Latest YouTube Video

Saturday, August 29, 2015

Orioles Video: Manny Machado hits RBI single in 3-run 5th in 4-3 loss, slip 4.5 games behind Rangers for 2nd wild card (ESPN)

from ESPN http://ift.tt/1eW1vUH
via IFTTT

City doesn't waste Chelsea slip, Madrid wins big in Spain

LONDON (AP) Chelsea's Premier League title defense is already floundering after a rare home loss let Manchester City increase its lead following a fourth consecutive win on Saturday.

from FOX Sports Digital http://ift.tt/1Iu3u0a
via IFTTT

Ravens: WR Steve Smith ejected along with Redskins CB Chris Culliver for fighting in 1st quarter of preseason game (ESPN)

from ESPN http://ift.tt/17lH5T2
via IFTTT

Benfica fights back for 3-2 win over Moreirense

LISBON, Portugal (AP) Benfica fought back to beat Moreirense 3-2 at home on Saturday, while FC Porto earned a 2-0 win over Estoril in the Portuguese league.

from FOX Sports Digital http://ift.tt/1iayFso
via IFTTT

Olympiakos beats Levadiakos with 2 late goals

ATHENS, Greece (AP) Defending champion Olympiakos struggled to beat stubborn Levadiakos 2-0 in the Greek league Saturday.

from FOX Sports Digital http://ift.tt/1Q0b6xM
via IFTTT

German goalkeeper Nadine Angerer faces her retirement

PORTLAND, Ore. (AP) Nadine Angerer long ago started a bucket list of what she wants to do in retirement.

from FOX Sports Digital http://ift.tt/1O0nIDN
via IFTTT

Giovinco 1 of 9 foreign-based players in Italy squad

MILAN (AP) Antonio Conte recalled Toronto FC forward Sebastian Giovinco to the Italy squad on Saturday for the upcoming European Champions qualifiers against Bulgaria and Malta.

from FOX Sports Digital http://ift.tt/1KtPCJa
via IFTTT

Anonymous

Anonymous ... Somewhere, The Universe. Insert pithy one-line bio here. 26 words in 1 moment in 1 city since August 29th, 2015 ...

from Google Alert - anonymous http://ift.tt/1PZPAt3
via IFTTT

APOEL puts Europa League hopes in new coach Ketsbaia

NICOSIA, Cyprus (AP) APOEL Nicosia hopes new coach Temur Ketsbaia can give the Cypriot club success in the Europa League after missing out on the Champions League.

from FOX Sports Digital http://ift.tt/1NG4fv0
via IFTTT

Mourinho endures rare loss; Man City breaks club wins record

LONDON (AP) Breaking a 103-year club record, Manchester City reeled off its 10th straight Premier League victory on Saturday. For Jose Mourinho, a landmark day produced an unwelcome result, with his 100th home league game in charge of Chelsea ending in only a second loss.

from FOX Sports Digital http://ift.tt/1Ukkf4H
via IFTTT

Sociedad draws 0-0 with Sporting Gijon in Spanish league

BARCELONA, Spain (AP) David Moyes' Real Sociedad is still searching for its first win- and its first goal- of the Spanish league season after the Basque side drew 0-0 with Real Sporting on Saturday.

from FOX Sports Digital http://ift.tt/1KtLkS8
via IFTTT

Sassuolo beats Bologna 1-0 to move top of Serie A

MILAN (AP) Sassuolo won 1-0 at newly-promoted Bologna to move top of Serie A for the first time in its history on Saturday.

from FOX Sports Digital http://ift.tt/1LJma3I
via IFTTT

Midfielder Denis Suarez joins Villarreal from Barcelona

BARCELONA, Spain (AP) Midfielder Denis Suarez is leaving Barcelona to join Villarreal on a permanent transfer after he cut short his loan deal at Sevilla by one season.

from FOX Sports Digital http://ift.tt/1WZEwRq
via IFTTT

West Ham stuns Liverpool 3-0 in Premier League

LIVERPOOL, England (AP) Mark Noble scored and was later sent off as West Ham stunned Liverpool 3-0 Saturday for its first victory at Anfield since 1963 in a Premier League game that both teams finished with 10 men.

from FOX Sports Digital http://ift.tt/1EpaAI4
via IFTTT

Sterling gets 1st goal as Man City keeps perfect record

MANCHESTER, England (AP) Raheem Sterling scored his first Premier League goal for Manchester City as Manuel Pellegrini's team beat Watford 2-0 Saturday to keep its perfect record.

from FOX Sports Digital http://ift.tt/1N21QLg
via IFTTT

Twitter Refuses Actor James Woods' Request To ID Anonymous User

Twitter is refusing to identify an anonymous user who accused Academy Award-nominated actor James Woods of being a “cocaine addict.”Woods ...

from Google Alert - anonymous http://ift.tt/1VlrQSW
via IFTTT

Arsenal relies on own goal to beat 10-man Newcastle in EPL

NEWCASTLE, England (AP) Arsenal relied on Fabricio Coloccini's own goal to win 1-0 at Newcastle despite the hosts playing most of the Premier League game with 10 men on Saturday.

from FOX Sports Digital http://ift.tt/1NFE7Ay
via IFTTT

Stuttgart 'keeper Langerak to miss another 6-8 weeks

STUTTGART, Germany (AP) Stuttgart says its Australian goalkeeper Mitch Langerak needs surgery and will be out for another six to eight weeks.

from FOX Sports Digital http://ift.tt/1JoPBlu
via IFTTT

Caio shines as Kashima Antlers beats Kawasaki Frontale 3-1

KAWASAKI, Japan (AP) Brazilian forward Caio shone as Kashima Antlers picked up its sixth straight win to remain top of the J-League second stage table, beating Kawasaki Frontale 3-1 Saturday.

from FOX Sports Digital http://ift.tt/1F63m6V
via IFTTT

Borussia Dortmund signs defender Park Joo-ho from Mainz

DORTMUND, Germany (AP) Borussia Dortmund has signed South Korea defender Park Joo-ho from Bundesliga rival Mainz.

from FOX Sports Digital http://ift.tt/1fMPyaF
via IFTTT

Neymar recovers from mumps, fit for 1st match

BARCELONA, Spain (AP) Barcelona says Neymar has been cleared to play his first match of the season after having recovered from the mumps.

from FOX Sports Digital http://ift.tt/1WZ1hEX
via IFTTT

Puppis A Supernova Remnant


Driven by the explosion of a massive star, supernova remnant Puppis A is blasting into the surrounding interstellar medium about 7,000 light-years away. At that distance, this colorful telescopic field based on broadband and narrowband optical image data is about 60 light-years across. As the supernova remnant expands into its clumpy, non-uniform surroundings, shocked filaments of oxygen atoms glow in green-blue hues. Hydrogen and nitrogen are in red. Light from the initial supernova itself, triggered by the collapse of the massive star's core, would have reached Earth about 3,700 years ago. The Puppis A remnant is actually seen through outlying emission from the closer but more ancient Vela supernova remnant, near the crowded plane of our Milky Way galaxy. Still glowing across the electromagnetic spectrum Puppis A remains one of the brightest sources in the X-ray sky. via NASA http://ift.tt/1LF7ZfT

Friday, August 28, 2015

Orioles Video: Kevin Gausman allows 4 R in 6.2 IP, Baltimore manages 3 H in 4-1 setback to Rangers; 8th loss in 9 games (ESPN)

from ESPN http://ift.tt/1eW1vUH
via IFTTT

An Anonymous Donor Is Funding the Restoration of a Jewish Cemetery in Lebanon

An anonymous donor of Lebanese-Jewish extraction, now living in New York, is funding the restoration of the Jewish cemetery in the city of Sidon.

from Google Alert - anonymous http://ift.tt/1Eqjup3
via IFTTT

Villarreal beats Espanyol 3-1 in Spanish league

MADRID (AP) New signing Cedric Bakambu scored two late goals to give Villarreal a 3-1 win over Espanyol on Friday in the Spanish league.

from FOX Sports Digital http://ift.tt/1Jrbvqs
via IFTTT

Judge releases Argentine businessmen held in FIFA scandal

BUENOS AIRES, Argentina (AP) Two Argentine businessmen who were arrested in connection with the FIFA corruption scandal have been released from prison until an ongoing extradition proceeding to the United States is resolved.

from FOX Sports Digital http://ift.tt/1EnIDQR
via IFTTT

Wolfsburg beats Schalke 3-0 in Bundesliga

FRANKFURT, Germany (AP) Wolfsburg found out there is life after Kevin de Bruyne, beating Schalke 3-0 in a showdown between two highly rated Bundesliga teams Friday.

from FOX Sports Digital http://ift.tt/1LALiXk
via IFTTT

Ravens: Jamison Hensley makes his mid-preseason 53-man roster projection, says team is \"loaded with young talent\" at DT (ESPN)

from ESPN http://ift.tt/17lH5T2
via IFTTT

Someone Set Up A Hotline For Anonymous Confessions. These Are Those Confessions

From mundane frustration about a bad hair day, to thoughts of murder, the human psyche holds some deep secrets.

from Google Alert - anonymous http://ift.tt/1IqoMvu
via IFTTT

Yaya Toure opts out of Ivory Coast squad, future unclear

ABIDJAN, Ivory Coast (AP) Yaya Toure asked not to be included in Ivory Coast's squad for its first 2017 African Cup of Nations qualifier and coach Michel Dussuyer says the midfielder is in a ''period of reflection'' over his international career.

from FOX Sports Digital http://ift.tt/1hJRpin
via IFTTT

Things to know about the FIFA presidential election

MONACO (AP) FIFA presidential contender Michel Platini would not talk about it Friday, but he is the front-runner in an election that is still six months off.

from FOX Sports Digital http://ift.tt/1LGWEfd
via IFTTT

Conte: Balotelli must show he 'deserves' an Italy call up

ROME (AP) If Mario Balotelli wants to return to Italy's squad, coach Antonio Conte says he'll have to show that he deserves a spot.

from FOX Sports Digital http://ift.tt/1Ui1zCR
via IFTTT

FIFA contender Platini refuses to talk election issues

MONACO (AP) Michel Platini has apologized for refusing to discuss FIFA issues at his first news conference since announcing his bid for president of the governing body last month.

from FOX Sports Digital http://ift.tt/1KqqD9E
via IFTTT

Bayern sends Pierre Emile Hoejbjerg to Schalke on loan

MUNICH (AP) Bayern Munich says it is sending midfielder Pierre Emil Hoejbjerg on loan to Schalke for the season.

from FOX Sports Digital http://ift.tt/1KqiOAX
via IFTTT

Midfielder Veloso back for Portugal against France, Albania

LISBON, Portugal (AP) Miguel Veloso earned his first call-up in a year as Portugal coach Fernando Santos announced his 24-man squad for an exhibition game against France and a European Championship qualifying match in Albania.

from FOX Sports Digital http://ift.tt/1LGqh0l
via IFTTT

I have a new follower on Twitter


Yvonne Aburrow
Writer, blogger, poet. Web developer. Wiccan. Bisexual, genderqueer, androgynous. Lefty green anarchist. Cat-worshipper. Tree-lover.
Oxford
http://t.co/1InzZeSTSz
Following: 1326 - Followers: 1139

