Hi everyone, full of security related articles this week. I want to shift gear a bit to give everyone gain more knowledge and exposure to cyber security.
This is very practical and hand-on tutorial which you can follow to get some sense of simple AI/Machine learning. The entire of process of finding positive/negative news in podcast, corelate them with prices of stocks, draw chat etc.
Why spend so much time on internal tooling, CRUD apps, and dashboards built from scratch? Retool is a 10x faster way to build custom internal tools, and now it’s free for early-stage startups to use for up to a year. They’ve also created a deal book worth $160K in startup discounts to give startups access to the tools they need for great internal tools, for free. Get your discount.
Persistence consists of techniques that adversaries use to keep access to systems across restarts, changed credentials, and other interruptions that could cut off their access. In Mac, LaunchDaemons and LaunchAgents are directory for start-up script or daemon process to restore access? But what else, what are other vector attacks?
In email world, we had spam trap setup so that no human will email that, and as soon as an email hit that address, we know that the source is sending spam. Same in security, An industrious attacker lands on one of your servers and finds a 5MB MySQL dump file (say, called prod_primary.dump). What do they do next? Typically, they would load this dump-file into a temporary database to rummage through the data. As soon as they do, you get an email/SMS/alert letting you know. Can we made that happen?
10 queries that you can run daily to montior and do some sanity checks on your postgres. Practical, action-able query that you can run immediately right now to get some quick win :)
Cost Based Optimisation is the de-facto standard way to optimise SQL queries in most modern databases. For example, if a query may returns > 20% of rows in the table, the query planner might just skip the index and scan the table directly because it may have to read whole table anyway. But how about simpler optimisations that can be implemented purely based on meta data (e.g. constraints) and the query itself
Curated list of public penetration test reports released by several consulting firms and academic security groups. Is there any report about Jeff Bezos’s phone hack? Yes, I’m glad you asked.
If you use GPUs, you should know that there are 2 ways to connect them to the motherboard to allow it to connect to the other components (network, CPU, storage device). Solution 1 is through PCI Express and solution 2 through SXM2. We will talk about SXM2 in the future. Today, we will focus on PCI Express. This is because it has a strong dependency with the choice of adjacent hardware such as PCI BUS or CPU.
an easy-to-use neural network library for Javascript. This library is small and easy to learn,
JavaScriptA highly customizable Changelog Generator that follows Conventional Commit specifications ⛰️
a web based open source helpdesk/customer support system
Local HTTP/HTTPS/SOCKS server with authentication support, Built-in DNS server, iptables support
Why spend so much time on internal tooling, CRUD apps, and dashboards built from scratch? Retool is a 10x faster way to build custom internal tools, and now it’s free for early-stage startups to use for up to a year. They’ve also created a deal book worth $160K in startup discounts to give startups access to the tools they need for great internal tools, for free. Get your discount.
BetterDev Link
Every Monday