投稿時間:2021-12-12 05:15:16 RSSフィード2021-12-12 05:00 分まとめ(18件)

カテゴリー等	サイト名等	記事タイトル・トレンドワード等	リンクURL	頻出ワード・要約等/検索ボリューム	登録日
Program	[全てのタグ]の新着質問一覧｜teratail（テラテイル）	vscodeで.scss保存時に.scss自体にautoprefixerが走ってしまうのを止めたい	https://teratail.com/questions/373400?rss=all	vscodeでscss保存時にscss自体にautoprefixerが走ってしまうのを止めたいvscodeの拡張からlivenbspsassnbspcompilerの更新されている方のvとAutoprefixerのvをインストールしました。	2021-12-12 04:40:29
AWS	AWSタグが付けられた新着投稿 - Qiita	AWS CLIで Web サイトを構築、管理、運用する(12日目)	https://qiita.com/hirosys/items/539d3e465ade788c28a5	NextLockToken動作確認※日目で設定したAWSWAFのルールの内、AnonymousIPlistが有効だとCloudShellからのアクセスがHTTPで防がれてしまうので、解除しています。	2021-12-12 04:02:50
海外TECH	MakeUseOf	6 Unique Ways to Stand Out in a Job Interview	https://www.makeuseof.com/unique-ways-to-stand-out-job-interview/	Unique Ways to Stand Out in a Job InterviewWhen it comes to a job interview in a competitive field or a hard to get position it s often the unique ways that ll make you stand out Here s how	2021-12-11 19:45:11
海外TECH	MakeUseOf	6 Effective Ways to Get Out of Your Photography Rut	https://www.makeuseof.com/ways-to-get-out-of-photography-rut/	photography	2021-12-11 19:30:12
ニュース	BBC News - Home	Kensington: Man dies after being shot in police confrontation	https://www.bbc.co.uk/news/uk-england-london-59622531?at_medium=RSS&at_campaign=KARANGA	bookmakers	2021-12-11 19:33:48
ニュース	BBC News - Home	Norwich 0-1 Manchester United: Cristiano Ronaldo penalty earns win for Red Devils	https://www.bbc.co.uk/sport/football/59529643?at_medium=RSS&at_campaign=KARANGA	Norwich Manchester United Cristiano Ronaldo penalty earns win for Red DevilsCristiano Ronaldo s penalty earns Manchester United a narrow victory over Norwich to maintain Ralf Rangnick s unbeaten start as interim manager	2021-12-11 19:46:27
ビジネス	ダイヤモンド・オンライン - 新着記事	【意外な結果】北海道より東京の方が「自然公園」が占める割合が大きいワケ - 新説・新発見！今こそ学ぶ「歴史・地理」	https://diamond.jp/articles/-/289279	自然公園	2021-12-12 05:00:00
ビジネス	ダイヤモンド・オンライン - 新着記事	「ふるさと納税」で損をすることも!?絶対ハマってはいけない5つの落とし穴［見逃し配信］ - 見逃し配信	https://diamond.jp/articles/-/290321	落とし穴	2021-12-12 04:50:00
ビジネス	ダイヤモンド・オンライン - 新着記事	オミクロン株へのイギリス政府の対応策とは？街の近況を在住者がレポート - 地球の歩き方ニュース＆レポート	https://diamond.jp/articles/-/289588	地球の歩き方	2021-12-12 04:40:00
ビジネス	ダイヤモンド・オンライン - 新着記事	なぜ笑顔で「ハイ！」と返事をする部下ほどやる気がないのか？ - from AERAdot.	https://diamond.jp/articles/-/289593	fromaeradot	2021-12-12 04:35:00
ビジネス	ダイヤモンド・オンライン - 新着記事	ダイエットと睡眠の関係性、寝ている間に体重減につながる「6つの工夫」 - 男のオフビジネス	https://diamond.jp/articles/-/289584	睡眠不足	2021-12-12 04:30:00
ビジネス	ダイヤモンド・オンライン - 新着記事	新日本酒紀行「赤武」 - 新日本酒紀行	https://diamond.jp/articles/-/289385	岩手県盛岡市	2021-12-12 04:25:00
ビジネス	ダイヤモンド・オンライン - 新着記事	コロナ禍で自殺リスクは増えたのか？東京大学精神保健学者の調査結果 - ヘルスデーニュース	https://diamond.jp/articles/-/289601	コロナ禍で自殺リスクは増えたのか東京大学精神保健学者の調査結果ヘルスデーニュース新型コロナウイルス感染症COVIDパンデミック下で、正規雇用労働者でも希死念慮が高まっていたという実態が明らかになった。	2021-12-12 04:20:00
ビジネス	ダイヤモンド・オンライン - 新着記事	社員1人ひとりが「働く意義」を日々実感できる職場の特徴とは？ - PURPOSE　パーパス	https://diamond.jp/articles/-/288197	purpose	2021-12-12 04:15:00
ビジネス	ダイヤモンド・オンライン - 新着記事	ひろゆきが教える「いい人かどうかを見分けるポイント」ベスト1 - 1％の努力	https://diamond.jp/articles/-/289701	youtube	2021-12-12 04:10:00
ビジネス	ダイヤモンド・オンライン - 新着記事	精神科医も呆れる「毒親」への4つの対処法とは？ - ストレスフリー超大全	https://diamond.jp/articles/-/289074	樺沢紫苑	2021-12-12 04:05:00
ビジネス	東洋経済オンライン	誰でも｢プレゼント名人｣になれる最大のコツ あなたの｢幸せ度｣もアップする驚きの方法 | 買わない生活 | 東洋経済オンライン	https://toyokeizai.net/articles/-/475631?utm_source=rss&utm_medium=http&utm_campaign=link_back	東洋経済オンライン	2021-12-12 04:30:00
