投稿時間:2023-04-24 12:15:25 RSSフィード2023-04-24 12:00 分まとめ(16件)

カテゴリー等	サイト名等	記事タイトル・トレンドワード等	リンクURL	頻出ワード・要約等/検索ボリューム	登録日
IT	ITmedia 総合記事一覧	[ITmedia News] 教頭先生、GoPro装着！　まる1日“学校DX”の課題探し　実際にやった教育委員会に話を聞いた	https://www.itmedia.co.jp/news/articles/2304/24/news062.html	gopro	2023-04-24 11:45:00
AWS	AWS Japan Blog	週刊AWS – 2023/4/17週	https://aws.amazon.com/jp/blogs/news/aws-weekly-20230417/	amazonefs	2023-04-24 02:15:49
python	Pythonタグが付けられた新着投稿 - Qiita	OpenAI の Embeddings API はイケてるのか、定量的に調べてみる	https://qiita.com/akeyhero/items/ce371bfed64399027c23	chatgptc	2023-04-24 11:27:03
python	Pythonタグが付けられた新着投稿 - Qiita	#Slack Bolt for python で複数Slackアプリを1つのBoltでホスティングしてコスト削減してみた	https://qiita.com/geeorgey/items/b756baf2363a943c08bd	boltforpython	2023-04-24 11:18:50
Ruby	Rubyタグが付けられた新着投稿 - Qiita	Rubyの`<<`って何ぞ	https://qiita.com/takegongon/items/7648815a24e60e11240d	array	2023-04-24 11:14:09
GCP	gcpタグが付けられた新着投稿 - Qiita	CVATをGKE上で動かしてみた話	https://qiita.com/niccari/items/0a6498f4362e83031091	連携	2023-04-24 11:30:40
技術ブログ	Developers.IO	[レポート] Resilience at AWS 回復力のあるシステムを作る為の設計指針 L200 #AWSSummit Tokyo 2023 AWS-14	https://dev.classmethod.jp/articles/202304-report-aws-14/	awswa	2023-04-24 02:18:35
海外TECH	DEV Community	New Android banking trojan called "Sharkbot", its way of attack and how to defend	https://dev.to/teamliapp/new-android-banking-trojan-called-sharkbot-its-way-of-attack-and-how-to-defend-1p0h	New Android banking trojan called quot Sharkbot quot its way of attack and how to defendMalware not the antivirus Antivirus app downloaded to prevent from hacking but this app has been controversial as it has been found to be malicious malware that infiltrates users mobile devices manipulates banking applications and remits assets to the outside Sharkbot a Trojan horse that first appeared in October and continues disturbing Google These can be easily downloaded from the official Google Play Store but it turns into malicious apps at some point after being installed on the user s smartphone What is Sharkbot Sharkbot is a new generation Android banking Trojan discovered by the Threat Intelligence team of the security company Cleafy Sharkbot masquerades as a mobile app or a commonly used app with common name and icon Sharkbot is known to use the work Sharked in the binary of the APK file and once the malware is installed it executes key logging SMS message interception overlay attack and remote control commands Thee apps were already downloaded by more than users worldwide with most victims believed to be in the UK and Italy Google of course they quickly deleted these apps and announced that they took action on other apps presumed to be Sharkbot How did they trick Google Usually the app must go through a pre inspection process prior to registering an app on an official stores such as Google Play However Sharkbot has been registered as a safe app as if it were a safe application tricking Google How did this happen According to the analysis Sharkbot has a variety of anti analysis functions which allows it to detect sandbox environment or adjust the triggering time of hacking Above all full fledged malicious functions are additionally downloaded from external C amp C servers This is the reason that there were no problems found during the inspection of the Google Play Store It is very difficult to catch Sharkbot that has a domain generation algorithm DGA that can freely change external C amp C domain and a geofence functions that deactivate malicious functions in a specific area How did Sharkbot get a permission from users The Sharkbot dpownloaded on the user s smartphone reveals it s malignity the moment it receives an external command Sharkbot is similar to other malware such as TeaBot and UBEL it displays malicious pop ups that repeatedly ask for extensive permission to steal user s sensitive information Sharkbot like other similar malware such as TeaBot and UBEL displays malicious pop ups that repeatedly require extensive authorization to steal user s sensitive information Sharkbot will be able to get all the permissions declared in the AndroidManifest file needed to hack the banking app once accessibility permissions and services are activated by user Sharkbot then uses Android s accessibility service authority to display an overlaid window over a normal mobile banking app to induce the user to enter personal information obtain the login credentials of the acquired bank app and send them to a malicious server ATS Automatic Transmission System of the SharkbotThis information is used to access email social media online bank accounts and more With the permissions shown in the figure above the Sharkbot can read or send text messages and perform overlay attacks In particular the REQUEST IGNORE BATTERY OPTIMIZATIONS permission could bypass Android s doze component and connect to the C server to continue its malicious action Money is now transferred out of the victim s bank account During this process Sharkbot can intercept the device s SMS messages and use them to get the FA sent by the bank As attackers do not have to register new device for fraudulent activity it is difficult to detect that money are being stolen even if the money is transferred from the victim s bank account The way how SharkBot avoids detectionSharkBot has a technology to avoid from anti virus detection It includes several features to avoid analysis and detection such as inspecting and running emulators encrypting command and control communication with remote servers and hiding icons from the home screen after installation Strings can be obfuscated to slow down static analysis and hide all