Web apps – The Directories http://thedirectories.org/ Wed, 18 May 2022 20:02:08 +0000 en-US hourly 1 https://wordpress.org/?v=5.9.3 https://thedirectories.org/wp-content/uploads/2021/09/icon-7-150x150.png Web apps – The Directories http://thedirectories.org/ 32 32 Microsoft Edge improves your installed web apps https://thedirectories.org/microsoft-edge-improves-your-installed-web-apps/ Wed, 18 May 2022 20:02:08 +0000 https://thedirectories.org/microsoft-edge-improves-your-installed-web-apps/ Chrome has offered the ability to “install” web apps on your computer for some time, and the feature is also available on the new Chromium-based Microsoft Edge. Now the Edge browser has an easier way to manage web apps, with more improvements on the way. Microsoft Edge lets you install web apps (as long as […]]]>

Chrome has offered the ability to “install” web apps on your computer for some time, and the feature is also available on the new Chromium-based Microsoft Edge. Now the Edge browser has an easier way to manage web apps, with more improvements on the way.

Microsoft Edge lets you install web apps (as long as the web apps allow it), which then puts them in the Start menu on Windows or in the Applications folder on macOS. You can already manage or uninstall them later by opening the app or looking for them in Windows’ “Apps & features” list, but Microsoft made the process easier with the Edge v101 update in April.

Microsoft

Microsoft Edge now has an App Hub, which you can access from the main menu (click “Apps” in the main Edge menu) or by pinning the Apps button to the toolbar. The hub is a quick access panel for web apps you’ve already installed, and there’s a button to install a site you’ve opened. There’s also a larger apps page (accessible from “Manage apps” in the menu or edge://apps), seen above.

These features have already been rolled out, but Microsoft has more on the way. The company is testing a new “App Sync” option, which will sync a list of web apps you have installed on one of your computers. It won’t actually install each web application on all your computers automatically, but it will give you a one-click install button for each application, which may be faster than finding them on each computer.

The new app sync feature is available to try in the Microsoft Edge beta (specifically version 102 and later), and it’s expected to roll out to the standard browser “over the next few months.”

These improvements come as Google and Microsoft work to integrate new APIs into their browsers, as part of the Fugu project (also known as the Web Capabilities project). This effort has led to new features for web applications, such as limited file system access, web application icon badges, clipboard reading and writing, and many other features that were only available for native apps in the past.

However, not all recent changes to Microsoft Edge have been positive. Many people complained after Microsoft added a built-in “buy now, pay later” (BNPL) option when shopping online, essentially encouraging people to set up loan payments for purchases.

Source: Windows Blog

]]>
How to Install and Use Progressive Web Apps (PWAs) on Linux https://thedirectories.org/how-to-install-and-use-progressive-web-apps-pwas-on-linux/ Wed, 11 May 2022 13:42:00 +0000 https://thedirectories.org/how-to-install-and-use-progressive-web-apps-pwas-on-linux/ Microsoft’s Windows holds the lion’s share when it comes to desktop operating systems and one of the biggest selling points that has since been the biggest hurdle for users looking to ditch the platform is support. apps. There are tons of applications designed for Windows, which cannot be said for niche operating systems. However, this […]]]>

Microsoft’s Windows holds the lion’s share when it comes to desktop operating systems and one of the biggest selling points that has since been the biggest hurdle for users looking to ditch the platform is support. apps.

There are tons of applications designed for Windows, which cannot be said for niche operating systems. However, this might change as more and more users rely on the internet and online tools to do their jobs.

Advertisement – Continue Reading Below

Enter the era of Progressive Web Apps, affectionately abbreviated as PWA. These Progressive Web Apps are just that, us-based apps and as such can be installed to run on any platform with a compatible or supported web browser.


Read more:


We recently looked at how to install Progressive Web Apps on Chromebooks and since Linux is just as exciting, why not show you how?

How to Install PWA on Linux

Now, it’s important to note that not all websites support PWA and your mileage may vary depending on your workflow and the online tools and platforms you use. To get started, you need to be running Google Chrome or a Chromium-based web browser.

Some of the browsers I’ve had success with include:

  • Google Chrome
  • Chromium Browser
  • Vivaldi
  • brave navigator
  • Microsoft Edge

Using your favorite supported browser, simply navigate to your favorite website or supported online tool. In this demonstration, I will install Google Meet.

You know the website supports PWA when you see this icon in your address bar. It will look slightly different on your browser, but it should appear as soon as the page fully loads.

Click on it and you will see a pop-up informing you that you can install the application on your Linux computer. Click on Install and that’s all!

Install PWAs

Your application should now open in a standalone window and, depending on your distro, you should see a Service Dock icon. The app will also be installed in your launcher.