August 28, 2015 at 10:30AM via Twitter http://twitter.com/vogelbeere

[FD] Photo Transfer (2) v1.0 iOS - Denial of Service Vulnerability

Document Title: =============== Photo Transfer (2) v1.0 iOS - Denial of Service Vulnerability References (Source): ==================== http://ift.tt/1J6INLo Release Date: ============= 2015-08-20 Vulnerability Laboratory ID (VL-ID): ==================================== 1580 Common Vulnerability Scoring System: ==================================== 3.4 Product & Service Introduction: =============================== Photo Transfer 2 is the easiest and fastest way to transfer photos (videos) from Camera Roll to computer or other iOS devices, and vice versa. No need for USB cable, iTunes or extra equipment! (Copy of the Vendor Homepage: http://ift.tt/1IoQFUW ) Abstract Advisory Information: ============================== The Vulnerability Laboratory Research Team discovered a remote denial of service vulnerability in the official Photo Transfer 2 - v1.0 iOS mobile web-application. Vulnerability Disclosure Timeline: ================================== 2015-07-27: Public Disclosure (Vulnerability Laboratory) Discovery Status: ================= Published Affected Product(s): ==================== Arvin Brook Product: Photo Transfer 2 - iOS Mobile Web Application 1.0 Exploitation Technique: ======================= Remote Severity Level: =============== Medium Technical Details & Description: ================================ A remote denial of service vulnerability has been discovered in the official Photo Transfer 2 - v1.0 iOS mobile web-application. The issue allows local attackers to crash or shutdown the software client by usage of special crafted payloads. The vulnerability is located in the id value restriction of show module path context. Remote attacker can easily crash the application remotly by including wrong and large id context in integer format. The attack vector is client-side and the request method to provoke the mobile app crash is GET. The handling of the id path gets confused on negative integer values which results in a permanent app shutdown. The security risk of the denial of service vulnerability is estimated as medium with a cvss (common vulnerability scoring system) count of 3.4. Exploitation of the DoS vulnerability requires no privilege application user account or low user interaction. Successful exploitation of the vulnerability results in an application crash or permanent app service shutdown. Vulnerable Module(s): [+] ../show/ Vulnerable Parameter(s): [+] id Proof of Concept (PoC): ======================= The remote denial of service web vulnerability can be exploited by remote attackers without user interaction or privilege web-application user account. For security demonstration or to reproduce the vulnerability follow the provided information and steps below to continue. Standard URL: http://localhost:3030/show/5 PoC: Payload (Input to show Parameter) -9999999999999999999' PoC URL: http://localhost:3030/show/-9999999999999999999' PoC: Exploit

[FD] PayPal Bug Bounty #119 - Stored Cross Site Scripting Vulnerability

Document Title: =============== PayPal Bug Bounty #119 - Stored Cross Site Scripting Vulnerability References (Source): ==================== http://ift.tt/1UhqYfS Video: http://ift.tt/1PCKHoK Vulnerability Magazine: http://ift.tt/1UaL5BF Release Date: ============= 2015-08-28 Vulnerability Laboratory ID (VL-ID): ==================================== 1588 Common Vulnerability Scoring System: ==================================== 4.2 Product & Service Introduction: =============================== PayPal is a global e-commerce business allowing payments and money transfers to be made through the Internet. Online money transfers serve as electronic alternatives to paying with traditional paper methods, such as checks and money orders. Originally, a PayPal account could be funded with an electronic debit from a bank account or by a credit card at the payer s choice. But some time in 2010 or early 2011, PayPal began to require a verified bank account after the account holder exceeded a predetermined spending limit. After that point, PayPal will attempt to take funds for a purchase from funding sources according to a specified funding hierarchy. If you set one of the funding sources as Primary, it will default to that, within that level of the hierarchy (for example, if your credit card ending in 4567 is set as the Primary over 1234, it will still attempt to pay money out of your PayPal balance, before it attempts to charge your credit card). The funding hierarchy is a balance in the PayPal account; a PayPal credit account, PayPal Extras, PayPal SmartConnect, PayPal Extras Master Card or Bill Me Later (if selected as primary funding source) (It can bypass the Balance); a verified bank account; other funding sources, such as non-PayPal credit cards. The recipient of a PayPal transfer can either request a check from PayPal, establish their own PayPal deposit account or request a transfer to their bank account. PayPal is an acquirer, performing payment processing for online vendors, auction sites, and other commercial users, for which it charges a fee. It may also charge a fee for receiving money, proportional to the amount received. The fees depend on the currency used, the payment option used, the country of the sender, the country of the recipient, the amount sent and the recipient s account type. In addition, eBay purchases made by credit card through PayPal may incur extra fees if the buyer and seller use different currencies. On October 3, 2002, PayPal became a wholly owned subsidiary of eBay. Its corporate headquarters are in San Jose, California, United States at eBay s North First Street satellite office campus. The company also has significant operations in Omaha, Nebraska, Scottsdale, Arizona, and Austin, Texas, in the United States, Chennai, Dublin, Kleinmachnow (near Berlin) and Tel Aviv. As of July 2007, across Europe, PayPal also operates as a Luxembourg-based bank. On March 17, 2010, PayPal entered into an agreement with China UnionPay (CUP), China s bankcard association, to allow Chinese consumers to use PayPal to shop online.PayPal is planning to expand its workforce in Asia to 2,000 by the end of the year 2010. (Copy of the Homepage: www.paypal.com) [http://ift.tt/rooU27] Abstract Advisory Information: ============================== The Vulnerability Laboratory Core Team Researcher discovered an application-side input validation and filter bypass vulnerability in the official PayPal Inc online service web-application. Vulnerability Disclosure Timeline: ================================== 2015-08-20: Vendor Fix/Patch (PayPal Inc - Developer Team) 2015-08-28: Public Disclosure (Vulnerability Laboratory Discovery Status: ================= Published Affected Product(s): ==================== PayPal Inc Product: PayPal - Online Service Web Application 2015 Q3 Exploitation Technique: ======================= Remote Severity Level: =============== Medium Technical Details & Description: ================================ An application-side validation vulnerability has been discovered in the official PayPal Inc online service web-application. The vulnerability allows remote attackers to comrpomise user accounts or transactions by persistent malicious inject of script codes. Paypal SecurePayments domain is used by paypal users to do secure payments when purchasing from any shopping site, this secure payments page require Paypal users to fill some forms that include their Credit Card number, CVV2, Expiry date and more to finalize the payment and purchase the products via their Paypal account, The submitted data is processed through encrypted channel(HTTPS) so attackers wont be able to sniff/steal such data. I’ve found a Stored XSS vulnerability that affects the SecurePayment page directly which allowed me to alter the page HTML and rewrite the page content, An attacker can provide his own HTML forms to the user to fullfill and send the users data back to attacker’s server in clear text format, and then use this information to purchase anything in behave of users or even transfere the users fund to his own account! Request Method(s): [+] POST Vulnerable Page: [+] http://ift.tt/1LGjUdl Vulnerable Parameter(s): [+] template Proof of Concept (PoC): ======================= The application-side cross site scripting vulnerability can be exploited by remote attackers withour privilege application user account and with low user interaction (click). For security demonstration or to reproduce the vulnerability follow the provided information and steps below to continue. Manual steps to reproduce the vulnerability ... 1- Attacker setup shopping site or Hack into any shopping site, alter the “CheckOut” button with the Paypal Vulnerability, 2- Paypal user browse the malformed shopping site, choose some products, click on “CheckOut” button to Pay with his Paypal account, 3- User get’s redirected to http://ift.tt/1uJ1or8 to fill the required Credit Card information to complete the purchasing order, In the same page, the products price that will be paid is included inside the same page, and as we know the attacker now control this page! 4- Now when you (Paypal user) click on Submit Payment button, instead of paying let’s say “100$” YOU WILL PAY TO THE ATTACKER WHATEVER AMOUNT THE ATTACKER’S DECIDE!! Solution - Fix & Patch: ======================= 2015-08-20: Vendor Fix/Patch (PayPal Inc - Developer Team) Security Risk: ============== The security risk of the stored cross site scripting vulnerability in the paypal web-application is estimated as medium. (CVSS 4.2) Credits & Authors: ================== Vulnerability Laboratory [Research Team] - Ebrahim Hegazy [ebrahim@evolution-sec.com] (http://ift.tt/1jnqRwA) Disclaimer & Information: ========================= The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any case of damage, including direct, indirect, incidental, consequential loss of business profits or special damages, even if Vulnerability-Lab or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply. We do not approve or encourage anybody to break any vendor licenses, policies, deface websites, hack into databases or trade with fraud/stolen material. Domains: http://ift.tt/1jnqRwA - www.vuln-lab.com - http://ift.tt/1kouTut Contact: admin@vulnerability-lab.com - research@vulnerability-lab.com - admin@evolution-sec.com Section: magazine.vulnerability-db.com - http://ift.tt/1zNuo47 - http://ift.tt/1wo6y8x Social: http://twitter.com/#!/vuln_lab - http://ift.tt/1kouSqa - http://youtube.com/user/vulnerability0lab Feeds: http://ift.tt/1iS1DH0 - http://ift.tt/1kouSqh - http://ift.tt/1kouTKS Programs: http://ift.tt/1iS1GCs - http://ift.tt/1iS1FyF - http://ift.tt/1kouSqp Any modified copy or reproduction, including partially usages, of this file requires authorization from Vulnerability Laboratory. Permission to electronically redistribute this alert in its unmodified form is granted. All other rights, including the use of other media, are reserved by Vulnerability-Lab Research Team or its suppliers. All pictures, texts, advisories, source code, videos and other information on this website is trademark of vulnerability-lab team & the specific authors or managers. To record, list (feed), modify, use or edit our material contact (admin@vulnerability-lab.com or research@vulnerability-lab.com) to get a permission. Copyright © 2015 | Vulnerability Laboratory - [Evolution Security GmbH]™

