Thursday, March 31, 2022
Zero-Day Vulnerability Discovered in Java Spring Framework
A proof-of-concept exploit allows remote compromises of Spring Web applications.
source https://www.darkreading.com/application-security/zero-day-vulnerability-discovered-in-java-spring-framework
source https://www.darkreading.com/application-security/zero-day-vulnerability-discovered-in-java-spring-framework
Zero-Day Vulnerability Discovered in Java Spring Framework
A proof-of-concept exploit allows remote compromises of Spring Web applications.
Show HN: Nanojob.com – Micro Task Job Board https://ift.tt/vcAiPRa
Show HN: Nanojob.com – Micro Task Job Board https://ift.tt/OzBQq1o March 30, 2022 at 10:40PM
Wednesday, March 30, 2022
Understanding Private 5G LANs in the Enterprise
As the technology matures and costs begin to drop, 5G LAN looks more like a realistic replacement for corporate Wi-Fi networks.
source https://www.darkreading.com/emerging-tech/understanding-private-5g-lans-in-the-enterprise
source https://www.darkreading.com/emerging-tech/understanding-private-5g-lans-in-the-enterprise
Understanding Private 5G LANs in the Enterprise
As the technology matures and costs begin to drop, 5G LAN looks more like a realistic replacement for corporate Wi-Fi networks.
Private Equity Firm Led by Mnuchin Acquires Mobile Security Vendor Zimperium
Liberty Strategic Capital to pay $525 million for mobile security vendor.
Private Equity Firm Led by Mnuchin Acquires Mobile Security Vendor Zimperium
Liberty Strategic Capital to pay $525 million for mobile security vendor.
source https://www.darkreading.com/remote-workforce/private-equity-firm-led-by-mnuchin-acquires-mobile-security-vendor-zimperium
source https://www.darkreading.com/remote-workforce/private-equity-firm-led-by-mnuchin-acquires-mobile-security-vendor-zimperium
Show HN: Microsoft 365 License Optimizer https://ift.tt/DcglK62
Show HN: Microsoft 365 License Optimizer https://ift.tt/lcW6t23 March 29, 2022 at 11:05PM
Tuesday, March 29, 2022
Triton Malware Still Targeting Energy Firms
The FBI's latest Private Industry Notification warns the energy sector that the group behind Triton is still up to no good.
source https://www.darkreading.com/attacks-breaches/triton-malware-still-targeting-energy-firms
source https://www.darkreading.com/attacks-breaches/triton-malware-still-targeting-energy-firms
Triton Malware Still Targeting Energy Firms
The FBI's latest Private Industry Notification warns the energy sector that the group behind Triton is still up to no good.
Show HN: Zen (YC S21) – Posture correction software via webcam (free Beta) https://ift.tt/AHPje5w
Show HN: Zen (YC S21) – Posture correction software via webcam (free Beta) https://ift.tt/GYFU3gO March 29, 2022 at 12:57AM
Show HN: Java library to help create and manage your garden https://ift.tt/wzKny8e
Show HN: Java library to help create and manage your garden https://ift.tt/CptXAhc March 28, 2022 at 11:07PM
Show HN: A Better Alternative to the AWS Console https://ift.tt/4Y2Wbnz
Show HN: A Better Alternative to the AWS Console Hey HN: Kaveh here, the founder of https://www.usage.ai/ We launched a new free tool to help engineers understand their AWS spend. Why? Because the way it's done now is a pain. DevOps and Software Engineers end up end up becoming cloud accountants or end up forking over a big % of their AWS bill for a tool to understand costs rather than focusing on business problems. Previous to founding Usage, I worked on high-performance computing research at JP Morgan Chase and as a software engineer at a number of smaller startups. Here's how this new tool works: It's fully self-serve and free to use. You connect a limited-access IAM role (read-only + ability to manage RIs and SPs). You'll see cost reduction recommendations on the Recommendations tab, your active and utilization status on the Plans tab, and the ability to splice-and-dice your data on the Instance Search page via Filters. We make money off of a 20% Savings Fee. If you choose not to let Usage optimize your spend, you'll never need to spend money on Usage. Happy to chat directly kaveh@usage.ai Have you experienced any issues with managing your company or organization's AWS expenses? We'd love to hear your feedback and ideas! Blog post: https://ift.tt/bEUsqcZ Try free: www.usage.ai March 28, 2022 at 08:00PM
Monday, March 28, 2022
Show HN: Dark Mahjong (Mouse, Desktop) https://ift.tt/qD1iv59
Show HN: Dark Mahjong (Mouse, Desktop) https://ift.tt/w4yZtzA March 28, 2022 at 06:30AM
Show HN: Go Networking Library Using Generics https://ift.tt/gXlbLoI
Show HN: Go Networking Library Using Generics https://ift.tt/4zW2KjC March 28, 2022 at 05:17AM
Show HN: A work-in-progress simulator for the Facit C1-13 mechanical calculator https://ift.tt/tE4VXuM
Show HN: A work-in-progress simulator for the Facit C1-13 mechanical calculator https://ift.tt/6lcreBJ March 28, 2022 at 02:42AM
Show HN: pg_plan_guarantee – Postgres Query Optimizer Hints, on Steroids. https://ift.tt/YchntrO
Show HN: pg_plan_guarantee – Postgres Query Optimizer Hints, on Steroids. https://ift.tt/ZzNFLXM March 28, 2022 at 02:04AM
Show HN: I'm Writing a Free Book Called Computer Networks from Scratch https://ift.tt/dzXM4wG
Show HN: I'm Writing a Free Book Called Computer Networks from Scratch https://ift.tt/t0G6WHe March 28, 2022 at 12:32AM
Show HN: Free Hosted JupyerLab with GPU https://ift.tt/t7Oys3B
