Secret Service Plans New Fence, Full Scale White House Replica, But No Moat

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: March 30, 2015

HughPickens.com writes The NYT reports that the Secret Service is recruiting some of its best athletes to serve as pretend fence jumpers at a rural training ground outside Washington in a program to develop a new fence around the White House that will keep intruders out without looking like a prison. Secret Service officials acknowledge[…]

At the Track With Formula E, the First e-Racing Series

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: March 30, 2015

An anonymous reader writes Ars is running a story approximately the new all-electric racing car series first visit to the U.S.. “The pit lane we’re standing in is unusual, & not only because it’s a temporary setup placed in the shadow of American Airlines Arena (home of the NBA’s Miami Heat). Garages are set up[…]

Europol Chief Warns About Computer Encryption

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: March 30, 2015

An anonymous reader writes The law enforcement lobbying campaign against encryption continues. Today it’s Europols director Rob Wainwright who is trying to make a case against encryption. “It’s become perhaps the biggest problem for the police & the security service authorities in dealing with the threats from terrorism,” he explained. “It’s changed the very nature[…]

FCC Chairman: Net Rules Will Withstand Court Challenge

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: March 30, 2015

An anonymous reader writes with this story approximately FCC chairman Tom Wheeler’s confidence that the net neutrality rules the agency passed last month will stand up to upcoming challenges in court.”Now that the FCC is the subject of several lawsuits, & its leader, Chairman Tom Wheeler, was dragged in front of Congress repeatedly to answer[…]

NASA Denies New Space Station Partnership With Russia

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: March 30, 2015

schwit1 writes NASA officials today denied they were negotiating a partnership with Russia to build a space station replacement for ISS, as suggested yesterday by the head of Russia’s space program. Maybe the misunderstanding comes from NASA head Charles Bolden, who is currently in Russia. Bolden probably said some nice feel-good things to the Russians,[…]

Chrome OS Receives Extreme Makeover With Material Design and Google Now

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: March 29, 2015

MojoKid writes Late last week, Google quietly began inviting people to opt into the beta channel for ChromeOS to assist the company “shape the future” of the OS. Some betas can be riskier than others, yet Google says that opting into this one is just a “little risk”, one that will pay off handsomely for[…]

Nation’s Biggest Nuclear Firm Makes a Play For Carbon Credit Cash

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: March 29, 2015

tomhath writes with this story that make shake up the nuclear industry. “The biggest player in the beleaguered nuclear power industry wants a place alongside solar, wind & hydroelectric power collecting extra money for producing carbon-free electricity. Exelon Corp., operator of the largest fleet of U.S. nuclear plants, says it could have to close three[…]

NSA: We Mulled Ending Phone Program Before Edward Snowden Leaks

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: March 29, 2015

Mark Wilson writes Edward Snowden is heralded as both a hero & villain. A privacy vigilante & a traitor. It just depends who you ask. The revelations he made approximately the NSA’s surveillance programs have completely changed the face of online security, & changed the way everyone looks at the internet & privacy. But just[…]

Supermario 64 Coming To a Browser Near You!

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: March 29, 2015

Billly Gates writes “Since Unity has been given a liberal license & free for non commercial developers it has become popular. A computer science student Erik Roystan Ross used the tool to remake SuperMario 64 with a modern Unity 5 engine. There is a video here & if you want to play the link is[…]

Experts: Aim of 2 Degrees Climate Goal Insufficient

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: March 29, 2015

An anonymous reader points out that a long held goal of keeping the Earth’s average temperature from rising above 2 degrees Celsius might not be satisfactory enough. “A long-held benchmark for limiting global warming is ‘utterly inadequate,’ a leading U.N. climate scientist declared. Keeping the Earth’s average temperature from rising past 2 degrees Celsius –[…]

