What's Your AppSec Personality?

It's time to decide which role to play to best serve your organization's security needs: an auditor, a lawyer, or a developer.

Show HN: Calculator for US Individual Income tax, from 1970-present https://ift.tt/E9XYGVZ

Show HN: Calculator for US Individual Income tax, from 1970-present I wanted to share a simple web app I created recently, which lets you estimate income taxes owed in the US: https://taxsim.app All the calculations occur directly in the browser, and are powered by a Fortran program that has been converted to WASM using emscripten. This calculator was originally developed in the 1970s [1] by the non-profit National Bureau of Economic Research. NBER has been maintaining this F77 codebase for the last 50 years, and uses it primarily for academic research on tax policy. The Fortran source code itself is over 1MB of text, because it codifies both federal and all 50 states' tax laws for each of the last 62 years. I first learned about NBER TAXSIM [2] a few months ago via an interesting paper they published "Automatic Tax Filing: Simulating a Pre-Populated Form 1040" [3]. The Fortran code itself is not open-source, but is available on request for research purposes. I reached out to NBER and proposed compiling it to WASM, so it could be run directly in a browser. With relatively little effort I was able to create a js/wasm version [4], thanks in huge part to previous open-source work [5]. This WASM build now powers https://taxsim.app, which is my attempt to create an interactive UI to allow for easier exploration of the US tax code. Specific tax scenarios can also be shared easily, by simply copying the browser URL. The code for this webapp is also open-source [6]. This was my first time experimenting with WASM, and I am already a huge fan. Not only was I able to take a 60 year old codebase and get it working on every modern browser and device, this work is also now benefiting the academic community. For example, the js/wasm can be run directly in V8, which means it can also now be run locally within R using libv8 [7]. Previously most researchers were uploading their tax scenarios to NBER's servers via ftp/ssh/http. [1] https://ift.tt/yc3qRAY [2] https://ift.tt/RMoqzyC [3] https://ift.tt/zCBfw97 [4] https://ift.tt/XDbhYP1 [5] https://ift.tt/KDebJf8 [6] https://ift.tt/malZ3pM [7] https://ift.tt/cRWwZ50 June 30, 2022 at 12:22AM

What's Your AppSec Personality?

It's time to decide which role to play to best serve your organization's security needs: an auditor, a lawyer, or a developer.

source https://www.darkreading.com/edge-articles/what-s-your-appsec-personality-

Telecom Industry Takes the Workforce Challenge to Staff Internet-for-All Broadband Rollout

Demand for skilled staff is sky high, but not supply, for the largest-ever U.S. infrastructure effort. Associations, carriers, and vendors look to fill the staffing gap as spending on fiber broadband climbs.

Show HN: Sudopad – Private link sharing board for friends https://ift.tt/FLyXJWs

Show HN: Sudopad – Private link sharing board for friends https://sudopad.com June 30, 2022 at 12:06AM

RDNA3 might feature AMD's answer to Tensor Cores #wanitaxigo

Samsung could begin mass production of 3nm chips as soon as this week #wanitaxigo

Sony Inzone M9 Review: 4K HDR Gaming #wanitaxigo

AMD Ryzen 6000 gains USB 4 support via with chipset drivers #wanitaxigo

Arm unveils mobile GPU with hardware ray tracing #wanitaxigo

Facebook Business Pages Targeted via Chatbot in Data-Harvesting Campaign

The clever, interactive phishing campaign is a sign of increasingly complex social-engineering attacks, researchers warn.

Show HN: The Fastest Slider library for high performance websites https://ift.tt/PxbIsoe

Show HN: The Fastest Slider library for high performance websites https://ift.tt/e2NiTsP June 28, 2022 at 11:12PM

Facebook Business Pages Targeted via Chatbot in Data-Harvesting Campaign

The clever, interactive phishing campaign is a sign of increasingly complex social-engineering attacks, researchers warn.

source https://www.darkreading.com/attacks-breaches/facebook-business-pages-chatbot-data-harvesting-campaign

Show HN: Flookup – Data cleaning by fuzzy matching https://ift.tt/UOTswZa

Show HN: Flookup – Data cleaning by fuzzy matching Hello HN! It has been about three years since I launched this current iteration of my Google Sheets add-on called Flookup. I'm a solo developer and, currently, I handle absolutely everything to do with Flookup from writing code, designing the user interface, replying support emails and even marketing. It is quite a lot of work but very satisfying when I see how helpful it has been to my userbase. Before Flookup, there was only one prominent Google Sheets add-on that could be used for data cleaning (to a certain degree) but, luckily for men, it had left a gap in its functionality that I was very glad to fill. To develop Flookup, I had to write a new algorithm from the ground up in order to make it more useful to my userbase. Originally, this userbase comprised me and a small team at an organisation I was working for but, today, that number has grown to at least 10,000 Daily Active Users all over the world (except Antarctica). What is Flookup? It is an add-on that uses fuzzy matching algorithms to power its data cleaning functions. Flookup's functions allow you to match or merge tables without worrying about how uniform your data is. You can also highlight and remove duplicates even if the text contains typos, punctuations marks or spelling differences. So, today, I'm inviting you to try it out and let me know what you think... here is the link: > https://ift.tt/ctdOyDe Your free trial is free and unlimited. Thank you; I hope you like it! June 28, 2022 at 11:07PM

Federal, State Agencies' Aid Programs Face Synthetic Identity Fraud

Balancing public service with fraud prevention requires rule revisions and public trust.

Federal, State Agencies' Aid Programs Face Synthetic Identity Fraud

Balancing public service with fraud prevention requires rule revisions and public trust.

source https://www.darkreading.com/edge-articles/federal-state-agencies-aid-programs-face-synthetic-identity-fraud

LockBit 3.0 Debuts with Ransomware Bug Bounty Program

LockBit 3.0 promises to 'Make Ransomware Great Again!' with a side of cybercrime crowdsourcing.

source https://www.darkreading.com/threat-intelligence/lockbit-3-debut-bug-bounty-program

LockBit 3.0 Debuts with Ransomware Bug Bounty Program

LockBit 3.0 promises to 'Make Ransomware Great Again!' with a side of cybercrime crowdsourcing.

