CodeIsGo.com

Malware often requires full administrative privileges on a machine to perform more impactful actions such as adding an antivirus exclusion, encrypting secured files, or injecting code into interesting system processes. By @sbousseaden.

Even if the targeted user has administrative privileges, the prevalence of User Account Control (UAC) means that the malicious application will often default to Medium Integrity, preventing write access to resources with higher integrity levels. To bypass this restriction, an attacker will need a way to elevate integrity level silently and with no user interaction (no UAC prompt). This technique is known as a User Account Control bypass and relies on a variety of primitives and conditions, the majority of which are based on piggybacking elevated Windows features.

The article then makes a good job explaining:

• UAC Bypass methods
• Registry Key manipulation
• DLL hijack
• Elevated COM interface
• Token security attributes
• Most common UAC bypasses

Designing detections by focusing on key building blocks of an offensive technique is much more cost-effective than trying to cover the endless variety of implementations and potential evasion tunings. In this post, we covered the main methods used for UAC bypass and how to detect them as well as how enriching process execution events with token security attributes enabled us to create a broader detection logic that may match unknown bypasses. In the article you will also find links to further reading. Good one!

Platform9 announced the results of its research, revealing that 91% of survey respondents cite security, consistent management across environments, high availability, and observability as their top concerns for operating cloud-native technologies. By @helpnetsecurity.

The research also found that despite fast growing public-cloud deployments, 67% of cloud deployments are distributed, spread out across on-premises, hybrid, and edge clouds.

The state of cloud-native technologies adoption based on the results:

• Kubernetes dominates container management: App containerization is accelerating, with 53% of respondents planning to containerize their current applications. Nearly 85% of respondents are using Kubernetes or have plans to deploy it in the next six months.
• Cloud-native hiring continues to be a priority: DevOps, cloud platform engineering, cloud-native developers, and security are the top hiring investments for 2022.
• Executives across the board are looking for practical solutions to reduce vendor lock-in: While 61% of respondents have high or moderate concern about vendor lock-in, 71% of advanced users with larger deployments are even more concerned than early users. Additionally, managers, executives, and architects show higher level of concerns than engineers (65%). Plans for multiple cloud deployment lead as the number one action to address cloud lock-in, followed by using open-source services (#2) and writing portable apps (#3).
• While security and operations concerned 91% of respondents, executives were more concerned about cost optimization, data management, and high availability while practitioner’s challenges were more around day-2 operations such as upgrades, consistent management, observability, and troubleshooting.

The report, which surveyed over 500 technology executives and practitioners, details how enterprises are adopting cloud-native technologies, provides insight into 2022 technology investment priorities, and identifies top concerns to help business leaders and enterprises determine how best to navigate and accelerate their cloud-native initiatives for the rest of the year. Nice one!

The increasing popularity of DevOps software development methodologies has led to shorter and more agile life cycles, in which software is released and deployed in minutes or hours rather than the days, weeks, or even months required under traditional practices. However, many development teams still experience delays in getting releases into production due to the security considerations that are traditionally brought to bear at the end of the life cycle. To address this, organizations are more and more frequently adopting a DevSecOps approach. By Katrina Novakovic, Chris Jenkins.

The article then reads about:

• What is DevSecOps?
• Why should developers care about DevSecOps?
• How can you get started with DevSecOps?
• How can DevSecOps help with regulatory compliance?
• DevSecOps: Security + agility

DevSecOps is all about automating and integrating security within all phases of the software development life cycle to produce more secure code more quickly and easily. Getting started requires that you change your mindset and organizational culture to collaborate and share responsibility for producing secure and compliant code, using tools and processes to implement security checks into CI/CD pipelines, and implementing automated security compliance audits and controls to comply with regulations. There is much more to DevSecOps, and you can explore it further as you build upon the foundation of these initial recommendations. Good read!

In this article, you will learn how to configure distributed tracing for your service mesh with Istio and Quarkus. For test purposes, we will build and run Quarkus microservices on Kubernetes. The communication between them is going to be managed by Istio. Istio service mesh uses Jaeger as a distributed tracing system. By Piotr Minkowski.

Istio generates distributed trace spans for each managed service. It means that every request sent inside the Istio will have the following HTTP headers:

Source: https://piotrminkowski.com/2022/01/31/distributed-tracing-with-istio-quarkus-and-jaeger/

The article then provides good explanation of the following:

• Service mesh architecture
• Distributed tracing with Istio
• Create microservices with Quarkus
• Run Quarkus applications on Kubernetes
• Traffic management with Istio
• Testing Istio tracing with Quarkus

If you would like to try it by yourself, you may always take a look at my source code. In order to do that you need to clone author’s GitHub repository. Excellent!

Speaking about any ecosystem, we speak about a complex system of interconnected components and the environment in which they exist and with which they interact. We can use the term IoT ecosystem instead of IoT system because IoT devices have no value without the environment they exist in. By @sumatosoft.

