Code & Design News Aggregator of Code, Security and Design news sites. Sun, 20 May 2018 22:27:50 +0100 Creating A Bootable Usb On Linux Sun, 20 May 2018 21:04:34 +0000 2018-05-20T21:04:34+00:00 Make code copying easier with :before #css Sun, 20 May 2018 20:59:00 +0000 2018-05-20T20:59:00+00:00 How Can We Stop Being Treated Like "Code Monkeys"? Sun, 20 May 2018 20:51:15 +0000 2018-05-20T20:51:15+00:00 The making of Lemmings <a href="">Comments</a> Sun, 20 May 2018 20:20:59 +0000 2018-05-20T20:20:59+00:00 The Reactive Engine, A. C. Kay 1969 <a href="">Comments</a> Sun, 20 May 2018 20:19:57 +0000 2018-05-20T20:19:57+00:00 Real-time Sudoku Solver using OpenCV​ and Deep learning Sun, 20 May 2018 20:17:29 +0000 2018-05-20T20:17:29+00:00 Razorpay Is Hiring Infrastructure / Devops Engineers in Bangalore <a href="">Comments</a> Sun, 20 May 2018 20:16:29 +0000 2018-05-20T20:16:29+00:00 Legal row over who owns domain <a href="">Comments</a> Sun, 20 May 2018 20:14:13 +0000 2018-05-20T20:14:13+00:00 Europe’s open-access drive escalates as university stand-offs spread <a href="">Comments</a> Sun, 20 May 2018 20:06:40 +0000 2018-05-20T20:06:40+00:00 Google's Rules of Machine Learning <a href="">Comments</a> Sun, 20 May 2018 19:55:48 +0000 2018-05-20T19:55:48+00:00 If Haskell is so great, why hasn't it taken over the world? <a href="">Comments</a> Sun, 20 May 2018 19:15:39 +0000 2018-05-20T19:15:39+00:00 Learn to love your bad ideas Sun, 20 May 2018 18:35:06 +0000 2018-05-20T18:35:06+00:00 Staying focused won’t make you a productive programmer Sun, 20 May 2018 18:28:39 +0000 2018-05-20T18:28:39+00:00 The Ogler’s Guide to Shibuya, Tokyo <a href="">Comments</a> Sun, 20 May 2018 17:58:16 +0000 2018-05-20T17:58:16+00:00 Death of a Biohacker <a href="">Comments</a> Sun, 20 May 2018 17:56:14 +0000 2018-05-20T17:56:14+00:00 The Stunning, Sacred Retreats of California (2013) <a href="">Comments</a> Sun, 20 May 2018 17:48:53 +0000 2018-05-20T17:48:53+00:00 Metrics with Spring Boot 2.0 - Counters and gauges Sun, 20 May 2018 17:41:31 +0000 2018-05-20T17:41:31+00:00 Let's make a perfect AI for Tic-Tac-Toe! [VOICE] Sun, 20 May 2018 17:04:36 +0000 2018-05-20T17:04:36+00:00 Fault attacks on secure chips: from glitch to flash (2011) [pdf] <a href="">Comments</a> Sun, 20 May 2018 16:04:38 +0000 2018-05-20T16:04:38+00:00 Automate All the Things Sun, 20 May 2018 15:36:30 +0000 2018-05-20T15:36:30+00:00 CSCI E-23a: Introduction to Game Development <a href="">Comments</a> Sun, 20 May 2018 15:21:12 +0000 2018-05-20T15:21:12+00:00 Angr – A powerful and user-friendly binary analysis platform <a href="">Comments</a> Sun, 20 May 2018 15:02:39 +0000 2018-05-20T15:02:39+00:00 Ten Years of Vim Sun, 20 May 2018 14:29:29 +0000 2018-05-20T14:29:29+00:00 Selenium Mobile JSON Wire Protocol Specification <a href="">Comments</a> Sun, 20 May 2018 14:26:32 +0000 2018-05-20T14:26:32+00:00 Explaining pattern matching, filter and map in Haskell by solving a HackerRank problem -- HaskellRank Ep.03 Sun, 20 May 2018 14:18:30 +0000 2018-05-20T14:18:30+00:00 Gojay – Highly performant JSON encoder/decoder for Golang <a href="">Comments</a> Sun, 20 May 2018 14:08:52 +0000 2018-05-20T14:08:52+00:00 Getting 1Password 7 ready for the Mac App Store <a href="">Comments</a> Sun, 20 May 2018 13:53:28 +0000 2018-05-20T13:53:28+00:00 The Physics and Physicality of Extreme Juggling <a href="">Comments</a> Sun, 20 May 2018 13:37:44 +0000 2018-05-20T13:37:44+00:00 Abusing Proxies for DSLs <a href="">Comments</a> Sun, 20 May 2018 12:51:13 +0000 2018-05-20T12:51:13+00:00 A space ant fires its lasers <a href="">Comments</a> Sun, 20 May 2018 12:38:22 +0000 2018-05-20T12:38:22+00:00 CocoaPods Tutorial for Swift: Getting Started Sun, 20 May 2018 12:32:24 +0000 2018-05-20T12:32:24+00:00 How to use Webpack and React with Phoenix 1.3 Sun, 20 May 2018 12:08:58 +0000 2018-05-20T12:08:58+00:00 A ten-hour codewalk through the CPython internals (2016) <a href="">Comments</a> Sun, 20 May 2018 12:05:24 +0000 2018-05-20T12:05:24+00:00 The Markov Property, Chain, Reward Process and