Latest YouTube Video

Saturday, July 30, 2016

Rumor Central: Orioles looking at Mariners SP Wade Miley (7-8, 4.98 ERA) - Today's Knuckleball (ESPN)

from ESPN http://ift.tt/1eW1vUH
via IFTTT

Beautiful Stories From Anonymous People- 1: Ron Paul's Baby

Beautiful Stories From Anonymous People- 1: Ron Paul's Baby - Empathy, honesty, and the best raw conversation.

from Google Alert - anonymous http://ift.tt/2a7xIBN
via IFTTT

Hillary Clinton's Presidential Campaign also Hacked in Attack on Democratic Party

There's a lot more to come from the DNC Hack. The Associated Press confirmed yesterday that the computer systems used by Hillary Clinton's presidential campaign were hacked as part of the recent Democratic National Convention (DNC) hack. Last week's email dump containing almost 20,000 emails from top DNC officials was just the beginning, which led DNC Chairwoman Debbie Wasserman Schultz to


from The Hacker News http://ift.tt/2aRGDUI
via IFTTT

Best Password Manager — For Windows, Linux, Mac, Android, iOS and Enterprise

When it comes to safeguarding your Internet security, installing an antivirus software or running a Secure Linux OS on your system does not mean you are safe enough from all kinds of cyber-threats. Today majority of Internet users are vulnerable to cyber attacks, not because they aren't using any best antivirus software or other security measures, but because they are using weak passwords to


from The Hacker News http://ift.tt/2a6Wimf
via IFTTT

Blue Danube Analemma


The Sun's annual waltz through planet Earth's sky forms a graceful curve known as an analemma. The analemma's figure 8 shape is tipped vertically at far right in this well-composed fisheye view from Budapest, Hungary. Captured at a chosen spot on the western bank of the Danube river, the Sun's position was recorded at 11:44 Central European Time on individual exposures over days spanning 2015 July 23 to 2016 July 4. Of course, on the northern summer solstice the Sun is at the top of the curve, but at the midpoints for the autumn and spring equinoxes. With snow on the ground, the photographer's shadow and equipment bag also appear in the base picture used for the composite panorama, taken on 2016 January 7. On that date, just after the winter solstice, the Sun was leaving the bottom of the beautiful curve over the blue Danube. via NASA http://ift.tt/2aw0M3J

Friday, July 29, 2016

Orioles sign P Logan Ondrusek, who was pitching in Japan, and designate P Chaz Roe (3.72 ERA in 9 games) for assignment (ESPN)

from ESPN http://ift.tt/1eW1vUH
via IFTTT

536M Mega Millions jackpot claimed by anonymous couple

INDIANAPOLIS (AP) — A central Indiana couple who were first-time Mega Millions players won the game's $536 million jackpot this month, but they've ...

from Google Alert - anonymous http://ift.tt/2ait2oL
via IFTTT

Ravens: OT Jake Long tells Adam Schefter he declined to sign injury waiver with Baltimore and now remains a free agent (ESPN)

from ESPN http://ift.tt/17lH5T2
via IFTTT

Ravens: WR Mike Wallace passes conditioning test, will practice Friday; missed one day of camp after failing 1st attempt (ESPN)

from ESPN http://ift.tt/17lH5T2
via IFTTT

Anonymous class with static crashes compiler in ES2015 target

Anonymous class with static crashes compiler in ES2015 target #10024. Open. mihailik opened this Issue an hour ago · 0 comments ...

from Google Alert - anonymous http://ift.tt/2aivLO0
via IFTTT

ISS Daily Summary Report – 07/28/16

Mouse Epigenetics Cage Unit Maintenance: The Mouse Cage Units containing the mice were transferred to the glove box from the Cell Biology Experiment Facility (CBEF) while the crew conducted standard cleaning and maintenance on the Mouse Habitat Cage Units. The Mouse Epigenetics investigation studies altered gene expression patterns in the organs of male mice that spend one month in space, and also examines changes in the deoxyribonucleic acid (DNA) of their offspring. Results from the investigation identify genetic alterations that happen after exposure to the microgravity environment of space. Fluid Shifts Operations: With guidance from the ground teams, crewmembers continued the first week of the Fluid Shifts experiment run by performing a Distortion Product Otoacoustic Emission (DPOAE) test, Optical Coherence Tomography (OCT) and Tonometry exams, Cerebral Cochlear Fluid Pressure (CCFP) test and an ultrasound scan. The Fluids Shift investigation is divided into three segments: Dilution Measures, Baseline Imaging, and Baseline Imaging using the Russian Chibis Lower Body Negative Pressure (LBNP) device. The experiment measures how much fluid shifts from the lower body to the upper body, in or out of cells and blood vessels, and determines the impact these shifts have on fluid pressure in the head, changes in vision and eye structures.  European Crew Personal Active Dosimeter (EUCPAD) Installation: The crew retrieved and inserted the ESA Active Dosimeter Mobile Units into the personal storage device.  The European Crew Personal Active Dosimeter is a device worn by crew members on orbit to measure radiation exposure. This device, coupled with other dosimeters in the European Space Agency’s (ESA) Columbus Laboratory, provides radiation dosage information that can be used to support risk assessment and dose management. The goal is to enable verification of radiation monitoring systems for future medical monitoring of crew members in space. Maritime Awareness Radio Installation: The crew installed the Maritime Awareness Radio drawer into EXPRESS rack 3 and connected it to the Vessel ID antenna. Nearly all commercial ships on the world’s oceans are being tracked and monitored using the Automatic Identification System (AIS) but the curvature of the Earth blocks the signals when ships are far from shore. The Global AIS on Space Station (GLASS) (Maritime Awareness) investigation uses a space-based AIS receiver system on ISS to acquire and disseminate ship information. During a 12-month test period, the system’s ability to continuously monitor ships for use in commercial, safety and security, environmental and educational applications will be investigated. Airway Monitoring Overview and Setup: In preparation for the European Space Agency (ESA) Airway Monitoring experiment scheduled to begin next week, the crew reviewed reference material and began setup activities in the Airlock.  With dust particles in the ISS atmosphere, Airway Monitoring studies the occurrence and indicators of airway inflammation in crewmembers using ultra-sensitive gas analyzers to analyze exhaled air. This helps to highlight any health impacts and to maintain crewmember wellbeing on future human spaceflight missions, especially longer-duration missions to the Moon and Mars where crewmembers must be more self-sufficient in highlighting and avoiding such conditions. Space Headaches: The crew completed the European Space Agency (ESA) Space Headaches questionnaire to provide information that may help in the development of methods to alleviate associated symptoms and improvement in the well-being and performance of crew members in space. Headaches during space flight can negatively affect mental and physical capacities of crew members which can influence performance during a space mission. Dose Tracker: The crew completed entries for medication tracking on an iPad. This investigation documents the medication usage of crewmembers before and during their missions by capturing data regarding medication use during spaceflight, including side effect qualities, frequencies and severities. The data is expected to either support or counter anecdotal evidence of medication ineffectiveness during flight and unusual side effects experienced during flight. It is also expected that specific, near-real-time questioning about symptom relief and side effects will provide the data required to establish whether spaceflight-associated alterations in pharmacokinetics (PK) or pharmacodynamics (PD) is occurring during missions.  Habitability Human Factors Directed Observations: The crew recorded and submitted a walk-through video documenting observations of life onboard ISS, providing insight related to human factors and habitability. The Habitability investigation collects observations about the relationship between crew members and their environment on the ISS. Observations can help spacecraft designers understand how much habitable volume is required, and whether a mission’s duration impacts how much space crew members need.  Microgravity Experiment Research Locker Incubator 3 (MERLIN-3) Failure to Power On Fully: Yesterday, ground teams reported that the MERLIN-3 file count was not incrementing. Based on similarity to a previous anomaly ground teams attempted a reboot to recover but did not see Health & Status (H&S) indications. Ground teams then power cycled the Locker 6 power and data but MERLIN-3 did not fully power back up. Teams noted the power draw went from 5.5A to less than 0.5A. MERLIN-3 lost its cooling capacity so science was moved from MERLIN-3 to MERLIN-1.  Ground teams are working additional troubleshooting plans. If MERLIN-3 cannot be recovered it may be returned on SpX-9. Additional MERLIN capacity is not required until SpX-10.  Extravehicular Mobility Unit (EMU) Resize:  Preparation activities for the EVA currently planned for August 18 continued today. The crew resized EMU 3003 to fit Williams and EMU 3008 was resized to fit Rubins. The crew also gathered suit components to be returned to ground and replaced a frayed Thermal Micrometeoroid Garment on one of the EVA Helmet Interchangeable Portable Lights (EHIP). Cyclic Load Management (CLM) Not Being Applied to Shell Heaters Following Software Transition: As part of the Software Transition that occurred on Sunday July 24, an update was made for Oxygen Generation Assembly (OGA) Day/Night Cycling and Shell Heater Cyclic Load Delta to be avoided during periods of high beta. Prior to the software transition, a delta would be applied to adjust set points which allowed the heaters to use more power when it was available to warm the shell heaters. Temperatures are currently maintaining above dew point and there is no concern that will change, but there […]

from ISS On-Orbit Status Report http://ift.tt/2ajlDrC
via IFTTT

[FD] ZMS v3.2 CMS - Multiple Client Side Cross Site Scripting Web Vulnerabilities

