Latest YouTube Video

Saturday, September 26, 2015

Benfica beats Pacos 3-0, Sporting draws in Portugal

LISBON, Portugal (AP) Jonas scored two goals to lead Benfica to a 3-0 win over Pacos Ferreira, while Sporting Lisbon missed a chance to take the lead of the Portuguese league on Saturday.

from FOX Sports Digital http://ift.tt/1QFMGJz
via IFTTT

Messi tears knee ligament during Barcelona win

LONDON (AP) Lionel Messi tore a ligament in his left knee near the start of Barcelona's costly 2-1 win over Las Palmas on Saturday that provisionally lifted the defending champions to the top of the Spanish league.

from FOX Sports Digital http://ift.tt/1VfOvn6
via IFTTT

Messi se lesiona, Suárez salva al Barsa y el Madrid se frena

BARCELONA, Espana (AP) El Barcelona perdio a Lionel Messi por lesion, pero Luis Suarez solvento la victoria sobre el visitante Las Palmas por 2-1 con su segundo y tercer gol de la actual liga espanola, en que el equipo azulgrana volvio a colocarse momentaneamente lider con 15 puntos al arranque de la sexta fecha, el sabado.

from FOX Sports Digital http://ift.tt/1QFopmW
via IFTTT

Dzyuba rescues draw for misfiring Zenit in Russian league

MOSCOW (AP) A late goal from Artyom Dzyuba rescued a 2-2 draw for Zenit St. Petersburg against Spartak Moscow after goalkeeping errors looked set to condemn Zenit to defeat in the Russian Premier League.

from FOX Sports Digital http://ift.tt/1OzO1nF
via IFTTT

Barcelona's Messi tears knee ligament, out 7-8 weeks

BARCELONA, Spain (AP) Barcelona faces two long months without Lionel Messi after its star forward tore a ligament in his left knee during the defending champion's Spanish league match against Las Palmas on Saturday.

from FOX Sports Digital http://ift.tt/1LdOVWk
via IFTTT

Roma gets season back on track with 5-1 humiliation of Carpi

MILAN (AP) Roma reignited its league campaign with a 5-1 drubbing of newly-promoted Carpi on Saturday.

from FOX Sports Digital http://ift.tt/1Mwuj8Z
via IFTTT

West Ham scores late to rescue point against Norwich

LONDON (AP) Cheikhou Kayoute netted a late goal on Saturday to earn his team a draw as West Ham and Norwich City battled to a 2-2 draw at the Boleyn ground.

from FOX Sports Digital http://ift.tt/1KWMnKg
via IFTTT

Messi sufre rotura de ligamento y estará dos meses de baja

BARCELONA, Espana (AP) Lionel Messi cayo lesionado el sabado en el partido del Barcelona contra el Las Palmas en la liga espanola y estara unos dos meses de baja, segun informo posteriormente la entidad azulgrana, tras realizarle las pertinentes pruebas medicas en una clinica cercana.

from FOX Sports Digital http://ift.tt/1PFWgff
via IFTTT

Messi injured in Barcelona's 2-1 win over Las Palmas

BARCELONA, Spain (AP) Lionel Messi tore a ligament in his left knee near the start of Barcelona's costly 2-1 win over Las Palmas that provisionally lifted the defending champions to the top of the Spanish league on Saturday.

from FOX Sports Digital http://ift.tt/1MwhVpJ
via IFTTT

Southampton sweeps Swansea aside 3-1

SOUTHAMPTON, England (AP) Virgil van Dijk's first goal in England and Sadio Mane's third in two games helped fire Southampton to a 3-1 win over Swansea in the Premier League on Saturday.

from FOX Sports Digital http://ift.tt/1LdG72L
via IFTTT

Man United goes top as Man City slips up in Premier League

LONDON (AP) Manchester clubs traded places at the top of the Premier League on Saturday, after a buoyant United beat Sunderland 3-0 and early pacesetter City slipped to second after a 4-1 thumping at Tottenham.

from FOX Sports Digital http://ift.tt/1iSQOeX
via IFTTT

Liverpool eases pressure on Rodgers with 3-2 win over Villa

LIVERPOOL, England (AP) Liverpool eased the pressure on much-criticized manager Brendan Rodgers following a 3-2 win over Aston Villa on Saturday.

from FOX Sports Digital http://ift.tt/1OYyOfc
via IFTTT

Arsenal beats Leicester 5-2 in Premier League

LEICESTER, England (AP) Alexis Sanchez netted a hat trick to end his scoring drought as Arsenal came from behind to beat Leicester 5-2 Saturday in the Premier League.

from FOX Sports Digital http://ift.tt/1Wpkj6m
via IFTTT

Lewandowski stars as Bayern makes it 7 from 7 in Bundesliga

BERLIN (AP) Robert Lewandowski scored his 100th and 101st Bundesliga goals as Bayern Munich defeated Mainz 3-0 for the club's seventh win from seven games in the German league on Saturday.

from FOX Sports Digital http://ift.tt/1KK3Yld
via IFTTT

Barcelona's Messi goes to hospital for tests on injured knee

BARCELONA, Spain (AP) Lionel Messi has been taken to the hospital for tests after he hurt his left knee during Barcelona's Spanish league match against Las Palmas on Saturday and came off in the eighth minute.

from FOX Sports Digital http://ift.tt/1PFDowU
via IFTTT

Tottenham rallies to beat Man City 4-1 in Premier League

LONDON (AP) Harry Kane scored his first goal of the season for Tottenham as Spurs roared back from a goal down to hammer early title favorite Manchester City 4-1 in the Premier League on Saturday.

from FOX Sports Digital http://ift.tt/1gXwFm1
via IFTTT

Barcelona's Messi hurts left knee, asks to be substituted

BARCELONA, Spain (AP) Lionel Messi asked to be substituted in the eighth minute after hurting his left knee during Barcelona's home match against Las Palmas on Saturday.

from FOX Sports Digital http://ift.tt/1LTIdzo
via IFTTT

Ocean City, MD's surf is at least 5.26ft high

Maryland-Delaware, October 02, 2015 at 10:00AM

Ocean City, MD Summary
At 4:00 AM, surf min of 4.37ft. At 10:00 AM, surf min of 5.26ft. At 4:00 PM, surf min of 3.47ft. At 10:00 PM, surf min of 3.27ft.

Surf maximum: 6.26ft (1.91m)
Surf minimum: 5.26ft (1.6m)
Tide height: 3.88ft (1.18m)
Wind direction: NE
Wind speed: 21.98 KTS


from Surfline http://ift.tt/1kVmigH
via IFTTT

The World's First $9 Computer is Shipping Today!

Remember Project: C.H.I.P. ? A $9 Linux-based, super-cheap computer that raised some $2 Million beyond a pledge goal of just $50,000 on Kickstarter will be soon in your pockets. Four months ago, Dave Rauchwerk, CEO of Next Thing Co., utilized the global crowd-funding corporation ‘Kickstarter’ for backing his project C.H.I.P., a fully functioning computer that offers more than what you


from The Hacker News http://ift.tt/1O0CtK6
via IFTTT

Prince Ali pushes FIFA bid after rival Platini is questioned

ZURICH (AP) A day after UEFA President Michel Platini was questioned by Swiss authorities over a FIFA payment, presidential election rival Prince Ali bin al-Hussein touted himself as the safe choice to rid the governing body of corruption.

from FOX Sports Digital http://ift.tt/1FzCpOB
via IFTTT

uh-oh! North America Runs Completely Out of IPv4 Internet Addresses

Two months ago, THN reported about a similar announcement made by The American Registry for Internet Numbers (ARIN), which said that the agency is no longer able to produce IPv4 addresses in North America. Within a time frame of few months, ARIN, which handles Internet addresses in America, has announced the final exhaustion of their free pool of IPv4 addresses has reached zero... ...


from The Hacker News http://ift.tt/1VgSYAI
via IFTTT

Latest iOS 9.0.1 Update Failed to Patch Lockscreen Bypass Hack

iOS 9.0.1 – Apple's first update to its new iOS 9 mobile operating system, came out on Wednesday, addressed several bugs in its software. However, unfortunately, it seems that the latest update iOS 9.0.1 doesn't fix the lock screen bypass vulnerability reported by iPhone user Jose Rodriguez. Yes, the serious flaw in iOS 9 that allows anyone – with physical access of your iPhone or iPad


from The Hacker News http://ift.tt/1NSYetU
via IFTTT

Police Can't Force You To Unlock Your Phone, It violates Fifth Amendment Rights

Can the Cops can make you unlock your iPhone? ..."NO" According to a recent Federal Court’s ruling, it is not okay for police to force suspects to unlock their phones with a passcode. And, doing so would be a violation of your Fifth Amendment Rights in the US Constitution. The ruling came as the conclusion of a case, where Securities and Exchange Commission (SEC) accused Bonan


from The Hacker News http://ift.tt/1QEysbZ
via IFTTT

Yahoo! Launches Free Web Application Security Scanner

Yahoo! has open-sourced Gryffin – a Web Application Security Scanner – in an aim to improve the safety of the Web for everyone. Currently in its beta, Project Gryffin has made available on Github under the BSD-style license that Yahoo! has been using for a number of its open-sourced projects. Gryffin is basically a Go & JavaScript platform that helps system administrators scan URLs for


from The Hacker News http://ift.tt/1VeRzzP
via IFTTT

Ocean City, MD's surf is at least 5.09ft high

Maryland-Delaware, September 30, 2015 at 10:00PM

Ocean City, MD Summary
At 4:00 AM, surf min of 4.82ft. At 10:00 AM, surf min of 4.37ft. At 4:00 PM, surf min of 4.97ft. At 10:00 PM, surf min of 5.09ft.

Surf maximum: 6.08ft (1.85m)
Surf minimum: 5.09ft (1.55m)
Tide height: 4.14ft (1.26m)
Wind direction: ENE
Wind speed: 18.64 KTS


from Surfline http://ift.tt/1kVmigH
via IFTTT

Ocean City, MD's surf is at least 5.42ft high

Maryland-Delaware, October 01, 2015 at 04:00AM

Ocean City, MD Summary
At 4:00 AM, surf min of 5.42ft. At 10:00 AM, surf min of 5.16ft. At 4:00 PM, surf min of 4.45ft. At 10:00 PM, surf min of 4.44ft.