Decision Process <a href="">Comments</a> Sun, 20 May 2018 11:36:14 +0000 2018-05-20T11:36:14+00:00 Oceangoing robots that could revolutionize fishing, drilling, and science <a href="">Comments</a> Sun, 20 May 2018 11:34:36 +0000 2018-05-20T11:34:36+00:00 "To all you that are trying to tell people they can become professionals in just a few weeks JUST to sell your product - shame on you!" Sun, 20 May 2018 11:28:48 +0000 2018-05-20T11:28:48+00:00 Inline unit testing in Clojure Sun, 20 May 2018 11:16:59 +0000 2018-05-20T11:16:59+00:00 Python PIR Sensor & Camera Room Security Email Alerts Sun, 20 May 2018 10:55:05 +0000 2018-05-20T10:55:05+00:00 Latest Roundup of EE4J Activities for Jakarta EE Sun, 20 May 2018 09:50:08 +0000 2018-05-20T09:50:08+00:00 Keycloak security to EE Security using Soteria Sun, 20 May 2018 09:49:16 +0000 2018-05-20T09:49:16+00:00 Python as a declarative programming language (2017) <a href="">Comments</a> Sun, 20 May 2018 09:27:50 +0000 2018-05-20T09:27:50+00:00 Awesome visualization for understanding RAFT protocol for distributed consensus Sun, 20 May 2018 09:11:53 +0000 2018-05-20T09:11:53+00:00 New variety in the chip market, and trouble for Intel (2017) <a href="">Comments</a> Sun, 20 May 2018 09:10:02 +0000 2018-05-20T09:10:02+00:00 Sketch artboard actual size Hi, I am designing on a 1440x900 Macbook Pro, and I set my artboard to be 1440x900. But when I view in actual size or export, it is actually bigger than 1440x900. Why is that? How can I fix it? Thx Sun, 20 May 2018 08:19:43 +0000 2018-05-20T08:19:43+00:00 Dijkstra: Reasoning About Programs (1990) [video] <a href="">Comments</a> Sun, 20 May 2018 08:17:35 +0000 2018-05-20T08:17:35+00:00 Why Finland's cities are havens for library lovers <a href="">Comments</a> Sun, 20 May 2018 07:20:16 +0000 2018-05-20T07:20:16+00:00 AsteroidOS – An open-source operating system for smartwatches <a href="">Comments</a> Sun, 20 May 2018 06:13:51 +0000 2018-05-20T06:13:51+00:00 GIFs of website interaction... How are you making them? I've been seeing a lot of this lately. How are people producing GIFs of website interaction and animation? e.g. Are there specific tools? Screen recorders? In something like After Effects? Sun, 20 May 2018 04:48:16 +0000 2018-05-20T04:48:16+00:00 GitHub - andlabs/libui: Simple and portable (but not inflexible) GUI library in C that uses the native GUI technologies of each platform it supports. Sun, 20 May 2018 04:05:18 +0000 2018-05-20T04:05:18+00:00 GitHub - zyedidia/micro: A modern and intuitive terminal-based text editor Sun, 20 May 2018 03:54:51 +0000 2018-05-20T03:54:51+00:00 History of Symbolics lisp machines (2007) <a href="">Comments</a> Sun, 20 May 2018 02:19:42 +0000 2018-05-20T02:19:42+00:00 Understanding Image Sharpness <a href="">Comments</a> Sun, 20 May 2018 01:32:42 +0000 2018-05-20T01:32:42+00:00 [Unresolved Mistery]Observations on interrupt collision between Arduino's millis() and attachInterrupt() Sun, 20 May 2018 01:22:06 +0000 2018-05-20T01:22:06+00:00 How to write unmaintainable code: naming Sun, 20 May 2018 00:22:01 +0000 2018-05-20T00:22:01+00:00 Speeding up Zsh and Oh-My-Zsh Sat, 19 May 2018 23:32:34 +0000 2018-05-19T23:32:34+00:00 The weirdest bug I’ve found in a compiler Sat, 19 May 2018 20:59:23 +0000 2018-05-19T20:59:23+00:00 How to Make Your Own Easy Button Logo with Adobe Illustrator Sat, 19 May 2018 19:01:47 +0000 2018-05-19T19:01:47+00:00 Card-Carrying Precadavers <a href="">Comments</a> Sat, 19 May 2018 18:53:48 +0000 2018-05-19T18:53:48+00:00 Writing a Portable CPU/GPU Ray Tracer in C# Sat, 19 May 2018 17:18:44 +0000 2018-05-19T17:18:44+00:00 Daily CSS Design Sat, 19 May 2018 15:51:56 +0000 2018-05-19T15:51:56+00:00 What's the best non-Adobe product for animation design? And where are the best tutorials for that product? I'm interested in learning how to do animation for logos, UI, etc. and am not a big fan of Adobe's pricing model, so would therefore like to avoid After Effects. What are the other most-used tools for animation? And do you know of any good tutorials to help me