Show HN: Free Hosted JupyerLab with GPU Hi, This is Dan and Genevieve from Burstable AI. We've iterated and made a 45 degree pivot, taking what we learned from developing burst ( https://ift.tt/X7J6Fc2 ) to introduce a cloud service that provides access to a GPU-enabled machine using Jupyterlab to provide notebooks, shell access, and a code/text editor. GPU access is measured and the first 50 hours are free. This is *not* a platform to do crypto mining or run weeks of model training for free. We are focused on the R & D phase of modern AI/ML, where developers/scientists are iterating, testing, and measuring results. We are running a beta program with a few seats left to get feedback and constructive directions for how to make Cloudburst a killer environment for modern exploratory AI/ML research, whether you are a high-school student hacking on the weekend, a small team at a startup, or a consultant building ML pipelines for SmB's (or some other user story we haven't thought of yet). Presently, signup is through your github account. If you have questions, please email us at beta@cloudburst.host. Thanks to all our beta folks! https://cloudburst.host March 28, 2022 at 12:06AM
Show HN: Boredle – play Wordle using the words on any webpage https://ift.tt/AaqSPEz
Show HN: Boredle – play Wordle using the words on any webpage https://ift.tt/OWdKU1l March 27, 2022 at 10:30PM
Sunday, March 27, 2022
Show HN: Random access noise – counter-based pseudo-random number generator https://ift.tt/JcQo04M
Show HN: Random access noise – counter-based pseudo-random number generator https://ift.tt/HQ07zP5 March 24, 2022 at 10:08AM
Show HN: Npx sequentially-generate-planet-mbtiles |low hdware world vector tiles https://ift.tt/AIf5EmX
Show HN: Npx sequentially-generate-planet-mbtiles |low hdware world vector tiles https://ift.tt/mpS7G9n March 27, 2022 at 04:13AM
Show HN: Engineerfriendly.com – get referrals and find engineers to refer https://ift.tt/fQqERKo
Show HN: Engineerfriendly.com – get referrals and find engineers to refer https://ift.tt/f0le8kC March 27, 2022 at 01:06AM
Show HN: Reverse engineering GitHub's identicon algorithm https://ift.tt/ylZNWTu
Show HN: Reverse engineering GitHub's identicon algorithm https://ift.tt/QMblSYT March 27, 2022 at 02:13AM
Show HN: BringRSS – RSS/Atom Newsreader https://ift.tt/21JxApg
Show HN: BringRSS – RSS/Atom Newsreader https://ift.tt/n8lIaKx March 27, 2022 at 01:00AM
Saturday, March 26, 2022
Show HN: Memorize-Up Made with React https://ift.tt/sHWK9dk
Show HN: Memorize-Up Made with React https://ift.tt/2rESMOW March 26, 2022 at 08:05AM
Show HN: Quickgres.js, 430 LoC pipelined PostgreSQL client library https://ift.tt/pVvD4wI
Show HN: Quickgres.js, 430 LoC pipelined PostgreSQL client library https://ift.tt/KjHPoe7 March 26, 2022 at 07:49AM
Show HN: How to create an echo server with Pipy proxy https://ift.tt/KgP8nqs
Show HN: How to create an echo server with Pipy proxy In this part of tutorial, you will learn how dynamic content can be made in responses from a Pipy program. You will also tast a bit of how variables work in Pipy. Takeaways Filter parameters are only evaluated once so they have a "static" value at runtime. To make them "dynamic", they need to be functions that output dynamic values. Global variables have isolated states between concurrent pipelines. One of the builtin global variables is __inbound, which contains address/port information about the current incoming connection. More details, please refer to [https://ift.tt/S2nI0Ej] March 26, 2022 at 06:45AM
Show HN: Snabl – a practical embedded Lisp in C++ https://ift.tt/lt5OWre
Show HN: Snabl – a practical embedded Lisp in C++ https://ift.tt/2uiHwUW March 26, 2022 at 03:10AM
Show HN: How to enable the Hyper key on Linux https://ift.tt/3yP7su1
Show HN: How to enable the Hyper key on Linux https://ift.tt/f8PjWgN March 26, 2022 at 12:00AM
Friday, March 25, 2022
Russian Nationals Indicted for Epic Triton/Trisis and Dragonfly Cyberattacks on Energy Firms
Four Russian government employees were charged by the DoJ for attack campaigns targeting hundreds of energy sector companies and organizations in 135 countries, including the US.
Downloaders Currently the Most Prevalent Android Malware
Of the top 10 Trojans targeting Android devices, downloaders and infostealers accounted for 87% of detections in February, Bitdefender says.
Russian Nationals Indicted for Epic Triton/Trisis and Dragonfly Cyberattacks on Energy Firms
Four Russian government employees were charged by the DoJ for attack campaigns targeting hundreds of energy sector companies and organizations in 135 countries, including the US.
source https://www.darkreading.com/attacks-breaches/russian-state-sponsored-hackers-behind-epic-trisis-attack-indicted-for-targeting-energy-firms
source https://www.darkreading.com/attacks-breaches/russian-state-sponsored-hackers-behind-epic-trisis-attack-indicted-for-targeting-energy-firms
Downloaders Currently the Most Prevalent Android Malware
Of the top 10 Trojans targeting Android devices, downloaders and infostealers accounted for 87% of detections in February, Bitdefender says.
source https://www.darkreading.com/edge-threat-monitor/downloaders-currently-the-most-prevalent-android-malware
source https://www.darkreading.com/edge-threat-monitor/downloaders-currently-the-most-prevalent-android-malware
Ransomware Payments, Demands Rose Dramatically in 2021
New data pulled from incident response cases by Unit 42 shows cyber-extortion attacks jumped by 85%.
