Reviewing code changes is an underappreciated art. It is part of most software engineers’ daily routine, but as an industry we do little towards developing it as a skill, even though it contributes directly to the quality of the software we produce.

In C++, a queue is a list data structure where the first element to be put in the list is the first element to be removed, when removal is to take place. A priority queue in C++ is similar, but has some ordering; it is the element with the greatest value that is removed first. The priority queue can still be configured so that it is the element with the least value that is removed first. Any queue must have at least the push() function and the pop() function. The push() function adds a new element at the back. For the normal queue, the pop() function removes the first element ever pushed in. For the priority queue, the pop() function removes the element with the highest priority, which could be the biggest or smallest, depending on the ordering scheme.

Parasoft announced its C/C++test update to support IAR Systems‘ build tools for Linux for Arm. IAR Build Tools for Linux inspired the update of Parasoft’s unified testing solution for C/C++test software development. With these tools combined, software developers gain the ability to configure fast and scalable CI/CD pipelines on Linux servers and automate the testing process.

CI/CD tools like Jenkins and Spinnaker add value to application delivery pipelines. And while they share some functionality, they also have plenty of differences. Before diving into each tool and how they compare, it is important to grasp the various stages involved in delivering an application. Below are some of the practices that organizations employ to build and deploy applications.

Fez is the tool used for uploading your dists to the zef ecosystem.  Subquestion: why the name fez?  Surely it does the opposite of zef and should be named as such.

fez is a utility for interacting with the zef ecosystem.  you can think of it as the opposite of zef. zef downloads distributions and installs them and fez uploads making them available to zef.

That data was stolen became typical in ransomware attacks in the second half of 2020. S0-called “double-tap” ransomware has come to the fore, with ransomware gangs no longer content with simply trying to extort companies and organizations by encrypting their files. They’re also stealing data and threatening to publish the stolen data if the ransom isn’t paid.

On Christmas Eve, the Scottish Environment Protection Agency confirmed that it was responding to a significant cyber-attack affecting its contact centre, internal systems, processes and internal communications. We are continuing to respond to the ongoing ransomware attack likely to be by international serious and organised cyber-crime groups. The matter is subject to a live criminal investigation and the duty of confidence is embedded in law.

Critical services like flood forecasting are unaffected but entire systems will have to be rebuilt and it's unlikely the 1,300 workers will be able to get access to their old emails and online files.

Raindrop “was used against a select number of victims that were of interest to the attackers,” according to a blog post by a team headed by Eric Chien, the technical director at Symantec, which is a unit of Broadcom Inc.

A reader pointed us to a malicious Word document.

DHS nominee Alejandro Mayorkas and DNI nominee Avril Haines each pointed to the specific need to secure the federal government against cyber threats following the recently discovered Russian hack of IT group SolarWinds, which compromised many key federal agencies and potentially thousands of businesses.

Security vendor Malwarebytes was also hit by the same actor that was implicated in the attacks using SolarWinds Orion network management software, but says the attack vector was not the software.

Cyber security firm FireEye has released new guidance for those who have been compromised by the SolarWinds attackers to harden their environments and remediate areas where attacks are feared.

Delhi Police's cybercrime cell will investigate a complaint received from senior TV journalist Nidhi Razdan who has said she was a victim of a phishing scam in which she was given a fraudulent offer of a position of Associate Professor at the Harvard University.

Razdan filed the complaint with the Delhi Police on Monday regarding commission of cognisable offences including forgery, cheating, identity fraud and impersonation by unknown accused against her. Earlier, she had filed a similar complaint with the Jammu and Kashmir Police on 16 January when she was in Srinagar.

The Cisco Talos Intelligence Group has lost one of its better researchers, with Paul Rascagnères moving over to join Kaspersky's Global Threat Research unit this year.

Ransomware continued on its merry ways in the US public sector in 2020, with 2354 attacks on government, healthcare facilities and schools. The attacks have been only on systems running Microsoft's Windows operating system.

The domination of the open-source WireGuard secure VPN tunnel not only on Linux systems but BSDs too... WireGuard is now available on pfSense, the FreeBSD-based firewall/router focused software platform.  Netgate announced today that WireGuard is now available for pfSense. Following FreeBSD mainlining WireGuard support at the end of November, initial support for WireGuard has been brought to pfSense Community Edition 2.5 snapshots. 

While 2021 may be the year that some desktop Linux distributions begin using PipeWire by default as the next-generation replacement to the likes of PulseAudio and JACK, for upstream PulseAudio this week it's finally seeing better/restored support for FreeBSD. PulseAudio has merged a set of patches long available via FreeBSD Ports and the like to improve the BSD audio experience. 

The researchers have spotted an ongoing attack campaign exploiting recently-discovered vulnerabilities in Linux systems to create a botnet, a collection of machines infected with malware that can be controlled remotely. The attacks involve a new malware variant called 'FreakOut', capable of conducting port scanning, information gathering, network sniffing, DDoS and flooding.

We have always worked to support the information security community as a whole, and over the years experimented with different ideas (some with a greater success than others). One of the key components to Kali is the tools included (either pre-installed or installed via apt). Joining together Infosec professional/hobbyist and tool authors, today we are announcing another partnership: Kali has partnered with BC Security. BC Security is the team who is currently maintaining the most active fork of Empire. In August 2019, the original maintainers archived the project, but with Open-source projects (as long as they don’t break software licenses) other groups can take someone else’s code and improve upon it. This is exactly what BC Security did, forking the project, to keep the flame of PowerShell Empire alive.

This error and more specifically its footer “Powered by Tengine” stirred up my interest and so I started looking for more information about this unknown to me web server. [....] The Sysguard and Consistent hash modules impressed me as very useful because they would allow advanced load balancing. To get an idea of Tengine’s capabilities, imagine you wish the web server to return a 503 error or a custom page when your free memory is below 100M or CPU load is above 20? With the Sysguard module this can be easily done with a configuration like this: