Latest YouTube Video

Saturday, November 21, 2015

Ocean City, MD's surf is at least 6.84ft high

Maryland-Delaware, November 27, 2015 at 02:00PM

Ocean City, MD Summary
At 2:00 AM, surf min of 2.48ft. At 8:00 AM, surf min of 4.66ft. At 2:00 PM, surf min of 6.84ft. At 8:00 PM, surf min of 7.93ft.

Surf maximum: 8.17ft (2.49m)
Surf minimum: 6.84ft (2.08m)
Tide height: -0.36ft (-0.11m)
Wind direction: E
Wind speed: 7.56 KTS


from Surfline http://ift.tt/1kVmigH
via IFTTT

Anonymous Hacking Group Takes Down 20,000 ISIS Twitter accounts

In the wake of horrific terror attacks in Paris, the online Hacktivist group Anonymous last week declared "total war" against the Islamic State militant group (ISIS) that claimed responsibility for the attacks. While French, Russian, and US military are bombing ISIS from the sky, Anonymous members from all over the world are carrying out their very own cyber attack campaign, dubbed #


from The Hacker News http://ift.tt/1jcOsGS
via IFTTT

Salesforce ROI case study: Anonymous

THE BOTTOM LINE. An anonymous company deployed Salesforce Sales Cloud and a number of third-party applications to drive greater automation ...

from Google Alert - anonymous http://ift.tt/1laMQ1N
via IFTTT

Evil ISIS threatens revenge attack on hacking group Anonymous with shocking message

TWISTED ISIS has struck back at hacking group Anonymous as the sick terror group claimed to be “owners of the virtual world”. The extremist group ...

from Google Alert - anonymous http://ift.tt/1LrUPga
via IFTTT

Leonids and Friends


Leonid meteors rained down on planet Earth this week, the annual shower of dusty debris from the orbit of Comet 55P/Tempel-Tuttle. Leonids streak through this composite night skyview from a backyard observatory in southern Ontario. Recorded with camera fixed to a tripod, the individual frames capture the bright meteor activity throughout the night of November 16/17, about a day before the shower's very modest peak. The frames are registered to the fixed field of view, so the meteor trails are not all aligned to the background star field recorded that same evening when nebula-rich Orion stood above the southern horizon. As a result, the trails don't appear to point back to the shower's radiant in Leo, situated off the left edge of the star field frame. In fact, some trails could be of Taurid meteors, a shower also active in November, or even sporadic meteors, including a bright fireball with its reflection near the horizon. via NASA http://ift.tt/1Mrzass

Friday, November 20, 2015

CISAC Cybersecurity Expert Analyzes Anonymous' Hacking Attacks on ISIS

Following tragic terrorist attacks committed by ISIS agents in Paris last week, the online hacker group Anonymous declared in a video that it would ...

from Google Alert - anonymous http://ift.tt/1O8lYuS
via IFTTT

Anonymous HIV Testing

BCCDC is leading an anonymous HIV testing pilot project. Page Content. ​Anonymous HIV testing is available at several clinics in British Columbia.

from Google Alert - anonymous http://ift.tt/1SaeneE
via IFTTT

I have a new follower on Twitter


Secure Internet
This is the digital magazine of Byelex, It will bring you all the latest news and rumours regarding digital security on the Web. Data retreived via BuzzTalk
Netherlands
http://t.co/B8Vd6zJder
Following: 3117 - Followers: 9287

November 20, 2015 at 06:30PM via Twitter http://twitter.com/InetSecure

This Malware Can Secretly Auto-Install any Android App to Your Phone

Own an Android Smartphone? Hackers can install any malicious third-party app on your smartphone remotely even if you have clearly tapped a reject button of the app. Security researchers have uncovered a trojanized adware family that has the capability to automatically install any app on an Android device by abusing the operating system's accessibility features. <!-- adsense -->


from The Hacker News http://ift.tt/1kKWCYU
via IFTTT

Anonymous Recruiting You for War Against ISIS

Hacktivist group Anonymous is empowering non-hackers to take down Islamic State social media accounts. This week, Anonymous posted a video ...

from Google Alert - anonymous http://ift.tt/1MZHykn
via IFTTT

ISS Daily Summary Report – 11/19/15

Columbus A1 Express Rack 3 (ER3) Combustion Event:   This morning at approximately 2:14AM CST, a Potential Fire Alarm associated with Columbus A1 Express Rack 3 (ER3) came into alarm.  The crew sampled the fire port associated with the European Modular Cultivation System (EMCS) since the crew had been working at that location minutes earlier.  Fire port Compound Specific Analyzer (CSA)-Combustion Products (CP) readings for EMCS showed elevated Carbon Monoxide (CO) levels of 19ppm, increasing to 22ppm. The Crew and Ground executed Emergency Book fire procedures and obtained background readings in Columbus and Node 2, which were all negative.  During the event, lockers in the rack were all unpowered and the crew switched the Rack Power Switch to off.  The CO readings in the EMCS fire port stabilized at 22ppm.  Ground Teams conducted a controlled repower of ER3, with the exception of EMCS, to support the Veggie payload.   Cognition:  Yui performed his Flight Day 122 session of the Cognition experiment today.  The Individualized Real-Time Neurocognitive Assessment Toolkit for Space Flight Fatigue (Cognition) investigation is a battery of tests that measure how spaceflight-related physical changes, such as microgravity and lack of sleep, can affect cognitive performance. Cognition includes ten brief computerized tests that cover a wide range of cognitive functions, and provides immediate feedback on current and past test results. The software used allows for real-time measurement of cognitive performance while in space.   Biochemical Profile:  Kelly collected his Flight Day 240 Biochemical Profile blood sample and stowed it in a Minus Eighty Degree Celsius Laboratory Freezer for ISS (MELFI) for return on a later flight. The Biochemical Profile experiment tests blood and urine samples obtained from astronauts before, during, and after spaceflight. Specific proteins and chemicals in the samples are used as biomarkers, or indicators of health. Post-flight analysis yields a database of samples and test results, which scientists can use to study the effects of spaceflight on the body.   Story Time:  Yui read from the books “Begin” and “Color,” discussing the subject of the book on camera and demonstrated the scientific principles involved.  Kelly obtained a picture of Yui while he is reading the book, with the Cupola in the background.  The video recording will be downlinked to the ground and used for educational purposes.   Twins Study:  In support of the Twins Study, Kelly completed a 24 hour period of collecting and stowing urine samples in a Minus Eighty Degree Celsius Laboratory Freezer for ISS (MELFI).  This investigation is an integrated compilation of ten different studies led by multiple investigators.  The studies take advantage of a unique opportunity to look at the effects of space travel on identical twins, with one of them experiencing space travel for a year while the other remains earth-bound for that same year.  The study looks at changes in the human body that are important in the fields of genetics, psychology, physiology, microbiology, and immunology.   Sleep Actiwatch Configuration:  Kelly configured Kornienko’s Actiwatch Spectrum for active data collection. The actiwatches have a photodiode that measures ambient light and an accelerometer to measure the movement of the arm or leg that the watch is attached to.  The actiwatch data recorded on the watch supports the Sleep ISS-12 experiment, which assesses the effects of space flight and ambient light exposure on sleep during a year-long mission on the ISS.   Veggie (Veg-01) Wick Opening:  Lindgren opened the wicks for the Veg-01 experiment which was started on Monday, November 16th.  For this run, Zinnias will be grown on the ISS for 60 days and are expected to produce flowers.  The primary goal of Veg-01 testing will be to demonstrate plant growth in the Veggie facility.  Lettuce was previously grown and harvested as part of Veg-01 testing.   Haptics-1:  Lindgren set up equipment and performed experiment protocols for the vest-mounted configuration of European Space Agency’s (ESA’s) Haptics-1 investigation. The Haptics-1 experiment is performed in two different configurations to evaluate hardware and human performance under varying mounting conditions: wall-mounted on rack seat tracks and body-mounted in a vest assembly.  Haptics-1 supports analysis of engineering parameters and the merits of body-grounded versus non-body grounded force feedback to a crewmember within a microgravity environment.  The physiological property analysis will identify changes in human kinesthetic perception and performance in position and force-torque control tasks and in cognitive performance.   EXPRESS (EXpedite the PRocessing of Experiments to Space Station) Rack 1 Laptop Software Load: Lindgren supported the ongoing software updates to ISS EXPRESS Rack laptops by copying a software load to the EXPRESS Rack 1 laptop.   Sleep Log:  Kornienko recorded a Sleep Log entry today.  The Sleep ISS-12 experiment monitors ambient light exposure and crew member activity and collects subjective evaluations of sleep and alertness.  The investigation examines the effects of space flight and ambient light exposure on sleep during a year-long mission on the ISS.   Common Communications for Visiting Vehicle (C2V2) Cable Route:  Kelly and Yui removed Lab Aft Closeout Panels, temporally closed the Lab Aft Hatch, then routing the W2687 cable through the Aft Endcone and Port/Deck Standoffs.  Once the cable was routed, they opened the Lab Aft Hatch and re-installed the closeout panels.  C2V2 is an integrated communications system to be used specifically for communicating with future visiting vehicles. This system will utilize both an S-Band based radio frequency system, and hard-line connections to visiting vehicles such that secure, reliable communications will be available for all phases of rendezvous, docking, and mated operations.   Waste and Hygiene Compartment (WHC) Urine Receptacle (UR) Routine Maintenance:  Yui performed a change out of the WHC UR and insert filter. Following the change out, a WHC functionality test was successfully performed.   Today’s Planned Activities All activities were completed unless otherwise noted. TWIN – Urine Sample Collection HRF – Sample MELFI Insertion HRF Blood Sample Collection and Cold Stowage HRF – Blood Sample collection operator assistance HRF Refrigerated Centrifuge Configuration HRF – Blood Sample Collection Closeout Ops Soyuz 718 Samsung tablet charge – start 24-hour ECG Monitoring (termination) EMCS […]

from ISS On-Orbit Status Report http://ift.tt/1MrgitG
via IFTTT

Anonymous are now 'rickrolling' Isis

And so, the cyber war between Isis and Anonymous rages on. After shutting down over 5000 of the militant group's social media accounts, and ...

from Google Alert - anonymous http://ift.tt/1Yk9naV
via IFTTT

I have a new follower on Twitter


Doug Mesecar
edtech and edpolicy; public and private edu-perience (https://t.co/mf1Byyk5DK); blogger at http://t.co/8nRLLamjJr; son, dad, husband, mtn biker
NoVa
http://t.co/tXb8sEVa8Q
Following: 538 - Followers: 665

November 20, 2015 at 06:43AM via Twitter http://twitter.com/dmes

I have a new follower on Twitter


Lumina Analytics
Risk Identification & Risk Management to Corporate & Government Clients WorldWide. We use #BigData Analytics to identify risks that may otherwise go unnoticed.
United States
http://t.co/5bYh4R7Kid
Following: 1760 - Followers: 1742

November 20, 2015 at 03:28AM via Twitter http://twitter.com/LuminaAnalytics

Can Anonymous really accomplish something?

