SEARCH KEYWORD -- NAMED RETURN


  13 Hours of Crisis: Tracking a GitHub Poisoning Incident

Incident Overview Since 6 PM Beijing Time on December 4, 2024, “ghost repositories” have been appearing on GitHub. These repositories contain no code but include deceptive virus files. That same day, they became the fastest-growing repositories on GitHub in terms of stars. Over 180 fake zombie accounts were spreading the virus, waiting for victims to fall into their trap. A Chinese developer—myself—took notice of all this. After days of probing and searching, I identified...

   GITHUB,POISON,SIMPLEBOT,CHINA     2024-12-06 22:14:25

  Go 1.16 is released

Note: The post is authorized by original author to republish on our site. Original author is Stefanie Lai who is currently a Spotify engineer and lives in Stockholm, original post is published here. Last week, Go1.16 was released, bringing relatively more changes than version 1.15, which was influenced by the epidemic. The update is in many aspects, including compilation, deployment, standard library, etc. In the official Go document, all changes are classified based on Too...

   GOLANG,GO1.16,NEW FEATURES     2021-02-26 21:08:42

  When a CA becomes untrustable

Information security has become a vital part of people's life, especially for those people who spend much time online. Tons of data are being transmitted over the internet every second. These data include user ids, passwords, credit card information etc and some of them are sensitive information which needs secure way to transmit. Hence different protocols have been developed including SSL/TLS to encrypt data transmitted over the internet. The core of these security protocols is the certifi...

   APPLE,SECURITY,GOOGLE,MOZILLA,NEWS,WOSIGN     2016-10-01 23:03:44

  Convert number to string in C++

Prior to C++11, there is no built-in function in C++ standard library which can be used to convert numbers such as interger and double number to string.  There are many ways which can convert number to string. Since C++ is C compatible, we can use itoa() function to convert an integer to C style string. But this one can only convert integer to string, not double. For different types of numbers, we need to use different functions. string s = string(itoa(a)); Actually, we can also use strings...

   C++,conversion,number,string     2012-08-14 15:52:48

  A plugin to update last_error in Delayed Job

delayed_job is a process based asynchronous task processing gem which can be ran at background. It will fork the specified number of processes to execute the tasks asynchronously. The task status is usually stored in the database so that it can be easily integrated into a Rails application where asynchronous job execution is desired. Normally when a job fails to execute or error occurs, it would save the error into the database with the column last_error. Ideally all these will be handled b...

   RUBY,RUBY ON RAILS,DELAYED JOB,LAST_ERROR     2017-11-18 13:05:49

  3 meanings of Stack

We may frequently see stack when we read programming books. But many times we may be confused about the different meanings of it. This term actually has three common meanings. Here we explain the three different meanings of Stack in programming. 1. Data structure The first meaning of Stack defines a method for storing data. Its feature is LIFO9Last In First Out). In this data structure, data are accumulated level by level. The data last put in is added at the top of the stack. When using the dat...

   Stack,Memory,Data structure     2014-02-24 04:56:46

  What is pjax and why we should use it?

What is pjax? Now many websites such as Facebook, Twitter support one browsing style which is when you click one link on their sites, the page will not be redirected, instead only the page contents are updated and URL on address bar is changed. This kind of user experience is much better compared to load the whole page with a blink. There is one important component in the above browsing experience, these websites' AJAX refresh support browser history, when refreshing the page, the address on the...

   pjax,AJAX,history     2013-04-23 12:22:37

  IoT System Cyber Attack Case Study 02: Python Deserialization Attack and Library Hijacking Attack

Project Design Purpose: The objective of this cyber attack case study is to develop a workshop that demonstrates how a red team attacker can permanently compromise a people detection radar IoT device. The attack path is achieved through a series of attacks, including traffic eavesdropping, data deserialization attacks, web shell attacks, remote command/code execution, and Python library hijacking attacks. This case study is intended for IoT and data security professional training, aiming to ill...

       2024-07-14 01:40:09

  Speech balloon with pure CSS--One step further

Many of us want to add cool features to our websites to make our websites user friendly ad more attractive. Especially in Web2.0 era. Today we are talking about adding speech balloon feature to our webpage so that we can display beautiful help windows while users mouse over some help icons on our page. First, let me introduce one post written by Umar Ashfaq named "How to create a speech balloon with pure CSS". He also explains how this works. You can also refer Magic CSS shape for more informati...

   Speech balloon, Pure CSS,border     2013-03-16 04:11:58

  9 reasons to use Zsh

Like majority *nix users, I have been using bash for many years. Sometimes I feel uncomfortable with bash. I tried use some other shells as well such as ksh, tcsh and zsh which I am going to talk about. A few days ago, I found an open source project ranking in the 6th named oh-my-zsh on Github, I downloaded it and had a try with it. It's amazing. We should use zsh to replace bash now. Why do we need to use zsh? Here is a 4 minutes YouTube video which shows many reasons why we should switch from ...

   zsh, advantage, command     2012-09-28 12:46:39

RECENT