Surf maximum: 6.34ft (1.93m)
Surf minimum: 5.42ft (1.65m)
Tide height: -0.38ft (-0.12m)
Wind direction: NE
Wind speed: 22.51 KTS


from Surfline http://ift.tt/1kVmigH
via IFTTT

Anonymous at Libros Schmibros

Anonymous. Donate on behalf of Anonymous: Donate Volunteer Find an Event · Sign in with Email · Sign in with Facebook · Sign in with Twitter.

from Google Alert - anonymous http://ift.tt/1QEowzc
via IFTTT

anonymoUS: Insight Men

With critical flair, “Insight Men” engages the tenants of the Anonymous movement, connecting all elements between the conceptualisation of a piece to ...

from Google Alert - anonymous http://ift.tt/1MPkia2
via IFTTT

APM LDAP AAA - Anonymous Bind

Is it possible to configure an APM LDAP AAA instance for anonymous binding. The Admin-DN and Admin Password are required values, is there ...

from Google Alert - anonymous http://ift.tt/1QEowz2
via IFTTT

Pluto's Snakeskin Terrain


A mountainous region informally known as Tartarus Dorsa sprawls some 530 kilometers (330 miles) across this Plutonian landscape. Recently downloaded from New Horizons, it combines blue, red, and infrared image data in an extended color view captured near the spacecraft's close approach to Pluto on July 14. Shadows near the terminator, the line between Pluto's dim day and night, emphasize a rough, scaly texture. The stunning image resolves details on the distant world about 1.3 kilometers (0.8 miles) across. Refering to a part of Hades in ancient Greek mythology, Tartarus Dorsa borders Tombaugh Regio to the east. via NASA http://ift.tt/1KFBkBI

Friday, September 25, 2015

[FD] CVE-2015-7323 - Secure Meeting (Pulse Collaboration) issue may allow authenticated users to bypass meeting authorization

Profundis Labs Security Advisory http://ift.tt/1NZyRbk Product: ================================ Junos Pulse Secure Meeting Secure Meeting is a part of the Junos Puls Collaboration software, which allows you to organize and holding virtual meetings with internal and external users via the Juniper Access Gateway. Vulnerability Type: =================== Insufficient Authorization Checks CVE Reference: ============== CVE-2015-7323 VENDOR Reference: ================= http://ift.tt/1PDlJ9l Vulnerability Details: ===================== It is possible to enter "secure" meetings without knowledge of the password and the invitation link using the java fat client (meetingAppSun.jar). To access such meetings the following information is required: - A valid sessionID (DSID). This sessionID can be obtained by either having an invitation link to any other meeting or the user has a valid account to log into junos pulse using the http login form. - The meeting ID The meeting ID is a 7-8 digits number which may be gained using brute force or via CVE-2015-7322 (http://ift.tt/1PDlJpA) Note: The vulnerability is only related to the java fat client. If a user tries to access a secure meeting using the web browser ( https://domain/dana-na/meeting/login_meeting.cgi?mid=PARAM_A&occurrence=0), the meeting password (or invitation link) is required. PoC code(s): =============== Example how to start the java fat client to access a meeting A from the command line: java -classpath /usr/lib/jvm/java-7-oracle/jre/lib/plugin.jar:~/.juniper_networks/meetingAppSun.jar SecureMeetingApplication ivehost PARAM_D locale de log_level 1 meeting_type 0 Parameter0 "meeting_id=PARAM_A;user_name=xxx;cert_md5=PARAM_B;ncp_read_timeout=90;password=;meeting_url=;mobile_meeting_url=" uploadlog 1 home_dir "/home/..." user_agent "Mozilla/5.0" neoteris-dsid "DSID=PARAM_C" PARAM_A = meeting ID of Meeting A PARAM_B = md5 hash of the SSL-certifificate of Junos Pulse server PARAM_C = a valid sessionID PARAM_D = the domain/IP of the Junos Pulse server Disclosure Timeline: ========================================================= Vendor Notification: 01/2015 Vendor Confirmation: 03/2015 Vendor Patch Release: 06/2015 Public Disclosure: 09/2015 Affected Version: ========================================================= 8.0.5 Exploitation Technique: ======================= Remote Severity Level: ========================================================= CVSS Score: 5.0 (AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N)

Source: Gmail -> IFTTT-> Blogger

[FD] CVE-2015-7323 - Secure Meeting (Pulse Collaboration) issue may allow authenticated users to bypass meeting authorization

Profundis Labs Security Advisory http://ift.tt/1NZyRbk Product: ================================ Junos Pulse Secure Meeting Secure Meeting is a part of the Junos Puls Collaboration software, which allows you to organize and holding virtual meetings with internal and external users via the Juniper Access Gateway. Vulnerability Type: =================== Insufficient Authorization Checks CVE Reference: ============== CVE-2015-7323 VENDOR Reference: ================= http://ift.tt/1PDlJ9l Vulnerability Details: ===================== It is possible to enter "secure" meetings without knowledge of the password and the invitation link using the java fat client (meetingAppSun.jar). To access such meetings the following information is required: - A valid sessionID (DSID). This sessionID can be obtained by either having an invitation link to any other meeting or the user has a valid account to log into junos pulse using the http login form. - The meeting ID The meeting ID is a 7-8 digits number which may be gained using brute force or via CVE-2015-7322 (http://ift.tt/1PDlJpA) Note: The vulnerability is only related to the java fat client. If a user tries to access a secure meeting using the web browser ( https://domain/dana-na/meeting/login_meeting.cgi?mid=PARAM_A&occurrence=0), the meeting password (or invitation link) is required. PoC code(s): =============== Example how to start the java fat client to access a meeting A from the command line: java -classpath /usr/lib/jvm/java-7-oracle/jre/lib/plugin.jar:~/.juniper_networks/meetingAppSun.jar SecureMeetingApplication ivehost PARAM_D locale de log_level 1 meeting_type 0 Parameter0 "meeting_id=PARAM_A;user_name=xxx;cert_md5=PARAM_B;ncp_read_ timeout=90;password=;meeting_url=;mobile_meeting_url=" uploadlog 1 home_dir "/home/..." user_agent "Mozilla/5.0" neoteris-dsid "DSID=PARAM_C" PARAM_A = meeting ID of Meeting A PARAM_B = md5 hash of the SSL-certifificate of Junos Pulse server PARAM_C = a valid sessionID PARAM_D = the domain/IP of the Junos Pulse server Disclosure Timeline: ========================================================= Vendor Notification: 01/2015 Vendor Confirmation: 03/2015 Vendor Patch Release: 06/2015 Public Disclosure: 09/2015 Affected Version: ========================================================= 8.0.5 Exploitation Technique: ======================= Remote Severity Level: ========================================================= CVSS Score: 5.0 (AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N)

Source: Gmail -> IFTTT-> Blogger

Re: [FD] An iOS oversight: exploiting device trust and backups

[FD] VuFind 1.0 Web Application Reflected XSS (Cross-site Scripting) 0-Day Bug Security Issue

*VuFind 1.0 **Web Application **Reflected XSS (Cross-site Scripting) 0-Day Bug Security Issue* Exploit Title: VuFind Results? &lookfor parameter Reflected XSS Web Security Vulnerability Product: VuFind Vendor: VuFind Vulnerable Versions: 1.0 Tested Version: 1.0 Advisory Publication: September 20, 2015 Latest Update: September 25, 2015 Vulnerability Type: Cross-Site Scripting [CWE-79] CVE Reference: Impact CVSS Severity (version 2.0): CVSS v2 Base Score: 4.3 (MEDIUM) (AV:N/AC:M/Au:N/C:N/I:P/A:N) (legend) Impact Subscore: 2.9 Exploitability Subscore: 8.6 CVSS Version 2 Metrics: Access Vector: Network exploitable; Victim must voluntarily interact with attack mechanism Access Complexity: Medium Authentication: Not required to exploit Impact Type: Allows unauthorized modification Discover and Reporter: Wang Jing [School of Physical and Mathematical Sciences (SPMS), Nanyang Technological University (NTU), Singapore] (@justqdjing) *Suggestion Details:* *(1) Vendor & Product Description:* *Vendor:* VuFind *Product & Vulnerable Versions:* VuFind 1.0 *Vendor URL & Download:* Product can be obtained from here, http://ift.tt/1JurhNZ *Product Introduction Overview:* "VuFind is a library resource portal designed and developed for libraries by libraries. The goal of VuFind is to enable your users to search and browse through all of your library's resources by replacing the traditional OPAC to include: Catalog Records, Locally Cached Journals, Digital Library Items, Institutional Repository, Institutional Bibliography, Other Library Collections and Resources. VuFind is completely modular so you can implement just the basic system, or all of the components. And since it's open source, you can modify the modules to best fit your need or you can add new modules to extend your resource offerings. VuFind runs on Solr Energy. Apache Solr, an open source search engine, offers amazing performance and scalability to allow for VuFind to respond to search queries in milliseconds time. It has the ability to be distributed if you need to spread the load of the catalog over many servers or in a server farm environment. VuFind is offered for free through the GPL open source license. This means that you can use the software for free. You can modify the software and share your successes with the community! Take a look at our VuFind Installations Wiki page to see how a variety of organizations have taken advantage of VuFind's flexibility. If you are already using VuFind, feel free to edit the page and share your accomplishments. " *(2) Vulnerability Details:* VuFind web application has a computer security problem. Hackers can exploit it by reflected XSS cyber attacks. This may allow a remote attacker to create a specially crafted request that would execute arbitrary script code in a user's browser session within the trust relationship between their browser and the server. Several other similar products 0-day vulnerabilities have been found by some other bug researchers before. VuFind has patched some of them. "scip AG was founded in 2002. We are driven by innovation, sustainability, transparency, and enjoyment of our work. We are completely self-funded and are thus in the comfortable position to provide completely independent and neutral services. Our staff consists of highly specialized experts who focus on the topic information security and continuously further their expertise through advanced training". *(2.1)* The code flaw occurs at "lookfor?" parameter in "/vufind/Resource/Results?" page. Some other researcher has reported a similar vulnerability here and VuFind has patched it. http://ift.tt/1NSgCmx *(3) Solution:* Update to new version. *References:* http://ift.tt/1JurhO0 http://ift.tt/1NSgEee http://ift.tt/1NSgCmB http://ift.tt/1JurhO2 http://ift.tt/1NSgCmD http://ift.tt/1JurhO4 http://ift.tt/1NSgEeg http://ift.tt/1JurhO6 http://ift.tt/1Ixx1WI http://ift.tt/1NSgEeg

Source: Gmail -> IFTTT-> Blogger

[FD] Stored XSS in 4images <= v1.7.11

============================================= MGC ALERT 2015-001 - Original release date: September 08, 2015 - Last revised: September 24, 2015 - Discovered by: Manuel Garcia Cardenas - Severity: 4,8/10 (CVSS Base Score) ============================================= I. VULNERABILITY

Source: Gmail -> IFTTT-> Blogger

[FD] RomPager ShellShock RCE Vulnerability?