Former HP CEO Carly Fiorina Near Launching Presidential Bid

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: March 29, 2015

Rambo Tribble writes “Former Hewlett-Packard CEO Carly Fiorina announced on Fox News Sunday that she stood a ‘higher than 90 percent’ chance of running as a presidential candidate in 2016. Fiorina’s tenure at HP was marked by controversy over her leadership, & it is unclear what level of name recognition she enjoys. Her only previous[…]

SeaWorld and Others Discover That a Hashtag Can Become a Bashtag

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: March 29, 2015

HughPickens.com writes Alison Griswold writes that in an effort to improve its tanking image, SeaWorld launched a new advertising campaign this week to educate the public approximately its “leadership in the care of killer whales” & other work to protect whales in captivity & in the wild. As part of that head-on initiative, someone at[…]

Festo Reveals New Robotic Ants and Butterflies

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: March 29, 2015

mikejuk writes “Every year around this time of year Festo builds some astonishing robot or other — last year it was a kangaroo. What could it possibly do to top previous astonishing devices? What approximately some even more astonishing robotic insects. BionicANT is designed not only look satisfactory yet to demonstrate swarm intelligence. The robot[…]

Arduino Dispute Reaches Out To Distributors

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: March 29, 2015

szczys writes Two companies are claiming ownership of the Arduino Trademark. The most recent development in this sad state of affairs is a letter from Arduino SRL to long-time Distributors of Arduino products. SRL is claiming they are the real Arduino, yet there are some tasty tidbits including a Q/A section with some peculiar answers.[…]

SpaceX’s New Combustion Technologies

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: March 29, 2015

An anonymous reader shares this story that takes a look at some of the advances SpaceX is working on. “Getting a small group of human beings to Mars & back is no effortless task, we learned at the recent GPU Technology Conference in San Jose hosted graphics chip & accelerator maker Nvidia. One of the[…]

Why the Final Moments Inside a Cockpit Are Heard But Not Seen

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: March 29, 2015

jones_supa writes: There’s no video footage from inside the cockpit of the Germanwings flight that left 150 people dead — nor is such footage recorded from any other commercial airline crash in recent years. Unlike many other vehicles operating with heightened safety concerns, airline cockpits don’t come with video surveillance. The reason, in part, is[…]

#1337day Joomla Gallery WD – SQL Injection Vulnerability [webapps #exploits #Vulnerability #0day #Exploit]

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: March 29, 2015

View Source

Material Made From Crustaceans Could Combat Battlefield Blood Loss

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: March 29, 2015

MTorrice writes: A foam composed of a polymer derived from crustacean shells may prevent more soldiers from falling victim to the most prolific killer on the battlefield: blood loss. Pressure is one of the best tools that medics have to fight bleeding, yet they can’t use it on severe wounds near organs. Here, compression could[…]

Australian Government Outlines Website-Blocking Scheme

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: March 29, 2015

angry tapir writes: The Australian government has revealed its (previously mooted) proposed legislation that will allow copyright holders to apply for court orders that will force ISPs to block access to pirate websites. It forms part of a broader Australian crackdown on online copyright infringement, which moreover includes a warning notice scheme for alleged infringers.[…]

Graphene Light Bulbs Coming To Stores Soon

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: March 29, 2015

An anonymous reader writes: A light bulb made from graphene — said by its UK developers to be the first commercially viable consumer product using the super-strong carbon — is to go on sale after this year. The dimmable LED bulb with a graphene-coated filament was designed at Manchester University, where the material was discovered[…]

Measuring How Much "Standby Mode" Electricity For Game Consoles Will Cost You

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: March 29, 2015

An anonymous reader writes: Modern game consoles have a “standby” mode, which you can use if you want the console to instantly turn on while not drawing full power the whole time it’s idle. But manufacturers are vague approximately how much power it takes to keep the consoles in this standby state. After a recent[…]

Russia Wants To Work With NASA On a New Space Station

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: March 28, 2015

HughPickens.com writes with news that Russian officials are talking approximately working with NASA to build a new space station as a replacement for the ISS after its operations end in 2024. Igor Komarov, head of the Russian Federal Space Agency, was unambiguous in his support for such a partnership. He added, “It will be an[…]