Anonymous has also been “hacktive” recently by hacking and releasing personal information of members of groups like Westboro Baptist Church or ...

from Google Alert - anonymous http://ift.tt/1ly00Gv
via IFTTT

I have a new follower on Twitter


Foundr Magazine
Digital magazine for young entrepreneurs showing you exactly what it takes to build a successful business. Get your FREE Branson Issue - http://t.co/UIKlS06Ubt
Melbourne, Victoria
http://t.co/wPZsj5ksVs
Following: 63441 - Followers: 70053

November 20, 2015 at 01:44AM via Twitter http://twitter.com/FoundrMag

Centaurus A


What's the closest active galaxy to planet Earth? That would be Centaurus A, only 11 million light-years distant. Spanning over 60,000 light-years, the peculiar elliptical galaxy is also known as NGC 5128. Forged in a collision of two otherwise normal galaxies, Centaurus A's fantastic jumble of young blue star clusters, pinkish star forming regions, and imposing dark dust lanes are seen here in remarkable detail. The colorful galaxy portrait is a composite of image data from space- and ground-based telescopes large and small. Near the galaxy's center, left over cosmic debris is steadily being consumed by a central black hole with a billion times the mass of the Sun. As in other active galaxies, that process generates the radio, X-ray, and gamma-ray energy radiated by Centaurus A. via NASA http://ift.tt/1HaMCSx

Thursday, November 19, 2015

Anonymous accuses Silicon Valley startup of assisting Islamic State online

Hacktivist group Anonymous has accused a San Francisco Web services company of protecting pro-ISIL websites from cyberattacks. ISIL exploits the ...

from Google Alert - anonymous http://ift.tt/1QxiYK6
via IFTTT

BIRDNEST: Bayesian Inference for Ratings-Fraud Detection. (arXiv:1511.06030v1 [cs.AI])

Review fraud is a pervasive problem in online commerce, in which fraudulent sellers write or purchase fake reviews to manipulate perception of their products and services. Fake reviews are often detected based on several signs, including 1) they occur in short bursts of time; 2) fraudulent user accounts have skewed rating distributions. However, these may both be true in any given dataset. Hence, in this paper, we propose an approach for detecting fraudulent reviews which combines these 2 approaches in a principled manner, allowing successful detection even when one of these signs is not present. To combine these 2 approaches, we formulate our Bayesian Inference for Rating Data (BIRD) model, a flexible Bayesian model of user rating behavior. Based on our model we formulate a likelihood-based suspiciousness metric, Normalized Expected Surprise Total (NEST). We propose a linear-time algorithm for performing Bayesian inference using our model and computing the metric. Experiments on real data show that BIRDNEST successfully spots review fraud in large, real-world graphs: the 50 most suspicious users of the Flipkart platform flagged by our algorithm were investigated and all identified as fraudulent by domain experts at Flipkart.



from cs.AI updates on arXiv.org http://ift.tt/1X1JcZz
via IFTTT

Putting Things in Context: Community-specific Embedding Projections for Sentiment Analysis. (arXiv:1511.06052v1 [cs.CL])

Variation in language is ubiquitous, and is particularly evident in newer forms of writing such as social media. Fortunately, variation is not random, but is usually linked to social factors. By exploiting linguistic homophily --- the tendency of socially linked individuals to use language similarly --- it is possible to build models that are more robust to variation. In this paper, we focus on social network communities, which make it possible to generalize sociolinguistic properties from authors in the training set to authors in the test sets, without requiring demographic author metadata. We detect communities via standard graph clustering algorithms, and then exploit these communities by learning community-specific projections of word embeddings. These projections capture shifts in word meaning in different social groups; by modeling them, we are able to improve the overall accuracy of Twitter sentiment analysis by a significant margin over competitive prior work.



from cs.AI updates on arXiv.org http://ift.tt/1kJ97UX
via IFTTT

Abstract Attribute Exploration with Partial Object Descriptions. (arXiv:1511.06191v1 [cs.AI])

Attribute exploration has been investigated in several studies, with particular emphasis on the algorithmic aspects of this knowledge acquisition method. In its basic version the method itself is rather simple and transparent. But when background knowledge and partially described counter-examples are admitted, it gets more difficult. Here we discuss this case in an abstract, somewhat "axiomatic" setting, providing a terminology that clarifies the abstract strategy of the method rather than its algorithmic implementation.



from cs.AI updates on arXiv.org http://ift.tt/1X1JzmX
via IFTTT

Teaching Machines to Read and Comprehend. (arXiv:1506.03340v3 [cs.CL] UPDATED)

Teaching machines to read natural language documents remains an elusive challenge. Machine reading systems can be tested on their ability to answer questions posed on the contents of documents that they have seen, but until now large scale training and test datasets have been missing for this type of evaluation. In this work we define a new methodology that resolves this bottleneck and provides large scale supervised reading comprehension data. This allows us to develop a class of attention based deep neural networks that learn to read real documents and answer complex questions with minimal prior knowledge of language structure.



from cs.AI updates on arXiv.org http://ift.tt/1F9CCkt
via IFTTT

Recurrent Reinforcement Learning: A Hybrid Approach. (arXiv:1509.03044v2 [cs.LG] UPDATED)

Successful applications of reinforcement learning in real-world problems often require dealing with partially observable states. It is in general very challenging to construct and infer hidden states as they often depend on the agent's entire interaction history and may require substantial domain knowledge. In this work, we investigate a deep-learning approach to learning the representation of states in partially observable tasks, with minimal prior knowledge of the domain. In particular, we propose a new family of hybrid models that combines the strength of both supervised learning (SL) and reinforcement learning (RL), trained in a joint fashion: The SL component can be a recurrent neural networks (RNN) or its long short-term memory (LSTM) version, which is equipped with the desired property of being able to capture long-term dependency on history, thus providing an effective way of learning the representation of hidden states. The RL component is a deep Q-network (DQN) that learns to optimize the control for maximizing long-term rewards. Extensive experiments in a direct mailing campaign problem demonstrate the effectiveness and advantages of the proposed approach, which performs the best among a set of previous state-of-the-art methods.



from cs.AI updates on arXiv.org http://ift.tt/1Q4VUP8
via IFTTT

[FD] Qualsoft Systems - (AddNewsDetails.php) Auth ByPass Vulnerability

#Title : Qualsoft Systems - (AddNewsDetails.php) Auth ByPass Vulnerability #Author : ZoRLu / zorlu@milw00rm.com #Blog : z.milw0rm.info #Twitter : @milw00rm #Test : Windows7 Ultimate #Discovery : 19/11/15 #Publish : 19/11/15 #Thks : exploit-db.com, packetstormsecurity.com, securityfocus.com, cxsecurity.com and others #BkiAdam : B3mB4m, Dr.Ly0n, KnocKout, LifeSteaLeR #Dork : intext:Powered by Qualsoft Systems Pvt. Ltd #Other : http://ift.tt/1X1xmhU / Iran Cyber Security Group #demo : http://ift.tt/1SJiwGm firt you go here: localhost/AddNewsDetails.php after you go here: localhost/EditDeleteNews.php and you will see your new entry but no any title or other details POST /AddNewsDetails.php HTTP/1.1 Host: www.dnyanada.net User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:42.0) Gecko/20100101 Firefox/42.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: tr,fr;q=0.8,tr-TR;q=0.6,en-US;q=0.4,en;q=0.2 Accept-Encoding: gzip, deflate Referer: http://ift.tt/1X1xmhY Connection: keep-alive Content-Type: multipart/form-data; boundary

Source: Gmail -> IFTTT-> Blogger

[FD] Cambium ePMP 1000 - Multiple Vulnerabilities

Re: [FD] LiteCart 1.3.2: Multiple XSS

-----BEGIN PGP SIGNED MESSAGE-

Source: Gmail -> IFTTT-> Blogger

[FD] [CFP] No Big Thing Conference #2 San Francisco, December 5 2015

Dear hackers, dear friends, dear community, Please find below the Call For Paper for the NBT2 Conference. The conference will happein in San Francisco on December 5 2015, at the Salesforce Rincon Café (121 Spear Street, San Francisco, CA 94105). Appology for the cross postings. Help us spread the word :) As usual with great, small, non profit conferences, DIY and self motivation is the rule. The party is the people : come play with us :) Note: Our budget is low (ransom of independance !). We shall try to accomodate everybody needing a stay in San Francisco (eg: on the floor of my appartment), expect to have to make it to SF by your own means. You're hackers, shouldn't be a big deal right ? :) Kindest regards, j-

Source: Gmail -> IFTTT-> Blogger

[FD] LinkedIn - Persistent Cross-Site Scripting vulnerability(XSS)

LinkedIn social network affected by Persistent Cross-Site Scripting vulnerability(XSS) (patched in less than 3 hours) ========================= I. VULNERABILITY

Source: Gmail -> IFTTT-> Blogger

30 comments

So while it may sound nice that Anonymous wants to take down ISIS from their dimly lit basements, it is, for all intents and purposes, an inane ...

from Google Alert - anonymous http://ift.tt/1Xcg64u
via IFTTT

EU clamps down on bitcoin, anonymous payments to curb terrorism funding

European Union countries plan a crackdown on virtual currencies and anonymous payments made online and via pre-paid cards in a bid to tackle ...

from Google Alert - anonymous http://ift.tt/1OhGZ4w
via IFTTT

VirusTotal now Scans Mac OS X Apps for Malware

Do Mac Computers Get Viruses? Yes, Of Course, they do!  According to stats, malware for MAC OS X has appeared five times more in 2015 alone than the previous five years combined. As malware for Macs is becoming more common, Google has decided to add support for Mac  OS X malware detection to its VirusTotal web-based service. VirusTotal — launched in 2004 and acquired by Google in


from The Hacker News http://ift.tt/1PPOvpd
via IFTTT

What can Anonymous really do to ISIS?

Now that Anonymous has declared cyberwar against the so-called Islamic State in retaliation for the Paris terrorist attacks, the question becomes: ...

from Google Alert - anonymous http://ift.tt/215mKy7
via IFTTT

Mark Zuckerberg Just Quits his Job at Facebook — Check Yourself!