Gr33tz. I'm disclosing details for a potential 0day RCE vulnerability in a number of common routers which may allow full control of affected devices. I haven't found an existing vulnerability for this and this appears to be a new trend in my ModSecurity logs. Hoping to get some feedback from the community and see if anyone can confirm... After researching RomPager, it appears to be the underlying web server used by a number of common routers which are listed below. VULNERABLE DEVICES: # AirLive WT-2000ARM# D-Link DSL-2640R# Huawei 520 HG# Huawei 530 TRA# Pentagram Cerberus P 6331-42# TP-Link TD-8816# TP-Link TD-W8901G# TP-Link TD-W8951ND# TP-Link TD-W8961ND# ZTE ZXV10 W300# ZynOS# ZyXEL ES-2024# ZyXEL Prestige P-2602HW MODSECURITY LOGS: ==> /var/log/apache2/error.log

Source: Gmail -> IFTTT-> Blogger

A quick Q&A on issues ahead for FIFA, Blatter and Platini

ZURICH (AP) FIFA sank deeper into a crisis on Friday that threatened to take down the two most powerful men in world football.

from FOX Sports Digital http://ift.tt/1KI0C1Z
via IFTTT

Reims moves to 3rd place in French league

REIMS, France (AP) David N'Gog missed a penalty but made amends by heading in a second-half winner as Reims provisionally moved to third place in the French league standings with a 1-0 win over Lille on Friday.

from FOX Sports Digital http://ift.tt/1Mv2uhj
via IFTTT

English soccer club apologizes for botching Gretzky's name

LONDON (AP) Tottenham of the English Premier League has apologized to Wayne Gretzky for giving the hockey superstar a soccer jersey with his name misspelled.

from FOX Sports Digital http://ift.tt/1LbIumN
via IFTTT

Ingolstadt grabs 1-1 draw at Cologne in Bundesliga

BERLIN (AP) Ingolstadt captain Marvin Matip scored on his 30th birthday to salvage a 1-1 draw for the promoted side at Cologne in the Bundesliga on Friday.

from FOX Sports Digital http://ift.tt/1KDV7Ao
via IFTTT

Valencia ekes out 1-0 win over Granada to calm fans

VALENCIA, Spain (AP) Valencia secured a much-needed 1-0 win over Granada in the Spanish league on Friday for its first home victory of the season.

from FOX Sports Digital http://ift.tt/1KzYsUh
via IFTTT

Trinidad delays extradition hearing on Jack Warner FIFA case

PORT-OF-SPAIN, Trinidad (AP) Authorities in Trinidad have postponed a hearing to determine whether the U.S. will have to restart extradition proceedings against former FIFA Vice President Jack Warner in an international soccer corruption case.

from FOX Sports Digital http://ift.tt/1OXdGpI
via IFTTT

Ocean City, MD's surf is at least 5.22ft high

Maryland-Delaware, September 29, 2015 at 04:00AM

Ocean City, MD Summary
At 4:00 AM, surf min of 5.22ft. At 10:00 AM, surf min of 4.62ft. At 4:00 PM, surf min of 3.92ft. At 10:00 PM, surf min of 3.21ft.

Surf maximum: 6.22ft (1.9m)
Surf minimum: 5.22ft (1.59m)
Tide height: 0.07ft (0.02m)
Wind direction: N
Wind speed: 7.31 KTS


from Surfline http://ift.tt/1kVmigH
via IFTTT

Michel Platini defends FIFA payment under investigation

ZURICH (AP) UEFA President Michel Platini says a payment to him being looked into by Swiss authorities was for work carried out under contract at FIFA.

from FOX Sports Digital http://ift.tt/1iQq9PN
via IFTTT

Arsenal defender Gabriel given one-match ban, fined

LONDON (AP) Arsenal defender Gabriel Paulista has been given a one-match ban by the English Football Association after admitting a charge of improper conduct.

from FOX Sports Digital http://ift.tt/1LSlcwJ
via IFTTT

Brazil court freezes almost $50 million in Neymar assets

RIO DE JANEIRO (AP) A Brazilian court has frozen assets of Barcelona star Neymar, his family and related businesses valued at 188.8 million Brazilian reals ($48 million).

from FOX Sports Digital http://ift.tt/1LCKAdX
via IFTTT

Exploiting Browser Cookies to Bypass HTTPS and Steal Private Information

A newly discovered critical flaw in the implementation of web cookies by major browsers could open secured (HTTPS) browsing to Man-in-the-middle attacks. The US Computer Emergency Response Team (CERT) has revealed that all the main browser vendors have improperly implemented the RFC 6265 Standard, also referred to as "Browser Cookies," allowing… …remote attackers to bypass secure HTTPS


from The Hacker News http://ift.tt/1YFxhPt
via IFTTT

FIFA makes decisions before Blatter is interrogated

ZURICH (AP) Despite hastily canceling a news conference scheduled with President Sepp Blatter after the surprise arrival of Swiss federal police at its headquarters, FIFA did make some decisions during its two-day executive committee meeting that ended Friday.

from FOX Sports Digital http://ift.tt/1NYCmyP
via IFTTT

FIFA statement on Swiss investigation into Sepp Blatter

ZURICH (AP) Text of FIFA statement issued Friday after Swiss prosecutors opened criminal proceedings against Sepp Blatter:

from FOX Sports Digital http://ift.tt/1Lb2tCe
via IFTTT

Swiss statement on criminal investigation into Sepp Blatter

BERNE, Switzerland (AP) Statement provided by the Swiss Attorney General on the opening of criminal proceedings against FIFA President Sepp Blatter:

from FOX Sports Digital http://ift.tt/1FlBQrI
via IFTTT

I have a new follower on Twitter


erpscan
ERPScan. Detect and Prevent Cyberattacks in SAP and Oracle business-critical ERP systems
Palo Alto, CA
http://t.co/eF2IkBDTom
Following: 1079 - Followers: 777

September 25, 2015 at 11:04AM via Twitter http://twitter.com/erpscan

Swiss police open criminal case against FIFA head Blatter

ZURICH (AP) FIFA President Sepp Blatter has been interrogated by Swiss federal police over alleged financial corruption.

from FOX Sports Digital http://ift.tt/1Wn0jRF
via IFTTT

Guardiola leaves news conference after England question

MUNICH (AP) Bayern Munich coach Pep Guardiola abruptly ended a news conference Friday after being asked about reports linking him with the England national team.

from FOX Sports Digital http://ift.tt/1G6UEpF
via IFTTT

FIFA cancels scheduled Blatter news conference

ZURICH (AP) FIFA has canceled a news conference scheduled with President Sepp Blatter without explanation, fueling the sense of turmoil surrounding football's embattled governing body.

from FOX Sports Digital http://ift.tt/1KzbrFK
via IFTTT

FIFA picks Nov. 21 as kickoff for 28-day World Cup in Qatar

ZURICH (AP) FIFA says the 2022 World Cup in Qatar will start on Nov. 21, kicking off a 28-day tournament that will finish on Dec. 18.

from FOX Sports Digital http://ift.tt/1R5uDgK
via IFTTT

FIFA confirms 2022 World Cup in Qatar will kick off Nov. 21, be played in just 28 days

ZURICH (AP) FIFA confirms 2022 World Cup in Qatar will kick off Nov. 21, be played in just 28 days.

from FOX Sports Digital http://ift.tt/1gUlhr3
via IFTTT

[FD] CVE-2015-5075 - Cross-Site Request Forgery In X2Engine Inc. X2Engine

Vulnerability title: Cross-Site Request Forgery In X2Engine Inc. X2Engine CVE: CVE-2015-5075 Vendor: X2Engine Inc. Product: X2Engine Affected version: 4.2 Fixed version: 5.2 Reported by: Simone Quatrini Details: It was discovered that no protection against Cross-site Request Forgery attacks was implemented, resulting in an attacker being able to able to force the creation of a new administrative account. Further details at: http://ift.tt/1jhyFr1 Copyright: Copyright (c) Portcullis Computer Security Limited 2015, All rights reserved worldwide. Permission is hereby granted for the electronic redistribution of this information. It is not to be edited or altered in any way without the express written consent of Portcullis Computer Security Limited. Disclaimer: The information herein contained may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (Portcullis Computer Security Limited) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information. ############################################################### This email originates from the systems of Portcullis Computer Security Limited, a Private limited company, registered in England in accordance with the Companies Act under number 02763799. The registered office address of Portcullis Computer Security Limited is: Portcullis House, 2 Century Court, Tolpits Lane, Watford, United Kingdom, WD18 9RS. The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Any opinions expressed are those of the individual and do not represent the opinion of the organisation. Access to this email by persons other than the intended recipient is strictly prohibited. If you are not the intended recipient, any disclosure, copying, distribution or other action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. When addressed to our clients any opinions or advice contained in this email is subject to the terms and conditions expressed in the applicable Portcullis Computer Security Limited terms of business. ############################################################### ##################################################################################### This e-mail message has been scanned for Viruses and Content and cleared by MailMarshal. #####################################################################################

Source: Gmail -> IFTTT-> Blogger

[FD] CVE-2015-5074 - Arbitrary File Upload In X2Engine Inc. X2Engine

I have a new follower on Twitter


Vormetric
Data Security | Cloud Security Physical, Virtual & Cloud: Encryption, Key management, Access Control, Security Intelligence. More on http://t.co/pPDFwEGh6S

