New graph-based tool offers a better alternative to current approaches for finding vulnerabilities in JavaScript code, they note.
source https://www.darkreading.com/dr-tech/new-odgen-tool-unearths-180-zero-days-in-node-js-libraries
Wednesday, August 31, 2022
New ODGen Tool Unearths 180 Zero-Days in Node.js Libraries
New graph-based tool offers a better alternative to current approaches for finding vulnerabilities in JavaScript code, they note.
Don't Let 'Perfect' Be the Enemy of a Good AppSec Program
These five suggestions provide a great place to start building a scalable and affordable program for creating secure apps.
source https://www.darkreading.com/edge-articles/don-t-let-perfect-be-the-enemy-of-a-good-appsec-program
source https://www.darkreading.com/edge-articles/don-t-let-perfect-be-the-enemy-of-a-good-appsec-program
Malicious Chrome Extensions Plague 1.4M Users
Analysts find five cookie-stuffing extensions, including one that's Netflix-themed, that track victim browsing and insert rogue IDs into e-commerce sites to rack up fake affiliate payments.
source https://www.darkreading.com/vulnerabilities-threats/1-4m-users-running-malicious-chrome-extensions
source https://www.darkreading.com/vulnerabilities-threats/1-4m-users-running-malicious-chrome-extensions
Don't Let 'Perfect' Be the Enemy of a Good AppSec Program
These five suggestions provide a great place to start building a scalable and affordable program for creating secure apps.
Show HN: Go, JSON, Streaming and Generics https://ift.tt/ArORUB7
Show HN: Go, JSON, Streaming and Generics I needed an easy way of handling large JSON blobs (200MB+) which I found is easy, but very verbose, using encoding/json. Dealing with deeply nested structs was a real pain so I wrote myself a wrapper around it - https://ift.tt/03pwB4C - thanks to generics it can be very thin. https://ift.tt/03pwB4C August 30, 2022 at 09:06PM
Tuesday, August 30, 2022
Show HN: Readerize - Like Google Reader, but without RSS https://ift.tt/KXICjTf
Show HN: Readerize - Like Google Reader, but without RSS https://readerize.com/ August 30, 2022 at 05:53AM
Effectively Managing and Securing Assets in A Hybrid IT Environment
With the pandemic driving organizations to transition to a more versatile, hybrid work environment, this has made the IT department's job even more complex.
Show HN: My unusual personal resume. Would appreciate feedback and anything else https://ift.tt/bJOashF
Show HN: My unusual personal resume. Would appreciate feedback and anything else https://ift.tt/lrvpYVK August 29, 2022 at 11:09PM
Monday, August 29, 2022
Show HN: An Audio Introduction to Nick Bostrom https://ift.tt/jCKmw2Q
Show HN: An Audio Introduction to Nick Bostrom I'm working on this because I think Bostrom's work is extremely important, and deserves a wider audience. I first read Bostrom's work in 2010, during my undergraduate degree. It has been a major influence on many of the projects I've worked on since then. In particular, the many years I've spent working at 80,000 Hours. (80,000 Hours is a career advising service which—among other things—helps people act on Bostrom's ideas about the urgency of addressing existential risks posed by emerging technologies, such as artificial intelligence and biotechnology.) https://ift.tt/pKQwkYE August 29, 2022 at 11:52AM
Show HN: Meal planning, auto grocery lists and recipe/ingredient encyclopeidia https://ift.tt/O58derB
Show HN: Meal planning, auto grocery lists and recipe/ingredient encyclopeidia https://www.reciped.io/ August 29, 2022 at 08:32AM
Microsoft 365 Empowers Business Users to Shoot Themselves in the Foot
Citizen development allows users to design creative solutions for immediate problems, but it requires training and oversight to avoid security holes.
source https://www.darkreading.com/edge-articles
source https://www.darkreading.com/edge-articles
Microsoft 365 Empowers Business Users to Shoot Themselves in the Foot
Citizen development allows users to design creative solutions for immediate problems, but it requires training and oversight to avoid security holes.
Show HN: I built a quizlet clone in 2 hours https://ift.tt/OCnFm02
Show HN: I built a quizlet clone in 2 hours Quizlet, a popular tool among high schoolers and college students used to study for tests recently made it's core functionality paid. In an era where Autodesk, Adobe, and Microsoft hold their proprietary software to their chests, it's exciting to see opensource alternatives come to compete with them. I'm 15, and I'm excited to do my part to keep education free for everyone. https://ift.tt/3j5eY7G August 29, 2022 at 02:19AM
Show HN: A distributed computing Linux distro with batteries included https://ift.tt/cCd0Et8
Show HN: A distributed computing Linux distro with batteries included https://ift.tt/p4x2hKd August 28, 2022 at 10:54PM
Sunday, August 28, 2022
Show HN: Fill your PDF templates with an API call - doqs.dev https://ift.tt/HJvGnU2
Show HN: Fill your PDF templates with an API call - doqs.dev Now live! I appreciate any feedback! If you think of subscribing, contact as at info@doqs.dev and we will hit you up with a discount code! August 28, 2022 at 04:44PM
Show HN: Versioning Filesystem for SQLite https://ift.tt/2Du09Vk
Show HN: Versioning Filesystem for SQLite https://ift.tt/2Q4jTsu August 28, 2022 at 04:49PM
Show HN: Density userstyle to remove spacing from popular websites https://ift.tt/R9lWv2E
Show HN: Density userstyle to remove spacing from popular websites https://ift.tt/liXvuyw August 28, 2022 at 02:57PM
Show HN: Directly query 100M+ raw records of cleaned, refreshed financial data https://ift.tt/A6o1L5J
Show HN: Directly query 100M+ raw records of cleaned, refreshed financial data There are a lot of APIs that provide access to these types of data, but there were not any (as far as we're aware of) tools & services that provide access to query the raw data directly for analytical purposes. We get the data across different sources and clean, schematize them in a PostgreSQL databases so folks can query/analyze the data directly. We have ~100 tables of data across stocks, ETFs, economic indicators, US/international census data and plan to keep adding more. More information on the tables are available at https://docs.wizdata.io Access to all of the data is free, and we plan to (in the future) find ways to cover our costs by charging for folks who want to run their queries faster (e.g. by running their queries on separate compute clusters) or by providing custom integration to fit their data needs. Please take a look, and would please share any feedback with us here! https://www.wizdata.io August 28, 2022 at 04:21AM