Thursday, March 24, 2022
Show HN: Webapp to generate colorful QR codes https://ift.tt/kZoVPEX
Show HN: Webapp to generate colorful QR codes https://sqr.co/qr/url March 24, 2022 at 12:51AM
Show HN: Bezier Curve Generator from Letters https://ift.tt/NwcQgnm
Show HN: Bezier Curve Generator from Letters Hello, This is a web app that lets you generate some bezier curves that you can then paste into your vector editor and practise tracing. It is a MVP. Feedback welcome, thanks, Enzo https://ift.tt/TcnrPQA March 24, 2022 at 12:40AM
Show HN: Collection Of Billion Dollar Startup Pitch Decks https://ift.tt/2WbRDFa
Show HN: Collection Of Billion Dollar Startup Pitch Decks https://ift.tt/jd6RBDy March 23, 2022 at 11:30PM
Show HN: Reactirator, a desktop app to create and manage React.js applications https://ift.tt/3hHLxSE
Show HN: Reactirator, a desktop app to create and manage React.js applications https://ift.tt/iajRIMx March 23, 2022 at 11:13PM
Wednesday, March 23, 2022
Show HN: Vault – Sports bet data aggregation app https://ift.tt/qTofeNY
Show HN: Vault – Sports bet data aggregation app Hey HN, this is Caleb and Zach, we co-founded Vault after realizing how behind the times consumer-facing tech was in the sports betting industry. After creating various products and prototypes for sports bettors for most of 2020 (many with little/no success), in early 2021 we realized a key problem that sports bettors faced... Most of them were tracking their bets, ROI, and net profit using Excel tables or other forms of manual entry. Gaining inspiration from fintech apps such as Intuit Mint and CoPilot, both of which link with your financial accounts and aggregate your data, we created Vault. An app that links with a bettor's sportsbooks (i.e. DraftKings, BetMGM, Caesars) and aggregates that data. Would love to hear your thoughts, and feel free to reach out to Zach and I at info@vaultsportshq.com https://ift.tt/v7h4yi2 March 23, 2022 at 12:22AM
Show HN: Scrt – A secret manager for the command line https://ift.tt/8NLqfYh
Show HN: Scrt – A secret manager for the command line https://ift.tt/iBGhK7Y March 23, 2022 at 12:08AM
Security Teams Need to Investigate the Okta Breach Themselves
Trust, but verify. While organizations wait for official alerts and notifications from Okta, security teams should also begin their own investigations to determine whether they have been exposed.
source https://www.darkreading.com/edge-articles/security-teams-need-to-investigate-the-okta-breach-themselves
source https://www.darkreading.com/edge-articles/security-teams-need-to-investigate-the-okta-breach-themselves
Security Teams Need to Investigate the Okta Breach Themselves
Trust, but verify. While organizations wait for official alerts and notifications from Okta, security teams should also begin their own investigations to determine whether they have been exposed.
Ransomware Group Claims Major Okta Breach
Screenshots that ransomware gang Lapsus$ released this week suggest the threat actor also stole Microsoft source code.
source https://www.darkreading.com/attacks-breaches/ransomware-group-s-claim-that-it-hacked-okta-prompts-concerns-of-another-solarwinds
source https://www.darkreading.com/attacks-breaches/ransomware-group-s-claim-that-it-hacked-okta-prompts-concerns-of-another-solarwinds
Ransomware Group Claims Major Okta Breach
Screenshots that ransomware gang Lapsus$ released this week suggest the threat actor also stole Microsoft source code.
Tuesday, March 22, 2022
Show HN: Speech2Code – Code with Voice https://ift.tt/fervKEM
Show HN: Speech2Code – Code with Voice Hey all, Last year I attempted to build an assistive voice programming tool as part of my undergraduate dissertation in CS. Speech2Code offers support for the basic features of the JavaScript language, accepts commands in both English and Portuguese, integrates well with the VSCode editor, and also works on the browser. Hope you like, thanks! https://ift.tt/iyIXoxM March 21, 2022 at 11:36PM
Show HN: Party Banner for iOS https://ift.tt/5lkSmDB
Show HN: Party Banner for iOS Hey HN! Today marks the official launch of Party Banner for iPhone and iPad. Even with digital signage on the rise, we often tend to neglect one of the center focal points of our living and office spaces... the TV. Looking for a way to utilize this otherwise empty canvas, Party Banner takes every special occasion to the next level with premium digital banners that help decorate your space. Please share your thoughts on the app, and any banner designs you would like to see in future updates. Thanks, and party on! March 21, 2022 at 11:07PM
Binarly Coordinates Patches for 3 Firmware Flaws With Dell
The latest three memory corruption flaws in Dell BIOS highlights the challenges of fixing firmware vulnerabilities.
source https://www.darkreading.com/dr-tech/binarly-coordinates-patches-for-3-firmware-flaws-with-dell
source https://www.darkreading.com/dr-tech/binarly-coordinates-patches-for-3-firmware-flaws-with-dell
ForAllSecure Raises $21M to Secure the World’s Software
Strong demand for application security that supports DevSecOps initiatives drives investment from Koch Disruptive Technologies and New Enterprise Associates.
source https://www.darkreading.com/application-security/forallsecure-raises-21m-to-secure-the-world-s-software
source https://www.darkreading.com/application-security/forallsecure-raises-21m-to-secure-the-world-s-software
ForAllSecure Raises $21M to Secure the World’s Software
Strong demand for application security that supports DevSecOps initiatives drives investment from Koch Disruptive Technologies and New Enterprise Associates.