commands and sensitive information used by the malware Below is a list of other evasion features Sharkbot are using Anti emulator  It determines whether it is a real phone or an emulator when malware is installed on a device External ATS module  The installed malware downloads additional modules from C and external modules are JAR files that contain all the functions used to perform ATS attacks This module is analyzed by Sharkbot in paragraph of the ATS module Hide icon app  If malicious program is installed Sharkbot hides from the app s icon from the device screen Prevent deletion  Sharkbot uses accessibility services to prevent users from uninstalling the program from the setting options like other malware Encrypted communication  All communication between the malware and C is encrypted and encoded with Base also use the domain generation algorithm DGA How to detect and prevent Sharkbot While various security comapanies and stores are trying to defend themselves it is no longer safe to trust such as APP Store and Google Play Users need to be alert now that malicious apps that try to hack into banking are constantly discovering new versions This is why users should avoid installing apps that are unknown sources or that require excessive permissions and periodically update legitimate antivirus to the latest version In addition it is important for individuals to carefully check the reviews number of downloads and developer information each time downloading an app It is also recommended to suspect and view apps that request permission for accessibility services unless there is a special case Companies that provide banking apps should take proactive steps to strengthen the security of the apps themselves and to detect amp block malicious malware LIAPP can detect apps known as Sharkbot through pattern detection Also LIAPP can prevent Sharkbot from hacking banking apps by performing functions such as overlay detection remote control program detection and screen capture program prevention If you are a banking app service company please contact the LIAPP team about Sharkbot We will provide with more detailed consultation LIAPP we provide the best service possible	2023-04-24 02:40:19
海外TECH	DEV Community	Why Web Apps?	https://dev.to/xanderlambert/why-web-apps-1j3p	Why Web Apps Many companies are shifting to Progressive Web Apps Spotify is maybe my favorite example Uber Tinder and Pinterest are three more A web app is accessed through a web browser like Chrome Firefox or Safari which communicates with the web server that hosts the application Web apps seem to present a range of benefits for developers and users alike Here I will focus on the UI benefits maintenance benefits and briefly discuss implementation Web apps can be easier to maintain developers and provide greater accessibility users UI Accessibility One of the key advantages of web apps tout over local versions is their accessibility Web apps can be accessed from any device with an internet connection and a web browser making them highly convenient for users Additionally web apps are not tied to a specific platform or operating system which means they can be accessed from any device regardless of whether it s an iOS Android Windows or Mac device This is a game changer as it opens up the large portion of the population to potentially using your app Another point that makes web apps more accessible is the fact that users never need to download an app No need to take up that precious storage space for an app you might use a handful of times or cant even find While some very commonly used apps may still have some benefits to being stored locally many are moving to the web Lets think of an example You want an app that displays a calendar with Mardi Gras parade times for the year In this case you will only need the app for a a week or two at the most Why keep it somewhere deep in your iPhone until you try to redownload it next year Wouldn t it be so much easier to paste the link into your browser and return to that page as needed Maintenance and updates Web apps are typically easier to maintain and update than other types of applications One reason for this claim is because the application is hosted on a web server updates can be made to the application without requiring users to download or install anything on their devices This makes it easier for developers to fix bugs add new features and make other improvements to the application as needed The next time a user visits the changes will have been made Another key benefit to developers is since the app is accessed through the browser the browser is all that needs to be accounted for rather than the operating system or device type This of course allows developers to focus their skills on other parts of the app WebAssembly How does it fit in WebAssembly is a binary instruction format for a stack based virtual machine that is designed to run in web browsers What does this even mean It means that WebAssembly can be used to compile code that can run directly in a web browser without the need for plugins or other third party software The aim of WebAssembly was to bring resource intensive desktop apps into the browser while maintaining performance WebAssembly is a way to use other faster coding languages instead of JavaScript within the browser Languages such as C or Rust which can be compiled into highly optimized code that run faster than equivalent JavaScript WebAssembly does not have the ability to manipulate the DOM though so JavaScript is used to fill in the gaps This makes WebAssembly likely to become an increasingly important part of the web development landscape in the coming years Web apps provide a convenient way for users to access and interact with software applications without needing to download and install additional software on their devices So next time you re looking for a good Mardi Gras calendar check so see if there s a web app Hint There is resources	2023-04-24 02:38:07
