Code & Design News http://codendesign.co Aggregator of Code, Security and Design news sites. Wed, 21 Apr 2021 05:04:18 +0000 WARNING: Hackers Exploit Unpatched Pulse Secure 0-Day to Breach Organizations http://feedproxy.google.com/~r/TheHackersNews/~3/ikaH7G4KoXI/warning-hackers-exploit-unpatched-pulse.html If the Pulse Connect Secure gateway is part of your organization network, you need to be aware of a newly discovered critical zero-day authentication bypass vulnerability (CVE-2021-22893) that is currently being exploited in the wild and for which there is no patch yet. At least two threat actors have been behind a series of intrusions targeting defense, government, and financial organizations<img src="http://feeds.feedburner.com/~r/TheHackersNews/~4/ikaH7G4KoXI" height="1" width="1" alt=""/> http://feedproxy.google.com/~r/TheHackersNews/~3/ikaH7G4KoXI/warning-hackers-exploit-unpatched-pulse.html Wed, 21 Apr 2021 04:41:13 +0000 2021-04-21T04:41:13+00:00 The Greshm System [pdf] https://www.greshm.org/files/greshm.pdf <a href="https://news.ycombinator.com/item?id=26884532">Comments</a> https://news.ycombinator.com/item?id=26884532 Wed, 21 Apr 2021 01:56:09 +0000 2021-04-21T01:56:09+00:00 Quantum Astronomy Could Create Telescopes Hundreds of Kilometers Wide https://www.scientificamerican.com/article/quantum-astronomy-could-create-telescopes-hundreds-of-kilometers-wide/ <a href="https://news.ycombinator.com/item?id=26884502">Comments</a> https://news.ycombinator.com/item?id=26884502 Wed, 21 Apr 2021 01:51:52 +0000 2021-04-21T01:51:52+00:00 Researcher says he can link Facebook accounts to 5M email addresses per day https://arstechnica.com/gadgets/2021/04/tool-links-email-addresses-to-facebook-accounts-at-scale/ <a href="https://news.ycombinator.com/item?id=26884452">Comments</a> https://news.ycombinator.com/item?id=26884452 Wed, 21 Apr 2021 01:44:22 +0000 2021-04-21T01:44:22+00:00 Git from the Bottom Up https://jwiegley.github.io/git-from-the-bottom-up/ <a href="https://news.ycombinator.com/item?id=26884318">Comments</a> https://news.ycombinator.com/item?id=26884318 Wed, 21 Apr 2021 01:23:01 +0000 2021-04-21T01:23:01+00:00 Tetris-OS: An operating system that only plays Tetris https://github.com/jdah/tetris-os <a href="https://news.ycombinator.com/item?id=26883645">Comments</a> https://news.ycombinator.com/item?id=26883645 Wed, 21 Apr 2021 00:02:21 +0000 2021-04-21T00:02:21+00:00 .NET for Beginners (2020) https://dusted.codes/dotnet-for-beginners <a href="https://news.ycombinator.com/item?id=26882606">Comments</a> https://news.ycombinator.com/item?id=26882606 Tue, 20 Apr 2021 22:18:22 +0000 2021-04-20T22:18:22+00:00 .NET MAUI: .NET Multi-Platform App UI https://github.com/dotnet/maui <a href="https://news.ycombinator.com/item?id=26882185">Comments</a> https://news.ycombinator.com/item?id=26882185 Tue, 20 Apr 2021 21:43:37 +0000 2021-04-20T21:43:37+00:00 Lisp in Forth https://github.com/schani/forthlisp <a href="https://news.ycombinator.com/item?id=26882117">Comments</a> https://news.ycombinator.com/item?id=26882117 Tue, 20 Apr 2021 21:39:06 +0000 2021-04-20T21:39:06+00:00 Show HN: Mongita is to MongoDB as SQLite is to SQL https://github.com/scottrogowski/mongita <a href="https://news.ycombinator.com/item?id=26881915">Comments</a> https://news.ycombinator.com/item?id=26881915 Tue, 20 Apr 2021 21:23:26 +0000 2021-04-20T21:23:26+00:00 The Landlord's Game https://en.wikipedia.org/wiki/The_Landlord%27s_Game <a href="https://news.ycombinator.com/item?id=26881799">Comments</a> https://news.ycombinator.com/item?id=26881799 Tue, 20 Apr 2021 21:15:22 +0000 2021-04-20T21:15:22+00:00 AtoB (YC S20) – Stripe for Transportation – hiring early engineers and operators https://atob.co/careers <a href="https://news.ycombinator.com/item?id=26881603">Comments</a> https://news.ycombinator.com/item?id=26881603 Tue, 20 Apr 2021 21:00:18 +0000 2021-04-20T21:00:18+00:00 Pulumi 3.0 https://www.pulumi.com/blog/pulumi-3-0/ <a href="https://news.ycombinator.com/item?id=26880935">Comments</a> https://news.ycombinator.com/item?id=26880935 Tue, 20 Apr 2021 20:14:45 +0000 2021-04-20T20:14:45+00:00 YouTube CEO Susan Wojcicki Gets 'Freedom Expression' Award Sponsored by YouTube https://www.newsweek.com/youtube-ceo-susan-wojcicki-gets-freedom-expression-award-sponsored-youtube-1585147 <a href="https://news.ycombinator.com/item?id=26880582">Comments</a> https://news.ycombinator.com/item?id=26880582 Tue, 20 Apr 2021 19:55:01 +0000 2021-04-20T19:55:01+00:00 Facebook wants to 'normalize' the mass scraping of personal data https://www.vice.com/en/article/7kvp7y/facebook-normalize-mass-scraping-personal-data <a href="https://news.ycombinator.com/item?id=26879315">Comments</a> https://news.ycombinator.com/item?id=26879315 Tue, 20 Apr 2021 18:48:11 +0000 2021-04-20T18:48:11+00:00 Sponsor: BugHerd changes vague feedback into visual, trackable tasks. Pin feedback and capture technical information to act