Show HN: Hangman meets Wordle webapp in Angular https://ift.tt/4YLGyu9
Show HN: Hangman meets Wordle webapp in Angular Hey HN, I am a novice web developer, and I built a new webapp game in Angular that combines the game play of Hangman and Wordle. I chose this project because I wanted to learn Angular, while also developing something useful. I have some prior backend experience. And, I was pleasantly surprised with how much you can achieve in the pure JS/Typescript these days. For my app, the backend only sends the daily puzzle data in JSON, while the entire game logic and interactions are completely implemented in the frontend. I wrote around 4000 lines of the frontend code for this project. For me, the best part was RxJS integration in Angular. It also had a fair amount of learning curve. However, once you have learned the basics, it saves a lot of redundant boilerplate code and makes the code more readable and clean. You can play the game for free and there is no sign-up required: https://10letters.app The game does not save any user data at the server. All data is saved in the local storage. So, you can play the game again in the incognito mode, or after clearing your browser cache. If you have any questions or feedback, please feel free to add them in the comments. Thanks! https://10letters.app August 27, 2022 at 10:37PM
Show HN: Accept payments in crypto on your website (5 lines of code) https://ift.tt/fMPdwap
Show HN: Accept payments in crypto on your website (5 lines of code) https://payonix.io/ August 27, 2022 at 11:27PM
Saturday, August 27, 2022
SHOW HN: Subreddit Finder – find subreddits based on a topic https://ift.tt/KHtmTlI
SHOW HN: Subreddit Finder – find subreddits based on a topic https://ift.tt/DoP0cMH August 27, 2022 at 02:18AM
Show HN: Prisma by Example – Interactive Playground https://ift.tt/t34Pxvs
Show HN: Prisma by Example – Interactive Playground https://ift.tt/ta4VNCR August 26, 2022 at 11:00PM
Friday, August 26, 2022
Show HN: Rtpstalk – pure Java RTPS implementation https://ift.tt/fkenEvR
Show HN: Rtpstalk – pure Java RTPS implementation Initial version provides following features: - implements all general requirements of RTPS Specification 2.3 (section 8.4.2.1) - RTPS Reader and Writer behavior with following QoS policies: - PID_DURABILITY (TRANSIENT_LOCAL_DURABILITY_QOS) - PID_RELIABILITY (RELIABLE) - UDP as underlying transport protocol https://ift.tt/svMHQyO August 24, 2022 at 06:36AM
Show HN: Devbox – Easy, predictable shells and containers https://ift.tt/kyHoSNj
Show HN: Devbox – Easy, predictable shells and containers Devbox is a command-line tool that lets you easily create isolated shells and containers. You start by defining the list of packages required by your development environment, and devbox uses that definition to create an isolated environment just for your application. In practice, Devbox works similar to a package manager like yarn – except the packages it manages are at the operating-system level (the sort of thing you would normally install with brew or apt-get). See it in action: https://youtu.be/WMBaXQZmDoA https://ift.tt/RczpoFY August 26, 2022 at 01:35AM
How Not to Waste Money on Cybersecurity
Security should be every enterprise’s top priority. Just remember that simply throwing money at the problem isn't the answer.
Thursday, August 25, 2022
Show HN: Bob-Editor https://ift.tt/JYpFsML
Show HN: Bob-Editor https://ift.tt/V3mnhTD August 25, 2022 at 02:26AM
CISA: Just-Disclosed Palo Alto Networks Firewall Bug Under Active Exploit
The bug tracked as CVE-2022-0028 allows attackers to hijack firewalls without authentication, in order to mount DDoS hits on their targets of choice.
Wednesday, August 24, 2022
DevSecOps Gains Traction — but Security Still Lags
Almost half of teams develop and deploy software using a DevSecOps approach, but security remains the top area of investment, a survey finds.
DevSecOps Gains Traction — but Security Still Lags
Almost half of teams develop and deploy software using a DevSecOps approach, but security remains the top area of investment, a survey finds.
source https://www.darkreading.com/vulnerabilities-threats/devsecops-gains-traction----but-security-still-lags
source https://www.darkreading.com/vulnerabilities-threats/devsecops-gains-traction----but-security-still-lags
Thoma Bravo Buying Spree Highlights Hot Investor Interest in IAM Market
M&A activity in the identity and access management (IAM) space has continued at a steady clip so far this year.
source https://www.darkreading.com/operations/thoma-bravo-buying-spree-investor-interest-iam-market
source https://www.darkreading.com/operations/thoma-bravo-buying-spree-investor-interest-iam-market
Thoma Bravo Buying Spree Highlights Hot Investor Interest in IAM Market
M&A activity in the identity and access management (IAM) space has continued at a steady clip so far this year.
Tuesday, August 23, 2022
For Penetration Security Testing, Alternative Cloud Offers Something Others Don't
Alternative cloud providers offer streamlined capabilities for penetration testing, including more accessible tools, easy deployment, and affordable pricing.
Show HN: VSCode Working Memory – Capture everything in a single text file https://ift.tt/0DC9iyS
Show HN: VSCode Working Memory – Capture everything in a single text file It's a dead simple VSCode extension based on Cal Newport's idea of a single text file productivity system. Capture everything in a single markdown or text file. Specify the file and use shortcut to open it in new tab from any VSCode project/workspace. Also, there's a quick capture option to append line to the top of the file without opening it. That's it, nothing much. I have few simple ideas on how to extend this workflow without making, so any feedback or contribution is welcome. Here's Cal Newport explaining the gist of the idea: http://www.youtube.com/watch?v=3-MOxvedJXM&ab_channel=CalNew... https://ift.tt/dxQKYo8 August 22, 2022 at 06:14PM
Monday, August 22, 2022
NIST Weighs in on AI Risk
NIST is developing the AI Risk Management Framework and a companion playbook to help organizations navigate algorithmic bias and risk.