Yes, you heard it right. Mark Zuckerberg has left his job at Facebook. Don’t believe me? I can prove it to you. — Check this Facebook Post by yourself — This is weird, Isn’t it? But, don’t be surprised or shocked, because what you just saw was only an illusion. <!-- adsense --> This is actually a minor bug in the popular social media website that allows anyone to manipulate the


from The Hacker News http://ift.tt/1PBMXR0
via IFTTT

ISS Daily Summary Report – 11/18/15

NanoRacks Platform-3 Biorack Installation: Yui installed BioRack Experiment Controllers into NanoRacks Platform-3 today.  NanoRacks Platforms provide a multipurpose research facility on board the ISS that supports NanoRacks Modules installed in EXPRESS (EXpedite the PRocessing of Experiments to Space Station) racks by providing power and data transfer capabilities for investigations in microgravity.   FLame Extinguishment Experiment (FLEX)-2J:  Lindgren replaced the last FLEX-2J Fiber Arm and the Multi-user Droplet Combustion Apparatus (MDCA) fuel reservoir today as part of routine maintenance for the Combustion Integration Rack (CIR).  FLEX-2J studies the interactions of flames on the motion and ignition of millimeter-sized droplets. Results can provide fundamental insight into the physics of fuel burning, which improves computer models designed to reduce emissions and improve fuel consumption efficiency in space and on Earth.   Ocular Health Ocular and Cardiac Ultrasounds:  Yui and Lindgren performed ocular and cardiac ultrasounds as part of their series of Return minus 30 (R-30) day Ocular Health tests.   The ultrasound images will be used to identify changes in globe morphology and document optic nerve sheath diameter, optic nerve sheath tortuosity, globe axial measurements, and choroidal engorgement. The Ocular Health protocol calls for a systematic gathering of physiological data to characterize the risks of microgravity-induced visual impairment and increased intracranial pressure in ISS crewmembers. Researchers believe that the measurement of visual, vascular and central nervous system changes over the course of this experiment and during the subsequent post-flight recovery will assist in the development of countermeasures, clinical monitoring strategies, and clinical practice guidelines.   Twins Study:  In support of the Twins Study, Kelly collected urine samples over a 24 hour period and stowed them in a Minus Eighty Degree Celsius Laboratory Freezer for ISS (MELFI).  This investigation is an integrated compilation of ten different studies led by multiple investigators.  The studies take advantage of a unique opportunity to look at the effects of space travel on identical twins, with one of them experiencing space travel for a year while the other remains earth-bound for that same year.  The study looks at changes in the human body that are important in the fields of genetics, psychology, physiology, microbiology, and immunology.   Cognition:  Kelly performed his Flight Day 233 session of the Cognition experiment today.  Individualized Real-Time Neurocognitive Assessment Toolkit for Space Flight Fatigue (Cognition) is a battery of tests that measure how spaceflight-related physical changes, such as microgravity and lack of sleep, can affect cognitive performance. Cognition includes ten brief computerized tests that cover a wide range of cognitive functions, and provides immediate feedback on current and past test results. The software allows for real-time measurement of cognitive performance while in space.   Large Format Motion Picture Camera (IMAX) Video Downlink:  Yui connected the IMAX Codex to a Station Support Computer (SSC) for downlink of recorded video files.  IMAX filmmakers intend to produce a three dimensional movie called A Perfect Planet, using ISS-based video and images to show how natural and human forces shape planet Earth. The film will also showcase NASA’s exploration efforts and highlight the ISS as a platform for scientific research and a stepping stone to deep space exploration.   Biochemical Profile:  Kelly continued his Flight Day 240 collections for the Biochem Profile investigation.  Samples were stowed in a Minus Eighty Degree Celsius Laboratory Freezer for ISS (MELFI) for return on a later flight. The Biochemical Profile experiment tests blood and urine samples obtained from astronauts before, during, and after spaceflight. Specific proteins and chemicals in the samples are used as biomarkers, or indicators of health. Post-flight analysis yields a database of samples and test results, which scientists can use to study the effects of spaceflight on the body.   Sleep Log:  Kornienko recorded a Sleep Log entry.  The Sleep ISS-12 experiment monitors ambient light exposure and crew member activity and collects subjective evaluations of sleep and alertness.  The investigation examines the effects of space flight and ambient light exposure on sleep during a year-long mission on the ISS.   Trace Contaminant Control System (TCCS) Maintenance:  Kelly replaced the Charcoal and Sorbent Beds on the Node 3 TCCS.  The Node 3 TCCS has been in service since delivery to ISS in 2009.  Charcoal and Sorbent Beds have limited operational life with preventative maintenance schedule to ensure contaminant removal capabilities.   The Lab TCCS is currently active while this maintenance activity is being performed.   Waste and Hygiene Compartment (WHC) Maintenance:  Kelly was scheduled to replace the Usage Rate Counter on the control panel within the WHC Rack.  During the installation, he encountered a clearance issue with the new unit.  The old unit was then re-installed and counter was reset.  Ground teams will be developing a forward plan for installing the new unit.  The Crew had reported that the counter was getting stuck between numerals on occasion.  An accurate usage rate count is required as maintenance and consumables are tracked based on these numbers.   Return Air Grill Cleaning:  As part of preventative maintenance, Yui removed and cleaned the return grille mesh covers within the Japanese Experiment Module (JEM) and Japanese Experiment Logistics Module Pressurized Section (JLP).  This maintenance is performed every 180 days.   Port Solar Array Wing (SAW) Survey:  Lindgren configured a D4 camera in order to obtain photographs of the masts on the Port SAW. The photographs were taken from the Docking Compartment (DC)-1 window point of view and will be downlinked for ground team to assess.   Functional Cargo Block (FGB) Solar Array Photogrammetry:  Today, the Space Station Remote Manipulator System (SSRMS) and Special Purpose Dexterous Manipulator (SPDM) cameras were used to complete the second part of the photogrammetric survey for the retracted Starboard FGB solar array.  The purpose of these surveys is to measure the absolute position of the current “as-retracted” state of the both the Starboard and Port FGB solar arrays in order to correct ground CAD models.   Today’s Planned Activities All activities were completed unless otherwise noted. TWIN – Urine Sample Collection Morning Inspection, Laptop RS1(2) Reboot Backup Control Center VSee Test HRF – Sample […]

from ISS On-Orbit Status Report http://ift.tt/1Lo3v7l
via IFTTT

Is Telegram Really Secure? — 4 Major Privacy Issues Raised by Researcher

The terrorist groups are encouraging its followers to use Telegram to make their propaganda invisible from law enforcement, but some security experts believe that Telegram may not be as secure as jihadi advocates may like to believe. Telegram is an end-to-end encrypted messaging service that has been adopted by a lot more people than ISIS — as of last year, the company claimed more than


from The Hacker News http://ift.tt/1SGYtYZ
via IFTTT

Telegram — Secret Messaging app — Shuts Down 78 ISIS Channels

The terrorist groups affiliated with the Islamic State have an extensive presence not only on social media accounts but also on the popular end-to-end encrypted messaging app Telegram through which they communicate with their followers and spread terror propaganda materials. Telegram has always been terrorist's favorite, but ISIS had been using the app since October, when Telegram introduced an


from The Hacker News http://ift.tt/1Moss6r
via IFTTT

A Sudden Jet on Comet 67P


There she blows! A dramatic demonstration of how short-lived some comet jets can be was documented in late July by the robotic Rosetta spacecraft orbiting the nucleus of Comet 67P/Churyumov-Gerasimenko. The featured animation depicts changes in the rotating comet with three illuminating stills. Although the first frame shows nothing unusual, the second frame shows a sudden strong jet shooting off the 67P's surface only 20 minutes later, while the third frame -- taken 20 minutes after that -- shows but a slight remnant of the once-active jet. As comets near the Sun, they can produce long and beautiful tails that stream across the inner Solar System. How comet jets produce these tails is a topic of research -- helped by images like this. Another recent Rosetta measurement indicates that the water on Earth could not have come from comets like 67P because of significant differences in impurities. Comet 67P spans about four kilometers, orbits the Sun between Earth and Jupiter, and has been the home for ESA's Rosetta spaceship since 2014 August. Rosetta is currently scheduled to make a slow crash onto Comet 67P's surface in late 2016. via NASA http://ift.tt/1kEvF96

Wednesday, November 18, 2015

A New Smooth Approximation to the Zero One Loss with a Probabilistic Interpretation. (arXiv:1511.05643v1 [cs.CV])

We examine a new form of smooth approximation to the zero one loss in which learning is performed using a reformulation of the widely used logistic function. Our approach is based on using the posterior mean of a novel generalized Beta-Bernoulli formulation. This leads to a generalized logistic function that approximates the zero one loss, but retains a probabilistic formulation conferring a number of useful properties. The approach is easily generalized to kernel logistic regression and easily integrated into methods for structured prediction. We present experiments in which we learn such models using an optimization method consisting of a combination of gradient descent and coordinate descent using localized grid search so as to escape from local minima. Our experiments indicate that optimization quality is improved when learning meta-parameters are themselves optimized using a validation set. Our experiments show improved performance relative to widely used logistic and hinge loss methods on a wide variety of problems ranging from standard UC Irvine and libSVM evaluation datasets to product review predictions and a visual information extraction task. We observe that the approach: 1) is more robust to outliers compared to the logistic and hinge losses; 2) outperforms comparable logistic and max margin models on larger scale benchmark problems; 3) when combined with Gaussian- Laplacian mixture prior on parameters the kernelized version of our formulation yields sparser solutions than Support Vector Machine classifiers; and 4) when integrated into a probabilistic structured prediction technique our approach provides more accurate probabilities yielding improved inference and increasing information extraction performance.



from cs.AI updates on arXiv.org http://ift.tt/1QOfyC2
via IFTTT

Discovering Underlying Plans Based on Distributed Representations of Actions. (arXiv:1511.05662v1 [cs.AI])

Plan recognition aims to discover target plans (i.e., sequences of actions) behind observed actions, with history plan libraries or domain models in hand. Previous approaches either discover plans by maximally "matching" observed actions to plan libraries, assuming target plans are from plan libraries, or infer plans by executing domain models to best explain the observed actions, assuming complete domain models are available. In real world applications, however, target plans are often not from plan libraries and complete domain models are often not available, since building complete sets of plans and complete domain models are often difficult or expensive. In this paper we view plan libraries as corpora and learn vector representations of actions using the corpora; we then discover target plans based on the vector representations. Our approach is capable of discovering underlying plans that are not from plan libraries, without requiring domain models provided. We empirically demonstrate the effectiveness of our approach by comparing its performance to traditional plan recognition approaches in three planning domains.



from cs.AI updates on arXiv.org http://ift.tt/1QOfwKp
via IFTTT

Using Abduction in Markov Logic Networks for Root Cause Analysis. (arXiv:1511.05719v1 [cs.AI])