You can do the same on Linux for as many online services as you want as long as they support PWA. It’s a great way to build your own workflow and ecosystem of apps that work well no matter what operating system you’re on.

Although there will always be room for specialized applications like AutoCAD, PhotoShop, Adobe Premiere, Final Cut Pro, etc. for professionals, the average user will be more than comfortable with Progressive Web Apps and we recommend people try out these lesser-known apps. Operating systems.

]]>
Build Your Own Web Apps With This $40 Introduction to Web3 Development https://thedirectories.org/build-your-own-web-apps-with-this-40-introduction-to-web3-development/ Wed, 27 Apr 2022 13:12:17 +0000 https://thedirectories.org/build-your-own-web-apps-with-this-40-introduction-to-web3-development/ The concept of Web3 is still very new, and no one quite knows how it will solve the most thorny issues around freedom of expression and creators’ rights. But one thing is certain: it will be wide open to developers, so if you’re looking for a way to get on the ground floor of this […]]]>

The concept of Web3 is still very new, and no one quite knows how it will solve the most thorny issues around freedom of expression and creators’ rights. But one thing is certain: it will be wide open to developers, so if you’re looking for a way to get on the ground floor of this new vision of the Internet, the Complete Web3 Programming Masterclass Pack can be your guide.

If you want to take advantage of an internet built around blockchain technology, you need to understand blockchain. This online course provides access to a diverse group of educators and experienced coders. Plus, you’ll benefit from in-depth lessons from entrepreneurs like Sorin Constantin and the developers at Mammoth Interactive.

Learn how to use programming languages ​​like Python and JavaScript to create new contracts and decentralized applications that will work according to Web3 principles. The opening lectures will explain how blockchain works and how it is essential for more than just cryptocurrency. Then, in just an hour, you should be able to write smart contracts with Python via Brownie and launch your first NFT.

This first-hand experience with NFTs is just the beginning. Whether you’re an artist looking for imaginative ways to secure and monetize your works, or an entrepreneur whose new ideas need fertile ground, you’ll find hours of valuable knowledge here. There are courses dedicated to application development on the Ethereum platform and one that can show you how to modify your existing website to be compatible with Web3. There’s even a detailed primer on the upcoming Metaverse and how it will change the game for online retail.

That’s a lot to take in, but it’s only a fraction of what these courses cover. PCMag readers can access the Complete Web3 Programming Masterclass bundle for $40, just $5 per course.

Prices subject to change.

Are you looking for an offer?

Subscribe to our expert Daily Deals newsletter for the best deals you will find anywhere.

This newsletter may contain advertisements, offers or affiliate links. Signing up for a newsletter indicates your consent to our Terms of Use and Privacy Policy. You can unsubscribe from newsletters at any time.

]]>
Benefits of Progressive Web Apps (PWAs) https://thedirectories.org/benefits-of-progressive-web-apps-pwas/ Mon, 25 Apr 2022 09:37:13 +0000 https://thedirectories.org/benefits-of-progressive-web-apps-pwas/ Creating an app is a long and expensive process. Did you ever hear anyone say that? Or is that what you believe to be true? If so, we want to show you a technology that casts doubt on that claim. We want to show you Progressive Web Apps (or PWAs). What is it about ? […]]]>

Creating an app is a long and expensive process. Did you ever hear anyone say that? Or is that what you believe to be true? If so, we want to show you a technology that casts doubt on that claim. We want to show you Progressive Web Apps (or PWAs). What is it about ? And what are their advantages? Let’s look.

PWAs have been around for a while now. In fact, Google first introduced this technology in 2015. The goal was simple: to create an app that behaves like a website. And thanks to technologies such as JavaScript, HTML and CSS, they have managed to achieve this goal. So when we talk about Progressive Web Apps, we mean digital products (mostly for mobile devices) that look and work like websites. What does this mean in practice?

How PWAs Work

Progressive Web Apps are still normal apps, but they are 100% web-based. This means that they are stored on online servers (as is the case with regular websites) and can be shared over the Internet. The only thing you need to open such an app is a device with an internet connection and a web browser. Of course, the vast majority of PWAs require the user to log in using their username and password, but that depends on the owner of the app.

A good example of such an application is m.uber.com. You just need to enter this web address using your smartphone or tablet, enter the user data and you can use the Uber app without downloading or installing it on your device. Brilliant in its simplicity, right?

And the fact that Progressive Web Apps work this way means that they come with a lot of great benefits. Let’s examine them more closely.

The benefits of PWAs

The first thing you need to know is that since PWAs are browser-based, they can be viewed and used from any device. In other words, PWAs have ended the Android vs iOS discussion. It’s the best of both worlds!

This, in turn, means that if you want to reach all possible users, you don’t need to create two (or more) separate apps. As a result, the process of developing a PWA is easier, faster, and most importantly, significantly cheaper.

