news about a new exciting feature that we wanted to build for a long time. It’s Terminal Sharing. Terminal Sharing enables engineers to get instant help from their colleagues by providing a link to their terminal output updated in real-time. There is also a mode where the viewer can enter commands from their end. When I was getting into programming, some of my biggest problems were: compilation errors or not being able to set up something on a Linux server. One of the ways to get help in such a case is to ask a friend or colleague who has done it before. One more thing, we all remember times (before the pandemic) when teammates could come to your table and check out where you got stuck and often it’s in a terminal window. Unfortunately,it’s often impossible in the post-COVID era when most of the teams work remotely Of course, there is always a way of using a multiplexor like tmux, byobu or screen. However, it’s a bit annoying because you have to deal with access like adding keys or passwords. Then you have to communicate back and forth to see if the person is there. You also need to remember to start those tools before you end up with an issue. And finally, you need to remember to remove the access later. The whole thing is even harder on Windows with Putty. Alternatively, you can use zoom and screen sharing, but it requires dealing with control over the keyboard input, which is quite cumbersome. This is why we built Terminal Sharing in Termius ( https://ift.tt/30vjMN7 ). If you need help from your friend or colleague, then you can create a live session in just a second. You get a unique link to sharein just two clicks. Terminal Sharing is available on Windows, Mac, and Linux, no mobile support yet. You and the viewers need only to have the free version of Termius to use basic Terminal Sharing features. We like the idea of giving this feature for free to spread the word about the product and build more advanced, paid, collaboration features for teams later. In terms of the technical implementation, Terminal Sharing uses WebRTC under the hood, and it tries to establish a peer-to-peer connection when possible. WebRTC uses TLS 1.2, which encrypts the traffic. Check it out here: https://ift.tt/30vjMN7 . We’re still testing usability and viability of this feature, so any feedback is welcome. The feature is free, but it requires an account (no subscription required!). Please share your feedback in the comments! December 15, 2021 at 10:12PM
Thursday, December 16, 2021
Companies Must Assess Threats to AI & ML Systems in 2022: Microsoft
Most companies lack the proper tools to assess their vulnerability to threats facing their AI systems and ML pipelines, prompting Microsoft to release a risk assessment framework.
source https://www.darkreading.com/risk/companies-must-assess-threats-to-ai-ml-systems-in-2022-microsoft
source https://www.darkreading.com/risk/companies-must-assess-threats-to-ai-ml-systems-in-2022-microsoft
Show HN: I made a collaborative ASCII editor https://ift.tt/3DXcbVh
Show HN: I made a collaborative ASCII editor I made a website for drawing ascii art with other people https://ift.tt/3dST9VF It's been online for a little over a year so there's a fair bit of stuff to browse if you want to look around (so much that I even made a poster https://ift.tt/3ysYsEs) There are other websites like yourworldoftext that do this but ascii-collab has some extra features like per-user undo/redo, box selection, a color highlight mode to see who made particular changes, and there's admin tools so I can remove spam. The code is open sourced here https://ift.tt/3dRw1a1 if anyone is interested. Enjoy! December 16, 2021 at 01:00AM
Original Fix for Log4j Flaw Fails to Fully Protect Against DoS Attacks, Data Theft
Organizations should upgrade ASAP to new version of logging framework released Tuesday by the Apache Foundation, security experts say.
source https://www.darkreading.com/application-security/original-fix-for-log4j-flaw-fails-to-fully-protect-against-dos-attacks-data-theft
source https://www.darkreading.com/application-security/original-fix-for-log4j-flaw-fails-to-fully-protect-against-dos-attacks-data-theft
Show HN: Overpass – a self-hosted video live streaming app https://ift.tt/3saoc7I
Show HN: Overpass – a self-hosted video live streaming app https://ift.tt/3pXCpSF December 16, 2021 at 12:18AM
Dept. of Homeland Security Launches 'Hack DHS' Program
A new bug bounty program aims to find potential security flaws within certain DHS systems and strengthen the department's security posture.
