Alleged source code of penetration testing software Cobalt Strike published on GitHub

source:-https://siliconangle.com Source code allegedly belonging to commercial penetration testing software Cobalt Strike has been published on GitHub, potentially providing a new path for hackers to attack companies. Penetration testing, usually abbreviated as pen testing, has legitimate uses as a security tool to test security but can also be used by bad actors to attack a company. Ethical pen testing involves simulated attacks on a computer system to evaluate the security of the given system. In the hands of hackers, the

Read more

Microsoft to Require Token-Based Authentication on GitHub and Visual Studio

Source:-https://www.programmableweb.com Microsoft has announced that in an effort to provide increased security GitHub and Visual Studio users will no longer be able to use account passwords for API authentication. Beginning on November 13th, 2020, the company will require token-based authentication for all interactions that require authentication. As a result of these changes, Microsoft noted that Git credential helpers will no longer be able to create new access tokens or help authenticate users for GitHub operations by using username and password.

Read more

Google Updates Editor for Cloud Shell, Alternative to .NET-Centric GitHub Codespaces

Source:-https://visualstudiomagazine.com Google updated its Cloud Shell online development and operations environment that has been characterized as an alternative to GiHub Codespaces, which also provides cloud-hosted dev environments with a focus on Visual Studio and Visual Studio Code developers. Google’s update sees a new Cloud Shell Editor now available as a preview offering as part of Cloud Shell, which Google says helps developers manage infrastructure and create applications from any browser. In that scheme, the online Cloud Shell Editor is used

Read more

Open Source Software Website Market 2020-2028 latest trends and opportunities with GitHub, Microsoft, Bitbucket, Phabricator, Assembla

Source:-https://www.globalanalyticsmarket.com Open-source software (OSS) is any computer software that’s distributed with its source code available for modification. That means it usually includes a license for programmers to change the software in any way they choose: They can fix bugs, improve functions, or adapt the software to suit their own needs. A new report titled “Open Source Software Website Market” has been announced by Report Consultant. The analyst also focuses on economic and environmental factors, which impacts on the growth of

Read more

GitHub Actions platform vulnerable to code injection attacks – research

Source:-https://portswigger.net A design flaw in Actions, GitHub’s workflow management platform, can give hackers write access to repositories and reveal encrypted secrets, Google Project Zero researcher Felix Wilhelm has reported. An attacker can exploit set-env, one of the commands supported by GitHub Actions, to dump NodeJS commands to the shell output, which are then processed and run by Actions’ runner process. “As the runner process parses every line printed to STDOUT looking for workflow commands, every GitHub action that prints untrusted

Read more

German Startup’s “AI Expert Roadmap” Gets 3.5k GitHub Stars

Source:-https://syncedreview.com A new AI Expert Roadmap developed by German software company AMAI is garnering keen interest from aspiring AI professionals around the world. The project presents a series of clear and easy-to-follow charts “demonstrating the paths that you can take and the technologies that you would want to adopt in order to become a data scientist, machine learning or AI expert.” AI’s ever-expanding role in our everyday lives has more and more people and enterprises seeking efficient ways to learn

Read more

Microsoft Threatens to Ban GitHub Users Reposting YouTube-DL Code

Source:-https://winbuzzer.com Back last week, Microsoft caught some concerned looks when the company’s GitHub code repository removed code for the YouTube-DL video download tool. As we previously reported, there was plenty of backlash, including many users on GitHub reposting the code. Microsoft now says it is taking further action and will ban any user reposting the YouTube-DL tool. In a note on GitHub, Microsoft says the following: Illegal or Not? If you’re unfamiliar with YouTube-DL, it is a tool for internet

Read more

Google to GitHub: Time’s up – this unfixed ‘high-severity’ security bug affects developers

Source:-https://www.zdnet.com Google Project Zero, the Google security team that finds bugs in all popular software, has disclosed what it classes a high-severity flaw on GitHub after the code-hosting site asked for a double extension on the normal 90-day disclosure deadline. The bug in GitHub’s Actions feature – a developer workflow automation tool – has become one of the rare vulnerabilities that wasn’t properly fixed before Google Project Zero’s (GPZ) standard 90-day deadline expired. Over 95.8% of flaws are fixed within

Read more

How GitHub Got MLOps Right

Source:-https://analyticsindiamag.com After productive and informative Day 1, ADasSci’s Deep Learning Developers Conference is live again. Day 2 of DLDC2020 too, had an interesting lineup of speakers along with a full-day workshop on deep learning with Keras. In an hour-long talk, speakers Pulkit Agarwal and Vinod Joshi of Github discussed the various challenges of setting up an ML pipeline. Pulkit, who is part of the product team at Github, began by defining what MLOps is really about and what makes it

Read more

What GitHub Pays Senior Software Engineers vs. Google, Microsoft

Source:-https://insights.dice.com If you build or maintain software, you’re familiar with GitHub. Millions of developers rely on the massive code repository for everything from source code management to version control and team collaboration. But what’s it like to work there? Specifically, how much do GitHub’s engineers earn in exchange for smoothly maintaining the world’s largest host of source code? For an answer, we can turn to levels.fyi, which crowdsources data about software engineer compensation at some of the world’s most prominent

Read more

Applitools announces integrations with GitHub Actions and Microsoft Visual Studio App Center

Source:-https://devops.com SAN MATEO, Calif., — October 27, 2020 — Applitools provider of a test automation platform powered by Visual AI and Ultrafast Grid, announces integrations with GitHub, GitHub Actions, and the Microsoft Visual Studio App Center. The integrations allow developers to seamlessly add Visual AI-powered testing to every build and pull request (PR), resulting in greater UI version control and improved developer workflows. In addition to the testing process improvements, the integrations enable developers to easily and quickly correlate code

Read more

Why are banks suddenly so into open source software?