get started? Sat, 19 May 2018 15:00:08 +0000 2018-05-19T15:00:08+00:00 Mobile App Development India The mobile application is one of the important factors to escalate your business. HireIndianProgrammers, the best [mobile app development India]( offers services for developing mobile applications on various platforms such as Android, Windows and iOS. Sat, 19 May 2018 12:08:58 +0000 2018-05-19T12:08:58+00:00 Resume template Sat, 19 May 2018 11:33:03 +0000 2018-05-19T11:33:03+00:00 “A design that merges iOS and Android” As designers, we are often asked to design cross-platform apps. However, the design systems behind iOS and Android are vastly different. Small examples include the way that indicators are treated on table views (the chevron on the right side); or small touches on tab bars (on Android, the label is only supposed to be shown on the active item). Larger is the way movement is depicted. Android has a concept of transitioning elements from screen to screen. iOS has relatively strict view hierarchies and the animations are mostly on the full view. If you try to explain these differences in a client meeting, the client will probably acknowledge them, then start talking about budget and in the end you have to deal with the problem anyway. I have been exploring React Native (from the design side) which allows you to more easily build custom cross-platform interfaces (versus starting a native Android and iOS app from scratch). However, in a custom UI you still have to decide which combination you make between iOS and Android. Any thoughts? How do you deal with this problem? Sat, 19 May 2018 11:00:04 +0000 2018-05-19T11:00:04+00:00 How to survive without search in Figma Sat, 19 May 2018 08:46:13 +0000 2018-05-19T08:46:13+00:00 Deadpool Don't Even Like Chimichangas All That Much Illustration Fri, 18 May 2018 17:57:55 +0000 2018-05-18T17:57:55+00:00 Bedrock – A powerful static site generator Fri, 18 May 2018 15:13:35 +0000 2018-05-18T15:13:35+00:00 Layout Podcast: What qualifies a designer as a *senior* designer? Fri, 18 May 2018 13:58:01 +0000 2018-05-18T13:58:01+00:00 Understanding UX Vocabulary [5 terms that will change the way you create a digital experience for your clients] Fri, 18 May 2018 13:37:36 +0000 2018-05-18T13:37:36+00:00 How do you annotate design changes to your dev team? Hello designers! I am looking to improve my design process and some tips and opinions from you would be amazing. There is always one pain in my process that keeps me annoying over and over. Let's say I sent a design to devs for them to start coding it. After a while I have to change something in the design, based off some feedback or after metrics come in. I then have to go over all my design decisions and changes again to list them out for the devs. Either in person or via GitHub issue etc. But I find this quite frustrating - going back and annotating everything manually. Especially when small changes (like copy changes, slightly changed color shade…) are overlooked and don't make it to the final release - it's extra annoying. I'm I alone in this? How do you communicate these design changes to your dev team? If you do it manually, any tips to make this less painful? Do you use any tools or frameworks for this? Fri, 18 May 2018 12:43:33 +0000 2018-05-18T12:43:33+00:00 Website extreme makeover: brushing fear away and trying something new – Designer News Fri, 18 May 2018 12:41:12 +0000 2018-05-18T12:41:12+00:00 Awesome iPhone X App Design Fri, 18 May 2018 12:10:02 +0000 2018-05-18T12:10:02+00:00 Portfolio of Martin Gorol Fri, 18 May 2018 11:50:41 +0000 2018-05-18T11:50:41+00:00 Introducing public/private brand guidelines Fri, 18 May 2018 10:59:13 +0000 2018-05-18T10:59:13+00:00 Good Questions, Bad Asks: The UX Of Questions In User Onboarding Fri, 18 May 2018 10:33:33 +0000 2018-05-18T10:33:33+00:00 NFWalls - Beautiful wallpapers for your Android Device Fri, 18 May 2018 05:44:19 +0000 2018-05-18T05:44:19+00:00 Hand-curated list with over 80+ amazing stock video and photo sites Thu, 17 May 2018 20:33:50 +0000 