Visual Studio 2022 for Mac Release Candidate
https://devblogs.microsoft.com/visualstudio/visual-studio-2022-for-mac-release-candidate/
https://devblogs.microsoft.com/visualstudio/visual-studio-2022-for-mac-release-candidate/
Microsoft News
Visual Studio 2022 for Mac Release Candidate
The Visual Studio 2022 for Mac 17.0 Release Candidate (RC) is ready for you to download now and includes a go-live license that allows you to develop in production environments.
How to enable God Mode on Windows 11, and what is it?
https://www.xda-developers.com/how-to-enable-god-mode-windows-11-what-is-it/
https://www.xda-developers.com/how-to-enable-god-mode-windows-11-what-is-it/
XDA
God Mode gives you instant access to your favorite Windows setting, and here's how to use it
Wondering how to use God Mode on Windows 11 or previous versions of Windows? Here's how to enable it and what you can do with it.
Identifies a suspicious local successful logon event where the Logon Package is Kerberos
https://github.com/elastic/detection-rules/blob/a6d9936684e03758cadfd601a63ed204b1ce9f3e/rules/windows/privilege_escalation_krbrelayup_service_creation.toml
https://github.com/elastic/detection-rules/blob/a6d9936684e03758cadfd601a63ed204b1ce9f3e/rules/windows/privilege_escalation_krbrelayup_service_creation.toml
GitHub
detection-rules/rules/windows/privilege_escalation_krbrelayup_service_creation.toml at a6d9936684e03758cadfd601a63ed204b1ce9f3e…
Contribute to elastic/detection-rules development by creating an account on GitHub.
Actual, useful IDE collection + denoscription for current day
…but I would also add - neovim, komodo and maybe hbuilder…:
https://www.geeksforgeeks.org/10-best-ide-for-web-developers-in-2022/
…but I would also add - neovim, komodo and maybe hbuilder…:
https://www.geeksforgeeks.org/10-best-ide-for-web-developers-in-2022/
GeeksforGeeks
10 Best IDE For Web Developers in 2022 - GeeksforGeeks
A Computer Science portal for geeks. It contains well written, well thought and well explained computer science and programming articles, quizzes and practice/competitive programming/company interview Questions.
Building many private virtual networks through Cloudflare Zero Trust
https://blog.cloudflare.com/building-many-private-virtual-networks-through-cloudflare-zero-trust/
#need_to_review
https://blog.cloudflare.com/building-many-private-virtual-networks-through-cloudflare-zero-trust/
#need_to_review
The Cloudflare Blog
Building many private virtual networks through Cloudflare Zero Trust
Starting today, we are thrilled to announce that you can start building many segregated virtual private networks over Cloudflare Zero Trust, beginning with virtualized connectivity for the connectors Cloudflare WARP and Cloudflare Tunnel
Using the BFF pattern to secure SPA and Blazor Applications
(webinar)
https://blog.jetbrains.com/dotnet/2022/04/25/webinar-using-the-bff-pattern-to-secure-spa-and-blazor-applications/
(webinar)
https://blog.jetbrains.com/dotnet/2022/04/25/webinar-using-the-bff-pattern-to-secure-spa-and-blazor-applications/
The JetBrains Blog
Webinar – Using the BFF pattern to secure SPA and Blazor Applications | The .NET Tools Blog
Join us Tuesday, May 10, 2022, 15:00 - 16:00 UTC (check other timezones) for our free live webinar, Using the BFF pattern to secure SPA and Blazor Applications with Information Security specialist and
Good news that I wanto to share to us! After my request to JetBrains and after together review my projects on GitHub, JetBrains provided for BLD DNS project Open Source Development licence for one yar, until to 2023 🎉
P.S. You can review BLD DNS Project on official site, which current time located on - https://lab.sys-adm.in
P.S. You can review BLD DNS Project on official site, which current time located on - https://lab.sys-adm.in
BLD DNS Один день Из Жизни Флуд Файтинга / One Day from BLD DNS Flood Fighting
Это было обычное утро, обычного выходного дня (после пятницы), ничего не предвещало серого неба, и тут опять...