Security researchers detail Hermit spyware on Android and iOS #wanitaxigo

Show HN: [NSFW] Diffusion models for porn generation https://ift.tt/VgkEFfC

Show HN: [NSFW] Diffusion models for porn generation https://ift.tt/r4Rz1Sx June 27, 2022 at 11:08PM

Show HN: AI powered food ingredient analysis for healthier shopping https://ift.tt/Tgs9Rcj

Show HN: AI powered food ingredient analysis for healthier shopping Itsmyfood is a Calorie Counter App that encourages healthy eating with Food Additive Library for healthy grocery shopping and a meal planner to make healthy meal plans. Users can access the AI-powered food ingredient analysis by simply scanning a barcode. available at https://ift.tt/cmnEJDF https://ift.tt/s1MSvkP June 27, 2022 at 03:02PM

Trivia: How much did the first CD recorder cost? #wanitaxigo

New to PC Game Pass? 10 Pro Tips to Get You Started #wanitaxigo

Show HN: Rapidly Develop CRUD Web Apps with Locode https://ift.tt/gr1F3bt

Show HN: Rapidly Develop CRUD Web Apps with Locode https://www.locode.dev June 27, 2022 at 01:04PM

Show HN: Yboard is a multiplayer desktop-like workspace based on CRDT https://ift.tt/qRr06mB

Show HN: Yboard is a multiplayer desktop-like workspace based on CRDT I've always been curious about real-time multiplayer user interfaces. When I found out about CRDTs and Yjs[1] I thought they could serve as a solid base for a project like that. So I built this pretty simple desktop-like UI (heavily inspired by lifeat.io) and used Yjs to replicate the whole UI state among multiple peers, creating the experience of a unique interface. Try online: https://yboard.lol [1]: https://ift.tt/qsJ0Pyg https://ift.tt/Uen3DS8 June 27, 2022 at 10:33AM

Show HN: A framebuffer console viewer, pure Go https://ift.tt/ZRGEdJP

Show HN: A framebuffer console viewer, pure Go Another Sunday afternoon project: add some pizzaz to your boring bare metal or virtual machine consoles! Written as a single Go binary; no dependencies. https://ift.tt/HdiI7ay As usual, feedback please! June 27, 2022 at 02:16AM

Show HN: A Working Nintendo Gameboy Backpack https://ift.tt/qX15s4b

Show HN: A Working Nintendo Gameboy Backpack https://www.youtube.com/watch?v=hdD7AtGhssI June 27, 2022 at 12:46AM

Show HN: Isthisabearmarket.com https://ift.tt/4ynfNwP

Show HN: Isthisabearmarket.com Hey HN! Here's a quick sideproject that I've been working on for the last week The market downturn got me thinking about stock price APIs and how I could use them, overall I had a lot of fun writing this up https://ift.tt/75Po1Ss June 26, 2022 at 10:57PM

Show HN: I have been creating a tool to analyse blockchain data https://ift.tt/eqA8DSI

Show HN: I have been creating a tool to analyse blockchain data I have been creating a tool to analyse blockchain data side by side (in beta). Currently we support 6 coins with more coming, also more data points. you can add any data block from any supported coin to your personal blockpage. All components you can drag and drop. If you are into streaming I have created a green screen option so you can use these data blocks as a overlay for video creation. Desktop view is the best experience at the minute as mobile is still in dev. Site is in beta bugs still knocking about but it would be nice to get an opinion on the site and what people would want to see https://ift.tt/oZ9vbOV https://ift.tt/oZ9vbOV June 26, 2022 at 04:02PM

Microsoft warns of increased Russian cyberattacks on countries supporting Ukraine #wanitaxigo

Show HN: Particles – the URL contains the whole program code https://ift.tt/ipF7KJo

Show HN: Particles – the URL contains the whole program code https://ift.tt/Kq8HR0A June 26, 2022 at 03:07PM

Show HN: Tone v0.0.4 – now hackable command line audio tagger, any feedback? https://ift.tt/JWtAv0b

Show HN: Tone v0.0.4 – now hackable command line audio tagger, any feedback? Hey HN, I just wanted to show the progress on my little (maybe useless) side project called tone[1] to get some qualified feedback. tone is a cross plattform command line audio tagger deployed as a single static binary without dependencies, so a wget should be enough to install on any platform (seems not to work on M1 Macs atm... if someone can help here I would really appreciate it). Features: - Supports most common formats (mp3, m4a, flac, ape, etc.) - Most common AND custom metadata fields - Chapter support - Embeddable pictures - Hackable (write your own taggers with scripting language) Thanks and have fun. [1]: https://ift.tt/lijSzFu June 26, 2022 at 01:07AM

Show HN: Medots – Cross-platform tool to deploy dot files https://ift.tt/JedNuIi

Show HN: Medots – Cross-platform tool to deploy dot files https://ift.tt/GATEokD June 26, 2022 at 01:01AM

Show HN: Product Analytics in SQL with dbt https://ift.tt/jFcs8T6

Show HN: Product Analytics in SQL with dbt Hey everyone! Like many data analysts and engineers, I love SQL and the dbt ecosystem. So it bothers me that we have to use separate tools for product analytics. We do our transformations, BI work, and ad-hoc queries in SQL, but when it's time to look at funnels and flows, we have to use (and procure) a separate platform like Mixpanel or Amplitude. This dbt package is a (very rough) start at fixing that. With it, you can create event streams and run funnel analyses via dbt[0]. More features like flows and retention are coming soon! But I'm mostly curious how you all are doing product analytics right now. Are you using a dedicated tool like Amplitude? What could be better? Do you want to do product analytics in SQL in the warehouse or would you rather it live somewhere else? Would love to get your thoughts, and thanks for taking a look! --- 0. (and soon, with dbt Server, in your favorite BI tool or SQL client): https://www.youtube.com/watch?v=MdSMSbQxnO0&ab_channel=dbt https://ift.tt/C0GDNFc June 25, 2022 at 10:23PM

Threat Intelligence Services Are Universally Valued by IT Staff

Most of those surveyed are concerned about AI-based attacks and deepfakes, but suggest that their organization is ready.

Show HN: Coldbrew – A Web GUI for Homebrew Cask https://ift.tt/YHAPjXb

Show HN: Coldbrew – A Web GUI for Homebrew Cask https://ift.tt/pJv1Sdg June 24, 2022 at 11:20PM

Threat Intelligence Services Are Universally Valued by IT Staff

Most of those surveyed are concerned about AI-based attacks and deepfakes, but suggest that their organization is ready.

source https://www.darkreading.com/tech-trends/threat-intelligence-services-are-universally-valued-by-it-staff

Why We're Getting Vulnerability Management Wrong

Security is wasting time and resources patching low or no risk bugs. In this post, we examine why security practitioners need to rethink vulnerability management.

source https://www.darkreading.com/vulnerabilities-threats/why-we-re-getting-vulnerability-management-wrong

Why We're Getting Vulnerability Management Wrong

Security is wasting time and resources patching low or no risk bugs. In this post, we examine why security practitioners need to rethink vulnerability management.