IT infrastructure is a crucial part in most of today's business operations. High availability and reliability, and short response times to outages are essential. Thus a high amount of tool support and automation in risk management is desirable to decrease outages. We propose a new approach for calculating the root cause for an observed failure in an IT infrastructure. Our approach is based on Abduction in Markov Logic Networks. Abduction aims to find an explanation for a given observation in the light of some background knowledge. In failure diagnosis, the explanation corresponds to the root cause, the observation to the failure of a component, and the background knowledge to the dependency graph extended by potential risks. We apply a method to extend a Markov Logic Network in order to conduct abductive reasoning, which is not naturally supported in this formalism. Our approach exhibits a high amount of reusability and enables users without specific knowledge of a concrete infrastructure to gain viable insights in the case of an incident. We implemented the method in a tool and illustrate its suitability for root cause analysis by applying it to a sample scenario.



from cs.AI updates on arXiv.org http://ift.tt/1NEuk94
via IFTTT

Solution Repair/Recovery in Uncertain Optimization Environment. (arXiv:1511.05749v1 [cs.AI])

Operation management problems (such as Production Planning and Scheduling) are represented and formulated as optimization models. The resolution of such optimization models leads to solutions which have to be operated in an organization. However, the conditions under which the optimal solution is obtained rarely correspond exactly to the conditions under which the solution will be operated in the organization.Therefore, in most practical contexts, the computed optimal solution is not anymore optimal under the conditions in which it is operated. Indeed, it can be "far from optimal" or even not feasible. For different reasons, we hadn't the possibility to completely re-optimize the existing solution or plan. As a consequence, it is necessary to look for "repair solutions", i.e., solutions that have a good behavior with respect to possible scenarios, or with respect to uncertainty of the parameters of the model. To tackle the problem, the computed solution should be such that it is possible to "repair" it through a local re-optimization guided by the user or through a limited change aiming at minimizing the impact of taking into consideration the scenarios.



from cs.AI updates on arXiv.org http://ift.tt/1QOfyBO
via IFTTT

Alternative Markov Properties for Acyclic Directed Mixed Graphs. (arXiv:1511.05835v1 [stat.ML])

We extend AMP chain graphs by (i) relaxing the semidirected acyclity constraint so that only directed cycles are forbidden, and (ii) allowing up to two edges between any pair of nodes. We introduce global, ordered local and pairwise Markov properties for the new models. We show the equivalence of these properties for strictly positive probability distributions. We also show that, when the random variables are normally distributed, the new models can be interpreted as systems of linear equations with correlated errors. Finally, we describe an exact algorithm for learning the new models via answer set programming.



from cs.AI updates on arXiv.org http://ift.tt/1OfZpCV
via IFTTT

Behavior Query Discovery in System-Generated Temporal Graphs. (arXiv:1511.05911v1 [cs.SI])

Computer system monitoring generates huge amounts of logs that record the interaction of system entities. How to query such data to better understand system behaviors and identify potential system risks and malicious behaviors becomes a challenging task for system administrators due to the dynamics and heterogeneity of the data. System monitoring data are essentially heterogeneous temporal graphs with nodes being system entities and edges being their interactions over time. Given the complexity of such graphs, it becomes time-consuming for system administrators to manually formulate useful queries in order to examine abnormal activities, attacks, and vulnerabilities in computer systems.

In this work, we investigate how to query temporal graphs and treat query formulation as a discriminative temporal graph pattern mining problem. We introduce TGMiner to mine discriminative patterns from system logs, and these patterns can be taken as templates for building more complex queries. TGMiner leverages temporal information in graphs to prune graph patterns that share similar growth trend without compromising pattern quality. Experimental results on real system data show that TGMiner is 6-32 times faster than baseline methods. The discovered patterns were verified by system experts; they achieved high precision (97%) and recall (91%).



from cs.AI updates on arXiv.org http://ift.tt/1HZF3sU
via IFTTT

Factorization, Inference and Parameter Learning in Discrete AMP Chain Graphs. (arXiv:1501.06727v2 [stat.ML] UPDATED)

We address some computational issues that may hinder the use of AMP chain graphs in practice. Specifically, we show how a discrete probability distribution that satisfies all the independencies represented by an AMP chain graph factorizes according to it. We show how this factorization makes it possible to perform inference and parameter learning efficiently, by adapting existing algorithms for Markov and Bayesian networks. Finally, we turn our attention to another issue that may hinder the use of AMP CGs, namely the lack of an intuitive interpretation of their edges. We provide one such interpretation.



from cs.AI updates on arXiv.org http://ift.tt/1v0XrR6
via IFTTT

Managing Multi-Granular Linguistic Distribution Assessments in Large-Scale Multi-Attribute Group Decision Making. (arXiv:1504.01004v2 [cs.AI] UPDATED)

Linguistic large-scale group decision making (LGDM) problems are more and more common nowadays. In such problems a large group of decision makers are involved in the decision process and elicit linguistic information that are usually assessed in different linguistic scales with diverse granularity because of decision makers' distinct knowledge and background. To keep maximum information in initial stages of the linguistic LGDM problems, the use of multi-granular linguistic distribution assessments seems a suitable choice, however to manage such multigranular linguistic distribution assessments, it is necessary the development of a new linguistic computational approach. In this paper it is proposed a novel computational model based on the use of extended linguistic hierarchies, which not only can be used to operate with multi-granular linguistic distribution assessments, but also can provide interpretable linguistic results to decision makers. Based on this new linguistic computational model, an approach to linguistic large-scale multi-attribute group decision making is proposed and applied to a talent selection process in universities.



from cs.AI updates on arXiv.org http://ift.tt/1H0bxp7
via IFTTT

Anonymous releases guide on how to hack Isis

In the aftermath of the terrorist attacks that hit Paris last Friday, Anonymous has “waged war” on Isis, the extremist group largely believed to be ...

from Google Alert - anonymous http://ift.tt/1POgfKA
via IFTTT

I have a new follower on Twitter


GWEB Law
General practice law firm concentrating in the areas of Business, Civil Litigation, Personal Injury, Divorce, Family, Estate, Probate
Gaithersburg, MD
http://t.co/11KMAYysnO
Following: 2624 - Followers: 2402

November 18, 2015 at 03:31PM via Twitter http://twitter.com/gweblaw

Bob Ross Fans!

BRCartoon2forBlog
Friends of Bob Ross! Check out PBS NEWSHOUR’s article about one fan’s first experience with Bob Ross in ‘Here’s what happened when I tried to paint like Bob Ross’. Follow Link Below!

http://ift.tt/1QuHGLi




from The 'hotspot' for all things Bob Ross. http://ift.tt/1QuHImo
via IFTTT

Ravens: C Jeremy Zuttah (torn pectoral) placed on season-ending IR; 4th offensive player put on IR in the last 2 weeks (ESPN)

from ESPN http://ift.tt/17lH5T2
via IFTTT

New Pics Added to the Blog Gallery (November 18, 2015)

BRHalloweenPic
New Pics Added to the Blog Gallery! (November 18, 2015)

Click link below to visit gallery now!
http://ift.tt/1HAGoHC




from The 'hotspot' for all things Bob Ross. http://ift.tt/212vsNG
via IFTTT

ISS Daily Summary Report – 11/17/15

Cell Mechanosensing-3:  Yui set up the Multipurpose Small Payload Rack (MSPR) Experiment Laptop Terminal (ELT) in preparation for Cell Mechanosensing-3 operations that will be performed after the arrival of investigation samples on the SpaceX-8 in January, 2016.  He exchanged the laptop hard drive and installed cables between the MSPR Small Experiment Area and the laptop.  Identification of gravity sensors in skeletal muscle cells during Japan Aerospace Exploration Agency’s (JAXA’s) Cell Mechanosensing investigation will support development of countermeasures against muscle atrophy, a significant health issue for humans in space. Scientists believe that the lack of mechanical stress from gravity causes tension fluctuations in the plasma membrane of skeletal muscle cells, which changes the expression of key proteins and genes and allows muscles to atrophy. Muscle cells from rats and kidney cells from African clawed frogs are tagged with fluorescent gene markers and attached to an extracellular matrix to study their performance under different tensions that simulate their use on earth.   Observation and Analysis of Smectic Islands in Space (OASIS) Glycerol/Water Fill:  Due to a malfunction with the Microgravity Science Glovebox (MSG) slide mechanism that allows the MSG work volume to be extended for crew access, Kononenko was unable to inject glycerol and water into the current OASIS sample under study.  While an investigation had begun to resolve the MSG problem, the OASIS ground experts decided to continue the investigation with the untreated OASIS sample.  OASIS studies the unique behavior of liquid crystals in microgravity, including their overall motion and the merging of crystal layers known as smectic islands. Liquid crystals are used for display screens in televisions and clocks, and they also occur in soaps and cell membranes. The experiment allows detailed studies of the behavior of these structures, and how microgravity affects their unique ability to act like both a liquid and a solid crystal.   Sleep Log:  Kornienko recorded a Sleep Log entry today.  The Sleep ISS-12 experiment monitors ambient light exposure and crew member activity and collects subjective evaluations of sleep and alertness.  The investigation examines the effects of space flight and ambient light exposure on sleep during a year-long mission on the ISS.   Extravehicular Activity (EVA) Tool Stow:  Kelly and Lindgren stowed tools which were used earlier this month as part of the P6 Return To Original Configuration (RTOC) EVA #33.   Soyuz 43 Imagery:  Yui configured a D4 camera in order to obtain high resolution imagery of the Soyuz 43 Descent Module, currently docked to Mini-Research Module (MRM)-1. The images will be downlinked to the ground and used for Micrometeoroid/Orbital Debris (MMOD) risk mitigation.   Lab Window Cleaning:  Lindgren cleaned the inboard surface of LAB Primary Pressure Pane.  The cleaning was performed in preparation for the METEOR Payload which will be installed in the Window Observational Research Facility (WORF) targeted to arrive early 2016 onboard SpaceX-9.   Mobile Servicing System (MSS) Operations:  Overnight, Robotics Ground Controllers powered up the MSS and performed a survey of the Functional Cargo Block (FGB) Starboard Solar Array Wing (SAW).  FGB SAW surveys will continue tomorrow. Today’s Planned Activities All activities were completed unless otherwise noted. Biochemical Urine Test SPLANH.  REFLOTRON-4 Analyzer Setup, Biochemistry Study, Start EGEG Recording SPLANH. Photography of the Experiment Ops Biochemical Urine Test URISYS Hardware Stowage Leak isolation in Orlan-MK suit 4 and suit 6 backup bladder MSPR – Multi-Purpose Small Payload Rack (MSPR) Hard Drive Changeout OCT Hardware Setup US EVA Tool Stow MSPR ELT MSPR Hardware Activation WRS – Recycle Tank Fill Filling (separation) of EDV (KOV) for Elektron or EDV-SV. Inspect and separate EDV Optical Coherence Tomography (OCT) СОЖ Maintenance SPLANH. Blood Biochemistry Analysis OCT Hardware Stowage Spacesuit and БСС (Orlan Interface Unit) leak checks and Orlan 5 valve test Start BSA Battery Charge Orlan Suit 5 Backup Bladder Leak Check Verification of ИП-1 Flow Sensor Position HABIT – Video during the Experiment [Deferred] OASIS – Filling container with water and glycerol US EVA Tool Stow WRS – Recycle Tank Fill [Deferred] Soyuz 717 Photos from DC1 and Cupola Lab Window Cleaning MELF2 – Ice Brick Insertion into MELFI Test activation of Vozdukh Atmosphere Purification System Emergency Vacuum Valves [АВК СОА] Recovery of Orlan 4 ventilation system Environmental Health System (EHS) – Intravehicular Tissue Equivalent Proportional Counter (IV-TEPC) Relocate IMS Delta File Prep CIR – Hardware Setup INTERACTION-2. Experiment Ops MDCA – Preparation of MWA Surface Area Repairs of SM Interior Panel 310 by Installing Overlay Panels – Day 2 Preparation for diagnostics of power supply system (СЭС) and onboard complex control system (СУБК) units in FGB, review of crew procedures and radiograms HAM radio session from Columbus PAO Event with the 1 Year Mission crew US EVA Tool Stow HRF1- Data Export MSPR – Payload Closeout Ops Fundoscope Exam Setup (Ophthalmoscope) TWIN – Hardware Setup Preparing for БИТС2-12 ДКЦ2Б15 Device Replacement (locating equipment, r/g review) Fundoscope Examination Start BSA Battery Charge Equipment stowage after Fundoscope Eye Imaging (Ophthalmoscope) Preparation of Reports for Roscosmos Web Site and Social ECON-M. Observation and Photography URAGAN Observations and Photography   Completed Task List Items Robot Startup WHC KTO Replace JLP Hardware Consolidate   Ground Activities All activities were completed unless otherwise noted. Nominal Commanding   Three-Day Look Ahead: Wednesday, 11/18:  Ocular Health, Port Solar Array Mast Survey, FGB Diagnostics Thursday, 11/19:  C2V2 Aft Cable Routing, Haptics 1 Friday, 11/20:  PEPS Audit, SSRMS LEE-B Inspection, MPEP Removal from JEMAL Slide Table   QUICK ISS Status – Environmental Control Group:                               Component Status Elektron On Vozdukh Manual [СКВ] 1 – SM Air Conditioner System (“SKV1”) On [СКВ] 2 – SM Air Conditioner System (“SKV2”) Off Carbon Dioxide Removal Assembly (CDRA) Lab Standby Carbon Dioxide Removal Assembly (CDRA) Node 3 Operate Major Constituent Analyzer (MCA) Lab Shutdown Major Constituent Analyzer (MCA) Node 3 Manual Oxygen Generation Assembly (OGA) Process Urine Processing Assembly (UPA) Standby Trace Contaminant Control System (TCCS) Lab Full Up Trace Contaminant Control System (TCCS) Node 3 Off  