Source: Gmail -> IFTTT-> Blogger

[FD] LinuxOptic CMS 2009 - Auth Bypass Session Vulnerability

Document Title: =============== LinuxOptic CMS 2009 - Auth Bypass Session Vulnerability References (Source): ==================== http://ift.tt/1PSnlfM Release Date: ============= 2015-08-26 Vulnerability Laboratory ID (VL-ID): ==================================== 1585 Common Vulnerability Scoring System: ==================================== 8.1 Product & Service Introduction: =============================== By employing the best brains in software programming, graphic designing and webmasters in our fold, we are today able to offer all-in-all services in areas as diverse as: Offshore Software Development Web-based and standalone Application Development Rich Internet Applications Web Design and Development Custom Software Programming Custom artwork, graphics and logos and multimedia designing Open Source Development and Solutions Internet Marketing (Copy of the Vendor Homepage: http://ift.tt/1LGjOm0 ) Abstract Advisory Information: ============================== An independent vulnerability laboratory researcher discovered a session auth bypass vulnerability in the official LinuxOptic 2009 content management system. Vulnerability Disclosure Timeline: ================================== 2015-08-26: Public Disclosure (Vulnerability Laboratory) Discovery Status: ================= Published Exploitation Technique: ======================= Remote Severity Level: =============== High Technical Details & Description: ================================ An auth bypass session vulnerability has been discovered in the official LinuxOptic 2009 content management system. The session vulnerability allows remote attackers to unauthorized access the administrator panel or the web user interface. The vulnerability is located in the session credentials request of the home.php file. The file allows direct requests of administrators without secure session credential check. Thus results in a session auth bypass issue that can finally lead to a full application compromise. The vulnerability is a classic auth bypass session issue in the admin panel of the content management system. The request method to bypass is GET and the attack vector of the issue is on the application-side of the service. The security risk of the auth bypass vulnerability is estimated as high with a cvss (common vulnerability scoring system) count of 8.1. Exploitation of the auth bypass session web vulnerability requires no privilege application user account or user interaction. Successful exploitation of the vulnerability results in unauthorized access to the admin panel, defacement, web-application and dbms compromise. Request Method(s): [+] GET Vulnerable Module(s) [+] Login (Session) Vulnerable File(s): [+] home.php Affected Module(s) [+] Account System - (Admin Panel) Proof of Concept (PoC): ======================= The auth bypass session vulnerability can be exploited by remote attackers without privilege application user account or user interaction. For security demonstration or to reproduce the vulnerability follow the provided information and steps below to continue. Manual steps to reproduce the vulnerability ... 1. First type the dork "Design by www.linuxoptic.com 2009" in google without Double quotes("). 2. Then after find the site in which their is written Design by www.linuxoptic.com 2009 in the footer 3. Now, go to it's admin page http://ift.tt/1IoQDfL 4. After opening the admin panel . Follow this link http://ift.tt/1IoQCZd ... and voila you will be directly login into the admin panel and you can also upload your backdoor and deface. 5. Successful reproduce of the remote vulnerability! PoC: Admin Panel: http://localhost:8080/adminpanel Auth Bypass Login Session Admin Panel: http://localhost:8080/adminpanel/home.php Security Risk: ============== The security risk of the auth bypass session web vulnerability is estimated as high. (CVSS 8.1) Credits & Authors: ================== Contact: http://ift.tt/1IoQDfB > https://twitter.com/aaditya_purani Disclaimer & Information: ========================= The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any case of damage, including direct, indirect, incidental, consequential loss of business profits or special damages, even if Vulnerability-Lab or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply. We do not approve or encourage anybody to break any vendor licenses, policies, deface websites, hack into databases or trade with fraud/stolen material. Domains: http://ift.tt/1jnqRwA - www.vuln-lab.com - http://ift.tt/1kouTut Contact: admin@vulnerability-lab.com - research@vulnerability-lab.com - admin@evolution-sec.com Section: magazine.vulnerability-db.com - http://ift.tt/1zNuo47 - http://ift.tt/1wo6y8x Social: http://twitter.com/#!/vuln_lab - http://ift.tt/1kouSqa - http://youtube.com/user/vulnerability0lab Feeds: http://ift.tt/1iS1DH0 - http://ift.tt/1kouSqh - http://ift.tt/1kouTKS Programs: http://ift.tt/1iS1GCs - http://ift.tt/1iS1FyF - http://ift.tt/1kouSqp Any modified copy or reproduction, including partially usages, of this file requires authorization from Vulnerability Laboratory. Permission to electronically redistribute this alert in its unmodified form is granted. All other rights, including the use of other media, are reserved by Vulnerability-Lab Research Team or its suppliers. All pictures, texts, advisories, source code, videos and other information on this website is trademark of vulnerability-lab team & the specific authors or managers. To record, list (feed), modify, use or edit our material contact (admin@vulnerability-lab.com or research@vulnerability-lab.com) to get a permission. Copyright © 2015 | Vulnerability Laboratory - [Evolution Security GmbH]™

Source: Gmail -> IFTTT-> Blogger

[FD] Dogma India dogmaindia CMS - Auth Bypass Session Vulnerability

Document Title: =============== Dogma India dogmaindia CMS - Auth Bypass Vulnerability References (Source): ==================== http://ift.tt/1NyNwtr Release Date: ============= 2015-08-25 Vulnerability Laboratory ID (VL-ID): ==================================== 1583 Common Vulnerability Scoring System: ==================================== 8.1 Product & Service Introduction: =============================== Industrial Training Centre (ITC`s) are training Centre which provide training in technical field in India. Normally a person who has passed 10 standard (SSLC) is eligible for admission to ITC. The objective of opening of ITC is provide technical manpower to industries. These persons are trained in basic skills required to do jobs of say operator or a craftsman. The course in ITC is designed in way to impart basic skill in the trade specified. Most of ITC`s impart training in technical trades like electrician, fitter, plumber etc. People of engineering trade can go for higher studies like diploma in engineering. (Copy of the Vendor Homepage: http://ift.tt/1LGjR1j) Abstract Advisory Information: ============================== An independent vulnerability laboratory researcher discovered a session auth bypass vulnerability in the official Dogma Soft Pvt. Ltd dogmaindia content management system. Vulnerability Disclosure Timeline: ================================== 2015-08-25: Public Disclosure (Vulnerability Laboratory) Discovery Status: ================= Published Affected Product(s): ==================== Dogma Soft Pvt. Ltd Product: Dogmaindia - Content Management System 2015 Q3 Exploitation Technique: ======================= Remote Severity Level: =============== High Technical Details & Description: ================================ An auth bypass session vulnerability has been discovered in the official Dogma Soft Pvt. Ltd dogmaindia content management system. The session vulnerability allows remote attackers to unauthorized access the administrator panel or the web user interface. The vulnerability is located in the session credentials request of the home.php file. The file allows direct requests of administrators without secure session credential check. Thus results in a session auth bypass issue that can finally lead to a full application compromise. The vulnerability is a classic auth bypass issue in the admin panel of the content management system. The request method to bypass is GET and the attack vector of the issue is on the application-side of the service. The security risk of the auth bypass vulnerability is estimated as high with a cvss (common vulnerability scoring system) count of 8.1. Exploitation of the auth bypass session web vulnerability requires no privilege application user account or user interaction. Successful exploitation of the vulnerability results in unauthorized access to the admin panel, defacement, web-application and dbms compromise. Request Method(s): [+] GET Vulnerable Module(s) [+] Login (Session) Vulnerable File(s): [+] home.php Affected Module(s) [+] Account System - (Admin Panel) Proof of Concept (PoC): ======================= The remote session auth bypass vulnerability in the dogmaindia website content management system can be exploited by remote attackers without user interaction. For security demonstration or to reproduce the vulnerability follow the provided information and steps below to continue. Manual steps to reproduce the vulnerability ... 1. First type the dork "ITI Admin Panel | Powered by The Dogma Soft Pvt. Ltd" in google without Double quotes("). 2. Then after find the site in which their is written ITI Admin Panel | Powered by The Dogma Soft Pvt. Ltd in the footer 3. Now, go to it's admin page http://ift.tt/1IoQAk9 4. After opening the admin panel . Follow this link http://ift.tt/1LGjTWJ ... and voila you will be directly login into the admin panel and you can also upload your backdoor and deface. 5. Successful reproduce of the remote vulnerability! Dork(s): ITI Admin Panel | Powered by The Dogma Soft Pvt. Ltd Site: http://tirupatiitc.com/ Admin Panel: http://localhost:8080/admin/ Login Bypass to Admin Panel: http://localhost:8080/admin/home.php Security Risk: ============== The security risk of the auth bypass session web vulnerability is estimated as high. (CVSS 8.1) Credits & Authors: ================== Author: Aaditya Purani Contact: http://ift.tt/1IoQDfB > https://twitter.com/aaditya_purani Disclaimer & Information: ========================= The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any case of damage, including direct, indirect, incidental, consequential loss of business profits or special damages, even if Vulnerability-Lab or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply. We do not approve or encourage anybody to break any vendor licenses, policies, deface websites, hack into databases or trade with fraud/stolen material. Domains: http://ift.tt/1jnqRwA - www.vuln-lab.com - http://ift.tt/1kouTut Contact: admin@vulnerability-lab.com - research@vulnerability-lab.com - admin@evolution-sec.com Section: magazine.vulnerability-db.com - http://ift.tt/1zNuo47 - http://ift.tt/1wo6y8x Social: http://twitter.com/#!/vuln_lab - http://ift.tt/1kouSqa - http://youtube.com/user/vulnerability0lab Feeds: http://ift.tt/1iS1DH0 - http://ift.tt/1kouSqh - http://ift.tt/1kouTKS Programs: http://ift.tt/1iS1GCs - http://ift.tt/1iS1FyF - http://ift.tt/1kouSqp Any modified copy or reproduction, including partially usages, of this file requires authorization from Vulnerability Laboratory. Permission to electronically redistribute this alert in its unmodified form is granted. All other rights, including the use of other media, are reserved by Vulnerability-Lab Research Team or its suppliers. All pictures, texts, advisories, source code, videos and other information on this website is trademark of vulnerability-lab team & the specific authors or managers. To record, list (feed), modify, use or edit our material contact (admin@vulnerability-lab.com or research@vulnerability-lab.com) to get a permission. Copyright © 2015 | Vulnerability Laboratory - [Evolution Security GmbH]™

Source: Gmail -> IFTTT-> Blogger

BitTorrent Fixes Reflective DDoS Attack Security Flaw

Two weeks ago, we reported how a serious flaw in the popular peer-to-peer BitTorrent file sharing protocols could be exploited to carry out a devastating distributed denial of service (DDoS) attack, allowing lone hackers with limited resources to take down large websites. Good news is that the developers of BitTorrent have fixed the security issue in its service that is being used by


