投稿時間:2023-04-05 19:39:33 RSSフィード2023-04-05 19:00 分まとめ(39件)

カテゴリー等	サイト名等	記事タイトル・トレンドワード等	リンクURL	頻出ワード・要約等/検索ボリューム	登録日
IT	ITmedia 総合記事一覧	[ITmedia News] 総務省かたるフィッシング詐欺　SMSで督促状送りVプリカで支払い求める	https://www.itmedia.co.jp/news/articles/2304/05/news171.html	itmedia	2023-04-05 18:50:00
IT	ITmedia 総合記事一覧	[ITmedia ビジネスオンライン] 満足度が高い「暗号資産取引所」　現物取引ランキング2位は「bitbank」、1位は？	https://www.itmedia.co.jp/business/articles/2304/05/news166.html	bitbank	2023-04-05 18:26:00
IT	ITmedia 総合記事一覧	[ITmedia ビジネスオンライン] サントリー天然水が新容器、折りたたんで6分の1に　「コスパ」ならぬ「スぺパ」他業界でも続々	https://www.itmedia.co.jp/business/articles/2304/06/news045.html	ITmediaビジネスオンラインサントリー天然水が新容器、折りたたんで分のに「コスパ」ならぬ「スぺパ」他業界でも続々昨今、商品のユーザビリティ使いやすさにとどまらず、処分のしやすさまで意識した商品開発が増えている。	2023-04-05 18:10:00
TECH	Techable（テッカブル）	クレッシェンド・ラボ、AIサービスの連携開始。LINE上での顧客とのやりとりがスムーズに	https://techable.jp/archives/201873	chatgpt	2023-04-05 09:00:12
AWS	lambdaタグが付けられた新着投稿 - Qiita	LambdaでTeamsのチャットボットを実装する方法 (所要時間5分)	https://qiita.com/Tomonobu3110/items/3b5be94f25a201a05cc4	awslambda	2023-04-05 18:26:15
python	Pythonタグが付けられた新着投稿 - Qiita	Windows x Pyenv 環境構築	https://qiita.com/inosuke-hashibira/items/90e30592f375c3b8d4e8	pyenvwin	2023-04-05 18:51:08
python	Pythonタグが付けられた新着投稿 - Qiita	物性研スパコンohtakaで結晶構造探索を行う	https://qiita.com/TomokiYamashit3/items/92b4eb019d5906e4330d	cryspy	2023-04-05 18:28:18
AWS	AWSタグが付けられた新着投稿 - Qiita	【S3】レプリケーションによる既存オブジェクト上書き動作	https://qiita.com/docdocdoc/items/5596cb9d8acc7ed42c0a	通常	2023-04-05 18:40:39
AWS	AWSタグが付けられた新着投稿 - Qiita	[AWS Q&A 365][AppSync]AWSのよくある問題の毎日5選 #24	https://qiita.com/shinonome_taku/items/94afd02b27b5482abe4d	graphql	2023-04-05 18:17:02
AWS	AWSタグが付けられた新着投稿 - Qiita	【ドラゴンボール風解説】WS Auto Scalingについて	https://qiita.com/songokusuper777777/items/e2634f7eee9cf43da5d3	chatgpt	2023-04-05 18:17:00
AWS	AWSタグが付けられた新着投稿 - Qiita	[AWS Q&A 365][AppSync]Daily Five Common Questions #24	https://qiita.com/shinonome_taku/items/7d6ea1e75a0573654da0	amazon	2023-04-05 18:14:07
Docker	dockerタグが付けられた新着投稿 - Qiita	Oracle Database 23c Free on Docker	https://qiita.com/shakiyam/items/ca08d6a034f860f84b0b	developerrelease	2023-04-05 18:09:17
Azure	Azureタグが付けられた新着投稿 - Qiita	WindowsMachineFileCopyタスクでFailed to Create PSDrive with Destination: '\\xx.xx.xx.x\D$\xxx', ErrorMessage: 'The network path was not found'	https://qiita.com/Naoto_Minagawa/items/7442636e12c6e6a71161		2023-04-05 18:39:54
技術ブログ	Developers.IO	Amazon Cognito でサンドボックス制限中の Amazon SES をメールプロダイバーとして設定していると CodeDeliveryFailureException が発生します	https://dev.classmethod.jp/articles/cognito-sandbox-ses-codedeliveryfailureexception/	amazoncognito	2023-04-05 09:30:39
技術ブログ	Developers.IO	CVE-2023-20861: Spring Expression DoS Vulnerability の影響調査	https://dev.classmethod.jp/articles/cve-2023-20861-spring-expression-dos-vulnerability/	dosvulnerability	2023-04-05 09:10:09
技術ブログ	Developers.IO	[アップデート]Amazon ElastiCache の Redis クラスターを、簡単に作成できる設定が追加されました	https://dev.classmethod.jp/articles/elasticache-redis-easy-setup/	amazonelasticache	2023-04-05 09:08:23
海外TECH	DEV Community	Web Application Security: Best Practices and Essential Tools	https://dev.to/crossskatee1/web-application-security-best-practices-and-essential-tools-17fi	Web Application Security Best Practices and Essential ToolsAs businesses increasingly rely on web applications for their operations ensuring their security has become a top priority The consequences of a successful cyberattack can be devastating resulting in financial losses reputational damage and loss of customer trust This comprehensive guide will cover the best practices and essential tools for enhancing your web application security and protecting your business from cyber threats