http://t.co/YVMzxk4Caz
Following: 7903 - Followers: 7621

September 25, 2015 at 09:17AM via Twitter http://twitter.com/Vormetric

ISS Daily Summary Report – 09/24/15

Twins Study Influenza Vaccine and Sample Collection:  Kelly self-administered an influenza vaccine and collected Flight Day 180 blood and urine samples today in support of the Twins Study.  This investigation is an integrated compilation of ten different studies led by multiple investigators.  The studies take advantage of a unique opportunity to look at the effects of space travel on identical twins, with one of them experiencing space travel for a year while the other remains earth-bound for that same year.  The study looks at changes in the human body in the fields of genetics, psychology, physiology, microbiology, and immunology.   Cognition:  Yui and Lindgren performed their Flight Day 65 sessions of the Cognition experiment today. Individualized Real-Time Neurocognitive Assessment Toolkit for Space Flight Fatigue (Cognition) is a battery of tests that measure how spaceflight-related physical changes, such as microgravity and lack of sleep, can affect cognitive performance. Cognition includes ten brief computerized tests that cover a wide range of cognitive functions, and provides immediate feedback on current and past test results. The software allows for real-time measurement of cognitive performance while in space.   Journals:  Kelly completed a Journal activity today. Journals obtains information on behavioral and human issues that are relevant to the design of equipment and procedures and sustained human performance during extended-duration missions. Study results provide information to help prepare for future missions to low-Earth orbit and beyond.   Cardio Ox:  Kelly and Lindgren, with assistance from Yui, collected blood pressure and ultrasound measurements of their carotid and brachial arteries.  The objective of Cardio Ox is to determine whether biological markers of oxidative and inflammatory stress are elevated during and after space flight and whether this results in an increased, long-term risk of atherosclerosis in astronauts. Twelve crewmembers will provide blood and urine samples to assess biomarkers before launch, 15 and 60 days after launch, 15 days before returning to Earth, and within days after landing. Ultrasound scans are obtained at the same time points and through 5 years after landing.   Japanese Experiment Module (JEM) Airlock (JEMAL) Pressurization and Leak Check:  In preparation for Lindgren’s removal of the JEM Small Satellite Orbital Deployer (JSSOD) from the JEMAL Slide Table tomorrow, today Yui pressurized the JEMAL and performed a leak check.   Sound Level Measurements in the Mouse Habitat Unit (MHU):  Yui installed the MHU Interface Unit in the Cell Biology Experiment Facility (CBEF) and then took sound level measurements inside the Interface Unit with a sound level meter.  These measurements will provide an indication of the sound levels that mice in the MHU will be exposed to during JAXA’s Mouse Epigenetics experiment, which will be performed after the mice arrive on a visiting vehicle in the future. Galley Rack Secure:  Today, Lindgren installed a Knee Brace Assembly at the NOD1P4 location in order to permanently secure the Galley Rack.  Due to structural interference, the Galley Rack was temporarily secured last week on September 15th.  Hardware needed for Galley Rack activation is scheduled to arrive on a later flight. Once in operation, the Galley Rack will provide ISS Crews with a consolidated location for a potable water dispenser, two freezers, two food warmers, and a 16 port Ethernet switch.   United States On-orbit Segment (USOS) Hatch Seal Inspections:  Kelly cleaned and inspected USOS Hatch Seals, Hatch Plate Sealing Surfaces, and Hatch Handle Mechanisms.  Hatches targeted for today’s inspection included the Airlock, Node 3 (Nadir, Forward, Starboard) JLP, JPM (Starboard, Zenith), and PMM.   Robot Micro Conical Tool (RMCT) Troubleshooting:  Last night, the Robotics Ground Controllers powered up the Mobile Servicing System (MSS) and Special Purpose Dexterous Manipulator (SPDM) to perform RMCT checkouts.  These operations, which will continue later this evening, are being performed to help determine if the RMCT1 torque anomaly seen earlier this year is in any way related to it being stowed on SPDM Tool Holder Assembly (THA)-1.   Today’s Planned Activities All activities were completed unless otherwise noted. HRF – Urine Samples Collection TWIN – Urine Samples Collection Biochemical Urine Test HRF – Insertion of Samples in MELFI URISIS Hardware Restow HRF – Blood Samples Collection HRF – Assistance during Blood Samples Collection HRF – Refrigerated Centrifuge Config Soyuz 718 Samsung Tablet Charge Kazbek Fit Check (Soyuz 717) JEMAL – Pressurization HRF – Closeout Ops after Blood Samples Collection Water Recovery System (WRS): WPA Waste Water Tank Offload into CWC (start) HRF – Insertion of Samples in MELFI Soyuz 717 Samsung Tablet Charge ISS Crew and SSIPC Conference On Mcc Go Brine Transfer from a USOS EDV into Rodnik БВ1 Water Tank of Progress 428 JEMAL – Leak Check after Pressurization UDOD. Experiment Session with DYKHANIE-1 and SPRUT-2 Kits. USND2 – Hardware Activation Water Recovery System (WRS): WPA Waste Water Tank Offload into CWC Crew Medical Officer (CMO) Computer Based Training (CBT) In Flight Maintenance (IFM) Galley Rack Securing CARDOX – Prep Ops and Hardware Setup CARDOX – Ultrasound Scanning UDOD. Photography during Experiment Session СОЖ Maitnenance CARDOX – Ultrasound Scanning (Assistance) HMS – Food  Frequency Questionnaire (FFQ) CARDOX – Measurements Regenerative Environmental Control and Life Support System (RGN) WSTA Fill CARDOX – Post-Measurement Operations XF305 Camcorder Setup HRF – Urine Samples Collection Cell Biology Experiment Facility (CBEF). Mouse Habitat Unit (MHU) Installation Crew Prep for PAO HRF – Insertion of Samples in MELFI CBEF – Sound Level Measurement Б-Ц TV. One-year Crew PAO CARDOX – Prep Ops and Hardware Setup CARDOX – Ultrasound Scanning CBEF – Micro-G Door Close СКПФ1 and СКПФ2 Dust Filters Changeout (ФГБ1ПГО_4_419_1, bag 428-25 (00067328R). Update IMS) and MRM1 Gas Liquid Heat Exchanger (ГЖТ) Cleaning [РТ]-50-1М No. 6 and 8 (А206, А208) R&R Prep – Search for Hardware, Radiogram Review. CARDOX – Measurements CBEF – Micro-G Door Open AC Inverter Deploy to Lab UOP5 CBEF – Sound Level Measurement CBEF – Micro-G Door Close Laptop Prep and [ACH-K] and Progress 428 (DC1) Tests Setup ИП-1 Sensors Installation Monitoring VELIKOE NACHALO (GREAT START). Experiment Prep VELIKOE NACHALO (GREAT START). Video Footage of the Experiment Ops JRNL – Journal Entry […]

from ISS On-Orbit Status Report http://ift.tt/1KGJiKT
via IFTTT

[FD] CVE-2015-5076 - Vulnerability title: Reflective XSS In X2Engine Inc. X2Engine

Vulnerability title: Reflective XSS In X2Engine Inc. X2Engine CVE: CVE-2015-5076 Vendor: X2Engine Inc. Product: X2Engine Affected version: 4.2 Fixed version: 5.2 Reported by: Simone Quatrini Details: It was discovered that the web application was vulnerable to reflective Cross-Site Scripting where user supplied data is used to generate the subsequent response. This is a normal feature of many applications, however, in this instance the application failed to restrict the type of data that was accepted and also failed to sanitise it, meaning that it could not be safely rendered by the browser. A number of locations were identified as beuing vulnerable, including: x2engine/protected/views/admin/formEditor.php:144:Delete Selected Version x2engine/protected/views/admin/rollbackImport.php:99: x2engine/protected/views/site/listener.php:69: if(!empty($_GET['bc'])) echo $_GET['bc']; x2engine/protected/views/site/listener.php:83: x2engine/protected/views/site/listener.php:84: x2engine/protected/views/site/listener.php:87: echo 'font-family:'. FontPickerInput::getFontCss($_GET['font']) .";\n"; x2engine/protected/components/views/webForm.php:292: value=""> x2engine/protected/tests/webscripts/x2WebTrackingTestPages/customWebLeadCaptureScriptTest.php:61:
success
x2engine/protected/modules/contacts/controllers/ContactsController.php:577:echo $_POST['id']; x2engine/protected/modules/contacts/controllers/ContactsController.php:581: echo $_POST['id']; An attacker could create a malicious link with the following URL: http://localhost/x2engine/index.php/profile/getEvents?lastEventId=&lastTimestamp=1408631575&profileId=3&myProfileId=3 Further details at: http://ift.tt/1YFgdsT Copyright: Copyright (c) Portcullis Computer Security Limited 2015, All rights reserved worldwide. Permission is hereby granted for the electronic redistribution of this information. It is not to be edited or altered in any way without the express written consent of Portcullis Computer Security Limited. Disclaimer: The information herein contained may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (Portcullis Computer Security Limited) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information. ############################################################### This email originates from the systems of Portcullis Computer Security Limited, a Private limited company, registered in England in accordance with the Companies Act under number 02763799. The registered office address of Portcullis Computer Security Limited is: Portcullis House, 2 Century Court, Tolpits Lane, Watford, United Kingdom, WD18 9RS. The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Any opinions expressed are those of the individual and do not represent the opinion of the organisation. Access to this email by persons other than the intended recipient is strictly prohibited. If you are not the intended recipient, any disclosure, copying, distribution or other action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. When addressed to our clients any opinions or advice contained in this email is subject to the terms and conditions expressed in the applicable Portcullis Computer Security Limited terms of business. ############################################################### ##################################################################################### This e-mail message has been scanned for Viruses and Content and cleared by MailMarshal. #####################################################################################

Source: Gmail -> IFTTT-> Blogger

Russia coach Slutsky brings back Capello's favorites

MOSCOW (AP) New Russia coach Leonid Slutsky has recalled some of his predecessor Fabio Capello's favorite players for the final two group stage matches of qualification for next year's European championships.

from FOX Sports Digital http://ift.tt/1NQGu21
via IFTTT

NeoKylin: China's Linux OS that Seriously Looks Like Windows XP

Do You Know: China has planned to eliminate all foreign Technologies and Services by 2020, just like Google and Facebook. And it seems China in some years would be an entirely independent IT economy; building homegrown Mobile and computer devices, Operating Systems, Applications, Browsers and almost everything existing in the IT ecosystem. Well, China was not at all happy when Microsoft


from The Hacker News http://ift.tt/1LBIawn
via IFTTT

Lenovo Caught (3rd Time) Pre-Installing Spyware on its Laptops

Lenovo has once again been caught installing spyware on its laptops and workstations without the user's permission or knowledge. One of the most popular computer manufacturers is being criticized for selling some refurbished laptop models pre-installed with invasive marketing software that sends users data directly to the company. This is not first time Lenovo has allegedly installed


from The Hacker News http://ift.tt/1LReKGn
via IFTTT

How Silent Witness keep your ID anonymous

A look inside Silent Witness and how people there keep your ID anonymous during and after crime investigations.

from Google Alert - anonymous http://ift.tt/1LBhFHl
via IFTTT

LDN 988 and Friends


Stars are forming in dark, dusty molecular cloud LDN 988. Seen near picture center some 2,000 light-years distant, LDN 988 and other nearby dark nebulae were cataloged by Beverly T. Lynds in 1962 using Palomar Observatory Sky Survey plates. Narrowband and near-infrared explorations of the dark nebula reveal energetic shocks and outflows light-years across associated with dozens of newborn stars. But in this sharp optical telescopic view, the irregular outlines of LDN 988 and friends look like dancing stick figures eclipsing the rich starfields of the constellation Cygnus. From dark sky sites the region can be identified by eye alone. It's part of the Great Rift of dark nebulae along the plane of the Milky Way galaxy known as the Northern Coalsack. via NASA http://ift.tt/1L7qNVt

Anonymous profile interaction

You can switch between public and anonymous profiles there. And yes, the ghost in the tabbar means that you are in the anonymous mode. We had ...

from Google Alert - anonymous http://ift.tt/1NQ3Ftw
via IFTTT

Thursday, September 24, 2015

I have a new follower on Twitter


Thomas Hjermitslev
UX Specialist at TimeXtender. Revolutionizing the world of data warehousing one window at a time.
Denmark
http://t.co/1OZlLz5z6O
Following: 2956 - Followers: 2996

September 24, 2015 at 10:00PM via Twitter http://twitter.com/thjerm

Orioles Highlight: Matt Wieters crushes two-run home run in 5-4 win over Nationals to finish off three-game sweep (ESPN)

from ESPN http://ift.tt/1eW1vUH
via IFTTT

Exploration and Exploitation of Victorian Science in Darwin's Reading Notebooks. (arXiv:1509.07175v1 [cs.CL])

Search in an environment with an uncertain distribution of resources involves a trade-off between local exploitation and distant exploration. This extends to the problem of information foraging, where a knowledge-seeker shifts between reading in depth and studying new domains. To study this, we examine the reading choices made by one of the most celebrated scientists of the modern era: Charles Darwin. Darwin built his theory of natural selection in part by synthesizing disparate parts of Victorian science. When we analyze his extensively self-documented reading we find shifts, on multiple timescales, between choosing to remain with familiar topics and seeking cognitive surprise in novel fields. On the longest timescales, these shifts correlate with major intellectual epochs of his career, as detected by Bayesian epoch estimation. When we compare Darwin's reading path with publication order of the same texts, we find Darwin more adventurous than the culture as a whole.



from cs.AI updates on arXiv.org http://ift.tt/1FxghEk
via IFTTT

CRDT: Correlation Ratio Based Decision Tree Model for Healthcare Data Mining. (arXiv:1509.07266v1 [cs.AI])

The phenomenal growth in the healthcare data has inspired us in investigating robust and scalable models for data mining. For classification problems Information Gain(IG) based Decision Tree is one of the popular choices. However, depending upon the nature of the dataset, IG based Decision Tree may not always perform well as it prefers the attribute with more number of distinct values as the splitting attribute. Healthcare datasets generally have many attributes and each attribute generally has many distinct values. In this paper, we have tried to focus on this characteristics of the datasets while analysing the performance of our proposed approach which is a variant of Decision Tree model and uses the concept of Correlation Ratio(CR). Unlike IG based approach, this CR based approach has no biasness towards the attribute with more number of distinct values. We have applied our model on some benchmark healthcare datasets to show the effectiveness of the proposed technique.



from cs.AI updates on arXiv.org http://ift.tt/1VdTxv0
via IFTTT

Formalizing Preference Utilitarianism in Physical World Models. (arXiv:1504.05603v2 [cs.CY] UPDATED)