Official Intel Arc A730 and A770M benchmarks suggest RTX 3050 Ti, RTX 3060-like performance #wanitaxigo

Show HN: Domfetch.com - free tool to find expired domains with history https://ift.tt/7ioEJDa

Show HN: Domfetch.com - free tool to find expired domains with history We have finally launched Domfetch! Domfetch is a free platform to find expired domains. Users can search through domains that are (almost) available for registration. We enrich these domains with extra data to help users find valuable domains. We created this tool because we found the (free) alternatives lacking certain data, such as Moz, Alexa history (we check 5 years of data) & search volume history over a period of 1 year. Let us know what you think! More features and tld's will be added in the near future. https://domfetch.com June 24, 2022 at 02:16PM

Show HN: Brave Goggle that upranks news sources that are politically centrist https://ift.tt/v6Wj25F

Show HN: Brave Goggle that upranks news sources that are politically centrist https://ift.tt/PJTcQBh June 24, 2022 at 05:45AM

Show HN: Lexman Artificial Podcast https://ift.tt/HM3ODsE

Show HN: Lexman Artificial Podcast https://lexman.rocks June 24, 2022 at 12:10AM

Gigabyte's RTX 3060-powered Aorus 15 gaming laptop drops to $1,200 #wanitaxigo

Show HN: Nerd Crawler – we monitor original comic art sites so you don't have to https://ift.tt/ONh7CXn

Show HN: Nerd Crawler – we monitor original comic art sites so you don't have to I've been a fan of comics since I watched the X-Men Animated Series in the 90s, and I fell in love with collecting original comic art when I got my first Jim Lee sketch in high school. But, after missing out on some original comic art pieces because I didn't know when they were added for sale on websites, I decided to take it upon myself to make an app that monitors original comic art sites and emails/texts you when new art drops. It's called Nerd Crawler and I'm building it myself so there might be some bugs but I'm hoping it helps comic art collectors. It works with over 40 original comic art websites like Albert Moy (Jim Lee's art dealer), Cadence Comic Art, Artcoholics, a bunch of Big Cartel sites like Jim Cheung / Jason Fabok / Dustin Nguyen, Greg Capullo Art, Skottie Young, and more. It's free to try @ https://ift.tt/yrYhOLk , and you can upgrade to a paid plan if you want text messages alerts or want to check sites every 10 minutes or 1 minute. From a technical standpoint, my tech stack is: - Ruby on Rails - Hosted on Heroku - Emails sent by Mailgun - Texts sent by Twilio - Images hosted on Cloudinary - Credit card charging handled by Stripe and the new, low-code Stripe Checkout The minimum viable product was built in about a week with minor bug fixes and new features added weekly. If you have any feedback, have art sites you wanted added, or questions, let me know! https://ift.tt/yrYhOLk June 24, 2022 at 01:10AM

Show HN: request_migrations – request and response migrations for Rails APIs https://ift.tt/lrdcy8n

Show HN: request_migrations – request and response migrations for Rails APIs https://ift.tt/O62VeHS June 24, 2022 at 12:43AM

Show HN: Translating DOOM from C to V via C2V, building under 1s and running it https://ift.tt/7r9SpvL

Show HN: Translating DOOM from C to V via C2V, building under 1s and running it https://www.youtube.com/watch?v=6oXrz3oRoEg June 24, 2022 at 12:22AM

Steam Summer Sale launches with thousands of discounted games #wanitaxigo

Show HN: Shopify's headless commerce stack now GA (Hydrogen and Oxygen) https://ift.tt/4eSQ8Z0

Show HN: Shopify's headless commerce stack now GA (Hydrogen and Oxygen) https://ift.tt/TxYR9NG June 23, 2022 at 01:28AM

Show HN: Pragmatic Formal Modeling (Tutorial series with runnable examples) https://ift.tt/vPlSnah

Show HN: Pragmatic Formal Modeling (Tutorial series with runnable examples) Formal modeling is a mathematical approach for designing and checking correctness of software systems. It focuses on standard software engineering and distributed systems problems of the sort programmers face every day. It takes a pragmatic engineering approach: each problem starts with UML diagrams, design decisions and sometimes even a requirements document. We work through how to get from a whiteboard design to an initial mathematical model. Then we refine it based on logical errors found by the model checker, which return with a level of detail unheard of in a standard debugger. Formal modeling is a skill every engineer should have in their toolbox. All the examples are downloadable, and their is a quick setup section at the start. Additionally, there is an explorable model error debugger build right into the website. https://ift.tt/JYdvQSq June 22, 2022 at 08:43PM

Microsoft 365 Users in US Face Raging Spate of Attacks

A voicemail-themed phishing campaign is hitting specific industry verticals across the country, bent on scavenging credentials that can be used for a range of nefarious purposes.

Show HN: Crocodile - Better code review for GitHub https://ift.tt/gf8XFUr

Show HN: Crocodile - Better code review for GitHub Hi HN! I've been working on a code review app for GitHub called Crocodile for about a year. I used to work at Microsoft where we used a tool called CodeFlow for reviewing code and I missed it after I left. I know many other ex-Microsoft engineers feel the same. Here are some of the distinguishing features of Crocodile that are inspired by CodeFlow: * Comments float above the code instead of being inline. Long discussions that are displayed inline make it really hard to review the code. * Comment on any text selection in the file, even a single character. * Comments don't get lost when code changes. I hate it when comments become "outdated" because I rebase or the line is edited. I also implemented lots of features that I wish CodeFlow had which you can read more about on the blog. [1] For those curious about the tech stack: it's mostly written in Go with Alpine.js, HTMX, and Tailwind CSS for the frontend. For storage I use PostgreSQL, S3 compatible object storage, and Redis for caching. I use Pulumi for infrastructure provisioning and Kubernetes deployments. Everything is hosted on DigitalOcean. Feedback is welcome! [1] https://ift.tt/TJuFXdn https://ift.tt/AyKXU5s June 22, 2022 at 11:07PM

80% of Legacy MSSP Users Planning MDR Upgrade

False positives and staff shortages are inspiring a massive managed detection and response (MDR) services migration, research finds.

source https://www.darkreading.com/risk/legacy-mssp-users-planning-mdr-upgrade

Microsoft 365 Users in US Face Raging Spate of Attacks

A voicemail-themed phishing campaign is hitting specific industry verticals across the country, bent on scavenging credentials that can be used for a range of nefarious purposes.

source https://www.darkreading.com/remote-workforce/microsoft-office-365-users-raging-spate-attacks

Intel Arc A380 gaming performance disappoints in early review #wanitaxigo

Synopsys Completes Acquisition of WhiteHat Security

Addition of WhiteHat Security provides Synopsys with SaaS capabilities and dynamic application security testing (DAST) technology.