source https://www.darkreading.com/edge/nist-weighs-in-on-ai-risk
source https://www.darkreading.com/edge/nist-weighs-in-on-ai-risk
Show HN: How to find Access Key confidential data on AWS easily https://ift.tt/0LxJHZX
Show HN: How to find Access Key confidential data on AWS easily [OSINT TIP] AWS key Credential Leak How to find Access Key confidential information on Amazon Cloud Services (AWS) very easily Search the Script tag for the 'AWS.config.update()' function on the 'DynamoDB' or 'S3 Bucket Upload' function on the page using the function AWS SDK or AWS CLI. https://ift.tt/M1nOxTa August 22, 2022 at 08:32AM
Show HN: What is Docker (in Docker)^n https://ift.tt/DpCcdiO
Show HN: What is Docker (in Docker)^n https://ift.tt/t0klXpj August 22, 2022 at 06:20AM
Show HN: I made an easier version control system https://ift.tt/NC20AvS
Show HN: I made an easier version control system Hi everyone! This is the first launch of my project, Jamsync, which is trying to make version control easier for everyone. Let me know if you have any feedback! https://jamsync.io/ August 22, 2022 at 04:55AM
Sunday, August 21, 2022
Show HN: AwesomeCure – Analyze and Cure Lists https://ift.tt/GRfez5j
Show HN: AwesomeCure – Analyze and Cure Lists https://ift.tt/wU80kOx August 21, 2022 at 02:54PM
Show HN: Generate QR-code as Tetris animations https://ift.tt/mw16u93
Show HN: Generate QR-code as Tetris animations https://ift.tt/FqlKJjg August 21, 2022 at 01:17PM
Show HN: I made a free Airtable of indie founders' growth strategies https://ift.tt/J3Papsr
Show HN: I made a free Airtable of indie founders' growth strategies https://ift.tt/I7Ckw0d August 21, 2022 at 08:32AM
Show HN: HertzBeat – An open-source, real-time monitoring system https://ift.tt/XUcHjbl
Show HN: HertzBeat – An open-source, real-time monitoring system Hi everyone! Very happy to be able to recommend an open source project here. Hertzbeat is an open-source, real-time monitoring system with custom-monitor and agentless. Support web service, database, os, middleware and more. Here’s a video of show: https://youtu.be/eb_Nosl9fZY . Very open to feedback. github: https://ift.tt/9XpxCyO home: https://ift.tt/kiXyI7M Very welcome to use and give us a star! Thanks!!!! https://ift.tt/9XpxCyO August 21, 2022 at 06:21AM
Show HN: As your priorities change, your Google calendar gets rearranged by AI https://ift.tt/27935ft
Show HN: As your priorities change, your Google calendar gets rearranged by AI https://ift.tt/ODt7KbE August 21, 2022 at 03:40AM
Show HN: Brew.fm – Let bots discover new music on Spotify for you https://ift.tt/BlrvU2N
Show HN: Brew.fm – Let bots discover new music on Spotify for you Use Spotify? This tool will automate your music discovery for you. Join here (100% perpetually free with no strings attached): https://brew.fm Some time ago, I built and showed HN[1] brew.fm, a tool helping artists remix each other’s work. It had been quiet, and I remembered how fun it was to work with the Spotify API, so I repurposed the tool to solve one of my own problems: missing out on new music of my favorite artists. I shared it on Reddit yesterday[2], and this seems to hit a spot for more people: so far 833 people connected their Spotify account. How it works: The tool simply shows your top 50 artists on Spotify over short, medium and long term, and checks those artists for new music. If you select a playlist, every artist involved in the tracks will be checked for new music, after which new releases are shown sorted by most recent release date. Here’s a video of me demoing the tool: https://youtu.be/Nh2Ognb4PgU . Enjoy! Very open to feedback. [1] https://ift.tt/LjaBu4D [2] https://ift.tt/4spBlEe... https://www.brew.fm/ August 20, 2022 at 11:23PM
Saturday, August 20, 2022
Show HN: ProjectZero – Find collaborators for your next side project https://ift.tt/HEq2lUs
Show HN: ProjectZero – Find collaborators for your next side project https://ift.tt/wJBDsXN August 20, 2022 at 01:06AM
Show HN: We Built a Free API Security Web Tool – Eliminates Your PenTest Cost https://ift.tt/2bRDhaP
Show HN: We Built a Free API Security Web Tool – Eliminates Your PenTest Cost https://ift.tt/hqt6wIV August 19, 2022 at 11:32PM
Patch Now: 2 Apple Zero-Days Exploited in Wild
The fact that the flaws enable remote code execution, exist across all major Apple OS technologies, and are being actively exploited heightens the need for a quick response.
Show HN: Have a question on your medication or supplement? Ask a pharmacist now https://ift.tt/Lj7z2Es
Show HN: Have a question on your medication or supplement? Ask a pharmacist now Hey everyone! TL;DR: Looking for feedback on my app in exchange for a one-time free consultation with a pharmacist 24/7 (an appointment would be encouraged as well!) A quick reflection on the focus of my company, ImpactPharm: Let's talk about Uber first. It is a technically complicated app for a simple idea: getting someone from point A to point B by connecting them with a freelance driver. See this blog: "The Uber Engineering Tech Stack, Part I: The Foundation | Uber Blog" https://ift.tt/vFrgbCl Our Uber-inspired healthcare app aims to answer a patient's contextual medication-related question by connecting them with a freelance licensed pharmacist. The reviews and profiles of pharmacists and patients are features. They make us more approachable. The thoughtful, contextual, and actionable answer is the key product. That's our destination. Our ImpactPharm app is now available on the App Store on both Android and iOS/Apple for you to download: Apple App Store: https://ift.tt/q3xLy1R Android App Store: https://ift.tt/HS62Ivw... Please give us a try. Everyone has a free trial from now until Labor Day, September 5, 2022! Please write us a review on the App Store and let us know whether: > The information provided by your pharmacist is clear, helpful, and well researched. > The app is readable and runs smoothly. > You plan to continue using ImpactPharm. > Using ImpactPharm improved your overall health and well-being. > The care you received from ImpactPharm is worth more than what you paid to use this service. And please tell us: Why will or will you not use this app again? Thank you for your support! Sophie Le, PharmD Co-founder & CEO ImpactPharm, Inc https://impactpharm.app August 19, 2022 at 10:55PM
Patch Now: 2 Apple Zero-Days Exploited in Wild
The fact that the flaws enable remote code execution, exist across all major Apple OS technologies, and are being actively exploited heightens the need for a quick response.
source https://www.darkreading.com/vulnerabilities-threats/patch-apple-zero-days-exploited
source https://www.darkreading.com/vulnerabilities-threats/patch-apple-zero-days-exploited
Friday, August 19, 2022
Show HN: Drag and drop site builder that works on mobile https://ift.tt/sSaOLiZ
Show HN: Drag and drop site builder that works on mobile https://ift.tt/A4eJyYz August 19, 2022 at 01:01AM
Easing the Cyber-Skills Crisis With Staff Augmentation
Filling cybersecurity roles can be costly, slow, and chancy. More firms are working with third-party service providers to quickly procure needed expertise.
Show HN: Quick Rewire – I made web tool to rewire your brain https://ift.tt/DBAkvrW
Show HN: Quick Rewire – I made web tool to rewire your brain Hi HN, I work with a mixed group of developers, data scientists and neuroscientists, and for fun recently built a tool inspired by psychological studies. The idea is to demonstrate how quickly technology can change how your brain works, and potentially the impact that technology actually has over our agency without us even noticing. https://ift.tt/kvIe0An August 19, 2022 at 12:00AM
Easing the Cyber-Skills Crisis With Staff Augmentation
Filling cybersecurity roles can be costly, slow, and chancy. More firms are working with third-party service providers to quickly procure needed expertise.
source https://www.darkreading.com/operations/easing-the-cyber-skills-crisis-with-staff-augmentation
source https://www.darkreading.com/operations/easing-the-cyber-skills-crisis-with-staff-augmentation
Who Should You Trust When Making Technology Decisions?
Being aware of the potential bias that each party might have – from tech vendors, consultants, in-house staff, and research organizations -- is an important part of the process. Here’s a run-down of those groups.
Thursday, August 18, 2022
Google Cloud Adds Curated Detection to Chronicle
The curated detection feature for Chronicle SecOps Suite provides security teams with actionable insights on cloud threats and Windows-based attacks from Google Cloud Threat Intelligence Team.