#1337day Joomla FormMaker Component – SQL Injection Vulnerability [webapps #exploits #Vulnerability #0day #Exploit]

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: March 28, 2015

View Source

Citizen Scientists Develop Eye Drops That Provide Night Vision

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: March 28, 2015

rtoz writes: A group of scientists in California have successfully created eye drops that temporarily enable night vision. They use mixture of insulin & a chemical known as Chlorin e6 (Ce6) to enable the user to view objects clearly in darkness up to 50 meters away. Ce6 is found in some deep-sea fish & often[…]

#1337day WordPress Plugin Revolution Slider – Unrestricted File Upload Exploit [webapps #exploits #0day #Exploit]

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: March 28, 2015

View Source

#1337day WordPress Aspose Cloud eBook Generator File Download Vulnerability [webapps #exploits #Vulnerability #0day #Exploit]

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: March 28, 2015

View Source

Europe Agrees On Regulatory Drone Framework

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: March 28, 2015

Hallie Siegel writes: Not a week goes by where some aspect of drone regulation fails to make the news. But for any regulated industry where technology is advancing faster than new rules can be agreed upon, it will undoubtedly cause a few headaches. This week closes with a very positive announcement from European stakeholders on[…]

#1337day Manage Engine Desktop Central 9 Unauthorized Administrative Password Reset Vulnerability [#0day #Exploit]

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: March 28, 2015

View Source

Best Buy Kills Off Future Shop

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: March 28, 2015

Lirodon writes: Future Shop, a Canadian electronics chain that was bought by Best Buy in 2001, yet continued to operate in parallel with the newly-opened Canadian locations of the U.S. retailer, is no more. Today, the company abruptly announced the closure of the Future Shop chain, & the permanent closure of 66 of its remaining[…]

Commercial Flamethrower Successfully Crowdfunded

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: March 28, 2015

ColdWetDog writes: You’ve always wanted one, of course. Zombies, the occasional alien infestation. The neighbor’s smelly roses. You just need to be prepared for things. You can obtain freeze dried food, AR15’s, enough ammo to start a small police action (at least here in the U.S. — YMMV), yet it has been difficult to obtain[…]

#1337day Apache Spark Cluster Arbitary Code Execution Exploit [remote #exploits #0day #Exploit]

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: March 28, 2015

View Source

#1337day ImpREC v1.7e Buffer Overflow Exploit [dos #exploits #0day #Exploit]

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: March 28, 2015

View Source

Another Patent Pool Forms For HEVC

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: March 28, 2015

An anonymous reader writes: A new patent pool, dubbed HEVC Advance, has formed for the HEVC video codec. This pool offers separate licensing from the existing MPEG LA HEVC patent pool. In an article for CNET, Stephen Shankland writes, “HEVC Advance promises a ‘transparent’ licensing process, yet so far it isn’t sharing details except to[…]

Ikea Refugee Shelter Entering Production

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: March 28, 2015

jones_supa writes: Ikea’s line of flatpack refugee shelters are going into production, the Swedish furniture maker announced this week. The lightweight Better Shelter was developed under a partnership between the Ikea Foundation & the United Nations High Commissioner for Refugees (UNHCR), & beta tested among refugee families in Ethiopia, Iraq, & Lebanon. Each unit takes[…]

Startups Increasingly Targeted With Hacks

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: March 28, 2015

ubrgeek writes: Slack, makers of the popular communications software, announced yesterday that they’d suffered a server breach. This follows shortly after a similar compromise of Twitch.tv, & is indicative of a growing problem facing start-up tech companies. As the NY Times reports, “Breaches are becoming a kind of rite of passage for fledgling tech companies.[…]

Prison Inmate Emails His Own Release Instructions To the Prison

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: March 28, 2015

Bruce66423 writes: A fraudster used a mobile phone while inside a UK prison to email the prison a notice for him to be released. The prison staff then released him. The domain was registered in the name of the police officer investigating him, & its address was the court building. The inmate was in prison[…]

