Best of Security — December 2021
- 1
- 2
Honeypot·4y
The 6 Best Hacker Movies To Watch This Year
In most films, hackers are mysteriously bright subjects who can move pieces of a computer jigsaw and create consequences at will. In 2014, a group of hackers accessed Sony’s computer systems and leaked several unreleased films. To stop the hackers, Sony shelve “the movie of terrorism of terrorism” The Interview.
- 3
GitHub Blog·4y
5 automations every developer should be running
GitHub Actions offers thousands of pre-written, community-built tests and automations that range from code quality to code review to testing. CodeQL finds security advisories across coding languages and packages, and then automatically displays them in your repository’s security tab. Run npm test in your workflows to push the latest and greatest software.
- 4
- 5
System Weakness·4y
Keylogger For PC
Keyloggers are a type of monitoring software designed to record keystrokes made by a user. Criminals use keyloggers to steal personal or financial information such as banking details, which they can then sell or use for profit. Law enforcement and intelligence agencies also uses keylogging for surveillance purposes.
- 6
The Hacker News·4y
Second Log4j Vulnerability (CVE-2021-45046) Discovered — New Patch Released
Apache Software Foundation pushes out new fix for Log4j logging utility. The previous patch for the recently disclosed Log4Shell exploit was deemed as "incomplete in certain non-default configurations" The latest update arrives as fallout from the flaw has resulted in a "true cyber pandemic"
- 7
Dev Genius·4y
Log4Shell, as explained by metaphor and memes!
Log4Shell is a Remote Code Execution (“RCE”) vulnerability, which is OpSec speak for roughly “Anyone who can interact with a computer that has this vulnerability, even indirectly, can command that computer to do whatever they want it to do” This is like bad actors showing up in courtrooms and shouting out the key phrase to see if they compromise the stenographer.
- 8
Apache Log4j Vulnerability — Log4Shell — Widely Under Active Attack
Telemetry signs point to exploitation of the flaw nine days before it even came to light. Threat actors are weaponizing unpatched servers affected by the newly disclosed "Log4Shell" vulnerability. Threats such as Mirai and Muhstik are setting their sights on vulnerable systems to spread the infection.
- 9
Laravel News·4y
Our top 10 Laravel Tutorials of 2021
Laravel is fast out-of-the-box, but you can make it faster if you optimize your configurations and application code. Find N+1 problems instantly by disabling lazy loading in development. Laravel provides many excellent helper functions that are convenient for working with arrays, file paths, strings, and routes.
- 10
Cisco·4y
Log4j Developer Response
A newly discovered zero-day vulnerability (CVE-2021-44228) in the Apache Log4j library. If exploited, the vulnerability allows attackers to gain full control of affected servers and your application. There are a few key things you can do as a developer to contain the threat.