Go further. Because PWAs are so easy to use (users have to do fewer things to start using them), they dramatically shorten the sales funnel. All content and features are almost immediately available. No download, no install, no update. For this reason, PWAs are 100% maintenance-free, at least from the users’ perspective, which contributes significantly to the UX of the application.

The next thing you need to know is that PWAs consume less resources, so they are fast and efficient. There’s no lag or extra components that take up your phone’s memory. Some of them even work with a very bad internet connection.

Things to analyze

Of course, PWAs aren’t flawless. For example, they do not always have access to all functions and features of the user’s device. So, if you want to create an application that has access to the contact list, the camera and several other elements, you will probably still have to develop a so-called native application (designed exclusively for a specific operating system). There are also other possible limitations that you should think about before making an informed decision.

If you want to develop a PWA for your organization, check out this blog post: Benefits of Progressive Web Apps. You’ll learn more PWA examples and additional questions to consider before deciding how to develop a new digital product.

]]>
Microsoft Edge may soon let users open links in web apps https://thedirectories.org/microsoft-edge-may-soon-let-users-open-links-in-web-apps/ Tue, 12 Apr 2022 07:00:00 +0000 https://thedirectories.org/microsoft-edge-may-soon-let-users-open-links-in-web-apps/ SAN FRANÇOIS: Tech giant Microsoft is reportedly working on a new feature for its Edge browser that will make Progressive Web Apps (PWAs) and web apps more native. The new option allows users to configure Edge to open links in associated Progressive Web Apps or installed Web Apps. For example, a person could set their […]]]>

SAN FRANÇOIS: Tech giant Microsoft is reportedly working on a new feature for its Edge browser that will make Progressive Web Apps (PWAs) and web apps more native.

The new option allows users to configure Edge to open links in associated Progressive Web Apps or installed Web Apps. For example, a person could set their browser to open the YouTube PWA after clicking a YouTube link in Edge, Windows Central reports.

First spotted and shared by prominent Reddit user Leo Varela, the feature can be enabled now via a flag in Edge Canary.

Searching for “Enable open support links in installed web apps” should bring up the option in edge://flags in Edge.

Developers can already save apps to open when a related link is clicked in Edge, but this new feature works with websites installed as apps.

Varela believes the option can circumvent the need for developers to register their web applications as link managers.

An entry on Edge Insider’s feature roadmap appears to reference the same feature that was spotted by Varela.

“Starting with version 97 of Microsoft Edge, you can choose to launch the browser in a PWA rather than the full native browser,” the roadmap says.

This entry mentions a target release date of Q1 2022, which has already passed.

]]>
Embrace Edge Computing for Web Applications – 4 Key Enablers https://thedirectories.org/embrace-edge-computing-for-web-applications-4-key-enablers/ Sun, 10 Apr 2022 15:00:39 +0000 https://thedirectories.org/embrace-edge-computing-for-web-applications-4-key-enablers/ Over the past few years, the adoption of internet-connected devices has grown exponentially and will not slow down in the years to come. According to Gartner, by 2023 the average CIO will be responsible for more than three times the endpoints they managed in 2018. However, supporting such an increase would require scaling cloud infrastructure […]]]>

Over the past few years, the adoption of internet-connected devices has grown exponentially and will not slow down in the years to come. According to Gartner, by 2023 the average CIO will be responsible for more than three times the endpoints they managed in 2018. However, supporting such an increase would require scaling cloud infrastructure and a substantial provision of network capacity, which might not be enough. be economically feasible.

In such cases, edge computing could emerge as a solution because the necessary resources, such as computing, storage, and network, can be delivered closer to the data source for processing.

Businesses are looking for near real-time, actionable information, which is fueling the adoption of edge computing across industries. The benefits of edge computing are well known, and in a previous article, I’ve illustrated the benefits and some use cases.

Embrace Edge Computing in Web Application Development

It’s only a matter of time before the edge becomes mainstream, as demonstrated by a recent IDC survey that found 73% of respondents chose edge computing as a strategic investment. The open source community, cloud providers, and telecom service providers are all working to strengthen the edge computing ecosystem, accelerating its adoption and the pace of innovation.

With such tailwinds, web application developers should focus on having an edge adoption plan in place to be more agile and leverage the ability of the edge to improve engagement rate. users.

Benefits such as near real-time information with low latency and reduced cloud server bandwidth usage are driving the adoption of edge computing across industries for web-based applications. Adopting state-of-the-art IT architecture for website applications can increase productivity, reduce costs, save bandwidth, and create new revenue streams.

I discovered that there are four essential enablers for edge computing that help developers and web architects get started.