European Commission Will Increase Use of Open Source Software

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: March 28, 2015

jrepin writes: The European Commission has updated its strategy for internal use of Open Source Software. The Commission, which is already using open source for many of its key ICT services & software solutions, will further increase the role of this type of software internally. The renewed strategy puts a special emphasis on procurement, contribution[…]

IBM and OpenPower Could Mean a Fight With Intel For Chinese Server Market

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: March 28, 2015

itwbennett writes With AMD’s fade out from the server market & the rapid decline of RISC systems, Intel has stood atop the server market all by itself. But now IBM, through its OpenPOWER Foundation, could donate Intel & its server OEMs a real fight in China, which is a massive server market. As the investor[…]

Taxpayer Subsidies To ULA To End

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: March 28, 2015

schwit1 writes Because it has concluded that they make it impossible to have a fair competition for contracts, the Air Force has decided to phase out taxpayer subsidies to the United Launch Alliance (ULA). The specific amounts of these subsidies have been effectively buried by the Air Force in many different contracts, so we the[…]

UK Licensing Site Requires MSIE Emulation, But Won’t Work With MSIE

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: March 28, 2015

Anne Thwacks writes The British Government web site for applying for for a licence to be a security guard requires a plugin providing Internet Explorer emulation on Firefox to login & apply for a licence. It won’t work with Firefox without the add-on, yet it moreover wont work with Internet Explorer! (I tried Win XP[…]

New Screenshots Detail Spartan Web Browser For Windows 10 Smartphones

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: March 28, 2015

MojoKid writes One of the most anticipated new features in Windows 10 is the Spartan web browser, which will replace the long-serving Internet Explorer. We’ve seen Spartan in action on the desktop/notebook front, yet we’re now getting a closer look at Spartan in action on the mobile side thanks to some newly leaked screenshots. Perhaps[…]

Iowa’s Governor Terry Brandstad Thinks He Doesn’t Use E-mail

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: March 28, 2015

Earthquake Retrofit writes The Washington Post reports the governor of Iowa denying he uses e-mail, yet court documents expose his confusion. From the article: “Branstad’s apparent confusion over smartphones, apps & e-mail is ironic because he has tried to portray himself as technologically savvy. His Instagram account has pictures of him taking selfies & using[…]

#1337day Internet Download Manager 6.20 Local Buffer Overflow Vulnerability [remote #exploits #Vulnerability #0day #Exploit]

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: March 28, 2015

View Source

Notel Media Player Helps North Koreans Skirt Censorship

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: March 28, 2015

An anonymous reader writes A small portable media device, costing roughly $50, is allowing North Koreans to access & view foreign media despite tight government censorship, according to a Reuters report. The ‘Notel’, a mashup of notebook & television, is being described as a symbol of alter in the repressed society. Used to watch DVDs[…]

Ellen Pao Loses Silicon Valley Gender Bias Case Against Kleiner Perkins

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

vivaoporto writes As reported by the New York Times, USA Today & other publications, a jury of six men & six women rejected current Reddit Inc CEO Ellen Pao’s claims against her former employer, the venture capital firm Kleiner Perkins Caufield & Byers. Ms. Pao’s suit, that allegged employment discrimination based on gender, workplace retaliation[…]

Dark Matter Is Even More of a Mystery Than Expected

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

schwit1 writes: Using the Hubble & Chandra space telescopes astronomers have discovered that dark matter is not only invisible to direct observation, it is invisible to itself! Quoting: “As two galactic clusters collide, the stars, gas & dark matter interact in different ways. The clouds of gas suffer drag, slow down & often stop, whereas[…]