Common Threats and VulnerabilitiesWeb applications face numerous threats and vulnerabilities which can lead to data breaches unauthorized access and other security incidents Understanding these common threats and vulnerabilities is essential for developing a comprehensive security strategy Some of the most prevalent web application security issues include SQL Injection SQLi Attackers exploit vulnerabilities in a web application s database interaction by injecting malicious SQL code This can lead to unauthorized access data theft or even complete control over the affected system To prevent SQLi attacks developers must implement proper input validation parameterized queries and use stored procedures Cross site Scripting XSS In XSS attacks hackers inject malicious scripts into legitimate web pages which are then executed in users browsers This can lead to the theft of sensitive information manipulation of website behavior or redirection to malicious sites To mitigate XSS attacks developers should implement output encoding content security policies and input validation Cross site Request Forgery CSRF CSRF attacks trick users into performing unintended actions on a web application by sending unauthorized requests using the user s authenticated session This can result in unauthorized changes or data theft To defend against CSRF attacks developers should use anti CSRF tokens same site cookies and proper referrer checks Broken Authentication When an attacker exploits weaknesses in a web application s authentication mechanisms they can impersonate legitimate users and gain unauthorized access to the system To address broken authentication vulnerabilities developers should implement multi factor authentication MFA secure password storage and session management best practices Security Misconfiguration Improper implementation or configuration of security controls can lead to vulnerabilities that attackers can exploit to gain unauthorized access expose sensitive data or compromise the system To prevent security misconfigurations developers must follow security best practices regularly review and update configurations and conduct regular security audits Insecure Deserialization Attackers can exploit insecure deserialization to inject malicious objects or manipulate serialized data potentially leading to remote code execution or privilege escalation To mitigate insecure deserialization risks developers should avoid using user supplied input for deserialization implement integrity checks and utilize secure serialization formats XML External Entity XXE Injection XXE attacks occur when an XML parser processes an external entity reference potentially allowing an attacker to access sensitive data cause a denial of service or execute remote code To prevent XXE attacks developers should disable external entity processing use less vulnerable data formats like JSON and implement input validation By understanding and addressing these common threats and vulnerabilities web application developers can significantly reduce the risk of security incidents and protect their systems from potential cyberattacks Best Practices for Web Application Security Secure Coding PracticesInput Validation Ensure that all user input is properly validated and sanitized to prevent malicious data from entering your application Output Encoding Encode output data to prevent malicious code from being executed on the client side Least Privilege Principle Grant users the minimum level of access required to perform their tasks limiting the potential damage from compromised accounts Error Handling Implement