on. https://www.designernews.co/stories/114901-sponsor-bugherd-changes-vague-feedback-into-visual-trackable-tasks-pin-feedback-and-capture-technical-information-to-act-on https://synd.co/2PXh2mr https://www.designernews.co/stories/114901-sponsor-bugherd-changes-vague-feedback-into-visual-trackable-tasks-pin-feedback-and-capture-technical-information-to-act-on Tue, 20 Apr 2021 18:31:48 +0000 2021-04-20T18:31:48+00:00 Show HN: I'm working on a open-source, self-hosted alternative to Disqus https://cusdis.com <a href="https://news.ycombinator.com/item?id=26878153">Comments</a> https://news.ycombinator.com/item?id=26878153 Tue, 20 Apr 2021 17:56:45 +0000 2021-04-20T17:56:45+00:00 Grafana, Loki, and Tempo will be relicensed to AGPLv3 https://grafana.com/blog/2021/04/20/grafana-loki-tempo-relicensing-to-agplv3/ <a href="https://news.ycombinator.com/item?id=26877528">Comments</a> https://news.ycombinator.com/item?id=26877528 Tue, 20 Apr 2021 17:17:39 +0000 2021-04-20T17:17:39+00:00 Discord ends deal talks with Microsoft https://www.wsj.com/articles/discord-ends-deal-talks-with-microsoft-11618938806 <a href="https://news.ycombinator.com/item?id=26877526">Comments</a> https://news.ycombinator.com/item?id=26877526 Tue, 20 Apr 2021 17:17:31 +0000 2021-04-20T17:17:31+00:00 Apple Introduces AirTag https://www.apple.com/newsroom/2021/04/apple-introduces-airtag/ <a href="https://news.ycombinator.com/item?id=26877484">Comments</a> https://news.ycombinator.com/item?id=26877484 Tue, 20 Apr 2021 17:14:23 +0000 2021-04-20T17:14:23+00:00 Margin Notes: Automatic documentation with recorded examples from runtime (2018) https://www.geoffreylitt.com/margin-notes/ <a href="https://news.ycombinator.com/item?id=26877443">Comments</a> https://news.ycombinator.com/item?id=26877443 Tue, 20 Apr 2021 17:10:18 +0000 2021-04-20T17:10:18+00:00 Over 750,000 Users Downloaded New Billing Fraud Apps From Google Play Store http://feedproxy.google.com/~r/TheHackersNews/~3/kqinvgKL80E/over-750000-users-download-new-billing.html Researchers have uncovered a new set of fraudulent Android apps in the Google Play store that were found to hijack SMS message notifications for carrying out billing fraud. The apps in question primarily targeted users in Southwest Asia and the Arabian Peninsula, attracting a total of 700,000 downloads before they were discovered and removed from the platform. The findings were reported<img src="http://feeds.feedburner.com/~r/TheHackersNews/~4/kqinvgKL80E" height="1" width="1" alt=""/> http://feedproxy.google.com/~r/TheHackersNews/~3/kqinvgKL80E/over-750000-users-download-new-billing.html Tue, 20 Apr 2021 16:19:08 +0000 2021-04-20T16:19:08+00:00 mRNA vaccines – a new era in vaccinology (2018) https://www.nature.com/articles/nrd.2017.243 <a href="https://news.ycombinator.com/item?id=26876195">Comments</a> https://news.ycombinator.com/item?id=26876195 Tue, 20 Apr 2021 15:46:01 +0000 2021-04-20T15:46:01+00:00 Create a Dashboard Page with Figma Design System https://www.designernews.co/stories/114898-create-a-dashboard-page-with-figma-design-system https://youtube.com/watch?v=lXSrtc3fxQQ https://www.designernews.co/stories/114898-create-a-dashboard-page-with-figma-design-system Tue, 20 Apr 2021 15:35:12 +0000 2021-04-20T15:35:12+00:00 How To Sell An App Idea https://www.designernews.co/stories/114897-how-to-sell-an-app-idea https://jelvix.com/blog/how-to-verify-your-app-idea https://www.designernews.co/stories/114897-how-to-sell-an-app-idea Tue, 20 Apr 2021 15:21:08 +0000 2021-04-20T15:21:08+00:00 Preparing Rustls for Wider Adoption https://www.abetterinternet.org/post/preparing-rustls-for-wider-adoption/ <a href="https://news.ycombinator.com/item?id=26875551">Comments</a> https://news.ycombinator.com/item?id=26875551 Tue, 20 Apr 2021 14:56:00 +0000 2021-04-20T14:56:00+00:00 Include-what-you-use: A tool to analyze includes in C and C++ source files https://include-what-you-use.org/ <a href="https://news.ycombinator.com/item?id=26875353">Comments</a> https://news.ycombinator.com/item?id=26875353 Tue, 20 Apr 2021 14:43:23 +0000 2021-04-20T14:43:23+00:00 Charm delivers Stripe's carbon removal purchase ahead of schedule https://charmindustrial.com/blog/2021/4/19/charm-announces-ahead-of-schedule-delivery-of-stripes-carbon-removal-purchase <a href="https://news.ycombinator.com/item?id=26874619">Comments</a> https://news.ycombinator.com/item?id=26874619 Tue, 20 Apr 2021 13:49:58 +0000 2021-04-20T13:49:58+00:00 Car Connectivity Consortium https://carconnectivity.org/ <a href="https://news.ycombinator.com/item?id=26873203">Comments</a> https://news.ycombinator.com/item?id=26873203 Tue, 20 Apr 2021 11:28:36 +0000 2021-04-20T11:28:36+00:00 [eBook] Why Autonomous XDR Is Going to Replace NGAV/EDR http://feedproxy.google.com/~r/TheHackersNews/~3/xLeFTAxIXJ0/ebook-why-autonomous-xdr-is-going-to.html For most organizations today, endpoint protection is the primary security concern. This is not