from The Hacker News http://ift.tt/1KpYqjp
via IFTTT

ISS Daily Summary Report – 08/27/15

42 Soyuz (42S) Relocation: 42S will be relocated from Mini Research Module (MRM) 2 Zenith to Service Module Aft tomorrow with the undock command scheduled for 2:11 am CDT. To support the relocation timeline the 42S crew sleep shifted 5.5 hours earlier today (11:00 am CDT, 16:00 GMT).  The relocation is in preparation for 44S scheduled docking to MRM 2 Zenith on September 4.  42S return to Earth is currently planned for September 11.   Human Research Program (HRP) Operations: Lindgren and Yui continued with their Flight Day 30 (FD30) Ocular Health activities performing their Optical Coherence Tomography (OCT), each acting as the Crew Medical Officer (CMO) for the other. They also performed fundoscopy, again with Yui acting as CMO for Lindgren, and Lindgren as CMO for Yui.  OCT is used to measure retinal thickness, volume, and retinal nerve fiber layer, and the fundoscope is used to obtain images of the retinal surface.  The Ocular Health protocol calls for a systematic gathering of physiological data to characterize the risk of microgravity-induced visual impairment/intracranial pressure in ISS crewmembers. Researchers believe that the measurement of visual, vascular and central nervous system changes over the course of this experiment and during the subsequent post-flight recovery will assist in the development of countermeasures, clinical monitoring strategies, and clinical practice guidelines. Kelly completed his FD150 Sprint ultrasound.  He activated the Ultrasound machine and donned the calf and thigh reference guides.  He then performed thigh and calf scans with guidance from the Sprint ground team.  Ultrasound scans are used to evaluate spaceflight-induced changes in the muscle volume. The Sprint investigation evaluates the use of high intensity, low volume exercise training to minimize loss of muscle, bone, and cardiovascular function in ISS crewmembers during long-duration missions. Upon completion of this study, investigators expect to provide an integrated resistance and aerobic exercise training protocol capable of maintaining muscle, bone and cardiovascular health while reducing total exercise time over the course of a long-duration space flight. This will provide valuable information in support of investigator’s long term goal of protecting human fitness for longer space exploration missions. Kelly and Kornienko performed their Reaction Self-Tests today.  This week-long session is in advance of the sleep shift required for the 42 Soyuz relocation tonight.  Reaction Self-Test aids crewmembers to objectively identify when their performance capability is degraded by various fatigue-related conditions that can occur as a result of ISS operations and time in space (e.g., acute and chronic sleep restriction, slam shifts, extravehicular activity (EVA), and residual sedation from sleep medications). Kelly and Kornienko are performing a week of sleep logging.  The Sleep ISS-12 experiment monitors ambient light exposure and crew member activity, and collects subjective evaluations of sleep and alertness, to examine the effects of space flight and ambient light exposure on sleep during a year-long mission on the International Space Station (ISS).   NanoRacks Multi-Gas Monitor (MGM): Lindgren stowed the MGM deployed in the Node 1 on NanoRacks Platform 2 to recharge the battery and transfer data.  The Multi-Gas Monitor is the first laser sensor to continuously measure four gases that are key for crewmembers’ health aboard the ISS. The multiple low-power, tunable lasers train an infrared laser beam on a cabin air sample, and sensors are tuned to specific wavelengths of light to detect oxygen, carbon dioxide, ammonia, and humidity. The instrument fits in a device the size of a shoebox and detects the presence of gases in less than one second.   HTV Cargo Transfer Status:  Kelly, Lindgren and Yui completed 5.5 hours of HTV-5 Cargo transfer operations today.  A total of 32 hours remain to complete HTV-5 cargo operations   Today’s Planned Activities All activities were completed unless otherwise noted. Biochemical Urinalysis Self-exam for response time. Response time test (morning) Weekly Crew/GOGU Conference R/G 9716 PRT   – laptop closeout ops Return of acoustic dosimeters to stowage location WHC   –  servicing Return of URISYS hardware to stowage location USND2   –  hardware activation OTKLIK. Hardware monitoring  /  Radiogram  9734 Optical coherence tomography (OCT) – hardware prep SPRINT   –  hardware install and set-up FROST   –  cold pack install IMS Tag-up   (S-band) Soyuz 716 up and down cargo prep / Radiograms 9646nu, 9711 CARDIOVECTOR. Experiment ops. Radiogram 9737 WHC   –  servicing OCT Vision Test (Subject) Optical coherence tomography (OCT) – eye scan (assist) MRM1 air vent screen cleaning (Group B). Cleaning behind Panels 405,  406 Radiogram  8393 MOTOCARD. Experiment ops. Radiogram 9735 Comm test and session from Soyuz 716 via Russian ground sites(VHF2) Optical coherence tomography (OCT) – eye scan (assist) OCT Vision Test (Subject) Soyuz 716 up and down cargo prep / Radiograms 9646nu, 9711 Replacement of Dust Filter СКПФ1, СКПФ2, MRM1 Gas-Liquid Heat Exchanger Cleaning Optical coherence tomography (OCT) – hardware stow USND2   –  hardware power-down HTV cargo transfer ops Е-К tank R&R and hose in [АСУ] (Е-К No. 1409127 (00065906R) Soyuz 716 Kentavr g-suit sizing JRNL   –  log entry HTV cargo transfer ops NANO   –  hardware stow HTV   –  transfer tag-up GLACIER5   –  old pack swap-out HAM session from Columbus Portable breathing apparatus (PBA) and portable fire extinguisher  (PFE) inspection Self-exam for response time. Response time test (evening) Eye fundoscopy – hardware setup Fundoscope   –  vision test Eye fundoscopy – hardware stow   Completed Task List Items None   Ground Activities All activities were completed unless otherwise noted. SPRINT Ultrasound support HMS OCT/Fundoscope support OPALS antenna configuration   Three-Day Look Ahead: Friday, 08/28: 42S relocation from MRM2 Zenith to SM Aft Saturday, 08/29: Crew off duty Sunday, 08/30: Crew off duty   QUICK ISS Status – Environmental Control Group:                               Component Status Elektron On Vozdukh Manual [СКВ] 1 – SM Air Conditioner System (“SKV1”) Off [СКВ] 2 – SM Air Conditioner System (“SKV2”) On Carbon Dioxide Removal Assembly (CDRA) Lab Standby Carbon Dioxide Removal Assembly (CDRA) Node 3 Operate Major Constituent Analyzer (MCA) Lab Shutdown Major Constituent Analyzer (MCA) Node 3 Operate Oxygen Generation Assembly (OGA) Standby Urine Processing Assembly (UPA) Standby Trace Contaminant Control System (TCCS) Lab Off Trace Contaminant Control System (TCCS) Node 3 […]

from ISS On-Orbit Status Report http://ift.tt/1NLBTyq
via IFTTT

Blind replaces Van Persie with Robben as Netherlands captain

THE HAGUE, Netherlands (AP) Arjen Robben has been made captain of the Netherlands in Danny Blind's first squad since taking over from Guus Hiddink as national coach, replacing striker Robin van Persie.

from FOX Sports Digital http://ift.tt/1IoAZ45
via IFTTT

Slovakia midfielder Juraj Kucka has medical with AC Milan

MILAN (AP) Slovakia midfielder Juraj Kucka is undergoing a medical with AC Milan ahead of an expected transfer from Genoa.

from FOX Sports Digital http://ift.tt/1EmF1yB
via IFTTT

Germany picks Liverpool's Emre Can for Euro qualifiers

FRANKFURT, Germany (AP) Germany coach Joachim Loew has called up Liverpool midfielder Emre Can for the upcoming European Championship qualifying matches against Poland and Scotland.

from FOX Sports Digital http://ift.tt/1UhmW7c
via IFTTT

Former European champs Ajax, Celtic grouped in Europa League

MONACO (AP) Former European champions Ajax and Celtic have been grouped together with Fenerbahce and Molde in the Europa League.

from FOX Sports Digital http://ift.tt/1UhmW75
via IFTTT

Spain coach calls up David de Gea for Euro 2016 qualifiers

MADRID (AP) Spain coach Vicente del Bosque has included goalkeeper David de Gea, Diego Costa and Juan Mata in his squad to take on Slovakia and Macedonia in qualifying matches for next year's European Championship.

from FOX Sports Digital http://ift.tt/1LG6oX3
via IFTTT

Harpsichord Concerto in B-flat major (Anonymous)

Harpsichord Concerto in B-flat major (Anonymous). Add File. Add Sheet MusicAdd Your Own ArrangementAdd Your Own CompositionAdd Your Own ...

from Google Alert - anonymous http://ift.tt/1EoVp1R
via IFTTT

Warning! How Hackers Could Hijack Your Facebook Fan Page With This Trick

Facebook bounty hunter Laxman Muthiyah from India has recently discovered his third bug of this year in the widely popular social network website that just made a new record by touching 1 Billion users in a single day. At the beginning of the year, Laxman discovered a serious flaw in Facebook graphs that allowed him to view or probably delete others photo album on Facebook, even without


from The Hacker News http://ift.tt/1KpIo99
via IFTTT

Leverkusen signs Kevin Kampl from Dortmund

LEVERKUSEN, Germany (AP) Bayer Leverkusen has signed midfielder Kevin Kampl from Bundesliga rival Borussia Dortmund.

from FOX Sports Digital http://ift.tt/1KRYvIm
via IFTTT

I have a new follower on Twitter


Dowsing for Divinity
Pagan theology, poetry, and praxis. The blog of Christine Hoff Kraemer @moundsermons, Yvonne Aburrow @vogelbeere, and Sarah Sadie.
UK and USA
http://t.co/aoM8yZS28m
Following: 251 - Followers: 1

August 28, 2015 at 06:41AM via Twitter http://twitter.com/dowsing4divine

South Korea forward Son Heung-min joins Tottenham

LONDON (AP) South Korea forward Son Heung-Min has joined Tottenham from Bayer Leverkusen on a five-year deal.

from FOX Sports Digital http://ift.tt/1KRT648
via IFTTT

Mark's Milestone: 1 Billion People Uses Facebook in A Single Day

Yesterday, Facebook Co-founder and Chairman Mark Zuckerberg broadcast in his Facebook post, that Monday Facebook made a record by counting ONE BILLION people accessing Facebook in a single day. Zuckerberg shared his happiness and thanked the world. He was overwhelmed with the milestone Facebook has touched and even shared a video expressing his emotions. "[Facebook] just passed an


from The Hacker News http://ift.tt/1fK06Y6
via IFTTT

NASA GSFC MASCON Solution over Greenland from Jan 2004 - Jun 2014

GRACE, NASA's Gravity Recovery and Climate Experiment, consists of twin co-orbiting satellites that fly in a near polar orbit separated by a distance of 220 km. GRACE precisely measures the distance between the two spacecraft in order to make detailed measurements of the Earth's gravitational field. Since its launch in 2002, GRACE has provided a continuous record of changes in the mass of the Earth's ice sheets. This animations shows the change in the the Greenland Ice Sheet between January 2004 and June 2014. The 1-arc-deg NASA GSFC mascon solution data was resampled to a 998 x 1800 data array using Kriging interpolation. A color scale was applied in the range of +250 to -250 centimeters of equivalent water height, where blue values indicate an increase in the ice sheet mass while red shades indicate a decrease. In addition, the running sum total of the accumulated mass change over the Greenland Ice Sheet is shown on a graph overlay in gigatons.

from NASA's Scientific Visualization Studio: Most Recent Items http://ift.tt/1VypxNx
via IFTTT

NASA GSFC MASCON Solution over Antarctica from Jan 2004 - Jun 2014

GRACE, NASA's Gravity Recovery and Climate Experiment, consists of twin co-orbiting satellites that fly in a near polar orbit separated by a distance of 220 km. GRACE precisely measures the distance between the two spacecraft in order to make detailed measurements of the Earth's gravitational field. Since its launch in 2002, GRACE has provided a continuous record of changes in the mass of the Earth's ice sheets. This animations shows the change in the mass of the Antarctic Ice Sheet between January 2004 and June 2014 as measured by the pair of GRACE satellites. The 1-arc-deg NASA GSFC mascon solution data was resampled to a 5130 x 5130 data array using Kriging interpolation. A color scale was applied in the range of +250 to -250 centimeters of equivalent water height, where blue values indicate an increase in the ice sheet mass while red shades indicate a decrease. In addition, a graph overlay shows the running total of the accumulated mass change in gigatons. The data is first shown over the entire Antarctic Ice Sheet with the graph showing the total change in gigatons for the full ice sheet. The camera then zooms to focus on the West Antarctic Ice Sheet, the region to the West of the Trans-Antarctic mountains, where much of the loss has taken place. The animation is shown again over this region while the graph of ice loss presents the change over West Antarctica alone. Regions composed of the floating ice shelves, and thus not a part of the Antarctic Ice Sheet, are shown in a pale shade of green.