2018-05-17T20:33:50+00:00 As the Web moves toward HTTPS by default, Chrome will remove “secure” indicator The browser is changing to flag the things that are dangerous, not the ones that are safe. Thu, 17 May 2018 18:46:49 +0000 2018-05-17T18:46:49+00:00 Maze now supports Marvel prototypes! Thu, 17 May 2018 13:11:09 +0000 2018-05-17T13:11:09+00:00 Nethammer—Exploiting DRAM Rowhammer Bug Through Network Requests Last week, we reported about the first network-based remote Rowhammer attack, dubbed Throwhammer, which involves the exploitation a known vulnerability in DRAM through network cards using remote direct memory access (RDMA) channels. However, a separate team of security researchers has now demonstrated a second network-based remote Rowhammer technique that can be used to attack systems using<div class="feedflare"> <a href=""><img src="" border="0"></img></a> </div><img src="" height="1" width="1" alt=""/> Thu, 17 May 2018 09:54:49 +0000 2018-05-17T09:54:49+00:00 Xbox Adaptive Controller Thu, 17 May 2018 06:13:00 +0000 2018-05-17T06:13:00+00:00 Another severe flaw in Signal desktop app lets hackers steal your chats in plaintext For the second time in less than a week, users of the popular end-to-end encrypted Signal messaging app have to update their desktop applications once again to patch another severe code injection vulnerability. Discovered Monday by the same team of security researchers, the newly discovered vulnerability poses the same threat as the previous one, allowing remote attackers to inject malicious<div class="feedflare"> <a href=""><img src="" border="0"></img></a> </div><img src="" height="1" width="1" alt=""/> Wed, 16 May 2018 15:03:09 +0000 2018-05-16T15:03:09+00:00 Red Hat Linux DHCP Client Found Vulnerable to Command Injection Attacks A Google security researcher has discovered a critical remote command injection vulnerability in the DHCP client implementation of Red Hat Linux and its derivatives like Fedora operating system. The vulnerability, tracked as CVE-2018-1111, could allow attackers to execute arbitrary commands with root privileges on targeted systems. Whenever your system joins a network, it’s the DHCP client<div class="feedflare"> <a href=""><img src="" border="0"></img></a> </div><img src="" height="1" width="1" alt=""/> Tue, 15 May 2018 21:13:50 +0000 2018-05-15T21:13:50+00:00 Sponsor: Live Now: UX / UI design with Alissa Suzanne, Zachery Nielson and Meagan Fisher Tue, 15 May 2018 16:30:18 +0000 2018-05-15T16:30:18+00:00 Hackers Reveal How Code Injection Attack Works in Signal Messaging App After the revelation of the eFail attack details, it's time to reveal how the recently reported code injection vulnerability in the popular end-to-end encrypted Signal messaging app works. As we reported last weekend, Signal has patched its messaging app for Windows and Linux that suffered a code injection vulnerability discovered and reported by a team of white-hat hackers from Argentina. <!<div class="feedflare"> <a href=""><img src="" border="0"></img></a> </div><img src="" height="1" width="1" alt=""/> Mon, 14 May 2018 21:53:44 +0000 2018-05-14T21:53:44+00:00 Here's How eFail Attack Works Against PGP and S/MIME Encrypted Emails With a heavy heart, security researchers have early released the details of a set of vulnerabilities discovered in email clients for two widely used email encryption standards—PGP and S/MIME—after someone leaked their paper on the Internet, which was actually scheduled for tomorrow. PGP and S/MIME are popular end-to-end encryption standards used to encrypt emails in a way that no one, not<div class="feedflare"> <a href=""><img src="" border="0"></img></a> </div><img src="" height="1" width="1" alt=""/> Mon, 14 May 2018 19:44:55 +0000 2018-05-14T19:44:55+00:00 Adobe Releases Critical Security Updates for Acrobat, Reader and Photoshop CC Adobe has just released new versions of its Acrobat DC, Reader and Photoshop CC for Windows and macOS users that patch 48 vulnerabilities in its software. A total of 47 vulnerabilities affect Adobe Acrobat and