Amazing News...

How I cut GTA Online loading times by 70% 703 by kuroguro | 140 comments on Hacker News.

Judge in Google case disturbed that 'incognito' users are tracked 695 by johncena33 | 293 comments on Hacker News.

Show HN: Redbean – Single-file distributable web server 706 by jart | 107 comments on Hacker News.

A prolific North Korean state-sponsored hacking group has been tied to a new ongoing espionage campaign aimed at exfiltrating sensitive information from organizations in the defense industry. Attributing the attacks with high confidence to the Lazarus Group, the new findings from Kaspersky signal an expansion of the APT actor's tactics by going beyond the usual gamut of financially-motivated from The Hacker News https://ift.tt/37PnoKs via IFTTT

Researchers have uncovered gaps in Amazon's skill vetting process for the Alexa voice assistant ecosystem that could allow a malicious actor to publish a deceptive skill under any arbitrary developer name and even make backend code changes after approval to trick users into giving up sensitive information. The findings were presented on Wednesday at the Network and Distributed System Security from The Hacker News https://ift.tt/2ZRW0qL via IFTTT

Cisco has addressed a maximum severity vulnerability in its Application Centric Infrastructure (ACI) Multi-Site Orchestrator (MSO) that could allow an unauthenticated, remote attacker to bypass authentication on vulnerable devices. "An attacker could exploit this vulnerability by sending a crafted request to the affected API," the company said in an advisory published yesterday. "A successful from The Hacker News https://ift.tt/3pVLCJ9 via IFTTT

Google Analytics: Stop feeding the beast 619 by caspii | 316 comments on Hacker News.

Coinbase S-1 599 by kacy | 645 comments on Hacker News.

DigitalOcean S-1 608 by marc__1 | 269 comments on Hacker News.

The Framework Laptop 588 by bitigchi | 274 comments on Hacker News.

Shopify says remove Stripe billing or get booted from their app store 517 by ponny | 156 comments on Hacker News. We're a SaaS business currently listed on the Shopify App store. Today we got this stern email from Shopify's 'Partner Governance' team. TLDR: Don't even have Stripe as an option for Shopify users or we'll boot you. Also backpay since Jan 2019. "At Shopify, it is critical to maintain high trust and integrity within the Shopify App Store, so merchants have a reliable place to find solutions to grow their business. During a routine investigation, Partner Governance identified your app [our app] as offering external billing for Shopify merchants and not using the Billing API for all payments. [a couple of images of our cart] As you are aware, all paid apps are required to use our Billing API, as noted in our Partner Program Agreement (Section 3.2 Payments, Point 5) unless express permission is granted by Shopify. Payment information should not b...

Cybersecurity researchers today unwrapped a new campaign aimed at spying on vulnerable Tibetan communities globally by deploying a malicious Firefox extension on target systems. "Threat actors aligned with the Chinese Communist Party's state interests delivered a customized malicious Mozilla Firefox browser extension that facilitated access and control of users' Gmail accounts," Proofpoint said from The Hacker News https://ift.tt/3sp7v5c via IFTTT

It's no secret that sysadmins have plenty on their plates. Managing, troubleshooting, and updating software or hardware is a tedious task. Additionally, admins must grapple with complex webs of permissions and security. This can quickly become overwhelming without the right tools. If you're a sysadmin seeking to simplify your workflows, you're in luck. We've gathered some excellent software from The Hacker News https://ift.tt/3utI9VD via IFTTT

Show HN: I wrote a book about using data science to solve “everyday” problems 519 by andrewnc | 72 comments on Hacker News.

Ukraine is formally pointing fingers at Russian hackers for hacking into one of its government systems and attempting to plant and distribute malicious documents that would install malware on target systems of public authorities. "The purpose of the attack was the mass contamination of information resources of public authorities, as this system is used for the circulation of documents in most from The Hacker News https://ift.tt/3srCPAo via IFTTT

Show HN: Can’t afford Bloomberg Terminal? No prob, I built the next best thing 477 by sexy_year | 74 comments on Hacker News.

The U.S. Air Force just admitted the F-35 stealth fighter has failed 531 by dlcmh | 806 comments on Hacker News.