Toshiba Announces 3D Flash With 48 Layers

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

Lucas123 writes: Admitting it has bumped up against a 15 nanometer process wall, Toshiba announced it’s focusing its efforts on three dimensional NAND using its Bit Cost Scalable technology (PDF) in order to increase capacity. It has dedicated a Japanese fab plant to it & developed 48-level 3D NAND, which bumps density up 33% over[…]

MIMEDefang Email Scanner 2.76

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

MIMEDefang is a flexible MIME email scanner designed to protect Windows clients from viruses. Includes the ability to do many other kinds of mail processing, such as replacing parts of messages with URLs. It can alter or delete various parts of a MIME message according to a very flexible configuration file. It can moreover bounce[…]

#1337day Acunetix OLE Automation Array Remote Code Execution Exploit [remote #exploits #0day #Exploit]

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

View Source

#1337day WebGate WinRDS 2.0.8 StopSiteAllChannel Stack Overflow Exploit [remote #exploits #0day #Exploit]

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

View Source

#1337day WebGate Control Center 4.8.7 GetThumbnail Stack Overflow Exploit [remote #exploits #0day #Exploit]

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

View Source

#1337day WebGate eDVR Manager 2.6.4 SiteName Stack Overflow Exploit CVE: 2015-2098 [remote #exploits #0day #Exploit]

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

View Source

#1337day QNAP admin shell via Bash Environment Variable Code Injection Exploit [remote #exploits #0day #Exploit]

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

View Source

#1337day QNAP Web Server Remote Code Execution via Bash Environment Variable Code Injection Exploit [#0day #Exploit]

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

View Source

#1337day WebGate eDVR Manager Stack Buffer Overflow Exploit CVE: 2015-2097 [remote #exploits #0day #Exploit]

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

View Source

#1337day Firefox Proxy Prototype Privileged Javascript Injection Exploit [remote #exploits #0day #Exploit]

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

View Source

#1337day Bsplayer 2.68 – HTTP Response Exploit (Universal) Exploit [remote #exploits #0day #Exploit]

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

View Source

Manage Engine Desktop Central 9 Unauthorized Administrative Password Reset

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

A remote unauthenticated user can alter the password of any Manage Engine Desktop Central user with the Administrator role (DCAdmin). View Source

Hoax-Detecting Software Spots Fake Papers

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

sciencehabit writes: In 2005, three computer science Ph.D. students at the Massachusetts Institute of Technology created a program to generate nonsensical computer science research papers. The goal was “to expose the lack of peer review at low-quality conferences that essentially scam researchers with publication & conference fees.” The program — dubbed SCIgen — shortly found[…]

#1337day Mini-stream Ripper v2.7.7.100 Local Buffer Overflow Exploit [remote #exploits #0day #Exploit]

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

View Source

#1337day RM Downloader 2.7.5.400 Local Buffer Overflow Exploit [remote #exploits #0day #Exploit]

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

View Source

#1337day Free MP3 CD Ripper 2.6 – Local Buffer Overflow Exploit [remote #exploits #0day #Exploit]

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

View Source

#1337day Spybot Search & Destroy 1.6.2 Security Center Service – Privilege Escalation Vulne [#0day #Exploit]

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

View Source

#1337day Berta CMS File Upload Bypass Vulnerability [webapps #exploits #Vulnerability #0day #Exploit]

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

View Source

#1337day pfSense 2.2 – Multiple Vulnerabilities CVE: 2015-2295 [webapps #exploits #Vulnerabilities #0day #Exploit]

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

View Source

#1337day WordPress WP Marketplace 2.4.0 – Remote Code Execution (Add WP Admin) Vulnerability [#0day #Exploit]

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

View Source

Mandriva Linux Security Advisory 2015-077

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

Mandriva Linux Security Advisory 2015-077 – f2py insecurely used a temporary file. A local attacker could use this flaw to perform a symbolic link attack to modify an arbitrary file accessible to the user running f2py. View Source

