This article is not intended to give advice about which first language to choose or which language you should learn. I prepared this article to show my personal view on Ruby. I want to emphasize that language choice is personal, so this article is based solely on my personal experiences. You will just read what…
Tag: Security
ExCobalt Targets Russian Industries with New GoRed Backdoor
A new cyber threat has emerged against Russian industries with the ExCobalt cybercrime gang using a newly identified Golang-based backdoor, GoRed, to infiltrate critical sectors. Positive Technologies researchers Vladislav Lunin and Alexander Badayev revealed these findings in a recent report, highlighting ExCobalt’s increasing sophistication and persistence. Origins and Evolution of ExCobalt “ExCobalt, believed to include…
Anytype Note App: A Secure Note-Taking Solution
Anytype is a note-taking and productivity app that sets itself apart with an unwavering focus on security and user privacy. Unlike many cloud-based alternatives, Anytype ensures that your data remains entirely within your control, offering an unparalleled level of data protection. This article explores the key features of Anytype, with an emphasis on its robust…
Microsoft Delays Recall Feature for Copilot+ PCs Due to Privacy Concerns
Microsoft has recently announced a delay in the release of the Recall (preview) feature for their new Copilot+ PCs, citing privacy concerns and the need for additional user feedback as the primary reasons for this postponement. Originally scheduled for a broader preview on June 18, 2024, however, the feature will now undergo testing first through…
24 Vulnerabilities Found in Chinese Biometric Access Systems
In a recent security assessment conducted by Kaspersky experts, significant vulnerabilities were identified in the biometric readers produced by ZKTeco. These devices, widely used in high-security sectors such as nuclear plants, hospitals, and offices, support advanced authentication methods including facial recognition and QR-code scanning. According to Kaspersky, these vulnerabilities pose a serious risk, potentially allowing…
Black Basta May Have Taken Advantage of Windows Zero-Day Vulnerability
Recent investigations by Symantec suggest that threat actors associated with the Black Basta ransomware may have capitalized on a newly disclosed zero-day vulnerability in the Microsoft Windows Error Reporting Service. The flaw, identified as CVE-2024-26169 with a CVSS score of 7.8, facilitated privilege escalation, potentially granting attackers system privileges. Although the vulnerability was patched by…
New York Times Source Code Leaked
In a significant cybersecurity incident, a 4chan user has leaked approximately 270GB of internal data from The New York Times, which purportedly includes vast amounts of source code and other web assets. The anonymous user claimed that the leaked data encompasses nearly 5,000 repositories and around 3.6 million files, including blueprints for projects like Wordle,…
Essential Tips for Writing Secure Code
This article aims to provide tips for writing secure code in Golang. However, these tips are applicable to other programming languages as well. I Don’t Care if My Code is Secure or Not, It Works! Don’t think like this. It’s important to protect your code from attackers. Sometimes writing secure code can be overwhelming but…
Netflix Bug Bounty Program Surpasses $1 Million in Payouts
Since the launch of its bug bounty program in 2016, Netflix has paid out more than $1 million for vulnerabilities discovered in its systems and products. The streaming giant announced on Tuesday that over 5,600 researchers have contributed to the program, submitting nearly 8,000 unique vulnerability reports. Rewards have been distributed for 845 vulnerabilities, with…
Kimsuky APT Deploys Linux Backdoor ‘Gomir’ in Cyber Attacks Targeting South Korea
The Kimsuky APT group, also known as Springtail and linked to North Korea’s Reconnaissance General Bureau (RGB), has launched a new attack against South Korean organizations using a Linux variant of its GoBear backdoor. The Symantec Threat Hunter Team from Broadcom reported that this backdoor, named Gomir, shares significant code similarities with GoBear. OS-dependent features…