Познавательно, юмористически описанный пример того, как нужно быстро собраться в кучу и придумать велосипед:
- [ru] - Файтинг с DoS / DDoS флудом нацеленным на BLD DNS
~~~
It was an ordinary morning, an ordinary weekend (after Friday), nothing foreshadowed a gray sky, and then again...
An informative, humorous described example of how to quickly get together and come up with a bicycle...
Это было обычное утро, обычного выходного дня (после пятницы), ничего не предвещало серого неба, и тут опять...
Познавательно, юмористически описанный пример того, как нужно быстро собраться в кучу и придумать велосипед:
- [ru] - Файтинг с DoS / DDoS флудом нацеленным на BLD DNS
~~~
It was an ordinary morning, an ordinary weekend (after Friday), nothing foreshadowed a gray sky, and then again...
An informative, humorous described example of how to quickly get together and come up with a bicycle...
awesome-security-hardening
A collection of awesome security hardening guides, best practices, checklists, benchmarks, tools and other resources.
https://github.com/decalage2/awesome-security-hardening
A collection of awesome security hardening guides, best practices, checklists, benchmarks, tools and other resources.
https://github.com/decalage2/awesome-security-hardening
GitHub
GitHub - decalage2/awesome-security-hardening: A collection of awesome security hardening guides, tools and other resources
A collection of awesome security hardening guides, tools and other resources - decalage2/awesome-security-hardening
Open Sesame: Escalating Open Redirect to RCE with Electron Code Review
Despite the fact that the article is 2020, it was interesting...
https://spaceraccoon.dev/open-sesame-escalating-open-redirect-to-rce-with-electron-code-review
Despite the fact that the article is 2020, it was interesting...
https://spaceraccoon.dev/open-sesame-escalating-open-redirect-to-rce-with-electron-code-review
spaceraccoon.dev
Open Sesame: Escalating Open Redirect to RCE with Electron Code Review
This blog post will go through my whitebox review of an unnamed Electron application from a bug bounty program. I will demonstrate how I escalated an open redirect into remote code execution with the help of some debugging. Code samples have been modified…
Package Analysis
This repo contains a few components to aid in the analysis of open source packages, in particular to look for malicious software:
https://github.com/ossf/package-analysis
This repo contains a few components to aid in the analysis of open source packages, in particular to look for malicious software:
https://github.com/ossf/package-analysis
GitHub
GitHub - ossf/package-analysis: Open Source Package Analysis
Open Source Package Analysis. Contribute to ossf/package-analysis development by creating an account on GitHub.
Forwarded from Sys-Admin InfoSec
/ Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations
Newst updated document frim NIST
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-161r1.pdf
Newst updated document frim NIST
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-161r1.pdf
RustDesk - Represented as remote control from anywhere
…Our protocol and client side are open source. You can use our public rendezvous/relay server, or self-hosting, or write your own server….
https://rustdesk.com/
…Our protocol and client side are open source. You can use our public rendezvous/relay server, or self-hosting, or write your own server….
https://rustdesk.com/
GitHub
GitHub - rustdesk/rustdesk: An open-source remote desktop application designed for self-hosting, as an alternative to TeamViewer.
An open-source remote desktop application designed for self-hosting, as an alternative to TeamViewer. - rustdesk/rustdesk
Recognize Digits Using ML in Elixir
https://fly.io/phoenix-files/recognize-digits-using-ml-in-elixir/
https://fly.io/phoenix-files/recognize-digits-using-ml-in-elixir/
Fly
Recognize digits using ML in Elixir
Machine learning allows you to solve once unimaginable problem. Elixir's support for machine learning through Nx and Axon let us do impressive thing while staying in our favorite language.