from NASA's Scientific Visualization Studio: Most Recent Items http://ift.tt/1IkrvH2
via IFTTT

22-year Sea Level Rise - TOPEX/JASON

This visualization shows total sea level change between 1992 and 2014, based on data collected from the TOPEX/Poisedon, Jason-1, and Jason-2 satellites. Blue regions are where sea level has gone down, and orange/red regions are where sea level has gone up. Since 1992, seas around the world have risen an average of nearly 3 inches. The color range for this visualization is -7 cm to +7 cm (-2.76 inches to +2.76 inches), though measured data extends above and below 7cm(2.76 inches). This particular range was chosen to highlight variations in sea level change.

from NASA's Scientific Visualization Studio: Most Recent Items http://ift.tt/1i6DvH1
via IFTTT

Greenland's Glaciers as seen by RadarSat

This animation is based on 30-meter topography data for Greenland along with an ocean and an ice sheet mask provided by the Greenland Ice Mapping Project (GIMP) at Ohio State. Each of these datasets consists of a 6 x 6 array of 124 megapixel tiles. The surface texture is derived from seven sets of 20-meter Radarsat reflectance data from the Canadian Space Agency, mosaicked at the University of Washington's Applied Physics Lab and accurately registered to the topography data. Each of six tile sets represents data for one year between 2000 and 2013, while the final one is a composite of the six years that has most areas of missing data resolved. Each of these tile sets consist of a 5 x 5 array of 421 megapixel tiles. The false color of the surface is derived as follows. Three different color scales are applied to the floating point Radarsat reflectance data based on their relationship within the GIMP masks. Areas within the ice sheet mask are mapped to a color ramp from white (high) to grey (low). Areas within the land region of the ocean mask but not in the ice sheet mask are similarly mapped to a color ramp of light to dark tan. The area indicating ocean is mapped to blue.

from NASA's Scientific Visualization Studio: Most Recent Items http://ift.tt/1i6DtyR
via IFTTT

Disgusting! Ashley Madison was Building an App – 'What's your Wife Worth?'

We could expect Ashley Madison to cross any limits when it comes to cheating, but this is WORSE. After all the revelations made by the Impact Team past week, this was something different from the leaked data that had names, password and other details of Ashley Madison clients. A dump from the leaked files unfold awful strategy of Avid Life Media (ALM), Ashley Madison's parent company,


from The Hacker News http://ift.tt/1hkbJGk
via IFTTT

FFA gives Brisbane Roar's Indonesia owners final warning

BRISBANE, Australia (AP) Football Federation Australia has told the Indonesian owners of Brisbane Roar that they will lose control of the A-League club if its financial problems are not addressed immediately.

from FOX Sports Digital http://ift.tt/1fJMKeB
via IFTTT

[FD] Publicly exploitable XSS in WordPress plugin Navis Documentcloud (WordPress plugin)

Details ================ Software: Navis DocumentCloud Version: 0.1 Homepage: http://ift.tt/1KRG4Ue Advisory report: http://ift.tt/1MYZblw CVE: CVE-2015-2807 CVSS: 6.4 (Medium; AV:N/AC:L/Au:N/C:P/I:P/A:N) Description ================ Publicly exploitable XSS in WordPress plugin Navis Documentcloud Vulnerability ================ This plugin contains the following code in js/window.php: $SITEURL .= $_GET[ ‘wpbase’ ]; // snip Which is a trivially exploitable XSS.   Proof of concept ================ Visit the following page on a site with this plugin installed. Note that the plugin need not be active: http://yourwordpresssite/wp-content/plugins/navis-documentcloud/js/window.php?wpbase=%22%3Ealert(%27xss%27)%3C/script%3E%3Cscript%20src=%22 NB: this proof of concept may not work in browsers with XSS protection features. Mitigations ================ This plugin is no longer maintained, so if at all possible, switch to using the DocumentCloud plugin http://ift.tt/1KRG4Um. If this is not possible, upgrade to version 0.1.1 or later. Disclosure policy ================ dxw believes in responsible disclosure. Your attention is drawn to our disclosure policy: http://ift.tt/1B6NWzd Please contact us on security@dxw.com to acknowledge this report if you received it via a third party (for example, plugins@wordpress.org) as they generally cannot communicate with us on your behalf. This vulnerability will be published if we do not receive a response to this report with 14 days. Timeline ================ 2015-03-31 – Discovered 2015-03-31 – Requested CVE 2015-07-14 – Reported to support@documentcloud.org 2015-07-14 – Vendor responded saying they’ll get in touch with the developer 2015-08-24 – Vendor reported the issue fixed in version 0.1.1 Discovered by dxw: ================ Harry Metcalfe Please visit security.dxw.com for more information.

Source: Gmail -> IFTTT-> Blogger

[FD] CSRF/XSS vulnerability in Private Only could allow an attacker to do almost anything an admin user can (WordPress plugin)

Details ================ Software: Private Only Version: 3.5.1 Homepage: http://ift.tt/1bWrFE9 Advisory report: http://ift.tt/1MYZeh2 CVE: CVE-2015-5483 CVSS: 5.8 (Medium; AV:N/AC:M/Au:N/C:P/I:P/A:N) Description ================ CSRF/XSS vulnerability in Private Only could allow an attacker to do almost anything an admin user can Vulnerability ================ This plugin fails to use CSRF and XSS prevention techniques which are available in WordPress (nonces, and esc_attr()) so it allows an attacker to cause a logged in admin user to be the victim of a CSRF attack which stores malicious content in the database which, due to lack of escaping, is output as raw HTML. Via JavaScript the attacker is able to cause the user’s browser to do almost anything including add users, delete posts, and even modify PHP files if that option hasn’t been disabled. Proof of concept ================ Pressing the submit button here will change the logo setting to contain some JavaScript. Browsers with no reflected XSS prevention (like Firefox) will execute the JavaScript immediately, other browsers will execute the JavaScript when the page is loaded next.
<script>alert(1)</script>\">
Mitigations ================ Disclosure policy ================ dxw believes in responsible disclosure. Your attention is drawn to our disclosure policy: http://ift.tt/1B6NWzd Please contact us on security@dxw.com to acknowledge this report if you received it via a third party (for example, plugins@wordpress.org) as they generally cannot communicate with us on your behalf. This vulnerability will be published if we do not receive a response to this report with 14 days. Timeline ================ 2015-03-20: Discovered 2015-07-09: Reported to vendor by email 2015-07-09: Requested CVE 2015-07-31: No reply. Tried on twitter and got a brief response 2015-08-18: After multiple further attempts, still no reply. Escalating to WP Plugins Discovered by dxw: ================ Tom Adams Please visit security.dxw.com for more information.

Source: Gmail -> IFTTT-> Blogger

[FD] AnchorCMS - PHP Object Injection (CVE-2015-5687) and More

[FD] nullcon se7en CFP is open

The Large Cloud of Magellan


The 16th century Portuguese navigator Ferdinand Magellan and his crew had plenty of time to study the southern sky during the first circumnavigation of planet Earth. As a result, two fuzzy cloud-like objects easily visible to southern hemisphere skygazers are known as the Clouds of Magellan, now understood to be satellite galaxies of our much larger, spiral Milky Way galaxy. About 160,000 light-years distant in the constellation Dorado, the Large Magellanic Cloud (LMC) is seen here in a remarkably deep, colorful, image. Spanning about 15,000 light-years or so, it is the most massive of the Milky Way's satellite galaxies and is the home of the closest supernova in modern times, SN 1987A. The prominent patch below center is 30 Doradus, also known as the magnificent Tarantula Nebula, is a giant star-forming region about 1,000 light-years across. via NASA http://ift.tt/1KP4xcI

Thursday, August 27, 2015

Jedinak among 3 players ruled out of Socceroos match

SYDNEY (AP) Mile Jedinak, Tomi Juric and Robbie Kruse have been ruled out of the Australia's 2018 World Cup qualifying match against Bangladesh and will be replaced by Italian-based attacker Chris Ikonomidis, striker Ben Halloran and midfielder Luke Brattan.

from FOX Sports Digital http://ift.tt/1ImZXAM
via IFTTT

Can "anonymous" posts be seen?

By the people who are following me, if my content is hidden?

from Google Alert - anonymous http://ift.tt/1PWsaVd
via IFTTT

Computing Stable Coalitions: Approximation Algorithms for Reward Sharing. (arXiv:1508.06781v1 [cs.GT])

Consider a setting where selfish agents are to be assigned to coalitions or projects from a fixed set P. Each project k is characterized by a valuation function; v_k(S) is the value generated by a set S of agents working on project k. We study the following classic problem in this setting: "how should the agents divide the value that they collectively create?". One traditional approach in cooperative game theory is to study core stability with the implicit assumption that there are infinite copies of one project, and agents can partition themselves into any number of coalitions. In contrast, we consider a model with a finite number of non-identical projects; this makes computing both high-welfare solutions and core payments highly non-trivial.