1. Ensure application agility with the right application architecture

The edge ecosystem consists of several components such as appliances, gateways, edge servers or edge nodes, cloud servers, etc. For web applications, the edge computing workload must be agile enough to run on edge ecosystem components, depending on peak load or availability.

However, there could be specific use cases such as detecting poaching activities via a drone in dense forest with little or no network connectivity, which requires the development of native apps for devices or devices. gateways.

“Adopting cloud-native architectural patterns, such as microservices or serverless, provides application agility. The definition of cloud native as explained by the Cloud Native Computing Foundation (CNCF) supports this argument.: ‘“Cloud-native technologies allow organizations to build and run scalable applications across public, private and hybrid clouds. »

Features such as containers, service meshes, microservices, immutable infrastructure, and declarative application programming interfaces (APIs) best exemplify this approach. These features enable loosely coupled systems that are resilient, manageable, and observable. They allow engineers to make high-impact changes frequently and with minimal effort. »

The most important step in adopting edge computing would be to use a cloud-native architecture for the application or at least for the service to be deployed at the edge.

2. Realize the benefits of edge infrastructure and services by adopting CSPs

Cloud Service Providers (CSPs) offer services such as local compute and storage in a region or zone, which act as mini regional data centers managed by CSPs. Applications or services adhering to the “build once and deploy everywhere” principle can be easily deployed on this edge infrastructure.

CSPs like AWS (outpost, snowball), Azure (edge ​​zones), GCP (Anthos), and IBM (satellite cloud) have already extended some of their fully managed services to an on-premises configuration. Startups or growth-stage companies can easily take advantage of these hybrid cloud solutions to deploy edge solutions faster and for greater security, as they can afford the associated cost.

For an application running on wireless mobile devices that rely on cellular connectivity, the new 5G cellular technology can provide a significant latency advantage. Additionally, CSPs deploy their compute and storage resources closer to the telco’s network, which mobile applications like games or virtual reality can use to enhance the end-user experience.

3. Take advantage of custom code execution with CDNs

Content Delivery Networks (CDNs) distributed Points of Presence (PoPs) to cache and deliver web application content faster. They are evolving rapidly, and many PoPs now have a language runtime environment such as JavaScript (v8), which enables program execution closer to the edge. Additionally, it increases security by migrating client-side program logic to the edge.

Web applications such as online shopping portals can provide better customer experience with reduced latency when equipped with such services. For example, applications can benefit more by moving cookie manipulation logic to CDN edge processing instead of touching the origin server. This move could prove effective if there is a surge in traffic during events such as Black Friday and Cyber ​​Monday.

Moreover, such a method could also prove effective for running A/B tests. You can serve a fixed subset of users with an experimental version of the application while giving the rest of the participants a different version.

4. Use open deep learning model formats that provide ML framework interoperability

The diversity of neural network models and model frameworks has multiplied in recent years. This has encouraged developers to use and share neural network models across a wide range of frameworks, tools, runtimes, and compilers. But before running a standard AI/ML model format on various edge devices, developers and entrepreneurs should look for some standardization to counter edge heterogeneity.

Open deep learning model formats like Open Neural Network Exchange (ONNX) are emerging as a solution as they support interoperability of commonly used deep learning frameworks. It provides a mechanism to export models from different frameworks to the ONNX format. ONNX Runtime is available in other languages, including JavaScript. Templates and runtimes are compatible with various platforms, including low-end devices.

The conventional approach for machine learning applications is to generate AI/ML models in a compute-intensive cloud environment and use that model for inference. With AI/ML JavaScript frameworks, it is possible to run inference on browser-based applications. Some of these frameworks also support training models in the browser or JavaScript backend.

The right technology decisions ensure better business values

Working with dozens of startups, I’ve found that the best business decisions sometimes depend on early adoption of emerging technologies like edge computing for better customer impact.

However, adopting emerging technologies requires foresight and planning to be successful. By following the catalysts above, you are well positioned for seamless and sustainable integration of edge computing to develop web applications.

Image Credit: Ketut Subiyanto; pexels; Thank you!

Pankaj Mendki

Pankaj Mendki is Head of Emerging Technologies at Talentica Software. Pankaj is an IIT Bombay alumnus and researcher who explores and accelerates the adoption of evolving technologies for early-stage and growth-stage startups. He has published and presented several research papers on blockchain, edge computing and IoT in several IEEE and ACM conferences.

]]>
Senior UX Developer – (AI/Web Apps) https://thedirectories.org/senior-ux-developer-ai-web-apps/ Tue, 05 Apr 2022 20:31:03 +0000 https://thedirectories.org/senior-ux-developer-ai-web-apps/ Job Overview At PNC, our people are our greatest differentiator and competitive advantage in the markets we serve. We are all united to provide the best experience to our customers. We work together every day to foster an inclusive work culture where all of our employees feel respected, valued and have the opportunity to contribute […]]]>

Job Overview

At PNC, our people are our greatest differentiator and competitive advantage in the markets we serve. We are all united to provide the best experience to our customers. We work together every day to foster an inclusive work culture where all of our employees feel respected, valued and have the opportunity to contribute to the success of the company.

