Month: March 2022

Categories
Featured Guest Post Language Microsoft Tech News Unicorns

TypeScript Team Releases TypeScript v4.6 With New Updates

Typescript team announces the availability of TypeScript 4.6. TypeScript is a language that builds on JavaScript and adds syntax for types. Types help describe what kinds of values you’re working with, giving your code better readability by telling the editor about any mistakes made in it before they become errors! You won’t need to worry much when using this tool because not only does TypeScript check out all possible errors but also gives many excellent features like completions so there’s no excuse not use them anymore.

In their beta version, TypeScript developers missed documenting two great features – control flow analysis for destructured discriminated unions and the addition of es2022 output target. They also made an additional noteworthy change since their beta – removing void 0 arguments in react-jsx mode. All these changes are available in the TypeScript 4.6.

The RC (Release Candidate) team finally captured the community’s suggestions for mismatched JSDoc parameter names, and these changes will be included in this update of TypeScript 4.6.

List of changes in TypeScript 4.6

To start using TypeScript, you can get it through NuGet or use npm with this command:

npm install typescript

References:

  • https://devblogs.microsoft.com/typescript/announcing-typescript-4-6/
  • https://devblogs.microsoft.com/typescript/announcing-typescript-4-6-rc/
Categories
Featured Google Guest Post Tech News Uncategorized Unicorns

Google Introduces Google Forms API: Bringing Programmatic Access For Managing Forms And Acting On Responses

Source: https://developers.googleblog.com/2022/03/introducing-google-forms-api.html

Google Dev team introduces the Google Forms API to join the large family of APIs available to developers under the Workspace Platform. The programmatic access provides powerful integrations, empowering you with your forms and actions on them.

The API enables developers to build automation for acting on incoming responses. For instance, you could create a real-time dashboard or visualization that watches what people are doing in your form and then trigger an email campaign based on their actions.

Some use cases include education automation integrations with learning management systems (LMS), customer management and support by auto-generating surveys/forms based on customer data, and data analysis and visualization with response data.

The Google Forms API has a good set of methods to perform these operations.

Core Methods

  • forms.create – Creates a new form
  • forms.get – Get all information on a form
  • forms.batchUpdate – Perform form updates (add, edit, delete form items)
  • forms.responses.list – List all responses from a form
  • forms.responses.get – Get a single response from a form

Event types

  • Schema – Changes to form content or settings
  • Response – When form responses are submitted

Watch Methods

  • forms.watches.create
  • forms.watches.delete
  • forms.watches.list
  • forms.watches.renew

Some of the portals that are supporting the beta version of Google API Form are Zapier, Portant, Automagical Apps, 

Resources to use Google Forms API:

Reference: https://developers.googleblog.com/2022/03/introducing-google-forms-api.html

Categories
Cyber Security Featured Guest Post Microsoft Security Tech News Uncategorized Unicorns

Gh0stCringe Malware Targets Microsoft SQL, MySQL Servers

Hackers target Microsoft SQL and MySQL database servers to deploy the Gh0stCringe remote access trojans on vulnerable devices. The recent Gh0stCringe (also known as CirenegRAT) variant of Gh0stRAT malware was most recently deployed in 2020 Chinese cyber-espionage operations but dates back to 2018. Security researchers have found that the GhostCringe threat actors are targeting database servers with weak account credentials and no oversight, which could lead to more victims.

As mentioned in the article on bleepingcomputer.com, you can see below, the threat actors are breaching the database servers and using the mysqld.exe, mysqld-nt.exe, and sqlserver.exe processes to write the malicious ‘mcsql.exe’ executable to disk.

https://asec.ahnlab.com/en/32572/

Gh0stCringe was developed based on the source code of publicly released Gh0st RAT. You can see the difference between below:

https://asec.ahnlab.com/en/32572/

Malware can be deployed with specific settings concerning their functions, as detailed below:

  • Self-copy [On/Off]: If turned on, copies itself to a certain path depending on the mode.
  • Mode of execution [Mode]: Can have values of 0, 1, and 2. See below for explanations on the modes.
  • File size change [Size]: In Mode #2, the malware copies itself to the path ‘%ProgramFiles%\Cccogae.exe’, and if there is a set value, it adds junk data of the designated size to the back of the file.
  • Analysis disruption technique [On/Off]: Obtains the PID of its parent process and the explorer.exe process. If it results in a value of 0, terminates itself.
  • Keylogger [On/Off]: If turned on, keylogging thread operates.
  • Rundll32 process termination [On/Off] If turned on, executes ‘taskkill /f /im rundll32.exe’ command to terminate the rundll32 process that is running.
  • Self-copy file property [Attr]: Sets property to read-only, hidden, and system (FILE_ATTRIBUTE_READONLY|FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM).

References:

  • https://asec.ahnlab.com/en/32572/
  • https://www.bleepingcomputer.com/news/security/unsecured-microsoft-sql-mysql-servers-hit-by-gh0stcringe-malware/
Categories
Europe Featured Guest Post Meta Privacy Region Tech News Uncategorized Unicorns

Irish Data Protection Commission Fines Facebook €17m For Breaching EU Data Privacy Laws in 2018

The Irish Data Protection Commission has hit Facebook with a fine of €17m after finding they did not fully comply with GDPR. The decision followed an inquiry by the commission into 12 breach notifications it received in six months period between June and December 2018, examining their compliance with GDPR requirements for personal data processing at different points during this time frame.

The Data Protection Commission found that Meta Platforms failed to put in place adequate technical and organizational measures, which would make it easy for them to demonstrate the security precautions they implemented. This is despite having 12 personal data breaches.

According to The Irish data watchdog, Meta’s platforms had “failed to have in place appropriate technical and organizational measures” in the context of the 12 personal data breaches.

Ireland has a well-established tradition in regulating the tech industry, especially with regard to internet companies that have their European Union headquarters there.

References:

  • https://www.bbc.com/news/articles/cp9yenpgjwzo#
  • https://techcrunch.com/2022/03/15/facebook-2018-breaches-dpc-decision/
  • https://www.rte.ie/news/business/2022/0315/1286598-facebook-fined-by-dpc/
Categories
Featured Language Meta Security Tech News Uncategorized Unicorns

This Open-Source Browser Extension Verifies Code Authenticity on The Web

Source: https://engineering.fb.com/2022/03/10/security/code-verify/

WhatsApp has long protected your messages with end-to-end encryption as they transit from sender to recipient. But now, security-conscious users need to be confident that when WhatsApp Web receives these encrypted messages, it is also protected – in contrast, what happens when people download a mobile app onto their device instead of using the internet through a desktop browser or laptop hotspot, etc. WhatsApp has been on the rise as a popular messaging platform. With more users every day, it’s important for WhatsApp Web to be secure so that your messages are safe from hackers trying in on them. But now, Code Verify is bringing even more security to WhatsApp Web.

Code Verify works in partnership with Cloudflare, an internet infrastructure and security company, to provide independent third-party verification that your code is being served correctly. 

WhatsApp has come up with a way to make its messaging service even more secure. They are now offering it as an open-source so that other companies can use this for themselves and improve on what WhatsApp does best: encryption! 

Source: https://engineering.fb.com/2022/03/10/security/code-verify/

The team at Code Verify is passionate about making the web more secure, and they’ve come up with a way to enhance security by checking resources on the entire webpage. This process relies heavily upon Cloudflare as an independent third party that acts as a trusted source for verifying the integrity of all files being requested from websites across their network.

The Code Verify extension will be available on the official browser extensions stores for Google Chrome, Microsoft Edge, and Mozilla Firefox. The plugin doesn’t log any data or user information – it just checks if there are hints of malware in your WhatsApp web traffic so you can take action before anything happens. You can think of Code Verify as a traffic light for your WhatsApp Web code.