The article main parts are:

• 7 Components of an IoT Ecosystem Chart
  • IoT devices
  • Security
  • Network
  • Gateway
  • The Cloud
  • Application
  • Users

‍IoT devices are the layer of sensors, actuators, and smart objects that gather information about the environment and measure physical parameters. It’s a rare case when the Internet of Things ecosystem features only one type of sensor or actuator. There are numerous types of sensors where every type has its sub-categories of sensors. By reading this article you will get a basic understanding of each part of IoT ecosystem. Nice one!

I have been using Postman for a long time to test API requests from my local machine. I started to investigate during one project what kind of automated integration test possibilities could Postman offer. Actually it offered very nice features what I haven’t used before. Best finding was possibility to integrate everything very easily to Azure DevOps pipelines. By Kalle Marjokorpi.

The article then quickly explains:

• How to configure Postman API requests?
  • Set Postman environment variables
  • Create a collection for your requests
  • Shared pre-request scripts in collection level
  • Test requests
• Configure tests to be executed in Azure DevOps
  • Export test requests and environment variables
  • Remove Client Secret from environment JSON configuration
  • Create YAML template

Postman provides an easy and powerful way to create automated integration tests which can be executed in Azure DevOps. Author considered it really nice that you could write Postman test scripts with javascript. Test object model is easy to learn and there is a lot of good documentation available. At least for a simple integration cases this is a very good tool. Sharing test scripts between tests is difficult and one reason why you should consider other frameworks for very complex test cases. Yo u will also find links to further reading in this article. Good job!

Learn how HashiCorp Vault can help secure data in Microsoft SQL Server using a defense-in-depth encryption strategy. By Narayan Iyengar.

Data should be protected both at rest and while in transit. In-transit data protection is usually accomplished by establishing a mutual TLS channel between the two parties before data is transmitted. Protecting data at rest is also important, as database files and backups may be stolen or leaked. If data at rest is encrypted, it cannot be used without having access to decryption keys. This blog post will cover how HashiCorp Vault can help extend data protection for data at rest, specifically data that resides in your Microsoft SQL servers.

The article deals with:

• What is transparent data encryption?
• Why enable TDE?
• Vault MS SQL TDE extensible key management (EKM) module

As highlighted above, protecting data at rest is a critical part of employing a defense-in-depth posture. Data at rest is protected by encrypting the data by using data encryption keys (DEKs). But working with encrypted data requires that the user or the application be aware that the data is protected by a DEK and that it must be decrypted using the correct DEK. This means that the application needs access to the encryption key (or knows how to get access to the encryption key). Good read!

In this article, Noam Rosenthal dives deep into a few technical features that are common across frameworks, and explains how some of the different frameworks implement them and what they cost. By Noam Rosenthal.

I was interested to see what are the commonalities and differences between the frameworks, what the web platform has to offer as a leaner alternative, and whether it’s sufficient. My objective is not to bash frameworks, but rather to understand the costs and benefits, to determine whether an alternative exists, and to see whether we can learn from it, even if we do decide to use a framework.

The article the dives on:

• The frameworks (React, SolidJS, Svelte, Lit)
• What frameworks solve
  • Declarative programming
  • Data binding
  • Reactivity
  • Logic
  • Component model
• The cost
  • Bundle size
  • Build
  • Debugging
  • Upgrades

In the article author dived a bit deeper into understanding the core problems frameworks try to solve and how they go about solving them, focusing on data-binding, reactivity, conditionals and lists. We also looked at the cost. Good read!

Learn how to internationalize Angular apps step by step with the help of ngx-translate, one of the most popular open-source libraries for i18n. By Ankit.

One of the most popular open-source i18n libraries, ngx-translate, lets you define translations for your app and switch between them dynamically. You can either use a service, directive, or pipe to handle the translated content. In this Angular 13 tutorial, we will learn how to use them all with the help of a small demo app.

For demonstration purposes, we will create a sample feedback form for Phrase, the most reliable software localization platform on the market, and launch our demo app in two different languages – English and German.

The article is very detailed and captures:

• Why use ngx-translate instead of Angular i18n?
• Configuring ngx-translate for an Angular app
• Updating the AppModule
• Creating a nav-bar component
• Creating a model
• Creating translation files
• Using the translate pipe
• Using the translate directive
• Dynamic translation keys
• Exploring TranslateService
• Creating a Feedback Component

… and much more. There are Angular code examples with good explanation. Nice one!

Ray is an open-source project first developed at RISELab that makes it simple to scale any compute-intensive Python workload. With a rich set of libraries and integrations built on a flexible distributed execution framework, Ray brings new use cases and simplifies the development of custom distributed Python functions that would normally be complicated to create. By Stephen Offer.

The article then makes a good job explaining the following:

• Why need another distributed framework on top of Spark?
• A simple introduction to Ray architecture
• Starting Ray on a Databricks cluster
• Distributing Python UDFs
• Reinforcement learning

Applications of reinforcement learning broadly consist of scenarios wherever a simulation is able to run, a cost function can be established, and the problem is complicated enough that hard-set logical rules or simpler heuristical models cannot be applied. The most famous cases of reinforcement learning are typically research-orientated with an emphasis on game-play such as AlphaGo, super-human level Atari agents, or simulated autonomous driving, but there are many real-world business use cases. Examples of recent applications are robotic manipulation control for factories, power consumption optimization, and even marketing and advertising recommendations. Good one!