VPNs Persist Despite Zero-Trust Fervor

Most organizations still rely on virtual private networks for secure remote access.

source https://www.darkreading.com/remote-workforce/vpns-persist-despite-zero-trust-fervor

VPNs Persist Despite Zero-Trust Fervor

Most organizations still rely on virtual private networks for secure remote access.

China-Linked ToddyCat APT Pioneers Novel Spyware

ToddyCat's Samurai and Ninja tools are designed to give attackers persistent and deep access on compromised networks, security vendor says.

source https://www.darkreading.com/attacks-breaches/china-linked-toddycat-apt-pioneers-novel-spyware

RIG Exploit Kit Replaces Raccoon Stealer Trojan With Dridex

After the Raccoon Stealer Trojan disappeared, the RIG Exploit Kit seamlessly adopted Dridex for credential theft.

source https://www.darkreading.com/attacks-breaches/rig-exploit-kit-replaces-raccoon-stealer-trojan-with-dridex

Fall Guys goes free-to-play with crossplay after Epic acquisition #wanitaxigo

China-Linked ToddyCat APT Pioneers Novel Spyware

ToddyCat's Samurai and Ninja tools are designed to give attackers persistent and deep access on compromised networks, security vendor says.

RIG Exploit Kit Replaces Raccoon Stealer Trojan With Dridex

After the Raccoon Stealer Trojan disappeared, the RIG Exploit Kit seamlessly adopted Dridex for credential theft.

Crossplay between Steam and Epic enabled by new dev tools #wanitaxigo

Show HN: Figr.app – a real time, multi-user, notepad style calculator https://ift.tt/W4M2ARI

Show HN: Figr.app – a real time, multi-user, notepad style calculator https://www.figr.app June 21, 2022 at 03:10AM

Show HN: Open-source library to trace code executed per HTTP request https://ift.tt/PVq6Q4u

Show HN: Open-source library to trace code executed per HTTP request https://ift.tt/u8cXpP2 June 21, 2022 at 01:50AM

Capital One Attacker Exploited Misconfigured AWS Databases

After bragging in underground forums, the woman who stole 100 million credit applications from Capital One has been found guilty.

Show HN: Into the Futureverse https://ift.tt/UtglHZB

Show HN: Into the Futureverse https://ift.tt/sQ0HiC6 June 21, 2022 at 12:11AM

Capital One Attacker Exploited Misconfigured AWS Databases

After bragging in underground forums, the woman who stole 100 million credit applications from Capital One has been found guilty.

source https://www.darkreading.com/attacks-breaches/capital-one-attacker-exploited-misconfigured-aws-databases

Show HN: Just – Zero Config TypeScript Development Tool https://ift.tt/K73fhlr

Show HN: Just – Zero Config TypeScript Development Tool I built a cli tool that gets you started with TypeScript development with zero config. Initially created to solve my own problem but thought it might be useful for others as well. - SWC compiler - TypeScript type check support - Live reload support - .env file support - Path alias support - Typescript script runner - REPL support Please tell me I am not going down a rabbit hole. https://ift.tt/NIKdAhY June 20, 2022 at 10:52PM

Show HN: Open-source structured data profiling library https://ift.tt/JIFjtDo

Show HN: Open-source structured data profiling library https://ift.tt/65iZ3Xm June 20, 2022 at 01:01PM

Show HN: Create Tours for Your GitHub Projects https://ift.tt/NuaTstE

Show HN: Create Tours for Your GitHub Projects https://ift.tt/C3dDtBr June 20, 2022 at 11:26AM

Show HN: An open source web crawler for the Mwmbl non-profit search engine https://ift.tt/biea9q7

Show HN: An open source web crawler for the Mwmbl non-profit search engine https://ift.tt/rh8eYaH June 20, 2022 at 11:18AM

Show HN: Bulletyn – custom email digests of Reddit, HN, and RSS https://ift.tt/ZCIw19u

Show HN: Bulletyn – custom email digests of Reddit, HN, and RSS http://bulletyn.co June 19, 2022 at 11:21PM

Show HN: StatusVista – An all-in-one status page of the systems you depend on https://ift.tt/IkE0T8x

Show HN: StatusVista – An all-in-one status page of the systems you depend on https://statusvista.com June 19, 2022 at 11:06PM

This $150 biodegradable keyboard has an Intel processor inside #wanitaxigo

Show HN: Effortless Authentication for Your Web Application https://ift.tt/jR7SJkd

Show HN: Effortless Authentication for Your Web Application Hey folks, Michael here. I have been working in this project on and of for about a year and a half and I finally got it into a state where I can share it. I initially started this project to learn Rust and afterwards decided to make it useful for others. Vulpo Auth is an authentication server that you can host yourself. The goal was to make it as easy as possible for you to get started and have a complete authentication solution without you having to configure anything. Project Website: https://auth.vulpo.dev The Project contains: - Auth Server (Rust) - Admin Dashboard - JS and react SDK - Prebuilt Web UI (currently react) (https://ift.tt/PQZXdk3) - rust SDK for rocket Some of the features: - Email and Password Auth - Passwordless Auth - Google Auth - Translateable Email Templates - Enable/Disable Sign In or Sign Up - Password Reset Flow - Update Email Flow There is still a lot to do, the code base is full of experimental ideas and there a bunch of things to clean up, but first I want to focus on writing documentation and guides before adding more features. Besides the missing documentation, what are you missing? June 19, 2022 at 08:08PM

Show HN: Assert: testing and assertion library on top of Go generics https://ift.tt/gw0taB9

Show HN: Assert: testing and assertion library on top of Go generics https://ift.tt/Dr7EOdo June 19, 2022 at 02:04PM

WhatsApp adds the ability to mute others on group calls, join calls in progress #wanitaxigo

Show HN: Dream Makers Community – What is your dream and what is stopping you https://ift.tt/43isG1O

Show HN: Dream Makers Community – What is your dream and what is stopping you Hey HN! Did a website to share what is your dream or what you want, and what is stopping you. That way the community can help you remove the obstacles to make the dream come true or that is the naive approach hehe. Imagine I should add users, a captcha, a mailer, more things, but it is a start. It is built with Rails and plain ERB with Bootstrap and the source code is at: https://ift.tt/6bvm7XA It is 100% inspired by the TED Talk by this lady https://www.youtube.com/watch?v=H2rG4Dg6xyI Hope you like it! https://ift.tt/htgL0fY June 19, 2022 at 04:05AM