Document Title: =============== ZMS v3.2 CMS - Multiple Client Side Cross Site Scripting Web Vulnerabilities References (Source): ==================== http://ift.tt/2axLD57 Release Date: ============= 2016-07-28 Vulnerability Laboratory ID (VL-ID): ==================================== 1890 Common Vulnerability Scoring System: ==================================== 3.3 Product & Service Introduction: =============================== ZMS is the python content management solution (CMS) for website-based ePublishing. An easy Editorial interface and flexible content modeling (multilingualism, metadata, content objects, XML import / export, workflow etc.) aimed at optimum productivity for web pages, documentation and Educational content. ZMS is based on Zope, the leading open-source Web application server. ZOPE is platform-independent and runs on Linux, Unix, Solaris, Windows 9x / NT / 2000 / XP / Vista / 7 and Mac OS X. (Copy of the Vendor Homepage: http://ift.tt/2alDf6A ) Abstract Advisory Information: ============================== The vulnerability laboratory core research team discovered two client-side cross site scripting vulnerability in the official ZMS v3.2 python content management system. Vulnerability Disclosure Timeline: ================================== 2016-07-28: Public Disclosure (Vulnerability Laboratory) Discovery Status: ================= Published Affected Product(s): ==================== Exploitation Technique: ======================= Remote Severity Level: =============== Medium Technical Details & Description: ================================ Multiple client-side cross site scripting web vulnerabilities has been discovered iin the official ZMS v3.2 python content management system. The cross site scripting web vulnerability allows remote attackers to inject own malicious script code to client-side browser to web-application requests. The vulnerabilities are located in the `manage_tabs_message` parameter of the `manage_importexport` and `manage_main` files. Remote attackers are able to inject own malicious script codes via GET method request to compromise user session data. The attack vector is persistent and the request method to inject is GET. The message context of the status is not secure parsed by the python validation, thus results in the persistent execute of the script code payload. The security risk of the vulnerability is estimated as medium with a cvss (common vulnerability scoring system) count of 3.3. Exploitation of the vulnerability requires no privileged user account or restricted access and only low user interaction. Successful exploitation of the vulnerabilities results in non-persistent phishing mails, session hijacking, non-persistent external redirect to malicious sources and application-side manipulation of affected or connected module context. Vulnerable Module(s) [+] manage_main [+] manage_importexport Vulnerable Parameter(s) [+] manage_tabs_message Affected Module(s) [+] Status Message Proof of Concept (PoC): ======================= The client-side cross site vulnerabilities can be exploited by remote attackers without privileged user account and with low user interaction. For security demonstration of the issue or to reproduce the vulnerability follow the provided information and steps below to continue. PoC: Exploitation http://ift.tt/2a4lJEQ PoC: Alert Status Message
×

Brazil Freezes $11.7 Million of Facebook Funds for Not Complying with Court Orders

Facebook's legal war with Brazilian government seems to be never-ending. Facebook-owned cross-platform messaging service WhatsApp has already been blocked a total of three times in Brazil since December for failing to comply with a court order asking the company to access WhatsApp data under criminal investigation. But, now the Brazilian government has taken an even tougher step. <!--


from The Hacker News http://ift.tt/2agaMMK
via IFTTT

Herschel's Eagle Nebula


A now famous picture from the Hubble Space Telescope featured Pillars of Creation, star forming columns of cold gas and dust light-years long inside M16, the Eagle Nebula. This false-color composite image views the nearby stellar nursery using data from the Herschel Space Observatory's panoramic exploration of interstellar clouds along the plane of our Milky Way galaxy. Herschel's far infrared detectors record the emission from the region's cold dust directly. The famous pillars are included near the center of the scene. While the central group of hot young stars is not apparent at these infrared wavelengths, the stars' radiation and winds carve the shapes within the interstellar clouds. Scattered white spots are denser knots of gas and dust, clumps of material collapsing to form new stars. The Eagle Nebula is some 6,500 light-years distant, an easy target for binoculars or small telescopes in a nebula rich part of the sky toward the split constellation Serpens Cauda (the tail of the snake). via NASA http://ift.tt/2aApCiB

Global Terrestrial Water Storage Anomaly (March 2015 - March 2016)

A pair of experimental twin satellites called the Gravity Recovery And Climate Experiment, or "GRACE", were launched in March 2002. Since then they have been collecting gravity measurements which scientists use to derive Terrestrial Water Storage Anomalies (TWSA). TWSA can then be used as an indicator for drought and flood conditions across the globe. For more information on the GRACE mission please visit http://ift.tt/1z7Hogm

from NASA's Scientific Visualization Studio: Most Recent Items http://ift.tt/2a3JXiv
via IFTTT

GRACE over Brazil (March 2015 - March 2016)

GRACE (Gravity Recovery and Climate Experiment) maps variations in Earth's gravity field. GRACE consists of two identical spacecraft that fly about 220 kilometers (137 miles) apart in a polar orbit 500 kilometers (310 miles) above Earth. GRACE maps Earth's gravity field by making accurate measurements of the distance between the two satellites, using GPS and a microwave ranging system. It is providing scientists from all over the world with an efficient and cost-effective way to map Earth's gravity field with unprecedented accuracy. The results from this mission are yielding crucial information about the distribution and flow of mass within Earth and its surroundings. The gravity variations studied by GRACE can be used to determine ground water storage on land masses. By comparing current data to an average over time, scientists can generate an anomaly map to see where ground water storage has been depleted or increased. GRACE is a joint partnership between the National Aeronautics and Space Administration (NASA) in the United States and Deutsche Forschungsanstalt fur Luft und Raumfahrt (DLR) in Germany. Project management and systems engineering activities are carried out by the Jet Propulsion Laboratory.

from NASA's Scientific Visualization Studio: Most Recent Items http://ift.tt/2a3JdtG
via IFTTT

Thursday, July 28, 2016


via Instagram http://ift.tt/2aO8iGf

Mammalian Value Systems. (arXiv:1607.08289v1 [cs.AI])

Characterizing human values is a topic deeply interwoven with the sciences, humanities, art, and many other human endeavors. In recent years, a number of thinkers have argued that accelerating trends in computer science, cognitive science, and related disciplines foreshadow the creation of intelligent machines which meet and ultimately surpass the cognitive abilities of human beings, thereby entangling an understanding of human values with future technological development. Contemporary research accomplishments suggest sophisticated AI systems becoming widespread and responsible for managing many aspects of the modern world, from preemptively planning users' travel schedules and logistics, to fully autonomous vehicles, to domestic robots assisting in daily living. The extrapolation of these trends has been most forcefully described in the context of a hypothetical "intelligence explosion," in which the capabilities of an intelligent software agent would rapidly increase due to the presence of feedback loops unavailable to biological organisms. The possibility of superintelligent agents, or simply the widespread deployment of sophisticated, autonomous AI systems, highlights an important theoretical problem: the need to separate the cognitive and rational capacities of an agent from the fundamental goal structure, or value system, which constrains and guides the agent's actions. The "value alignment problem" is to specify a goal structure for autonomous agents compatible with human values. In this brief article, we suggest that recent ideas from affective neuroscience and related disciplines aimed at characterizing neurological and behavioral universals in the mammalian kingdom provide important conceptual foundations relevant to describing human values. We argue that the notion of "mammalian value systems" points to a potential avenue for fundamental research in AI safety and AI ethics.



from cs.AI updates on arXiv.org http://ift.tt/2arExhi
via IFTTT

Hyperparameter Optimization of Deep Neural Networks Using Non-Probabilistic RBF Surrogate Model. (arXiv:1607.08316v1 [cs.AI])

Recently, Bayesian optimization has been successfully applied for optimizing hyperparameters of deep neural networks, significantly outperforming the expert-set hyperparameter values. The methods approximate and minimize the validation error as a function of hyperparameter values through probabilistic models like Gaussian processes. However, probabilistic models that require a prior distribution of the errors may be not adequate for approximating very complex error functions of deep neural networks. In this work, we propose to employ radial basis function as the surrogate of the error functions for optimizing both continuous and integer hyperparameters. The proposed non-probabilistic algorithm, called Hyperparameter Optimization using RBF and DYCORS (HORD), searches the surrogate for the most promising hyperparameter values while providing a good balance between exploration and exploitation. Extensive evaluations demonstrate HORD significantly outperforms the well-established Bayesian optimization methods such as Spearmint and TPE, both in terms of finding a near optimal solution with fewer expensive function evaluations, and in terms of a final validation error. Further, HORD performs equally well in low- and high-dimensional hyperparameter spaces, and by avoiding expensive covariance computation can also scale to a high number of observations.



from cs.AI updates on arXiv.org http://ift.tt/2af7iKv
via IFTTT

VHT: Vertical Hoeffding Tree. (arXiv:1607.08325v1 [cs.DC])

IoT Big Data requires new machine learning methods able to scale to large size of data arriving at high speed. Decision trees are popular machine learning models since they are very effective, yet easy to interpret and visualize. In the literature, we can find distributed algorithms for learning decision trees, and also streaming algorithms, but not algorithms that combine both features. In this paper we present the Vertical Hoeffding Tree (VHT), the first distributed streaming algorithm for learning decision trees. It features a novel way of distributing decision trees via vertical parallelism. The algorithm is implemented on top of Apache SAMOA, a platform for mining distributed data streams, and thus able to run on real-world clusters. We run several experiments to study the accuracy and throughput performance of our new VHT algorithm, as well as its ability to scale while keeping its superior performance with respect to non-distributed decision trees.



from cs.AI updates on arXiv.org http://ift.tt/2aNZ0de
via IFTTT

Robust Contextual Outlier Detection: Where Context Meets Sparsity. (arXiv:1607.08329v1 [cs.DB])

Outlier detection is a fundamental data science task with applications ranging from data cleaning to network security. Given the fundamental nature of the task, this has been the subject of much research. Recently, a new class of outlier detection algorithms has emerged, called {\it contextual outlier detection}, and has shown improved performance when studying anomalous behavior in a specific context. However, as we point out in this article, such approaches have limited applicability in situations where the context is sparse (i.e. lacking a suitable frame of reference). Moreover, approaches developed to date do not scale to large datasets. To address these problems, here we propose a novel and robust approach alternative to the state-of-the-art called RObust Contextual Outlier Detection (ROCOD). We utilize a local and global behavioral model based on the relevant contexts, which is then integrated in a natural and robust fashion. We also present several optimizations to improve the scalability of the approach. We run ROCOD on both synthetic and real-world datasets and demonstrate that it outperforms other competitive baselines on the axes of efficacy and efficiency (40X speedup compared to modern contextual outlier detection methods). We also drill down and perform a fine-grained analysis to shed light on the rationale for the performance gains of ROCOD and reveal its effectiveness when handling objects with sparse contexts.



from cs.AI updates on arXiv.org http://ift.tt/2a3lNEN
via IFTTT

Faceless Person Recognition; Privacy Implications in Social Media. (arXiv:1607.08438v1 [cs.CV])

As we shift more of our lives into the virtual domain, the volume of data shared on the web keeps increasing and presents a threat to our privacy. This works contributes to the understanding of privacy implications of such data sharing by analysing how well people are recognisable in social media data. To facilitate a systematic study we define a number of scenarios considering factors such as how many heads of a person are tagged and if those heads are obfuscated or not. We propose a robust person recognition system that can handle large variations in pose and clothing, and can be trained with few training samples. Our results indicate that a handful of images is enough to threaten users' privacy, even in the presence of obfuscation. We show detailed experimental results, and discuss their implications.



from cs.AI updates on arXiv.org http://ift.tt/2aNZa4i
via IFTTT

A symbolic algebra for the computation of expected utilities in multiplicative influence diagrams. (arXiv:1607.08485v1 [cs.AI])