Show HN: MyNotifier – Simple Notifications https://ift.tt/sCBkrz0
Show HN: MyNotifier – Simple Notifications https://ift.tt/rjhNylY August 18, 2022 at 12:36PM
Show HN: StoneDB—A Real-Time HTAP Database Based on the MySQL Kernel https://ift.tt/5soLJjn
Show HN: StoneDB—A Real-Time HTAP Database Based on the MySQL Kernel StoneDB is an open-source hybrid transaction/analytical processing (HTAP) database designed and developed by StoneAtom based on the MySQL kernel. It is the first database of this type launched in China. StoneDB can be seamlessly switched from MySQL. It provides features such as optimal performance and real-time analytics, offering you a one-stop solution to process online transaction processing (OLTP), online analytical processing (OLAP), and HTAP workloads. StoneDB is fully compatible with the MySQL 5.6 and 5.7 protocols, the MySQL ecosystem, and common MySQL features and syntaxes. Tools and clients in the MySQL ecosystem, such as Navicat, Workbench, mysqldump, and mydumper, can be directly used on StoneDB. In addition, all workloads on StoneDB can be run on MySQL. StoneDB is optimized for OLAP applications. StoneDB that runs on a common server can process complex queries on tens of billions of data records, while ensuring high performance. Compared to databases that use MySQL Community Edition, StoneDB is at least 10 times faster in processing queries. StoneDB uses the Knowledge Grid technology and a column-based storage engine. The column-based storage engine is designed for OLAP applications and uses techniques such as column-based storage, Knowledge Grid-based filtering, and high-efficiency data compression. With such storage engine, StoneDB ensures the high performance of application systems and reduces the total cost of ownership (TCO). https://ift.tt/FigGERK August 18, 2022 at 08:56AM
Show HN: Allsearch – Making it easier to use different search engines seamlessly https://ift.tt/XhvHMVi
Show HN: Allsearch – Making it easier to use different search engines seamlessly Allsearch is a tool I made after getting fed up with Google's search results and reading up on conversations on HN about the state of search on the internet. This is a tool I made as a spiritual successor to GnodSearch ( https://ift.tt/tKDIchM ), which I've seen in a couple conversations about search on HN. GnodSearch is great, but a bit barebones in terms of looks and functionality; Allsearch is my attempt to build off of it. Similar to Gnod, Allsearch allows you to apply any given search query to a search engine of your choice (either through only keystrokes, or via mouse). However, it also allows you to add your own engines to its catalogue, and allows you to define macros to use multiple engines simultaneously (useful for easily comparing engines). It's not feature complete; there are still some things I'd like to add in. There are way more engines I want to add to it's default catalogue, and I also want to add in the ability to export your settings to allow people to easily share their Allsesarch configurations. Curious about people's thoughts on it :) https://allsear.ch/ August 17, 2022 at 09:47AM
Show HN: Fuzzyhome – A Fast Fuzzy Finding New-Tab Page https://ift.tt/1SV9rF4
Show HN: Fuzzyhome – A Fast Fuzzy Finding New-Tab Page Fuzzyhome is a lightweight new-tab page that lets you very quickly fuzzy find links and navigate to a result. If there are no matching links, you can use your query to perform a search with your search engine of choice. You can also append your query to arbitrary links with a bang-like feature. Cohesive usage instructions can be found on the GitHub page: https://ift.tt/wJ63obe Fuzzyhome is free, entirely client-side, and statically hosted with Cloudflare pages. No sign in or account required. Export your links to a JSON file in the settings menu to keep a backup. Links are stored in IndexedDB and the bundle is cached with service workers for fast loading. Thanks for checking it out, consider giving it a star :) https://fuzzyho.me/ August 18, 2022 at 03:04AM
Wednesday, August 17, 2022
Show HN: Hire experts in popular SaaS/no-code tools https://ift.tt/lRBin8z
Show HN: Hire experts in popular SaaS/no-code tools Hi HN We have built Heep to help startups take advantage of the best no-code/SaaS tools and increase their ROI on the tools they already are paying for. It's super simple - we match you with experts in popular tools like Notion, Bubble, Webflow for any kinds of project. So far we had over 200 companies build all kind of staff with makers on Heep - from improving their internal ops with automations (Zapier, Airtable) to building full scale MVPs (Bubble, Glide). We focus on curating talent and making it easy for anyone to navigate the no-code space. We have messenger and payments built-in inside the platform and adding simple contracts soon. On the talent side we are allowing you to monetise your expertise in any SaaS/no-code tool and earn $2K+ per month. Right now we have over 300 experts on the platform across 40+ tools. We are still working on making the experience smooth for customers and the main point of launching here is to get feedback on what could be done better on finding/hiring an expert. Would love to discuss what do you like/dislike about existing freelance platforms out there. Love from Kyiv/Berlin https://heep.so/ August 16, 2022 at 09:22PM
Microsoft Rolls Out Tamper Protection for Macs
The tamper protection feature detects attempts to modify files and processes for Microsoft Defender for Endpoints on macOS.
Microsoft Rolls Out Tamper Protection for Macs
The tamper protection feature detects attempts to modify files and processes for Microsoft Defender for Endpoints on macOS.
source https://www.darkreading.com/dr-tech/microsoft-rolls-out-tamper-protection-for-macs
source https://www.darkreading.com/dr-tech/microsoft-rolls-out-tamper-protection-for-macs
DEF CON: A Woman's First Experience
Omdia Senior Analyst Hollie Hennessy goes over her first experience of DEF CON as a woman in cybersecurity.
Tuesday, August 16, 2022
DEF CON 30: Hackers Come Home to Vibrant Community
After 30 years and a brief pandemic hiatus, DEF CON returns with "Hacker Homecoming," an event that put the humans behind cybersecurity first.
Show HN: XaaS Pricing – track 25k+ SaaS company pricing strategies in one place https://ift.tt/IsWXe58
Show HN: XaaS Pricing – track 25k+ SaaS company pricing strategies in one place Hi all - I'm completely new here! I come from a market analyst background - I've done large B2B tech pricing research and consulting projects for over 10 years. I wanted to figure out a way to scale what we do in those projects to a broader set of SaaS companies that can't pay the six-figure plus price points those projects often carry. Today is our first step on figuring that out - we've created XaaS Pricing, a tool that let's you analyze the pricing strategies of 25,000 SaaS vendors across 50+ metrics, on-demand, with real-time updates when pricing strategies change. I hope it's helpful and look forward to feedback and questions from the HN community! https://ift.tt/KMWVO5h August 15, 2022 at 10:31PM
DEF CON 30: Hackers Come Home to Vibrant Community
After 30 years and a brief pandemic hiatus, DEF CON returns with "Hacker Homecoming," an event that put the humans behind cybersecurity first.