Reference: https://engineering.fb.com/2022/03/10/security/code-verify/

Download Extensions: Chrome | Edge | Firefox 

Categories
Animation Featured Guest Post Tech News Uncategorized VR/AR

This AI-Powered Free Animation Tool Can Help You Create Incredible 3D Animations And Motion Capture Characters

https://plask.ai/

There are many tools to help you with your animation, but if there was one program that could give any beginner the skills needed and deserve mention, it would be Plask. With all of its features like recording videos as well as editing footage – this web-based AI-powered 3D animator has what most professionals need. With Plask, your webcam is your motion capture studio.

Plask is an animation tool that lets you bring your characters to life by using video as input. Simply upload any videos or record motions with the camera directly on Plask, and it will automatically re-target them for use in an editor where keyframes can be adjusted accordingly – all without needing previous experience.

Try Plask For Free: https://plask.ai/

Reference: https://80.lv/articles/plask-a-new-free-tool-for-extracting-3d-motion-from-videos/

Categories
Featured Google Guest Post Java Language Tech News Uncategorized Unicorns

Google Open-Sources The App Engine Standard Java runtime

Source: https://cloud.google.com/appengine/docs/standard/java/javadoc

The introduction of Google App Engine in 2008 opened up a whole new world for developers – one without worrying about infrastructure management or scaling web applications. Java 8, 11 and 17 all run on this platform along with alternative JVM languages like Apache Groovy or Kotlin are also part of it.

But now, Google has finally opened-source the Java Source code for its Google App Engine Standard environment, which includes all of its production runtime features as well as APIs and local SDKs.

In the below picture representation, items in orange are public modules artifacts and items in yellow are internal ones. Modules ending with * are only used on the production server-side:

Source: https://github.com/GoogleCloudPlatform/appengine-java-standard
PackageDescription
com.google.appengine.apiProvides facilities for server lifecycle management, threading and namespaces/multitenancy.
com.google.appengine.api.appidentityProvides a service to sign arbitrary byte arrays using an internally-generated, rotated private key.
com.google.appengine.api.backendsProvides access to long-running, addressable servers.
com.google.appengine.api.blobstoreProvides management and persistent storage of large, immutable byte arrays.
com.google.appengine.api.capabilitiesProvides status information about the services available via the Google App Engine APIs.
com.google.appengine.api.datastoreProvides persistent storage, also accessible via JDO or JPA interfaces.
com.google.appengine.api.filesProvides a service for file storage and access.
com.google.appengine.api.imagesProvides facilities for the creation and manipulation of images.
com.google.appengine.api.logProvides access to request logs and application logs.
com.google.appengine.api.mailProvides a service to send email messages on behalf of administrators or authenticated users, also accessible via a JavaMail interface.
com.google.appengine.api.memcacheProvides fast but unreliable data storage, also accessible via a JCache interface.
com.google.appengine.api.modulesUtility functions for working with modules.
com.google.appengine.api.oauthProvides a method for clients to access server resources on behalf of a resource owner, as well as a process for end-users to authorize third-party access to their server resources without sharing their credentials.
com.google.appengine.api.quotaProvides measurement of API and CPU usage during requests.
com.google.appengine.api.searchProvides a service for indexing documents and retrieving them using search queries.
com.google.appengine.api.search.checkers 
com.google.appengine.api.search.query 
com.google.appengine.api.taskqueueProvides a mechanism to perform work initiated by a user request, outside of that request.
com.google.appengine.api.urlfetchProvides a service to make HTTP/S requests of other servers on the internet.
com.google.appengine.api.usersProvides facilities to check if a user has authenticated, retrieve their email address, and check if they are an administrator for this application.
com.google.appengine.api.utilsProvides common utility classes.
com.google.apphosting.apiProvides access to the ApiProxy, which dispatches API calls to backend services.

Github: https://github.com/GoogleCloudPlatform/appengine-java-standard

References:

  • https://cloud.google.com/appengine/docs/standard/java/javadoc
  • https://cloud.google.com/blog/topics/developers-practitioners/open-sourcing-app-engine-standard-java-runtime
  • https://www.infoq.com/news/2022/03/google-appengine-java/
Categories
Featured Guest Post IoT Privacy Tech News Uncategorized

The TV Network HBO is Being Sued for Sharing Subscriber Data With Facebook

The lawsuit filed on behalf of Angel McDaniel and Constance Simon against HBO has accused the company of violating their privacy by sharing subscriber viewing data with Facebook. The case was brought forth by Bursor & Fisher.