Influence diagrams provide a compact graphical representation of decision problems. Several algorithms for the quick computation of their associated expected utilities are available in the literature. However, often they rely on a full quantification of both probabilistic uncertainties and utility values. For problems where all random variables and decision spaces are finite and discrete, here we develop a symbolic way to calculate the expected utilities of influence diagrams that does not require a full numerical representation. Within this approach expected utilities correspond to families of polynomials. After characterizing their polynomial structure, we develop an efficient symbolic algorithm for the propagation of expected utilities through the diagram and provide an implementation of this algorithm using a computer algebra system. We then characterize many of the standard manipulations of influence diagrams as transformations of polynomials. We also generalize the decision analytic framework of these diagrams by defining asymmetries as operations over the expected utility polynomials.



from cs.AI updates on arXiv.org http://ift.tt/2a3lslN
via IFTTT

MIST: Missing Person Intelligence Synthesis Toolkit. (arXiv:1607.08580v1 [cs.AI])

Each day, approximately 500 missing persons cases occur that go unsolved/unresolved in the United States. The non-profit organization known as the Find Me Group (FMG), led by former law enforcement professionals, is dedicated to solving or resolving these cases. This paper introduces the Missing Person Intelligence Synthesis Toolkit (MIST) which leverages a data-driven variant of geospatial abductive inference. This system takes search locations provided by a group of experts and rank-orders them based on the probability assigned to areas based on the prior performance of the experts taken as a group. We evaluate our approach compared to the current practices employed by the Find Me Group and found it significantly reduces the search area - leading to a reduction of 31 square miles over 24 cases we examined in our experiments. Currently, we are using MIST to aid the Find Me Group in an active missing person case.



from cs.AI updates on arXiv.org http://ift.tt/2aNZccB
via IFTTT

Modeling selectional restrictions in a relational type system. (arXiv:1607.08592v1 [cs.CL])

Selectional restrictions are semantic constraints on forming certain complex types in natural language. The paper gives an overview of modeling selectional restrictions in a relational type system with morphological and syntactic types. We discuss some foundations of the system and ways of formalizing selectional restrictions.

Keywords: type theory, selectional restrictions, syntax, morphology



from cs.AI updates on arXiv.org http://ift.tt/2a3lmuo
via IFTTT

Modeling selectional restrictions in a relational type system. (arXiv:1607.08592v1 [cs.CL])

Selectional restrictions are semantic constraints on forming certain complex types in natural language. The paper gives an overview of modeling selectional restrictions in a relational type system with morphological and syntactic types. We discuss some foundations of the system and ways of formalizing selectional restrictions.

Keywords: type theory, selectional restrictions, syntax, morphology



from cs.AI updates on arXiv.org http://ift.tt/2a3lmuo
via IFTTT

Multi-Agent Continuous Transportation with Online Balanced Partitioning. (arXiv:1511.07209v2 [cs.MA] UPDATED)

We introduce the concept of continuous transportation task to the context of multi-agent systems. A continuous transportation task is one in which a multi-agent team visits a number of fixed locations, picks up objects, and delivers them to a final destination. The goal is to maximize the rate of transportation while the objects are replenished over time. Examples of problems that need continuous transportation are foraging, area sweeping, and first/last mile problem. Previous approaches typically neglect the interference and are highly dependent on communications among agents. Some also incorporate an additional reconnaissance agent to gather information. In this paper, we present a hybrid of centralized and distributed approaches that minimize the interference and communications in the multi-agent team without the need for a reconnaissance agent. We contribute two partitioning-transportation algorithms inspired by existing algorithms, and contribute one novel online partitioning-transportation algorithm with information gathering in the multi-agent team. Our algorithms have been implemented and tested extensively in the simulation. The results presented in this paper demonstrate the effectiveness of our algorithms that outperform the existing algorithms, even without any communications between the agents and without the presence of a reconnaissance agent.



from cs.AI updates on arXiv.org http://ift.tt/1kQLA4f
via IFTTT

Ravens: Eric Weddle says success will determine fate of his beard, which he shaved for 1st time in 3 years in offseason (ESPN)

from ESPN http://ift.tt/17lH5T2
via IFTTT

Using VPN in the UAE? You'll Be Fined Up To $545,000 If You Get Caught!

If you get caught using a VPN (Virtual Private Network) in Abu Dhabi, Dubai and the broader of United Arab Emirates (UAE), you could face temporary imprisonment and fines of up to $545,000 (~Dhs2 Million). Yes, you heard that right. Online Privacy is one of the biggest challenges in today's interconnected world. The governments across the world have been found to be using the Internet to


from The Hacker News http://ift.tt/2ak0fCN
via IFTTT

Ravens: Rookie RB Kenneth Dixon suffers a Grade 1 MCL strain and is considered day-to-day - Adam Schefter, reports (ESPN)

from ESPN http://ift.tt/17lH5T2
via IFTTT

Anonymous

Anonymous · wordpress-2 | 27th July 2016. Once when I was younger, my friends and I got out of school early so we decided to walk to a close by ...

from Google Alert - anonymous http://ift.tt/2axJ3KF
via IFTTT

Dom. II pt. kal. octobris in festo maternitatis BMV | Anonymous

Ejemp. incompleto and Copia digital. realizada por la Biblioteca de Andalucía.

from Google Alert - anonymous http://ift.tt/2ae8bmy
via IFTTT

QRLJacking — Hacking Technique to Hijack QR Code Based Quick Login System

Do you know that you can access your WeChat, Line and WhatsApp chats on your desktop as well using an entirely different, but fastest authentication system? It's SQRL, or Secure Quick Response Login, a QR-code-based authentication system that allows users to quickly sign into a website without having to memorize or type in any username or password. QR codes are two-dimensional barcodes that


from The Hacker News http://ift.tt/2ayXrUF
via IFTTT

ISS Daily Summary Report – 07/27/16

Biological Rhythms 48 Holter and Actiwatch Removal and Data Save: Upon completion of the Biological Rhythms recording session, today the crewmember removed the Digital Walk Holter Electrocardiogram (ECG) and the Actiwatch Spectrum from his body and saved the data collected from the holter and the multi-media card to the medical laptop. This concluded a series of activities for the Biological Rhythms experiment where two separate 24-hour Actiwatch measurement sessions were performed to study the effects of long-term microgravity exposure on heart functions by analyzing an astronaut’s electrocardiogram for 48 hours. Fluid Shifts Operations: With operator assistance from the ground team, crewmembers continued the first week of the Fluid Shifts experiment run by configuring the Optical Coherence Tomography (OCT) hardware, the Cerebral and Cochlear Fluid Pressure (CCFP) analyzer, and the Distortion Product Otoacoustic Emission (DPOAE) hardware, before completing a DPOAE test, OCT exam, Tonometry exam, and a CCFP test. The Fluids Shift investigation is divided into three segments: Dilution Measures, Baseline Imaging, and Baseline Imaging using the Russian Chibis Lower Body Negative Pressure (LBNP) device. The experiment measures how much fluid shifts from the lower body to the upper body, in or out of cells and blood vessels, and determines the impact these shifts have on fluid pressure in the head, changes in vision and eye structures. Heart Cells Microscope Operations: The crew set up the Heart Cells microscope and removed the BioCell Habitat from the Space Automated Bioproduct Lab (SABL) and the Multiwell BioCell from the BioCell Habitat. These items were inserted into the microscope before conducting Heart Cells operations and placing the Multiwell BioCell back into BioCell Habitat and stowing the BioCell habitat inside SABL-1. The investigation studies the human heart, specifically how heart muscle tissue, contracts, grows and changes (gene expression) in microgravity and how those changes vary between subjects. Understanding how heart muscle cells, or cardiomyocytes, change in space improves efforts for studying disease, screening drugs and conducting cell replacement therapy for future space missions.  Mouse Epigenetics Maintenance Operations: The crew conducted standard maintenance operations by exchanging the food cartridge of the Mouse Habitat Cage Unit and completing Transportation Cage Unit dryout activities. The investigation studies altered gene expression patterns in the organs of male mice that spend one month in space as well as changes in the deoxyribonucleic acid (DNA) of their offspring. Results from the investigation identify genetic alterations that happen after exposure to the microgravity environment of space. Fine Motor Skills: A series of interactive tasks on a touchscreen tablet were completed for the Fine Motor Skills investigation. This investigation is critical during long-duration space missions, particularly those skills needed to interact with technologies required in next-generation space vehicles, spacesuits, and habitats. The crewmember’s fine motor skills are also necessary for performing tasks in transit or on a planetary surface, such as information access, just-in-time training, subsystem maintenance, and medical treatment. Habitability Human Factors Directed Observations: The crew recorded and submitted a walk-through video documenting observations of life onboard ISS, providing insight related to human factors and habitability. The Habitability investigation collects observations about the relationship between crew members and their environment on the ISS. Observations can help spacecraft designers understand how much habitable volume is required, and whether a mission’s duration impacts how much space crew members need. Portable Emergency Provisions (PEPS) Inspection: The crew inspected and confirmed that the Portable Fire Extinguishers (PFEs), Extension Hose Tee Kits (EHTKs), Portable Breathing Apparatuses (PBAs) and Pre-Breathe Masks are all free of damage. This maintenance is scheduled every 45 days to ensure continuous functionality of the units.  SSRMS Operations for Pressurized Mating Adapter 2 (PMA2) Androgynous Peripheral Attachment System (APAS) Inspection – SSRMS ungrappled from SpaceX-9 and used the SSRMS Latch End Effector (LEE) camera to complete the PMA2 APAS inspection in preparation for the International Docking Adapter (IDA) ExtraVehicular Activity (EVA) installation in August. No significant items were noted in the inspection. The PMA2 APAS is Go for IDA installation. Following the PMA2 APAS inspection, the SSRMS was maneuvered to its park position at the pre-grapple for Dragon Flight Release Grapple Fixture (FRGF). Today’s Planned Activities All activities were completed unless otherwise noted. CASKAD. Manual Mixing in Bioreactor / r/g 2888 Fine Motor Skills (FINEMOTR) Test Scheduled monthly maintenance of Central Post Laptop.  Laptop Log-File Downlink. Scheduled monthly maintenance of Central Post Laptop Laptop log-file dump, Handover FLUID SHIFTS Hardware Setup FLUID SHIFTS Unit Activation Fine Motor Skills (FINEMOTR) Test FLUID SHIFTS Measuring Pressure FLUID SHIFTS Ultrasound Scan Operations MOUSE Equipment setup for the experiment Work Prep BLR48 Saving Experiment Data MCRSCPE Hardware Setup FLUID SHIFTS. Ultrasound 2 keyboard operation assistance during scanning DAN. Experiment Tagup with specialists / r/g 2780 DAN. Experiment Operator Assistance / r/g 2780 BLR48 Data Saving XF305 Camcorder Settings Adjustment MOUSE Habitat Cage Unit Maintenance HRTCEL Biocell Sample Insertion into Microscope  Crew Onboard Training (OBT) Self-Assessment Questionnaire HRTCEL Experiment Ops FLUID SHIFTS Test with the use of CCFP Analyzer FLUID SHIFTS  OCT Baseline Exam FLUID SHIFTS. Tonometer Eye Test with Remote Guidance FLUID SHIFTS Distortion Product Otoacoustic Emission (DPOAE) measurement Test FLUID SHIFTS. Hardware Deactivation and Stowage Inspection of Portable Breathing Apparatus (PBA) and Portable Fire Extinguisher (PFE) Verification of ИП-1 Flow Sensor Position MCRSCPE Microscope Exam Ops FLUID SHIFTS. Tonometry Test BIOPLENKA. Removal of cassette No.3-4 from CRYOGEM-03 thermostat, Fixation of Constanta No.3-4 cassette biofilm and setup in ТБУ-В No.04. AQM Cartridge Replacement FLUID SHIFTS. Tonometer Exam Operator FLUID SHIFTS Tonometer Exam FLUID SHIFTS DOFF Exam FLUID SHIFTS. Hardware Removal and Stowage Transfer water from Progress 433 (DC1) Rodnik H2O Tank 1 to SM Rodnik Water Tank 1, Equipment Configuration / r/g 2921 Vacuum cleaning ventilation grille on FGB interior panels (201, 301, 401) PILOT-T. Experiment Ops r/g 2922 Preparing for SM ОДУ СУ БФК command generator R&R (procedure review, tool gathering, and work site setup)  HABIT Habitability Walk-Through Video Transfer water from Progress 433 (DC1) Rodnik H2O Tank 1 to SM Rodnik H2O Tank 1, compressor restart POLAR1 Replacement of consumables MRTIME Installation of Radio TEPC […]