The main contribution of this paper is a black-box mechanism that reduces the problem of computing a near-optimal core stable solution to the purely algorithmic problem of welfare maximization; we apply this to compute an approximately core stable solution that extracts one-fourth of the optimal social welfare for the class of subadditive valuations. We also show much stronger results for several popular sub-classes: anonymous, fractionally subadditive, and submodular valuations, as well as provide new approximation algorithms for welfare maximization with anonymous functions. Finally, we establish a connection between our setting and the well-studied simultaneous auctions with item bidding; we adapt our results to compute approximate pure Nash equilibria for these auctions.



from cs.AI updates on arXiv.org http://ift.tt/1F0YvUF
via IFTTT

Using Thought-Provoking Children's Questions to Drive Artificial Intelligence Research. (arXiv:1508.06924v1 [cs.AI])

We propose to use thought-provoking children's questions (TPCQs), namely Highlights BrainPlay questions, to drive artificial intelligence research. These questions are designed to stimulate thought and learning in children, and they can be used to do the same thing in AI systems. We introduce the TPCQ task, which consists of taking a TPCQ question as input and producing as output both (1) answers to the question and (2) learned generalizations. We discuss how BrainPlay questions stimulate learning. We analyze 244 BrainPlay questions, and we report statistics on question type, question class, answer cardinality, answer class, types of knowledge needed, and types of reasoning needed. We find that BrainPlay questions span many aspects of intelligence. We envision an AI system based on the society of mind (Minsky 1986; 2006) consisting of a multilevel architecture with diverse resources that run in parallel to jointly answer and learn from questions. Because the answers to BrainPlay questions and the generalizations learned from them are often highly open-ended, we suggest using human judges for evaluation.



from cs.AI updates on arXiv.org http://ift.tt/1LzdHNs
via IFTTT

The Relation Between Acausality and Interference in Quantum-Like Bayesian Networks. (arXiv:1508.06973v1 [cs.AI])

We analyse a quantum-like Bayesian Network that puts together cause/effect relationships and semantic similarities between events. These semantic similarities constitute acausal connections according to the Synchronicity principle and provide new relationships to quantum like probabilistic graphical models. As a consequence, beliefs (or any other event) can be represented in vector spaces, in which quantum parameters are determined by the similarities that these vectors share between them. Events attached by a semantic meaning do not need to have an explanation in terms of cause and effect.



from cs.AI updates on arXiv.org http://ift.tt/1JB0MuV
via IFTTT

Real-time Top-K Predictive Query Processing over Event Streams. (arXiv:1508.06976v1 [cs.DB])

This paper addresses the problem of predicting the k events that are most likely to occur next, over historical real-time event streams. Existing approaches to causal prediction queries have a number of limitations. First, they exhaustively search over an acyclic causal network to find the most likely k effect events; however, data from real event streams frequently reflect cyclic causality. Second, they contain conservative assumptions intended to exclude all possible non-causal links in the causal network; it leads to the omission of many less-frequent but important causal links. We overcome these limitations by proposing a novel event precedence model and a run-time causal inference mechanism. The event precedence model constructs a first order absorbing Markov chain incrementally over event streams, where an edge between two events signifies a temporal precedence relationship between them, which is a necessary condition for causality. Then, the run-time causal inference mechanism learns causal relationships dynamically during query processing. This is done by removing some of the temporal precedence relationships that do not exhibit causality in the presence of other events in the event precedence model. This paper presents two query processing algorithms -- one performs exhaustive search on the model and the other performs a more efficient reduced search with early termination. Experiments using two real datasets (cascading blackouts in power systems and web page views) verify the effectiveness of the probabilistic top-k prediction queries and the efficiency of the algorithms. Specifically, the reduced search algorithm reduced runtime, relative to exhaustive search, by 25-80% (depending on the application) with only a small reduction in accuracy.



from cs.AI updates on arXiv.org http://ift.tt/1JB0OmJ
via IFTTT

Orioles Video: Adam Jones crashes into the wall and has to leave the game in Baltimore's 5-3 loss to the Royals (ESPN)

from ESPN http://ift.tt/1eW1vUH
via IFTTT

Mexico interim coach Ferretti excludes Ochoa for friendlies

MEXICO CITY (AP) Mexico's new interim coach Ricardo Ferretti has left goalkeeper Guillermo Ochoa and brothers Jonathan and Giovani Dos Santos out of the squad for the upcoming friendlies next month against Trinidad and Tobaho and Argentina.

from FOX Sports Digital http://ift.tt/1JzB3Pg
via IFTTT

Alex Morgan hopes last injury was the last

PORTLAND, Ore. (AP) Alex Morgan hopes she's emerging from her last injury layoff for a while.

from FOX Sports Digital http://ift.tt/1Jzrlwm
via IFTTT

Orioles: OF Adam Jones crashed into LF wall in bottom of 1st, stayed in game before being pinch hit for in top of 3rd (ESPN)

from ESPN http://ift.tt/1eW1vUH
via IFTTT

Ravens: S Will Hill signed to 2-year extension despite 3 suspensions in his first 3 seasons - \"it means a lot to me\" (ESPN)

from ESPN http://ift.tt/17lH5T2
via IFTTT

Barcelona's Messi wins UEFA Best Player in Europe award

MONACO (AP) Lionel Messi added another individual trophy to his collection Thursday, being voted UEFA's Best Player in Europe for last season.

from FOX Sports Digital http://ift.tt/1F08g5g
via IFTTT

German Spy-Agency Trades Citizens' Metadata in Exchange for NSA's Xkeyscore

This is Really Insane!! Germany's top intelligence agency handed over details related to German citizen metadata just in order to obtain a copy of the National Security Agency's Main XKeyscore software, which was first revealed by Edward Snowden in 2013. According to the new documents obtained by the German newspaper Die Zeit, the Federal Office for the Protection of the Constitution (


from The Hacker News http://ift.tt/1i4WtxH
via IFTTT

Judge throws out Leoz request to halt extradition to US

ASUNCION, Paraguay (AP) A judge in Paraguay has thrown out a request that proceedings for extradition to the United States be dropped against Nicolas Leoz, the former head of the South American football confederation.

from FOX Sports Digital http://ift.tt/1U8ytea
via IFTTT

Barcelona gets favorable draw in Champions League groups

MONACO (AP) Title-holder Barcelona was handed a favorable draw with Bayer Leverkusen, Roma and BATE Borisov in the Champions League on Thursday.

from FOX Sports Digital http://ift.tt/1NXbQ5j
via IFTTT

UEFA Champions League Group Stage Draw

MONACO (AP) Draw made Thursday for the UEFA Champions League group stage:

from FOX Sports Digital http://ift.tt/1hIjrLi
via IFTTT

US blocks Nicaragua bid to extradite FIFA case suspect

BERN, Switzerland (AP) The United States has blocked Nicaragua's attempt to extradite FIFA bribery case suspect Julio Rocha to his home country.

from FOX Sports Digital http://ift.tt/1WUKkLU
via IFTTT

CSKA faces UEFA charge over flare landing on pitch

MOSCOW (AP) UEFA says CSKA Moscow faces disciplinary charges after a flare was thrown onto the pitch during a Champions League game against Sporting Lisbon.

from FOX Sports Digital http://ift.tt/1NWOZqv
via IFTTT

HDTV!! Mission: Impossible – Rogue Nation Streaming ITA Gratis

Mission: Impossible – Rogue Nation Streaming ITA Gratis. by Anonymous 5sc on August 27, 2015. TELECHARGER Mission: Impossible – Rogue ...

from Google Alert - anonymous http://ift.tt/1MQkHHv
via IFTTT

Stuttgart signs Bosnia-Herzegovina defender Toni Sunjic

STUTTGART, Germany (AP) Stuttgart has signed Bosnia-Herzegovina defender Toni Sunjic from Russian side Kuban Krasnodar.

from FOX Sports Digital http://ift.tt/1Emy5BY
via IFTTT

Sexwale 'weighing all options' about FIFA presidential race

MONACO (AP) FIFA official Tokyo Sexwale says he's ''weighing all options'' before entering the governing body's presidential election race.

from FOX Sports Digital http://ift.tt/1MQi9Jq
via IFTTT

I have a new follower on Twitter


iLenTheme
Developer Wordpress
World
http://t.co/nc70V4lE2M
Following: 1619 - Followers: 1702

August 27, 2015 at 10:17AM via Twitter http://twitter.com/iLenTheme

Fernando Llorente joins Sevilla, returns to Spanish league

MADRID (AP) Fernando Llorente is returning to the Spanish league as a striker for Sevilla after spending two years in Italy, the Andalucian club said Thursday.

from FOX Sports Digital http://ift.tt/1NJAoB0
via IFTTT

ISS Daily Summary Report – 08/26/15

Human Research Program (HRP) Operations: Lindgren and Yui initiated their Flight Day 30 (FD30) Ocular Health performing vision tests, tonometry, blood pressure measurements, and answering a vision questionnaire.  The Ocular Health protocol calls for a systematic gathering of physiological data to characterize the risk of microgravity-induced visual impairment/intracranial pressure in ISS crewmembers. Researchers believe that the measurement of visual, vascular and central nervous system changes over the course of this experiment and during the subsequent post-flight recovery will assist in the development of countermeasures, clinical monitoring strategies, and clinical practice guidelines. Kelly participated in Interactions-2 which is a Russian experiment in which both 1-Year mission crewmembers are participating.  The goal of the investigation is to study the patterns of intra- and inter-group (interaction with Mission Control Center (MCC)) dynamics during the long-term spaceflight of an international crew. Kelly and Kornienko performed their morning Reaction Self-Test and will perform another session prior to sleep.  This week-long session is in advance of the sleep shift required for the 42 Soyuz relocation later this week.  Reaction Self-Test aids crewmembers to objectively identify when their performance capability is degraded by various fatigue-related conditions that can occur as a result of ISS operations and time in space (e.g., acute and chronic sleep restriction, slam shifts, extravehicular activity (EVA), and residual sedation from sleep medications). Kelly and Kornienko are performing a week of sleep logging.  The Sleep ISS-12 experiment monitors ambient light exposure and crew member activity and collects subjective evaluations of sleep and alertness to examine the effects of space flight and ambient light exposure on sleep during a year-long mission on the ISS.   Plant Rotation: Yui removed samples from the Cell Biology Experiment Facility (CBEF) following the completion of the Plant Rotation Run 4 session.  He took photos of the Plant Rotation Chamber and downlinked for ground evaluation.  Many species of climbing plants grow upward in a spiraling shape, a process known as circumnutation. Plant organs, such as stems, leaves, and roots also grow in a spiraling, helical shape. This spiraling process can take many forms, including very tight loops and broad curves. The Plant Rotation experiment verifies the hypothesis that this type of plant growth requires gravity.   Circadian Rhythms: Lindgren concluded his 36-hour Circadian Rhythms measurement, doffing the Thermolab sensors and instrumentation belt and answering a short questionnaire about caffeine intake.  Circadian Rhythms investigates the role of synchronized circadian rhythms, or the “biological clock,” and how it changes during long-duration spaceflight. Researchers hypothesize that a non-24-hour cycle of light and dark affects crewmembers’ circadian clocks. The investigation also addresses the effects of reduced physical activity, microgravity and an artificially controlled environment. Changes in body composition and body temperature, which also occur in microgravity, can affect crewmembers’ circadian rhythms as well. Understanding how these phenomena affect the biological clock will improve performance and health of future crewmembers.   Mycological Evaluation of Crew Exposure to ISS Ambient Air (MYCO): Upon wakeup, Kelly performed the MYCO sampling, collecting nasal cavity, pharynx, saliva and skin samples. MYCO evaluates the risk of inhaling microorganisms and their adhesion to the skin to determine which fungi act as allergens on the ISS.  Analysis focuses on microflora, particularly fungi sampled from subjects, which may cause opportunistic infections and allergies if their immunity is compromised on the ISS.   Mobile Servicing System (MSS) Operations: Overnight Robotics Ground Controllers maneuvered the Space Station Remote Manipulator System (SSRMS) to position Special Purpose Dexterous Manipulator (SPDM) Arm 2 to open H-II Transfer Vehicle (HTV) Exposed Facility Unit 1 (HEFU1) and HEFU2 on the HTV5 External Platform (EP).  During the first attempt to grasp the HEFU1 Micro-Square Fixture (MSF), Orbit Replaceable Unit (ORU) Tool Changeout Mechanism 2 (OTCM2) hung up on the MSF. Robotics Ground Controllers were able to free OTCM2 and back SPDM Arm 2 away.  The next attempt to grasp the HEFU1 was successful and HEFU1 was opened.  OTCM2 then released the HEFU1 MF and the SSRMS and the SDPM were maneuvered to a park position.  HEFU2 will be opened on August 29 as part of the Superconducting sub-Millimeter-wave Limb-Emission Sounder (SMILES) transfer operations.   42S Relocation From Mini Research Module (MRM)2 Zenith to Service Module (SM) Aft Preparation: Earlier today the 42S Thruster Test was successfully completed.  Kelly completed Systems Operations Data File (SODF) deploy to replace emergency books and cue cards. He stowed discarded books and cards for return on a future SpaceX flight. The 42S crew performed On-Board Training (OBT) to prepare for 42S redock.   HTV5 Cargo Transfer Status:  Lindgren and Yui completed 4 hours of HTV-5 Cargo transfer operations today.  A total of 36 hours remain to complete HTV-5 cargo operations.   Today’s Planned Activities All activities were completed unless otherwise noted. IMMUNO. Saliva Sample (Session 1). / r/g 9727 Self-Reaction Test. Reaction Time Test (morning) IMMUNO. First stress test, questionnaire data entry. / r/g 9727 Closing USOS Window Shutters MYCO – Morning Sample Collection IMMUNO. Blood Sample (finger) / r/g 9727 IMMUNO. Blood Sample Ops. / r/g 9727 MYCO – Sample MELFI Insertion IMMUNO. Equipment Stow / r/g 9727 Acoustic Dosimeter Setup for FE-2, FE-6 COSMOCARD. Closeout Ops / r/g 9713 ISS Crew / SSIPC FD Conference HMS Visual Testing Activity Photography and Downlink of DC1 shell surface behind panels 201 and 202 via OCA / r/g 9729 Vision Questionnaire Soyuz 716 АСУ Activation (MRM2) / Ascent and Descent HMS Visual Testing Activity Soyuz 716 MCS (СУД) Test Before Relocation r/g 9720 ECLSS Recycle Tank Remove and Replace UDOD. Experiment Ops. / r/g 9721 Vision Questionnaire Ocular Health (OH) Blood Pressure Operations Ocular Health (OH) – Tonometry Test Setup Ocular Health (OH) Blood Pressure Operations Hardware prepack for return and disposal via ТК 716 / r/g 9646, 9711 Ocular Health (OH) – Tonometry Test (Operator) Ocular Health (OH) – Tonometry Test Ocular Health (OH) – Tonometry Test (Operator) Ocular Health (OH) – Tonometry Test Ocular Health (OH) – Stow Tonometry Hardware IPAD Unpack CRHYT – Hardware Removal HTV Transfers Ops Preventive maintenance of MRM2 АСП-О Hatch […]