As a Senior UX Developer within PNC’s Retail Lending Automated Solutions group, you will be part of a dynamic team of people working collectively on advanced analytics, machine learning, and application development to optimize retail processes. lending technology. We design and deploy virtual assistants compatible with conversational AI and web applications.

The Senior UX Developer role is a hybrid position that offers the flexibility to work both in the office and remotely and is based in Pittsburgh, PA. Some job responsibilities may require time in the office on a regular basis.

Your work will enable our customers and the company to enjoy a seamless and natural experience with our technology, simplify and streamline processes, and improve cost performance. You will report to the Head of Intelligent Automation and be part of a high performing team of developers and data scientists dedicated to improving the customer experience, profitability and efficiency of retail lending.

Responsibilities
• Leverages understanding of activities, practices, deliverables and considerations in UI development to provide technical design and development of complex UIs.
• Provides design and development specifications for user-friendly and efficient graphics, layouts, icons, objects, navigation, and templates. Participates in coding, testing, implementation and documentation of front-end development.
• Analyzes user experience on graphics, layouts, icons, objects, navigation and models. Maintains and upgrades interface functionality for specific requirements and actively participates in code and design review as needed.
• Participates in business evaluation and requirements analysis processes for front-end development of graphical user interfaces. Makes it easy to publish data, programs, forms, HTML pages, and graphic images for existing and new applications.
• Leverages modern tools and techniques to develop clean, efficient and reusable code.

Skills/Preferences
• Strong analytical and problem solving skills.
• Mastery of InvisionApp or Figma or Sketch for wireframing (Balsamiq)
• Ability to transform design mockups and wireframes into functional components
• Comfortable presenting work confidently to groups
• Provide visually appealing JavaScript, HTML and CSS code for modern browsers
• Know at least one CSS framework (Bootstrap, Semantic, Tailwind)
• Solid background in HTML5, CSS3 and JavaScript (including JQuery)
• Conduct user research and gather requirements for new and existing products
• Familiarity with version control systems (Git)
• Experience with data visualization libraries (Google charts, D3.js, etc.)

Preferred qualifications:

• Experience with the React.js framework
• Knowledge of agile methodology
• Experience implementing user stories and writing unit tests
• Ability to interact directly with all levels of management
• Proven skills in project management, problem solving and decision making
• Ability to meet tight deadlines and work independently
• Excellent written and oral communication skills

job description

  • Leverages understanding of the activities, practices, deliverables and considerations in user interface development to provide technical design and development of complex user interfaces.
  • Provides design and development specifications for user-friendly and efficient graphics, layouts, icons, objects, navigation, and templates. Participates in coding, testing, implementation and documentation of front-end development.
  • Analyzes user experience on graphics, layouts, icons, objects, navigation and models. Maintains and upgrades interface functionality for specific requirements and actively participates in code and design review as needed.
  • Participates in business evaluation and requirements analysis processes for front-end development of graphical user interfaces. Makes it easy to publish data, programs, forms, HTML pages, and graphic images for existing and new applications.
  • Leverages modern tools and techniques to develop clean, efficient, and reusable code.

PNC employees are proud of our reputation and we expect our employees to be:

  • Customer-centric – Know the values ​​and practices that align customer needs and satisfaction as primary considerations in all business decisions and able to leverage this information to create customized customer solutions.
  • Risk management – Evaluate and effectively manage all risks associated with their business objectives and activities to ensure they adhere to and support PNC’s enterprise risk management framework.

Skills

Application design, architecture – Knowledge of application design activities, tools and techniques; ability to use them to convert business requirements and logic models into technical application design.

Business Analytics – Knowledge of technologies, techniques and practices for evaluating business performance data; ability to analyze business performance using advanced statistical methods to justify and guide future business planning decisions.

Design Thinking – Knowledge of the concepts, principles and processes of design thinking; ability to use knowledge in the design of new products and services and even to improve the functioning of the organization.

Effective Communications – Understanding of effective communication concepts, tools and techniques; ability to effectively convey, receive and interpret ideas, information and needs through the application of appropriate communication behaviors.

Integration of packaged applications – Knowledge and ability to implement packaged application software and integrate it with enterprise applications, databases and technology platforms.

Solution Development – Knowledge and ability to assess customer needs and provide solutions.

User Interface Design – Knowledge of activities, practices, deliverables and considerations; ability to design effective graphical user interfaces for conveying information to the client’s workstation.

Web Application Technology – Knowledge and ability to design, develop and support applications accessible over a network through a browser.