Show HN: A Firefox addon that groups tabs by privacy container in the sidebar https://ift.tt/ENxAa8F
Show HN: A Firefox addon that groups tabs by privacy container in the sidebar https://ift.tt/rzT9au5 March 21, 2022 at 10:05PM
Monday, March 21, 2022
Show HN: ZeroAcquire – Sell, buy and discover pre-revenue side projects https://ift.tt/8nmjLgX
Show HN: ZeroAcquire – Sell, buy and discover pre-revenue side projects https://ift.tt/ga9wlO6 March 21, 2022 at 02:48PM
Show HN: Search Domain and Username in the same place https://ift.tt/RCAB183
Show HN: Search Domain and Username in the same place https://ift.tt/UEKQWMx March 21, 2022 at 11:40AM
Show HN: Mindscape.pub (Collaborative mind-mapping) https://ift.tt/SLVUs3M
Show HN: Mindscape.pub (Collaborative mind-mapping) https://ift.tt/srYUQlq March 21, 2022 at 08:48AM
Show HN: Open-Source 3D Location-Based Wireless Mesh Network https://ift.tt/gJrRply
Show HN: Open-Source 3D Location-Based Wireless Mesh Network I've decided to open source the project I've been working on called Hyperspace. Hyperspace is a suite of software implementing a wireless mesh network for IoT devices. My main requirements are listed on my repo but I'll copy them here. 1. The mesh shall enable nodes to route packets amongst themselves. 2. The mesh shall allow nodes with limited power to participate in routing packets. 3. The mesh shall be IPv6 based. 4. The mesh shall be local. I.E. not require connection to a remote server. 5. The mesh should provide 3D location to nodes in the network. Nodes use the Decawave DW1000 UWB radio to transmit and receive data, and to measure distances to other nodes. Location can be determined with enough distance measurements (see the documentation for more details). The implementation is pretty primitive at the moment. The border router server and the iOS app are super basic and have very little in terms of actual functionality, but the core ideas are there. I'm not happy with the state of smart home devices. I don't like it when a manufacturer shuts down a key server and bricks a bunch of devices. I don't like it when devices don't interoperate. Therefore, I've decided to open source this project in the hopes that it gains traction and that we can work on creating better IoT devices together. https://ift.tt/RZ7n8yq March 21, 2022 at 01:45AM
Show HN: I built a platform for projects to find maintainers https://ift.tt/96NawgZ
Show HN: I built a platform for projects to find maintainers A few days ago, someone I follow asked the community for help maintaining his side-project, 512kb.club. This got me thinking. There are loads of maintainers out there feeling burnt out, but they can't abandon their project since people are depending on the project to be maintained. In an effort to combat this, I built a website that lists projects looking for new maintainers. It's still quite empty and has some rough edges. Any feedback is very welcome! https://ift.tt/WJTEGrY March 20, 2022 at 10:32PM
Sunday, March 20, 2022
Show HN: A way for a teacher to see all student answers in real-time https://ift.tt/1NwSRto
Show HN: A way for a teacher to see all student answers in real-time https://answer-fox.com/ March 20, 2022 at 02:10PM
Show HN: Open-Source Alternative to Intercom https://ift.tt/PVNLfRE
Show HN: Open-Source Alternative to Intercom https://ift.tt/g4HnTAv March 20, 2022 at 02:02PM
Show HN: Typebeat: Keyboard-controlled music sequencer, sampler, and synth https://ift.tt/KVPufMS
Show HN: Typebeat: Keyboard-controlled music sequencer, sampler, and synth https://ift.tt/toTNU3c March 20, 2022 at 02:23PM
Show HN: A program that predicts the best Fantasy F1 teams https://ift.tt/I7gNrqF
Show HN: A program that predicts the best Fantasy F1 teams https://ift.tt/pXHDZLT March 20, 2022 at 12:06PM
Show HN: I made a CLI tool that turns pixels into emojis https://ift.tt/rf4xb1F
Show HN: I made a CLI tool that turns pixels into emojis https://ift.tt/lqHJj7S March 20, 2022 at 03:55AM
Show HN: Shuz – Easy close-quarters messaging, with help from QR codes https://ift.tt/yfiKjtg
Show HN: Shuz – Easy close-quarters messaging, with help from QR codes https://shuz.vercel.app March 20, 2022 at 01:32AM
Show HN: Transcrib, a speech-to-text Android app for WhatsApp voice notes https://ift.tt/FTy752r
Show HN: Transcrib, a speech-to-text Android app for WhatsApp voice notes Hi, I made a subscription based Android app to transcribe and read WhatsApp voice notes, supporting all the most common languages. It can be tried for free for 3 days, I'd love to get some feedback! https://ift.tt/epdtM6H March 19, 2022 at 07:00PM
Saturday, March 19, 2022
Half of Orgs Use Web Application Firewalls to Paper Over Flaws
WAFs remain a popular backfill for complex and fraught patch management.
Code-Sabotage Incident in Protest of Ukraine War Exposed Open Source Risks
The maintainer of a widely used npm module served up an unwelcome surprise for developers.
Show HN: Edrys – an open-source remote teaching platform https://ift.tt/IdwBhpV
Show HN: Edrys – an open-source remote teaching platform https://ift.tt/gZFlnKB March 18, 2022 at 11:57PM
Show HN: Vocal, like Loom, but less complicated https://ift.tt/7lFMY3u
Show HN: Vocal, like Loom, but less complicated https://ift.tt/1xmjPkw March 18, 2022 at 10:50PM
Friday, March 18, 2022
6 Reasons Not to Pay Ransomware Attackers
Paying a ransom might appear to be the best option, but it comes with its own costs.
6 Reasons Not to Pay Ransomware Attackers
Paying a ransom might appear to be the best option, but it comes with its own costs.
source https://www.darkreading.com/attacks-breaches/-6-reasons-not-to-pay-ransomware-attackers
source https://www.darkreading.com/attacks-breaches/-6-reasons-not-to-pay-ransomware-attackers
ThreatMapper Updated With New Scanning Tools
ThreatMapper 1.3.0 features secret scanning and the ability to enumerate a software bill of materials (SBOM) at runtime to help secure serverless, Kubernetes, container and multi-cloud environments.
source https://www.darkreading.com/dr-tech/threatmapper-updated-with-new-scanning-tools
source https://www.darkreading.com/dr-tech/threatmapper-updated-with-new-scanning-tools
ThreatMapper Updated With New Scanning Tools
ThreatMapper 1.3.0 features secret scanning and the ability to enumerate a software bill of materials (SBOM) at runtime to help secure serverless, Kubernetes, container and multi-cloud environments.
Multiple Automotive Manufacturers Infected With Emotet
Telemetry from industrial systems security firm Dragos has spotted the malware command-and-control servers communicating with several automotive manufacturer systems.