unreasonable – endpoints tend to be the weakest points in an environment – but it also misses the forest for the trees. As threat surfaces expand, security professionals are harder pressed to detect threats that target other parts of an environment and can easily miss a real vulnerability by focusing<img src="http://feeds.feedburner.com/~r/TheHackersNews/~4/xLeFTAxIXJ0" height="1" width="1" alt=""/> http://feedproxy.google.com/~r/TheHackersNews/~3/xLeFTAxIXJ0/ebook-why-autonomous-xdr-is-going-to.html Tue, 20 Apr 2021 11:06:50 +0000 2021-04-20T11:06:50+00:00 Porting Doom to the Fastly edge serverless platform https://www.fastly.com/blog/compute-edge-porting-the-iconic-video-game-doom <a href="https://news.ycombinator.com/item?id=26872944">Comments</a> https://news.ycombinator.com/item?id=26872944 Tue, 20 Apr 2021 10:50:12 +0000 2021-04-20T10:50:12+00:00 120 Compromised Ad Servers Target Millions of Internet Users http://feedproxy.google.com/~r/TheHackersNews/~3/hOzKgHpYjXk/120-compromised-ad-servers-target.html An ongoing malvertising campaign tracked as "Tag Barnakle" has been behind the breach of more than 120 ad servers over the past year to sneakily inject code in an attempt to serve malicious advertisements that redirect users to rogue websites, thus exposing victims to scamware or malware. Unlike other operators who set about their task by infiltrating the ad-tech ecosystem using "convincing<img src="http://feeds.feedburner.com/~r/TheHackersNews/~4/hOzKgHpYjXk" height="1" width="1" alt=""/> http://feedproxy.google.com/~r/TheHackersNews/~3/hOzKgHpYjXk/120-compromised-ad-servers-target.html Tue, 20 Apr 2021 10:41:36 +0000 2021-04-20T10:41:36+00:00 Take My Money: UX Practices on Product Page Design https://www.designernews.co/stories/114891-take-my-money-ux-practices-on-product-page-design https://blog.tubikstudio.com/product-page-design/ https://www.designernews.co/stories/114891-take-my-money-ux-practices-on-product-page-design Tue, 20 Apr 2021 10:31:22 +0000 2021-04-20T10:31:22+00:00 Show HN: Manuzoid – Database of More Than 1M Manuals https://manuzoid.com/ <a href="https://news.ycombinator.com/item?id=26872808">Comments</a> https://news.ycombinator.com/item?id=26872808 Tue, 20 Apr 2021 10:22:35 +0000 2021-04-20T10:22:35+00:00 Useful Sketch plugins and where to find them https://www.designernews.co/stories/114889-useful-sketch-plugins-and-where-to-find-them https://blog.plantapp.io/post/useful-sketch-plugins-and-where-to-find-them https://www.designernews.co/stories/114889-useful-sketch-plugins-and-where-to-find-them Tue, 20 Apr 2021 09:25:31 +0000 2021-04-20T09:25:31+00:00 Continued Fractions in Haskell https://cdsmithus.medium.com/continued-fractions-haskell-equational-reasoning-property-testing-and-rewrite-rules-in-action-77a16d750e3f <a href="https://news.ycombinator.com/item?id=26872463">Comments</a> https://news.ycombinator.com/item?id=26872463 Tue, 20 Apr 2021 09:24:54 +0000 2021-04-20T09:24:54+00:00 Prototype Pollution https://portswigger.net/daily-swig/prototype-pollution-the-dangerous-and-underrated-vulnerability-impacting-javascript-applications <a href="https://news.ycombinator.com/item?id=26872281">Comments</a> https://news.ycombinator.com/item?id=26872281 Tue, 20 Apr 2021 08:54:49 +0000 2021-04-20T08:54:49+00:00 Show HN: Ruby code and tools for animating Voronoi diagrams https://github.com/mike-bourgeous/mb-geometry <a href="https://news.ycombinator.com/item?id=26871080">Comments</a> https://news.ycombinator.com/item?id=26871080 Tue, 20 Apr 2021 05:40:43 +0000 2021-04-20T05:40:43+00:00 Lazarus APT Hackers are now using BMP images to hide RAT malware http://feedproxy.google.com/~r/TheHackersNews/~3/wHc4_FCN43Y/lazarus-apt-hackers-are-now-using-bmp.html A spear-phishing attack operated by a North Korean threat actor targeting its southern counterpart has been found to conceal its malicious code within a bitmap (.BMP) image file to drop a remote access trojan (RAT) capable of stealing sensitive information. Attributing the attack to the Lazarus Group based on similarities to prior tactics adopted by the adversary, researchers from Malwarebytes<img src="http://feeds.feedburner.com/~r/TheHackersNews/~4/wHc4_FCN43Y" height="1" width="1" alt=""/> http://feedproxy.google.com/~r/TheHackersNews/~3/wHc4_FCN43Y/lazarus-apt-hackers-are-now-using-bmp.html Tue, 20 Apr 2021 05:33:45 +0000 2021-04-20T05:33:45+00:00 10 Most Important Robotic Process Automation (RPA) Tools in Demand https://www.designernews.co/stories/114885-10-most-important-robotic-process-automation-rpa-tools-in-demand https://www.zenesys.com/blog/10-most-important-robotic-process-automation-rpa-tools-in-demand https://www.designernews.co/stories/114885-10-most-important-robotic-process-automation-rpa-tools-in-demand Tue, 20 Apr 2021 05:25:36 +0000 2021-04-20T05:25:36+00:00 Complete guide on how to create an app like Bet365 https://www.designernews.co/stories/114884-complete-guide-on-how-to-create-an-app-like-bet365 