proper error handling to avoid revealing sensitive information about your application s inner workings to attackers Regular Security TestingStatic Application Security Testing SAST Analyzes your application s source code to identify potential security vulnerabilities Dynamic Application Security Testing DAST Tests your application during runtime simulating real world attacks to identify vulnerabilities Penetration Testing Involves ethical hackers attempting to exploit identified vulnerabilities to assess the real world impact of potential security breaches Implement Secure Authentication and AuthorizationMulti factor Authentication MFA Require users to provide multiple forms of identification before granting access to your application Strong Password Policies Enforce the use of complex unique passwords to reduce the risk of unauthorized access Role Based Access Control RBAC Implement access controls based on user roles to ensure that users can only access the resources they are authorized to Secure Data Transmission and StorageEncrypt Data Use encryption technologies such as Secure Sockets Layer SSL or Transport Layer Security TLS to protect data transmitted between your web application and its users Secure Data Storage Store sensitive data in encrypted formats and limit access to authorized personnel Essential Web Application Security Tools Web Application Firewalls WAF Web Application Firewalls help protect your web applications by monitoring and filtering incoming traffic blocking malicious requests and preventing unauthorized access Intrusion Detection and Prevention Systems IDPS IDPS tools monitor your network and application traffic for signs of suspicious activity or potential threats allowing you to detect and prevent attacks before they cause harm Security Information and Event Management SIEM SIEM tools collect and analyze log data from various sources within your organization providing real time monitoring alerting and reporting on potential security incidents Vulnerability ScannersVulnerability scanners automatically identify potential security weaknesses in your web applications helping you prioritize and remediate issues before they can be exploited ConclusionIn conclusion web application security is a critical aspect of modern web development By understanding and addressing common threats and vulnerabilities developers can create more secure and resilient applications Implementing robust security measures and best practices can significantly reduce the risk of security incidents and protect user data CronJ a leading web application development company is well versed in designing and developing secure web applications With their extensive experience and expertise they prioritize web application security and ensure that their clients applications are safeguarded against potential cyberattacks References	2023-04-05 09:20:04
海外TECH	DEV Community	8 Awesome VS Code Extensions for JavaScript Developers	https://dev.to/bobbyiliev/8-awesome-vs-code-extensions-for-javascript-developers-4dh1	Awesome VS Code Extensions for JavaScript Developers IntroductionVisual Studio Code VS Code is a popular lightweight and powerful source code editor developed by Microsoft It has extensive support for JavaScript and TypeScript making it the go to choice for many developers One of the most significant features of VS Code is its extensibility allowing you to add custom extensions to enhance your development experience In this tutorial we will explore awesome VS Code extensions for JavaScript developers ESLintESLint is a widely used linting tool for JavaScript that