Show HN: Infinite radio dramas and audio plays https://ift.tt/EbdtxV6
Show HN: Infinite radio dramas and audio plays https://ift.tt/lcuT2h9 March 17, 2022 at 10:50PM
Show HN: Dezbor.com – Create Dashboard with No-Code https://ift.tt/GRSZ40P
Show HN: Dezbor.com – Create Dashboard with No-Code https://dezbor.com March 17, 2022 at 07:46PM
Thursday, March 17, 2022
Show HN: Plaraphy – Paraphrasing API and Tool for Free https://ift.tt/pqdmMOw
Show HN: Plaraphy – Paraphrasing API and Tool for Free https://plaraphy.com March 16, 2022 at 11:24PM
CSC Unveils 3D Domain Monitoring Solution on DomainSec Platform
Continuing CSC research indicates over 70% of brand-specific domains are fake.
source https://www.darkreading.com/risk/csc-unveils-3d-domain-monitoring-solution-on-domainsec-platform
source https://www.darkreading.com/risk/csc-unveils-3d-domain-monitoring-solution-on-domainsec-platform
VPNs Give Russians an End Run Around Censorship
As the invasion of Ukraine continues, Russian citizens have turned to virtual private networks — boosting demand for the software by 27x — to circumvent the government's blocks on social media and news sites critical of the war.
source https://www.darkreading.com/threat-intelligence/vpns-give-russians-an-end-run-around-censorship
source https://www.darkreading.com/threat-intelligence/vpns-give-russians-an-end-run-around-censorship
Microsoft the No. 1 Most-Spoofed Brand in Phishing Attacks
New Barracuda Networks data shows attackers sent some 3 million emails from around 12,000 pilfered accounts.
What the Newly Signed US Cyber-Incident Law Means for Security
Bipartisan cybersecurity legislation comes amid increased worries over ransomware, and fears of cyberattacks from Russia in the wake of its invasion of Ukraine.
VPNs Give Russians an End Run Around Censorship
As the invasion of Ukraine continues, Russian citizens have turned to virtual private networks — boosting demand for the software by 27x — to circumvent the government's blocks on social media and news sites critical of the war.
Wednesday, March 16, 2022
Show HN: An actually useful collection of design resources https://ift.tt/Dcqz4W3
Show HN: An actually useful collection of design resources https://ift.tt/3daYhBP March 16, 2022 at 02:07AM
Show HN: Sortes Alearum – a web emulator for an ancient Roman dice oracle https://ift.tt/iQzAV43
Show HN: Sortes Alearum – a web emulator for an ancient Roman dice oracle https://ift.tt/6iqas5g March 15, 2022 at 10:10PM
The NICE Framework at Work - Use Cases from Industry
Speakers: Daniel Eliot Senior Outreach and Engagement Strategist National Cybersecurity Center of Excellence Moderator Karen Wetzel Manager of the NICE Framework National Initiative for Cybersecurity Education Chelsea Smethurst Senior Security
from NIST Events https://ift.tt/MVdBa1b
https://ift.tt/MVdBa1b https://ift.tt/oM0V8jO via IFTTT
from NIST Events https://ift.tt/MVdBa1b
https://ift.tt/MVdBa1b https://ift.tt/oM0V8jO via IFTTT
The NICE Framework at Work - Use Cases from Industry
Speakers: Daniel Eliot Senior Outreach and Engagement Strategist National Cybersecurity Center of Excellence Moderator Karen Wetzel Manager of the NICE Framework National Initiative for Cybersecurity Education Chelsea Smethurst Senior Security Via NIST Events https://ift.tt/7urLzli
Private Equity Firm Snaps Up RSA Conference
Crosspoint Capital Partners, along with Clearlake Capital Group and Symphony Technology Group, are setting up RSA Conference as a separate company from RSA Security.
source https://www.darkreading.com/risk/private-equity-firm-snaps-up-rsa-conference
source https://www.darkreading.com/risk/private-equity-firm-snaps-up-rsa-conference
Private Equity Firm Snaps Up RSA Conference
Crosspoint Capital Partners, along with Clearlake Capital Group and Symphony Technology Group, are setting up RSA Conference as a separate company from RSA Security.
Show HN: Inbox World - Read something not controlled by billionaires https://ift.tt/HLgwCNV
Show HN: Inbox World - Read something not controlled by billionaires Version 2.1, totally revamped based on feedback — includes leaderboards by topic, latest posts, and an experiment with a serendipitous Twitter bot. All feedback welcome. https://inboxworld.io/ March 15, 2022 at 09:36PM
Tuesday, March 15, 2022
Secureworks Adds Hands-on-Keyboard-Detector to Taegis Platform
Detector helps prevent, detect, and respond to advanced threats with automation, machine learning, and threat intelligence.
CISA Hosts Eighth Cyber Storm Exercise With More than 200 Organizations
Participants across the globe worked together to respond to a simulated significant cyber incident impacting critical infrastructure.
Show HN: npm install actual-malware https://ift.tt/PhNBdvz
Show HN: npm install actual-malware Our package registry ecosystem has a serious problem... and not just npm. People are aware of this but maybe this will make them a bit more aware https://ift.tt/Nuy4JQb March 15, 2022 at 12:10AM
Domain Codex Launches New Search Engine Tool for Researching Domain Intelligence
Domain Codex allows users to search more than 370 million Internet domain names and associated data.
