Code & Design News Aggregator of Code, Security and Design news sites. Fri, 23 Oct 2020 21:42:47 +0000 The World Needs Nuclear Power, and We Shouldn’t Be Afraid of It <a href="">Comments</a> Fri, 23 Oct 2020 21:30:37 +0000 2020-10-23T21:30:37+00:00 Jerry, Inc. (YC S17) Is Hiring a Data Engineer in Toronto <a href="">Comments</a> Fri, 23 Oct 2020 21:00:42 +0000 2020-10-23T21:00:42+00:00 LiveCode is a modern day HyperCard <a href="">Comments</a> Fri, 23 Oct 2020 20:59:11 +0000 2020-10-23T20:59:11+00:00 The YouTube-DL Takedown <a href="">Comments</a> Fri, 23 Oct 2020 20:35:36 +0000 2020-10-23T20:35:36+00:00 The Right to Read (RMS, 1997) <a href="">Comments</a> Fri, 23 Oct 2020 20:16:47 +0000 2020-10-23T20:16:47+00:00 Palo Alto Tiny Basic in the Browser <a href="">Comments</a> Fri, 23 Oct 2020 20:09:28 +0000 2020-10-23T20:09:28+00:00 Gravimetric Radar: Gravity-Based Detection of a Point-Mass Moving in Static Back <a href="">Comments</a> Fri, 23 Oct 2020 19:42:22 +0000 2020-10-23T19:42:22+00:00 YouTube-dl has received a DMCA takedown from RIAA <a href="">Comments</a> Fri, 23 Oct 2020 19:26:35 +0000 2020-10-23T19:26:35+00:00 Show HN: Perfect Pitch Ear Training <a href="">Comments</a> Fri, 23 Oct 2020 19:08:28 +0000 2020-10-23T19:08:28+00:00 Mozilla Hubs – Private social VR in your web browser <a href="">Comments</a> Fri, 23 Oct 2020 18:52:32 +0000 2020-10-23T18:52:32+00:00 Four Features That Justify a New Unix Shell <a href="">Comments</a> Fri, 23 Oct 2020 17:23:13 +0000 2020-10-23T17:23:13+00:00 Efficient smart contract security audits with machine learning and slither-simil <a href="">Comments</a> Fri, 23 Oct 2020 17:15:21 +0000 2020-10-23T17:15:21+00:00 Technical Debt: Why it'll ruin your software <a href="">Comments</a> Fri, 23 Oct 2020 16:44:49 +0000 2020-10-23T16:44:49+00:00 Master of Magic <a href="">Comments</a> Fri, 23 Oct 2020 16:12:13 +0000 2020-10-23T16:12:13+00:00 War Elephants, Part II: Elephants Against Wolves (2019) <a href="">Comments</a> Fri, 23 Oct 2020 15:38:38 +0000 2020-10-23T15:38:38+00:00 Boswell's Life of Johnson <a href="">Comments</a> Fri, 23 Oct 2020 15:33:04 +0000 2020-10-23T15:33:04+00:00 How Debuggers Work: Getting and Setting x86 Registers <a href="">Comments</a> Fri, 23 Oct 2020 15:29:19 +0000 2020-10-23T15:29:19+00:00 In Love with the Louvre <a href="">Comments</a> Fri, 23 Oct 2020 15:27:43 +0000 2020-10-23T15:27:43+00:00 Electoral College Decision Tree <a href="">Comments</a> Fri, 23 Oct 2020 15:10:18 +0000 2020-10-23T15:10:18+00:00 My own C compiler on my own compiler infrastructure <a href="">Comments</a> Fri, 23 Oct 2020 14:43:37 +0000 2020-10-23T14:43:37+00:00 Show HN: Built a timeline component for React with multiple layout modes <a href="">Comments</a> Fri, 23 Oct 2020 14:33:25 +0000 2020-10-23T14:33:25+00:00 Good Finds By Briefbox; October Fri, 23 Oct 2020 14:19:25 +0000 2020-10-23T14:19:25+00:00 Use “pseudo-sets” to control how many actions people take <a href="">Comments</a> Fri, 23 Oct 2020 14:17:39 +0000 2020-10-23T14:17:39+00:00 Cryo–electron microscopy breaks the atomic resolution barrier <a href="">Comments</a> Fri, 23 Oct 2020 14:15:59 +0000 2020-10-23T14:15:59+00:00 Aliens on 1k nearby stars could see us, new study suggests <a href="">Comments</a> Fri, 23 Oct 2020 13:05:51 +0000 2020-10-23T13:05:51+00:00 How Satya Nadella turned Microsoft around <a href="">Comments</a> Fri, 23 Oct 2020 13:02:54 +0000 2020-10-23T13:02:54+00:00 10 Best Webflow Dark Templates Fri, 23 Oct 2020 12:27:53 +0000 2020-10-23T12:27:53+00:00 Business Operations – Tech Stack <a href="">Comments</a> Fri, 23 Oct 2020 11:43:40 +0000 2020-10-23T11:43:40+00:00 Node.js 15.0 <a href="">Comments</a> Fri, 23 Oct 2020 11:16:49 +0000 2020-10-23T11:16:49+00:00 New Framework Released to Protect Machine Learning Systems From Adversarial Attacks Microsoft, in collaboration with MITRE, IBM, NVIDIA, and Bosch, has released a new open framework that aims to help security analysts detect, respond to, and remediate adversarial attacks against machine learning (ML) systems. Called the Adversarial ML Threat Matrix, the initiative is an attempt to organize the different techniques employed by malicious adversaries in subverting ML systems. Just<img src="" height="1" width="1" alt=""/> Fri, 