from ISS On-Orbit Status Report http://ift.tt/1S45qn3
via IFTTT

[FD] Adobe Premiere Clip v1.1.1 iOS - (cid:x) Filter Bypass & Persistent Software Vulnerability

Hey ISIS! Check Out How 'Idiot' Anonymous Hackers Can Disrupt your Online Propaganda

The online Hacktivist group Anonymous declared War against the Islamic State militant group (ISIS) that claimed responsibility for the horrific terrorist attacks that rocked Paris last week. In response to the Anonymous’ warning of launching their "biggest operation ever" against the terrorist group, ISIS militants called Anonymous – "IDIOTS". It seems like Anonymous has taken ISIS


from The Hacker News http://ift.tt/1lum0C4
via IFTTT

Google’s $85 Chromebit Lets You Turn Any Monitor or TV into a Computer

Google and Asus are finally ready to release their new micro Chrome OS computer called the Chromebit — that retails at a great price, just $85. That is quite cheap for what is essentially a portable computer that you can take anywhere in your pocket. Also Read: CHIP — The World's First $9 Computer. Announced back in March, the Chromebit is a fully featured Computer-on-a-Stick that


from The Hacker News http://ift.tt/1NaHn7M
via IFTTT

The Pelican Nebula in Gas Dust and Stars


The Pelican Nebula is slowly being transformed. IC 5070, the official designation, is divided from the larger North America Nebula by a molecular cloud filled with dark dust. The Pelican, however, receives much study because it is a particularly active mix of star formation and evolving gas clouds. The featured picture was produced in three specific colors -- light emitted by sulfur, hydrogen, and oxygen -- that can help us to better understand these interactions. The light from young energetic stars is slowly transforming the cold gas to hot gas, with the advancing boundary between the two, known as an ionization front, visible in bright orange on the right. Particularly dense tentacles of cold gas remain. Millions of years from now this nebula might no longer be known as the Pelican, as the balance and placement of stars and gas will surely leave something that appears completely different. via NASA http://ift.tt/1N8VqLd

Tuesday, November 17, 2015

I have a new follower on Twitter


Suzanne A Pierce
Science-informed Adaptation | Participatory Modeling | Intelligent Systems for Geosciences | Groundwater | Sustainability | Research | Crowdfunding | HCI Fan
Austin, TX & Calama, Chile
http://t.co/Kzfjd4LiS6
Following: 2109 - Followers: 2644

November 17, 2015 at 09:38PM via Twitter http://twitter.com/HelpfulTangent

Convolutional Models for Joint Object Categorization and Pose Estimation. (arXiv:1511.05175v1 [cs.CV])

In the task of Object Recognition, there exists a dichotomy between the categorization of objects and estimating object pose, where the former necessitates a view-invariant representation, while the latter requires a representation capable of capturing pose information over different categories of objects. With the rise of deep architectures, the prime focus has been on object category recognition. Deep learning methods have achieved wide success in this task. In contrast, object pose regression using these approaches has received relatively much less attention. In this paper we show how deep architectures, specifically Convolutional Neural Networks (CNN), can be adapted to the task of simultaneous categorization and pose estimation of objects. We investigate and analyze the layers of various CNN models and extensively compare between them with the goal of discovering how the layers of distributed representations of CNNs represent object pose information and how this contradicts with object category representations. We extensively experiment on two recent large and challenging multi-view datasets. Our models achieve better than state-of-the-art performance on both datasets.



from cs.AI updates on arXiv.org http://ift.tt/1WY53kr
via IFTTT

Ask, Attend and Answer: Exploring Question-Guided Spatial Attention for Visual Question Answering. (arXiv:1511.05234v1 [cs.CV])

The problem of Visual Question Answering (VQA) requires joint image and language understanding to answer a question about a given photograph. Recent approaches have applied deep image captioning methods based on recurrent LSTM networks to this problem, but have failed to model spatial inference. In this paper, we propose a memory network with spatial attention for the VQA task. Memory networks are recurrent neural networks with an explicit attention mechanism that selects certain parts of the information stored in memory. We store neuron activations from different spatial receptive fields in the memory, and use the question to choose relevant regions for computing the answer. We experiment with spatial attention architectures that use different question representations to choose regions, and also show that two attention steps (hops) obtain improved results compared to a single step. To understand the inference process learned by the network, we design synthetic questions that specifically require spatial inference and visualize the attention weights. We evaluate our model on two published visual question answering datasets, DAQUAR and VQA, and obtain promising results.



from cs.AI updates on arXiv.org http://ift.tt/1MlcR7C
via IFTTT

Constant Time EXPected Similarity Estimation using Stochastic Optimization. (arXiv:1511.05371v1 [cs.LG])

A new algorithm named EXPected Similarity Estimation (EXPoSE) was recently proposed to solve the problem of large-scale anomaly detection. It is a non-parametric and distribution free kernel method based on the Hilbert space embedding of probability measures. Given a dataset of $n$ samples, EXPoSE needs only $\mathcal{O}(n)$ (linear time) to build a model and $\mathcal{O}(1)$ (constant time) to make a prediction. In this work we improve the linear computational complexity and show that an $\epsilon$-accurate model can be estimated in constant time, which has significant implications for large-scale learning problems. To achieve this goal, we cast the original EXPoSE formulation into a stochastic optimization problem. It is crucial that this approach allows us to determine the number of iteration based on a desired accuracy $\epsilon$, independent of the dataset size $n$. We will show that the proposed stochastic gradient descent algorithm works in general (possible infinite-dimensional) Hilbert spaces, is easy to implement and requires no additional step-size parameters.



from cs.AI updates on arXiv.org http://ift.tt/1WY54oE
via IFTTT

Active exploration of sensor networks from a robotics perspective. (arXiv:1511.05488v1 [cs.RO])

Traditional algorithms for robots who need to integrate into a wireless network often focus on one specific task. In this work we want to develop simple, adaptive and reusable algorithms for real world applications for this scenario. Starting with the most basic task for mobile wireless network nodes, finding the position of another node, we introduce an algorithm able to solve this task. We then show how this algorithm can readily be employed to solve a large number of other related tasks like finding the optimal position to bridge two static network nodes. For this we first introduce a meta-algorithm inspired by autonomous robot learning strategies and the concept of internal models which yields a class of source seeking algorithms for mobile nodes. The effectiveness of this algorithm is demonstrated in real world experiments using a physical mobile robot and standard 802.11 wireless LAN in an office environment. We also discuss the differences to conventional algorithms and give the robotics perspective on this class of algorithms. Then we proceed to show how more complex tasks, which might be encountered by mobile nodes, can be encoded in the same framework and how the introduced algorithm can solve them. These tasks can be direct (cross layer) optimization tasks or can also encode more complex tasks like bridging two network nodes. We choose the bridging scenario as an example, implemented on a real physical robot, and show how the robot can solve it in a real world experiment.



from cs.AI updates on arXiv.org http://ift.tt/1MlcQRj
via IFTTT

Gated Graph Sequence Neural Networks. (arXiv:1511.05493v1 [cs.LG])

Graph-structured data appears frequently in domains including chemistry, natural language semantics, social networks, and knowledge bases. In this work, we study feature learning techniques for graph-structured inputs. Our starting point is previous work on Graph Neural Networks (Scarselli et al., 2009), which we modify to use gated recurrent units and modern optimization techniques and then extend to output sequences. The result is a flexible and broadly useful class of neural network models that has favorable inductive biases relative to purely sequence-based models (e.g., LSTMs) when the problem is graph-structured. We demonstrate the capabilities on some simple AI (bAbI) and graph algorithm learning tasks. We then show it achieves state-of-the-art performance on a problem from program verification, in which subgraphs need to be matched to abstract data structures.