Canadians derailed a train and drove it to City Hall for power after a ice storm 480 by nradov | 201 comments on Hacker News.

Google Cloud vs. AWS Onboarding Comparison 512 by kevinslin | 302 comments on Hacker News.

My experience as a Gazan girl getting into Silicon Valley companies 549 by daliaawad | 107 comments on Hacker News. Hiii everyone, this is my first time posting here! I have read Hacker News sometimes but only thought about sharing my own post after seeing Manara's post (https://ift.tt/3uqZxu5 month. I asked them if I can share this here and they said it was a good idea. :) I’m a 19-year-old Gazan female who participated in Manara last year and got internships at Google and Repl.it. I’m so excited I will spend this summer at Google in Europe! I got lots of questions about my experience when people heard about it on Facebook so I wrote this blog post (https://ift.tt/3pONGm7) to let other young engineers in Palestine and the Middle East know how they can get into amazing companies like this too. If you are an engineer or student like me, read it and apply to Manara, they will help you so much!! Btw I have a few friends who just finished the Manara program and are looking for inter...

I heat my home by mining crypto currencies 508 by geek_at | 387 comments on Hacker News.

With browser makers steadily clamping down on third-party tracking, advertising technology companies are increasingly embracing a DNS technique to evade such defenses, thereby posing a threat to web security and privacy. Called CNAME Cloaking, the practice of blurring the distinction between first-party and third-party cookies not only results in leaking sensitive private information without from The Hacker News https://ift.tt/3aPsXKH via IFTTT

New research has uncovered a significant increase in QuickBooks file data theft using social engineering tricks to deliver malware and exploit the accounting software. "A majority of the time, the attack involves basic malware that is often signed, making it hard to detect using antivirus or other threat detection software," researchers from ThreatLocker said in an analysis shared today with The from The Hacker News https://ift.tt/2NR9253 via IFTTT

The cybersecurity world is constantly evolving to new forms of threats and vulnerabilities. But ransomware proves to be a different animal—most destructive, persistent, notoriously challenging to prevent, and is showing no signs of slowing down. Falling victim to a ransomware attack can cause significant data loss, data breach, operational downtime, costly recovery, legal consequences, and from The Hacker News https://ift.tt/2ZNMIMh via IFTTT

M1 Mac owners are experiencing high SSD writes over short periods of time 495 by voisin | 331 comments on Hacker News.

VMware has addressed multiple critical remote code execution (RCE) vulnerabilities in VMware ESXi and vSphere Client virtual infrastructure management platform that may allow attackers to execute arbitrary commands and take control of affected systems. "A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying from The Hacker News https://ift.tt/3dGwVY3 via IFTTT

Bitfinex and Tether required to end all trading activity with New Yorkers 542 by dgellow | 475 comments on Hacker News.

Perseverance rover’s descent and touchdown on Mars [video] 493 by jvanderbot | 148 comments on Hacker News.

Free for Developers 576 by fs111 | 139 comments on Hacker News.

Total Cookie Protection 570 by todsacerdoti | 212 comments on Hacker News.

A new attack framework aims to infer keystrokes typed by a target user at the opposite end of a video conference call by simply leveraging the video feed to correlate observable body movements to the text being typed. The research was undertaken by Mohd Sabra, and Murtuza Jadliwala from the University of Texas at San Antonio and Anindya Maiti from the University of Oklahoma, who say the attack from The Hacker News https://ift.tt/2ZGi5Z4 via IFTTT

A full-time mass work from home (WFH) workforce was once considered an extreme risk scenario that few risk or security professionals even bothered to think about. Unfortunately, within a single day, businesses worldwide had to face such a reality. Their 3-year long digital transformation strategy was forced to become a 3-week sprint during which offices were abandoned, and people started working from The Hacker News https://ift.tt/3qKSjik via IFTTT

Researchers have demonstrated a novel class of attacks that could allow a bad actor to potentially circumvent existing countermeasures and break the integrity protection of digitally signed PDF documents. Called "Shadow attacks" by academics from Ruhr-University Bochum, the technique uses the "enormous flexibility provided by the PDF specification so that shadow documents remain from The Hacker News https://ift.tt/3aPDPbH via IFTTT