analyzes your code and identifies potential problems such as syntax errors performance issues and coding standard violations This extension integrates ESLint into VS Code providing real time feedback and highlighting issues in your code as you type Prettier Code formattedPrettier is an opinionated code formatter that supports JavaScript TypeScript and many other languages The Prettier extension for VS Code formats your code automatically on save or manually via a command ensuring consistent code style across your project Debugger for ChromeDebugger for Chrome connects the Google Chrome debugger to VS Code allowing you to debug your JavaScript code directly within the editor With this extension you can set breakpoints step through code inspect variables and more without leaving VS Code npm Intellisensenpm Intellisense is a must have for developers who work with Node js and npm packages This extension provides autocompletion for npm modules in your code making it easy to import and require packages without having to memorize package names GitLens ーGit superchargedGitLens is an extension that supercharges Git functionality in VS Code It provides features like inline blame annotations commit searching and file history explorers GitLens is especially useful for JavaScript developers working in large teams or on open source projects as it helps you navigate and understand codebases faster Import CostImport Cost is a useful extension that displays the size of imported packages inline helping you keep track of your application s bundle size With this extension you can make informed decisions about adding or removing dependencies based on their impact on the overall size of your project Live ServerLive Server is a simple but powerful extension that launches a local development server with live reloading for static and dynamic pages This is especially useful for front end JavaScript developers as it allows you to see changes in real time without manually refreshing the browser REST ClientREST Client is a convenient VS Code extension that lets you send HTTP requests and view responses directly within the editor It s great for JavaScript developers working with APIs as it allows you to test and debug endpoints without needing a separate tool like Postman ConclusionThese awesome VS Code extensions can significantly improve your productivity and development experience as a JavaScript developer By leveraging these tools you ll be able to write cleaner more efficient code debug your applications more effectively and more Happy coding	2023-04-05 09:12:15
医療系	医療介護 CBnews	東京のインフルエンザ患者報告数が3週連続減-第13週、31保健所管内のうち26管内で減少	https://www.cbnews.jp/news/entry/20230405184028	都内	2023-04-05 19:00:00
医療系	医療介護 CBnews	5月8日開始の接種、高齢者施設に速やかに案内を-市町村が接種の進捗把握、厚労省が事務連絡	https://www.cbnews.jp/news/entry/20230405181255	予防接種	2023-04-05 18:25:00
金融	金融庁ホームページ	日本とベトナムがフィンテック協力枠組みに関する書簡を交換しました。	https://www.fsa.go.jp/inter/etc/20230405.html	枠組み	2023-04-05 10:00:00
ニュース	BBC News - Home	Nicola Sturgeon's husband Peter Murrell arrested in SNP finance probe	https://www.bbc.co.uk/news/uk-scotland-65187823?at_medium=RSS&at_campaign=KARANGA	custody	2023-04-05 09:48:07
ニュース	BBC News - Home	Local elections 2023: Greens want housing firms to fund more services	https://www.bbc.co.uk/news/uk-politics-65179746?at_medium=RSS&at_campaign=KARANGA	services	2023-04-05 09:37:30
ニュース	BBC News - Home	Salcombe named UK's most expensive seaside town	https://www.bbc.co.uk/news/uk-england-devon-65186068?at_medium=RSS&at_campaign=KARANGA	britain	2023-04-05 09:03:40