from ISS On-Orbit Status Report http://ift.tt/2apX4dA
via IFTTT

[FD] Saveya Bounty #1 - Bypass & Persistent Vulnerability

Document Title: =============== Saveya Bounty #1 - Bypass & Persistent Vulnerability References (Source): ==================== http://ift.tt/2amN3fR SaveYa ID: 56 Acknowledgements: http://ift.tt/2abTUYl Release Date: ============= 2016-07-26 Vulnerability Laboratory ID (VL-ID): ==================================== 1857 Common Vulnerability Scoring System: ==================================== 3.7 Product & Service Introduction: =============================== As one of the leading gift card exchanges, SaveYa passes along the savings to you by buying unwanted gift cards. In turn, gift cards from many popular retailers are sold at a discount, below face value, and you can save big time on your everyday or one time expenses. Browse or search our extensive list of discounted gift cards for today’s most popular retailers before you make that next big purchase. If you are a shopper on the go, you can download our discount gift card app to save even more instantly. Our one of a kind savings app alerts you before checkout in order to take advantage of potential savings by buying discounted gift cards. (Copy of the Vendor Homepage: https://www.saveya.com/ ) Abstract Advisory Information: ============================== The vulnerability laboratory core research team discovered an application-side input validation vulnerability and filter bypass issue in the Saveya web-application. Vulnerability Disclosure Timeline: ================================== 2016-06-15: Researcher Notification & Coordination (Benjamin Kunz Mejri) 2016-06-17 Vendor Notification (Saveya Security Team - Bug Bounty Program) 2016-06-18: Vendor Response/Feedback (Saveya Security Team - Bug Bounty Program) 2016-07-25: Vendor Fix/Patch (Saveya Site Service Developer Team) 2016-07-26: Public Disclosure (Vulnerability Laboratory) Discovery Status: ================= Published Affected Product(s): ==================== Saveya Product: Saveya - Online Service (Web-Application) 2016 Q2 Exploitation Technique: ======================= Remote Severity Level: =============== Medium Technical Details & Description: ================================ An application-side input validation and mail encode web vulnerability has been discovered in the official Saveya online service web-application. The application-side vulnerability allows remote attacker to inject own malicious script codes to the application-side of the vulnerable module or function. The vulnerability is located in the `Firstname` and `Lastname` parameter values of the `./Register` module POST method request. Remote attackers are able to inject own malicious script codes to the application-side of the profile values. After the registration a confirm and verification email is send by the service with the firstname and lastname values in the message body. Thus values are wrong encoded and can execute persistent injected script codes. The security risk of the application-side mail encode web vulnerability is estimated as medium with a cvss (common vulnerability scoring system) count of 3.8. Exploitation of the persistent input validation web vulnerability requires no privileged web-application user account and low or medium user interaction. Successful exploitation of the vulnerability results in session hijacking, persistent phishing attacks, persistent external redirects to malicious source and persistent manipulation of affected or connected application modules. Request Method(s): [+] POST Vulnerable Module(s): [+] Register - Account Registration SaveYa Vulnerable Parameter(s): [+] Firstname [+] Lastname Affected Module(s): [+] Verify Email [+] Account Congratulation Email Proof of Concept (PoC): ======================= The persistent vulnerability can be exploited by remote attackers without privileged web-application user account and with low user interaction. For security demonstration or to reproduce the vulnerability follow the provided information and steps below to continue. Manual steps to reproduce the vulnerability ... 1. Open the Saveya website 2. Click to Signup module 3. The registration form opens 4. Inject random values and a target attack email to include via POST 5. Inject to the Firstname and Lastname input field values your own malicious script code 6. Save the request via POST submit 7. Check the inbox 8. First the email of the verify arrives and after that the email congratulation account to verify Note: In both emails the persistent injected script code executes in the message body context 9. Successful reproduce of the remote mail encode web vulnerability and input validation issue PoC #1: Welcome Email

Welcome "><"[PERSISTENT INJECTED SCRIPT CODE EXECUTE!]%20%20>"

PoC #2: Congratulations Email Account

Congratulations "><"[PERSISTENT INJECTED SCRIPT CODE EXECUTE!]%20%20>"



Source: Gmail -> IFTTT-> Blogger

[FD] Zoll Checklist v1.2.2 iOS - Multiple Persistent Vulnerabilities

Document Title: =============== Zoll Checklist v1.2.2 iOS - Multiple Persistent Vulnerabilities References (Source): ==================== http://ift.tt/2ausfWm Release Date: ============= 2016-07-27 Vulnerability Laboratory ID (VL-ID): ==================================== 1881 Common Vulnerability Scoring System: ==================================== 3.6 Product & Service Introduction: =============================== The Checklist App is designed to give Fire and EMS agencies the ability to create customized daily, weekly or monthly vehicle checklists to ensure compliance and safety. Through ZOLL Online, you input the stations and vehicles that you will be checking. Then you can create custom vehicle checklist screens; capture employee signatures; and print or email a PDF copy for backup and storing. Download the ZOLL Checklist App from the Apple App Store. (Copy of the Vendor Homepage: http://ift.tt/2az8UTQ http://ift.tt/2abToK2 ) Abstract Advisory Information: ============================== The vulnerability laboratory core research team discovered multiple application-side input validation vulnerabilities in the Zoll GmbH Checklist v1.2.2 mobile iOS application. Vulnerability Disclosure Timeline: ================================== 2016-07-27: Public Disclosure (Vulnerability Laboratory) Discovery Status: ================= Published Affected Product(s): ==================== ZOLL GmbH (ZOLL Data Systems Inc) Product: Checklist App - iOS Mobile (Web-Application) 1.2.2 Exploitation Technique: ======================= Remote Severity Level: =============== Medium Technical Details & Description: ================================ Multiple persistent input validation web vulnerabilities has been discovered in the official Zoll Checklist v1.2.2 mobile iOS application. The vulnerability allows local or remote attackers to inject own malicious script codes on the application-side of the affected vulnerable module. The vulnerability is located in the `name and address` input parameters of the `add item` module. Local attackers are able to inject own malicious script codes to the vulnerable values to compromise the affected `Reports` and `Share by Email` modules. The injection point of the vulnerability are the vulnerable marked input fields and the execution point occurs in the `Reports` on generate of the report and in the `Share by Email` module. Attacker are able to share the malicious generated reports in the complete menu and can as well to send spoofed malicious emails via the local app. The security risk of the application-side vulnerability is estimated as medium with a cvss (common vulnerability scoring system) count of 3.6. Exploitation of the persistent web vulnerability requires a low privileged ios device account with restricted access and without user interaction. Successful exploitation of the vulnerabilities results in persistent phishing mails, session hijacking, persistent external redirect to malicious sources and application-side manipulation of affected or connected module context. Vulnerable Module(s): [+] Add Vulnerable Parameter(s): [+] name [+] address Affected Module(s): [+] Reports - Complete [+] Share via Email Proof of Concept (PoC): ======================= The vulnerability can be exploited by local attackers with a low privileged ios device account or restricted access and with low user interaction. For security demonstration or to reproduce the vulnerability follow the provided information and steps below to continue. Manual steps to reproduce the vulnerability ... 1. Install the vulnerable Zoll Checklist iOS mobile application 2. Open the software 3. Add a new entry as item 4. Inject to the address and name values own malicious test script code 5. Save the entry 6. Let the report get generated to the complete menu 7. Opent the menu choose the report to trigger the application-side injected payload 8. Now, the attacker can as well use the share by email module via click button Note: The context of the report is transfered in html format to the email body context without secure approval 9. The code executes in the email body as second point of execution 10. Successful reproduce of both vulnerabilities in the mobile ios application. POC: Share via Email (HTML)