source https://www.darkreading.com/threat-intelligence/def-con-30-hackers-come-home-to-vibrant-community
source https://www.darkreading.com/threat-intelligence/def-con-30-hackers-come-home-to-vibrant-community
Monday, August 15, 2022
Show HN:How We built TinySnap: the anatomy of a browser extension https://ift.tt/tm41H0l
Show HN:How We built TinySnap: the anatomy of a browser extension https://ift.tt/pWlkIMJ August 15, 2022 at 04:18AM
Show HN: Xklb – organize your media when it is too big to think about https://ift.tt/EP6ipga
Show HN: Xklb – organize your media when it is too big to think about https://ift.tt/4i0S7cd August 15, 2022 at 05:28AM
Show HN: Anysphere, home for important, long-form conversations https://ift.tt/mApdIbM
Show HN: Anysphere, home for important, long-form conversations Hi everyone! I’m Arvid, cofounder of Anysphere ( https://anysphere.co ). With my two friends Sualeh and Shengtong I have been spending the last few months building a dedicated home for important, long-form conversations. We’re super excited to let the HN community test it out! We think that no existing platform for point–to-point communication prioritizes the conversations that you actually care about and that really matter. Instant messaging is filled with careless texts and stickers, email is filled with receipts and spammers, and physical mail, while better in those respects, is slow and cumbersome. None of the existing platforms are private enough. Anysphere attempts to fix this. It is private, secure, desktop-first and only allows people you added to contact you. Our whitepaper ( https://ift.tt/Yic0oSC ) describes our privacy and security model in detail — in short, we protect all of your data and metadata against everyone (even our own server). Our client is fully open source: https://ift.tt/FzG4OSM . We deployed a small server to open up testing to everyone in the HN community. Instructions are here: https://ift.tt/9PIZtXY... . I can’t wait to hear your thoughts! https://ift.tt/rtPVdMa August 15, 2022 at 03:47AM
Show HN: Belua, Beautifully Organised Contacts https://ift.tt/5ViMuS4
Show HN: Belua, Beautifully Organised Contacts Manage and present your contacts with the Belua app on iPhone. Features: Organise - Display generative art for contacts without photo. - Use tags to categorise your contacts. - Use the touch action to surface contacts in recent. - Sort by recent, by recently added, by tag or by country. - Privacy Built-In from the start. - Actions such as favourite, tag and hide work across devices if you are using iCloud. - Works offline Search - Search text in contacts - Diacritic insensitive [a diacritic is a glyph added to a letter or to a basic glyph]. - Works with natural language text to ensure correct behaviour in multiple scripts and languages such as Chinese or Japanese. https://ift.tt/fusQbDh August 14, 2022 at 08:14PM
Show HN: shortcommand – Easily run a set of commands quickly using a YAML file https://ift.tt/W5O3ETm
Show HN: shortcommand – Easily run a set of commands quickly using a YAML file This tiny command line tool was created mainly because I have several apps that I run on my server and finding the right set of commands for deploying an app is a hassle. So this basically documents the set of commands for each of my projects, as well as gives me quick access to them. Just wanted to share it here in case anyone else might find it useful. https://ift.tt/YzGwtVy August 14, 2022 at 09:47PM
Sunday, August 14, 2022
Show HN: Makerspace for “bad” art and thoughtful subjectivity https://ift.tt/A34K09J
Show HN: Makerspace for “bad” art and thoughtful subjectivity Inspired by r/BadArt and r/CrappyArt https://ift.tt/P3cZGvr August 14, 2022 at 05:48AM
Show HN: Bog Gobbler Word Game https://ift.tt/ukpq1Ui
Show HN: Bog Gobbler Word Game Two years ago my pandemic project was an online multi-player variant of Scrabble named Crossword Island Hopper where you capture territory by placing words on a board. It proved to be wildly unpopular. More recently I have been working on Bog Gobbler, which is a variant of Boggle where you capture territory by finding words in the grid. The territory-capture element is much more relevant in the multi-player game, but also affects the mechanics of solo games. This one is a little more popular and there is a daily solo challenge where everyone plays the same grid, with a global and personal leaderboard. You can go directly to the daily challenge at: https://ift.tt/AKpmJ92 If you know how to play Boggle the one thing you need to be aware of is that after the first word you find, all subsequent words must include at least one letter that you already "own". https://ift.tt/avw8fUu August 13, 2022 at 08:11PM
Show HN: `pdf2searchablepdf` command-line tool to make PDF have searchable text https://ift.tt/7XyRxKH
Show HN: `pdf2searchablepdf` command-line tool to make PDF have searchable text Easily perform OCR (Optical Character Recognition) on PDFs. `pdf2searchablepdf input.pdf` = voila! "input_searchable.pdf" is created & now has searchable text https://ift.tt/S1thBbW August 14, 2022 at 01:40AM
Show HN: Create WireGuard Mesh Networks Using Vault https://ift.tt/ieG3jb4
Show HN: Create WireGuard Mesh Networks Using Vault https://ift.tt/FbvrUlt August 14, 2022 at 01:00AM
Show HN: I've made a GPU-based wavelet spectrogram tool for birdsongs https://ift.tt/NK19VJH
Show HN: I've made a GPU-based wavelet spectrogram tool for birdsongs https://ift.tt/927edhD August 13, 2022 at 11:21PM
Saturday, August 13, 2022
Show HN: DAW JSON Link https://ift.tt/yXS3Jqx
Show HN: DAW JSON Link I just released v3 of DAW JSON Link https://ift.tt/BOYWr46 , a C++ JSON library, that I am the author of. It's a C++ JSON library that prioritizes concrete data structures. It is fast, GB/s, and competitive with other libraries out there like simdjson. A brief list of things it supports are: * declaratively map json objects to C++ data structures * allows allocators to be provided and passes it to allocator aware types * can parse via a non-owning json_value that allows JSON Path like indices along with iteration of sub members * types to provide iteration over json arrays and use in C++ algorithms * JSON Lines/NDJSON support * The parser does not allocate at all, that is up to the resulting data structures, if needed. The memory usage is very minimal * Variants/Sum types are a priority and most expressions of them in JSON have easy mappings with a fallback to code if needed * JSON Schema output from mappings * Custom number types are supported(e.g Boost Multi-precision/GNU MP) * Serialization to most things is supported out of the box with the ability to easily add a new way. This includes, pointer, output iterators, span like types, strings/vectors/containers of byte like types, FILE ... An accompanying project https://ift.tt/ebPdOpq that allows using Boost.Describe reflection like mappings with JSON Link * Lots of example code in tests folder and cookbook like documentation in the docs folder to see it in use. All the examples in documentation are part of the test suite too * Optionally allows for comments( # line comments and C-style // and /* /) Allows for trailing comma * constexpr https://ift.tt/BOYWr46 August 13, 2022 at 12:54AM
Patch Madness: Vendor Bug Advisories Are Broken, So Broken
Duston Childs and Brian Gorenc of ZDI take the opportunity at Black Hat USA to break down the many vulnerability disclosure issues making patch prioritization a nightmare scenario for many orgs.