Reader applications, and one critical remote code execution flaw has been patched in Adobe Photoshop CC. Out of 47, Adobe Acrobat and Reader affect with 24 critical vulnerabilities—<div class="feedflare"> <a href=""><img src="" border="0"></img></a> </div><img src="" height="1" width="1" alt=""/> Mon, 14 May 2018 19:25:51 +0000 2018-05-14T19:25:51+00:00 Critical Flaws in PGP and S/MIME Tools Can Reveal Encrypted Emails in Plaintext Note—the technical details of the vulnerabilities introduced in this article has now been released, so you should also read our latest article to learn how the eFail attack works and what users can do to prevent themselves. An important warning for people using widely used email encryption tools—PGP and S/MIME—for sensitive communication. A team of European security researchers has released<div class="feedflare"> <a href=""><img src="" border="0"></img></a> </div><img src="" height="1" width="1" alt=""/> Mon, 14 May 2018 18:38:15 +0000 2018-05-14T18:38:15+00:00 Simple bug could lead to RCE flaw on apps built with Electron Framework A critical remote code execution vulnerability has been discovered in the popular Electron web application framework that could allow attackers to execute malicious code on victims' computers. Electron is an open source app development framework that powers thousands of widely-used desktop applications including WhatsApp, Skype, Signal, Wordpress, Slack, GitHub Desktop, Atom, Visual Studio<div class="feedflare"> <a href=""><img src="" border="0"></img></a> </div><img src="" height="1" width="1" alt=""/> Mon, 14 May 2018 10:13:19 +0000 2018-05-14T10:13:19+00:00 Severe Bug Discovered in Signal Messaging App for Windows and Linux Security researchers have discovered a severe vulnerability in the popular end-to-end encrypted Signal messaging app for Windows and Linux desktops which could allow remote attackers to execute malicious code on recipients system just by sending a message—without requiring any user interaction. Discovered by Alfredo Ortega, a software security consultant from Argentina, the vulnerability was<div class="feedflare"> <a href=""><img src="" border="0"></img></a> </div><img src="" height="1" width="1" alt=""/> Sat, 12 May 2018 09:13:05 +0000 2018-05-12T09:13:05+00:00 Google Makes it Mandatory for OEMs to Roll Out Android Security Updates Regularly Security of Android devices has been a nightmare since its inception, and the biggest reason being is that users don't receive latest security patch updates regularly. Precisely, it's your device manufacturer (Android OEMs) actually who takes time to roll out security patches for your devices and sometimes, even has been caught lying about security updates, telling customers that their<div class="feedflare"> <a href=""><img src="" border="0"></img></a> </div><img src="" height="1" width="1" alt=""/> Fri, 11 May 2018 18:55:08 +0000 2018-05-11T18:55:08+00:00 7 Chrome Extensions Spreading Through Facebook Caught Stealing Passwords Luring users on social media to visit lookalike version of popular websites that pop-up a legitimate-looking Chrome extension installation window is one of the most common modus operandi of cybercriminals to spread malware. Security researchers are again warning users of a new malware campaign that has been active since at least March this year and has already infected more than 100,000 users<div class="feedflare"> <a href=""><img src="" border="0"></img></a> </div><img src="" height="1" width="1" alt=""/> Fri, 11 May 2018 10:28:18 +0000 2018-05-11T10:28:18+00:00 New Rowhammer Attack Can Hijack Computers Remotely Over the Network Exploitation of Rowhammer attack just got easier. Dubbed ‘Throwhammer,’ the newly discovered technique could allow attackers to launch Rowhammer attack on the targeted systems just by sending specially crafted packets to the vulnerable network cards over the local area network. Known since 2012, Rowhammer is a severe issue with recent generation dynamic random access memory (DRAM) chips in<div class="feedflare"> <a href=""><img