https://www.webcluesinfotech.com/cost-to-develop-sports-betting-app-like-bet365/ https://www.designernews.co/stories/114884-complete-guide-on-how-to-create-an-app-like-bet365 Tue, 20 Apr 2021 04:55:09 +0000 2021-04-20T04:55:09+00:00 Detect When Specific Terms or Phrases Are Added to Any Site https://www.designernews.co/stories/114879-detect-when-specific-terms-or-phrases-are-added-to-any-site https://needlex3.com/ https://www.designernews.co/stories/114879-detect-when-specific-terms-or-phrases-are-added-to-any-site Mon, 19 Apr 2021 22:02:05 +0000 2021-04-19T22:02:05+00:00 Has a remote Amazonian tribe upended our understanding of language? (2007) https://www.newyorker.com/magazine/2007/04/16/the-interpreter-2 <a href="https://news.ycombinator.com/item?id=26868259">Comments</a> https://news.ycombinator.com/item?id=26868259 Mon, 19 Apr 2021 21:42:44 +0000 2021-04-19T21:42:44+00:00 How Restaurant Website Design Can Help You Sell More Food In 2021 https://www.designernews.co/stories/114876-how-restaurant-website-design-can-help-you-sell-more-food-in-2021 https://marketsplash.com/restaurant-website-design/ https://www.designernews.co/stories/114876-how-restaurant-website-design-can-help-you-sell-more-food-in-2021 Mon, 19 Apr 2021 17:24:46 +0000 2021-04-19T17:24:46+00:00 Vectornator 4.0 - An Illustrator’s Perspective https://www.designernews.co/stories/114874-vectornator-40--an-illustrators-perspective https://www.vectornator.io/blog/jaye-kang https://www.designernews.co/stories/114874-vectornator-40--an-illustrators-perspective Mon, 19 Apr 2021 15:17:19 +0000 2021-04-19T15:17:19+00:00 Generative art and vectorization from raster images or photo https://www.designernews.co/stories/114873-generative-art-and-vectorization-from-raster-images-or-photo https://apps.apple.com/by/app/formone/id1547888470 https://www.designernews.co/stories/114873-generative-art-and-vectorization-from-raster-images-or-photo Mon, 19 Apr 2021 15:00:56 +0000 2021-04-19T15:00:56+00:00 Product Design and UI/UX Education: What are my options? https://www.designernews.co/stories/114869-product-design-and-uiux-education-what-are-my-options https://designerup.co/blog/product-design-and-ui-ux-education-what-are-my-options/ https://www.designernews.co/stories/114869-product-design-and-uiux-education-what-are-my-options Mon, 19 Apr 2021 11:59:49 +0000 2021-04-19T11:59:49+00:00 Malware That Spreads Via Xcode Projects Now Targeting Apple's M1-based Macs http://feedproxy.google.com/~r/TheHackersNews/~3/HQSDSF0JqhY/malware-spreads-via-xcode-projects-now.html A Mac malware campaign targeting Xcode developers has been retooled to add support for Apple's new M1 chips and expand its features to steal confidential information from cryptocurrency apps. XCSSET came into the spotlight in August 2020 after it was found to spread via modified Xcode IDE projects, which, upon the building, were configured to execute the payload. The malware repackages payload<img src="http://feeds.feedburner.com/~r/TheHackersNews/~4/HQSDSF0JqhY" height="1" width="1" alt=""/> http://feedproxy.google.com/~r/TheHackersNews/~3/HQSDSF0JqhY/malware-spreads-via-xcode-projects-now.html Mon, 19 Apr 2021 11:58:49 +0000 2021-04-19T11:58:49+00:00 Passwordless: More Mirage Than Reality http://feedproxy.google.com/~r/TheHackersNews/~3/PBZrO95kqJ8/passwordless-more-mirage-than-reality.html The concept of "passwordless" authentication has been gaining significant industry and media attention. And for a good reason. Our digital lives are demanding an ever-increasing number of online accounts and services, with security best practices dictating that each requires a strong, unique password in order to ensure data stays safe. Who wouldn't want an easier way? That's the premise behind<img src="http://feeds.feedburner.com/~r/TheHackersNews/~4/PBZrO95kqJ8" height="1" width="1" alt=""/> http://feedproxy.google.com/~r/TheHackersNews/~3/PBZrO95kqJ8/passwordless-more-mirage-than-reality.html Mon, 19 Apr 2021 11:20:51 +0000 2021-04-19T11:20:51+00:00 The Best Templates For Startup Website https://www.designernews.co/stories/114867-the-best-templates-for-startup-website https://www.themasterpicks.com/the-best-startup-website/ https://www.designernews.co/stories/114867-the-best-templates-for-startup-website Mon, 19 Apr 2021 11:05:43 +0000 2021-04-19T11:05:43+00:00 Native vs Hybrid vs Web Apps - Which Mobile App Development is better for Businesses? https://www.designernews.co/stories/114862-native-vs-hybrid-vs-web-apps--which-mobile-app-development-is-better-for-businesses https://www.zenesys.com/blog/native-vs-hybrid-vs-web-apps https://www.designernews.co/stories/114862-native-vs-hybrid-vs-web-apps--which-mobile-app-development-is-better-for-businesses Mon, 19 Apr 2021 07:15:29 +0000 2021-04-19T07:15:29+00:00 Establish a relationship with your user https://www.designernews.co/stories/114861-establish-a-relationship-with-your-user