23 Oct 2020 10:50:27 +0000 2020-10-23T10:50:27+00:00 Einstein's theory of relativity, critical for GPS, seen in distant stars <a href="">Comments</a> Fri, 23 Oct 2020 10:34:11 +0000 2020-10-23T10:34:11+00:00 Fri, 23 Oct 2020 10:10:34 +0000 2020-10-23T10:10:34+00:00 Show HN: My book, The Common Lisp Condition System <a href="">Comments</a> Fri, 23 Oct 2020 09:31:47 +0000 2020-10-23T09:31:47+00:00 The Now-Defunct Firms Behind 8chan, QAnon <a href="">Comments</a> Fri, 23 Oct 2020 09:15:47 +0000 2020-10-23T09:15:47+00:00 Color Contrast Checker Fri, 23 Oct 2020 06:55:09 +0000 2020-10-23T06:55:09+00:00 Top 5 Electrician WordPress Themes Fri, 23 Oct 2020 06:42:24 +0000 2020-10-23T06:42:24+00:00 10 Usability Mistakes Most Designers Make on Checkboxes Thu, 22 Oct 2020 21:26:38 +0000 2020-10-22T21:26:38+00:00 What do you think of Embedery? Thu, 22 Oct 2020 12:49:01 +0000 2020-10-22T12:49:01+00:00 Product Hunt Theme iOS Icons (Unofficial) Thu, 22 Oct 2020 11:41:28 +0000 2020-10-22T11:41:28+00:00 Top 5 Mobile App Development Companies in USA Thu, 22 Oct 2020 11:20:18 +0000 2020-10-22T11:20:18+00:00 How to add Tailwind CSS to HTML? Thu, 22 Oct 2020 08:49:41 +0000 2020-10-22T08:49:41+00:00 What is The Cost To Develop Magento Store? Hire eCommerce Developers in New York who come with core competency and expertise in eCommerce consulting services. They use innovative technologies with proven strategies and advanced infrastructure to create an online store in the best possible combinations. For More Details: Thu, 22 Oct 2020 04:35:05 +0000 2020-10-22T04:35:05+00:00 Sponsor: Join us for a webinar on 10/23 to learn more about Georgetown's online Master’s in Design Management & Communications. Wed, 21 Oct 2020 22:11:37 +0000 2020-10-21T22:11:37+00:00 New Chrome 0-day Under Active Attacks – Update Your Browser Now Attention readers, if you are using Google Chrome browser on your Windows, Mac, or Linux computers, you need to update your web browsing software immediately to the latest version Google released earlier today. Google released Chrome version 86.0.4240.111 today to patch several security high-severity issues, including a zero-day vulnerability that has been exploited in the wild by attackers to<img src="" height="1" width="1" alt=""/> Wed, 21 Oct 2020 16:27:58 +0000 2020-10-21T16:27:58+00:00 Levitate UI kit — Figma 3D scene builder & Presentation templates Wed, 21 Oct 2020 16:09:03 +0000 2020-10-21T16:09:03+00:00 Widgify - An app to organise your iOS Home Screen by adding widgets Wed, 21 Oct 2020 14:57:14 +0000 2020-10-21T14:57:14+00:00 Alfread - iOS app that helps actually read articles saved for later. Or skip them. No pressure. Wed, 21 Oct 2020 14:30:48 +0000 2020-10-21T14:30:48+00:00 Using Fiverr to experiment with podcast illustration concepts Wed, 21 Oct 2020 13:15:56 +0000 2020-10-21T13:15:56+00:00 Atelier.M / Unique metal made to measure Wed, 21 Oct 2020 11:21:33 +0000 2020-10-21T11:21:33+00:00 5 Best Babysitting WordPress Themes Wed, 21 Oct 2020 10:59:07 +0000 2020-10-21T10:59:07+00:00 My Favorite Art Galleries & Their Websites Wed, 21 Oct 2020 09:15:43 +0000 2020-10-21T09:15:43+00:00 The new Overflow plugin for Adobe Photoshop users Wed, 21 Oct 2020 08:53:30 +0000 2020-10-21T08:53:30+00:00 1-Click Notion Templates for Product Designers Wed, 21 Oct 2020 07:19:05 +0000 2020-10-21T07:19:05+00:00 Popular Mobile Browsers Found Vulnerable To Address Bar Spoofing Attacks Graphic for illustration Cybersecurity researchers on Tuesday disclosed details about an address bar spoofing vulnerability affecting multiple mobile browsers, such as Apple Safari and Opera Touch, leaving the door open for spear-phishing attacks and delivering malware. Other impacted browsers include UCWeb, Yandex Browser, Bolt Browser, and RITS Browser. The flaws were discovered by Pakistani<img src="" height="1" width="1" alt=""/> Wed, 21 Oct 2020 07:12:51 +0000 2020-10-21T07:12:51+00:00 iPhone 12 Pro Free Mock-up (8192×8192px) Wed, 21 Oct 2020 05:52:21 +0000 2020-10-21T05:52:21+00:00 FeedBaxley: Widget for user feedback []( Please, please give me feedback. We just redesigned the widget in an attempt to be easier for visitors to submit feedback while simultaneously soliciting more actionable feedback