According to an article from Malwarebytes.com, HBO is being accused of sharing customer data with Facebook, which then uses that information to match viewers’ viewing habits. The suit argues this violates the Video Privacy Protection Act (VPPA) – a law passed in 1988 aimed at protecting video privacy rights.

As technology continues to evolve, the VPPA is becoming more relevant than ever. The law protects people’s private video rental records from being exposed online or onto other devices like smart TVs because these types of businesses have fallen out popularity in recent years with advancements that led consumers towards streaming services instead; however there are still cases where individuals’ personal information could be compromised through IoT setups which lead us into an era where everything has been digitized- including your home videos.

The suit claims that HBO partnered with Facebook to retarget their ads and harvest user data without permission. This can be seen in the privacy policy for this company, which states subscribers must agree first before viewing history is used by companies.

You can check the case documents here

Reference: https://blog.malwarebytes.com/privacy-2/2022/03/hbo-sued-for-sharing-subscriber-data-with-facebook/

Categories
Featured Guest Post Language Python Tech News Uncategorized USA

PyTorch Releases PyTorch 1.11, With TorchData, and functorch

Pytorch 1.11 is out! This release includes more than 3,300 commits since version 1.10 and 434 contributors- including PyTorch developers who worked tirelessly to make this happen. Alongside the new features are beta versions of TorchData and functorch.

The TorchData library provides easy-to-use, high performance data loading primitives so you can build your own flexible and efficient pipelines.

functorch is a new library that brings compositionally useful function transforms to Pytorch. It’s currently in beta and is heavily inspired by Google JAX

Distributed Data Parrallel (DDP) static graph optimizations are available in a stable release.

Github: https://github.com/pytorch/pytorch/releases/tag/v1.11.0

Reference: https://pytorch.org/blog/pytorch-1.11-released/

Check out the documentation and tutorials

Categories
Europe Featured Gaming Guest Post Metaverse Region Tech News Uncategorized VR/AR

3DFLOW Releases 3DF Zephyr 6.5

Source: https://www.3dflow.net/3df-zephyr-6-5-is-out-now/

The latest update for 3DF Zephyr is out, and it’s an integration with Unity! Now you can use ArtEngine inside 3DF Zephyr.

3df zephyr 6.5 allows users to work more efficiently by integrating Unity’s material authoring tool, ‘ArtEngine’. The update also includes several other features including camera animations system which was previously unavailable in previous versions of 3d flow.

The new update to Zephyr 6.5 includes Orthophoto Editor, which lets you edit and improve regions of orthophotos that require recomputation.

With the new animation options and vertical structure presets, Zephyr 6.5 is a great update for 3DF Zephyr’s Structure From Motion system.

There are other improvements too, like the option to export scans in USD format for use in VFX or game development pipelines. Plus new tagging system.

3DF Zephyr 6.500 changelog

+ Structure from motion robustness and accuracy improvements
+ New vertical structure preset
+ Faster modular save
+ Faster edge filtering with photoconsistency
+ Improved texturing
Unity artengine integration
+ Orthophoto editor
+ Improved elevation profile interface
+ Improved drawing elements interface
+ Improved LoD mesh export
+ Spot height map tool
+ Video animator wizard
+ Improved multi-tile DEM viewer
+ Improved photo management and tags
+ Improved unit of measurements management
+ USD file format export support
+ LoD tiff orthophoto
+ Improved bounding box gizmo
+ Improved masking integration in Zephyr
+ Improved picking on textured meshes
+ Improved screenshot
+ Marker print center for picking clarity
+ Minor fixes

References: https://80.lv/articles/3df-zephyr-6-5-released/

Tool: https://www.3dflow.net/3df-zephyr-6-5-is-out-now/