Show HN: A simple price betting platform on crypto https://ift.tt/yt3ucQx
Show HN: A simple price betting platform on crypto You bet on the direction of a crypto price in the next 60 secs (up/down). If you're right, you can win >60%, if you're wrong, you lose your investment. Onboard just with an ETH transfer, no KYC, no trading fees. Fun mode available. https://popcoin.gg/ August 12, 2022 at 07:23PM
Patch Madness: Vendor Bug Advisories Are Broken, So Broken
Duston Childs and Brian Gorenc of ZDI take the opportunity at Black Hat USA to break down the many vulnerability disclosure issues making patch prioritization a nightmare scenario for many orgs.
source https://www.darkreading.com/risk/patch-madness-vendor-bug-advisories-broken
source https://www.darkreading.com/risk/patch-madness-vendor-bug-advisories-broken
Software Supply Chain Chalks Up a Security Win With New Crypto Effort
GitHub, the owner of the Node Package Manager (npm), proposes cryptographically linking source code and JavaScript packages in an effort to shore up supply chain security.
Friday, August 12, 2022
Supply-Chain Security Startup Phylum Wins the First Black Hat Innovation Spotlight
Up-and-coming companies shoot their shot in a new feature introduced at the 25th annual cybersecurity conference.
Show HN: Wordle but for Tweets https://ift.tt/0Jg7La6
Show HN: Wordle but for Tweets Hey HN I built this simple app that grabs four popular tweets from the last 24 hours and removes a word from each, so that the missing words spell out a phrase. It's the player's job to guess the missing words. A key motive for building this was that, to be honest, I was finding much of the news and social media dialogue quite depressing. I thought that if a wholesome or inspirational phrase can be built out of these (often tiresome) tweets, then there would be something nice about that. The stack included GCloud scheduler (for daily Tweet scraping and automatic puzzle generation), Supabase (which, by the way, is fantastic) and Next / Vercel. https://www.birdle.art/ August 11, 2022 at 11:34PM
Compositional Structures for Systems Engineering and Design
The focus of this workshop in on fostering the development of tooling and use-cases supporting the applied category theory community. We are particularly interested in bringing together practitioners who are engaged with susceptible domains as well
from NIST Events https://ift.tt/Obna25z
https://ift.tt/Obna25z https://ift.tt/fCEAXhx via IFTTT
from NIST Events https://ift.tt/Obna25z
https://ift.tt/Obna25z https://ift.tt/fCEAXhx via IFTTT
Compositional Structures for Systems Engineering and Design
The focus of this workshop in on fostering the development of tooling and use-cases supporting the applied category theory community. We are particularly interested in bringing together practitioners who are engaged with susceptible domains as well Via NIST Events https://ift.tt/rIPXuhD
Thursday, August 11, 2022
Show HN: Proxy.py https://ift.tt/62SXhud
Show HN: Proxy.py [Not my project] A very well features proxy server (Forward & Reverse + lots of other features). https://ift.tt/SKVyHUW August 11, 2022 at 12:29PM
Multiple Vulnerabilities Discovered in Device42 Asset Management Appliance
Four serious security issues on the popular appliance could be exploited by hackers with any level of access within the host network, Bitdefender researchers say.
source https://www.darkreading.com/vulnerabilities-threats/multiple-vulnerabilities-discovered-in-device42-asset-management-appliance
source https://www.darkreading.com/vulnerabilities-threats/multiple-vulnerabilities-discovered-in-device42-asset-management-appliance
Security and Training Awareness: Best Practices
FISSEA’s Security and Training Awareness: Best Practices Event helps agencies build better Security and Training Awareness (SAT) programs by hearing from top practitioners in the federal space. The Department of Homeland Security OIG will present on Via NIST Events https://ift.tt/rIPXuhD
Multiple Vulnerabilities Discovered in Device42 Asset Management Appliance
Four serious security issues on the popular appliance could be exploited by hackers with any level of access within the host network, Bitdefender researchers say.
Security and Training Awareness: Best Practices
FISSEA’s Security and Training Awareness: Best Practices Event helps agencies build better Security and Training Awareness (SAT) programs by hearing from top practitioners in the federal space. The Department of Homeland Security OIG will present on
from NIST Events https://ift.tt/RI39kVt
https://ift.tt/RI39kVt https://ift.tt/xi2BKlc via IFTTT
from NIST Events https://ift.tt/RI39kVt
https://ift.tt/RI39kVt https://ift.tt/xi2BKlc via IFTTT
Show HN: Releese – Music business management software https://ift.tt/A52mgZz
Show HN: Releese – Music business management software After working in the music industry myself as an artist (Midsplit) and as a label manager / employee (ChillYourMind, Strange Fruits) I noticed that the music industry has very antiquated tools that are often expensive and rarely updated. I had the idea to build a platform that could streamline the entire releasing process of music, we nailed it down to metadata management, royalty splits, landing pages generation, distribution to major stores and royalty collection (publishing + neighboring) rights. After building this with a small team for 18 months, we finally managed to create our vision with a surprisingly functional product. Our cloud infrastructure is based on Google Cloud and our app is 98% Typescript (Thank you Github) I would love to know how someone in or outside the music industry feels about the platform. Hopefully we will help shape a better music industry! https://ift.tt/Zox3RUz August 10, 2022 at 11:17PM
Show HN: Coder – Remote development environments provisioned with Terraform https://ift.tt/FPVj47U
Show HN: Coder – Remote development environments provisioned with Terraform https://ift.tt/Bpq5PZ9 August 10, 2022 at 10:31PM
Wednesday, August 10, 2022
Microsoft Patches Zero-Day Actively Exploited in the Wild
The computing giant issued a massive Patch Tuesday update, including a pair of remote execution flaws in the Microsoft Support Diagnostic Tool (MSDT) after attackers used one of the vulnerabilities in a zero-day exploit.
Show HN: WeExpire – Notes readable only after your death https://ift.tt/KxZgr4z
Show HN: WeExpire – Notes readable only after your death https://weexpire.org/ August 9, 2022 at 11:13PM
Microsoft Patches Zero-Day Actively Exploited in the Wild
The computing giant issued a massive Patch Tuesday update, including a pair of remote execution flaws in the Microsoft Support Diagnostic Tool (MSDT) after attackers used one of the vulnerabilities in a zero-day exploit.
source https://www.darkreading.com/vulnerabilities-threats/microsoft-patches-zero-day-actively-exploited-in-the-wild
source https://www.darkreading.com/vulnerabilities-threats/microsoft-patches-zero-day-actively-exploited-in-the-wild
Halo Security Emerges From Stealth With Full Attack Surface Management Platform
The latest startup to enter the attack surface management space also has a free scanning service to audit the contents of any website.
Show HN: Create bespoke, always-on, virtual coworking rooms (called cafes) https://ift.tt/DJalS2x
Show HN: Create bespoke, always-on, virtual coworking rooms (called cafes) https://ift.tt/DLfSN8Q August 9, 2022 at 10:25PM
Tuesday, August 9, 2022
Show HN: Rewind 4, a Chrome extension for bookmark hoarders https://ift.tt/X8L5d1T
Show HN: Rewind 4, a Chrome extension for bookmark hoarders https://ift.tt/ZTw6qhP August 9, 2022 at 12:38AM
Show HN: Realtime visualization of 3D spectrogram with THREEJS shaders https://ift.tt/xshApo0
Show HN: Realtime visualization of 3D spectrogram with THREEJS shaders I've been working with 2D spectrograms for a while now while working with Speech recognition. It had always fascinated me how speech and words had such distinct features. Looking at spectrograms is essentially like hearing with your eyes. Over the weekend i built a tool to visualize your own audio into a spectrogram in 3D. I used threeJS with shaders and vanilla JS/Html. Play with it here : https://ift.tt/etl5Uxg I hope it brings you as much joy as it does for me. August 8, 2022 at 11:08PM
Monday, August 8, 2022
Pipeline Operators Are Headed in the Right Direction, With or Without TSA's Updated Security Directives
A worsening threat landscape, increased digitization, and the long-term positive effects of modern security strategies are pushing critical infrastructure operators to do better.