海外TECH	DEV Community	How To Add Fonts In A Next 13 App	https://dev.to/inaju/how-to-add-fonts-in-a-next-13-app-19j7	How To Add Fonts In A Next App OverviewIn this article I ll show you how Nextjs now allows us to optimize our fonts with the next font package There is no need to download the Google fonts locally and no need for CDN links Google FontsTo use Google fonts in your Nextjs app you should use the recommended next fonts google to load Google fonts For increased privacy and performance next font will automatically optimize your fonts including custom fonts and remove external network queries For this post we are going to use the poppings fonts from Google Locate your Layout tsx and add this code snippet edit it to your use import Poppins from next font google const poppinsFont Poppins weight subsets latin variable font poppins Make sure you use the variable configuration prop which you will use to generate a definition for a CSS var for each font This would ensure that we have the best performance and flexibility Local FontWith the same library next font local you can make use of local fonts stored locally on your repository so no need to download any extra module Make sure that you correctly put in the path to the locally stored font it s fine to host it in your public directory Remember to use the variable configuration prop which you will use to generate a definition for a CSS var for each font Add this file to your layouts tsx fileimport localFont from next font local const studioPro localFont src path public font studio pro bold ttf weight style normal path public font studio pro medium ttf weight style normal variable font studio pro Accessing The FontTo access the font through your app you should pass the generated variables into the wrapper class in Layout tsx This would ensure that the variable you passed is accessible to any parent component Your Layout tsx file should look like thisimport Poppins from next font google import localFont from next font local import React from react export default function RootLayout children children React ReactNode const poppinsFont Poppins weight subsets latin variable font poppins const studioPro localFont src path public font studio pro bold ttf weight style normal path public font studio pro medium ttf weight style normal variable font studio pro return lt html lang en gt lt head gt lt body className poppinsFont variable studioPro variable gt children lt body gt lt html gt You should see something like this on your Chrome browser tools Access the Font on your CSS filesHere s how to access the font in a simple css file you can use this in your global css filehtml font family var font poppins h font family var font studio pro Access the Font with TailwindWe have made this font globally accessible but we need a way to tell Tailwind that these fonts are now accessible How To use this font in Tailwind add this to the extend object inside the theme in your tailwind config ts file export default theme extend fontFamily font poppins var font poppins studio pro var font studio pro Here s how to use the font in a component const SimpleComponent React FC gt lt p className font poppins gt This is with the Poppins Font lt p gt export default SimpleComponent Final ThoughtsThanks for reading We ve seen how easy it is to add fonts to a Nextjs app I ll recommend using this approach to add fonts in your Nextjs app as this is the optimized way recommended by the documentation It s time to experiment Looking forward to the amazing websites you ll build with Nextjs Connect With to meLinkedin Twitter dev to	2023-04-24 02:23:39
海外TECH	CodeProject Latest Articles	dcr(digital camera raw) file format	https://www.codeproject.com/Articles/5359536/dcr-digital-camera-raw-file-format	files	2023-04-24 02:37:00
金融	ニッセイ基礎研究所	欧州金融システムのリスク再考－銀行同盟の強靭性が試されるのはこれから	https://www.nli-research.co.jp/topics_detail1/id=74615?site=nli	nbsp目次・落ち着きを取り戻した欧州の金融システム・CSの問題の特殊性とスイスの欧州における特別な位置取り・銀行同盟始動で強靭化したユーロ圏の金融システム・欠けたままの銀行同盟の本目の柱欧州預金保険制度EDIS・銀行同盟完成に向けた取り組みは加速するか月の米国の中堅銀行の破綻を引き金にスイスの大手行クレディ・スイスCSのUBSによる吸収合併に発展した金融不安は、米国、スイスの政策当局による速やかな対応もあり、一層の拡大は食い止められた。	2023-04-24 11:45:44
金融	ニッセイ基礎研究所	米労働需給に緩和の兆し－労働供給が回復する中で、金融引締めや信用収縮などから労働需要は低下へ	https://www.nli-research.co.jp/topics_detail1/id=74619?site=nli	nbsp目次はじめに米労働需給は依然逼迫も緩和の兆し雇用統計月の雇用統計は労働需給の逼迫を確認労働供給若年層や働き盛りの労働参加率は新型コロナ流行前の水準に回復労働需要求人数や中小企業の欠員は依然高水準もピークアウト労働需要人員削減数は大幅増加も失業保険新規申請件数の増加は緩やか賃金追跡指数好条件の転職機会が低下している可能性今後の見通し米国の労働市場は雇用者数の堅調な増加が続いているほか、失業率が年以来の低水準を維持するなど、労働需給は非常に逼迫している。	2023-04-24 11:20:06
海外ニュース	Japan Times latest articles	Macron’s push to get China’s help on Ukraine is unraveling fast	https://www.japantimes.co.jp/news/2023/04/24/world/politics-diplomacy-world/macron-china-help-ukraine-unraveling/	Macron s push to get China s help on Ukraine is unraveling fastThe Chinese Ambassador to France Lu Shaye said ex Soviet states don t have sovereign status a statement that ignores internationally recognized borders in Eastern and Central	2023-04-24 11:10:54
ビジネス	不景気.com	米小売「ベッド・バス・アンド・ビヨンド」が破産法申請 - 不景気com	https://www.fukeiki.com/2023/04/bed-bath-beyond-chapter11.html	破産法	2023-04-24 02:45:31
IT	週刊アスキー	【松屋】牛乳をたっぷり使用した「ホワイトソースハンバーグ定食」発売へ	https://weekly.ascii.jp/elem/000/004/133/4133955/	発売	2023-04-24 11:20:00