Forwarded from Sys-Admin InfoSec
BLD DNS Project Status Update (May 2022)
At the this Q2 2022, BLD has some good updates and news!
🪴 BLD Service updates
- Anti-flood Security Implementations and Improvements
- Optimized Debian based distros will change CentOS based
- Regex-supporting implementation
- New overlimits regulations and improvement performance
- Current month num of requests to BLD DNS 10M+ exceeded and the infrastructure withstood such a load, despite the minimal configuration of virtual servers 🥳
- BLD Project Site updates (Adaptive support for mobile devices, Multilingual support: EN, RU, BLD how to setup instructions: EN, RU )
🧩 New servers, resources and locations
At the last few months BLD infrastructure was updated:
- GoHost.kz - Nur-Sultan Server
- Unihost.kz - Almaty Server
- X-RDP - Monreal Server
🤝 BLD receive some supporting from:
- G-Core Labs - Cloud resources
- JetBrains - Open source license to BLD project
⚠️ Deprecation/Changing notises
- ! doh.sys-adm.in will be deprecated, please change your settings to bld.sys-adm.in
At the this Q2 2022, BLD has some good updates and news!
🪴 BLD Service updates
- Anti-flood Security Implementations and Improvements
- Optimized Debian based distros will change CentOS based
- Regex-supporting implementation
- New overlimits regulations and improvement performance
- Current month num of requests to BLD DNS 10M+ exceeded and the infrastructure withstood such a load, despite the minimal configuration of virtual servers 🥳
- BLD Project Site updates (Adaptive support for mobile devices, Multilingual support: EN, RU, BLD how to setup instructions: EN, RU )
🧩 New servers, resources and locations
At the last few months BLD infrastructure was updated:
- GoHost.kz - Nur-Sultan Server
- Unihost.kz - Almaty Server
- X-RDP - Monreal Server
🤝 BLD receive some supporting from:
- G-Core Labs - Cloud resources
- JetBrains - Open source license to BLD project
⚠️ Deprecation/Changing notises
- ! doh.sys-adm.in will be deprecated, please change your settings to bld.sys-adm.in
Security advisory: malicious crate rustdecimal
The Rust Security Response WG and the crates.io team were notified on 2022-05-02 of the existence of the malicious crate
https://blog.rust-lang.org/2022/05/10/malicious-crate-rustdecimal.html
The Rust Security Response WG and the crates.io team were notified on 2022-05-02 of the existence of the malicious crate
rustdecimal, which contained malware. The crate name was intentionally similar to the name of the popular rust_decimal crate, hoping that potential victims would misspell its name (an attack called "typosquatting”):https://blog.rust-lang.org/2022/05/10/malicious-crate-rustdecimal.html
GitHub
Possibly malicious package "rustdecimal" · Issue #514 · paupino/rust-decimal
Hi. I found this package: https://docs.rs/rustdecimal/latest/rustdecimal/ . It seems this is clone of your package created for malicious purposes
Forwarded from Sys-Admin InfoSec
Сегодня в Алматы состоится сходка нескольких ИТ-комьюнити с докладами и не только (Lenore Pub, 19:00)
Движуху двигают r0crewKZ совместно с SolveChat, будет куча докладов (и я там тоже буду)
1. Александр Ошлаков - "Пишем код в функциональном стиле. Как и главное Зачем"
2. Евгения Цыбренко - "Гибридные Криптобиржи: взгляд изнутри"
3. Thatskriptkid - "Решаем андроид крякми с помощью IDA"
4. novitoll - "gnuradio: Eins, zwei (G), Polizei, Drei (G), vier (G), Grenadier, Fünf (G)?"
5. Sh3lldon - Патчинг bin, elf и pe файлов с гидрой
6. sysadmin "Аваренесс о неявных превентивных сервисах"
Бесплатно, без стрима, без записи.
Не забываем подтягиваться в Lenore Pub к 19:00 ✌️
#free #meetup #ru