Show HN: Realtime 3D spectrogram visualization using threejs shaders https://ift.tt/wGkV4MO
Show HN: Realtime 3D spectrogram visualization using threejs shaders https://ift.tt/XF7vgkx August 8, 2022 at 03:28PM
Show HN: Build for any cloud with the same code https://ift.tt/yqjmS3s
Show HN: Build for any cloud with the same code We have been working on Multy, an open-source[1] tool that enables developers to deploy and switch to any cloud - AWS, Azure and GCP for now. We realized that, even when using Terraform, writing infrastructure code is very different for each cloud provider. This means changing clouds or deploying the same infrastructure in multiple clouds requires rewriting the same thing multiple times. And even though most core resources have the same functionality, developers need to learn a new provider and all its nuances when choosing a new cloud. This is why we built Multy. Multy is currently available as a Terraform provider. You can write cloud-agnostic code and then just choose which cloud you want to deploy to. Multy will then call the cloud provider APIs on your behalf. For example, the following Terraform code deploys a virtual network in AWS and can be easily changed to deploy to Azure or GCP: ``` resource "multy_virtual_network" "vn" { cloud = "aws" // or azure, or gcp name = "multy_vn" cidr_block = "10.0.0.0/16" location = "eu_west_1" } ``` Our goal is to expose any configuration that is common across all clouds, but there’s always specific features that are not available in all of them. For example, if you want a very specific AWS CPU for your Virtual Machine or use a region that is only available in GCP. To enable this, we implemented overrides [2] - a way to configure the underlying infrastructure for cloud-specific purposes. You can also mix other Terraform code that uses the cloud-specific providers with Multy. While this makes you somewhat locked in, having your 80% or 90% of your infrastructure cloud-agnostic is still very powerful. You can see more complex examples in our documentation - https://ift.tt/dZSkuKm . We’re still in early days and looking for feedback from other developers on our approach. Let us know what you think! [1] https://ift.tt/hwuXDcB [2] https://ift.tt/DSNsylq https://ift.tt/hwuXDcB August 8, 2022 at 03:27PM
Sunday, August 7, 2022
Show HN: Dungeons and Business Cards https://ift.tt/8izOSEK
Show HN: Dungeons and Business Cards https://ift.tt/JnBwgIu August 7, 2022 at 08:31AM
Show HN: Cronit – Online Cronjobs https://ift.tt/SbkdY6u
Show HN: Cronit – Online Cronjobs https://cronit.app August 7, 2022 at 07:24AM
Show HN: Toon Lens – transform face images into cartoon style https://ift.tt/1TlXrvO
Show HN: Toon Lens – transform face images into cartoon style https://toonlens.com/ August 7, 2022 at 07:11AM
Show HN: Spliit — Splitwise alternative with no signup needed https://ift.tt/1WxXm9a
Show HN: Spliit — Splitwise alternative with no signup needed https://spliit.app/ August 6, 2022 at 11:01PM
Show HN: I made a cross-platform command-line music player called maestro https://ift.tt/uRarSnN
Show HN: I made a cross-platform command-line music player called maestro It is built to work on Windows, Mac, and Linux, and was tested thoroughly on my Mac and lightly on my friend's Windows. Unfortunately, no one I know uses Linux. It works with WAV, MP3, FLAC, and Ogg Vorbis files. https://ift.tt/CWu6REK August 7, 2022 at 03:24AM
Show HN: Print invitation envelopes at home from a CSV file https://ift.tt/YfQohtU
Show HN: Print invitation envelopes at home from a CSV file https://ift.tt/zGI36Mp August 6, 2022 at 07:28PM
Saturday, August 6, 2022
Show HN: SSHD Wizard – combine any SSD and HDD (Win only) https://ift.tt/K2wgPAr
Show HN: SSHD Wizard – combine any SSD and HDD (Win only) https://ift.tt/9oQW6nI August 6, 2022 at 03:31AM
Show HN: A link/news aggregator I am working on https://ift.tt/UAGINCP
Show HN: A link/news aggregator I am working on Hello HN, I'm building omegapedia.com, a link/news aggregator that combines features of multiple other sites. I started building this site because I often found some features lacking in other websites. As example: You can format you text to be italic, red, blue or to be a spoiler. Comments are not threaded and don't include any voting feature. Omegapedia uses upvotes and downvotes for posts but shows them as separate numbers. I styled the page in darkmode but added an optional lightmode as well. I added "Trust-Points" and a leaderboard to show the 5 users with the most points. Other noteworthy features are: -Comment replies. -Flairs. -Adding a bio to your profile. -Mention users in comments. -Ability to add a email address to your account. -Forgot-my-password function. -Link posts. There is no need to add a email andress to your account and you will never be forced to. The site works on pc and mobile. The site is very lightweight because there are no CSS or JavaScript libaries that will have to be downloaded first. There are multiple ways to sort the posts and a way to show the recent comments so you can join a current discussion anytime. There is no register barrier and you will be automatically logged in a muted guest account. I am very interested in feedback and if you have any questions or comments please let me know, thank you! ======== Join me on omegapedia! https://ift.tt/BWod5pK https://ift.tt/5hGNmzw August 5, 2022 at 07:55PM
Show HN: Make videos and images programmatically with CSS https://ift.tt/tO17P8J
Show HN: Make videos and images programmatically with CSS https://videocode.io August 5, 2022 at 09:02PM
Friday, August 5, 2022
Cyberattackers Increasingly Target Cloud IAM as a Weak Link
At Black Hat USA, Igal Gofman plans to address how machine identities in the cloud and the explosion of SaaS apps are creating risks for IAM, amid escalating attention from attackers.
source https://www.darkreading.com/cloud/cyberattackers-increasingly-target-cloud-iam-as-a-weak-link
source https://www.darkreading.com/cloud/cyberattackers-increasingly-target-cloud-iam-as-a-weak-link
Amazon, IBM Move Swiftly on Post-Quantum Cryptographic Algorithms Selected by NIST
A month after the algorithms were revealed, some companies have already begun incorporating the future standards into their products and services.
source https://www.darkreading.com/dr-tech/amazon-ibm-move-swiftly-on-post-quantum-cryptographic-algorithms-selected-by-nist
source https://www.darkreading.com/dr-tech/amazon-ibm-move-swiftly-on-post-quantum-cryptographic-algorithms-selected-by-nist
Amazon, IBM Move Swiftly on Post-Quantum Cryptographic Algorithms Selected by NIST
A month after the algorithms were revealed, some companies have already begun incorporating the future standards into their products and services.