https://drawer.design/blog/establishing-a-relationship-with-your-user/ https://www.designernews.co/stories/114861-establish-a-relationship-with-your-user Mon, 19 Apr 2021 06:34:25 +0000 2021-04-19T06:34:25+00:00 I’ve spent 5 months building a tool to help you monetise your Airtable bases. Check out the journey so far! https://www.designernews.co/stories/114851-ive-spent-5-months-building-a-tool-to-help-you-monetise-your-airtable-bases-check-out-the-journey-so-far https://jrosendesign.medium.com/10-days-til-launch-paytable-io-my-side-project-turned-labour-of-love-f8fbc49eb4fd https://www.designernews.co/stories/114851-ive-spent-5-months-building-a-tool-to-help-you-monetise-your-airtable-bases-check-out-the-journey-so-far Sat, 17 Apr 2021 18:42:24 +0000 2021-04-17T18:42:24+00:00 SysAdmin of Billion-Dollar Hacking Group Gets 10-Year Sentence http://feedproxy.google.com/~r/TheHackersNews/~3/36kinOM_Cpg/sysadmin-of-billion-dollar-hacking.html A high-level manager and systems administrator associated with the FIN7 threat actor has been sentenced to 10 years in prison, the U.S. Department of Justice announced Friday. Fedir Hladyr, a 35-year-old Ukrainian national, is said to have played a crucial role in a criminal scheme that compromised tens of millions of debit and credit cards, in addition to aggregating the stolen information,<img src="http://feeds.feedburner.com/~r/TheHackersNews/~4/36kinOM_Cpg" height="1" width="1" alt=""/> http://feedproxy.google.com/~r/TheHackersNews/~3/36kinOM_Cpg/sysadmin-of-billion-dollar-hacking.html Sat, 17 Apr 2021 09:44:52 +0000 2021-04-17T09:44:52+00:00 What are the different roles within cybersecurity? http://feedproxy.google.com/~r/TheHackersNews/~3/rlVSDhJ2V8I/what-are-different-roles-within.html People talk about the cybersecurity job market like it's a monolith, but there are a number of different roles within cybersecurity, depending not only on your skill level and experience but on what you like to do. In fact, Cybercrime Magazine came up with a list of 50 cybersecurity job titles, while CyberSN, a recruiting organization, came up with its own list of 45 cybersecurity job categories<img src="http://feeds.feedburner.com/~r/TheHackersNews/~4/rlVSDhJ2V8I" height="1" width="1" alt=""/> http://feedproxy.google.com/~r/TheHackersNews/~3/rlVSDhJ2V8I/what-are-different-roles-within.html Sat, 17 Apr 2021 09:13:23 +0000 2021-04-17T09:13:23+00:00 When you ask the client for their vector logo https://www.designernews.co/stories/114843-when-you-ask-the-client-for-their-vector-logo https://twitter.com/uxcabin/status/1383103753553862661 https://www.designernews.co/stories/114843-when-you-ask-the-client-for-their-vector-logo Fri, 16 Apr 2021 19:12:31 +0000 2021-04-16T19:12:31+00:00 800+ Remote UXR Jobs https://www.designernews.co/stories/114842-800-remote-uxr-jobs https://www.userinterviews.com/blog/the-ultimate-remote-ux-research-job-board?&utm_source=designernews https://www.designernews.co/stories/114842-800-remote-uxr-jobs Fri, 16 Apr 2021 18:17:57 +0000 2021-04-16T18:17:57+00:00 20 Awesome Tailwind Landing Page Templates https://www.designernews.co/stories/114827-20-awesome-tailwind-landing-page-templates https://dev.to/mariann93502220/20-best-tailwind-landing-page-templates-free-premium-3pjn https://www.designernews.co/stories/114827-20-awesome-tailwind-landing-page-templates Fri, 16 Apr 2021 09:14:02 +0000 2021-04-16T09:14:02+00:00 Severe Bugs Reported in EtherNet/IP Stack for Industrial Systems http://feedproxy.google.com/~r/TheHackersNews/~3/dK0vMTIZer0/severe-bugs-reported-in-ethernetip.html The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday issued an advisory warning of multiple vulnerabilities in the OpENer EtherNet/IP stack that could expose industrial systems to denial-of-service (DoS) attacks, data leaks, and remote code execution. All OpENer commits and versions prior to February 10, 2021, are affected, although there are no known public exploits that<img src="http://feeds.feedburner.com/~r/TheHackersNews/~4/dK0vMTIZer0" height="1" width="1" alt=""/> http://feedproxy.google.com/~r/TheHackersNews/~3/dK0vMTIZer0/severe-bugs-reported-in-ethernetip.html Fri, 16 Apr 2021 09:06:17 +0000 2021-04-16T09:06:17+00:00 US Sanctions Russia and Expels 10 Diplomats Over SolarWinds Cyberattack http://feedproxy.google.com/~r/TheHackersNews/~3/5swuhQjhJKU/us-sanctions-russia-and-expels-10.html The U.S. and U.K. on Thursday formally attributed the supply chain attack of IT infrastructure management company SolarWinds with "high confidence" to government operatives working for Russia's Foreign Intelligence Service (SVR). "Russia's pattern of malign behaviour around the world – whether in cyberspace, in election interference or in the aggressive operations of their intelligence services<img src="http://feeds.feedburner.com/~r/TheHackersNews/~4/5swuhQjhJKU" height="1" width="1" alt=""/> http://feedproxy.google.com/~r/TheHackersNews/~3/5swuhQjhJKU/us-sanctions-russia-and-expels-10.html