src="" border="0"></img></a> </div><img src="" height="1" width="1" alt=""/> Fri, 11 May 2018 08:20:00 +0000 2018-05-11T08:20:00+00:00 5 Powerful Botnets Found Exploiting Unpatched GPON Router Flaws Well, that did not take long. Within just 10 days of the disclosure of two critical vulnerabilities in GPON router at least 5 botnet families have been found exploiting the flaws to build an army of million devices. Security researchers from Chinese-based cybersecurity firm Qihoo 360 Netlab have spotted 5 botnet families, including Mettle, Muhstik, Mirai, Hajime, and Satori, making use of<div class="feedflare"> <a href=""><img src="" border="0"></img></a> </div><img src="" height="1" width="1" alt=""/> Thu, 10 May 2018 14:38:12 +0000 2018-05-10T14:38:12+00:00 Self-destructing messages received on 'Signal for Mac' can be recovered later It turns out that macOS client for the popular end-to-end encrypted messaging app Signal fails to properly delete disappearing (self-destructing) messages  from the recipient's system, leaving the content of your sensitive messages at risk of getting exposed. For those unaware, the disappearing messages in Signal self-destruct after a particular duration set by the sender, leaving no trace of<div class="feedflare"> <a href=""><img src="" border="0"></img></a> </div><img src="" height="1" width="1" alt=""/> Wed, 09 May 2018 16:15:28 +0000 2018-05-09T16:15:28+00:00 Microsoft Adds Support for JavaScript in Excel—What Could Possibly Go Wrong? Shortly after Microsoft announced support for custom JavaScript functions in Excel, someone demonstrated what could possibly go wrong if this feature is abused for malicious purposes. As promised last year at Microsoft's Ignite 2017 conference, the company has now brought custom JavaScript functions to Excel to extend its capabilities for better work with data. Functions are written in<div class="feedflare"> <a href=""><img src="" border="0"></img></a> </div><img src="" height="1" width="1" alt=""/> Wed, 09 May 2018 13:06:23 +0000 2018-05-09T13:06:23+00:00 Microsoft Patches Two Zero-Day Flaws Under Active Attack It's time to gear up for the latest May 2018 Patch Tuesday. Microsoft has today released security patches for a total of 67 vulnerabilities, including two zero-days that have actively been exploited in the wild by cybercriminals, and two publicly disclosed bugs. In brief, Microsoft is addressing 21 vulnerabilities that are rated as critical, 42 rated important, and 4 rated as low severity.<div class="feedflare"> <a href=""><img src="" border="0"></img></a> </div><img src="" height="1" width="1" alt=""/> Wed, 09 May 2018 06:14:09 +0000 2018-05-09T06:14:09+00:00 Hackers Found Using A New Way to Bypass Microsoft Office 365 Safe Links Security researchers revealed a way around that some hacking groups have been found using in the wild to bypass a security feature of Microsoft Office 365, which is originally designed to protect users from malware and phishing attacks. Dubbed Safe Links, the feature has been included in Office 365 software as part of Microsoft's Advanced Threat Protection (ATP) solution that works by replacing<div class="feedflare"> <a href=""><img src="" border="0"></img></a> </div><img src="" height="1" width="1" alt=""/> Tue, 08 May 2018 17:42:13 +0000 2018-05-08T17:42:13+00:00 A Simple Tool Released to Protect Dasan GPON Routers from Remote Hacking Since hackers have started exploiting two recently disclosed unpatched critical vulnerabilities found in GPON home routers, security researchers have now released an unofficial patch to help millions of affected users left vulnerable by their device manufacturer. Last week, researchers at vpnMentor disclosed details of—an authentication bypass (CVE-2018-10561) and a root-remote code execution<div class="feedflare"> <a href=""><img src="" border="0"></img></a> </div><img src="" height="1" width="1" alt=""/> Tue, 08 May 2018 13:34:08 +0000 2018-05-08T13:34:08+00:00 Two Romanian Hackers Extradited to the U.S. Over $18 Million Vishing Scam Two Romanian hackers have been