Cybersecurity researchers on Monday tied a string of attacks targeting Accellion File Transfer Appliance (FTA) servers over the past two months to data theft and extortion campaign orchestrated by a cybercrime group called UNC2546. The attacks, which began in mid-December 2020, involved exploiting multiple zero-day vulnerabilities in the legacy FTA software to install a new web shell named from The Hacker News https://ift.tt/37EEsCV via IFTTT

We haven’t seen a quarter of known bee species since the 1990s 489 by esarbe | 139 comments on Hacker News.

Lena 464 by burkaman | 166 comments on Hacker News.

Software Bug Keeping Hundreds of Inmates in Arizona Prisons Beyond Release Dates 476 by macg333 | 205 comments on Hacker News.

YouTube blocked chess channel after mistaken detection of racial slurs 490 by anigbrowl | 500 comments on Hacker News.

Mistakes I've Made as an Engineering Manager 474 by sebg | 175 comments on Hacker News.

A Dishonest, Indifferent, and Toxic Culture 448 by brzozowski | 184 comments on Hacker News.

Daft Punk Break Up 587 by psychanarch | 199 comments on Hacker News.

An ever-evolving and rampant form of cybercrime that targets emails as the potential medium to conduct fraud is known as Business Email Compromise. Targeting commercial, government as well as non-profit organizations, BEC can lead to huge amounts of data loss, security breach, and compromised financial assets. It is a common misconception that cybercriminals usually lay their focus on MNCs and from The Hacker News https://ift.tt/2ZRerfn via IFTTT

On August 13, 2016, a hacking unit calling itself "The Shadow Brokers" announced that it had stolen malware tools and exploits used by the Equation Group, a sophisticated threat actor believed to be affiliated to the Tailored Access Operations (TAO) unit of the U.S. National Security Agency (NSA). Although the group has since signed off following the unprecedented disclosures, new "conclusive" from The Hacker News https://ift.tt/37ACvaz via IFTTT

Days after the first malware targeting Apple M1 chips was discovered in the wild, researchers have disclosed yet another previously undetected piece of malicious software that was found in about 30,000 Macs running Intel x86_64 and the iPhone maker's M1 processors. However, the ultimate goal of the operation remains something of a conundrum, what with the lack of a next-stage or final payload from The Hacker News https://ift.tt/2OZIaAu via IFTTT

Choose Boring Technology (2015) 543 by asyrafql | 304 comments on Hacker News.

How can you not be romantic about programming? (2020) 514 by joubert | 342 comments on Hacker News.

Why is it so hard to see code from 5 minutes ago? 513 by azhenley | 403 comments on Hacker News.

United B772 at Denver on Feb 20th 2021, engine inlet separates from engine 561 by haunter | 327 comments on Hacker News.

“I will slaughter you” 530 by ingve | 232 comments on Hacker News.

Brave has fixed a privacy issue in its browser that sent queries for .onion domains to public internet DNS resolvers rather than routing them through Tor nodes, thus exposing users' visits to dark web websites. The bug was addressed in a hotfix release (V1.20.108) made available yesterday. Brave ships with a built-in feature called "Private Window with Tor" that integrates the Tor anonymity from The Hacker News https://ift.tt/3dy7XKe via IFTTT

Draw an iceberg and see how it would float in water 580 by raldi | 78 comments on Hacker News.

Facebook reported fake numbers to advertisers 576 by elorant | 202 comments on Hacker News.

WhatsApp to move ahead with privacy update despite backlash 554 by sidcool | 267 comments on Hacker News.

There’s no such thing as “a startup within a big company” 594 by isolli | 304 comments on Hacker News.

Tauri: An Electron alternative written in Rust 656 by metalwhale | 287 comments on Hacker News.

Mars becomes the 2nd planet that has more computers running Linux than Windows 624 by fireball_blaze | 166 comments on Hacker News.

Monolith First (2015) 616 by asyrafql | 226 comments on Hacker News.