Fri, 16 Apr 2021 06:47:10 +0000 2021-04-16T06:47:10+00:00 Who are some of the most valuable freelance / agency people to follow? https://www.designernews.co/stories/114813-who-are-some-of-the-most-valuable-freelance--agency-people-to-follow I run a membership site for freelancers and agencies that helps find outbound leads (it's called [Folyo](https://folyo.me)). Since I focus on a specific area, I'm looking for other good resources to recommend that touch on other topics. **Some of my current favorites are:** - [Double Your Freelancing by Brennan Dunn](https://doubleyourfreelancing.com/) - [Jonathan Stark](https://jonathanstark.com/) - [Freelance to Win by Danny Marguiles](https://freelancetowin.com/) - [I Will Teach You to Be Rich by Ramit Sethi](https://www.iwillteachyoutoberich.com/) - [The Futur by Chris Do](https://thefutur.com/) **Also been checking out:** - [Location Rebel by Sean Ogle](https://www.locationrebel.com/) - [Freelancing School by Jay Clouse](https://freelancing.school/) Wondering if there's anyone else I should check out? https://www.designernews.co/stories/114813-who-are-some-of-the-most-valuable-freelance--agency-people-to-follow Thu, 15 Apr 2021 17:17:42 +0000 2021-04-15T17:17:42+00:00 1-Click Hack Found in Popular Desktop Apps — Check If You're Using Them http://feedproxy.google.com/~r/TheHackersNews/~3/YY9_4CI-gLI/1-click-hack-found-in-popular-desktop.html Multiple one-click vulnerabilities have been discovered across a variety of popular software applications, allowing an attacker to potentially execute arbitrary code on target systems. The issues were discovered by Positive Security researchers Fabian Bräunlein and Lukas Euler and affect apps like Telegram, Nextcloud, VLC, LibreOffice, OpenOffice, Bitcoin/Dogecoin Wallets, Wireshark, and Mumble.<img src="http://feeds.feedburner.com/~r/TheHackersNews/~4/YY9_4CI-gLI" height="1" width="1" alt=""/> http://feedproxy.google.com/~r/TheHackersNews/~3/YY9_4CI-gLI/1-click-hack-found-in-popular-desktop.html Thu, 15 Apr 2021 15:42:14 +0000 2021-04-15T15:42:14+00:00 8 Best Inkscape Alternatives (Free & Paid) https://www.designernews.co/stories/114811-8-best-inkscape-alternatives-free--paid https://marketsplash.com/inkscape-alternatives/ https://www.designernews.co/stories/114811-8-best-inkscape-alternatives-free--paid Thu, 15 Apr 2021 14:44:08 +0000 2021-04-15T14:44:08+00:00 Inside Nintendo's secretive creative process https://www.designernews.co/stories/114810-inside-nintendos-secretive-creative-process https://www.theguardian.com/games/2018/apr/25/nintendo-interview-secret-innovation-lab-ideas-working https://www.designernews.co/stories/114810-inside-nintendos-secretive-creative-process Thu, 15 Apr 2021 11:59:52 +0000 2021-04-15T11:59:52+00:00 Our first artist, Bessa is Minty #rare digital art NFT. Support her with vote, or even Foundation Bid. https://www.designernews.co/stories/114806-our-first-artist-bessa-is-minty-rare-digital-art-nft--support-her-with-vote-or-even-foundation-bid https://tasteminty.com/page/mac/ https://www.designernews.co/stories/114806-our-first-artist-bessa-is-minty-rare-digital-art-nft--support-her-with-vote-or-even-foundation-bid Thu, 15 Apr 2021 10:57:44 +0000 2021-04-15T10:57:44+00:00 Malware Variants: More Sophisticated, Prevalent and Evolving in 2021 http://feedproxy.google.com/~r/TheHackersNews/~3/psl9ITlxJwU/malware-variants-more-sophisticated.html A malicious program intended to cause havoc with IT systems—malware—is becoming more and more sophisticated every year. The year 2021 is no exception, as recent trends indicate that several new variants of malware are making their way into the world of cybersecurity. While smarter security solutions are popping up, modern malware still eludes and challenges cybersecurity experts.  The evolution<img src="http://feeds.feedburner.com/~r/TheHackersNews/~4/psl9ITlxJwU" height="1" width="1" alt=""/> http://feedproxy.google.com/~r/TheHackersNews/~3/psl9ITlxJwU/malware-variants-more-sophisticated.html Thu, 15 Apr 2021 10:27:19 +0000 2021-04-15T10:27:19+00:00 YIKES! Hackers flood the web with 100,000 pages offering malicious PDFs http://feedproxy.google.com/~r/TheHackersNews/~3/OJUqyXnH4yI/yikes-cybercriminals-flood-intrenet.html Cybercriminals are resorting to search engine poisoning techniques to lure business professionals into seemingly legitimate Google sites that install a Remote Access Trojan (RAT) capable of carrying out a wide range of attacks. The attack works by leveraging searches for business forms such as invoices, templates, questionnaires, and receipts as a stepping stone toward infiltrating the systems.