Professional experience

Roles at this level typically require a university/college degree, with 3+ years of relevant/direct industry experience. Certifications are often desired. In lieu of a degree, a comparable combination of education and experience (including military service) may be considered.

Education

Bachelor’s degree (mandatory)

Additional job description

Base salary: Based on skills and experience.

Advantages

PNC offers its employees a full range of benefits to meet your current and future needs. Depending on your eligibility, options for full-time employees include medical/prescription drug coverage (with a health savings account feature); dental and vision options; employee and spousal/children’s life insurance; short-term and long-term disability protection; maternity leave and parental leave; paid holidays, vacation days and occasional absences; 401(k), retirement and stock purchase plans; dependent care reimbursement account; supportive care for children/elderly; adoption assistance; educational assistance and a strong wellness program with financial incentives. To learn more about these and other programs, including benefits for part-time employees, visit pncbenefits.com > New to PNC.

Disability accommodation statement:

The PNC workplace is inclusive and responsive to individual needs. If you have a physical or other disability that may require accommodation, including technical assistance with the PNC Careers website or the application process, please call 877-968-7762 and select Option 4: Recruitment or contact email us at pathfinder@pnc.com.

Hours of operation for the Human Resources Service Center are Monday through Friday, 9:00 a.m. to 5:00 p.m. ET.

Equal Employment Opportunity (EEO):

PNC provides equal employment opportunities to qualified individuals regardless of race, color, gender, religion, national origin, age, sexual orientation, gender identity, gender, disability, veteran status or other categories protected by law.

California Residents

Refer to the California Consumer Privacy Act Privacy Notice to understand how PNC may use or disclose your personal information in connection with our employment practices.

Apply now

]]>
Researchers Discover Python-Based Ransomware Targeting Jupyter Notebook Web Applications https://thedirectories.org/researchers-discover-python-based-ransomware-targeting-jupyter-notebook-web-applications/ Wed, 30 Mar 2022 07:00:00 +0000 https://thedirectories.org/researchers-discover-python-based-ransomware-targeting-jupyter-notebook-web-applications/ Researchers warn of future ransomware attacks on web applications used by data scientists Researchers have discovered what they believe to be the first Python-based ransomware sample specifically targeting Jupyter notebooks. Python is not commonly used for developing malware, with criminals preferring languages ​​such as Go, DLang, Nim and Rust. Nevertheless, this is not the first […]]]>

Researchers warn of future ransomware attacks on web applications used by data scientists

Researchers have discovered what they believe to be the first Python-based ransomware sample specifically targeting Jupyter notebooks.

Python is not commonly used for developing malware, with criminals preferring languages ​​such as Go, DLang, Nim and Rust. Nevertheless, this is not the first Python ransomware. In October 2021, Sophos reported Python ransomware specifically targeting VMware ESXi servers.

The new sample was discovered by researchers at Aqua Security, after being caught in one of its honeypots. The ransomware specifically targets Jupyter Notebooks, an open-source web application used by data professionals to work with data, write and run code, and visualize results. This ransomware encrypts every file on a given path on the server and then deletes itself after execution.

“Since Jupyter Notebooks are used to analyze data and build data models, this attack can cause significant damage to organizations if these environments are not properly backed up,” researchers warn in an alert published on March 29, 2022.

Since Jupyter notebooks are web applications, they suffer from all the standard web application issues, including misconfigured or missing access authentication. Nautilus researchers found about 200 Jupyter laptops accessible on the Internet (some, but not all, may be honeypots) without authentication. Each of these could be accessed by an attacker with nothing more than a browser, and the environment could be manually infected.

Researcher Aqua Assaf Morag said safety week“There are over 11,000 servers with Jupyter laptops that can be accessed on the internet, so you could run a brute force attack and possibly gain access to some of them – you’d be surprised how big it can be easy to guess these passwords.”

The sample trapped by Aqua is not a complete sample. It does not include, for example, proof of a ransom note. “We suspect,” Morag said safety week“that the attack has reached a timeout on the honeypot, or that the ransomware is still being tested ahead of real-world attacks.”

Nevertheless, the researchers believe, from what they have, that it is ransomware rather than a wiper weapon. “Windshield wipers usually exfiltrate data and erase it or just erase it,” Morag continued. “We saw no attempt to send the data outside the server and the data was not simply erased, it was encrypted with a password (manually chosen by the attacker). This is a another factor that leads us to believe that it is a ransomware attack rather than a wiping one.

He also suspects – due to a resemblance to other Python ransomware – that the attacker simply took the existing code, modified it and tweaked it to his own needs. It does not have any information that can attribute the ransomware to a known group. However, he comments: “The first thing the attacker did to figure out that he can download files from a remote source was to download a text file containing only the word ‘blat’. It’s a bad word in Russian and something we’ve seen in the past from Russian attackers.