Cybersecurity researchers have disclosed a novel attack that could allow criminals to trick a point of sale terminal into transacting with a victim's Mastercard contactless card while believing it to be a Visa card. The research, published by a group of academics from the ETH Zurich, builds on a study detailed last September that delved into a PIN bypass attack, permitting bad actors to leverage from The Hacker News https://ift.tt/2OIwotZ via IFTTT

A credential stealer infamous for targeting Windows systems has resurfaced in a new phishing campaign that aims to steal credentials from Microsoft Outlook, Google Chrome, and instant messenger apps. Primarily directed against users in Turkey, Latvia, and Italy starting mid-January, the attacks involve the use of MassLogger — a .NET-based malware with capabilities to hinder static analysis — from The Hacker News https://ift.tt/37vGMf8 via IFTTT

Microsoft on Thursday said it concluded its probe into the SolarWinds hack, finding that the attackers stole some source code but confirmed there's no evidence that they abused its internal systems to target other companies or gained access to production services or customer data. The disclosure builds upon an earlier update on December 31, 2020, that uncovered a compromise of its own network to from The Hacker News https://ift.tt/3dxSw4V via IFTTT

Perseverance Rover lands on Mars [video] 530 by malloreon | 227 comments on Hacker News.

Visualization of 40M Cell Towers 471 by alprc | 134 comments on Hacker News.

Citibank just got a $500M lesson in the importance of UI design 647 by danbr | 323 comments on Hacker News.

Starlink is now Accepting General Pre-orders 571 by sf_rob | 365 comments on Hacker News.

One of the first malware samples tailored to run natively on Apple's M1 chips has been discovered, suggesting a new development that indicates that bad actors have begun adapting malicious software to target the company's latest generation of Macs powered by its own processors. While the transition to Apple silicon has necessitated developers to build new versions of their apps to ensure better from The Hacker News https://ift.tt/3arEM9M via IFTTT

Ask HN: Advice for finding an entry-level remote job? 538 by AskHNremote2021 | 144 comments on Hacker News. Hi HN, I realize this isn't super on topic but I also feel like this is the best place I know of to ask for this advice, so here goes. I need some entry-level, remote-based work. What should I do? Help desk work seems the most promising / practical, but I haven't been able to find anything yet. The remote jobs I see posted are nearly all for higher-end positions. I live in the poorest region of the United States, but I do the best with what I have. I’ve worked on my family’s farm and done a couple stints at retail beauty supply shops that friends own. I helped open two of those shops. That’s the extent of my non-existent resume. Given a chance to interview, I believe I would do ok. Maybe even exceed expectations for the sort of job I'm looking for. I need to work remotely for family reasons. I have a special-needs sister and I look after my youngest brother. They a...

The U.S. Department of Justice (DoJ) on Wednesday indicted three suspected North Korean hackers for allegedly conspiring to steal and extort over $1.3 billion in cash and cryptocurrencies from financial institutions and businesses. The three defendants — Jon Chang Hyok, Kim Il, and Park Jin Hyok — are said to be members of the Reconnaissance General Bureau, a military intelligence division of from The Hacker News https://ift.tt/3u8ulj4 via IFTTT

Before buying a NYT subscription, here's what it'll take to cancel it 539 by jandll | 300 comments on Hacker News.

Epic Games steps up Apple fight with EU antitrust complaint 495 by mikesabbagh | 805 comments on Hacker News.

Always Bet on Text (2014) 505 by asyrafql | 301 comments on Hacker News.

Why did I leave Google or, why did I stay so long? 473 by mrowland | 546 comments on Hacker News.

A severe security vulnerability in a popular video calling software development kit (SDK) could have allowed an attacker to spy on ongoing private video and audio calls. That's according to new research published by the McAfee Advanced Threat Research (ATR) team today, which found the aforementioned flaw in Agora.io's SDK used by several social apps such as eHarmony, Plenty of Fish, MeetMe, and from The Hacker News https://ift.tt/2ZqwwQY via IFTTT

Cybersecurity researchers have disclosed a new kind of Office malware distributed as part of a malicious email campaign that targeted more than 80 customers worldwide in an attempt to control victim machines and steal information remotely. The tool — dubbed "APOMacroSploit" — is a macro exploit generator that allows the user to create an Excel document capable of bypassing antivirus software, from The Hacker News https://ift.tt/37oOE23 via IFTTT

What went wrong with the Texas power grid? 478 by daenney | 835 comments on Hacker News.