Most ethical work is done at a low level of formality. This makes practical moral questions inaccessible to formal and natural sciences and can lead to misunderstandings in ethical discussion. In this paper, we use Bayesian inference to introduce a formalization of preference utilitarianism in physical world models, specifically cellular automata. Even though our formalization is not immediately applicable, it is a first step in providing ethics and ultimately the question of how to "make the world better" with a formal basis.



from cs.AI updates on arXiv.org http://ift.tt/1Hnu0xp
via IFTTT

A Large-Scale Car Dataset for Fine-Grained Categorization and Verification. (arXiv:1506.08959v2 [cs.CV] UPDATED)

Updated on 24/09/2015: This update provides preliminary experiment results for fine-grained classification on the surveillance data of CompCars. The train/test splits are provided in the updated dataset. See details in Section 6.



from cs.AI updates on arXiv.org http://ift.tt/1KrsuvE
via IFTTT

David Beckham impressed by pope: 'Truly amazing'

UNITED NATIONS (AP) Add David Beckham to the list of people who have been moved by the pope's visit to the United States.

from FOX Sports Digital http://ift.tt/1KCz2lW
via IFTTT

Deportivo la Coruna beats Real Betis 2-1 in Spanish league

MADRID (AP) Second-half goals by Faycal Fajr and Federico Cartabia gave Deportivo La Coruna a 2-1 win at Real Betis in the Spanish league on Thursday.

from FOX Sports Digital http://ift.tt/1OW1vJN
via IFTTT

Dunga calls up 35-year-old Oliveira to replace Firmino

RIO DE JANEIRO (AP) Brazil's coach Dunga has called up 35-year-old striker Ricardo Oliveira for World Cup qualifiers next month against Chile and Venezuela. The Brazilian soccer confederation announced the move Thursday with Oliveira replacing Roberto Firmino of Liverpool, who has a back injury.

from FOX Sports Digital http://ift.tt/1JsovZG
via IFTTT

Marseille ordered to close sections of its stadium

MARSEILLE, France (AP) Marseille has been ordered to close sections of its Velodrome stadium following crowd trouble last weekend.

from FOX Sports Digital http://ift.tt/1LAGe7b
via IFTTT

Atalanta beats Empoli 1-0 in Serie A

ROME (AP) Brazilian defender Rafael Toloi scored in the first half to give Atalanta a 1-0 win at Empoli in Thursday's lone Serie A match.

from FOX Sports Digital http://ift.tt/1KCl9nD
via IFTTT

Monaco beat Montpellier 3-2 with stoppage-time winner

Montpellier, France (AP) Monaco came from behind to beat Montpellier 3-2 on Thursday with Fabinho scoring the winner from the penalty spot in second-half stoppage time.

from FOX Sports Digital http://ift.tt/1R3xmYa
via IFTTT

FIFA agree to hand over emails to assist criminal cases

GENEVA (AP) FIFA relented and handed over emails from suspended official Jerome Valcke on Thursday, having blocked access even as Sepp Blatter pledged support for American and Swiss investigations of corruption.

from FOX Sports Digital http://ift.tt/1QAZmkN
via IFTTT

Zico: I want to show I'm serious about being FIFA president

ZURICH (AP) Former Brazil great Zico travelled to the home of FIFA with one goal in mind: Show everyone that he is serious about his bid to lead soccer's world governing body.

from FOX Sports Digital http://ift.tt/1KBOPl4
via IFTTT

Aguero, Kane struggling to match last season's scoring feats

LONDON (AP) The scoring feats of Sergio Aguero and Harry Kane were unrivaled in the Premier League last season.

from FOX Sports Digital http://ift.tt/1iyA3F0
via IFTTT

Lichtsteiner released from hospital after breathing problems

TURIN, Italy (AP) Juventus says Stephan Lichtsteiner's condition will be monitored over the next few days after the defender was hospitalized Wednesday night following breathing difficulties during a match.

from FOX Sports Digital http://ift.tt/1MseekU
via IFTTT

Blatter urges FIFA support for US, Swiss criminal cases

ZURICH (AP) Sepp Blatter says FIFA will support American and Swiss investigations of corruption in football, even as both criminal cases target him.

from FOX Sports Digital http://ift.tt/1Vbd4Sn
via IFTTT

Swiss league player banned 8 matches for referee assault

BERN, Switzerland (AP) The Swiss Football League has banned Lucerne forward Dario Lezcano for eight matches after he assaulted a referee who sent him off.

from FOX Sports Digital http://ift.tt/1MrVwd3
via IFTTT

Hurting Barcelona hosts Las Palmas in Spanish league

MADRID (AP) After its first loss of the Spanish league season, Barcelona coach Luis Enrique is focusing on two areas in clear need of improvement - a surprising lack of scoring power and a defense that's leaking goals.

from FOX Sports Digital http://ift.tt/1Lz3JO0
via IFTTT

Platini says he wants to tone down politics at FIFA

ZURICH (AP) Michel Platini says he wants politics to play a lesser role at FIFA if he is elected its next president.

from FOX Sports Digital http://ift.tt/1KDChuk
via IFTTT

Firefox 41 integrates Free Built-in Instant Messaging and Video Chat to Your Browser

Mozilla launches Voice and Video Connect with the release of Official Firefox 41.0 Release. After significant improvements done in the Firefox Nightly experimental build of version Firefox 41.0, the stable release has a lot to offer. How would it be experiencing a seamless communication – video and voice calls and text messaging being directly built in your browser? <!-- adsense -->


from The Hacker News http://ift.tt/1iNMjT0
via IFTTT

Bayern travels to Mainz, Dortmund hosts Darmstadt

FRANKFURT, Germany (AP) Robert Lewandowski's record-breaking five-goal performance in midweek is still the talk of the Bundesliga as Bayern Munich heads to Mainz hoping for a seventh straight victory.

from FOX Sports Digital http://ift.tt/1L85fb6
via IFTTT

ISS Daily Summary Report – 09/23/15

Ocular Health Ocular and Cardiac Ultrasounds:  Yui and Lindgren performed ocular and cardiac ultrasounds today as part of their Flight Day 60 Ocular Health testing.   The ultrasound images will be used to identify changes in globe morphology and document optic nerve sheath diameter, optic nerve sheath tortuosity, globe axial measurements, and choroidal engorgement. The Ocular Health protocol calls for a systematic gathering of physiological data to characterize the risk of microgravity-induced visual impairment/intracranial pressure in ISS crewmembers. Researchers believe that the measurement of visual, vascular and central nervous system changes over the course of this experiment and during the subsequent post-flight recovery will assist in the development of countermeasures, clinical monitoring strategies, and clinical practice guidelines.   Sprint Ultrasound:  Kelly performed his Flight Day 180 thigh and calf ultrasound scans today with assistance from Yui and guidance from the Sprint ground team.  Ultrasound scans are used to evaluate spaceflight-induced changes in the muscle volume. The Sprint investigation evaluates the use of high intensity, low volume exercise training to minimize loss of muscle, bone, and cardiovascular function in ISS crewmembers during long-duration missions. Upon completion of this study, investigators expect to provide an integrated resistance and aerobic exercise training protocol capable of maintaining muscle, bone and cardiovascular health while reducing total exercise time over the course of a long-duration space flight. This will provide valuable information in support of the long term goal of protecting human fitness for even longer space exploration missions.   Journals:  Kelly performed his third of three weekly Journal activities today. Journals obtains information on behavioral and human issues that are relevant to the design of equipment and procedures and sustained human performance during extended-duration missions. Study results provide information to help prepare for future missions to low-Earth orbit and beyond.   H-II Transfer Vehicle (HTV) Cargo Transfer Status:  The crew continued working on HTV5 cargo transfer operations today, and are nearly complete with loading the vehicle.  HTV hatch closure is scheduled for Sunday, with unberth on Monday.   Extra Vehicular Activity (EVA) Preparations:  In support of the ISS Upgrades EVA scheduled for late October, Yui prepared a new Simplified Aid For EVA Rescue (SAFER) for use and an old unit for return.  The new SAFER will be checked out in the coming weeks.  He also inspected Load Alleviating Strap on Safety Tethers, Waist Tethers and soft strap on D-Ring Extenders.  In addition, Lindgren lubricated EVA Mobility Unit (EMU) suits 3010 and 3003 O2 actuator slider bars and evaluated O2 actuator forces.  During the course of this activity, he noted a gouge to a Service and Cooling Umbilical (SCU) O-ring.  He provided imagery of the gouge which is being evaluated by engineering teams.   Robotics Micro-Conical Tool (RMCT) Swap:  Tonight robotics ground controllers will begin two days of activities to troubleshoot the torque anomaly previously seen with RMCT1, and to rule out the SPDM’s Tool Holster Assembly (THA) Micro-Conical Fitting (MCF) as the potential root cause.  This involves using the Special Purpose Dexterous Manipulator (SPDM) to pick up RMCT1 with Arm2 and RMCT2 with Arm1.   Each RMCT will then be used to grasp the other THA MCF before being stowed in its original location.   Conjunction with Object # 81934 Status:  After evaluating tracking data overnight, ground teams determined that the conjunction with Object #81934 was of low concern and discontinued planning for a Pre-Determined Debris Avoidance Maneuver (PDAM).     Today’s Planned Activities All activities are on schedule unless otherwise noted. TWIN – Urine Samples Collection HRF – Insertion of Samples in MELFI Video Camera Assembly 1 (VCA1) Setup OTKLIK. Hardware Monitoring Life on the Station Photo/Video Ops MAGVEC – MagVector Configuration VIRU. Battery Charge USND2 – Hardware Activation Ocular Health (ОН) – Ultrasound Scan Prep СОЖ Maintenance Ocular Health (ОН) – Ultrasound Scan Ocular Health (ОН) – Data Export BAR. Experiment Session Waste and Hygiene Compartment (WHC) Full Fill OASIS – Trash Transfer to HTV-5 Ocular Health (ОН) – Ultrasound Post Exam Configuration and Setup of Two New XF305 Camcorders HTV Cargo Transfer Operations SPRINT – Ultrasound Scan SPRINT – Assistance during the Experiment HTV – Cargo Transfer Conference EVA – O2 Actuator Lube EVA – Inspection of Safety and Waist Tethers and D-ring Extenders for Structural Integrity Post-Exercise Hygiene Ops TWIN – Urine Samples Collection OH – Cardiac Scan and Blood Pressure Measurement HRF – Insertion of Samples in MELFI VELIKOE NACHALO (GREAT START). Video Scenario Review Post-Exercise Hygiene Ops OH – Assistance during the Experiment HMS – Food Frequency Questionnaire (FFQ) TWIN – Urine Samples Collection URAGAN. Earth Imagery VIZIR. Experiment Session Using СКП-И Hardware HRF – Insertion of Samples in MELFI ARED – Cylinder Flywheel Evacuation OH – Cardiac Scan and Blood Pressure Measurement OH – Assistance during the Experiment Water Transfer from Progress 428 (DC1) БВ1 Water Tank into EDV and БВ1 Water Tank Shell Compression EVA – SAFER Installation and Checkout URISIS Hardware Setup Search for Lost Adjustable Length Tethers Post-Exercise Hygiene Ops SSC2 Shell Swap VIRU. Software Update. Tagup with specialists VIRU. Hardware Setup for Relaksatsiya Experiment VZAIMODEISTVIYE-2. Experiment Session Life on the Station Photo/Video Ops TWIN – Urine Samples Collection VIRU. Hardware Settings Adjustment for Relaksatsiya Experiment HRF – Insertion of Samples in MELFI VIRU. Observation of the Indian Ocean as part of Relaksatsiya Experiment TWIN – Blood Samples Collection Prep JRNL – Journal Entry VIRU. Closeout Ops and Hardware Teardown after the Relaksatsiya Experiment TV signal Transmission Test from the SM to Orion Ground Site 21 (with quality evaluation) and VHF1 Test from SM Ground Site 21 (with quality evaluation) To = 18.36 USND2 – Hardware Deactivation CONTENT. Experiment Session VIRU. Filling in VIRU Registration Sheet and Downlink Progress 428 (DC1) БВ1 Water Tank Shell Compression – Closeout Ops Preparation of reports for Roscosmos website ECON-M. Observation and Photography Video Footage of Greetings   Completed Task List Items 44S USOS unpack   Ground Activities All activities are on schedule unless otherwise noted. Battery Capacity Test for Battery Set 3A2 RMCT Swap   Three-Day Look Ahead: Thursday, 09/24:  Cardio […]

from ISS On-Orbit Status Report http://ift.tt/1YD5kaV
via IFTTT

Perfect Inter leading the way in Serie A as Juventus sinks

ROME (AP) After five rounds, the Serie A table has an unfamiliar look to it.

from FOX Sports Digital http://ift.tt/1iy4TOa
via IFTTT

Apple's Biggest Hack Ever: 4000 Malicious iOS Store Apps Linked to CIA?