Monday, March 14, 2022
Show HN: HN Avatars in 357 bytes https://ift.tt/X3eRxqg
Show HN: HN Avatars in 357 bytes Paste the following into the console of any HN page - for annotated avatars on all HN comments. (self contained code) for(u of document.querySelectorAll('.hnuser'))for(u.prepend(c=document.createElement('canvas')),x=c.getContext('2d'),c.width=18,c.height=14,s=u.innerText,r=1,i=28+s.length;i--;i<28?r>>>29>X*X/3+Y/2&&x.fillRect(6+2*X,2*Y,2,2)&x.fillRect(6-2*X,2*Y,2,2):r+=s.charCodeAt(i-28,x.fillStyle='#'+(r>>8&0xFFFFFF).toString(16)))r^=r<<13,r^=r>>>17,r^=r<<5,X=i&3,Y=i>>2 March 14, 2022 at 05:08AM
Show HN: A Wordle clone made in Google Sheets https://ift.tt/KyuvFj7
Show HN: A Wordle clone made in Google Sheets https://ift.tt/FwsSEul March 14, 2022 at 01:42AM
Show HN: SmoothWAN a simple home internet bonding router using Speedify https://ift.tt/Kcsm89Y
Show HN: SmoothWAN a simple home internet bonding router using Speedify https://ift.tt/3ilIvHP March 14, 2022 at 12:09AM
Show HN: VS Code Extension to Document Code https://ift.tt/Rlr8oyF
Show HN: VS Code Extension to Document Code https://ift.tt/aPDJivW March 13, 2022 at 11:18PM
Sunday, March 13, 2022
Show HN: RSS404 – Automatically convert web page to RSS without any code.[Demo] https://ift.tt/7FbQIwl
Show HN: RSS404 – Automatically convert web page to RSS without any code.[Demo] https://ift.tt/OYuHenz March 13, 2022 at 03:10PM
Show HN: Version controlled IETF RFCs (draft,RFC,errata,ABNF) https://ift.tt/IMNElZq
Show HN: Version controlled IETF RFCs (draft,RFC,errata,ABNF) https://ift.tt/74o31HE March 13, 2022 at 02:58PM
Show HN: Self-hosted service for creating random avatars https://ift.tt/D5hOGjn
Show HN: Self-hosted service for creating random avatars https://ift.tt/PvXa5w0 March 13, 2022 at 01:30PM
Show HN: French Republican Calendar based on equinoxes https://ift.tt/vHdDhNJ
Show HN: French Republican Calendar based on equinoxes https://frcal.qt.ax/ March 13, 2022 at 08:19AM
Show HN: lcdb – LevelDB Implemented in C https://ift.tt/qInvS1t
Show HN: lcdb – LevelDB Implemented in C https://ift.tt/Td9aNSx March 13, 2022 at 04:30AM
Show HN: I made my personal website a minigame using Phaser 3 https://ift.tt/VJl9IZS
Show HN: I made my personal website a minigame using Phaser 3 Repo here: https://ift.tt/GOtTKLx https://ift.tt/eJZDrFv March 13, 2022 at 03:30AM
Saturday, March 12, 2022
Show HN: Gratitude Journal prompts to your inbox, on your schedule https://ift.tt/JVPEOwl
Show HN: Gratitude Journal prompts to your inbox, on your schedule https://ift.tt/JprnBNA March 11, 2022 at 11:07PM
The Fight Against the Hydra: New DDoS Report from Link11
Complexity and number of attacks increased again.
Show HN: Phoenix PVM-Based Virtual Machine Monitors https://ift.tt/3ThgmNl
Show HN: Phoenix PVM-Based Virtual Machine Monitors https://ift.tt/uPsB3Eq March 9, 2022 at 05:38PM
When IT Spending Plans Don't Reflect Security Priorities
Data shows a disconnect between what decisionmakers consider top endpoint security priorities and how they focus their budget.
source https://www.darkreading.com/tech-trends/when-it-spending-plans-don-t-reflect-security-priorities
source https://www.darkreading.com/tech-trends/when-it-spending-plans-don-t-reflect-security-priorities
The Fight Against the Hydra: New DDoS Report from Link11
Complexity and number of attacks increased again.
source https://www.darkreading.com/attacks-breaches/the-fight-against-the-hydra-new-ddos-report-from-link11-
source https://www.darkreading.com/attacks-breaches/the-fight-against-the-hydra-new-ddos-report-from-link11-
How Enterprises Can Get Used to Deploying AI for Security
It's important to take a "trust journey" to see how AI technology can benefit an organization's cybersecurity.
Friday, March 11, 2022
Over 40% of Log4j Downloads Are Vulnerable Versions of the Software
The data point is a reminder of why fixing the widespread vulnerability will take a long time.
source https://www.darkreading.com/vulnerabilities-threats/three-months-later-41-of-log4j-downloads-are-of-vulnerable-versions
source https://www.darkreading.com/vulnerabilities-threats/three-months-later-41-of-log4j-downloads-are-of-vulnerable-versions
Security Teams Prep Too Slowly for Cyberattacks
Training and crisis scenarios find that defenders take months, not days, to learn about the latest attack techniques, exposing organizations to risk.
Show HN: Asmle – Wordle in 512 Bytes https://ift.tt/Itd73oJ
Show HN: Asmle – Wordle in 512 Bytes https://ift.tt/GsDShFM March 10, 2022 at 08:33PM
Security Teams Prep Too Slowly for Cyberattacks
Training and crisis scenarios find that defenders take months, not days, to learn about the latest attack techniques, exposing organizations to risk.
source https://www.darkreading.com/risk/security-teams-prep-too-slowly-for-cyberattacks
source https://www.darkreading.com/risk/security-teams-prep-too-slowly-for-cyberattacks
Show HN: Multi-Layer CSS Gradient Generator https://ift.tt/GxXshCf
Show HN: Multi-Layer CSS Gradient Generator https://ift.tt/qdFmtYW March 10, 2022 at 05:16PM
Thursday, March 10, 2022
Show HN: tiptop https://ift.tt/rIhivX8
Show HN: tiptop https://ift.tt/sdZ4yJ8 March 9, 2022 at 11:30PM
FBI Alert: Ransomware Attacks Hit Critical Infrastructure Organizations
Bureau releases indicators of compromise for the RagnarLocker ransomware that has hit 10 different critical infrastructure sectors.
APT41 Spies Broke Into 6 US State Networks via a Livestock App
The China-affiliated state-sponsored threat actor used Log4j and zero-day bugs in the USAHerds animal-tracking software to hack into multiple government networks.
from Threatpost https://ift.tt/aDVg350
via gqrds
from Threatpost https://ift.tt/aDVg350
via gqrds
FBI Alert: Ransomware Attacks Hit Critical Infrastructure Organizations
Bureau releases indicators of compromise for the RagnarLocker ransomware that has hit 10 different critical infrastructure sectors.
source https://www.darkreading.com/attacks-breaches/fbi-alert-ransomware-attacks-hit-critical-infrastructure-organizations
source https://www.darkreading.com/attacks-breaches/fbi-alert-ransomware-attacks-hit-critical-infrastructure-organizations
The Cloud-Native Opportunity for Zero Trust
Cloud workload protection delivers on the promise of zero trust for virtual machines, containers, and serverless architectures across the application life cycle.