Show HN: Control your Hyundai car with Python https://ift.tt/PqMkbIn

Show HN: Control your Hyundai car with Python https://ift.tt/FIjROLD June 19, 2022 at 01:45AM

Show HN: I have created something new to make your browsing experience enjoyable https://ift.tt/HwdIKy7

Show HN: I have created something new to make your browsing experience enjoyable https://ift.tt/KqiI0bU June 19, 2022 at 12:56AM

Show HN: Tickler: Go library to enqueue and process jobs in background https://ift.tt/OX43EDS

Show HN: Tickler: Go library to enqueue and process jobs in background https://ift.tt/7VY3Dk6 June 18, 2022 at 11:36PM

Show HN: hTorrent – A HTTP to BitTorrent gateway with seeking written in Go https://ift.tt/sibgDGw

Show HN: hTorrent – A HTTP to BitTorrent gateway with seeking written in Go Hey HN! I just released hTorrent, a gateway that allows for retrieving torrents through a plain HTTP interface. It supports seeking, which means that it can be used to stream media directly using e.g. MPV without having to wait for the download to complete. I'd love to get your feedback :) https://ift.tt/mpQVXkq June 18, 2022 at 01:02AM

Discord adds tools for moderators to automatically filter content #wanitaxigo

Show HN: Vulner – discover CVEs for packages installed by the portage https://ift.tt/Dp8nbtI

Show HN: Vulner – discover CVEs for packages installed by the portage https://ift.tt/2IBT9uo June 17, 2022 at 10:50PM

Show HN: A central bank simulator game with a realistic economic model https://ift.tt/m3FBXs7

Show HN: A central bank simulator game with a realistic economic model https://ift.tt/426iruf June 18, 2022 at 01:24AM

Show HN: Let's build an end-to-end encrypted data store https://ift.tt/9EbpqwO

Show HN: Let's build an end-to-end encrypted data store https://ift.tt/VSBWmi6 June 17, 2022 at 10:16PM

Ransomware and Phishing Remain IT's Biggest Concerns

Security teams — who are already fighting off malware challenges — are also facing renewed attacks on cloud assets and remote systems.

Show HN: Coding as Text Rewriting https://ift.tt/TwRNHUJ

Show HN: Coding as Text Rewriting https://ift.tt/SNIrXAO June 17, 2022 at 06:42PM

Apple faces new legal action in the UK around iPhone "Batterygate" #wanitaxigo

Internet Explorer Now Retired but Still an Attacker Target

Though the once-popular browser is officially now history as far as Microsoft support goes, adversaries won't stop attacking it, security experts say.

BlastWave Announces Enhancements to Its Zero-Trust Security Software Solution, BlastShield

Update allows BlastShield users to link with hybrid cloud network providers like AWS, Google, and the most recent addition, Azure, in one secure environment.

Show HN: Fortunately – Understand the tradeoffs of financial decisions https://ift.tt/ElwLOkx

Show HN: Fortunately – Understand the tradeoffs of financial decisions https://ift.tt/ySwv5tA June 17, 2022 at 12:19AM

3 Key Strategies for Securing the Software Supply Chain

Software supply chain attacks can use a single breach to target software components that can then affect multiple companies' applications.

The European smartphone market just experienced its worst Q1 in nearly a decade #wanitaxigo

Activision investigates itself and unsurprisingly finds no evidence of systemic harassment #wanitaxigo

Microsoft 365 Function Leaves SharePoint, OneDrive Files Open to Ransomware Attacks

SharePoint and OneDrive libraries can be encrypted in ransomware attack, researchers say.

Latest Windows update fixes "Follina" Microsoft Office vulnerability #wanitaxigo

Cisco’s Ash Devata on the Future of Secure Access

Ash Devata, Vice President & General Manager, Cisco Zero Trust and Duo Security, sits down with Dark Reading’sTerry Sweeney for a Fast Chat on the future of secure access.

7 Ways to Bring AI to Cybersecurity

Academic researchers are developing projects to apply AI to detect and stop cyberattacks and keep critical infrastructure secure, thanks to grants from C3.ai Digital Transformation Institute.

'Hertzbleed' Side-Channel Attack Threatens Cryptographic Keys for Servers

A novel timing attack allows remote attackers with low privileges to infer sensitive information by observing power-throttling changes in the CPU.

source https://www.darkreading.com/attacks-breaches/hertzbleed-side-channel-attack-cryptographic-keys-servers

Starfield players cannot actively pilot their ships to a planet's surface #wanitaxigo

'Hertzbleed' Side-Channel Attack Threatens Cryptographic Keys for Servers

A novel timing attack allows remote attackers with low privileges to infer sensitive information by observing power-throttling changes in the CPU.

Veterans Explain How Military Service Prepared Them for Cybersecurity Careers

The ability to handle intense pressure is just one of the skills that veterans bring to corporate cybersecurity work.

In Case You Missed RSA Conference 2022: A News Digest

Here's a rundown of Dark Reading's reporting and commentary from and surrounding the first in-person RSA Conference since the pandemic began in 2020.

In Case You Missed RSA Conference 2022: A News Digest

Here's a rundown of Dark Reading's reporting and commentary from and surrounding the first in-person RSA Conference since the pandemic began in 2020.

source https://www.darkreading.com/threat-intelligence/in-case-you-missed-it-what-went-down-at-rsa-conference-2022

You can move your WhatsApp data from Android to iPhone now #wanitaxigo

Microsoft Patches 'Follina' Zero-Day Flaw in Monthly Security Update

Here are which Microsoft patches to prioritize among the June Patch Tuesday batch.

Microsoft Patches 'Follina' Zero-Day Flaw in Monthly Security Update

Here are which Microsoft patches to prioritize among the June Patch Tuesday batch.

source https://www.darkreading.com/vulnerabilities-threats/microsoft-june-security-update-includes-patch-for-follina-zero-day-flaw

DDoS Subscription Service Operator Gets 2 Years in Prison

The distributed denial-as-a-service websites were behind more than 200K attacks on targets including schools and hospitals.

CISA Recommends Organizations Update to the Latest Version of Google Chrome

Google last week reported seven vulnerabilities in the browser, four of which it rated as high severity.

Show HN: My first website ever, just out of college (1999) https://ift.tt/kF6nrZQ

Show HN: My first website ever, just out of college (1999) https://ift.tt/L9DHVUz June 13, 2022 at 11:06PM

Addressing Mounting Ransomware Threats and Attacks with SASE

Ransomware's main weapon is lateral movement and infiltration within networks to capture valuable information. SASE can help prevent this.