"><[MALICIOUS INJECTED SCRIPT CODE IN EMAIL VIA NAME!]&gt;&lt;/h1&gt;&lt;table width="100%"&gt;&lt;tr&gt;&lt;td width="50%" class="rowTitle"&gt;Frequency&lt;/td&gt;&lt;td width="50%"&gt; Daily&lt;/td&gt;&lt;/tr&gt;&lt;/table&gt;&lt;h2 class="boxed"&gt;Dates&lt;/h2&gt;&lt;table width="100%"&gt;&lt;tr&gt;&lt;td width="50%" class="rowTitle"&gt;Started&lt;/td&gt;&lt;td width="50%"&gt;23.07.16, 18:46&lt;/td&gt;&lt;/tr&gt;&lt;tr&gt;&lt;td width="50%" class="rowTitle"&gt;Completed&lt;/td&gt;&lt;td width="50%"&gt;23.07.16, 18:47&lt;/td&gt;&lt;/tr&gt;&lt;/table&gt;&lt;h2 class="boxed"&gt;Checks&lt;/ h2&gt;&lt;h2 class="boxed"&gt;Signatures&lt;/h2&gt;&lt;p class="underlined"&gt;Inspector&lt;/p&gt;&lt;table width="100%"&gt;&lt;tr&gt;&lt;td width="50%" class="rowTitle"&gt;Name&lt;/td&gt;&lt;td width="50%"&gt;"&gt;&lt;iframe src=a&gt;%20&lt;iframe&gt;&lt;/td&gt;&lt;/tr&gt;&lt;tr&gt;&lt;td width="50%" class="rowTitle"&gt;Date&lt;/td&gt;&lt;td width="50%"&gt;23.07.16, 18:47&lt;/td&gt;&lt;/tr&gt;& lt;/table&gt;&lt;p&gt;&amp;nbsp;&lt;/p&gt;&lt;p class="underlined"&gt;Reviewer&lt;/p&gt;&lt;table width="100%"&gt;&lt;tr&gt;&lt;td width="50%" class="rowTitle"&gt;Name&lt;/td&gt;&lt;td width="50%"&gt;"&gt; &lt;iframe src=a&gt;%20&lt;iframe&gt;&lt;/td&gt;&lt;/tr&gt;&lt;tr&gt;&lt;td width="50%" class="rowTitle" &gt;Date&lt;/td&gt;&lt;td width="50%"&gt;23.07.16, 18:47&lt;/td&gt;&lt;/tr&gt;&lt;/table&gt;&lt; p&gt;&amp;nbsp;&lt;/p&gt;&lt;p&gt;&amp;nbsp; &lt;/p&gt;&lt;p class="footer"&gt;ZOLL Checklist&lt;/p&gt;&lt;/body&gt;&lt;/html&gt;







Von meinem iPhone gesendet
Solution - Fix & Patch: ======================= The vulnerability can be patched by a secure parse and encode of the vulnerable name and address input fields on the add procedure. Disallow the usage of special chars and script code tags to prevent further persistent injection attacks. Filter the output in the Reports and Share by Email modules of the mobile web-application. Disallow to transmit html context directly inside of the email body header context to share. Security Risk: ============== The security risk of the application-side input validation web vulnerabilities in the mobile web-application are estimated as medium. (CVSS 3.6) Credits & Authors: ================== Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri (bkm@evolution-sec.com) [http://ift.tt/1jnqRwA] Disclaimer & Information: ========================= The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable in any case of damage, including direct, indirect, incidental, consequential loss of business profits or special damages, even if Vulnerability-Lab or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply. We do not approve or encourage anybody to break any licenses, policies, deface websites, hack into databases or trade with stolen data. Domains: http://ift.tt/1jnqRwA - www.vuln-lab.com - http://ift.tt/1kouTut Contact: admin@vulnerability-lab.com - research@vulnerability-lab.com - admin@evolution-sec.com Section: magazine.vulnerability-lab.com - http://ift.tt/1zNuo47 - http://ift.tt/1wo6y8x Social: twitter.com/vuln_lab - http://ift.tt/1kouSqa - http://youtube.com/user/vulnerability0lab Feeds: http://ift.tt/1iS1DH0 - http://ift.tt/1kouSqh - http://ift.tt/1kouTKS Programs: http://ift.tt/1iS1GCs - http://ift.tt/1iS1FyF - http://ift.tt/1oSBx0A Any modified copy or reproduction, including partially usages, of this file requires authorization from Vulnerability Laboratory. Permission to electronically redistribute this alert in its unmodified form is granted. All other rights, including the use of other media, are reserved by Vulnerability-Lab Research Team or its suppliers. All pictures, texts, advisories, source code, videos and other information on this website is trademark of vulnerability-lab team & the specific authors or managers. To record, list, modify, use or edit our material contact (admin@ or research@vulnerability-lab.com) to get a ask permission. Copyright © 2016 | Vulnerability Laboratory - [Evolution Security GmbH]™

Source: Gmail -> IFTTT-> Blogger

[FD] Exponent CMS 2.3.9 - Useraccounts Persistent Vulnerability

Document Title: =============== Exponent CMS 2.3.9 - Useraccounts Persistent Vulnerability References (Source): ==================== http://ift.tt/2ausNvL Release Date: ============= 2016-07-27 Vulnerability Laboratory ID (VL-ID): ==================================== 1886 Common Vulnerability Scoring System: ==================================== 4.5 Product & Service Introduction: =============================== Exponent is a web application that allows site owners to easily create and manage dynamic websites. Unlike other site management tools, Exponent is completely self-contained. No additional applications need to be downloaded by a user to permit them to use Exponent. Everything from user management to site configuration to content editing and approval is done within the system. (Copy of the Vendor Homepage: http://ift.tt/1CTRvbI ) Abstract Advisory Information: ============================== The vulnerability laboratory core research team discovered a persistent input validation vulnerability in the official Exponent v2.3.9 open-source content management system. Vulnerability Disclosure Timeline: ================================== 2016-07-27: Public Disclosure (Vulnerability Laboratory) Discovery Status: ================= Published Affected Product(s): ==================== Exponent Community Product: Exponent - Content Management System (Open Source) 2.3.9 Exploitation Technique: ======================= Remote Severity Level: =============== Medium Technical Details & Description: ================================ An application-side input validation web vulnerability has been discovered in the official Exponent v2.3.9 open-source content management system. The vulnerability allows remote attackers to inject own malicious script codes on the application-side of the vulnerable module or affected function. The vulnerability is located in the `firstname` and `lastname` parameters of the `useraccounts` module. The vulnerable inputs are `realname` and `user`. Remote attackers are able to use the registration to inject own malicious script codes to the backend of the exponent web-application. The injection points are the vulnerable `createuser` and `umgr_editprofile` of the user manager and the execution point occurs in the `useraccounts` module. The request method to inject is POST and the attack vector is persistent on the application-side. The vulnerability can be exploited by local privileged user account or remotly by anonymous users via basic registration. The execute in the useraccounts module occurs on visit of the page module via backend by the administrator account. The security risk of the application-side web vulnerability is estimated as medium with a cvss (common vulnerability scoring system) count of 4.7. Exploitation of the vulnerability requires a low privileged web-application user account (registration or create) and only low user interaction. Successful exploitation of the vulnerability results in session hijacking, persistent phishing attacks, persistent external redirects to malicious source and persistent manipulation of affected or connected application modules. Request Method(s): [+] POST Vulnerable Module(s): [+] createuser (basic user account) [+] umgr_editprofile (admin account) Vulnerable Parameter(s): [+] firstname [+] lastname Affected Module(s): [+] ./useraccounts Proof of Concept (PoC): ======================= The persistent input validation vulnerability can be exploited by remote attackers with privileged web-application user account and with low user interaction. For security demonstration or to reproduce the vulnerability follow the provided information and steps below to continue. Inject: Add or Register Account URL: http://ift.tt/2acXNeP URL: http://ift.tt/2apytpo Execution: User Accounts URL: http://ift.tt/2acYcy7 Manual steps to reproduce the vulnerability ... 1. Open the vulnerable cms website with the affected version 2. Surf to the user registration that is open by default 3. Include as realname and user name a script code payload (firstname & lastname) 4. Save the registration via POST method request Note: The user account arrives visible in the user accounts management of the exponent cms (admin backend) 5. Now the admin login to his application and only needs to watch the user accounts management to execute the payload 6. Successful reproduce of the vulnerability! PoC: User Accounts Management Listing

Source: Gmail -> IFTTT-> Blogger
Real Name 
[REALNAME PERSISTENT SCRIPT CODE EXECUTION!] [USER PERSISTENT SCRIPT CODE EXECUTION!] asdasdasda@mail.com a

[FD] Zortam Media Studio 20.60 - Buffer Overflow Vulnerability

Document Title: =============== Zortam Media Studio 20.60 - Buffer Overflow Vulnerability References (Source): ==================== http://ift.tt/2awkFaz Release Date: ============= 2016-07-27 Vulnerability Laboratory ID (VL-ID): ==================================== 1884 Common Vulnerability Scoring System: ==================================== 6.5 Product & Service Introduction: =============================== Zortam Mp3 Media Studio is a great all-in-one music tool for organizing your Mp3/Karaoke collection for editing Mp3 ID3 tags, ripping your CD, normalizing Mp3, converts Mp3/Wav and Wav/Mp3, to get song lyric and cover arts from the internet and keeping your music collection well organized. (Copy of the Vendor Homepage: http://www.zortam.com/ ) Abstract Advisory Information: ============================== An independent vulnerability laboratory researcher discovered a local buffer overflow vulnerability in the offical Zortam MP3 Media Studio 20.60 software. Vulnerability Disclosure Timeline: ================================== 2016-07-27: Public Disclosure (Vulnerability Laboratory) Discovery Status: ================= Published Affected Product(s): ==================== Exploitation Technique: ======================= Local Severity Level: =============== High Technical Details & Description: ================================ A buffer overflow vulnerability has been discovered in the official Zortam MP3 Media Studio 20.60 software. The vulnerability allows local attackers to overwrite the registers to compromise the local software process. The classic buffer overflow vulnerability is located in the software Zortam mp3. An attacker can manipulate the bit EIP register in order to execute the next instruction of their choice. Attackers are able to for example execute arbitrary codes with process privileges. The attacker includes a large unicode string to overwrite the EIP register of the process. Finally the attacker is able to takeover the process by an overwrite of the active program process to compromise the computer system. The security risk of the buffer overflow vulnerability is estimated as high with a cvss (common vulnerability scoring system) count of 6.5. Exploitation of the vulnerability requires a low privilege or restricted system user account without user interaction. Successful exploitation of the vulnerability results in computer system manipulation and compromise of the computer system. Proof of Concept (PoC): ======================= The buffer overflow vulnerability can be exploited by local attackers with restricted system user account and without user interaction. For security demonstration or to reproduce the vulnerability follow the provided information and steps below to continue. Manual steps to reproduce the vulnerability ... 1. Launch Zortam mp3.exe 2. Run the code in perl and a file format (.txt) will create 3. Click on search media to mp3 4. Open File .(.txt) 5. Copy and paste characters string AAAAAAAAAAA+ ... in input "Selects" and click the button "OK". 6. Software will crash with 7. Successful reproduce of the local buffer overflow vulnerability!