The First major cyber attack on Apple's App Store has now been linked to CIA (Central Intelligence Agency). Last week, Researchers disclosed some 39 iOS apps on Apple's App Store infected by 'XCodeGhost Malware'. The Bad News is that the infection has now increased exponentially with the discovery of more than 4,000 infected apps. The XCodeGhost malware was distributed through


from The Hacker News http://ift.tt/1LyCRxL
via IFTTT

Saint-Etienne's revival continues in French league

PARIS (AP) Nearly forty years after making the European Cup final, Saint-Etienne is enjoying a domestic revival in the French league.

from FOX Sports Digital http://ift.tt/1NVJ88h
via IFTTT

[FD] Flowdock API Bug Bounty #2 - Persistent Web Vulnerability

5.6 Million Federal Employees' Fingerprints Stolen in OPM Hack

The OPM Data Breach (Office of Personnel Management) is getting even worse than we thought. We already know more than 21 Million current and former federal employees had their personal and highly sensitive private information hijacked in a massive data breach that affected Defense Department's OPM. But, now it has been revealed that the hackers have made off a lot more than just names,


from The Hacker News http://ift.tt/1WkobVX
via IFTTT

Antarctic Analemma


Does the Sun return to the same spot on the sky every day? No. A better and more visual answer to that question is an analemma, a composite image taken from the same spot at the same time over the course of a year. The featured weekly analemma was taken despite cold temperatures and high winds near the Concordia Station in Antarctica. The position of the Sun at 4 pm was captured on multiple days in the digital composite image, believed to be the first analemma constructed from Antarctica. The reason the image only shows the Sun from September to March is because the Sun was below the horizon for much of the rest of the year. In fact, today being an equinox, the Sun rises today at the South Pole after a six month absence and won't set again until the next equinox in March, baring large atmospheric refraction effects. Conversely, today the Sun sets at the North Pole after half a year of continuous daylight. For all of the Earth in between, though, the equinox means that today will have a nighttime and daytime that are both 12 hours long. via NASA http://ift.tt/1iLrXtz

Wednesday, September 23, 2015

Option to have graded surveys anonymous

Option to have graded surveys anonymous. Created on Sep 23, 2015 9:56 AM by katharine.conable@logan.edu - Last Modified: Sep 23, 2015 9:56 ...

from Google Alert - anonymous http://ift.tt/1jcMhnn
via IFTTT

Orioles Highlight: Manny Machado hits go-ahead 2-run HR in 7th, HBP by Jonathan Papelbon (ejected) in 4-3 win over Nats (ESPN)

from ESPN http://ift.tt/1eW1vUH
via IFTTT

'Keeper Barbieri, veteran of 4 Women's World Cups, retires

SYDNEY (AP) Veteran Australia goalkeeper Melissa Barbieri on Thursday announced her retirement from international football after 86 matches, including four Women's World Cup tournaments.

from FOX Sports Digital http://ift.tt/1Qzodp6
via IFTTT

Ravens Video: ESPN's Ryan Clark on NFL Live predicts Ravens will defeat Bengals Sunday \"in a must-win situation\" (ESPN)

from ESPN http://ift.tt/17lH5T2
via IFTTT

A Feature-Based Comparison of Evolutionary Computing Techniques for Constrained Continuous Optimisation. (arXiv:1509.06842v1 [cs.AI])

Evolutionary algorithms have been frequently applied to constrained continuous optimisation problems. We carry out feature based comparisons of different types of evolutionary algorithms such as evolution strategies, differential evolution and particle swarm optimisation for constrained continuous optimisation. In our study, we examine how sets of constraints influence the difficulty of obtaining close to optimal solutions. Using a multi-objective approach, we evolve constrained continuous problems having a set of linear and/or quadratic constraints where the different evolutionary approaches show a significant difference in performance. Afterwards, we discuss the features of the constraints that exhibit a difference in performance of the different evolutionary approaches under consideration.



from cs.AI updates on arXiv.org http://ift.tt/1MJUuMC
via IFTTT

Minimum Weight Perfect Matching via Blossom Belief Propagation. (arXiv:1509.06849v1 [cs.DS])

Max-product Belief Propagation (BP) is a popular message-passing algorithm for computing a Maximum-A-Posteriori (MAP) assignment over a distribution represented by a Graphical Model (GM). It has been shown that BP can solve a number of combinatorial optimization problems including minimum weight matching, shortest path, network flow and vertex cover under the following common assumption: the respective Linear Programming (LP) relaxation is tight, i.e., no integrality gap is present. However, when LP shows an integrality gap, no model has been known which can be solved systematically via sequential applications of BP. In this paper, we develop the first such algorithm, coined Blossom-BP, for solving the minimum weight matching problem over arbitrary graphs. Each step of the sequential algorithm requires applying BP over a modified graph constructed by contractions and expansions of blossoms, i.e., odd sets of vertices. Our scheme guarantees termination in O(n^2) of BP runs, where n is the number of vertices in the original graph. In essence, the Blossom-BP offers a distributed version of the celebrated Edmonds' Blossom algorithm by jumping at once over many sub-steps with a single BP. Moreover, our result provides an interpretation of the Edmonds' algorithm as a sequence of LPs.



from cs.AI updates on arXiv.org http://ift.tt/1MqNd11
via IFTTT

Designing Behaviour in Bio-inspired Robots Using Associative Topologies of Spiking-Neural-Networks. (arXiv:1509.07035v1 [cs.RO])

This study explores the design and control of the behaviour of agents and robots using simple circuits of spiking neurons and Spike Timing Dependent Plasticity (STDP) as a mechanism of associative and unsupervised learning. Based on a "reward and punishment" classical conditioning, it is demonstrated that these robots learnt to identify and avoid obstacles as well as to identify and look for rewarding stimuli. Using the simulation and programming environment NetLogo, a software engine for the Integrate and Fire model was developed, which allowed us to monitor in discrete time steps the dynamics of each single neuron, synapse and spike in the proposed neural networks. These spiking neural networks (SNN) served as simple brains for the experimental robots. The Lego Mindstorms robot kit was used for the embodiment of the simulated agents. In this paper the topological building blocks are presented as well as the neural parameters required to reproduce the experiments. This paper summarizes the resulting behaviour as well as the observed dynamics of the neural circuits. The Internet-link to the NetLogo code is included in the annex.



from cs.AI updates on arXiv.org http://ift.tt/1ixqOoD
via IFTTT

Boolean Hedonic Games. (arXiv:1509.07062v1 [cs.GT])

We study hedonic games with dichotomous preferences. Hedonic games are cooperative games in which players desire to form coalitions, but only care about the makeup of the coalitions of which they are members; they are indifferent about the makeup of other coalitions. The assumption of dichotomous preferences means that, additionally, each player's preference relation partitions the set of coalitions of which that player is a member into just two equivalence classes: satisfactory and unsatisfactory. A player is indifferent between satisfactory coalitions, and is indifferent between unsatisfactory coalitions, but strictly prefers any satisfactory coalition over any unsatisfactory coalition. We develop a succinct representation for such games, in which each player's preference relation is represented by a propositional formula. We show how solution concepts for hedonic games with dichotomous preferences are characterised by propositional formulas.



from cs.AI updates on arXiv.org http://ift.tt/1OTd9VN
via IFTTT

Quantification of sand fraction from seismic attributes using Neuro-Fuzzy approach. (arXiv:1509.07074v1 [cs.CE])

In this paper, we illustrate the modeling of a reservoir property (sand fraction) from seismic attributes namely seismic impedance, seismic amplitude, and instantaneous frequency using Neuro-Fuzzy (NF) approach. Input dataset includes 3D post-stacked seismic attributes and six well logs acquired from a hydrocarbon field located in the western coast of India. Presence of thin sand and shale layers in the basin area makes the modeling of reservoir characteristic a challenging task. Though seismic data is helpful in extrapolation of reservoir properties away from boreholes; yet, it could be challenging to delineate thin sand and shale reservoirs using seismic data due to its limited resolvability. Therefore, it is important to develop state-of-art intelligent methods for calibrating a nonlinear mapping between seismic data and target reservoir variables. Neural networks have shown its potential to model such nonlinear mappings; however, uncertainties associated with the model and datasets are still a concern. Hence, introduction of Fuzzy Logic (FL) is beneficial for handling these uncertainties. More specifically, hybrid variants of Artificial Neural Network (ANN) and fuzzy logic, i.e., NF methods, are capable for the modeling reservoir characteristics by integrating the explicit knowledge representation power of FL with the learning ability of neural networks. The documented results in this study demonstrate acceptable resemblance between target and predicted variables, and hence, encourage the application of integrated machine learning approaches such as Neuro-Fuzzy in reservoir characterization domain. Furthermore, visualization of the variation of sand probability in the study area would assist in identifying placement of potential wells for future drilling operations.



from cs.AI updates on arXiv.org http://ift.tt/1MqNbq0
via IFTTT

Characterization of graphs for protein structure modeling and recognition of solubility. (arXiv:1407.8033v5 [physics.data-an] UPDATED)

This paper deals with the relations among structural, topological, and chemical properties of the E.Coli proteome from the vantage point of the solubility/aggregation propensity of proteins. Each E.Coli protein is initially represented according to its known folded 3D shape. This step consists in representing the available E.Coli proteins in terms of graphs. We first analyze those graphs by considering pure topological characterizations, i.e., by analyzing the mass fractal dimension and the distribution underlying both shortest paths and vertex degrees. Results confirm the general architectural principles of proteins. Successively, we focus on the statistical properties of a representation of such graphs in terms of vectors composed of several numerical features, which we extracted from their structural representation. We found that protein size is the main discriminator for the solubility, while however there are other factors that help explaining the solubility degree. We finally analyze such data through a novel one-class classifier, with the aim of discriminating among very and poorly soluble proteins. Results are encouraging and consolidate the potential of pattern recognition techniques when employed to describe complex biological systems.