extradited to the United States to face 31 criminal charges including computer fraud and abuse, wire fraud conspiracy, wire fraud, and aggravated identity theft. Described as "international computer hackers" by the United States Department of Justice, Teodor Laurentiu Costea, 41, and Robert Codrut Dumitrescu, 40, allegedly rob Americans of more than $18 million<div class="feedflare"> <a href=""><img src="" border="0"></img></a> </div><img src="" height="1" width="1" alt=""/> Tue, 08 May 2018 07:59:30 +0000 2018-05-08T07:59:30+00:00 Twitter is Testing End-to-End Encrypted Direct Messages Twitter has been adopting new trends at a snail's pace. But it’s better to be late than never. Since 2013 people were speculating that Twitter will bring end-to-end encryption to its direct messages, and finally almost 5 years after the encryption era began, the company is now testing an end-to-end encrypted messaging on Twitter. Dubbed "Secret Conversation," the feature has been spotted in<div class="feedflare"> <a href=""><img src="" border="0"></img></a> </div><img src="" height="1" width="1" alt=""/> Tue, 08 May 2018 07:45:37 +0000 2018-05-08T07:45:37+00:00 First-Ever Ransomware Found Using ‘Process Doppelgänging’ Attack to Evade Detection Security researchers have spotted the first-ever ransomware exploiting Process Doppelgänging, a new fileless code injection technique that could help malware evade detection. The Process Doppelgänging attack takes advantage of a built-in Windows function, i.e., NTFS Transactions, and an outdated implementation of Windows process loader, and works on all modern versions of Microsoft Windows OS<div class="feedflare"> <a href=""><img src="" border="0"></img></a> </div><img src="" height="1" width="1" alt=""/> Mon, 07 May 2018 12:30:15 +0000 2018-05-07T12:30:15+00:00 Android P to Block Apps From Monitoring Device Network Activity Do you know that any app you have installed on your Android phone can monitor the network activities—even without asking for any sensitive permission—to detect when other apps on your phone are connecting to the Internet? Obviously, they cant see the content of the network traffic, but can easily find to which server you are connecting to, all without your knowledge. Knowing what apps you<div class="feedflare"> <a href=""><img src="" border="0"></img></a> </div><img src="" height="1" width="1" alt=""/> Mon, 07 May 2018 09:28:50 +0000 2018-05-07T09:28:50+00:00 8 New Spectre-Class Vulnerabilities (Spectre-NG) Found in Intel CPUs A team of security researchers has reportedly discovered a total of eight new "Spectre-class" vulnerabilities in Intel CPUs, which also affect at least a small number of ARM processors and may impact AMD processor architecture as well. Dubbed Spectre-Next Generation, or Spectre-NG, the partial details of the vulnerabilities were first leaked to journalists at German computer magazine Heise,<div class="feedflare"> <a href=""><img src="" border="0"></img></a> </div><img src="" height="1" width="1" alt=""/> Sat, 05 May 2018 10:09:18 +0000 2018-05-05T10:09:18+00:00 GLitch: New 'Rowhammer' Attack Can Remotely Hijack Android Phones For the very first time, security researchers have discovered an effective way to exploit a four-year-old hacking technique called Rowhammer to hijack an Android phone remotely. Dubbed GLitch, the proof-of-concept technique is a new addition to the Rowhammer attack series which leverages embedded graphics processing units (GPUs) to carry out a Rowhammer attack against Android smartphones.<div class="feedflare"> <a href=""><img src="" border="0"></img></a> </div><img src="" height="1" width="1" alt=""/> Fri, 04 May 2018 07:39:11 +0000 2018-05-04T07:39:11+00:00 Change Your Twitter Password Immediately, Bug Exposes Passwords in Plaintext Twitter is urging all of its 330 million users to change their passwords after a software glitch unintentionally exposed its users' passwords by storing them in readable text on its internal computer system. The social media network disclosed the issue in an official blog post and a series of tweets from Twitter Support. <!