Source: Gmail -> IFTTT-> Blogger

M13: A Great Globular Cluster of Stars


M13 is one of the most prominent and best known globular clusters. Visible with binoculars in the constellation of Hercules, M13 is frequently one of the first objects found by curious sky gazers seeking celestials wonders beyond normal human vision. M13 is a colossal home to over 100,000 stars, spans over 150 light years across, lies over 20,000 light years distant, and is over 12 billion years old. At the 1974 dedication of Arecibo Observatory, a radio message about Earth was sent in the direction of M13. The featured image in HDR, taken through a small telescope, spans an angular size just larger than a full Moon, whereas the inset image, taken by Hubble Space Telescope, zooms in on the central 0.04 degrees. via NASA http://ift.tt/2a9rZrY

Wednesday, July 27, 2016

Almost...


via Instagram http://ift.tt/2a5KYSM

Rockies: OF David Dahl hits first career homer, a solo shot in 6th inning against Orioles' Dylan Bundy (ESPN)

from ESPN http://ift.tt/1eW1vUH
via IFTTT

Polling-systems-based Autonomous Vehicle Coordination in Traffic Intersections with No Traffic Signals. (arXiv:1607.07896v1 [cs.SY])

The rapid development of autonomous vehicles spurred a careful investigation of the potential benefits of all-autonomous transportation networks. Most studies conclude that autonomous systems can enable drastic improvements in performance. A widely studied concept is all-autonomous, collision-free intersections, where vehicles arriving in a traffic intersection with no traffic light adjust their speeds to cross safely through the intersection as quickly as possible. In this paper, we propose a coordination control algorithm for this problem, assuming stochastic models for the arrival times of the vehicles. The proposed algorithm provides provable guarantees on safety and performance. More precisely, it is shown that no collisions occur surely, and moreover a rigorous upper bound is provided for the expected wait time. The algorithm is also demonstrated in simulations. The proposed algorithms are inspired by polling systems. In fact, the problem studied in this paper leads to a new polling system where customers are subject to differential constraints, which may be interesting in its own right.



from cs.AI updates on arXiv.org http://ift.tt/2aeQ52A
via IFTTT

Approximation and Parameterized Complexity of Minimax Approval Voting. (arXiv:1607.07906v1 [cs.DS])

We present three results on the complexity of Minimax Approval Voting. First, we study Minimax Approval Voting parameterized by the Hamming distance $d$ from the solution to the votes. We show Minimax Approval Voting admits no algorithm running in time $\mathcal{O}^\star(2^{o(d\log d)})$, unless the Exponential Time Hypothesis (ETH) fails. This means that the $\mathcal{O}^\star(d^{2d})$ algorithm of Misra et al. [AAMAS 2015] is essentially optimal. Motivated by this, we then show a parameterized approximation scheme, running in time $\mathcal{O}^\star(\left({3}/{\epsilon}\right)^{2d})$, which is essentially tight assuming ETH. Finally, we get a new polynomial-time randomized approximation scheme for Minimax Approval Voting, which runs in time $n^{\mathcal{O}(1/\epsilon^2 \cdot \log(1/\epsilon))} \cdot \mathrm{poly}(m)$, almost matching the running time of the fastest known PTAS for Closest String due to Ma and Sun [SIAM J. Comp. 2009].



from cs.AI updates on arXiv.org http://ift.tt/2afLbWk
via IFTTT

Multiple scan data association by convex variational inference. (arXiv:1607.07942v1 [cs.AI])

Data association, the reasoning over correspondence between targets and measurements, is a problem of fundamental importance in target tracking. Recently, belief propagation (BP) has emerged as a promising method for estimating the marginal probabilities of target/measurement association, providing fast, accurate estimates. The excellent performance of BP in the particular formulation used may be attributed to the convexity of the underlying free energy which it implicitly optimises. This paper studies multiple scan data association problems, i.e., problems that reason over correspondence between targets and several sets of measurements, which may correspond to different sensors or different time steps. We find that the multiple scan extension of the single scan BP formulation is non-convex and demonstrate the undesirable behaviour that can result. A convex free energy is constructed using the recently proposed fractional free energy, and optimised using a primal-dual coordinate ascent. Finally, based on a variational interpretation of joint probabilistic data association (JPDA), we develop a sequential variant of the algorithm that is similar to JPDA, but retains consistency constraints from prior scans. The performance of the proposed methods is demonstrated on a bearings only target localisation problem.



from cs.AI updates on arXiv.org http://ift.tt/2aeQv9u
via IFTTT

Joint Embedding of Hierarchical Categories and Entities for Concept Categorization and Dataless Classification. (arXiv:1607.07956v1 [cs.CL])

Due to the lack of structured knowledge applied in learning distributed representation of cate- gories, existing work cannot incorporate category hierarchies into entity information. We propose a framework that embeds entities and categories into a semantic space by integrating structured knowledge and taxonomy hierarchy from large knowledge bases. The framework allows to com- pute meaningful semantic relatedness between entities and categories. Our framework can han- dle both single-word concepts and multiple-word concepts with superior performance on concept categorization and yield state of the art results on dataless hierarchical classification.



from cs.AI updates on arXiv.org http://ift.tt/2afKVXF
via IFTTT

Behavior and path planning for the coalition of cognitive robots in smart relocation tasks. (arXiv:1607.08038v1 [cs.AI])

In this paper we outline the approach of solving special type of navigation tasks for robotic systems, when a coalition of robots (agents) acts in the 2D environment, which can be modified by the actions, and share the same goal location. The latter is originally unreachable for some members of the coalition, but the common task still can be accomplished as the agents can assist each other (e.g. by modifying the environment). We call such tasks smart relocation tasks (as the can not be solved by pure path planning methods) and study spatial and behavior interaction of robots while solving them. We use cognitive approach and introduce semiotic knowledge representation - sign world model which underlines behavioral planning methodology. Planning is viewed as a recursive search process in the hierarchical state-space induced by sings with path planning signs reside on the lowest level. Reaching this level triggers path planning which is accomplished by state of the art grid-based planners focused on producing smooth paths (e.g. LIAN) and thus indirectly guarantying feasibility of that paths against agent's dynamic constraints.



from cs.AI updates on arXiv.org http://ift.tt/2aeQnGY
via IFTTT

Assisting Drivers During Overtaking Using Car-2-Car Communication and Multi-Agent Systems. (arXiv:1607.08073v1 [cs.AI])

A warning system for assisting drivers during overtaking maneuvers is proposed. The system relies on Car-2-Car communication technologies and multi-agent systems. A protocol for safety overtaking is proposed based on ACL communicative acts. The mathematical model for safety overtaking used Kalman filter to minimize localization error.



from cs.AI updates on arXiv.org http://ift.tt/2afLeBr
via IFTTT

Mining Arguments from Cancer Documents Using Natural Language Processing and Ontologies. (arXiv:1607.08074v1 [cs.AI])

In the medical domain, the continuous stream of scientific research contains contradictory results supported by arguments and counter-arguments. As medical expertise occurs at different levels, part of the human agents have difficulties to face the huge amount of studies, but also to understand the reasons and pieces of evidences claimed by the proponents and the opponents of the debated topic. To better understand the supporting arguments for new findings related to current state of the art in the medical domain we need tools able to identify arguments in scientific papers. Our work here aims to fill the above technological gap.

Quite aware of the difficulty of this task, we embark to this road by relying on the well-known interleaving of domain knowledge with natural language processing. To formalise the existing medical knowledge, we rely on ontologies. To structure the argumentation model we use also the expressivity and reasoning capabilities of Description Logics. To perform argumentation mining we formalise various linguistic patterns in a rule-based language. We tested our solution against a corpus of scientific papers related to breast cancer. The run experiments show a F-measure between 0.71 and 0.86 for identifying conclusions of an argument and between 0.65 and 0.86 for identifying premises of an argument.



from cs.AI updates on arXiv.org http://ift.tt/2anRkkN
via IFTTT

Mining Arguments from Cancer Documents Using Natural Language Processing and Ontologies. (arXiv:1607.08074v1 [cs.AI])

In the medical domain, the continuous stream of scientific research contains contradictory results supported by arguments and counter-arguments. As medical expertise occurs at different levels, part of the human agents have difficulties to face the huge amount of studies, but also to understand the reasons and pieces of evidences claimed by the proponents and the opponents of the debated topic. To better understand the supporting arguments for new findings related to current state of the art in the medical domain we need tools able to identify arguments in scientific papers. Our work here aims to fill the above technological gap.

Quite aware of the difficulty of this task, we embark to this road by relying on the well-known interleaving of domain knowledge with natural language processing. To formalise the existing medical knowledge, we rely on ontologies. To structure the argumentation model we use also the expressivity and reasoning capabilities of Description Logics. To perform argumentation mining we formalise various linguistic patterns in a rule-based language. We tested our solution against a corpus of scientific papers related to breast cancer. The run experiments show a F-measure between 0.71 and 0.86 for identifying conclusions of an argument and between 0.65 and 0.86 for identifying premises of an argument.



from cs.AI updates on arXiv.org http://ift.tt/2anRkkN
via IFTTT

Harmonization of conflicting medical opinions using argumentation protocols and textual entailment - a case study on Parkinson disease. (arXiv:1607.08075v1 [cs.AI])

Parkinson's disease is the second most common neurodegenerative disease, affecting more than 1.2 million people in Europe. Medications are available for the management of its symptoms, but the exact cause of the disease is unknown and there is currently no cure on the market. To better understand the relations between new findings and current medical knowledge, we need tools able to analyse published medical papers based on natural language processing and tools capable to identify various relationships of new findings with the current medical knowledge. Our work aims to fill the above technological gap.

To identify conflicting information in medical documents, we enact textual entailment technology. To encapsulate existing medical knowledge, we rely on ontologies. To connect the formal axioms in ontologies with natural text in medical articles, we exploit ontology verbalisation techniques. To assess the level of disagreement between human agents with respect to a medical issue, we rely on fuzzy aggregation. To harmonize this disagreement, we design mediation protocols within a multi-agent framework.



from cs.AI updates on arXiv.org http://ift.tt/2ab0ayT
via IFTTT

Improving Semantic Embedding Consistency by Metric Learning for Zero-Shot Classification. (arXiv:1607.08085v1 [cs.CV])

This paper addresses the task of zero-shot image classification. The key contribution of the proposed approach is to control the semantic embedding of images -- one of the main ingredients of zero-shot learning -- by formulating it as a metric learning problem. The optimized empirical criterion associates two types of sub-task constraints: metric discriminating capacity and accurate attribute prediction. This results in a novel expression of zero-shot learning not requiring the notion of class in the training phase: only pairs of image/attributes, augmented with a consistency indicator, are given as ground truth. At test time, the learned model can predict the consistency of a test image with a given set of attributes , allowing flexible ways to produce recognition inferences. Despite its simplicity, the proposed approach gives state-of-the-art results on four challenging datasets used for zero-shot recognition evaluation.



from cs.AI updates on arXiv.org http://ift.tt/2aaZvgY
via IFTTT

The Actias system: supervised multi-strategy learning paradigm using categorical logic. (arXiv:1607.08098v1 [cs.DB])

One of the most difficult problems in the development of intelligent systems is the construction of the underlying knowledge base. As a consequence, the rate of progress in the development of this type of system is directly related to the speed with which knowledge bases can be assembled, and on its quality. We attempt to solve the knowledge acquisition problem, for a Business Information System, developing a supervised multistrategy learning paradigm. This paradigm is centred on a collaborative data mining strategy, where groups of experts collaborate using data-mining process on the supervised acquisition of new knowledge extracted from heterogeneous machine learning data models.