for the website owners. I'd of course love feedback on the site/product in general, but the widget can be viewed by clicking "Give us feedback!" on the homepage Wed, 21 Oct 2020 02:56:48 +0000 2020-10-21T02:56:48+00:00 iOS 14 | 10+ different icon sets Tue, 20 Oct 2020 17:06:54 +0000 2020-10-20T17:06:54+00:00 Windows GravityRAT Malware Now Also Targets macOS and Android Devices A Windows-based remote access Trojan believed to be designed by Pakistani hacker groups to infiltrate computers and steal users' data has resurfaced after a two-year span with retooled capabilities to target Android and macOS devices. According to cybersecurity firm Kaspersky, the malware — dubbed "GravityRAT" — now masquerades as legitimate Android and macOS apps to capture device data, contact<img src="" height="1" width="1" alt=""/> Tue, 20 Oct 2020 14:02:47 +0000 2020-10-20T14:02:47+00:00 Download Ultimate 'Security for Management' Presentation Template There is a person in every organization that is the direct owner of breach protection. His or her task is to oversee and govern the process of design, build, maintain, and continuously enhance the security level of the organization. Title-wise, this person is most often either the CIO, CISO, or Directory of IT. For convenience, we'll refer to this individual as the CISO. This person is the<img src="" height="1" width="1" alt=""/> Tue, 20 Oct 2020 13:41:28 +0000 2020-10-20T13:41:28+00:00 Make Design System Right Tue, 20 Oct 2020 09:32:14 +0000 2020-10-20T09:32:14+00:00 U.S. Charges 6 Russian Intelligence Officers Over Destructive Cyberattacks The US government on Monday formally charged six Russian intelligence officers for carrying out destructive malware attacks with an aim to disrupt and destabilize other nations and cause monetary losses. The individuals, who work for Unit 74455 of the Russian Main Intelligence Directorate (GRU), have been accused of perpetrating the "most disruptive and destructive series of computer attacks<img src="" height="1" width="1" alt=""/> Tue, 20 Oct 2020 06:04:02 +0000 2020-10-20T06:04:02+00:00 Google Warns of Zero-Click Bluetooth Flaws in Linux-based Devices Google security researchers are warning of a new set of zero-click vulnerabilities in the Linux Bluetooth software stack that can allow a nearby unauthenticated, remote attacker to execute arbitrary code with kernel privileges on vulnerable devices. According to security engineer Andy Nguyen, the three flaws — collectively called BleedingTooth — reside in the open-source BlueZ protocol stack<img src="" height="1" width="1" alt=""/> Fri, 16 Oct 2020 07:19:45 +0000 2020-10-16T07:19:45+00:00 Microsoft Releases Patches For Critical Windows TCP/IP and Other Bugs Microsoft on Tuesday issued fixes for 87 newly discovered security vulnerabilities as part of its October 2020 Patch Tuesday, including two critical remote code execution (RCE) flaws in Windows TCP/IP stack and Microsoft Outlook. The flaws, 11 of which are categorized as Critical, 75 are ranked Important, and one is classified Moderate in severity, affect Windows, Office and Office Services and<img src="" height="1" width="1" alt=""/> Fri, 16 Oct 2020 06:20:48 +0000 2020-10-16T06:20:48+00:00 India Witnessed Spike in Cyber Attacks Amidst Covid-19 - Here's Why? The COVID-19 outreach is turning out to be not only health, social, and economic hazard but also a cybersecurity crisis. The pandemic has presented new challenges for businesses in the areas of remote collaboration and business continuity. With increased remote working for better business continuity, employees are using numerous Internet tools. As businesses and people have started relying more<img src="" height="1" width="1" alt=""/> Thu, 15 Oct 2020 06:58:51 +0000 2020-10-15T06:58:51+00:00 Police Raided German Spyware Company FinFisher Offices German investigating authorities have raided the offices of Munich-based company FinFisher that sells the infamous commercial surveillance spyware dubbed 'FinSpy,' reportedly in suspicion of illegally exporting the software to abroad without the required authorization. Investigators from the German Customs Investigation Bureau (ZKA), ordered by the Munich Public Prosecutor's Office, searched a<img