Show HN: FastWSGI, an ultra-fast WSGI server for Python https://ift.tt/3F1cyzA
Show HN: FastWSGI, an ultra-fast WSGI server for Python https://ift.tt/3dSC7qH December 15, 2021 at 10:47PM
Wednesday, December 15, 2021
Tool Overload & Attack Surface Expansion Plague SOCs
Security professionals are burning out from handling too many tools and facing a growing number of threats, and more than 40% see lack of leadership as the main problem.
source https://www.darkreading.com/operations/tool-overload-attack-surface-expansion-plague-socs
source https://www.darkreading.com/operations/tool-overload-attack-surface-expansion-plague-socs
Microsoft Patches Zero-Day Spreading Emotet Malware
The December rollout includes 67 security patches and addresses one zero-day and five more publicly known vulnerabilities.
Tuesday, December 14, 2021
XDR: What It Is, What It Isn't
The three must-haves in eXtended Detection and Response are: making data accessible, facilitating real-time threat detection, and providing remediation strategies.
Show HN: WanderApp – Cast Harry Potter Spells with gyroscope data https://ift.tt/33tYUqP
Show HN: WanderApp – Cast Harry Potter Spells with gyroscope data https://ift.tt/3pXpPmr December 14, 2021 at 04:12AM
XDR: What It Is, What It Isn't
The three must-haves in eXtended Detection and Response are: making data accessible, facilitating real-time threat detection, and providing remediation strategies.
source https://www.darkreading.com/crowdstrike/xdr-what-it-is-what-it-isn-t
source https://www.darkreading.com/crowdstrike/xdr-what-it-is-what-it-isn-t
Monday, December 13, 2021
Show HN: Tempe – A Chrome extension to create unique email address each website https://ift.tt/3dJDU1d
Show HN: Tempe – A Chrome extension to create unique email address each website https://ift.tt/3lZUYVg December 13, 2021 at 12:43PM
Show HN: A cross-platform, modular dotfiles installer for my personal setup https://ift.tt/3IEgwAp
Show HN: A cross-platform, modular dotfiles installer for my personal setup https://ift.tt/33jxX93 December 13, 2021 at 11:54AM
Show HN: A 166 KB file for cross compiling glibc for any version, any target https://ift.tt/3F5Wrkp
Show HN: A 166 KB file for cross compiling glibc for any version, any target https://ift.tt/31VnnEK December 13, 2021 at 12:05PM
Show HN: Google Sheets as a Database – Save HTML Forms to Goggle Sheets https://ift.tt/3EUoJ0Y
Show HN: Google Sheets as a Database – Save HTML Forms to Goggle Sheets https://fabform.io December 13, 2021 at 05:16AM
Show HN: GearSlots, Polygon NFT with tradable attributes https://ift.tt/3IIR5h1
Show HN: GearSlots, Polygon NFT with tradable attributes Hello. I made Gear Slots. It's a loot-inspired NFT, with tradable attributes. Deployed on Polygon. I really liked the idea behind loot - to have game data stored on chain. However, not having solid randomness in the generation of the gear, as well as static bags of gear (not being able to trade for different gear) was a downside. So, I made Gear Slots. Gear Slots is built completely on-chain - there is no data stored on IPFS, S3, or any other host. The metadata, attributes, and images for Gear Slots are all stored on-chain. When minted, the contract uses randomness from ChainLink's VRF to randomly generate 9 pieces of equipment. Once you've minted a token, you can set a price on a single piece of gear within the token, a few pieces of gear, or every piece of gear. Other token holders can buy that gear from you at the price you set. You can browse gear for sale from other token holders as well. There is no fee to set prices on gear - only gas. With Gear Slots, you swap out individual pieces of gear with other token holders, without trading away your entire token. Gear Slots brings a unique twist to gaming NFTs with tradable attributes. The mint price is 1 MATIC, plus some gas. When you trade gear with other token holders, the fee is whatever the owner set on that gear, plus some gas. If you're not familiar with Polygon or how to setup your wallet, I'm happy to help. The site is https://gearslots.com, and after minting the tokens show on OpenSea as well. If you want to try the contract and token, but not the site, the contract has been verified on Polygonscan, so you can interact over there as well. December 12, 2021 at 10:23PM
