Best of Security — 2021
- 1
- 2
Honeypot·4y
The 6 Best Hacker Movies To Watch This Year
In most films, hackers are mysteriously bright subjects who can move pieces of a computer jigsaw and create consequences at will. In 2014, a group of hackers accessed Sony’s computer systems and leaked several unreleased films. To stop the hackers, Sony shelve “the movie of terrorism of terrorism” The Interview.
- 3
DEV·5y
Skills required to be a full stack developer: a checklist
The skills list required to be a full stack developer is long and it can be hard to know exactly what skills you need. The often shared online resource for this kind of thing is roadmap.sh but, while it is extensive, I think the amount covered here is too much to be helpful to new developers. I have my own list, it’s a bare minimum required skills list and it looks like this:
- 4
Product Hunt·5y
Noteli - An open source CLI tool to take notes
Noteli is an Open Source CLI tool made especially for note-taking. Built using powers of TypeScript and security of Auth0 with MongoDB. Noteli would help developers to take notes quickly from the shell without wasting time through GUI :P Embed Collect Embed collect.
- 5
Hacker News·5y
Bye YouTube, Hello PeerTube đź“ş (no ads, decentralised, privacy-friendly! -- Diode Zone)
PeerTube needs JavaScript to work. If you are concerned about the security and privacy (or lack thereof) of JavaScript web applications, you might want to review the source code of the instance you are trying to access, or look for security audits. We totally get that. However, this page will not work without it.
- 6
Ballerina·5y
Securing Microservices with JWT
This guide explains how to secure an 'Order Management Service' (RESTful service) with JWT Auth using Ballerina. JWT helps to pass the end-user context across microservices in a manner that can’t be forged. Because the claims set of the JWT is signed by the STS, no microservice can change its content without invalidating its signature.
- 7
GitHub Blog·4y
5 automations every developer should be running
GitHub Actions offers thousands of pre-written, community-built tests and automations that range from code quality to code review to testing. CodeQL finds security advisories across coding languages and packages, and then automatically displays them in your repository’s security tab. Run npm test in your workflows to push the latest and greatest software.
- 8
DZone·5y
Software Engineering Best Practices That High-Performing Teams Follow
Software engineering best practices that high-performing teams follow. Code reviews are vitally important to ensure consistency and reliability of software. Software maintenance is a critical part of the software development lifecycle. Engineers should continuously clean up small pieces of tech debt so they never have to undertake a giant refactoring project.
- 9
- 10
Medium·5y
Don’t Use Electron Until You’ve Read This Article
Electron is a framework that allows developers to create native desktop applications for Windows, Mac, and Linux from a single codebase. The biggest problem with Electron applications is security. It is too easy to create a highly insecure Electron application. Electron team has worked to address this problem, changing setting defaults to more secure options in recent releases.
- 11
The Hacker News·5y
New Chrome Browser 0-day Under Active Attack—Update Immediately!
Google releases Chrome 88.0.4324.150 for Windows, Mac, and Linux. The fix is for a heap buffer overflow flaw in its V8 JavaScript rendering engine. The security flaw was reported to Google by Mattias Buelens on January 24. It's not immediately clear if CVE-2021-21148 was used in these attacks.
- 12
Quastor Daily·5y
Software Architecture Principles
Slack’s codebase is largely written in the Hack programming language. There are no widely-used static analysis tools for Hack, so two interns set out to build one. They did it by adding support for Hack to Semgrep (a popular open source static analysis tool)
- 13
Windows 11: Just say no
California: Do Not Sell My Personal Info. Computerworld The Voice of Business Technology. Follow us on Twitter @Computerworld. We're also on Facebook and Google+. For confidential support call the Samaritans on 08457 90 90 90 or visit a local Samaritans branch, see www.samaritans.org for details.
- 14
freeCodeCamp·5y
How to Secure Your React.js Application
React.js is a scalable open-source JavaScript library and is one of the most commonly used front-end frameworks out there today. It's dynamic and is easy to get started with if you want to create interactive web applications with reusable components. But there are some thing you need to be aware of when using it for your projects.
- 15
New Chrome 0-Day Bug Under Active Attacks – Update Your Browser ASAP!
Chrome users can update to the latest version (91.0.4472.101) by heading to Settings > Help > About Google Chrome to mitigate the risk associated with the flaw. The flaw stems from a type confusion issue in its V8 open-source and JavaScript engine. Google has addressed a total of seven zero-days in Chrome since the start of the year.
- 16
- 17
TechCrunch·5y
Hacker leaks Twitch source code and creator payout data – TechCrunch
Leaker claims to have taken Twitch source code, creator payouts and other data. Twitch confirmed the breach in a tweet on Wednesday. The data contains payouts for each Twitch user, some of which reach into the six-figures. The leak could also represent a security risk, since it now allows practically anyone to search for security vulnerabilities.
- 18
Antivirus Pioneer John McAfee Found Dead in Spanish Jail
John McAfee, 75, died by suicide in a jail cell in Barcelona, Spain. He was due to be extradited to the U.S. to face federal criminal tax evasion charges. McAfee worked for NASA, Xerox, and Lockheed Martin before launching the world's first commercial antivirus software.
- 19
- 20
JavaScript in Plain English·5y
Simple CSS Hack to Reduce Page Load Time
Simple hack to reduce the impact of CSS on page load time. Use non-Blocking CSS to improve the performance of the application. The property “media=’print’” should be applied to only those CSS elements which do not have any impact during the initial loading of the page.
- 21
How To Become a Hacker In a Year
Hackers are creative and love to solve problems. Hacking is more than executing a script and calling it a day. Our trade requires a lot of passion even for the things we don’t care about. There is so much potential within the field of hacking. You can keep on learning forever.
- 22
GitHub’s top 10 blog posts of 2021
GitHub Blog is highlighting some of the incredible work from GitHub’s engineers, product teams, and security researchers during 2021. If you’re looking for inspiration as we head into the new year, take a look at the top 10 posts published in 2021.
- 23
GitHub Revoked Insecure SSH Keys Generated by a Popular git Client
GitHub revokes weak SSH authentication keys that were generated via the GitKraken client. A vulnerability in a third-party library increased the likelihood of duplicated SSH keys. The issue has since been addressed in keypair version 1.0.4 and Gitkraken version 8.0-1.1.
- 24
How to Become a Certified Ethical Hacker
Cybersecurity and hacking certifications will be important if you are pursuing a career in the infosec industry. I’ll go through the top five cybersecurity certifications and explain a little about what you can expect and who they're for. There are two main categories that differentiate ethical hacking jobs. We have Red Teaming which is the offensive side of hacking, and Blue Teaming.
- 25
System Weakness·4y
Keylogger For PC
Keyloggers are a type of monitoring software designed to record keystrokes made by a user. Criminals use keyloggers to steal personal or financial information such as banking details, which they can then sell or use for profit. Law enforcement and intelligence agencies also uses keylogging for surveillance purposes.