A malvertising group known as "ScamClub" exploited a zero-day vulnerability in WebKit-based browsers to inject malicious payloads that redirected users to fraudulent websites gift card scams. The attacks, first spotted by ad security firm Confiant in late June 2020, leveraged a bug (CVE-2021–1801) that allowed malicious parties to bypass the iframe sandboxing policy in the browser engine that from The Hacker News https://ift.tt/3jUcM1A via IFTTT

Functorio 485 by ibobev | 138 comments on Hacker News.

'New car smell' is the scent of carcinogens 451 by samizdis | 333 comments on Hacker News.

What I Worked On 473 by tosh | 218 comments on Hacker News.

Building Rich Terminal Dashboards 469 by lumpa | 113 comments on Hacker News.

Israeli study finds 94% drop in symptomatic Covid-19 cases with Pfizer vaccine 460 by lazycrazyowl | 429 comments on Hacker News.

Show HN: ustaxes.org – open-source tax filing webapp 449 by aidangrimshaw | 213 comments on Hacker News.

Many small queries are efficient in SQLite 477 by ArtTimeInvestor | 268 comments on Hacker News.

“User Engagement” Is Code for “Addiction” 469 by wilsocr88 | 217 comments on Hacker News.

Fake Amazon reviews 'being sold in bulk' online 461 by _wldu | 343 comments on Hacker News.

There are many different types of accounts in a typical Active Directory environment. These include user accounts, computer accounts, and a particular type of account called a service account.  A service account is a special type of account that serves a specific purpose for services, and ultimately, applications in the environment. These special-purpose Active Directory accounts are also the from The Hacker News https://ift.tt/2LZjAP4 via IFTTT

Multiple unpatched vulnerabilities have been discovered in SHAREit, a popular app with over one billion downloads, that could be abused to leak a user's sensitive data, execute arbitrary code, and possibly lead to remote code execution. The findings come from cybersecurity firm Trend Micro's analysis of the Android version of the app, which allows users to share or transfer files between devices from The Hacker News https://ift.tt/3b5oRgs via IFTTT

As managed security service providers, you're always on the lookout for new platforms. One that can generate further business, enables you to scale easily without investing in more human resources and provides that value immediately. In the meanwhile, your clients are constantly demanding more security for a lesser cost. Cynet recently published an 8-min video detailing their platform, the Cynet from The Hacker News https://ift.tt/3s18Xuy via IFTTT

Russia-linked state-sponsored threat actor known as Sandworm has been linked to a three-year-long stealthy operation to hack targets by exploiting an IT monitoring tool called Centreon. The intrusion campaign — which breached "several French entities" — is said to have started in late 2017 and lasted until 2020, with the attacks particularly impacting web-hosting providers, said the French from The Hacker News https://ift.tt/3be1wJo via IFTTT

Cybersecurity researchers on Monday disclosed details of a now-patched flaw in the Telegram messaging app that could have exposed users' secret messages, photos, and videos to remote malicious actors. The issues were discovered by Italy-based Shielder in iOS, Android, and macOS versions of the app. Following responsible disclosure, Telegram addressed them in a series of patches on September 30 from The Hacker News https://ift.tt/3u5qMdt via IFTTT

SolarWinds hack was 'largest and most sophisticated attack' ever: MSFT president 431 by andrewinardeer | 229 comments on Hacker News.

Ask HN: What are the best websites that the Anglosphere doesn't know about? 419 by remolacha | 214 comments on Hacker News. What unique or high-quality content only exists outside the English-speaking web? Is there a Chinese equivalent to Hacker News? A Hindi StackOverflow? I would love to broaden my horizons :)

Show HN: Khan-dl – Khan Academy Course Downloader 445 by rand_net | 160 comments on Hacker News.