Show HN: Online Space for Bootstrappers Support https://ift.tt/3EQDjXk
Show HN: Online Space for Bootstrappers Support https://ift.tt/3revIxW December 13, 2021 at 04:49AM
Show HN: FileFlows – file processing Docker application https://ift.tt/3lYNmSy
Show HN: FileFlows – file processing Docker application https://fileflows.com December 12, 2021 at 11:29PM
Show HN: LivePoll – Real-time anonymous poll https://ift.tt/3DPK4HF
Show HN: LivePoll – Real-time anonymous poll https://ift.tt/3rZFsfy December 12, 2021 at 08:47PM
Show HN: Check if you're vulnerable to an egregious case of log4shell https://ift.tt/33pPTz1
Show HN: Check if you're vulnerable to an egregious case of log4shell https://ift.tt/3GABVsj December 12, 2021 at 08:24PM
Sunday, December 12, 2021
Show HN: Yearly Faves – showcase your fave books and support indie bookshops https://ift.tt/3EOfZta
Show HN: Yearly Faves – showcase your fave books and support indie bookshops https://ift.tt/3Dr4HK3 December 12, 2021 at 09:35PM
Show HN: AlterClass – A platform for making and selling programming courses https://ift.tt/3EOBxGj
Show HN: AlterClass – A platform for making and selling programming courses https://alterclass.io/ December 12, 2021 at 07:20PM
Show HN: I build a Bitcoin heater to keep my Nana warm https://ift.tt/31XomUU
Show HN: I build a Bitcoin heater to keep my Nana warm https://ift.tt/3IT0jHI December 12, 2021 at 02:44PM
Show HN: Noisebox – Background noise generator for concentration https://ift.tt/3EOfLCx
Show HN: Noisebox – Background noise generator for concentration https://ift.tt/3oMrOKP December 12, 2021 at 12:32PM
Show HN: Shoelace – A forward-thinking library of web components https://ift.tt/33rlWPb
Show HN: Shoelace – A forward-thinking library of web components https://shoelace.style/ December 11, 2021 at 11:52PM
Show HN: ActiveMDX – Use Markdown as a Database https://ift.tt/3lYK5my
Show HN: ActiveMDX – Use Markdown as a Database https://ift.tt/3oHZklw December 11, 2021 at 09:17PM
Show HN: HN Lists – A Hacker News browser extension for /lists https://ift.tt/3dIml1j
Show HN: HN Lists – A Hacker News browser extension for /lists https://ift.tt/2HIaxv0 December 11, 2021 at 08:44PM
Show HN: PgOutput2Json .NET lib for PostgreSQL change streaming to JSON https://ift.tt/3GsapNE
Show HN: PgOutput2Json .NET lib for PostgreSQL change streaming to JSON https://ift.tt/3lVN4Mj December 11, 2021 at 11:59AM
Saturday, December 11, 2021
What to Do While Waiting for the Log4J Updates
This Tech Tip outlines how enterprise defenders can mitigate the risks of the Log4j vulnerabilities for the short-term while waiting for updates.
source https://www.darkreading.com/dr-tech/what-to-do-while-waiting-for-the-log4ju-updates
source https://www.darkreading.com/dr-tech/what-to-do-while-waiting-for-the-log4ju-updates
Security Experts Sound Alarm on Zero-Day in Widely Used Log4j Tool
A remote code execution vulnerability in Log4j presents a bigger threat to organizations than even the infamous 2017 Apache Struts vulnerability that felled Equifax, they say.
source https://www.darkreading.com/vulnerabilities-threats/security-experts-sound-alarm-on-zero-day-in-widely-used-log4j-tool
source https://www.darkreading.com/vulnerabilities-threats/security-experts-sound-alarm-on-zero-day-in-widely-used-log4j-tool
NIST Cyber-Resiliency Framework Extended to Include Critical Infrastructure Controls
The latest NIST publication outlines how organizations can build systems that can anticipate, withstand, recover from, and adapt to cyberattacks.
NIST Cyber-Resiliency Framework Extended to Include Critical Infrastructure Controls
The latest NIST publication outlines how organizations can build systems that can anticipate, withstand, recover from, and adapt to cyberattacks.
source https://www.darkreading.com/edge-articles/nist-cyber-resiliency-framework-extended-to-include-critical-infrastructure-controls
source https://www.darkreading.com/edge-articles/nist-cyber-resiliency-framework-extended-to-include-critical-infrastructure-controls
Security Experts Sound Alarm on Zero-Day in Widely Used Log4j Tool
A remote code execution vulnerability in Log4j presents a bigger threat to organizations than even the infamous 2017 Apache Struts vulnerability that felled Equifax, they say.