from cs.AI updates on arXiv.org http://ift.tt/1AACBYk
via IFTTT

A-League's Newcastle signs Serbian striker Milos Trifunovic

NEWCASTLE, Australia (AP) Newcastle Jets have signed Serbian striker Milos Trifunovic for the new A-League season, completing the club's foreign contingent.

from FOX Sports Digital http://ift.tt/1WjFSoR
via IFTTT

Everyone needs one of these...


via Instagram http://ift.tt/1WjDUEZ

Panathinaikos beats Levadiakos 3-0 to go 2nd in Greece

ATHENS, Greece (AP) Panathinaikos scored three goals in the opening 19 minutes to secure a 3-0 victory over Levadiakos and claim second place in the Greek league Wednesday.

from FOX Sports Digital http://ift.tt/1R0Vyu7
via IFTTT

Newcastle lose again in Cup humiliation against Sheff Weds

LONDON (AP) Newcastle's troubled season lurched to another low when the Premier League strugglers were knocked out of the League Cup by second-tier Sheffield Wednesday, while Liverpool only avoided embarrassment against fourth-tier Carlisle United by winning on penalties on Wednesday.

from FOX Sports Digital http://ift.tt/1Fv4vKT
via IFTTT

Celta Vigo stuns Barcelona 4-1, Real Madrid wins

VIGO, Spain (AP) Celta Vigo swept to a shock 4-1 victory over Barcelona, while Real Madrid went top of the Spanish league with a 2-1 win over Athletic Bilbao Wednesday on a mixed night for the title contenders.

from FOX Sports Digital http://ift.tt/1ix9pfF
via IFTTT

The Anonymous People

The Anonymous People. Submitted by governors on Wed, 09/23/2015 - 10:31am. Date & Time. Event Times: Wednesday, September 16, 2015 ...

from Google Alert - anonymous http://ift.tt/1gOTW9K
via IFTTT

[FD] APPLE-SA-2015-09-21-1 watchOS 2

-----BEGIN PGP SIGNED MESSAGE-

Source: Gmail -> IFTTT-> Blogger

[FD] An iOS oversight: exploiting device trust and backups

[FD] CVE-2015-5372 SAML SP Authentication Bypass in nevisAuth

############################################################# # # COMPASS SECURITY ADVISORY # http://ift.tt/JChVZk # ############################################################# # # Product: nevisAuth [1] # Vendor: AdNovum [2] # CVD ID: CVE-2015-5372 # Subject: Authentication Bypass # Risk: Critical # Effect: Remotely exploitable # Authors: Antoine Neuenschwander (antoine.neuenschwander@csnc.ch) # Roland Bischofberger (roland.bischofberger@csnc.ch) # Date: 2015-09-21 # ############################################################# Introduction:

Source: Gmail -> IFTTT-> Blogger

Stunner: Frosinone earns 1st ever Serie A point at Juventus

ROME (AP) Promoted Frosione earned its first ever Serie A point in stunning fashion Wednesday, scoring a last-minute equalizer for a 1-1 draw at four-time defending champion Juventus.

from FOX Sports Digital http://ift.tt/1G3tfF1
via IFTTT

New Newcastle loss with League Cup humiliation vs Sheff Weds

LONDON (AP) Newcastle's troubled season lurched to another low when the Premier League strugglers were knocked out of the League Cup by second-tier Sheffield Wednesday on Wednesday, while Arsenal eliminated Tottenham in a north London derby.

from FOX Sports Digital http://ift.tt/1NN62gz
via IFTTT

Ravens Video: DE Chris Canty says \"we can't afford to panic\" with 0-2 record heading into home opener vs. Bengals (ESPN)

from ESPN http://ift.tt/17lH5T2
via IFTTT

Dortmund falls behind Bayern with 1-1 draw at Hoffenheim

FRANKFURT, Germany (AP) Borussia Dortmund dropped its first points of the season in a 1-1 draw at Hoffenheim on Wednesday and fell behind Bundesliga leader Bayern Munich.

from FOX Sports Digital http://ift.tt/1Jqq7TL
via IFTTT

Celta Vigo stuns Barcelona 4-1, goes top in Spanish league

VIGO, Spain (AP) Two goals by Iago Aspas helped Celta Vigo earn a shock 4-1 victory over Barcelona and provisional top spot in the Spanish league on Wednesday.

from FOX Sports Digital http://ift.tt/1L6HS1S
via IFTTT

Saint-Etienne wins 1-0 at Troyes in French league

PARIS (AP) Saint-Etienne secured a fifth consecutive win to stay within one point of French league leader Paris Saint-Germain after beating Troyes 1-0 on Wednesday.

from FOX Sports Digital http://ift.tt/1V9HpR4
via IFTTT

Turan not optimistic about being allowed to replace Rafinha

BARCELONA, Spain (AP) Barcelona player Arda Turan does not think FIFA will grant the club permission to register him early, thus enabling him to replace the injured midfielder Rafinha, his agent says.

from FOX Sports Digital http://ift.tt/1gOkiIR
via IFTTT

Swiss prosecutor asks FIFA to hand over Valcke's emails

ZURICH (AP) FIFA has been urged by Switzerland's attorney general to hand over emails used by Jerome Valcke, its secretary general who was suspended last week.

from FOX Sports Digital http://ift.tt/1iwRN3J
via IFTTT

[FD] Cisco AnyConnect elevation of privileges via DMG install script

--------------------------------------------------------------------

Source: Gmail -> IFTTT-> Blogger

Ravens Video: \"It's hard to win when you're playing with one arm tied behind your back\" - John Harbaugh on 0-2 start (ESPN)

from ESPN http://ift.tt/17lH5T2
via IFTTT

Japanese still expect FIFA's meeting to take place in Japan

ZURICH (AP) The president of the Japanese football association says he still expects FIFA's next executive committee meeting to take place in Japan, despite a decision by soccer's ruling body to reconsider its original plan during this week's session in Zurich.

from FOX Sports Digital http://ift.tt/1KBlGr8
via IFTTT

Turning the anonymous grading in Speedgrader on and off

Turning the anonymous grading in Speedgrader on and off. Created on Sep 22, 2015 3:41 PM by paulhwhite - Last Modified: Sep 22, 2015 4:09 PM.

from Google Alert - anonymous http://ift.tt/1NTDBPz
via IFTTT

[FD] UltraEdit v22.20 - Buffer Overflow Vulnerability

Document Title: =============== UltraEdit v22.20 - Buffer Overflow Vulnerability References (Source): ==================== http://ift.tt/1Oetjti Release Date: ============= 2015-09-16 Vulnerability Laboratory ID (VL-ID): ==================================== 1601 Common Vulnerability Scoring System: ==================================== 6.3 Product & Service Introduction: =============================== UltraEdit by IDM is the ideal text, HTML and hex editor, and an advanced PHP, Perl, Java and JavaScript editor for programmers. UltraEdit is also an XML editor including a tree-style XML parser. An industry award winner, UltraEdit supports disk-based 64-bit file handling (standard) on both 32- and 64-bit Windows platforms. IDM has been publishing software since 1994 and is a highly stable, debt-free company and trusted CISP compliant merchant. IDM products have won coveted industry awards to include PC Magazines Annual Editors Choice Award and the Shareware Industry Application of the Year Award, as well as the Shareware Industry People`s Choice Award. Our software is highly recognized for its programming excellence and is featured internationally in numerous magazines. Our UltraEdit text editor product is recognized around the world as one of the best products of its class. IDM is recognized as a certified Microsoft partner. IDM products have nearly two million registered users in most countries, and are localized in eight different languages and are recognized around the world. Numerous Federal, State, and Local governments/agencies, Fortune 100/500/1000 companies, and hundreds of thousands of private users use IDM products worldwide. (Copy of the Homepage: http://ift.tt/1xCeAgU ) Abstract Advisory Information: ============================== An indepdent vulnerability laboratory researcher discovered a local buffer overflow vulnerability in the official UltraEdit v22.20 software client. Vulnerability Disclosure Timeline: ================================== 2015-09-15: Researcher Notification & Coordination (ZwX) 2015-09-15: Public Disclosure (Vulnerability Laboratory) Discovery Status: ================= Published Affected Product(s): ==================== Exploitation Technique: ======================= Local Severity Level: =============== High Technical Details & Description: ================================ A classic local unicode buffer overflow vulnerability has been discovered in the official UltraEdit v22.20 software client. The vulnerability allows local attackers to gain higher system or access privileges by exploitation of a classic unicode buffer overflow vulnerability. The vulnerability is located in the Menu -> project -> Options index files module. Local attackers with low- privilege system user accounr or restricted system privileges are able to compromise the local system by exploitation of a classic unicode buffer overflow vulnerability. The local attacker copies a specific byte size string to the options index files input to overflow the process and overwrite the registers like exc or eip. Thus allows the local attacker to takeover the system process of the software client to compromise the local system/server. The security risk of the buffer overflow vulnerability is estimated as high with a cvss (common vulnerability scoring system) count of 6.3. Exploitation of the vulnerability requires a low privilege system user account and no user interaction. Successful exploitation of the local vulnerability results in system compromise by elevation of privileges via overwrite of the registers. Vulnerable Module(s): [+] Menu > Project > Options > Index Files (Input) Proof of Concept (PoC): ======================= The local buffer overflow vulnerability can be exploited by local attackers with restricted system user account without user interaction. For security demonstration or to reproduce follow the provided information and steps below to continue. Manual steps to reproduce the vulnerability ... 1. Install the software and start the client 2. Copy the AAAA...string from bof.txt to clipboard 3. Run UltraEdit.exe 4. Go Menu -> project -> Options index files 5. Paste it the input AAAA....string and click Browse 6. Software will stable crash or shut down 7. Successful reproduce of the local buffer overflow vulnerability!

Source: Gmail -> IFTTT-> Blogger

[FD] WiFi Drive CR v1.0 iOS - Persistent Filename Dir List Vulnerability

Document Title: =============== WiFi Drive CR v1.0 iOS - Persistent Filename Dir List Vulnerability References (Source): ==================== http://ift.tt/1VaphkT Release Date: ============= 2015-09-23 Vulnerability Laboratory ID (VL-ID): ==================================== 1595 Common Vulnerability Scoring System: ==================================== 3.8 Product & Service Introduction: =============================== Files can be uploaded with any browser. Start the WiFi Drive web server from application and connect to it using any browser. Use the iPod/iPhone`s/iPad`s available disk space to carry any files. Use your iPhone as a normal shared network drive! (Copy of the Homepage: http://ift.tt/1KzMM0J ) Abstract Advisory Information: ============================== The Vulnerability Laboratory Core Research Team discovered an application-side exception web vulnerability in the official WiFi Drive + CR v1.0 iOS mobile web-application. Vulnerability Disclosure Timeline: ================================== 2015-09-23: Public Disclosure (Vulnerability Laboratory) Discovery Status: ================= Published Affected Product(s): ==================== DONG JOO CHO Product: WiFi Drive + CR - Mobile WiFi (Web-Application) 1.0 Exploitation Technique: ======================= Remote Severity Level: =============== Medium Technical Details & Description: ================================ A persistent input validation web vulnerability has been discovered in the official WiFi Drive + CR v1.0 iOS mobile web-application. The vulnerability allows remote attacker to inject malicious persistent script codes to the application-side of the mobile application. The vulnerability is located in the filename value of the upload files module POST method request. Remote attackers can manipulate the filename validation in the POST method request to trick the application in an execution of script codes via index - exception-handling. After processing to inject the exception of the file validation occurs and redisplays the injected context. Thus results in a final application-side post inject vulnerability. The attack vector of the issue is located on the application-side and the request method to inject the payload is POST. The security risk of the application-side web vulnerability is estimated as medium with a cvss (common vulnerability scoring system) count of 3.6. Exploitation of the application-side web vulnerability requires no privilege web-application user account and only low or medium user interaction. Successful exploitation of the vulnerabilities results in persistent phishing, session hijacking, persistent external redirect to malicious sources and application-side manipulation of affected or connected module context. Request Method(s): [+] POST Vulnerable Module(s): [+] Upload Files Vulnerable Parameter(s): [+] filename Affected Module(s): [+] Index - Exception handling (File Validation > Upload) Proof of Concept (PoC): ======================= The remote vulnerability can be exploited by remote attackers without privilege web-application user account and with low user interaction. For security demonstration or to reproduce the vulnerability follow the provided information and steps below to continue. PoC: localhost (Index)

Drag & drop files on this window or use the "Upload Files…" button to upload new files.

