Skip to main content

Windows 10 Warning: 250M Account Trojan Can Disable Windows Defender

Trickbot is not a new threat, but it is an evolving one. The latest twist of the banking Trojan knife as far as Windows 10 users are concerned is the addition of new methods to not only evade but actually disable Windows Defender security protection. As  reported  on July 14 in  Forbes , Trickbot is a particularly stealthy banking Trojan that has been around since 2016. Since then, it was thought to have compromised no less than 250 million email accounts in an effort to distribute the malware payload. That payload includes the stealing of online banking credentials and cryptocurrency wallets. Microsoft has always been front and center as far as Trickbot attack campaigns are concerned, with weaponized Word and Excel files being a favored approach. The  latest campaign  is targeting Windows 10 users and implementing a highly detailed and convincing, but fake nonetheless, Office 365 page to prompt for browser updates that install the Trojan itself. Disab...
Post a Comment

Next.js 3.0 Release: What's New?

On Tuesday, October 25, 2016, a small JavaScript framework, Next.js was released to the public. It's a minimal framework for building server-rendered universal JavaScript web apps. Within a few months of its existence, it gathered a lot of attention from the JavaScript community. The React community was set ablaze with joy for finally having a tool that can help build server-side rendering apps without a hassle and in-depth technical know-how. In fact, we covered how to build a universal JavaScript web appwith it. In this article, I'll highlight the notable additions to Next.js's new release, Next.js 3.0.

Primer: What Is a Universal JavaScript Application?

First, I'll provide a little context for the individuals that find Universal JavaScript to be a new term.
The term Universal simply means the ability to run the same code on the server, browsers, mobile devices, and any other platform. Universal JavaScript is a term people are leaning towards these days. A lot of developers also call it Isomorphic JavaScript. In short, there is a debate on the React repo about this term. Michael Jackson, a popular ReactJS developer, wrote a blog post on Universal JavaScript. It's indeed true that naming things is one of the most difficult aspects of Computer Science.

What's New in Next.js 3.0?

1. Dynamic Import Support

Next.js now ships with Dynamic Import. The import function in all its glory allows a codebase to be split into a set of chunks that can be dynamically loaded later.
In Next.js, you can now use dynamic import as seen below:
const lodash = import('lodash'); 
...
button.addEventListener('click', event => {
    import('./dialogBox.js')
    .then(dialogBox => {
        dialogBox.open();
    })
    .catch(error => {
        /* Error handling */
    })
});
This helps to load functionality on demand. Next.js supports server-side rendering for dynamic imports which makes it incredibly awesome for you to avoid displaying the client's blank pages, flickering, or loading spinners.

2. Static Export Support

Next.js now allows you to generate a truly static site by exporting your project to an outdirectory with .html and .css files. The good thing about this feature is that it was community-driven.
Community Driven Static Export feature
You need to do the following:
  • Create a custom next.config.js file like so:
     exports.exportPathMap = () => ({
        "/": { page: "/" },
        "/about": { page: "/about" }
      });
  • Now run the command like so:
     next build && next export
Note: It's advisable you configure the command in your package.json file like so:
"scripts": {
    "export": "next build && next export",
}
So you can just run npm run export and it will build your Next.js app as a static website. This simply means you don't need any server to deploy it. Whoop! Whoop!
Change the directory into the new outdirectory and deploy your app to a cloud platform, e.g [now](https://zeit.co/now).

3. Better Error Handling

The error color theme has been updated to be more accessible and easier on the eyes.
Source: Zeit

4. Improved Startup Time

Startup time for a Next.js app is now 5 times faster. The bootup time for a typical Next.js 3 app was cut down from 1000ms to about 200ms.