src="" height="1" width="1" alt=""/> Wed, 14 Oct 2020 18:27:09 +0000 2020-10-14T18:27:09+00:00 FIN11 Hackers Spotted Using New Techniques In Ransomware Attacks A financially-motivated threat actor known for its malware distribution campaigns has evolved its tactics to focus on ransomware and extortion. According to FireEye's Mandiant threat intelligence team, the collective — known as FIN11 — has engaged in a pattern of cybercrime campaigns at least since 2016 that involves monetizing their access to organizations' networks, in addition to deploying<img src="" height="1" width="1" alt=""/> Wed, 14 Oct 2020 13:05:01 +0000 2020-10-14T13:05:01+00:00 Guide: Scale or Fail — Why MSSPs Need Multitenant Security Solutions Managed Security Services Providers (MSSPs) have it rough. They have the burden of protecting their client organizations from cyberattacks, with clients from different industries, different security stacks, and different support requirements. And everything is in a constant state of flux. MSSPs are turning to multitenant solutions to help reduce the complexity of managing multiple security<img src="" height="1" width="1" alt=""/> Wed, 14 Oct 2020 10:20:04 +0000 2020-10-14T10:20:04+00:00 Microsoft and Other Tech Companies Take Down TrickBot Botnet Days after the US Government took steps to disrupt the notorious TrickBot botnet, a group of cybersecurity and tech companies has detailed a separate coordinated effort to take down the malware's back-end infrastructure. The joint collaboration, which involved Microsoft's Digital Crimes Unit, Lumen's Black Lotus Labs, ESET, Financial Services Information Sharing and Analysis Center (FS-ISAC),<img src="" height="1" width="1" alt=""/> Tue, 13 Oct 2020 17:44:47 +0000 2020-10-13T17:44:47+00:00 A Self-Service Password Reset Project Can Be A Quick Win For IT Since the beginning of this year, organizations' IT staff have faced numerous challenges and an increased workload as a result of the global pandemic and shift to a mainly remote workforce. Supporting end-users that are now working from home has introduced new challenges in troubleshooting since it isn’t as simple as visiting an end user’s desk to resolve issues as they arise. One support issue<img src="" height="1" width="1" alt=""/> Mon, 12 Oct 2020 14:37:57 +0000 2020-10-12T14:37:57+00:00 Watch Out — Microsoft Warns Android Users About A New Ransomware Microsoft has warned about a new strain of mobile ransomware that takes advantage of incoming call notifications and Android's Home button to lock the device behind a ransom note. The findings concern a variant of a known Android ransomware family dubbed "MalLocker.B" which has now resurfaced with new techniques, including a novel means to deliver the ransom demand on infected devices as well as<img src="" height="1" width="1" alt=""/> Mon, 12 Oct 2020 07:52:49 +0000 2020-10-12T07:52:49+00:00 55 New Security Flaws Reported in Apple Software and Services A team of five security researchers analyzed several Apple online services for three months and found as many as 55 vulnerabilities, 11 of which are critical in severity. The flaws — including 29 high severity, 13 medium severity, and 2 low severity vulnerabilities — could have allowed an attacker to "fully compromise both customer and employee applications, launch a worm capable of<img src="" height="1" width="1" alt=""/> Fri, 09 Oct 2020 09:06:17 +0000 2020-10-09T09:06:17+00:00 Researchers Find Vulnerabilities in Microsoft Azure Cloud Service As businesses are increasingly migrating to the cloud, securing the infrastructure has never been more important. Now according to the latest research, two security flaws in Microsoft's Azure App Services could have enabled a bad actor to carry out server-side request forgery (SSRF) attacks or execute arbitrary code and take over the administration server. "This enables an attacker to quietly<img src="" height="1" width="1" alt=""/> Thu, 08 Oct 2020 13:56:53 +0000 2020-10-08T13:56:53+00:00 A Handy Guide for Choosing a Managed Detection & Response (MDR) Service Every company needs help with cybersecurity. No CISO ever said, "I have everything I need and am fully confident that our organization is fully protected against breaches." This is especially