Internal Server Error: Failed uploading "[PERSISTENT SCRIPT CODE INJECT VULNERABILITY!]2.png" to "null"
Internal Server Error: Failed uploading "3.png" to "null"
Internal Server Error: Failed uploading "4.png" to "null"


Source: Gmail -> IFTTT-> Blogger

ISS Daily Summary Report – 09/22/15

Ocular Health:  Lindgren and Yui continued with their Flight Day 60 Ocular Health activities this morning by performing their Optical Coherence Tomography (OCT), each acting as the Crew Medical Officer (CMO) for the other.  Later in the day, the crew performed fundoscopy, again taking turns as the CMO.  OCT is used to measure retinal thickness, volume, and retinal nerve fiber layer, and the fundoscope is used to obtain images of the retinal surface.  The Ocular Health protocol calls for a systematic gathering of physiological data to characterize the risk of microgravity-induced visual impairment/intracranial pressure in ISS crewmembers. Researchers believe that the measurement of visual, vascular and central nervous system changes over the course of this experiment and during the subsequent post-flight recovery will assist in the development of countermeasures, clinical monitoring strategies, and clinical practice guidelines.   Cognition:  Kelly performed his Flight Day 180 session of the Cognition experiment. Individualized Real-Time Neurocognitive Assessment Toolkit for Space Flight Fatigue (Cognition) is a battery of tests that measure how spaceflight-related physical changes, such as microgravity and lack of sleep, can affect cognitive performance. Cognition includes ten brief computerized tests that cover a wide range of cognitive functions, and provides immediate feedback on current and past test results. The software allows for real-time measurement of cognitive performance while in space.   Twins Study:  Kelly collected Flight Day 180 physical samples today in support of the Twins Study.  This investigation is an integrated compilation of ten different studies led by multiple investigators.  The studies take advantage of a unique opportunity to look at the effects of space travel on identical twins, with one of them experiencing space travel for a year while the other remains earth-bound for that same year.  The study looks at changes in the human body in the fields of genetics, psychology, physiology, microbiology, and immunology.   HTV Cargo Transfer Status:  Yui and Lindgren continued working on HTV-5 Cargo transfer operations today. Cargo specialist estimate the crew will need approximately 1 hour to complete the HTV-5 cargo operations.   44 Soyuz (44S) Emergency Descent Drill:  Kelly, Volkov, and Kornienko participated in an emergency decent drill this morning. This training session focused on off-nominal procedures that would be used in the event the crew needed to egress the ISS and perform an emergency descent.   Sound Level Meter (SLM) Ops:  Lindgren obtained acoustic readings of Treadmill 2 (T2) at various speeds which will be compared to the readings Kelly took yesterday before the T2 Yearly Maintenance.   Possible Conjunction with Object #81934:  Ground teams are evaluating tracking data for a possible conjunction with object #81934. The time of closest approach is Wednesday, 23 September at 1:03pm CDT. Concern level on the item is currently high and teams are evaluating the potential for a Pre-Determined Debris Avoidance Maneuver (PDAM).     Today’s Planned Activities All activities were completed unless otherwise noted. Body Mass Measurement МО-8. Closeout Ops Ocular Health (ОН) – ОСТ Hardware Setup WRS – WPA Waste Water Tank Offload into CWC (start) OBT – ISS Emergency Soyuz Descent WRS – WPA Waste Water Tank Offload into CWC (end) Ocular Health (ОН) – ОСТ Examination BAR. Experiment Session ISS Crew Medical Officer (CMO) Computer Based Training (CBT) Ocular Health (ОН) – ОСТ Hardware Restow АСП Off-Nominal Operation Diagnostic Regenerative Environmental Control and Life Support System (RGN) – WSTA Refill Post-Exercise Hygiene Ops СОЖ Maintenance FS1 Laptop Maintenance – Handover БРИ Cleaning – Handover Life on the ISS Photo/Video FS1 Laptop Maintenance (Cleaning and Reboot) БРИ Cleaning Logistics and Maintenance Debrief HTV Cargo Transfer Ops HTV – Cargo Transfer Conference T2 – Quarterly Inspection TWIN – Urine Sampling Prep TORU Test with Docked Progress 428. Regenerative Environmental Control and Life Support System (RGN) – WSTA Fill IMS Delta File Prep Post-Exercise Hygiene Ops Ocular Health (ОН) – Fundoscope Examination Prep Time and Date Synch of Six RS Cameras with ISS CONTENT. Experiment Session Ocular Health (ОН) – Fundoscope Examination (СМО) Ocular Health (ОН) – Fundoscope Examination (Subject) Post-Exercise Hygiene Ops Ocular Health (ОН) – Hardware Restow after Fundoscope Examination COGN – Battery Test Handover Conference Preparation of reports for Roscosmos website EKON-M. Observation and Photography   Completed Task List Items MWA Tether Locate Airlock ATU Relabel ISSPresso Experiment Ops [Active]   Ground Activities All activities were completed unless otherwise noted. Battery Capacity Test for Battery Set 3A1   Three-Day Look Ahead: Wednesday, 09/23:  Sprint, Ocular Health, EVA Tether Inspect, EVA Safer Swap, RMCT Swap Thursday, 09/24:  Cardio Ox Ultrasound, Cell Biology Experiment, HTV Cargo Ops, Hatch Seal Inspect, RMCT Swap Friday, 09/25: HTV GLA/LED Light Removal, HTV Departure OBT, Cell Biology Experiment     QUICK ISS Status – Environmental Control Group:                               Component Status Elektron On Vozdukh Manual [СКВ] 1 – SM Air Conditioner System (“SKV1”) On [СКВ] 2 – SM Air Conditioner System (“SKV2”) Off Carbon Dioxide Removal Assembly (CDRA) Lab Standby Carbon Dioxide Removal Assembly (CDRA) Node 3 Operate Major Constituent Analyzer (MCA) Lab Shutdown Major Constituent Analyzer (MCA) Node 3 Operate Oxygen Generation Assembly (OGA) Process Urine Processing Assembly (UPA) Norm Trace Contaminant Control System (TCCS) Lab Off Trace Contaminant Control System (TCCS) Node 3 Full Up  

from ISS On-Orbit Status Report http://ift.tt/1NM6ZWA
via IFTTT

Non-Anonymous Responses Have 1980 Timestamp

Hi there, I'm using LimeSurvey Version 2.05+ Build 140520 and across multiple non-anonymous surveys (using tokens for invitations) all responses ...

from Google Alert - anonymous http://ift.tt/1QZtYgK
via IFTTT

[FD] Flowdock API Bug Bounty #1 - (Description) Persistent Web Vulnerability

Document Title: =============== Flowdock API Bug Bounty #1 - (Description) Persistent Web Vulnerability References (Source): ==================== http://ift.tt/1NJdsl8 Release Date: ============= 2015-09-22 Vulnerability Laboratory ID (VL-ID): ==================================== 1560 Common Vulnerability Scoring System: ==================================== 3.8 Product & Service Introduction: =============================== Chat & inbox for teams.. One place to talk and stay up-to-date. Flowdock is a team collaboration app for desktop, mobile & web. Work on things that matter, be transparent and solve problems across tools, teams & time zones. Try it for free for 30 days. Keeping Flowdock`s environment and customer data safe and secure is a top priority for us. Find more details on our Help pages. Don`t hesitate to contact us at support@flowdock.com should you have any questions about Flowdock`s security. (Copy of the Vendor Homepage: http://ift.tt/1FuaWh4 ) Abstract Advisory Information: ============================== The Vulnerability Laboratory Research Team discovered an application-side input validation web vulnerability in the official Flowdock online service web-application. Vulnerability Disclosure Timeline: ================================== 2015-08-06: Researcher Notification & Coordination (Hadji Samir) 2015-08-07: Vendor Notification (Flowdock Security Team - Bug Bounty Program) 2015-08-08: Vendor Response/Feedback (Flowdock Security Team - Bug Bounty Program) 2015-08-10: Vendor Fix/Patch (Flowdock Developer Team) 2015-09-22: Public Disclosure (Vulnerability Laboratory) Discovery Status: ================= Published Affected Product(s): ==================== Rally Software Product: Flowdock - Online Service (Web-Application) [API] 2015 Q3 Exploitation Technique: ======================= Remote Severity Level: =============== Medium Technical Details & Description: ================================ An application-side input validation web vulnerability has been discovered in the officialFlowdock online-service web-application. The vulnerability allows remote attackers to inject own malicious script codes to the application-side of the vulnerable context function or service module. The vulnerability is located in the name input field of the inbox souds flowdock api service. Remote attackers with low privilege application user accounts are able to inject own malicious script codes to the application-side of the service. The request method to inject malicious context is POST and the attack vector is located on the application-side of the flowdock api web-service. Remote attackers are able to inject malicious script codes to the application-side to compromise flowdock accounts by session manipulation or session evasion attacks. The security risk of the persistent input validation web vulnerability is estimated as medium with a cvss (common vulnerability scoring system) count of 3.8. Exploitation of the persistent input validation web vulnerability requires a low privilege web-application user account and low or medium user interaction. Successful exploitation of the vulnerability results in session hijacking, persistent phishing attacks, persistent redirect to external sources and persistent manipulation of affected or connected service module context. Request Method(s): [+] POST Vulnerable Module(s): [+] Inbox Source - Flowdock API Vulnerable Parameter(s): [+] description Proof of Concept (PoC): ======================= The security vulnerability can be exploited by remote attackers with low privilege application user account and low or medium user interaction. For security demonstration or to reproduce the security vulnerability follow the provided information and steps below to continue. Manual steps to reproduce the vulnerability ... 1. Create acount with name have a payload code 2. Click to add more sources.. 3. Click add new (Git) 4. Will open new link http://ift.tt/1QZsT8N write anything in the name and save 5. Now, the payloadcode will execute 6. Successful reproduce of the application-side vulnerability! PoC: Vulnerable Source
"> (following 1 source)
    javascript:alert(1) (Added by ">


Source: Gmail -> IFTTT-> Blogger

Switzerland agrees to extradite official in FIFA case

BERN, Switzerland (AP) Switzerland's justice ministry says it granted a U.S. request to extradite Venezuelan football official Rafael Esquivel in a FIFA bribery investigation.

from FOX Sports Digital http://ift.tt/1LNMbcA
via IFTTT