Team up with creepers and zombies in 'Minecraft Legends,' arriving in 2023 #wanitaxigo

Kaiser Permanente Breach Exposes Data on 70K Patients

Employee email compromise potentially exposed patients' medical information, including lab test results and dates of services.

Show HN: How Box-Sizing Works https://ift.tt/plNHt3f

Show HN: How Box-Sizing Works https://ift.tt/Jz2vWwl June 13, 2022 at 10:55PM

Show HN: Display P3 exclusive Pantone colors https://ift.tt/AB2yrlV

Show HN: Display P3 exclusive Pantone colors https://ift.tt/g5Lfx3O June 13, 2022 at 09:00AM

Show HN: Stylepad – Free moodboards for creative professionals https://ift.tt/Cqx76Z4

Show HN: Stylepad – Free moodboards for creative professionals https://stylepad.io June 13, 2022 at 09:36AM

Show HN: Reddit search engine for startup founders https://ift.tt/a6J1Ovp

Show HN: Reddit search engine for startup founders https://ift.tt/CuSiEL9 June 13, 2022 at 05:14AM

Show HN: HJKL Trainer - Get used to HJKL Vim keybinds https://ift.tt/o1cwU5V

Show HN: HJKL Trainer - Get used to HJKL Vim keybinds https://ift.tt/iFAJXdH June 13, 2022 at 12:54AM

Show HN: Watercolor AI https://ift.tt/dv4tPLu

Show HN: Watercolor AI https://ift.tt/o2RfhVX June 13, 2022 at 12:47AM

Show HN: Cleanup Photos by Dragging Boxes https://ift.tt/PFhWck5

Show HN: Cleanup Photos by Dragging Boxes https://ift.tt/gQMnUAi June 13, 2022 at 12:23AM

Show HN: Howl – Share longer and richer content on Twitter https://ift.tt/pmueg7q

Show HN: Howl – Share longer and richer content on Twitter https://ift.tt/tnWihN7 June 12, 2022 at 10:58PM

Show HN: Cleanup – UI app to erase the hard disk (Lite Touch MDT installation) https://ift.tt/3IW5ywH

Show HN: Cleanup – UI app to erase the hard disk (Lite Touch MDT installation) https://ift.tt/xrgAwoX June 12, 2022 at 10:32AM

Show HN: The Lambdaway Project https://ift.tt/VO6tPYj

Show HN: The Lambdaway Project https://ift.tt/QYray4n June 12, 2022 at 09:48AM

Show HN: Building services on lambda should be easy and fun https://ift.tt/MkoF09h

Show HN: Building services on lambda should be easy and fun i had previously posted this when it was aws-rce. it’s changed enough that i want to post it again. https://ift.tt/ubzMwHS June 12, 2022 at 07:23AM

Show HN: Browser extension that spoofs your location data to match your VPN https://ift.tt/qdrvNt2

Show HN: Browser extension that spoofs your location data to match your VPN https://ift.tt/ZJNK36l June 12, 2022 at 05:10AM

Show HN: Album Rotation – Organize and visualize your favorite albums (desktop) https://ift.tt/Cv2c5XD

Show HN: Album Rotation – Organize and visualize your favorite albums (desktop) https://ift.tt/6BXVF8l June 12, 2022 at 04:50AM

Show HN: Generate images using DALL-E Mega and Mini https://ift.tt/oTZVeGU

Show HN: Generate images using DALL-E Mega and Mini https://ift.tt/gRcHqDT June 11, 2022 at 09:04PM

You can now try out Resident Evil Village in your internet browser for free #wanitaxigo

Show HN: The Amalgam Engine – Easily create isometric virtual worlds https://ift.tt/jWVprSP

Show HN: The Amalgam Engine – Easily create isometric virtual worlds https://ift.tt/t6La0ni June 11, 2022 at 11:41PM

Show HN: Big HN – Tiny Userscript to Increase Font Size on HN https://ift.tt/5dehwI0

Show HN: Big HN – Tiny Userscript to Increase Font Size on HN https://ift.tt/BeyWq1X June 11, 2022 at 12:20AM

Show HN: We Launched New Agro Coin https://ift.tt/HmjtB0a

Show HN: We Launched New Agro Coin We would love to know HN feedback on our MVP. Basically you can have your own farm. We had yield farming, this is real farming ;) Hopefully lots of HN member speak Spanish! https://ift.tt/yKzGQkL June 11, 2022 at 03:38AM

Show HN: A web-based sequencer where you can make, listen to, and share patterns https://ift.tt/vPdLO4f

Show HN: A web-based sequencer where you can make, listen to, and share patterns https://drawbeats.com/ June 11, 2022 at 12:30AM

Show HN: I built a tool to describe ~4.3B colors https://ift.tt/ZOhz0LJ

Show HN: I built a tool to describe ~4.3B colors A simple tool I made over the week to explore and learn about different colors. You can select any color with any opacity #000000-FFFFFFFF (~4.3 billion colors/variants), and you can view a dedicated page detailing the color's closest name, conversions to Hex, RGB, CMYK, etc., shades, tints, tones, harmonies, opacities, and WCAG contrast compliance. https://colorwaze.com June 10, 2022 at 10:57PM

Indie sci-fi horror game 'Routine' re-revealed after 10-year hiatus #wanitaxigo

Latest Windows 11 Insider Preview build receives File Explorer tabs #wanitaxigo

Symbiote Malware Poses Stealthy, Linux-Based Threat to Financial Industry

A Linux-based banking Trojan is a master at staying under the radar.

Show HN: Sake – tool to run tasks on remote servers https://ift.tt/wYrfKqu

Noname: Proactiveness Is the Name of the Game in App Security

Noname Security's Shay Levi joins Dark Reading's Terry Sweeney at Dark Reading News Desk during RSA Conference to talk about making code more secure.

source https://www.darkreading.com/application-security/noname-proactiveness-is-the-name-of-the-game-in-app-security

Lacework Blends Artificial Intelligence and Automation to Bolster Cloud Security

Lacework's Mark Nunnikhoven joins Dark Reading's Terry Sweeney at Dark Reading News Desk during RSA Conference to talk about AI and cloud security.

source https://www.darkreading.com/cloud/lacework-blends-artificial-intelligence-and-automation-to-bolster-cloud-security

Prevent Breaches and Malware With Proactive Defenses

Darktrace's Mike Beck joins Dark Reading's Terry Sweeney at Dark Reading News Desk during RSA Conference to talk about risk management.

source https://www.darkreading.com/risk/prevent-breaches-and-malware-with-proactive-defenses

Samsung TVs to receive Xbox Cloud Gaming app #wanitaxigo

Dell announces the new XPS 13 and XPS 13 2-in-1 #wanitaxigo

Lacework Blends Artificial Intelligence and Automation to Bolster Cloud Security

Lacework's Mark Nunnikhoven joins Dark Reading's Terry Sweeney at Dark Reading News Desk during RSA Conference to talk about AI and cloud security.