The Actias system is our approach to this paradigm. It is the result of applying the graphic logic based language of sketches to knowledge integration. The system is a data mining collaborative workplace, where the Information System knowledge base is an algebraic structure. It results from the integration of background knowledge with new insights extracted from data models, generated for specific data modelling tasks, and represented as rules using the sketches language.



from cs.AI updates on arXiv.org http://ift.tt/2anRgkZ
via IFTTT

Automatically Reinforcing a Game AI. (arXiv:1607.08100v1 [cs.AI])

A recent research trend in Artificial Intelligence (AI) is the combination of several programs into one single, stronger, program; this is termed portfolio methods. We here investigate the application of such methods to Game Playing Programs (GPPs). In addition, we consider the case in which only one GPP is available - by decomposing this single GPP into several ones through the use of parameters or even simply random seeds. These portfolio methods are trained in a learning phase. We propose two different offline approaches. The simplest one, BestArm, is a straightforward optimization of seeds or parame- ters; it performs quite well against the original GPP, but performs poorly against an opponent which repeats games and learns. The second one, namely Nash-portfolio, performs similarly in a "one game" test, and is much more robust against an opponent who learns. We also propose an online learning portfolio, which tests several of the GPP repeatedly and progressively switches to the best one - using a bandit algorithm.



from cs.AI updates on arXiv.org http://ift.tt/2aaZVnv
via IFTTT

A DEMATEL-Based Completion Method for Incomplete Pairwise Comparison Matrix in AHP. (arXiv:1607.08116v1 [math.OC])

Pairwise comparison matrix as a crucial component of AHP, presents the prefer- ence relations among alternatives. However, in many cases, the pairwise comparison matrix is difficult to complete, which obstructs the subsequent operations of the clas- sical AHP. In this paper, based on DEMATEL which has ability to derive the total relation matrix from direct relation matrix, a new completion method for incomplete pairwise comparison matrix is proposed. The proposed method provides a new per- spective to estimate the missing values with explicit physical meaning. Besides, the proposed method has low computational cost. This promising method has a wide application in multi-criteria decision-making.



from cs.AI updates on arXiv.org http://ift.tt/2anRFnn
via IFTTT

Neuromorphic Robot Dream. (arXiv:1607.08131v1 [cs.AI])

In this paper we present the next step in our approach to neurobiologically plausible implementation of emotional reactions and behaviors for real-time autonomous robotic systems. The working metaphor we use is the "day" and the "night" phases of mammalian life. During the "day phase" a robotic system stores the inbound information and is controlled by a light-weight rule-based system in real time. In contrast to that, during the "night phase" information that has been stored is transferred to a supercomputing system to update the realistic neural network: emotional and behavioral strategies.



from cs.AI updates on arXiv.org http://ift.tt/2ab04HJ
via IFTTT

N-opcode Analysis for Android Malware Classification and Categorization. (arXiv:1607.08149v1 [cs.CR])

Malware detection is a growing problem particularly on the Android mobile platform due to its increasing popularity and accessibility to numerous third party app markets. This has also been made worse by the increasingly sophisticated detection avoidance techniques employed by emerging malware families. This calls for more effective techniques for detection and classification of Android malware. Hence, in this paper we present an n-opcode analysis based approach that utilizes machine learning to classify and categorize Android malware. This approach enables automated feature discovery that eliminates the need for applying expert or domain knowledge to define the needed features. Our experiments on 2520 samples that were performed using up to 10-gram opcode features showed that an f-measure of 98% is achievable using this approach.



from cs.AI updates on arXiv.org http://ift.tt/2anRN6A
via IFTTT

Psychologically inspired planning method for smart relocation task. (arXiv:1607.08181v1 [cs.AI])

Behavior planning is known to be one of the basic cognitive functions, which is essential for any cognitive architecture of any control system used in robotics. At the same time most of the widespread planning algorithms employed in those systems are developed using only approaches and models of Artificial Intelligence and don't take into account numerous results of cognitive experiments. As a result, there is a strong need for novel methods of behavior planning suitable for modern cognitive architectures aimed at robot control. One such method is presented in this work and is studied within a special class of navigation task called smart relocation task. The method is based on the hierarchical two-level model of abstraction and knowledge representation, e.g. symbolic and subsymbolic. On the symbolic level sign world model is used for knowledge representation and hierarchical planning algorithm, PMA, is utilized for planning. On the subsymbolic level the task of path planning is considered and solved as a graph search problem. Interaction between both planners is examined and inter-level interfaces and feedback loops are described. Preliminary experimental results are presented.



from cs.AI updates on arXiv.org http://ift.tt/2ab0iOR
via IFTTT

Android Malware Detection Using Parallel Machine Learning Classifiers. (arXiv:1607.08186v1 [cs.CR])

Mobile malware has continued to grow at an alarming rate despite on-going efforts towards mitigating the problem. This has been particularly noticeable on Android due to its being an open platform that has subsequently overtaken other platforms in the share of the mobile smart devices market. Hence, incentivizing a new wave of emerging Android malware sophisticated enough to evade most common detection methods. This paper proposes and investigates a parallel machine learning based classification approach for early detection of Android malware. Using real malware samples and benign applications, a composite classification model is developed from parallel combination of heterogeneous classifiers. The empirical evaluation of the model under different combination schemes demonstrates its efficacy and potential to improve detection accuracy. More importantly, by utilizing several classifiers with diverse characteristics, their strengths can be harnessed not only for enhanced Android malware detection but also quicker white box analysis by means of the more interpretable constituent classifiers.



from cs.AI updates on arXiv.org http://ift.tt/2anRoAT
via IFTTT

Modelling serendipity in a computational context. (arXiv:1411.0440v4 [cs.AI] UPDATED)

Building on a survey of previous theories of serendipity and creativity, we advance a model of serendipitous occurrences, and a definition of the serendipity potential of a system. Practitioners can use these theoretical tools to evaluate a computational system's potential for unexpected behaviour that may have a beneficial outcome. In addition to a quantitative rating of serendipity potential -- which is computed in terms of population-based estimates of chance, curiosity, sagacity, and value -- the model also includes qualitative features that can guide development work. We show how the model is used in three case studies of existing and hypothetical systems, in the context of evolutionary computing, automated programming, and (next-generation) recommender systems. From this analysis, we extract recommendations for practitioners working with computational serendipity, and outline future directions for research.



from cs.AI updates on arXiv.org http://ift.tt/1uoiZWX
via IFTTT

Domain Adaptive Neural Networks for Object Recognition. (arXiv:1409.6041v1 [cs.CV] CROSS LISTED)

We propose a simple neural network model to deal with the domain adaptation problem in object recognition. Our model incorporates the Maximum Mean Discrepancy (MMD) measure as a regularization in the supervised learning to reduce the distribution mismatch between the source and target domains in the latent space. From experiments, we demonstrate that the MMD regularization is an effective tool to provide good domain adaptation models on both SURF features and raw image pixels of a particular image data set. We also show that our proposed model, preceded by the denoising auto-encoder pretraining, achieves better performance than recent benchmark models on the same data sets. This work represents the first study of MMD measure in the context of neural networks.



from cs.AI updates on arXiv.org http://ift.tt/2anRdpp
via IFTTT

Domain Generalization for Object Recognition with Multi-task Autoencoders. (arXiv:1508.07680v1 [cs.CV] CROSS LISTED)

The problem of domain generalization is to take knowledge acquired from a number of related domains where training data is available, and to then successfully apply it to previously unseen domains. We propose a new feature learning algorithm, Multi-Task Autoencoder (MTAE), that provides good generalization performance for cross-domain object recognition.

Our algorithm extends the standard denoising autoencoder framework by substituting artificially induced corruption with naturally occurring inter-domain variability in the appearance of objects. Instead of reconstructing images from noisy versions, MTAE learns to transform the original image into analogs in multiple related domains. It thereby learns features that are robust to variations across domains. The learnt features are then used as inputs to a classifier.

We evaluated the performance of the algorithm on benchmark image recognition datasets, where the task is to learn features from multiple datasets and to then predict the image label from unseen datasets. We found that (denoising) MTAE outperforms alternative autoencoder-based models as well as the current state-of-the-art algorithms for domain generalization.



from cs.AI updates on arXiv.org http://ift.tt/1Jtbal4
via IFTTT

Scatter Component Analysis: A Unified Framework for Domain Adaptation and Domain Generalization. (arXiv:1510.04373v2 [cs.CV] CROSS LISTED)

This paper addresses classification tasks on a particular target domain in which labeled training data are only available from source domains different from (but related to) the target. Two closely related frameworks, domain adaptation and domain generalization, are concerned with such tasks, where the only difference between those frameworks is the availability of the unlabeled target data: domain adaptation can leverage unlabeled target information, while domain generalization cannot. We propose Scatter Component Analyis (SCA), a fast representation learning algorithm that can be applied to both domain adaptation and domain generalization. SCA is based on a simple geometrical measure, i.e., scatter, which operates on reproducing kernel Hilbert space. SCA finds a representation that trades between maximizing the separability of classes, minimizing the mismatch between domains, and maximizing the separability of data; each of which is quantified through scatter. The optimization problem of SCA can be reduced to a generalized eigenvalue problem, which results in a fast and exact solution. Comprehensive experiments on benchmark cross-domain object recognition datasets verify that SCA performs much faster than several state-of-the-art algorithms and also provides state-of-the-art classification accuracy in both domain adaptation and domain generalization. We also show that scatter can be used to establish a theoretical generalization bound in the case of domain adaptation.



from cs.AI updates on arXiv.org http://ift.tt/1Pw9Wf3
via IFTTT

Information retrieval in folktales using natural language processing. (arXiv:1511.03012v1 [cs.CL] CROSS LISTED)