Show HN: I wrote a good React book / website https://ift.tt/8dkVpIs
Show HN: I wrote a good React book / website Pre-covid, I was traveling full time to teach ReactJS to corporate clients. My students (mostly developers at banks and insurance companies) would ask me 'What's a good React book?' and I would struggle to recommend something, knowing that all the books sucked or were really out of date. When all my face-to-face training work dried up and I really didn't want to do online training, I magically got a contract to write a book. I started by reading all of the best-selling books on React, and, yeah, they were all really out of date, incomplete, or just wrong. As I started writing what I hoped would be a really good React book, I also wanted the website to be something useful and a notch above a typical book website. So, I tried to have working examples of the code listings on the site and to organize them in a way that would make them useful for when I started teaching again, or for anyone who doesn't want to buy a book and just wants to see how things are done. The book just came out today! The website isn't perfect or done, but here it is: https://ift.tt/QeYSvkf . How'd I do? March 9, 2022 at 11:10PM
Wednesday, March 9, 2022
TAC Security Launches ESOF Phish Infielder Tool to Help Organizations Prevent Phishing Attacks
Available through TAC Security’s new ESOF® VMDR Next Generation Vulnerability and Risk Management Platform.
TAC Security Launches ESOF Phish Infielder Tool to Help Organizations Prevent Phishing Attacks
Available through TAC Security’s new ESOF® VMDR Next Generation Vulnerability and Risk Management Platform.
source https://www.darkreading.com/vulnerabilities-threats/tac-security-launches-esof-phish-infielder-tool-to-help-organizations-prevent-phishing-attacks
source https://www.darkreading.com/vulnerabilities-threats/tac-security-launches-esof-phish-infielder-tool-to-help-organizations-prevent-phishing-attacks
Show HN: I'm working on an open-source self-hostable GitHub Gist https://ift.tt/iyDlaQs
Show HN: I'm working on an open-source self-hostable GitHub Gist https://ift.tt/PIxsaFb March 8, 2022 at 11:32PM
Tuesday, March 8, 2022
CardinalOps Raises $17.5M Series A for Threat Coverage Optimization
CardinalOps takes on the challenge of identifying and remediating riskiest gaps in threat detection coverage, powered by AI and crowd-sourced best practices.
ConnectWise Expands Collaboration with Intel to Further Strengthen Cybersecurity for SMBs
Combined technology mitigates loss with improved detection of ransomware and cryptojacking attacks.
source https://www.darkreading.com/threat-intelligence/connectwise-expands-collaboration-with-intel-to-further-strengthen-cybersecurity-for-smbs
source https://www.darkreading.com/threat-intelligence/connectwise-expands-collaboration-with-intel-to-further-strengthen-cybersecurity-for-smbs
ConnectWise Expands Collaboration with Intel to Further Strengthen Cybersecurity for SMBs
Combined technology mitigates loss with improved detection of ransomware and cryptojacking attacks.
Samsung Source Code Compromised in Hack
Mobile vendor confirms that some source code used with its Galaxy devices was breached.
source https://www.darkreading.com/attacks-breaches/samsung-source-code-compromised-in-hack
source https://www.darkreading.com/attacks-breaches/samsung-source-code-compromised-in-hack
Samsung Source Code Compromised in Hack
Mobile vendor confirms that some source code used with its Galaxy devices was breached.
Monday, March 7, 2022
Show HN: Tradle – Guess the Country by Their Exports https://ift.tt/LFrBeNH
Show HN: Tradle – Guess the Country by Their Exports https://ift.tt/ebzQ9Fl March 7, 2022 at 07:38AM
Show HN: Jamn.io (social media structured as a weighted directed graph) https://ift.tt/D9LsVpt
Show HN: Jamn.io (social media structured as a weighted directed graph) https://www.jamn.io/ March 7, 2022 at 07:11AM
Ukraine Fallout: Connectivity and Cloud Services Access in Flux
Independently, companies and service providers have taken different actions that are impacting Russian connectivity and access to services.
Show HN: I made a simple web game called Survival Pong https://ift.tt/yjGbrCi
Show HN: I made a simple web game called Survival Pong https://ift.tt/jYfX9Tz March 7, 2022 at 01:38AM
Show HN: I made a mobile-first Prolog editor https://ift.tt/zqWRXek
Show HN: I made a mobile-first Prolog editor https://ift.tt/eP1iJXj March 7, 2022 at 12:44AM
Sunday, March 6, 2022
Show HN: I made a FastApi CRUD API generator for SqlAlchemy model/table https://ift.tt/nM39VeS
Show HN: I made a FastApi CRUD API generator for SqlAlchemy model/table https://ift.tt/dU8JEOj March 6, 2022 at 11:51AM
Show HN: Xordle, a Wordle variant I made https://ift.tt/93whXCJ
Show HN: Xordle, a Wordle variant I made i forked hello-wordl to put together this wordle variant there's two secret words rather than one, they don't share any letters in common, and your clues will be green if they're green in either word, yellow if yellow in either word, grey otherwise i find it pretty hard, my friends seem to be pretty good at it though https://ift.tt/cyYNlGU March 5, 2022 at 10:25PM
Show HN: I made a website that encourages you to write more often https://ift.tt/S9rKVCc
Show HN: I made a website that encourages you to write more often https://writemore.io/ March 6, 2022 at 06:24AM
Show HN: An SQL Builder in Rust https://ift.tt/bIvgD5B
Show HN: An SQL Builder in Rust Hi guys. I just write an SQL builder. I want to know what you think. https://ift.tt/lyve7P5 March 6, 2022 at 04:28AM
Show HN: Windows XP Themed Mastodon Instance https://ift.tt/CuUtysw
Show HN: Windows XP Themed Mastodon Instance https://ift.tt/Tw3zckK March 5, 2022 at 09:31PM
Show HN: FUSE Filesystem for Manipulating Minecraft https://ift.tt/K9hcLq7
Show HN: FUSE Filesystem for Manipulating Minecraft https://ift.tt/50gjTcm March 5, 2022 at 09:11PM
Saturday, March 5, 2022
Vade Releases 2021 Phishers' Favorites Report
Vade's annual phishing report reveals a sharp rise in Facebook phishing and growing sophistication in Microsoft phishing attacks.