Prevent Breaches and Malware With Proactive Defenses

Darktrace's Mike Beck joins Dark Reading's Terry Sweeney at Dark Reading News Desk during RSA Conference to talk about risk management.

DigiCert Acquires DNS Made Easy

The certificate management company plans to integrate DNS services throughout its portfolio.

Cracking the Email Security Code: 12 Best Practices for Small and Midsize Businesses

It only takes one successful attack to spell disaster for a company. Learn how to protect your company with this email security best practice guide.

Show HN: Proof of concept – colorise/animate any website font https://ift.tt/u2BacsR

Show HN: Proof of concept – colorise/animate any website font https://ift.tt/nCe7KWk June 8, 2022 at 09:48PM

Concentric: How To Maximize Your AI Returns, In and Out of the SOC

Concentric AI's Karthik Krishnan joins Dark Reading's Terry Sweeney at Dark Reading News Desk during RSA Conference to discuss how artificial intelligence has transformed the security landscape.

source https://www.darkreading.com/threat-intelligence/concentric-concentric-how-to-maximize-your-ai-returns-in-and-out-of-the-soc

Cracking the Email Security Code: 12 Best Practices for Small and Midsize Businesses

It only takes one successful attack to spell disaster for a company. Learn how to protect your company with this email security best practice guide.

source https://www.darkreading.com/vulnerabilities-threats/cracking-the-email-security-code-12-best-practices-for-small-and-midsize-businesses

Lookout: Getting It Right at the Secure Service Edge

Lookout's Jim Dolce joins Dark Reading's Terry Sweeney at Dark Reading News Desk during RSA Conference to discuss the advantages of Secure Service Edge.

source https://www.darkreading.com/cloud/getting-it-right-at-the-secure-service-edge

Enhanced versions of Apple's M2 SoC are expected to enter mass production later this year #wanitaxigo

Lookout: Getting It Right at the Secure Service Edge

Lookout's Jim Dolce joins Dark Reading's Terry Sweeney at Dark Reading News Desk during RSA Conference to discuss the advantages of Secure Service Edge.

Show HN: castable-video https://ift.tt/SNefJxC

Show HN: castable-video https://ift.tt/bda6zvN June 8, 2022 at 07:56PM

Upcoming iOS 16 supports Nintendo Switch controller and Joy-Cons #wanitaxigo

‘Integration Tax’ Limits Network Automation

For every dollar spent on a new tech product, it costs several dollars to integrate that product. How can businesses overcome those costly obstacles that impede network engineering and ops teams' abilities to deploy new tech, like automation?

Now Is the Time to Plan for Post-Quantum Cryptography

Panelists from an RSA Conference keynote agreed that organizations need to begin work on PQC migration, if they haven't already.

Now Is the Time to Plan for Post-Quantum Cryptography

Panelists from an RSA Conference keynote agreed that organizations need to begin work on PQC migration, if they haven't already.

source https://www.darkreading.com/dr-tech/now-is-the-time-to-plan-for-post-quantum-cryptography

An Emerging Threat: Attacking 5G Via Network Slices

A successful attack against 5G networks could disrupt critical infrastructure, manipulate sensor data, or even cause physical harm to humans.

Show HN: Groundview – backchannel references for anyone without the work https://ift.tt/hpfSQqj

Show HN: Groundview – backchannel references for anyone without the work https://groundview.io June 7, 2022 at 09:24PM

An Emerging Threat: Attacking 5G Via Network Slices

A successful attack against 5G networks could disrupt critical infrastructure, manipulate sensor data, or even cause physical harm to humans.

source https://www.darkreading.com/threat-intelligence/an-emerging-threat-attacking-5g-via-network-slices

The ESA will attempt a hybrid E3 again next year #wanitaxigo

Show HN: SetOps – Run containers, databases and more in your own AWS account https://ift.tt/Djsv7Wp

Show HN: SetOps – Run containers, databases and more in your own AWS account https://www.setops.co/ June 7, 2022 at 05:19PM

Ransomware's ROI Retreat Will Drive More BEC Attacks

Crackdowns are driving down ransomware profits, and analysts see signs that operators are pivoting to business email compromise attacks, security researcher warned.

source https://www.darkreading.com/threat-intelligence/retreat-of-ransomware-roi-will-drive-bec-attacks-analyst-warns

Best Smartphones - Mid 2022 Update #wanitaxigo

Watch the Apple WWDC 2022 event right here at 10am PT/ 1pm ET: new MacBook Air incoming? #wanitaxigo

Show HN: Seal – Verifiable timestamp for your private ideas https://ift.tt/EsMRyzI

Show HN: Seal – Verifiable timestamp for your private ideas https://ift.tt/ZKVgbaj June 6, 2022 at 07:00AM

Show HN: Hit – CLI to manage and execute HTTP requests https://ift.tt/wBFNfWv

Show HN: Hit – CLI to manage and execute HTTP requests https://ift.tt/QBTowWR June 6, 2022 at 02:12AM

Show HN: Pidove, an Alternative to the Java Streams API https://ift.tt/HNvhLGw

Show HN: Pidove, an Alternative to the Java Streams API https://ift.tt/LiKTQzg June 6, 2022 at 05:21AM

Show HN: End-to-End 3D Hand Pose Estimation from Stereo Cameras https://ift.tt/1vtiamC

Show HN: End-to-End 3D Hand Pose Estimation from Stereo Cameras https://ift.tt/L3Ex4Hi June 6, 2022 at 04:07AM

Show HN: A new way to fight manipulation in news https://ift.tt/TVZiFtb

Show HN: A new way to fight manipulation in news https://dailyedit.com/ June 5, 2022 at 04:01PM

Show HN: Domain driven design with Node.js template https://ift.tt/PrmxA83

Show HN: Domain driven design with Node.js template https://ift.tt/nGAMWOt June 5, 2022 at 01:45PM

Show HN: Send commands to KVM/HDMI matrix devices when touching screen edge https://ift.tt/vCdQwc8

Show HN: Send commands to KVM/HDMI matrix devices when touching screen edge https://ift.tt/9aOoIqP June 5, 2022 at 10:03AM

Show HN: SSH Now – a terminal into any machine https://ift.tt/1wL0Oxl

Show HN: SSH Now – a terminal into any machine https://ift.tt/g8GzoEV June 5, 2022 at 04:37AM