-- adsense --> According to Twitter CTO Parag Agrawal, Twitter hashes<div class="feedflare"> <a href=""><img src="" border="0"></img></a> </div><img src="" height="1" width="1" alt=""/> Fri, 04 May 2018 05:24:41 +0000 2018-05-04T05:24:41+00:00 Microsoft claims to make Chrome safer with new extension A purported Edge advantage is now available in Chrome. Wed, 18 Apr 2018 15:12:54 +0000 2018-04-18T15:12:54+00:00 Intel, Microsoft to use GPU to scan memory for malware The company is also using its processors’ performance monitoring to detect malicious code. Tue, 17 Apr 2018 03:00:10 +0000 2018-04-17T03:00:10+00:00 AMD systems gain Spectre protection with latest Windows fixes Systems will still need updated firmware to get the latest microcode, however. Wed, 11 Apr 2018 16:32:56 +0000 2018-04-11T16:32:56+00:00 Practical passwordless authentication comes a step closer with WebAuthn Microsoft, Mozilla, and Google are all implementing the new standard. Tue, 10 Apr 2018 18:48:13 +0000 2018-04-10T18:48:13+00:00 Intel drops plans to develop Spectre microcode for ancient chips Company claims it's too hard, and few systems have exposure to attack. Wed, 04 Apr 2018 17:35:04 +0000 2018-04-04T17:35:04+00:00 Google bans cryptomining Chrome extensions because they refuse to play by the rules Google continues to try to keep its browser running smoothly in spite of others’ efforts. Tue, 03 Apr 2018 20:56:08 +0000 2018-04-03T20:56:08+00:00 As predicted, more branch prediction processor attacks are discovered New attack focuses on a different part of the branch prediction system. Mon, 26 Mar 2018 22:15:55 +0000 2018-03-26T22:15:55+00:00 AMD promises firmware fixes for security processor bugs All bugs require administrative access to exploit. Tue, 20 Mar 2018 22:00:09 +0000 2018-03-20T22:00:09+00:00 Intel outlines plans for Meltdown and Spectre fixes, microcode for older chips Microcodes for Sandy Bridge and newer are now available. Thu, 15 Mar 2018 18:00:16 +0000 2018-03-15T18:00:16+00:00 Patch Tuesday drops the mandatory antivirus requirement after all Today’s patches also include an annoying-looking remote code execution bug. Tue, 13 Mar 2018 20:35:18 +0000 2018-03-13T20:35:18+00:00 Intel’s latest set of Spectre microcode fixes is coming to a Windows update Windows users will no longer be beholden to their motherboard makers. Thu, 01 Mar 2018 18:14:43 +0000 2018-03-01T18:14:43+00:00 Intel ships (hopefully stable) microcode for Skylake, Kaby Lake, Coffee Lake All 6th, 7th, and 8th generation Core processors now have microcode available. Wed, 21 Feb 2018 19:03:33 +0000 2018-02-21T19:03:33+00:00 32 lawsuits filed against Intel over Spectre and Meltdown flaws Company also accused of failing to act in response to insider trading. Fri, 16 Feb 2018 20:42:57 +0000 2018-02-16T20:42:57+00:00 Windows Defender Advanced Threat Protection coming to Windows 7 and 8.1 A Windows 10 feature is coming to old platforms. Mon, 12 Feb 2018 17:19:15 +0000 2018-02-12T17:19:15+00:00 From July on, Chrome will brand plain old HTTP as “Not secure” The "Not secure" label will go where the padlock would go for an encrypted connection. Fri, 09 Feb 2018 19:50:24 +0000 2018-02-09T19:50:24+00:00 Intel releases new Spectre microcode update for Skylake; other chips remain in beta Previous microcode update was reported to cause unwanted system reboots. Thu, 08 Feb 2018 01:25:16 +0000 2018-02-08T01:25:16+00:00 New Windows patch disables Intel’s bad Spectre microcode fix Registry keys can also be used to selectively enable or disable the microcode fix. Mon, 29 Jan 2018 17:08:04 +0000 2018-01-29T17:08:04+00:00 Malicious Chrome extension is next to impossible to manually remove Extensions remain the Achilles heel for an otherwise highly secure browser. Fri, 19 Jan 2018 18:36:53 +0000 2018-01-19T18:36:53+00:00 Spectre and Meltdown patches causing trouble as realistic attacks get closer Driver incompatibilities and microcode problems are both being reported. Mon, 15 Jan 2018 21:05:29 +0000 2018-01-15T21:05:29+00:00