from ISS On-Orbit Status Report http://ift.tt/1U89GXV
via IFTTT

PayPal Vulnerability Allows Hackers to Steal All Your Money

A critical security vulnerability has been discovered in the eBay owned global e-commerce business PayPal that could allow attackers to steal your login credentials, and even your credit card details in unencrypted format. Egypt-based researcher Ebrahim Hegazy discovered a Stored Cross Site Scripting (XSS) vulnerability in the Paypal's Secure Payments domain. As it sounds, the domain is


from The Hacker News http://ift.tt/1JzXNTx
via IFTTT

Teenage forward Martial handed debut France call-up

PARIS (AP) France coach Didier Deschamps has included Monaco's teenage forward Anthony Martial in his 23-man squad for next month's friendly matches against Portugal and Serbia.

from FOX Sports Digital http://ift.tt/1Jy3dKs
via IFTTT

Juventus visits Roma looking for first Serie A points

MILAN (AP) After the shock of losing its opening Serie A match at home for the first time in its history, defending champion Juventus would have been hoping for an easy second match to get it up and running.

from FOX Sports Digital http://ift.tt/1KmQijM
via IFTTT

British-born ISIS Hacker Killed in US Drone Strike in Syria

Remember Team Poison?  The hackers group that was active in 2012, and was known for gaining access to the former Prime Minister Tony Blair's address book and then publishing information from it. The British hacker who actually obtained the Prime Minister's address book and was jailed for six months in 2012, named Junaid Hussain, has been killed in a United States drone strike in Syria


from The Hacker News http://ift.tt/1EYXsnX
via IFTTT

Bayern, Leverkusen clash; Dortmund leading Bundesliga

BERLIN (AP) After perfect starts, something has to give when Bayern Munich hosts Bayer Leverkusen for the first Bundesliga clash of the season among Champions League participants. Borussia Dortmund, currently leading on goal difference after two league games, hosts Hertha Berlin, while Borussia Moenchengladbach aims to avoid its third straight defeat at the other end of the table. Here are some things to know about the third round of games:

from FOX Sports Digital http://ift.tt/1PAiY8e
via IFTTT

Fulfilling a father's wish: Balotelli aims for Euro 2016

MILAN (AP) Back with AC Milan after a dismal season at Liverpool, Mario Balotelli is hoping to realize a wish of his recently deceased adoptive father: playing for Italy again at next year's European Championship in France.

from FOX Sports Digital http://ift.tt/1JxGHBx
via IFTTT

Chelsea missing Terry with captain's place under scrutiny

MANCHESTER, England (AP) John Terry ended last season as still the best center back in the English Premier League.

from FOX Sports Digital http://ift.tt/1IjCel1
via IFTTT

Facebook M: Facebook's Answer to Siri, Cortana and Google Now

Microsoft's 'Cortana', Google's 'Google Now', Apple's 'Siri', Now meet Facebook's 'M.' Facebook's announcement to introduce their Personal Digital Assistant “M” comes with powers within the Facebook Messenger. It is a similar virtual assistant like Google Now, Apple's Siri and Microsoft's smart digital assistant Cortana. It seems that all the intelligence that resides within the


from The Hacker News http://ift.tt/1Jl1Gbu
via IFTTT

Balotelli hopes to realize deceased father's wish at Euros

MILAN (AP) Mario Balotelli is hoping his loan move back to AC Milan enables him to realize a wish of his recently deceased adoptive father: to play for Italy again at next year's European Championship.

from FOX Sports Digital http://ift.tt/1NWaS9o
via IFTTT

Musa fires CSKA past Sporting, into Champions League groups

KHIMKI, Russia (AP) Ahmed Musa fired CSKA Moscow into the Champions League group stage with a late winner as the Russian team mounted a second-half comeback to beat Sporting Lisbon 3-1 on Wednesday and 4-3 on aggregate.

from FOX Sports Digital http://ift.tt/1U7UjP1
via IFTTT

Leverkusen beats Lazio 3-0 to advance in Champions League

LEVERKUSEN, Germany (AP) Bayer Leverkusen advanced to the group stage of the Champions League by beating 10-man Lazio 3-0 on Wednesday.

from FOX Sports Digital http://ift.tt/1JkTzf7
via IFTTT

Thiago extends contract with Bayern Munich by 2 years

MUNICH (AP) Spain midfielder Thiago Alcantara has extended his contract with Bayern Munich by two years until 2019.

from FOX Sports Digital http://ift.tt/1JkQR9w
via IFTTT

Real Madrid under pressure to win home opener

MADRID (AP) Real Madrid is facing an unusually important home opener in the Spanish league, needing a convincing win over Real Betis on Saturday to avoid talks of an early crisis.

from FOX Sports Digital http://ift.tt/1LCATgF
via IFTTT

Apple iOS Jailbreak Tweaks Have Backdoors; 220,000 iCloud Accounts Hacked

Jailbreakers Beware! Some shady tweaks that you installed on their jailbroken devices are looking to steal your iCloud login credentials, a report said. The iCloud account details, including email addresses and passwords, of nearly 220,000 jailbreak users have been breached, an online Chinese vulnerability-reporting platform WooYun reported. WooYun is an information security


from The Hacker News http://ift.tt/1KPw8e7
via IFTTT

Collinder 399: The Coat Hanger


Is this coat hanger a star cluster or an asterism? This cosmic hang-up has been debated over much of last century, as astronomers wondered whether this binocular-visible object is really a physically associated open cluster or a chance projection. Chance star projections are known as asterisms, an example of which is the popular Big Dipper. Recent precise measurements from different vantage points in the Earth's orbit around the Sun have uncovered discrepant angular shifts indicating that the Coat Hanger is better described as an asterism. Known more formally as Collinder 399, this bright stellar grouping is wider than the full moon and lies in the constellation of the Fox (Vulpecula). via NASA http://ift.tt/1EhBBgC

Orioles Highlight: Baltimore launches 5 home runs, snapping its 6-game losing streak with an 8-5 win over Kansas City (ESPN)

from ESPN http://ift.tt/1eW1vUH
via IFTTT

CNNMoney on Twitter: "Ashley Madison is facing multiple lawsuits from anonymous ex-clients http ...

@CNNMoney @CNNSitRoom Serves Ashlyn Madison right. A website where you can cheat on your wife should be shut down! Immorality at its finest.

from Google Alert - anonymous https://www.google.com/url?rct=j&sa=t&url=https://twitter.com/CNNMoney/status/636366216039284736&ct=ga&cd=CAIyGjgxMzAxNTQ0ZWE3M2NhMmQ6Y29tOmVuOlVT&usg=AFQjCNEFY8dl0mX_HYd-4ey-DMQeforIaA
via IFTTT

Wednesday, August 26, 2015

Causality, Programmability and Information Biology. (arXiv:1508.06538v1 [cs.NE])

Information and computation have transformed the way we look at the world beyond statistical correlations, the way we can perform experiments, through simulations, and the way we can test these hypotheses. In previous work we introduced a concept of "algorithmicity" and of "programmability". Biology has already taken steps towards becoming a computer science aiming at reprogramming nature after the realisation that nature herself has reprogrammed organisms by harnessing the power of natural selection. We further unpack these ideas related to computability, algorithmic information theory and software engineering, in the context of the extent to which biology can be (re)programmed, and with how we may go about doing so in a more systematic way with all the tools and concepts offered by theoretical computer science in an translation exercise from computing to molecular biology and back. These concepts provide a means to a hierarchical organization thereby blurring previously clear-cut lines between concepts like matter and life, or between tumour types that are otherwise taken as different and may not have however a different cause. This does not diminish the properties of life or make its components and functions less interesting. On the contrary, this approach makes for a more encompassing and integrated view of nature, one that subsumes observer and observed within the same system, and can generate new perspectives and tools with which to view complex diseases like cancer, approaching them afresh from a software-engineering viewpoint that casts evolution in the role of programmer, cells as computer programs, the immune system as a program debugging tool, and diseases as a battlefield where these forces deploy.



from cs.AI updates on arXiv.org http://ift.tt/1EjR5Rp
via IFTTT

Everton advances in League Cup after extra-time win

BARNSLEY, England (AP) Everton needed extra time to beat third-tier Barnsley 5-3 and reach the third round of the League Cup on Wednesday in another high-scoring game in the competition.

from FOX Sports Digital http://ift.tt/1JwBPN4
via IFTTT

Man United back in Champions League, Rooney scoring again

MANCHESTER, England (AP) Manchester United had double reason to celebrate on Wednesday - the team is back in the Champions League group stage and star striker Wayne Rooney is scoring again.