Time to Patch VMware Products Against a Critical New Vulnerability
A dangerous VMware authentication-bypass bug could give threat actors administrative access over virtual machines.
Thursday, August 4, 2022
New Startup Footprint Tackles Identity Verification
Early-stage startup Footprint's goal is to provide tools that change how enterprises verify, authentication, authorize, and secure identity.
source https://www.darkreading.com/dr-tech/new-startup-footprint-tackles-identity-verification
source https://www.darkreading.com/dr-tech/new-startup-footprint-tackles-identity-verification
How IT Teams Can Use 'Harm Reduction' for Better Cybersecurity Outcomes
Copado's Kyle Tobener will discuss a three-pronged plan at Black Hat USA for addressing human weaknesses in cybersecurity with this medical concept — from phishing to shadow IT.
How IT Teams Can Use 'Harm Reduction' for Better Cybersecurity Outcomes
Copado's Kyle Tobener will discuss a three-pronged plan at Black Hat USA for addressing human weaknesses in cybersecurity with this medical concept — from phishing to shadow IT.
source https://www.darkreading.com/risk/teams-harm-reduction-better-cybersecurity-outcomes
source https://www.darkreading.com/risk/teams-harm-reduction-better-cybersecurity-outcomes
Building the NIST AI Risk Management Framework: Workshop #3
With considerable help from stakeholders, NIST is making solid progress in developing the voluntary AI Risk Management Framework. Now, help us take the next step by joining us on Tuesday and Wednesday, October 18-19, 2022, for our third and final Via NIST Events https://ift.tt/bpgOn4R
Critical RCE Bug in DrayTek Routers Opens SMBs to Zero-Click Attacks
SMBs should patch CVE-2022-32548 now to avoid a host of horrors, including complete network compromise, ransomware, state-sponsored attacks, and more.
Show HN: MutableAI (YC W22) – Copilot Alternative for VS Code https://ift.tt/8mEZlXi
Show HN: MutableAI (YC W22) – Copilot Alternative for VS Code Hi HN! We’re MutableAI (YC W22) ( https://mutable.ai ). Our mission is to reduce the time and cost to create high quality code using AI. We have worked at the full gamut of companies ranging from startups to big tech and have gotten the sense that many of the rote aspects of software development could be made easier, freeing up precious mental energy. Devs love Copilot, but autocomplete is just one of many ways that AI should make programming easier. We’re taking a more comprehensive approach to developer tooling that bundles Copilot-like autocomplete with documentation, custom AI instruction, and some early refactoring capabilities (Python only) in one extension. We currently support Javascript/Typescript, Python, Go, and Rust, with more coming soon. Overview (w/ bg music) [1]. In addition to autocomplete, which can be triggered either automatically or manually, we can add documentation to all your methods in a Rust file, or you can ask the AI to insert missing imports in a Python file. In some cases we can get really sophisticated and ask it to program a game from scratch or update your REST interface to accommodate a new data payload. We use a combination of AI (e.g. OpenAI codex) and AST transformation / metaprogramming techniques on the backend. We are also working on providing other backend solutions for varying needs, including on-prem deployments. We soft launched our product with a small cohort of users and want to welcome more of you to our pilot beta. We hope you enjoy the product and look forward to learning from you. We are currently in an extended free trial phase for early adopters and plan to keep a free tier for solo devs and open source contributors. We also offer a generous discount to startups. For enterprise please reach out to info@mutable.ai We want to thank our very earliest users and invite the HN community to try the product installing it via the VS Code marketplace [2]. We're looking forward to hearing your comments and feedback, or feature suggestions! [1] https://www.youtube.com/watch?v=x-gKEbgyzCg [2] https://ift.tt/WN1ZP93... https://ift.tt/coHZK1W August 3, 2022 at 07:48PM
Wednesday, August 3, 2022
Large Language AI Models Have Real Security Benefits
Complex neural networks, including GPT-3, can deliver useful cybersecurity capabilities such as explaining malware and quickly classifying websites, researchers find.
Massive New Phishing Campaign Targets Microsoft Email Service Users
The campaign uses adversary-in-the-middle techniques to bypass multifactor authentication, evade detection.
source https://www.darkreading.com/attacks-breaches/massive-new-phishing-campaign-targeting-microsoft-email-users
source https://www.darkreading.com/attacks-breaches/massive-new-phishing-campaign-targeting-microsoft-email-users
From Babuk Source Code to Darkside Custom Listings — Exposing a Thriving Ransomware Marketplace on the Dark Web
Venafi investigation of 35 million Dark Web URLs shows macro-enabled ransomware widely available at bargain prices.
source https://www.darkreading.com/attacks-breaches/from-babuk-source-code-to-darkside-custom-listings-exposing-a-thriving-ransomware-marketplace-on-the-dark-web
source https://www.darkreading.com/attacks-breaches/from-babuk-source-code-to-darkside-custom-listings-exposing-a-thriving-ransomware-marketplace-on-the-dark-web
Massive New Phishing Campaign Targets Microsoft Email Service Users
The campaign uses adversary-in-the-middle techniques to bypass multifactor authentication, evade detection.
From Babuk Source Code to Darkside Custom Listings — Exposing a Thriving Ransomware Marketplace on the Dark Web
Venafi investigation of 35 million Dark Web URLs shows macro-enabled ransomware widely available at bargain prices.
Manufacturing Sector in 2022 Is More Vulnerable to Account Compromise and Supply Chain Attacks in the Cloud than Other Verticals
Netwrix study reveals that manufacturing organizations experienced these types of attacks more often than any other industry surveyed.
Show HN: Tiki.li – Learn Programming Basics in 20 Minutes https://ift.tt/7tO0dnK
Show HN: Tiki.li – Learn Programming Basics in 20 Minutes https://ift.tt/aiUec0E August 2, 2022 at 06:13PM
Tuesday, August 2, 2022
Show HN: I made a Telegram bot to get Raspberry Pi “in-stock” notification https://ift.tt/4PjOzRf
Show HN: I made a Telegram bot to get Raspberry Pi “in-stock” notification https://ift.tt/hIF3x4m August 1, 2022 at 11:03PM
Show HN: Personal productivity workspace for busy people https://ift.tt/yD4Pt0N
Show HN: Personal productivity workspace for busy people We're building an app that helps people manage their schedule, tasks and notes all in one place. The goal is to create a workspace, where people can manage their various priorities, both personal and professional, see a single schedule combined of all their calendars and manage their days without switching between multiple apps. At the moment we've implemented Google calendar synchronisation, basic tasks and notes. Also Emery has some things we really wanted to see in other apps – private notes for meetings, categories that can be used to group tasks/notes/meetings together, weekly productivity reports. Happy to hear any feedback and answer any questions! https://emery.to/ August 2, 2022 at 12:42AM
Subscribe to:
Posts (Atom)