Our aim is to extract information about literary characters in unstructured texts. We employ natural language processing and reasoning on domain ontologies. The first task is to identify the main characters and the parts of the story where these characters are described or act. We illustrate the system in a scenario in the folktale domain. The system relies on a folktale ontology that we have developed based on Propp's model for folktales morphology.



from cs.AI updates on arXiv.org http://ift.tt/1QtxIsp
via IFTTT

Ravens: Terrell Suggs says he's \"got to be smart\" with return from torn Achilles; \"won't be long\" before he's practicing (ESPN)

from ESPN http://ift.tt/17lH5T2
via IFTTT

Ravens: Joe Flacco to wear protective brace on surgically repaired left knee for all practices and regular-season games (ESPN)

from ESPN http://ift.tt/17lH5T2
via IFTTT

Ravens: OT Jake Long visiting Dr. James Andrews to get consultation on his knee; yet to sign contract with Baltimore (ESPN)

from ESPN http://ift.tt/17lH5T2
via IFTTT

LastPass Zero-Day Bug Lets Hackers Steal All Your Passwords

A critical zero-day flaw has been discovered in the popular cloud password manager LastPass that could allow any remote attacker to compromise your account completely. LastPass is a password manager that also available as a browser extension that automatically fills credentials for you. All you need is to remember one master password to unlock all other passwords of your different online


from The Hacker News http://ift.tt/2axtjsi
via IFTTT

I have a new follower on Twitter


Fyrestorm Marketing

USA
https://t.co/Iy0PfwPt1H
Following: 70106 - Followers: 133941

July 27, 2016 at 01:43PM via Twitter http://twitter.com/The_Fyrestorm

Anonymous Hacks Sarah Silverman's Twitter Account

along with a video titled "Anonymous - A Message to Hillary Clinton." The tweet included the hashtags #Hilary4Prison and #Anonymous. Silverman ...

from Google Alert - anonymous http://ift.tt/2ahnIop
via IFTTT

Redirect anonymous users

Users who are not logged-in will be 302 redirected to an absolute URL specified by the admin. Any user who can log in, from admins to subscribers, ...

from Google Alert - anonymous http://ift.tt/2a518vy
via IFTTT

Anonymous caller behind fake bomb alert at Geneva airport

The Geneva prosecutor's office says an anonymous caller set off a false bomb alert that prompted a p...

from Google Alert - anonymous http://ift.tt/2ahoAsU
via IFTTT

Sarah Silverman hacked by Anonymous after backing Hillary Clinton

Confusion abounded Wednesday morning when comedian Sarah Silverman tweeted an anti-Hillary Clinton message just days after voicing support ...

from Google Alert - anonymous http://ift.tt/29ZPw1k
via IFTTT

End of SMS-based 2-Factor Authentication; Yes, It's Insecure!

SMS-based Two-Factor Authentication (2FA) has been declared insecure and soon it might be a thing of the past. Two-Factor Authentication or 2FA adds an extra step of entering a random passcode sent to you via an SMS or call when you log in to your account as an added layer of protection. For example, if you have 2FA enabled on Gmail, the platform will send a six-digit passcode to your mobile


from The Hacker News http://ift.tt/2au4rAz
via IFTTT

ISS Daily Summary Report – 07/26/16

Biological Rhythms 48 Multi Media Card Exchange: The crew stopped the first half of the 24-hour recording that began yesterday and changed out the Multi Media Card and battery of the Digital Walk Holter ECG, then began the second half of the 24-hour recording. The objective of the Japan Aerospace Exploration Agency (JAXA) Biological Rhythms 48 is to study the effects of long-term microgravity exposure on heart function by analyzing an astronaut’s electrocardiogram for 48 hours. Fluid Shifts: Crewmembers continued Fluid Shifts operations by configuring the Refrigerated Centrifuge for sample load operations, conducting body (blood, urine, and saliva) sample collections and stowing the samples in a MELFI (Minus Eighty-degree Freezer for ISS). Fluid Shifts is a joint USOS – Russian experiment that measures how much fluid shifts from the lower body to the upper body, in or out of cells and blood vessels, and determines the impact these shifts have on fluid pressure in the head, changes in vision and eye structures JEM Airlock (JEM AL) Operations: With assistance from the ground team, the crew completed Airlock Control and Display Unit-Remote Control (ACDU-RC) checkout and JEM AL labeling activities. They also removed the Handhold Experiment Platform Adapter from the Multi-Purpose Experiment Platform (MPEP) prior to removing MPEP from the Small Fine Arm (SFA) Airlock Attachment Mechanism (SAM) which is on the JEMAL slide table. This is in preparation for next week’s planned installation of NanoRacks External Platform (NREP). At Home in Space Questionnaire: The crew completed a questionnaire for the Canadian Space Agency (CSA) At Home in Space experiment which assesses culture, values, and psychosocial adaptation of astronauts to a space environment shared by multinational crews on long-duration missions. It is hypothesized that astronauts develop a shared space culture that is an adaptive strategy for handling cultural differences and they deal with the isolated confined environment of the space craft by creating a home in space. At Home in Space investigates individual and culturally related differences, family functioning, values, coping with stress, and post-experience growth.  Microbial Check Valve (MCV) Orbital Replacement Unit (ORU) Remove & Replace (R&R): The Water Processing Assembly (WPA) has been experiencing high pressure faults when in reprocess mode due to high delta pressure across the MCV. The old MCV was installed following a failed R&R in 2015 and was degraded. Today the crew replaced the MCV with a spare delivered on SpX-9. The WPA is currently in process mode and data indicates the delta pressure has returned to normal levels. Transition to the Power Management Control Application (PMCA) and Photovoltaic Control Application (PVCA) R5 Software Suite: The X2 PMPV R5 software transition began over the weekend and continued through today.  Yesterday the software was pushed to the Backup Photovoltaic Control Unit (PVCU) Multiplexer-Demultiplexers (MDMs) [PVCU-3B, PVCU-3A, PVCU-4A and PVCU-2B], which were then transitioned to Primary.  Today the software was pushed to the remaining PVCU MDMs [PVCU-1A, PVCU-1B, PVCU-2A, and PVCU-4B]. After the software loads were completed, the MDMs were transitioned from backup to primary. This returned the MDMs in their final desired Prime/Backup configuration. Dragon Cargo Operations: The crew has unloaded all cargo from the vehicle.  The crew completed 2.5 hours of cargo packing and loading for return. Today’s Planned Activities All activities were completed unless otherwise noted. BIOPLENKA. Removal of cassette No.3-2 from CRYOGEM-03 thermostat, Fixation of Constanta No.3-2 cassette biofilm and setup in ТБУ-В No.04 r/g 2908 FLUID SHIFTS. Saliva Test FLUID SHIFTS. MELFI Urine Sample Insertion FLUID SHIFTS. Urine Sample Collection FLUID SHIFTS. MELFI Urine Sample Insertion FLUID SHIFTS. Basic blood values FLUID SHIFTS Blood Collection FLUID SHIFTS Refrigerated Centrifuge Configuration FLUID SHIFTS. Water Collection from the Galley and taking radioisotope marker BLR48 – starting measurement AHIS Questionnaire Completion FLUID SHIFTS. Refrigerated Centrifuge Spin Conclude FLUID SHIFTS. MELFI Urine Sample Insertion FLUID SHIFTS. Urine Sample Collection XF305 Camcorder Settings Adjustment JEM Airlock Inner Hatch Open Filling (separation) of ЕДВ (КОВ) for Elektron r/g 2851 FLUID SHIFTS. MELFI Urine Sample Insertion CASKAD. Manual Mixing in Bioreactor / r/g 2888 JEM Airlock Monitor JEM AL Slide Table extension to JPM HXP ADPTR Adapter Removal СОЖ Maintenance MPEP Removal of MPEP from Small Fine Arm (SAM) Part 1 JEM Airlock Releasing Capture Mechanism MPEP Removal of MPEP from Small Fine Arm (SAM) (assistance) MPEP Removal of MPEP from Small Fine Arm (SAM) Part 2 BIOCARD. Operator Assistance During the Experiment / r/g 1907 BIOCARD. Experiment  r/g 1907 SSIPC Management / ISS Crew Tagup Virus Definition File Update on Auxiliary Computer System (ВКС) Laptops FLUID SHIFTS Blood Collection FLUID SHIFTS. 3-Hour Blood Collection, Subject SFA  Remove Small Fine Arm (SFA) SAM from JEM AL Slide Table FLUID SHIFTS Refrigerated Centrifuge Configuration FLUID SHIFTS. 3-hour Saliva Collection, Subject FLUID SHIFTS. MELFI Urine Sample Insertion FLUID SHIFTS Cerebral and Cochlear Fluid Pressure (CCFP) Analyzer Device Baseline Setup VIZIR. Fit check assessment for installation of Photo Image Coordinate Reference System  r/g 2907 Replacement of FGB Power Supply System АБ4 Module 800А (A74) unit FLUID SHIFTS. Refrigerated Centrifuge Spin Conclude FLUID SHIFTS. MELFI Urine Sample Insertion SFA Removal of  Small Fine Arm (SFA) Airlock Attachment Mechanism (SAM) from JEM Airlock (AL) Slide Table (assistance) OCT Hardware Setup FLUID SHIFTS Refrigerated Centrifuge Spin Conclude Gathering Microbial Check Valve (MCV) equipment for IFM Access to Microbial Check Valve (MCV) JEM Airlock Monitoring Capture Mechanism motion FLUID SHIFTS. 5-hour Saliva Collection, Subject FLUID SHIFTS. MELFI Urine Sample Insertion FLUID SHIFTS. Urine Sample Collection, Closeout Ops FLUID SHIFTS. MELFI Urine Sample Insertion FLUID SHIFTS. Urine Collection Hardware Stowage JEM Airlock Inner Hatch Closure Health Maintenance System (HMS) Profile of Mood States (POMS) Questionnaire Optical Coherence Tomography (OCT), Operator Optical Coherence Tomography (OCT), Subject MCV Remove and Replace ALGOMETRIA. Experiment Ops / r/g 2911 BIOPLENKA. Fixation of Constanta No.3-3 cassette biofilm and setup in ТБУ-В No.04 r/g 2909 24-hour ECG Monitoring (termination) / r/g 2892 MCV Close-out Ops Disinfectant dump to 2 ЕДВ containers and SM Rodnik H2O Tank 1 bladder compression / r/g 2910 CALCIUM. Experiment Session 6 / r/g 2906 24-hour BP monitoring […]

from ISS On-Orbit Status Report http://ift.tt/2aennCm
via IFTTT