<img src="http://feeds.feedburner.com/~r/TheHackersNews/~4/OJUqyXnH4yI" height="1" width="1" alt=""/> http://feedproxy.google.com/~r/TheHackersNews/~3/OJUqyXnH4yI/yikes-cybercriminals-flood-intrenet.html Thu, 15 Apr 2021 09:38:32 +0000 2021-04-15T09:38:32+00:00 5+ Best Cost Calculator WordPress Plugins https://www.designernews.co/stories/114804-5-best-cost-calculator-wordpress-plugins https://wpklik.com/wordpress-plugins/cost-calculator-wordpress-plugins/ https://www.designernews.co/stories/114804-5-best-cost-calculator-wordpress-plugins Thu, 15 Apr 2021 08:49:00 +0000 2021-04-15T08:49:00+00:00 New WhatsApp Bugs Could've Let Attackers Hack Your Phone Remotely http://feedproxy.google.com/~r/TheHackersNews/~3/qPhYThzKAzI/new-whatsapp-bug-couldve-let-attackers.html Facebook-owned WhatsApp recently addressed two security vulnerabilities in its messaging app for Android that could have been exploited to execute malicious code remotely on the device and even exfiltrate sensitive information. The flaws take aim at devices running Android versions up to and including Android 9 by carrying out what's known as a "man-in-the-disk" attack that makes it possible for<img src="http://feeds.feedburner.com/~r/TheHackersNews/~4/qPhYThzKAzI" height="1" width="1" alt=""/> http://feedproxy.google.com/~r/TheHackersNews/~3/qPhYThzKAzI/new-whatsapp-bug-couldve-let-attackers.html Thu, 15 Apr 2021 06:55:19 +0000 2021-04-15T06:55:19+00:00 NSA Discovers New Vulnerabilities Affecting Microsoft Exchange Servers http://feedproxy.google.com/~r/TheHackersNews/~3/s2V5STIU49k/nsa-discovers-new-vulnerabilities.html In its April slate of patches, Microsoft rolled out fixes for a total of 114 security flaws, including an actively exploited zero-day and four remote code execution bugs in Exchange Server. Of the 114 flaws, 19 are rated as Critical, 88 are rated Important, and one is rated Moderate in severity. Chief among them is CVE-2021-28310, a privilege escalation vulnerability in Win32k that's said to be<img src="http://feeds.feedburner.com/~r/TheHackersNews/~4/s2V5STIU49k" height="1" width="1" alt=""/> http://feedproxy.google.com/~r/TheHackersNews/~3/s2V5STIU49k/nsa-discovers-new-vulnerabilities.html Thu, 15 Apr 2021 05:57:31 +0000 2021-04-15T05:57:31+00:00 16 Best Ruby Frameworks For Web Development https://www.designernews.co/stories/114797-16-best-ruby-frameworks-for-web-development https://www.lambdatest.com/blog/16-best-ruby-frameworks/?utm_source=designernews&utm_medium=blog&utm_campaign=PM-15Apr21&utm_term=organicPosting https://www.designernews.co/stories/114797-16-best-ruby-frameworks-for-web-development Thu, 15 Apr 2021 04:27:48 +0000 2021-04-15T04:27:48+00:00 New JavaScript Exploit Can Now Carry Out DDR4 Rowhammer Attacks http://feedproxy.google.com/~r/TheHackersNews/~3/0d5i69wqLJU/new-javascript-exploit-can-now-carry.html Academics from Vrije University in Amsterdam and ETH Zurich have published a new research paper describing yet another variation of the Rowhammer attack. Dubbed SMASH (Synchronized MAny-Sided Hammering), the technique can be used to successfully trigger the attack from JavaScript on modern DDR4 RAM cards, notwithstanding extensive mitigations that have been put in place by manufacturers over the<img src="http://feeds.feedburner.com/~r/TheHackersNews/~4/0d5i69wqLJU" height="1" width="1" alt=""/> http://feedproxy.google.com/~r/TheHackersNews/~3/0d5i69wqLJU/new-javascript-exploit-can-now-carry.html Wed, 14 Apr 2021 15:50:53 +0000 2021-04-14T15:50:53+00:00 Simplify, then Add Lightness – Consolidating the Technology to Better Defend Ourselves http://feedproxy.google.com/~r/TheHackersNews/~3/t3hKpk1tsqY/simplify-then-add-lightness.html One of the biggest consequences of the rapidly evolving cybersecurity threat landscape is that defenses must constantly build bigger systems to defend themselves.  This leads to both more complex systems and often less communication between them. More importantly, it can lead companies to invest in disparate “best in class” components instead of finding the best fit for their needs. The constant<img src="http://feeds.feedburner.com/~r/TheHackersNews/~4/t3hKpk1tsqY" height="1" width="1" alt=""/> http://feedproxy.google.com/~r/TheHackersNews/~3/t3hKpk1tsqY/simplify-then-add-lightness.html Wed, 14 Apr 2021 12:01:51 +0000 2021-04-14T12:01:51+00:00 Update Your Chrome Browser to Patch 2 New In-the-Wild 0-Day Exploits http://feedproxy.google.com/~r/TheHackersNews/~3/QXZolEuZKPg/2-new-chrome-0-days-under-attack-update.html Google on Tuesday released a new version of Chrome web-browsing software for Windows, Mac, and Linux with patches for two newly discovered security vulnerabilities for both of which it says exploits exist in the wild, allowing attackers to engage in active exploitation. One of the two flaws concerns an insufficient validation of untrusted input in its V8 JavaScript rendering engine (<img src="http://feeds.feedburner.com/~r/TheHackersNews/~4/QXZolEuZKPg" height="1" width="1" alt=""/> http://feedproxy.google.com/~r/TheHackersNews/~3/QXZolEuZKPg/2-new-chrome-0-days-under-attack-update.html Wed, 14 Apr 2021 08:32:40 +0000 2021-04-14T08:32:40+00:00 Detecting the "Next" SolarWinds-Style