5. Optimized Bundle

The bundle size of Next.js core is now smaller. In fact, here is the webpack bundle analyzer output after optimization:
Optimized Bundle

6. Improved Hot Module Replacement

Before now, there were some bugs with HMR, (hot module replacement), one of which was the ERR_INCOMPLETE_CHUNK_ENCODING error that shows up when using Node.js 8.0. That issue has been solved. Yaay!
Furthermore, if you return a wrong type, Next.js shows you the right error message and also recovers smoothly from it once the right type is returned.
Better Bad Type Returns
One more thing: undefined is not a function is now obsolete. Next.js now correctly identifies any type of runtime error thrown and catches it effectively. A typical example of this scenario can be seen below:
Source: Next.js Blogexample of this scenario can be seen below:
Source: Next.js Blog

example of this scenario can be seen below:
Source: Next.js Blog

7. Dynamic React Components

Next.js now ships with a powerful opt-in utility called next/dynamic which helps you to create dynamically loaded React Components easily.
Before now, code splitting was route based. In Next.js 3, you will be able to load code as a function of the data that the user gets.
import dynamic from 'next/dynamic'
const DialogComponent = dynamic(import('../components/DialogBox'))
export default () => (
  <div>
    <Header />
    <DialogComponent />
    <p>Weclome to the landing Page</p>
  </div>
)
Note: If the dynamic component is loaded in the initial rendering, server-rendering also works. Awesome!

Conclusion

With Next.js 3, the GitHub repo now has over 16,000 stars and we have seen lots of significant improvements and major upgrades from the initial version that was released last year. Kudos to the team behind this project and the JavaScript community for their continuous support. In fact, they already have plans for Next.js 4.
Labels:

Comments

Post a Comment

Popular posts from this blog

SmartBillions Challenges Hackers with 1,500 Ether Reward, Gets Hacked and Pulls Most of It Out

SmartBillions, a so-called fully decentralized and transparent lottery system, managed by an Ethereum smart contract, recently challenged hackers to get through its smart contract’s security, and added a 1,500  Ether  ($450,000) reward to be collected by anyone that managed to compromise it. The goal was to demonstrate “the SmartBillions lottery smart contract’s comprehensive security.” Initially, according to a  press release , the prize was to be collected by any hacker that managed to break into the smart contract and withdraw the funds, as a way to prove how serious the team took investor protection. The team stated: “The development team is so confident in their product and its security that they will risk their own funds (1500 ETH), to demonstrate its safety.” A few days later, the issued challenge seemingly backfired, as a hacker did manage to compromise the smart contract. The hacker, according to a  Reddit thread , essentially managed to game th...
Post a Comment
Read more

Windows 10 Warning: 250M Account Trojan Can Disable Windows Defender

Trickbot is not a new threat, but it is an evolving one. The latest twist of the banking Trojan knife as far as Windows 10 users are concerned is the addition of new methods to not only evade but actually disable Windows Defender security protection. As  reported  on July 14 in  Forbes , Trickbot is a particularly stealthy banking Trojan that has been around since 2016. Since then, it was thought to have compromised no less than 250 million email accounts in an effort to distribute the malware payload. That payload includes the stealing of online banking credentials and cryptocurrency wallets. Microsoft has always been front and center as far as Trickbot attack campaigns are concerned, with weaponized Word and Excel files being a favored approach. The  latest campaign  is targeting Windows 10 users and implementing a highly detailed and convincing, but fake nonetheless, Office 365 page to prompt for browser updates that install the Trojan itself. Disab...
Post a Comment
Read more

How To Convert DEB Packages Into Arch Linux Packages

We already learned how to  build packages for multiple platforms , and how to  build packages from source . Today, we are going to learn how to convert DEB packages into Arch Linux packages. You might ask,  AUR is the large software repository on the planet, and almost all software are available in it. Why would I need to convert a DEB package into Arch Linux package? True! However, some packages cannot be compiled (closed source packages) or cannot be built from AUR for various reasons like error during compiling or unavailable files. Or, the developer is too lazy to build a package in AUR or s/he doesn’t like to create an AUR package. In such cases, we can use this quick and dirty method to convert DEB packages into Arch Linux packages. Debtap – Convert DEB Packages Into Arch Linux Packages For this purpose, we are going to use an utility called  “Debtap” . It stands  DEB   T o  A rch (Linux)  P ackage. Debtap is available in AUR, so yo...
Post a Comment
Read more