US raises ‘deep concerns’ over WHO report on Covid’s Wuhan origins 487 by lazycrazyowl | 612 comments on Hacker News.

Our brutal science system almost cost us a pioneer of mRNA vaccines 550 by dsr12 | 281 comments on Hacker News.

Calvin and Hobbes Search Engine 467 by bookofjoe | 162 comments on Hacker News.

Apple's upcoming iOS 14.5 update will come with a new feature that will redirect all fraudulent website checks through its own proxy servers as a workaround to preserve user privacy and prevent leaking IP addresses to Google. A built-in security-focused feature in the Safari browser, "Fraudulent Website Warning," alerts users about dangerous websites that have been reported as deceptive, from The Hacker News https://ift.tt/3qoXMuW via IFTTT

Statement on New York Times Article 545 by jger15 | 222 comments on Hacker News.

50 Years Ago, Sugar Industry Quietly Paid Scientists to Blame Fat (2016) 500 by mgh2 | 333 comments on Hacker News.

Shitbowl: The algorithmically powered in-home physical caching platform 489 by fallingfrog | 180 comments on Hacker News.

Swift for TensorFlow Shuts Down 484 by high_derivative | 395 comments on Hacker News.

Kubernetes Failure Stories 529 by jakozaur | 182 comments on Hacker News.

Uncovering a 24-year-old bug in the Linux Kernel 480 by greenonion | 40 comments on Hacker News.

Russian Dutch-domiciled search engine, ride-hailing and  email service provider Yandex on Friday disclosed a data breach that compromised 4,887 email accounts of its users. The company blamed the incident on an unnamed employee who had been providing unauthorized access to the users' mailboxes for personal gain. "The employee was one of three system administrators with the necessary access from The Hacker News https://ift.tt/3tTwdw7 via IFTTT

Chick Corea has died 661 by rock_artist | 170 comments on Hacker News.

“I saw that you spun up an Ubuntu image in Azure” 622 by fireball_blaze | 265 comments on Hacker News.

Popular messaging app Telegram fixed a privacy-defeating bug in its macOS app that made it possible to access self-destructing audio and video messages long after they disappeared from secret chats. The vulnerability was discovered by security researcher Dhiraj Mishra in version 7.3 of the app, who disclosed his findings to Telegram on December 26, 2020. The issue has since been resolved in  from The Hacker News https://ift.tt/3piprMS via IFTTT

Why I Built Litestream 540 by benbjohnson | 144 comments on Hacker News.

America's 1% Has Taken $50T From the Bottom 90% 786 by paulpauper | 747 comments on Hacker News.

MasterCard to open up network to cryptocurrencies 853 by ArtTimeInvestor | 759 comments on Hacker News.

Dyson air purifier outperformed by cheap DIY box fan filter in Marketplace test 652 by walterbell | 501 comments on Hacker News.

Beej's Guide to Network Programming (1994-2020) 880 by ColinWright | 150 comments on Hacker News.

Samsung Foundry: New $17B Fab in the USA by Late 2023 616 by manojkr | 358 comments on Hacker News.

Viral 'I'm not a cat' filter is decades-old software 532 by beermonster | 284 comments on Hacker News.

CS193p: Developing Apps for iOS 685 by rangoon626 | 161 comments on Hacker News.

Two new Android surveillanceware families have been found to target military, nuclear, and election entities in Pakistan and Kashmir as part of a pro-India, state-sponsored hacking campaign. Dubbed Hornbill and Sunbird, the malware impersonates legitimate or seemingly innocuous services to cover its tracks, only to stealthily collect SMS, encrypted messaging app content, and geolocation, among from The Hacker News https://ift.tt/3aSjgKs via IFTTT

Ten people belonging to a criminal network have been arrested in connection with a series of SIM-swapping attacks that resulted in the theft of more than $100 million by hijacking the mobile phone accounts of high-profile individuals in the U.S. The Europol-coordinated year-long investigation was jointly conducted by law enforcement authorities from the U.K., U.S., Belgium, Malta, and Canada. " from The Hacker News https://ift.tt/3q6VnFc via IFTTT