from cs.AI updates on arXiv.org http://ift.tt/1HXcQTm
via IFTTT

Neurocontrol methods review. (arXiv:1511.05506v1 [cs.AI])

Methods of applying neural networks to control plants are considered. Methods and schemes are described, their advantages and disadvantages are discussed.



from cs.AI updates on arXiv.org http://ift.tt/1WY53kl
via IFTTT

Return of Frustratingly Easy Domain Adaptation. (arXiv:1511.05547v1 [cs.CV])

Unlike human learning, machine learning often fails to handle changes between training (source) and test (target) input distributions. Such domain shifts, common in practical scenarios, severely damage the performance of conventional machine learning methods. Supervised domain adaptation methods have been proposed for the case when the target data have labels, including some that perform very well despite being ``frustratingly easy'' to implement. However, in practice, the target domain is often unlabeled, requiring unsupervised adaptation. We propose a simple, effective, and efficient method for unsupervised domain adaptation called CORrelation ALignment (CORAL). CORAL minimizes domain shift by aligning the second-order statistics of source and target distributions, without requiring any target labels. Even though it is extraordinarily simple--it can be implemented in four lines of Matlab code--CORAL performs remarkably well in extensive evaluations on standard benchmark datasets.



from cs.AI updates on arXiv.org http://ift.tt/1WY5345
via IFTTT

A state vector algebra for algorithmic implementation of second-order logic. (arXiv:1312.2551v2 [cs.AI] UPDATED)

We present a mathematical framework for mapping second-order logic relations onto a simple state vector algebra. Using this algebra, basic theorems of set theory can be proven in an algorithmic way, hence by an expert system. We illustrate the use of the algebra with simple examples and show that, in principle, all theorems of basic set theory can be recovered in an elementary way. The developed technique can be used for an automated theorem proving in the 1st and 2nd order logic.



from cs.AI updates on arXiv.org http://ift.tt/19xG6i0
via IFTTT

Ethical Artificial Intelligence. (arXiv:1411.1373v9 [cs.AI] UPDATED)

This book-length article combines several peer reviewed papers and new material to analyze the issues of ethical artificial intelligence (AI). The behavior of future AI systems can be described by mathematical equations, which are adapted to analyze possible unintended AI behaviors and ways that AI designs can avoid them. This article makes the case for utility-maximizing agents and for avoiding infinite sets in agent definitions. It shows how to avoid agent self-delusion using model-based utility functions and how to avoid agents that corrupt their reward generators (sometimes called "perverse instantiation") using utility functions that evaluate outcomes at one point in time from the perspective of humans at a different point in time. It argues that agents can avoid unintended instrumental actions (sometimes called "basic AI drives" or "instrumental goals") by accurately learning human values. This article defines a self-modeling agent framework and shows how it can avoid problems of resource limits, being predicted by other agents, and inconsistency between the agent's utility function and its definition (one version of this problem is sometimes called "motivated value selection"). This article also discusses how future AI will differ from current AI, the politics of AI, and the ultimate use of AI to help understand the nature of the universe and our place in it.



from cs.AI updates on arXiv.org http://ift.tt/1uxUvdS
via IFTTT

Computing rational decisions in extensive games with limited foresight. (arXiv:1502.03683v3 [cs.AI] UPDATED)

We introduce a class of extensive form games where players might not be able to foresee the possible consequences of their decisions and form a model of their opponents which they exploit to achieve a more profitable outcome. We improve upon existing models of games with limited foresight, endowing players with the ability of higher-order reasoning and proposing a novel solution concept to address intuitions coming from real game play. We analyse the resulting equilibria, devising an effective procedure to compute them.



from cs.AI updates on arXiv.org http://ift.tt/1D1Dwnu
via IFTTT

I have a new follower on Twitter


Claudia Hilker
#Consulting #Digital #Business #Transformation #SocialMedia #Content #Marketing #Kommunikation #Blogger #Management #Speaker #Autor
Germany, Düsseldorf
https://t.co/x93lOhwAdy
Following: 2060 - Followers: 6332

November 17, 2015 at 05:38PM via Twitter http://twitter.com/claudiahilker

[FD] zTree v3 Security Advisory - XSS Vulnerability - CVE-2015-7348

Information

Source: Gmail -> IFTTT-> Blogger

[FD] CVE-2015-6357: Cisco FireSIGHT Management Center SSL Validation Vulnerability

Title: Cisco FireSIGHT Management Center Certificate Validation Vulnerability Blog URL: http://ift.tt/1WVwyv9 Vendor: Cisco Product: FireSIGHT Management Center Affected Versions: 5.2.x, 5.3.x, 5.4.x Advisory URL: http://ift.tt/1ObkkXF CVE: CVE-2015-6357 CVSS: 5.1 The Cisco FireSIGHT Management Center appliance is used to manage Cisco FirePOWER Intrusion Prevention Systems (IPS), also known as Sourcefire IPS. FireSIGHT is responsible for downloading updated IPS signatures and installing them on managed IPS devices. On its own the Cisco FireSIGHT Management Center Certificate Validation Vulnerability is a medium severity vulnerability with a CVSS of 5.1. However, this vulnerability is an example of why SSL certificate validation is so important. In this exploit I will demonstrate how the vulnerability can be leveraged to obtain privileged remote command execution on a Cisco FireSIGHT system. The exploit chains the SSL validation vulnerability with the software update process on the Cisco FireSIGHT system to trick the target system into downloading a malicious update and executing it to obtain a reverse shell with **root** privileges. Read the full advisory at http://ift.tt/1WVwyv9 Credits: This security vulnerability was found by Matthew Flanagan. Disclosure Timeline: - 2015-08-31 Vulnerability discovered in FireSIGHT 5.4.x and exploit developed by Matthew Flanagan. - 2015-09-01 Initial contact made with Cisco PSIRT psirt@cisco.com. - 2015-09-01 PSIRT responded asking for more information. - 2015-09-01 Matthew Flanagan provided PSIRT with full write up and exploit of vulnerability. - 2015-09-02 PSIRT raised FireSIGHT defect and incident PSIRT-190974966. - 2015-09-15 Matthew Flanagan reported to Cisco PSIRT that versions 5.2.0 and 5.3.0 are also vulnerable. - 2015-10-16 PSIRT advised me of the CVSS score they assigned to the vulnerability. - 2015-11-09 PSIRT assigned CVE ID CVE-2015-6357. - 2015-11-16 [Cisco FireSIGHT Management Center Certificate Validation Vulnerability][3] published. - 2015-11-16 Matthew Flanagan's findings published.

Source: Gmail -> IFTTT-> Blogger

[FD] Google AOSP Email App HTML Injection

Ravens: WR Breshad Perriman (1st-round pick); placed on season ending IR with knee injury; did not appear in any games (ESPN)

from ESPN http://ift.tt/17lH5T2
via IFTTT

Anonymous Declares War on ISIS, Takes Down 5500 Twitter Accounts

The hactivist group has launched its first cyberattack on ISIS.

from Google Alert - anonymous http://ift.tt/1ltoz7z
via IFTTT

Ravens: Baltimore (2-7) drops five spots to No. 29 in Week 11 NFL power rankings; open here for full rankings (ESPN)

from ESPN http://ift.tt/17lH5T2
via IFTTT

Anonymous hackers declare war on IS

The Anonymous internet hacking network declared war on the Islamic State group in a Youtube video Monday, vowing vengeance for attacks in Paris ...

from Google Alert - anonymous http://ift.tt/1QsLH2A
via IFTTT

I have a new follower on Twitter


Robyn Wyrick
Novelist, author of Eviction Notice Screenwriter Owner of DC PHP, LLC Owner of Anticipation Films Founder of the Washington DC PHP Developers Group
Nanjemoy, MD
http://t.co/Pg3PdxaLA6
Following: 77 - Followers: 45

November 17, 2015 at 12:22PM via Twitter http://twitter.com/robynwyrick

ISIS Calls Anonymous "IDIOTS" and Issues 5 Lame Tips for its Members to Avoid Getting Hacked

The Anonymous Hacking group on Sunday declared Total War against the ISIS, the Islamic State terror organization that claimed responsibility for the Paris attacks on Friday that killed 129 people and hundreds more injured. In a sinister video posted on YouTube, the Cyber Hacktivists said they will launch their "biggest operation ever" with the warning that "Anonymous from all over the


from The Hacker News http://ift.tt/1X522JX
via IFTTT

Ravens: Ex-Baltimore DT Terrence Cody convicted of misdemeanors in animal abuse case (ESPN)

from ESPN http://ift.tt/17lH5T2
via IFTTT

I have a new follower on Twitter


SOCIAL OUTLIER
If Ms. Digital Marketing went on a date with Mr. Calculus...we are the offspring. Our approach to digital marketing is entirely mathematically optimized!
Los Angeles, CA
https://t.co/eXB9qeo29h
Following: 3266 - Followers: 3501