Friday, December 10, 2021
Why We Need Infrastructure-led Innovation to Transform Network Security
Despite how convenient it may seem, we cannot prioritize digital advancement first and leave security as an afterthought. The goal now is to build environments and infrastructure that are secure from the foundation up.
Show HN: Deeplinks.js – Simple deep links to selections of text on your website https://ift.tt/3GwFiQU
Show HN: Deeplinks.js – Simple deep links to selections of text on your website https://ift.tt/3GrbHIO December 9, 2021 at 01:51AM
Researchers Explore Microsoft Outlook Phishing Techniques
Outlook features intended to improve collaboration and productivity may make social engineering attacks more effective, researchers find.
source https://www.darkreading.com/threat-intelligence/researchers-explore-outlook-phishing-techniques
source https://www.darkreading.com/threat-intelligence/researchers-explore-outlook-phishing-techniques
Lack of Patching Leaves 300,000 Routers at Risk for Attack
A significant percentage of the 2 million consumer and small-business routers produced by a Latvian firm are vulnerable and being used by attackers, a security firm says.
Show HN: The App Fair – a free native app distribution platform for macOS https://ift.tt/3ya9Dlw
Show HN: The App Fair – a free native app distribution platform for macOS https://ift.tt/3EEOeTV December 9, 2021 at 04:52PM
Lack of Patching Leaves 300,000 Routers at Risk for Attack
A significant percentage of the 2 million consumer and small-business routers produced by a Latvian firm are vulnerable and being used by attackers, a security firm says.
source https://www.darkreading.com/attacks-breaches/lack-of-patching-leaves-300-000-routers-at-risk-for-attack
source https://www.darkreading.com/attacks-breaches/lack-of-patching-leaves-300-000-routers-at-risk-for-attack
Thursday, December 9, 2021
Zscaler Extends Zero Trust Exchange Platform to Deliver Zero Trust for Workloads
Solution secures cloud-to-Internet, cloud-to-cloud, cloud-to-data center, and intra-cloud communications.
How to Stop Hackers From Turning Your Systems Against You
Cybercriminals are increasingly adopting "living-off-the-land’ techniques, leveraging commonly used tools to fly under the radar of conventional detection tools. But with AI, thousands of organizations have regained the upper hand.
source https://www.darkreading.com/dr-tech/how-to-stop-hackers-from-turning-your-systems-against-you
source https://www.darkreading.com/dr-tech/how-to-stop-hackers-from-turning-your-systems-against-you
Claroty Raises $400M More, Acquires Healthcare IoT Security Firm Medigate
Industrial control systems security firm reaches $635M in funding with this Series E round.
source https://www.darkreading.com/iot/claroty-raises-400m-more-acquires-healthcare-iot-security-firm-medigate
source https://www.darkreading.com/iot/claroty-raises-400m-more-acquires-healthcare-iot-security-firm-medigate
Newly Found Authentication Flaws Highlight Dangers of Coding From Scratch
Two vulnerabilities in a call-center software suite could allow an attacker to take over the application server, researchers found.
Newly Found Authentication Flaws Highlight Dangers of Coding From Scratch
Two vulnerabilities in a call-center software suite could allow an attacker to take over the application server, researchers found.
source https://www.darkreading.com/application-security/authentication-flaws-highlight-dangers-of-coding-from-scratch
source https://www.darkreading.com/application-security/authentication-flaws-highlight-dangers-of-coding-from-scratch
Claroty Raises $400M More, Acquires Healthcare IoT Security Firm Medigate
Industrial control systems security firm reaches $635M in funding with this Series E round.
Tuesday, December 7, 2021
Defending Against the Use of Deepfakes for Cyber Exploitation
Deepfakes are increasingly concerning because they use AI to imitate human activities and can be used to augment social engineering attacks.
SolarWinds Attackers Spotted Using New Tactics, Malware
One year after the disruptive supply-chain attacks, researchers have observed two new clusters of activity from the Russia-based actors that signal a significant threat may be brewing.
from Threatpost https://ift.tt/31BuHp9
via gqrds
from Threatpost https://ift.tt/31BuHp9
via gqrds
Subscribe to:
Posts (Atom)