Cyber Attack http://feedproxy.google.com/~r/TheHackersNews/~3/E54HufS4xFI/detecting-next-solarwinds-attack.html The SolarWinds attack, which succeeded by utilizing the sunburst malware, shocked the cyber-security industry. This attack achieved persistence and was able to evade internal systems long enough to gain access to the source code of the victim. Because of the far-reaching SolarWinds deployments, the perpetrators were also able to infiltrate many other organizations, looking for intellectual<img src="http://feeds.feedburner.com/~r/TheHackersNews/~4/E54HufS4xFI" height="1" width="1" alt=""/> http://feedproxy.google.com/~r/TheHackersNews/~3/E54HufS4xFI/detecting-next-solarwinds-attack.html Tue, 13 Apr 2021 17:21:31 +0000 2021-04-13T17:21:31+00:00 New NAME:WRECK Vulnerabilities Impact Nearly 100 Million IoT Devices http://feedproxy.google.com/~r/TheHackersNews/~3/XIF1NSjySrQ/new-namewreck-vulnerabilities-impact.html Security researchers have uncovered nine vulnerabilities affecting four TCP/IP stacks impacting more than 100 million consumer and enterprise devices that could be exploited by an attacker to take control of a vulnerable system. Dubbed "NAME:WRECK" by Forescout and JSOF, the flaws are the latest in series of studies undertaken as part of an initiative called Project Memoria to study the security<img src="http://feeds.feedburner.com/~r/TheHackersNews/~4/XIF1NSjySrQ" height="1" width="1" alt=""/> http://feedproxy.google.com/~r/TheHackersNews/~3/XIF1NSjySrQ/new-namewreck-vulnerabilities-impact.html Tue, 13 Apr 2021 12:24:29 +0000 2021-04-13T12:24:29+00:00 Hackers Using Website's Contact Forms to Deliver IcedID Malware http://feedproxy.google.com/~r/TheHackersNews/~3/zVzBu5SMqGo/hackers-using-websites-contact-forms-to.html Microsoft has warned organizations of a "unique" attack campaign that abuses contact forms published on websites to deliver malicious links to businesses via emails containing fake legal threats, in what's yet another instance of adversaries abusing legitimate infrastructure to mount evasive campaigns that bypass security protections. "The emails instruct recipients to click a link to review<img src="http://feeds.feedburner.com/~r/TheHackersNews/~4/zVzBu5SMqGo" height="1" width="1" alt=""/> http://feedproxy.google.com/~r/TheHackersNews/~3/zVzBu5SMqGo/hackers-using-websites-contact-forms-to.html Tue, 13 Apr 2021 11:51:30 +0000 2021-04-13T11:51:30+00:00 BRATA Malware Poses as Android Security Scanners on Google Play Store http://feedproxy.google.com/~r/TheHackersNews/~3/cVz8kvM3if8/brata-malware-poses-as-android-security.html A new set of malicious Android apps have been caught posing as app security scanners on the official Play Store to distribute a backdoor capable of gathering sensitive information. "These malicious apps urge users to update Chrome, WhatsApp, or a PDF reader, yet instead of updating the app in question, they take full control of the device by abusing accessibility services," cybersecurity firm<img src="http://feeds.feedburner.com/~r/TheHackersNews/~4/cVz8kvM3if8" height="1" width="1" alt=""/> http://feedproxy.google.com/~r/TheHackersNews/~3/cVz8kvM3if8/brata-malware-poses-as-android-security.html Tue, 13 Apr 2021 07:19:48 +0000 2021-04-13T07:19:48+00:00 RCE Exploit Released for Unpatched Chrome, Opera, and Brave Browsers http://feedproxy.google.com/~r/TheHackersNews/~3/xnTh85fU5Rk/rce-exploit-released-for-unpatched.html An Indian security researcher has publicly published a proof-of-concept (PoC) exploit code for a newly discovered flaw impacting Google Chrome and other Chromium-based browsers like Microsoft Edge, Opera, and Brave. Released by Rajvardhan Agarwal, the working exploit concerns a remote code execution vulnerability in the V8 JavaScript rendering engine that powers the web browsers. It is believed<img src="http://feeds.feedburner.com/~r/TheHackersNews/~4/xnTh85fU5Rk" height="1" width="1" alt=""/> http://feedproxy.google.com/~r/TheHackersNews/~3/xnTh85fU5Rk/rce-exploit-released-for-unpatched.html Tue, 13 Apr 2021 06:33:30 +0000 2021-04-13T06:33:30+00:00 Indian Brokerage Firm Upstox Suffers Data Breach Leaking 2.5 Millions Users' Data http://feedproxy.google.com/~r/TheHackersNews/~3/7qeEyWoS1pM/indian-brokerage-firm-upstox-suffers.html Online trading and discount brokerage platform Upstox has become the latest Indian company to suffer a security breach of its systems, resulting in the exposure of sensitive information of approximately 2.5 million users on the dark web. The leaked information includes names, email addresses, dates of birth, bank account information, and about 56 million know your customer (KYC) documents pulled<img src="http://feeds.feedburner.com/~r/TheHackersNews/~4/7qeEyWoS1pM" height="1" width="1" alt=""/> http://feedproxy.google.com/~r/TheHackersNews/~3/7qeEyWoS1pM/indian-brokerage-firm-upstox-suffers.html Mon, 12 Apr 2021 16:04:02 +0000 2021-04-12T16:04:02+00:00