November 17, 2015 at 09:40AM via Twitter http://twitter.com/SocialOutlier

SS Daily Summary Report – 11/16/15

Direct Current Switching Unit (DCSU) 1 Remote Bus Isolator (RBI) 1 Trip Status:  Friday evening and into the weekend, Flight Controllers worked to successfully restore power to the systems normally powered by the 1B channel.  In review of telemetry, the ground team revealed indications that the Sequential Shunt Unit (SSU) 1B may not be able to regulate voltage, therefore should not be used to provide power to downstream equipment. The ground team is currently able to manage the power balance for the foreseeable future.   Teams continue to assess how to configure ISS for the best risk posture and are working SSU 1B recovery plans.   Sally Ride Earth Knowledge Acquired by Middle School Students (Sally Ride EarthKAM):  Kornienko wrapped up a week-long imaging session of the Earth by shutting down the EarthKAM software and stowing the equipment.  An estimated 20,000 students from 247 schools in 28 countries are participating in EarthKAM.  Well over 10,000 images are expected to be captured and downlinked from the ISS.  Students are able to remotely control a digital camera mounted on the ISS to take photographs of coastlines, mountain ranges and other interesting features. The EarthKAM team posts the students’ images on the Internet, where the public and participating classrooms can view these images of the Earth taken from the ISS.   Veggie Hardware Validation Test (Veg-01):  Lindgren installed a Veg-01 Root Mat and Plant Pillows in the Veggie facility and watered the root mat to start the VEG-01 Experiment.  For this run, Zinnias will be grown on the ISS for 60 days and are expected to produce flowers.  The primary goal of Veg-01 testing will be to demonstrate plant growth in the Veggie facility.  Lettuce was previously grown and harvested as part of Veg-01 testing.   Russian Joint Research (RJR) Microbiological Sampling:  Kornienko used the Microbial Air Sampler (MAS) and Surface Sample Kit (SSK) to take surface and air samples to support a microbiological assessment of the ISS.  These activities are performed as part of a joint cooperative research program between NASA and the Russian Space Agency. The results of incubation and analysis of these samples will be used to identify ISS locations and surfaces prone to microbial contamination and will provide a scientific basis for decisions about future microbial monitoring on ISS and on future spacecraft used for human exploration.   Story Time:  On Saturday Yui and Lindgren read from the book “Weightless,” then discussed the subject of the book on camera and demonstrated the scientific principles involved.  Video recording of the activity will be downlinked to the ground and used for educational purposes.   Ocular Health:  Crewmembers Yui and Lindgren initiated their Return – 30 Day Ocular Health testing by completing vision and tonometry tests and taking blood pressure measurements.  The Ocular Health protocol calls for a systematic gathering of physiological data to characterize the risks of microgravity-induced visual impairment and increased intracranial pressure in ISS crewmembers. Researchers believe that the measurement of visual, vascular and central nervous system changes over the course of this experiment and during the subsequent post-flight recovery will assist in the development of countermeasures, clinical monitoring strategies, and clinical practice guidelines.   Japanese Experiment Module (JEM) Airlock Closeout Operations for Exposed Experiment Handrail Attachment Mechanism (ExHAM) #2:  Yui opened the JEM Airlock inner hatch, extended the slide table into the module, and removed the Handhold Exp Platform Adapter (used previously to attach the ExHAM hardware) from the Multi-Purpose Experiment Platform Assembly (MPEP) mounted to the slide table.  He then returned the slide table to the JEM Airlock.  ExHAM#2 was installed on the JEM Exposed Facility (JEF) on Wednesday, November 11th.   Journals:  Kelly completed a Journals entry on Saturday and completed another one today. The Journals investigation obtains information on behavioral and human issues that are relevant to the design of equipment and procedures used during astronauts during extended-duration missions. Study results provide information used in preparation for future missions to low-Earth orbit and beyond.   Sleep Log:  One Year Crewmembers Kelly and Kornienko completed Sleep Log entries after waking on Saturday and Sunday, and Kornienko made an additional entry this morning.  These entries support the Sleep ISS-12 experiment, which monitors ambient light exposure and crew member activity and collects subjective evaluations of sleep and alertness.  The investigation examines the effects of space flight and ambient light exposure on sleep during the ongoing year-long mission on the ISS.   Potable Water Dispenser (PWD) and Internal Thermal Control System (ITCS) Fluid Jumper Quick Disconnect (QD) Maintenance:   As part of routine maintenance, Kelly replaced the PWD filter then cleaned and lubricated QDs using a QD Maintenance Kit.  He then performed corrective maintenance on 4 QDs for EXPRESS Rack 5 Internal Thermal Control System (ITCS) fluid jumpers formerly used for the Space Dynamically Responding Ultrasonic Matrix System (SpaceDRUMS) payload.   US Airlock Hardware Restow:  Following last week’s work to install the Nitrogen/Oxygen Recharge System (NORS) Airlock Interface Kit (AIK), Yui worked to restow hardware that was temporarily removed from the US Airlock.   Port Crew Quarters (CQ) Cleaning:  Kelly cleaned his Port CQ today. The activity included cleaning the intake and exhaust ducts, fans, and airflow sensors.   Today’s Planned Activities All activities were completed unless otherwise noted. HMS Visual Testing Activity VEGGIE – OBT On MCC GO Replacement of ПТАБ-1М (А302) АБ Module No.2. Photography behind panel 226 HMS -Vision Questionnaire Preparation for replacing 800А (АБ2) unit on FGB Russian Joint Research (RJR) – Collecting Surface Samples (SSK) HMS Visual Testing Activity Ocular Health (OH) Blood Pressure Operations P/TV Setup to capture S1 radiator through MRM2 window Photography of S1 Radiator through MRM2 window HMS – Vision Questionnaire Eye Exam (Ocular Health) – Tonometry Test Setup Ocular Health (OH) Blood Pressure Operations Photography of S1 Radiator through MRM2 window Photo downlink and hardware stowage after capturing S1 radiator Eye Exam (Ocular Health) FPEF – Disconnecting Cables VEG-01 EXP – Hardware Setup JEMAL – Slide Table extension HXP ADPTR- Hardware Removal Replacement of 800А (АБ2) unit on FGB JEMAL […]

from ISS On-Orbit Status Report http://ift.tt/1l2sJCX
via IFTTT

[FD] Free WMA MP3 Converter - Buffer Overflow Exploit (SEH)

Document Title: =============== Free WMA MP3 Converter - Buffer Overflow Exploit (SEH) References (Source): ==================== http://ift.tt/1ODFhxf Release Date: ============= 2015-10-19 Vulnerability Laboratory ID (VL-ID): ==================================== 1620 Common Vulnerability Scoring System: ==================================== 7.5 Product & Service Introduction: =============================== Free WMA MP3 Converter is an free WMA to MP3 converter which helps you convert WMA to MP3, MP3 to WMA, WAV to MP3, WAV to WMA, MP3 to WAV, WMA to WAV etc. Free WMA MP3 Converter provides optimized default settings. No more thinking but just a click to start WMA to MP3 conversion with the MP3 converter! In addition, there are still a lot of settings can be set up to meet your special need. All the conversion process like convert WMA to MP3 and MP3 to WMA are fast and simple with adjustable output quality. The audio converter supports ID3 tag, the ID3 tags in the original files can be reserved after conversion. Free download the Free WMA MP3 Converter to enjoy your WMA and MP3 music anywhere and anytime! (Copy of the Product Homepage: http://ift.tt/1GnhqP3 ) Abstract Advisory Information: ============================== An independent vulnerability laboratory researcher discovered a buffer overflow vulnerability in the official Free WMA MP3 Converter v1.8 software. Vulnerability Disclosure Timeline: ================================== 2015-10-16: Public Disclosure (Vulnerability Laboratory) Discovery Status: ================= Published Affected Product(s): ==================== Exploitation Technique: ======================= Local Severity Level: =============== High Technical Details & Description: ================================ A local buffer overflow (SEH) software vulnerability has been discovered in the official Free WMA MP3 Converter v1.8 software. The vulnerability allows a local attacker to process the windows software by exploitation of a classic buffer overflow vulnerability. The security risk of the buffer overflow vulnerability is estimated as high with a cvss (common vulnerability scoring system) count of 7.5. Exploitation of the vulnerability requires a low privilege system user account and no user interaction. Successful exploitation of the local vulnerability results in system compromise by elevation of privileges via overwrite of the registers. Proof of Concept (PoC): ======================= #!/usr/bin/python #Free WMA MP3 Converter - Buffer Overflow Exploit (SEH) #Author : ZwX #Download: http://ift.tt/1GnhqP3 #Version : 1.8 #Tested Os : Windows 7 #Reference : http://ift.tt/1NB68o4 from struct import pack buffer = "\x41" * 4116 nseh = "\xeb\x06\xff\xff" seh = pack("

Source: Gmail -> IFTTT-> Blogger

[FD] Murgent CMS - SQL Injection Vulnerability

Document Title: =============== Murgent CMS - SQL Injection Vulnerability References (Source): ==================== http://ift.tt/1MjCsOn Release Date: ============= 2015-11-16 Vulnerability Laboratory ID (VL-ID): ==================================== 1646 Common Vulnerability Scoring System: ==================================== 8.2 Product & Service Introduction: =============================== http://murgent.com/ Abstract Advisory Information: ============================== An independent vulnerability laboratory researcher discovered a remote sql injection web vulnerability in the official Murgent Content Management System 2015Q4. Vulnerability Disclosure Timeline: ================================== 2015-11-16: Public Disclosure (Vulnerability Laboratory) Discovery Status: ================= Published Affected Product(s): ==================== Exploitation Technique: ======================= Bulletins Severity Level: =============== High Technical Details & Description: ================================ A remote sql injection web vulnerability has been discovered in the official Murgent Content Management System 2015-Q4. The vulnerability allows remote attackers to execute own sql commands to compromise the web-applicaation or connected dbms. The vulnerability is located in the `id` value of the `index.php` and `view-event.php` file. Remote attackers are able to execute own sql commands by manipulation of the GET method request with the vulnerable id parameter. The request method to inject the sql command is GET and the issue is located on the application-side of the online-service. The sql vulnerability allows remote attackers to compromise the database management system that is connected to the web-application. The security risk of the sql injection vulnerability is estimated as high with a cvss (common vulnerability scoring system) count of 8.2. Exploitation of the remote sql injection web vulnerability requires no user interaction or privileged web-application user account. Successful exploitation of the remote sql injection results in database management system, web-server and web-application compromise. Request Method(s): [+] GET Vulnerable File(s): [+] index.php [+] view-event.php Vulnerable Parameter(s): [+] action > preview &id Proof of Concept (PoC): ======================= The remote sql injection web vulnerability can be exploited by remote attackers without privileged web-application user account and witout user interaction. For security demonstration or to reproduce the vulnerability follow the provided information and steps below to continue. Google Dork(s): intext:"Developed by murgent" inurl:"id=" intext:"Powered by murgent" inurl:"id=" PoC: http://localhost:8080/view-event.php?id=569%27[SQL-INJECTION VULNERABILITY!] https://localhost:8080/index.php?action=preview&id=21891%27[SQL-INJECTION VULNERABILITY!] Security Risk: ============== The security risk of the remote sql injection web vulnerability in the Murgent content management system is estimated as high. (CVSS 8.2) Credits & Authors: ================== Sia Turk - GuardIran Digital Security Team Special Thanks to: Yashar-Turk,Ehsan Gomnam,Mr.3okoT,Mr.RezaRabet,Night-Wolf, C0d3!Nj3ct!0N,DeMoN,Yasin-Turk,Pesar Shab,Sia Turk and All Of My Friends Disclaimer & Information: ========================= The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any case of damage, including direct, indirect, incidental, consequential loss of business profits or special damages, even if Vulnerability-Lab or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply. We do not approve or encourage anybody to break any vendor licenses, policies, deface websites, hack into databases or trade with fraud/stolen material. Domains: http://ift.tt/1jnqRwA - www.vuln-lab.com - http://ift.tt/1kouTut Contact: admin@vulnerability-lab.com - research@vulnerability-lab.com - admin@evolution-sec.com Section: magazine.vulnerability-db.com - http://ift.tt/1zNuo47 - http://ift.tt/1wo6y8x Social: http://twitter.com/#!/vuln_lab - http://ift.tt/1kouSqa - http://youtube.com/user/vulnerability0lab Feeds: http://ift.tt/1iS1DH0 - http://ift.tt/1kouSqh - http://ift.tt/1kouTKS Programs: http://ift.tt/1iS1GCs - http://ift.tt/1iS1FyF - http://ift.tt/1kouSqp Any modified copy or reproduction, including partially usages, of this file requires authorization from Vulnerability Laboratory. Permission to electronically redistribute this alert in its unmodified form is granted. All other rights, including the use of other media, are reserved by Vulnerability-Lab Research Team or its suppliers. All pictures, texts, advisories, source code, videos and other information on this website is trademark of vulnerability-lab team & the specific authors or managers. To record, list (feed), modify, use or edit our material contact (admin@vulnerability-lab.com or research@vulnerability-lab.com) to get a permission. Copyright © 2015 | Vulnerability Laboratory - [Evolution Security GmbH]™