It is highly likely that this partial ransomware attack detected by Aqua is the precursor to actual attacks against Jupyter Notebooks. Since a built-in feature of the application allows the user to open a shell terminal with additional access to the server, the risk of harm is considerable.

Aqua recommends that access to Jupyter networks be properly authenticated; incoming traffic is controlled by eliminating Internet access or limiting it to VPN access; use must be restricted to unprivileged or limited-privileged users; and outgoing traffic is controlled as completely as possible.

Aqua Security provides a cloud native application protection platform (CNAPP). It was founded in 2015 and achieved unicorn status in 2021.

Related: Necro Python Botnet Begins Targeting Visual Tools DVRs

Related: Facebook open source analysis tool for Python code

Related: CannibalRAT written in Python used in targeted attacks

Related: Despite warnings, cloud misconfiguration issue still a concern

Kevin Townsend is a senior contributor to SecurityWeek. He wrote about high-tech issues long before Microsoft was born. For the past 15 years, he has specialized in information security; and has had several thousand articles published in dozens of different magazines – from the Times and the Financial Times to current and former IT magazines.

Previous chronicles by Kevin Townsend:
Keywords:

]]>
Unpatched Java Spring Framework 0-Day RCE Bug Threatens Enterprise Web Application Security https://thedirectories.org/unpatched-java-spring-framework-0-day-rce-bug-threatens-enterprise-web-application-security/ Wed, 30 Mar 2022 07:00:00 +0000 https://thedirectories.org/unpatched-java-spring-framework-0-day-rce-bug-threatens-enterprise-web-application-security/ A zero-day remote code execution (RCE) vulnerability was discovered in the Spring framework shortly after a Chinese security researcher briefly disclosed a proof-of-concept (PoC) exploit on GitHub before deleting their account. According to cybersecurity firm Praetorian, the unpatched flaw affects Spring Core on Java Development Kit (JDK) versions 9 and later and is a workaround […]]]>

A zero-day remote code execution (RCE) vulnerability was discovered in the Spring framework shortly after a Chinese security researcher briefly disclosed a proof-of-concept (PoC) exploit on GitHub before deleting their account.

According to cybersecurity firm Praetorian, the unpatched flaw affects Spring Core on Java Development Kit (JDK) versions 9 and later and is a workaround for another vulnerability identified as CVE-2010-1622, allowing an unauthenticated attacker execute arbitrary code on the target system. .

Spring is a software framework for building Java applications, including web applications on the Java EE (Enterprise Edition) platform.

“In some configurations, exploiting this issue is straightforward, as an attacker only needs to send a specially crafted HTTP request to a vulnerable system,” said researchers Anthony Weems and Dallas Kaman. “However, exploiting different configurations will require the attacker to do additional research to find payloads that will be effective.”

Additional details of the fault, dubbed “SpringShell” and “Spring4Shell“, have been withheld to prevent exploit attempts and until a patch is put in place by framework maintainers, Spring.io, a VMware subsidiary. It has also not yet received any CVE (Common Vulnerabilities and Exposures) identifier.

It should be noted that the flaw targeted by the zero-day exploit is different from the two previous vulnerabilities disclosed as part of the application this week, including the Spring Framework Expression DoS Vulnerability (CVE-2022-22950) and Spring Cloud Expression Resource Access Vulnerability (CVE-2022-22963).

In the meantime, Praetorian researchers recommend “creating a ControllerAdvice component (which is a Spring component shared between controllers) and adding unsafe models to the deny list”.

Initial analysis of the new code execution flaw in Spring Core suggests that its impact may not be severe. “[C]Current information suggests that to exploit the vulnerability, attackers will need to locate and identify instances of web applications that are actually using DeserializationUtils, which developers already know to be dangerous,” Flashpoint said in an independent analysis.

cyber security

Despite the public availability of PoC exploits, “it is currently unclear which real-world applications are using the vulnerable functionality,” Rapid7 explained. “JRE configuration and version can also be important factors in exploitability and likelihood of widespread exploitation.”

The Retail and Hospitality Information Sharing and Analysis Center (ISAC) also released a statement indicating that it has investigated and confirmed the “validity” of the PoC for the RCE flaw, adding that it is “continuing testing to confirm the validity of the PoC “.

“The Spring4Shell in-the-wild exploit appears to work against spring.io’s ‘Handling Form Submission’ stock sample code”, CERT/CC vulnerability analyst Will Dormann mentioned in a tweet. “If the example code is vulnerable, then I suspect that there are indeed real-world applications that are vulnerable to RCE.”