Show HN: The First Softmod for All Japanese PS1 Console Revisions https://ift.tt/fji1ags

Show HN: The First Softmod for All Japanese PS1 Console Revisions https://ift.tt/eOuMB7Z June 5, 2022 at 06:30AM

Show HN: Grid.js – Advanced table library that works everywhere (2020) https://ift.tt/oU0fVeF

Show HN: Grid.js – Advanced table library that works everywhere (2020) https://gridjs.io/?hn June 5, 2022 at 02:35AM

Show HN: K1pwit – 1Password on iTerm2 https://ift.tt/h1waN8v

Show HN: K1pwit – 1Password on iTerm2 https://ift.tt/I9PczmV June 4, 2022 at 03:39AM

Show HN: I love FitnessSF, but I hate their mobile app https://ift.tt/eDdi39l

Show HN: I love FitnessSF, but I hate their mobile app In order to enter my gym, FitnessSF, I must load up their mobile app to open a QR code and scan in. Their app takes roughly 10,000 years to load so I stand like an idiot at the front desk, turning the app off and on again to just get the QR code. I wrote a little bit of javascript that hits the FitnessSF API and generates a Mobile Wallet Pass. I also hard coded all the fitness SF lat/long locations, so the mobile wallet will pop up when you're nearby. I hope this restores a little bit of sanity in someone else's life. https://ift.tt/MeFI7mr June 4, 2022 at 02:33AM

Show HN: Move away from streaming platforms and take your music offline https://ift.tt/5SzVQG9

Show HN: Move away from streaming platforms and take your music offline https://ift.tt/thpK3Fy June 3, 2022 at 11:31PM

Show HN: Ezbitmap.com, create beautiful images from ASCII art https://ift.tt/UKaw1sV

Show HN: Ezbitmap.com, create beautiful images from ASCII art https://ift.tt/MKsrmwL June 3, 2022 at 07:24PM

Show HN: Cryptid Zero Trust Authentication and Authorization, Open Source Oberon https://ift.tt/c73OFPh

Show HN: Cryptid Zero Trust Authentication and Authorization, Open Source Oberon Oberon makes it possible for a service provider to issue capability tokens to clients in such a way that the service provider never sees the value of the capability token. This prevents the service provider from being able to impersonate the client. Oberon relies upon zero-knowledge proof presentation of the capability token so that the token is never transmitted norrevealed. Instead of the client sending the token to the service—as is done with API tokens today—the client sends a zero-knowledge proof proving that they have a valid capability token issued by the service provider; this is called proof-of-knowledge. GitHub: https://ift.tt/P9HVTx4 Get cryptid: https://ift.tt/UXc14Wj] June 3, 2022 at 08:47PM

Watch all the PS VR2 trailers Sony dropped during State of Play #wanitaxigo

Show HN: I spent a year building a desktop environment that runs in the browser https://ift.tt/W6qRa9O

Show HN: I spent a year building a desktop environment that runs in the browser https://puter.com/ June 3, 2022 at 08:14PM

Show HN: I’ve Built a Digital Organ and This Is What I Learned https://ift.tt/uvSFBo8

Show HN: I’ve Built a Digital Organ and This Is What I Learned https://ift.tt/F1VRhHl June 2, 2022 at 11:01PM

Research Reveals 75% of CISOs Are Worried Too Many Application Vulnerabilities Leak Into Production, Despite a Multi-Layered Security Approach

79% of CISOs say continuous runtime vulnerability management is an essential capability to keep up with the expanding complexity of modern multi-cloud environments.

source https://www.darkreading.com/vulnerabilities-threats/research-reveals-75-of-cisos-are-worried-too-many-application-vulnerabilities-leak-into-production-despite-a-multi-layered-security-approach

Dragon Age 4 gets an official title, now known as Dragon Age: Dreadwolf #wanitaxigo

Madden NFL 23 gameplay changes, cover photo, pre-order details and more revealed #wanitaxigo

Gurucul Launches Cloud-Native SOC Platform Pushing the Boundaries of Next-Gen SIEM and XDR with Identity Threat Detection and Response

Gurucul automating threat detection, investigation and response (TDIR) with advanced analytics, comprehensive threat content, and a flexible enterprise risk engine for hybrid and multi-cloud environments.

Show HN: Svelvet – A component library for building interactive flow diagrams https://ift.tt/7Xh8KYI

Show HN: Svelvet – A component library for building interactive flow diagrams https://svelvet.io/ June 2, 2022 at 06:09PM

Looking Glass presents new "holographic" image format #wanitaxigo

Feds Seize Domains Dealing Stolen Personal Data

WeLeakInfo.to and two related domains let users search data stolen in more than 10,000 different breaches.

Show HN: Display famous paintings on your Terminal https://ift.tt/8QMiWjH

Show HN: Display famous paintings on your Terminal https://ift.tt/1SZmT2f June 1, 2022 at 11:25PM

FluBot Android Malware Operation Disrupted, Infrastructure Seized

Security researchers have described the malware as among the fastest-spreading mobile threats in recent years.

source https://www.darkreading.com/mobile/flubot-android-malware-operation-disrupted

EnemyBot Puts Enterprises in the Crosshairs With Raft of '1-Day' Bugs

EnemyBot DDoS botnet is rapidly weaponizing security bugs disclosed in CMS systems like WordPress plug-ins, Android devices, commercial Web servers, and other enterprise applications.

Show HN: Beautiful open-source themes for CodeMirror https://ift.tt/tUhECQP

Show HN: Beautiful open-source themes for CodeMirror https://thememirror.net June 1, 2022 at 11:54PM

Biometric Data Offers Added Security — But Don't Lose Sight of These Important Risks

With rising fraud, businesses are seeking authentication methods that are security- and user-friendly. But with that comes a few complications.

Show HN: Automate customer onboarding, conversion and retention messages https://ift.tt/q6DLZ0i

Show HN: Automate customer onboarding, conversion and retention messages https://engage.so/ May 31, 2022 at 10:02PM

3.6M MySQL Servers Found Exposed Online

Researchers from Shadowserver recommend removing the servers from the Internet to shrink external attack surface.

source https://www.darkreading.com/vulnerabilities-threats/3-6m-plus-mysql-servers-with-ipv4-ipv6-addresses-exposed-scan-shows

New Microsoft Zero-Day Attack Underway

"Follina" vulnerability in Microsoft Support Diagnostic Tool (MSDT) affects all currently supported Windows versions and can be triggered via specially crafted Office documents.

source https://www.darkreading.com/endpoint/attackers-actively-exploiting-new-microsoft-zero-day