Source: Gmail -> IFTTT-> Blogger

[FD] LineNity WP Premium Theme - File Include Vulnerability

Document Title: =============== LineNity WP Premium Theme - File Include Vulnerability References (Source): ==================== http://ift.tt/1lr8XBs Release Date: ============= 2015-11-15 Vulnerability Laboratory ID (VL-ID): ==================================== 1645 Common Vulnerability Scoring System: ==================================== 6.8 Product & Service Introduction: =============================== Linenity wordpress theme is a that features a clean and flexible design which suitable for wide variety of websites. Linenity wp theme includes a huge theme control panel that help user to develop or customize the theme. It also includes different kind of homepage style, widget, footer, post type, shortcode and many others. Linenity also Cross-Browser and Responsive theme, has clean style and well-documented. (Copy of the Homepage: http://ift.tt/10U7fX1 ) Abstract Advisory Information: ============================== An independent vulnerability laboratory researcher discovered a file include web vulnerability in the official WordPress LineNity Premium Theme in 2015Q4. Vulnerability Disclosure Timeline: ================================== 2015-11-13: Report to Vulnerability Lab (Sajjad Sotoudeh - White-hg) 2015-11-15: Public Disclosure (Vulnerability Laboratory) Discovery Status: ================= Published Affected Product(s): ==================== Wordpress Premium Themes Product: LineNity - (WordPress Responsive Magazine Theme) 1.20 Exploitation Technique: ======================= Remote Severity Level: =============== High Technical Details & Description: ================================ A local file include web vulnerability has been discovered in the official WordPress LineNity Premium Theme in 2015Q4. The local file include web vulnerability allows remote attackers to unauthorized include local file/path requests or system specific path commands to compromise the web-application. The web vulnerability is located in the `imgurl` value of the `download.php` file. Remote attackers are able to inject own files with malicious `imgurl` value in the `download.php` file GET method request to compromise the web-application. The local file/path include execution occcurs in the download.php. The request method to inject is GET and the attack vector is located on the client-side of the wordpress theme web-application. The security risk of the local file include vulnerability is estimated as high with a cvss (common vulnerability scoring system) count of 6.8. Exploitation of the file include web vulnerability requires no user interaction and no privileged web-application user account. Successful exploitation of the local file include vulnerability results in web-application, dbms and connected account system -compromise. Request Method(s): [+] [GET] Vulnerable Module(s): [+] ./wp-content/themes/linenity/functions/ Vulnerable File(s): [+] download.php Vulnerable Parameter(s): [+] imgurl Proof of Concept (PoC): ======================= The file include web vulnerability can be exploited by remote attackers with low privilege web-application user account and without user interaction. For security demonstration or to reproduce the vulnerability follow the provided information and steps below to continue. Google Dork(s): index of: /wp-content/themes/linenity Exploit: http://localhost:8080/wp-content/themes/linenity/functions/download.php?imgurl=[ Local File Inclusion ] PoC: http://localhost:8080/wp-content/themes/linenity/functions/download.php?imgurl=../../../../index.php http://localhost:8080/wordpress/wp-content/themes/linenity/functions/download.php?imgurl=../../../../../../../../../../../../../../../etc/passwd Solution - Fix & Patch: ======================= The vulnerability can be patched by a secure restriction of the requested path value in the imgurl value of the vulnerable download.php file. Restrict the requests by a whitelist of accessable web-server path. Security Risk: ============== The security risk of the file include web vulnerability in the web application is estimated as high. (CVSS 6.8) Credits & Authors: ================== Sajjad Sotoudeh - [sajjadsotoudeh@yahoo.com] (http://www.y-r-s.net & www.white-hg.com) [http://ift.tt/1HSTpR2] We are: KamraN HellisH - Dr.RooT - Dr.Repermind - Milad_Inj3ct0r - 4li-3ndG & All white-hg members Disclaimer & Information: ========================= The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any case of damage, including direct, indirect, incidental, consequential loss of business profits or special damages, even if Vulnerability-Lab or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply. We do not approve or encourage anybody to break any vendor licenses, policies, deface websites, hack into databases or trade with fraud/stolen material. Domains: http://ift.tt/1jnqRwA - www.vuln-lab.com - http://ift.tt/1kouTut Contact: admin@vulnerability-lab.com - research@vulnerability-lab.com - admin@evolution-sec.com Section: magazine.vulnerability-db.com - http://ift.tt/1zNuo47 - http://ift.tt/1wo6y8x Social: http://twitter.com/#!/vuln_lab - http://ift.tt/1kouSqa - http://youtube.com/user/vulnerability0lab Feeds: http://ift.tt/1iS1DH0 - http://ift.tt/1kouSqh - http://ift.tt/1kouTKS Programs: http://ift.tt/1iS1GCs - http://ift.tt/1iS1FyF - http://ift.tt/1kouSqp Any modified copy or reproduction, including partially usages, of this file requires authorization from Vulnerability Laboratory. Permission to electronically redistribute this alert in its unmodified form is granted. All other rights, including the use of other media, are reserved by Vulnerability-Lab Research Team or its suppliers. All pictures, texts, advisories, source code, videos and other information on this website is trademark of vulnerability-lab team & the specific authors or managers. To record, list (feed), modify, use or edit our material contact (admin@vulnerability-lab.com or research@vulnerability-lab.com) to get a permission. Copyright © 2015 | Vulnerability Laboratory - [Evolution Security GmbH]™

Source: Gmail -> IFTTT-> Blogger

Anonymous has made its first 'cyber attack' on Isis

After declaring “cyber war” on Isis this weekend with a cautionary video condemning Friday's Paris attacks, Anonymous have already made their first ...

from Google Alert - anonymous http://ift.tt/1OOrHaL
via IFTTT

Would Encryption Backdoor Stop Paris-like Terror Attacks?

With 129 people killed in Paris terror attacks and dozens critically wounded, the law enforcement and intelligence officials are reviving their efforts to force companies to put some backdoors in encryption so that they can access your information. How did the Intelligence agencies fail to Intercept terrorist plans of these attacks? In the wake of the Paris terror attacks, Former CIA


from The Hacker News http://ift.tt/1kC3FD2
via IFTTT

[FD] Magento Bug Bounty #24 - Multiple CSRF Web Vulnerabilities

Document Title: =============== Magento Bug Bounty #24 - Multiple CSRF Web Vulnerabilities References (Source): ==================== http://ift.tt/1RO2Xgw APPSEC-1122 Video: http://ift.tt/1RO2Xgy Release Date: ============= 2015-11-11 Vulnerability Laboratory ID (VL-ID): ==================================== 1643 Common Vulnerability Scoring System: ==================================== 3.4 Product & Service Introduction: =============================== Magento is an open source e-commerce web application that was launched on March 31, 2008 under the name Bento. It was developed by Varien (now Magento, a division of eBay) with help from the programmers within the open source community but is now owned solely by eBay Inc. Magento was built using parts of the Zend Framework. It uses the entity-attribute-value (EAV) database model to store data. In November 2013, W3Techs estimated that Magento was used by 0.9% of all websites. Our team of security professionals works hard to keep Magento customer information secure. What`s equally important to protecting this data? Our security researchers and user community. If you find a site that isn`t following our policies, or a vulnerability inside our system, please tell us right away. ( Copy of the Vendor Homepage: http://ift.tt/1E22539 & http://ift.tt/1E22539 ) Abstract Advisory Information: ============================== The Vulnerability Laboratory Core Research Team discovered multiple client-side cross site request forgery vulnerabilities in the official Magento online service web-application. Vulnerability Disclosure Timeline: ================================== 2015-09-24: Researcher Notification & Coordination (Hadji Samir - Evolution Security GmbH) 2015-09-24: Vendor Notification (Magento Security Team - Bug Bounty Program) 2015-09-30: Vendor Response/Feedback (Magento Security Team - Bug Bounty Program) 2015-10-25: Vendor Fix/Patch (Magento Developer Team) 2015-10-30: Bug Bounty Reward (Magento Security Team - Bug Bounty Program) 2015-11-06: Public Disclosure (Vulnerability Laboratory) Discovery Status: ================= Published Affected Product(s): ==================== Exploitation Technique: ======================= Remote Severity Level: =============== Medium Technical Details & Description: ================================ Multiple client-side cross site request forgery web vulnerabilities has been discovered in the official Magento online service web-application. The vulnerability allows remote attacker to manipulate client-side web-application to browser requests to unauthorized execute application functions. The vulnerability is located in the document form POST method request of the vulnerable `/ce/user_guide/` and `/products/bug-tracking/report/saveIssue/` modules. Remote attackers with low privileged web-application user accounts are able to inject own malicious script codes to unauthorized execute application functions with valid session credentials. The request method to inject is POST and the attack vector is located on the client-side of the magento online-service. The security risk of the cross site web vulnerability is estimated as medium with a cvss (common vulnerability scoring system) count of 3.4. Exploitation of the cross site request forgery web vulnerabilities requires a low privileged web application user account and low or medium user interaction. Successful exploitation results in client-side account theft by hijacking, client-side phishing, client-side external redirects and non-persistent manipulation of affected or connected service modules. Request Method(s): [+] POST Vulnerable Service(s): [+] magentocommerce.com [+] merch.docs.magento.com Vulnerable Module(s): [+] /ce/user_guide/ [+] /products/bug-tracking/report/saveIssue/ Proof of Concept (PoC): ======================= The vulnerabilities can be exploited by remote attackers with low privileged magento web-application user account and low or medium user interaction. For security demonstration or to reproduce the vulnerability follow the provided information and steps below to continue. PoC #1: CSRF