Show HN: I made Wordle but for kids spelling lists https://ift.tt/3BriJeE
Show HN: I made Wordle but for kids spelling lists https://ift.tt/CdaJW46 March 4, 2022 at 07:16PM
Vade Releases 2021 Phishers' Favorites Report
Vade's annual phishing report reveals a sharp rise in Facebook phishing and growing sophistication in Microsoft phishing attacks.
source https://www.darkreading.com/risk/vade-releases-2021-phishers-favorites-report
source https://www.darkreading.com/risk/vade-releases-2021-phishers-favorites-report
Friday, March 4, 2022
Show HN: RateYourRecruiter.dev https://ift.tt/qdjoAul
Show HN: RateYourRecruiter.dev Tech recruiting and interviewing sucks. So I created https://ift.tt/74Pot0c to hold recruiters to account. The elevator pitch reads: Interviewing for a role in a highly sought after tech company is broken. Recruiters have incentive to get as many people in for interviews, with little to none (or incorrect) information. Questions often have little to do with on-the-job responsibilities, and are rarely communicated to recruiting and back to the candidate. By having a more transparent process is not only more equitable, but will lead to greater success for candidates and recruiters. RateYourRecruiter.dev aims at demystifying the recruiting and tech interview process. March 4, 2022 at 06:34AM
Show HN: Granular Authorization and Access Control System Based on OPA https://ift.tt/GNHj4JE
Show HN: Granular Authorization and Access Control System Based on OPA https://ift.tt/NS1sR2c March 4, 2022 at 01:24AM
Accelerated Ransomware Attacks Pressure Targeted Companies to Speed Response
Threat actors have focused on two ends of the spectrum — quick, impactful attacks or stealthy intrusions — making strong prevention and faster response more important for enterprises.
Accelerated Ransomware Attacks Pressure Targeted Companies to Speed Response
Threat actors have focused on two ends of the spectrum — quick, impactful attacks or stealthy intrusions — making strong prevention and faster response more important for enterprises.
source https://www.darkreading.com/risk/accelerated-ransomware-attacks-pressure-targeted-companites-to-speed-response
source https://www.darkreading.com/risk/accelerated-ransomware-attacks-pressure-targeted-companites-to-speed-response
Accelerated Ransomware Attacks Pressure Targeted Companies to Speed Response
Threat actors have focused on two ends of the spectrum — quick, impactful attacks or stealthy intrusions — making strong prevention and faster response more important for enterprises.
Show HN: Surfboard – CodeSandbox for Arduino https://ift.tt/FNM8eSQ
Show HN: Surfboard – CodeSandbox for Arduino https://sfbd.is/ March 3, 2022 at 11:15PM
Thursday, March 3, 2022
Salt Security State of API Security Report Reveals API Attacks Increased 681% in the Last 12 MonthsP
Key findings show API attack traffic grew at more than twice the rate of non-malicious traffic, and API security concerns are inhibiting innovation for two-thirds of organizations.
Show HN: A 1980s-arcade-style invaders game made with HTML5, Canvas, Web Audio https://ift.tt/RknzXuv
Show HN: A 1980s-arcade-style invaders game made with HTML5, Canvas, Web Audio https://ift.tt/blRQKfX March 2, 2022 at 10:52PM
Salt Security State of API Security Report Reveals API Attacks Increased 681% in the Last 12 MonthsP
Key findings show API attack traffic grew at more than twice the rate of non-malicious traffic, and API security concerns are inhibiting innovation for two-thirds of organizations.
source https://www.darkreading.com/application-security/salt-security-state-of-api-security-report-reveals-api-attacks-increased-681-in-the-last-12-months
source https://www.darkreading.com/application-security/salt-security-state-of-api-security-report-reveals-api-attacks-increased-681-in-the-last-12-months
Wednesday, March 2, 2022
Cyberattacks in Ukraine Soon Could Spill Over to Other Countries
Email-borne attacks out of Russia have already targeted at least a few US and European organizations.
source https://www.darkreading.com/attacks-breaches/cyberattacks-in-ukraine-could-soon-spillover-to-other-countries
source https://www.darkreading.com/attacks-breaches/cyberattacks-in-ukraine-could-soon-spillover-to-other-countries
IRONSCALES Expands Product Offering Across Email, Communication Platforms
New solutions protect customers from expanding threats to cybersecurity landscape.
source https://www.darkreading.com/endpoint/ironscales-expands-product-offering-across-email-communication-platforms
source https://www.darkreading.com/endpoint/ironscales-expands-product-offering-across-email-communication-platforms
Darktrace Forms New U.S. Federal Division to Assist With Global Cyberthreats
Sally Kenyon Grant has been appointed as VP of Darktrace Federal, leading initiatives supporting U.S. government cybersecurity operations.
source https://www.darkreading.com/attacks-breaches/darktrace-forms-new-u-s-federal-division-to-assist-with-global-cyberthreats
source https://www.darkreading.com/attacks-breaches/darktrace-forms-new-u-s-federal-division-to-assist-with-global-cyberthreats
IRONSCALES Expands Product Offering Across Email, Communication Platforms
New solutions protect customers from expanding threats to cybersecurity landscape.
Darktrace Forms New U.S. Federal Division to Assist With Global Cyberthreats
Sally Kenyon Grant has been appointed as VP of Darktrace Federal, leading initiatives supporting U.S. government cybersecurity operations.
Why the Shifting Nature of Endpoints Requires a New Approach to Security
Endpoints have evolved, and legacy defenses aren't doing enough to keep them secure.
Subscribe to:
Posts (Atom)