]]>
10 popular web apps built with React https://thedirectories.org/10-popular-web-apps-built-with-react/ Tue, 29 Mar 2022 07:00:00 +0000 https://thedirectories.org/10-popular-web-apps-built-with-react/ React.js is an excellent platform for building robust, scalable, and secure web applications. It has consistently proven its worth against the giants of popular web application frameworks such as Angular, Django, Laravel, etc. There is no right answer for which framework is the best out of all the available options. However, if you plan and […]]]>

React.js is an excellent platform for building robust, scalable, and secure web applications. It has consistently proven its worth against the giants of popular web application frameworks such as Angular, Django, Laravel, etc. There is no right answer for which framework is the best out of all the available options. However, if you plan and strategize properly, it will help you narrow down your choices.

React.js has been the perfect choice to power their web applications for many globally successful companies. If not entirely, they use many libraries from React.js to power one or two aspects of their web applications. One of the many advantages of React.js is that it is platform independent, which means it can be used easily with any third-party library or framework. This opens up a lot of possibilities for using React to power any web application with tons of customization options available to the user. Here we are going to discuss 7 popular web applications that use or are built with React.js.

You should hire React.js developers from a trusted web application development company to develop a reliable and robust cross-browser compatible web application for your business. Here is a list of the best web apps built with React and how React plays a role in powering these web apps –

1. The New York Times

Red Carpet Project, an initiative of The New York Times, was created using React.js. The concept behind this web app was to create a page where their readers and followers could boost different looks of their favorite celebrities on the red carpet. Apart from that, NYT also uses React to manage the connection between their data and the UI on the front-end. They are also extending their use of React in their mobile app by powering it with React Native.

2.Netflix

The gigantic streaming service Netflix also uses React.js libraries for many elements of its website. Netflix uses React.js for its website and React Native for its mobile app. Netflix had also published a blog explaining why they decided to use React.js to meet the demands and capacity requirements of their expansion plans. They mentioned that using React was beneficial in increasing their startup speed, runtime performance, and modularity.

3.Instagram

Instagram is probably one of the biggest users of the React.js library. Its web application is entirely based on this library. Of course, part of that is because Instagram and React are Meta products. However, React.js is robust and scalable enough to power the entire application, including Instagram UI, Google Maps API, and hashtags. Instagram first started experimenting with React in the user profile page and then gradually updated all of its pages to React.

4.Asanas

Asana is a popular work management platform used by teams and offices around the world to manage their projects, deadlines, and day-to-day operations. The Asana team was previously working on creating its responsive framework named Luna in 2008 before deciding to switch to React for its internal functionality. They were able to seamlessly implement the designs they created with Luna in React.

5. AirBnB

AirBnB is a revolutionary company that has redefined vacations and vacation planning globally. It offers vacation rentals, homestays, accommodations and other hospitality and tourism solutions. AirBnB has a long history with React.js and React Native. They wanted to create a cross-platform solution that was both sustainable and future-ready. React.js is the best bet for runtime performance and integration flexibility with all operating environments. AirBnB was so actively involved in React.js that it created many open source React.js libraries which are still widely used by many websites and businesses to this day.

6. Khan Academy

Khan Academy encountered serious web page load time issues and other website-related challenges before switching to React.js. They saw a measurable difference in performance after implementing the React.js library. With React.js they could also add many new features and eliminate extra renderers. One of the biggest benefits of React that appealed to Khan Academy was its component isolation feature.

7.Uber

Uber is one of the most popular taxi booking services in the world. They have millions of active users around the world who rely on Uber for their daily commute. Although the mobile app is more frequently used to book rides, many users also prefer to book their taxis from the website. Unlike other companies that eventually switched to React, Uber started using React early on. Like AirBnB, Uber has contributed significantly to the creation of open source libraries for React, most of them for mapping and visualization. They also created Base Web, which provides reusable React components for UI development. Uber primarily opted for React for its accessibility, personalization, and reliability.

8.Reddit

Reddit is the internet’s premier page that allows users to submit links, create content, and have proper discussions on topics that interest them. They use React to create their minimalist and functional user interface.

9.Facebook

Facebook is one of the most popular social media platforms. It has over 2.85 billion users on a monthly basis. Facebook is also a meta-product; so it’s no surprise that it’s developed using React.js (also a Meta product). Their webpage is built using React.js and their mobile app is developed on React Native.

10. Drop box

Dropbox is a globally used file hosting service where users can store and share important files, collaborate on projects, and enable global teams to work together efficiently. They use React.js for their website and React Native for their mobile app. Dropbox moved to React.js and React Native for benefits such as smaller file size, increased app usability, improved reload speed, and improved overall look of the app.

Last words

These are the 10 most popular web applications built with React. This should give you a brief idea of ​​the potential and flexibility of React in developing different types of web applications. More and more React libraries and components are added regularly, making React a reliable and trustworthy framework for your modern web application project.

]]>