from FOX Sports Digital http://ift.tt/1LBN0up
via IFTTT

Take Staff Pulse and Increase Engagement with Anonymous Polling Software

In a staff meeting where managers are seeking employee input, they can embed questions to solicit employee feedback, using an anonymous poll to ...

from Google Alert - anonymous http://ift.tt/1Jn2Bun
via IFTTT

Musa fires CSKA past Sporting, into Champions League groups

KHIMKI, Russia (AP) Ahmed Musa fired CSKA Moscow into the Champions League group stage with a late winner as the Russian team mounted a second-half comeback to beat Sporting Lisbon 3-1 on Wednesday and 4-3 on aggregate.

from FOX Sports Digital http://ift.tt/1KOhJi4
via IFTTT

United back in Champions League, Rooney back in the goals

MANCHESTER, England (AP) Manchester United had double reason to celebrate on Wednesday - the team is back in the Champions League group stage and Wayne Rooney is back in the goals.

from FOX Sports Digital http://ift.tt/1JyTdVH
via IFTTT

Leverkusen beats Lazio 3-0 to advance in Champions League

LEVERKUSEN, Germany (AP) Bayer Leverkusen advanced to the group stage of the Champions League by beating 10-man Lazio 3-0 on Wednesday.

from FOX Sports Digital http://ift.tt/1LBBJdr
via IFTTT

FIFA and CONMEBOL to audit Bolivia Football Federation

ASUNCION, Paraguay (AP) The president of South America's soccer confederation says CONMEBOL and FIFA will audit the finances of the Bolivian Football Federation, whose leader was jailed for alleged corruption.

from FOX Sports Digital http://ift.tt/1MV6lHj
via IFTTT

Platini's credentials as reformer questioned by FIFA rival

LONDON (AP) As Michel Platini prepares to reveal his FIFA presidential vision, a rival contender is launching his campaign by questioning the UEFA leader's long-standing association with Sepp Blatter and his credentials to reform the scandal-tainted governing body.

from FOX Sports Digital http://ift.tt/1JwghQF
via IFTTT

Dismiss block does not work for anonymous

Notices work fine for logged in users, and anonymous users can dismiss notices. But with both dismiss for a session and dismiss permanently the ...

from Google Alert - anonymous http://ift.tt/1PTTBz5
via IFTTT

Theismann: Anonymous coach is gutless for criticizing 'Skins

Larry French/Getty Images Joe Theismann ripped the 'anonymous coach' who criticized the Redskins for putting Robert Griffin III on the field to get ...

from Google Alert - anonymous http://ift.tt/1PTTCD2
via IFTTT

Here’s the List of Top 10 Big Tech Companies where Ashley Madison is very Popular

Cheaters Exposed! Would it be the Impact Team or a woman ex-employee who worked for Avid Life Media (as per John McAfee claims), the hackers that breached the cheater's dating website Ashley Madison has made the world aware of a lot of unfaithful people. The data crunching firm Dadaviz has analysed the leaked information of the Ashley Madison website and revealed that the majority of


from The Hacker News http://ift.tt/1PyCUIH
via IFTTT

Egypt withdraws from soccer competitions at African games

CAIRO (AP) The Confederation of African Football says Egypt has withdrawn both its men's and women's soccer teams from the All Africa Games in Republic of Congo next month.

from FOX Sports Digital http://ift.tt/1fFUYEs
via IFTTT

FIFA hosts Israeli, Palestinian football leaders for talks

ZURICH (AP) A FIFA panel aiming to improve Israeli-Palestinian football relations has met for the first time and agreed a follow-up session in the Middle East next month.

from FOX Sports Digital http://ift.tt/1NUfGft
via IFTTT

ISS Daily Summary Report – 08/25/15

HII Transfer Vehicle (HTV)5 Activities: Following yesterday’s successful capture and berthing, today the crew completed vestibule outfitting, opened the HTV hatch and installed Portable Fire Extinguishers, breathing apparatuses and handrails prior to ingressing the vehicle and completing 3-hours of cargo transfer. Later in the day the crew participated in a post-capture debrief with ground teams.   Mobile Servicing System (MSS) Operations: Last night, the Robotics Ground Controllers powered up the Mobile Servicing System (MSS) and maneuvered the Space Station Remote Manipulator System (SSRMS) to extract the External Platform (EP) from the HTV5 Unpressurized Logistics Carrier (ULC).  The EP was then maneuvered to the handoff position at which point the Japanese Experiment Module Remote Manipulator System (JEMRMS) Ground Controllers maneuvered the JEMRMS to grapple the EP Flight Releasable Grapple Fixture (FRGF).  The Robotics Ground Controllers then released the SSRMS from the EP Power and Video Grapple Fixture (PVGF) and maneuvered the SSRMS to a park position.  Early this morning, the JEMRMS Ground Controllers installed the EP on JEM Exposed Facility (JEF) Exposed Facility Unit 10 (EFU10) and then removed the Calorimetric Electron Telescope (CALET) from the EP and installed it on JEF EFU9.  The SSRMS was then walked from the Node 2 Power and Data Grapple Fixture (PDGF) to the Mobile Base System (MBS) PDGF #4.  The SSRMS was then used to pick up the Special Purpose Dexterous Manipulator (SPDM) from the Lab PDGF.  MSS performance today was nominal.  Later today, the Mobile Transporter (MT) will be moved to Worksite 7 and the SPDM will be used to open HTV Exposed Facility Units (HEFU) 1 and 2. Human Research Program (HRP) Operations: Kornienko began his Flight Day (FD) 150 Fluid Shifts Before, During and After Prolonged Space Flight and Their Association with Intracranial Pressure and Visual Impairment (Fluid Shifts) Dilution Measurements.  Upon wakeup he collected baseline saliva, blood and urine and inserted them into the Minus Eighty Degree Celsius Laboratory Freezer for ISS (MELFI) prior to ingesting a Sodium Bromide (NaBr) tracer.  Throughout the day, he performed more urine, blood, and saliva collections, inserting those samples into MELFI as well.  The Dilution Measurements are the first part in the series of FD150 Fluid Shifts measurements.  The next step in the Fluid Shifts experiment is the Baseline Imaging portion, occurring for both Kornienko and Kelly the week of August 31. The third portion of the Fluid Shifts experiment involves utilization of the Russian Chibis (Lower Body Negative Pressure – LBNP) during ultrasound measurements which will occur during the second week of Increment 45.  Fluid Shifts investigates the causes for severe and lasting physical changes to astronaut’s eyes. Because the headward fluid shift is a hypothesized contributor to these changes, reversing this fluid shift with a lower body negative pressure device is investigated as a possible intervention. Results from this study may help to develop preventative measures against lasting changes in vision and eye damage. Kelly performed his FD150 Cognition. Individualized Real-Time Neurocognitive Assessment Toolkit for Space Flight Fatigue (Cognition) is a battery of tests that measures how spaceflight-related physical changes, such as microgravity and lack of sleep, can affect cognitive performance. Cognition includes ten brief computerized tests that cover a wide range of cognitive functions, and provides immediate feedback on current and past test results. The software allows for real-time measurement of cognitive performance while in space. Kelly and Kornienko performed their morning Reaction Self-Test and another session prior to sleep. This week-long session is in advance of the sleep shift required for the 42 Soyuz relocation later this week. Reaction Self-Test aids crewmembers to objectively identify when their performance capability is degraded by various fatigue-related conditions that can occur as a result of ISS operations and time in space (e.g., acute and chronic sleep restriction, slam shifts, extravehicular activity (EVA), and residual sedation from sleep medications). Kelly and Kornienko are performing a week of sleep logging. The Sleep ISS-12 experiment monitors ambient light exposure and crew member activity, and collects subjective evaluations of sleep and alertness, to examine the effects of space flight and ambient light exposure on sleep during a year-long mission on the International Space Station (ISS).   NanoRacks Multi-Gas Monitor (MGM): Lindgren deployed the MGM in Node 3 today.  The MGM is the first laser sensor to continuously measure four gases that are key for crewmembers’ health aboard the ISS. The multiple low-power, tunable lasers train an infrared laser beam on a cabin air sample, and sensors tuned to specific wavelengths of light detect oxygen, carbon dioxide, ammonia, and humidity. The instrument fits in a device the size of a shoebox and detects the presence of gases in less than one second.   CALorimetric Electron Telescope (CALET) Video Survey: Yui captured video of the installation of CALET as it was moved from the HTV-5 EP to the JEM EFU #9. CALET is an astrophysics mission that searches for signatures of dark matter and provides the highest energy direct measurements of the cosmic ray electron spectrum to observe discrete sources of high energy particle acceleration in our local region of the Galaxy.  CALET addresses many outstanding high-energy astrophysics questions such as the origin of cosmic rays, how cosmic rays accelerate and travel across the galaxy and the existence of dark matter and nearby cosmic-ray sources.   On-Board Training (OBT) Emergency Review: All 6 crew members participated in this OBT to review emergency response during the upcoming direct handover timeframe. They specifically covered 6 crew with a Soyuz on SM Aft and MRM1; 9 crew timeframe; and 6 crew with a Soyuz on MRM1 and MRM2.   Today’s Planned Activities All activities were completed unless otherwise noted. Self-Reaction Test. Reaction Time Test SLEEP Questionnaire FLUID SHIFTS – Saliva Test FLUID SHIFTS – Urine Sample Collection FLUID SHIFTS – Urine Sample MELFI Insertion FLUID SHIFTS – Blood Sampling FLUID SHIFTS – Galley Water Collection and Tracer Ingestion Ops FLUID SHIFTS – Centrifuge Setup JEMRMS – RLT2 Activation GoPro HERO3 Video camera Setup and Adjustment for Operation during ТК 716 Descent […]

from ISS On-Orbit Status Report http://ift.tt/1hevA9P
via IFTTT

Microsoft Office 2016 for Windows coming on September 22

Earlier this year, Microsoft had announced to bring its Office 2016 soon to the world. Also, Office 2016 software version for Mac was released in July 2015. Now speculations gearing up are hinting towards a final release date of Office 2016 for Windows as 22nd September 2015. Though, for Window users it may not be quite a change, because in the new Office suite as compared to its


from The Hacker News http://ift.tt/1PyaGOj
via IFTTT

iOS Sandbox Vulnerability Puts Enterprise Data at Risk

"Change is the only constant thing," as it is known could be now modified as "Change is the only constant thing*," where the * means Terms and conditions apply! A change (Mobile Device Management solutions-MDM, Bring Your Own Device-BYOD) was brought to the organizations, (which later became necessities) for smooth workflow and management of an organization; where resides mobile and other


from The Hacker News http://ift.tt/1NU1m6V
via IFTTT

GitHub Again Hit by DDoS Cyberattack

Github – the popular code sharing website used by programmers to collaborate on software development – again became a victim of a distributed-denial-of-service (DDoS) attack on Tuesday morning. The attack came just a few months after the popular code repository website GitHub suffered a massive DDoS attack, which was linked to China. Also Read: China Using A Powerful 'Great Cannon'


from The Hacker News http://ift.tt/1K13mws
via IFTTT