Source:-https://news.efinancialcareers.com Investment banks and hedge funds are normally very secretive organisations, carefully guarding the proprietary data that they view as key competitive advantages. Try and plug your USB stick into a work laptop, or email an attachment to your home email address, and it won’t be long before a team of compliance, tech and HR people are standing around your desk (or nowadays in a zoom call). You’re expected to keep secrets even after leaving. Non-disclosure agreements are par for

Read more

Programming Software Market is Rapid Growing with COVID-19

Source:-https://rejerusalem.com Programming Software Market describes an in-depth evaluation and professional study on the present and future state of the Programming Software market across the globe, including valuable facts and figures. Programming SoftwareMarket provides information regarding the emerging opportunities in the market and the market drivers, trends, upcoming technologies that will boost these growth trends. The report includes the latest coverage of the impact of COVID-19 analysis on the Programming Software Market. The incidence has affected nearly every aspect of the

Read more

GitHub spruces up mobile platform as devs leave their desks behind

Source:-https://bizedge.co.nz GitHub has spruced its GitHub for mobile platform with new features that it hopes will make code review easier and faster for developers. The improvements include an overhaul of the code review experience, including the ability to toggle line wrapping on and off – this something that the community demanded. Another improvement relates to the way code commits appear to others. Users can change an email associate with every merge, and they can also edit the commit description. Finally,

Read more

GitHub’s code vulnerability scanning tool now generally available

Source:-https://itbrief.com.au GitHub has recently rolled out code scanning to help developers detect and prevent vulnerabilities from popping up in their open source and enterprise code. Code scanning, which was released from beta to general availability in early October, aims to automate security directly into the developer workflow, furthering ‘security by design’ approach to applications and coding. GitHub adds that more than half of breaches are caused by vulnerabilities in application code – and many of these vulnerabilities are recurring patterns.

Read more

New Accurics App Gives GitHub Users New Code Scanning Feature

Source:-https://adtmag.com Cloud security provider Accurics this week announced a new GitHub application designed to further automate the programmatic enforcement of security policies throughout the software development workflow. The Accurics platform and the Terrascan tool for detecting compliance and security violations across Infrastructure as Code (IaC) have both been accessible through GitHub Actions for a while. Terrascan is accessible through the popular Super-Linter action. The Accurics platform is available through the company’s own action. The new GitHub App adds an option

Read more

Aqua’s Trivy Now Available as a GitHub Action

Source:-https://securityboulevard.com BOSTON – October 7, 2020 – Aqua Security, the pure-play cloud native security leader, announced today that Aqua’s open source Trivy vulnerability scanner is now available as an Aqua Security Trivy GitHub Action. The action integrates with GitHub code scanning so developers can build container image scanning into their GitHub Actions workflow to find and eliminate vulnerabilities before they reach production. “Code scanning was purpose-built with extensibility in mind,” said John Leon, VP of Business Development at GitHub. “We

Read more

Code Review Automation Service Sider, Now Compatible with GitLab

Source:-newkerala TOKYO: Sleeek Corporation (here after Sleeek), a global provider of solutions to improve productivity in software development, announced on August 18 that its automated code review service Sider, is now compatible with GitLab through Sider Enterprise for GitLab.  In addition, the programming languages supported by Sider have been expanded to include Python, C/C++, and C#. As a result, it can be used not only for web-based development but also in the manufacturing industry, embedded software development, application development for

Read more

Microsoft will train 25 million people with digital skills

Source:-thebulletintime Microsoft announced the launch of a global initiative – together with LinkedIn and GitHub–– that aims to train 25 million people around the world with digital skills to help them get a job. The COVID-19 pandemic has severely impacted the world economy, and according to estimates by Microsoft, 250 million people worldwide will be unemployed in 2020. In the United States alone, the Congressional Budget Office estimates that the unemployment rate in the country will rise from 9.3 in

Read more

Black Hat 2020: xGitGuard uses AI to detect inadvertently exposed data on GitHub

Source:-portswigger.net GitHub is often praised for offering a platform for developers to share their open source code and tools that they develop. However, some developers often unknowingly, or inadvertently, neglect to remove sensitive information such as API tokens and user credentials from their code prior to posting it on GitHub. Mistakes of this kind can expose an organization’s internal secrets and tokens to harvesting and potential misuse. Security researchers at Comcast have developed a tool that detects organizations’ secrets and

Read more
1 2 3 4 5 8