ニュース	BBC News - Home	NBA: Watch Joel Embiid's 52-point game for Philadelphia 76ers	https://www.bbc.co.uk/sport/av/basketball/65187611?at_medium=RSS&at_campaign=KARANGA	boston	2023-04-05 09:30:27
ニュース	BBC News - Home	Trump charged: How the world reacted to his arrest	https://www.bbc.co.uk/news/world-us-canada-65186531?at_medium=RSS&at_campaign=KARANGA	front	2023-04-05 09:02:10
GCP	Google Cloud Platform Japan 公式ブログ	Randstad、ChromeOS を使用したセキュアでアジャイルなコンピューティングを導入	https://cloud.google.com/blog/ja/products/chrome-enterprise/randstad-adopts-secure-and-agile-computing-chromeos/	か月後には、Randstadの従業員の約をカバーする、国内の台のChromebookが有効化されていました。	2023-04-05 09:50:00
GCP	Google Cloud Platform Japan 公式ブログ	ソフトウェアを一度にどこにでも配布 - Cloud Deploy マルチターゲットの概要	https://cloud.google.com/blog/ja/products/devops-sre/parallel-deployments-allow-pushing-new-code-to-many-destinations/	これまで、すべてのクラスタを更新する場合は、CloudDeployパイプラインを順次実行し、各クラスタが一度につずつ更新されるのを待つ必要がありましたが、これは最適ではありませんでした。	2023-04-05 09:40:00
GCP	Google Cloud Platform Japan 公式ブログ	AI でデジタル セキュリティを強化する方法	https://cloud.google.com/blog/ja/products/identity-security/how-ai-can-improve-digital-security/	さらに、MLシステムとAIシステムでの敵対的攻撃に関する調査の最新情報を把握し、お客様と連携しながら典型的なAIのやり取りとリスクに対処するためのベストプラクティス、ツール、脅威モデルを開発しています。	2023-04-05 09:20:00
GCP	Google Cloud Platform Japan 公式ブログ	Anthos Service Mesh: 外部サービスとの連携 - 指標とトレース	https://cloud.google.com/blog/ja/products/containers-kubernetes/moving-and-measuring-services-as-part-of-a-mesh/	そのときの目標は次の通りでしたメッシュから外部サービスに流れるトラフィックのトレースと指標を取得するクラウドGKEクラスタでレガシーサービスの再デプロイを実行するトラフィックをGKEサービスに段階的に移行するこの記事では、メッシュから外部サービスに流れるトラフィックの指標とトレースを取得する方法について説明します。	2023-04-05 09:10:00
ニュース	Newsweek	中国では600万部突破──稲盛和夫の『生き方』が世界の人々の心を揺さぶった訳	https://www.newsweekjapan.jp/stories/business/2023/04/post-101170.php	私たちはそれを稲盛先生にアピールするためにやっていたわけではなく、それくらい本気で取り組むことが必要だと考えてやっていたことなんですけれども、不思議なことに稲盛先生のような一流の方ともなると、聞かなくてもわかるようなんです。	2023-04-05 18:21:00
ニュース	Newsweek	「トイレは地獄」「最悪」...金正恩ご自慢の「平壌タワマン」に致命的な問題が	https://www.newsweekjapan.jp/stories/world/2023/04/post-101306.php	「タワマンぐらしは辛い」との悪評を打ち消すために、当局は一部期間に限り、午前時から午後時までエレベーターを稼働させることにしたが、その電気代は入居者から徴収される。	2023-04-05 18:02:00
IT	週刊アスキー	iClever、RGB LED機能対応の75％ゲーミングキーボード「G03」発売	https://weekly.ascii.jp/elem/000/004/131/4131652/	iclever	2023-04-05 18:40:00
IT	週刊アスキー	サンワサプライ、強力なAES256対応暗号を採用したパスワードロック機能付きUSB 3.2 Gen1メモリー「UFD-3HN8GW／16GW」発売	https://weekly.ascii.jp/elem/000/004/131/4131649/	ufdhngwgb	2023-04-05 18:10:00
IT	週刊アスキー	Xbox ワイヤレス コントローラー（リミックス）スペシャル エディションが4月18日より販売！	https://weekly.ascii.jp/elem/000/004/131/4131650/	配慮	2023-04-05 18:05:00
GCP	Cloud Blog JA	Randstad、ChromeOS を使用したセキュアでアジャイルなコンピューティングを導入	https://cloud.google.com/blog/ja/products/chrome-enterprise/randstad-adopts-secure-and-agile-computing-chromeos/	か月後には、Randstadの従業員の約をカバーする、国内の台のChromebookが有効化されていました。	2023-04-05 09:50:00
GCP	Cloud Blog JA	ソフトウェアを一度にどこにでも配布 - Cloud Deploy マルチターゲットの概要	https://cloud.google.com/blog/ja/products/devops-sre/parallel-deployments-allow-pushing-new-code-to-many-destinations/	これまで、すべてのクラスタを更新する場合は、CloudDeployパイプラインを順次実行し、各クラスタが一度につずつ更新されるのを待つ必要がありましたが、これは最適ではありませんでした。	2023-04-05 09:40:00
GCP	Cloud Blog JA	AI でデジタル セキュリティを強化する方法	https://cloud.google.com/blog/ja/products/identity-security/how-ai-can-improve-digital-security/	さらに、MLシステムとAIシステムでの敵対的攻撃に関する調査の最新情報を把握し、お客様と連携しながら典型的なAIのやり取りとリスクに対処するためのベストプラクティス、ツール、脅威モデルを開発しています。	2023-04-05 09:20:00
GCP	Cloud Blog JA	Anthos Service Mesh: 外部サービスとの連携 - 指標とトレース	https://cloud.google.com/blog/ja/products/containers-kubernetes/moving-and-measuring-services-as-part-of-a-mesh/	そのときの目標は次の通りでしたメッシュから外部サービスに流れるトラフィックのトレースと指標を取得するクラウドGKEクラスタでレガシーサービスの再デプロイを実行するトラフィックをGKEサービスに段階的に移行するこの記事では、メッシュから外部サービスに流れるトラフィックの指標とトレースを取得する方法について説明します。	2023-04-05 09:10:00