GCP	Cloud Blog	Google Cloud Armor WAF rule to help mitigate CVE-2021-44228 Apache Log4j vulnerability	https://cloud.google.com/blog/products/identity-security/cloud-armor-waf-rule-to-help-address-apache-log4j-vulnerability/	Google Cloud Armor WAF rule to help mitigate CVE Apache Logj vulnerabilityNIST has announced a recent vulnerability CVE in the Apache Logjlibrary To help mitigate the effects of this vulnerability Google Cloud Armor customers can now deploy a new preconfigured WAF rule that will help detect and optionally block attempted exploits of CVE  BackgroundThe Apache Logj utility is a commonly used component for logging requests On December a vulnerability was reported that could allow a system running Apache Logj version or below to be compromised and allow an attacker to execute arbitrary code  On December NIST published a critical Common Vulnerabilities and Exposure alert CVE More specifically JNDI features used in configuration log messages and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints An attacker who can control log messages or log message parameters can execute arbitrary code loaded from remote servers when message lookup substitution is enabled If you have workloads you believe may be vulnerable review Google Cloud s mitigation steps below You can determine your exposure by reading further details on the NIST website here  Addressing Apache Logj vulnerability with Cloud ArmorGoogle Cloud s Cloud Armor provides Denial of Service and Web Application Firewall WAF protection for applications and services hosted on Google Cloud on your premises or hosted elsewhere The Cloud Armor team has worked closely with the Google Cybersecurity Action Teamteam to analyze this issue and prepare a response   In an attempt to help our customers address the Logj vulnerability we have introduced a new preconfigured WAF rule called “cve canary which can help detect and block exploit attempts of CVE Cloud Armor customers can deploy the new rule into a new or existing Cloud Armor security policy following the below instructions  In order to detect or help mitigate exploit attempts of this CVE you will need to create a new rule in your Cloud Armor security policy leveraging the preconfigured WAF rules called “cve canary The rule can be created and inserted into a new or existing Cloud Armor security policy via the Google Cloud Console or the gCloud CLI WAF rule in ConsoleA sample gCloud command line to create a rule with a deny action and priority which blocks the exploit attempts into an existing security policy is as follows Monitoring detecting and analyzing potential threatsIf you need to monitor your Cloud Armor protected endpoints for exploit attempts without necessarily blocking the traffic you can deploy the above rule in preview mode Deploying the rule in preview mode will allow you to receive Cloud Logging event logs that the rule was triggered but Cloud Armor will not block the request To configure preview mode for any rule you can set the preview flag to enabled in the UI or CLIPreview mode in Cloud ArmorTo analyze suspicious requests you can enable Cloud Armor s verbose loggingcapability in the relevant policy With verbose logging enabled Cloud Armor s logs will contain additional information about where in the incoming request the suspicious signature appeared as well as a snippet of the suspicious signature and the field it appeared in Example log message of a blocked exploit attempt with verbose logging enabledFinally if your protected workload receives requests with content type application json like a REST API then you will need to enable JSON parsing in your security policy to ensure Cloud Armor parses the JSON in a POST request s body to detect exploit attempts  More detailed Cloud Armor product documentation for configuring the above capabilities is available here Configuring Cloud Armor Security policiesUsing preconfigured WAF rulesPreview ModeVerbose LoggingJSON ParsingPlease contact Google Cloud s technical support or your Google Cloud account team for assistance with applying the mitigation steps described above Additionally you can seek support assistance in the Google Cloud Platform Community Slack Channelunder gcp security for non urgent questions Related ArticleCloud Armor enhancing security at the edge with Adaptive Protection expanded coverage scope and new rulesCloud Armor gets Adaptive Protection expanded coverage scope and new rulesRead Article	2021-12-11 20:00:00