true for small and mid-sized enterprises that don't have the luxury of enormous cybersecurity budgets and a deep bench of cybersecurity experts. To address this issue, especially for small and mid-sized<img src="" height="1" width="1" alt=""/> Wed, 07 Oct 2020 12:43:43 +0000 2020-10-07T12:43:43+00:00 ALERT! Hackers targeting IoT devices with a new P2P botnet malware Cybersecurity researchers have taken the wraps off a new botnet hijacking Internet-connected smart devices in the wild to perform nefarious tasks, mostly DDoS attacks, and illicit cryptocurrency coin mining. Discovered by Qihoo 360's Netlab security team, the HEH Botnet — written in Go language and armed with a proprietary peer-to-peer (P2P) protocol, spreads via a brute-force attack of the<img src="" height="1" width="1" alt=""/> Wed, 07 Oct 2020 09:51:25 +0000 2020-10-07T09:51:25+00:00 New Flaws in Top Antivirus Software Could Make Computers More Vulnerable Cybersecurity researchers today disclosed details of security vulnerabilities found in popular antivirus solutions that could enable attackers to elevate their privileges, thereby helping malware sustain its foothold on the compromised systems. According to a report published by CyberArk researcher Eran Shimony today and shared with The Hacker News, the high privileges often associated with<img src="" height="1" width="1" alt=""/> Tue, 06 Oct 2020 18:02:08 +0000 2020-10-06T18:02:08+00:00 New 'MosaicRegressor' UEFI Bootkit Malware Found Active in the Wild Cybersecurity researchers have spotted a rare kind of potentially dangerous malware that targets a machine's booting process to drop persistent malware. The campaign involved the use of a compromised UEFI (or Unified Extensible Firmware Interface) containing a malicious implant, making it the second known public case where a UEFI rootkit has been used in the wild. According to Kaspersky, the<img src="" height="1" width="1" alt=""/> Tue, 06 Oct 2020 08:33:43 +0000 2020-10-06T08:33:43+00:00 Secure Your SaaS Apps With Security Posture Management Platform As security professionals who have spent more than a few years in the industry, we know a good challenge when we see one. SaaS and cloud-based technologies are growing rapidly, offering organizations convenience and constant feature refreshes without the need to install and deploy software on-premises. However, even when referred to as 'a game-changer,' many organizations are still highly<img src="" height="1" width="1" alt=""/> Mon, 05 Oct 2020 15:59:45 +0000 2020-10-05T15:59:45+00:00 Researchers Fingerprint Exploit Developers Who Help Several Malware Authors Writing advanced malware for a threat actor requires different groups of people with diverse technical expertise to put them all together. But can the code leave enough clues to reveal the person behind it? To this effect, cybersecurity researchers on Friday detailed a new methodology to identify exploit authors that use their unique characteristics as a fingerprint to track down other exploits<img src="" height="1" width="1" alt=""/> Fri, 02 Oct 2020 10:18:28 +0000 2020-10-02T10:18:28+00:00 Beware: New Android Spyware Found Posing as Telegram and Threema Apps A hacking group known for its attacks in the Middle East, at least since 2017, has recently been found impersonating legitimate messaging apps such as Telegram and Threema to infect Android devices with a new, previously undocumented malware. "Compared to the versions documented in 2017, Android/SpyC23.A has extended spying functionality, including reading notifications from messaging apps, call<img src="" height="1" width="1" alt=""/> Thu, 01 Oct 2020 10:35:09 +0000 2020-10-01T10:35:09+00:00 Russian Who Hacked LinkedIn, Dropbox Sentenced to 7 Years in Prison A Russian hacker who was found guilty of hacking LinkedIn, Dropbox, and Formspring over eight years ago has finally been sentenced to 88 months in United States prison, that's more than seven years by a federal court in San Francisco this week. Yevgeniy Aleksandrovich Nikulin, 32, of Moscow hacked into servers belonging to three American social media firms, including LinkedIn, Dropbox, and<img src="" height="1" width="1" alt=""/> Thu, 01 Oct 2020 10:00:44 +0000 2020-10-01T10:00:44+00:00