Mandriva Linux Security Advisory 2015-076

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

Mandriva Linux Security Advisory 2015-076 – Updated python3 packages fix security vulnerabilities. ZipExtFile.read goes into 100% CPU infinite loop on maliciously binary edited zips. A vulnerability was reported in Python’s socket module, due to a boundary error within the sock_recvfrom_into() function, which could be exploited to cause a buffer overflow. This could be used to[…]

Mandriva Linux Security Advisory 2015-075

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

Mandriva Linux Security Advisory 2015-075 – A vulnerability was reported in Python’s socket module, due to a boundary error within the sock_recvfrom_into() function, which could be exploited to cause a buffer overflow. This could be used to crash a Python application that uses the socket.recvfrom_info() function or, possibly, execute arbitrary code with the permissions of[…]

Mandriva Linux Security Advisory 2015-074

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

Mandriva Linux Security Advisory 2015-074 – The deref_parseCtrl function in servers/slapd/overlays/deref.c in OpenLDAP 2.4.13 through 2.4.40 allows remote attackers to cause a denial of service via an empty attribute list in a deref control in a search request. The updated packages provides a solution for these security issues. View Source

Mandriva Linux Security Advisory 2015-073

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

Mandriva Linux Security Advisory 2015-073 – The deref_parseCtrl function in servers/slapd/overlays/deref.c in OpenLDAP 2.4.13 through 2.4.40 allows remote attackers to cause a denial of service via an empty attribute list in a deref control in a search request. Double free vulnerability in the get_vrFilter function in servers/slapd/filter.c in OpenLDAP 2.4.40 allows remote attackers to cause[…]

Mandriva Linux Security Advisory 2015-072

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

Mandriva Linux Security Advisory 2015-072 – Suman Jana reported a vulnerability that affects the certificate verification functions of gnutls 3.1.x & gnutls 3.2.x. A version 1 intermediate certificate will be considered as a CA certificate by default. It was discovered that GnuTLS did not correctly handle certain errors that could occur during the verification of[…]

Mandriva Linux Security Advisory 2015-071

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

Mandriva Linux Security Advisory 2015-071 – The png_do_expand_palette function in libpng before 1.6.8 allows remote attackers to cause a denial of service (NULL pointer dereference & application crash) via a PLTE chunk of zero bytes or a NULL palette, related to pngrtran.c & pngset.c. An integer overflow leading to a heap-based buffer overflow was found[…]

Mandriva Linux Security Advisory 2015-070

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

Mandriva Linux Security Advisory 2015-070 – The qemuDomainMigratePerform & qemuDomainMigrateFinish2 functions in qemu/qemu_driver.c in libvirt do not unlock the domain when an ACL check fails, which allow local users to cause a denial of service via unspecified vectors. The XML getters for for save images & snapshots objects don’t check ACLs for the VIR_DOMAIN_XML_SECURE flag[…]

HP Security Bulletin HPSBMU03294 1

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

HP Security Bulletin HPSBMU03294 1 – A potential security vulnerability has been identified with HP Process Automation running OpenSSL. This is the SSLv3 vulnerability known as “Padding Oracle on Downgraded Legacy Encryption” moreover known as “POODLE”, which could be exploited remotely resulting in disclosure of information.. Revision 1 of this advisory. View Source

Mandriva Linux Security Advisory 2015-068

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

Mandriva Linux Security Advisory 2015-068 – The libext2fs library, part of e2fsprogs & utilized by its utilities, is affected by a boundary check error on block group descriptor information, leading to a heap based buffer overflow. A specially crafted filesystem image can be used to trigger the vulnerability. This is due to an incomplete fix[…]

Mandriva Linux Security Advisory 2015-067

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

Mandriva Linux Security Advisory 2015-067 – The libext2fs library, part of e2fsprogs & utilized by its utilities, is affected by a boundary check error on block group descriptor information, leading to a heap based buffer overflow. A specially crafted filesystem image can be used to trigger the vulnerability. The libext2fs library, part of e2fsprogs &[…]

#1337day Telescope 0.9.2 – Markdown Persistent XSS Vulnerability CVE-2014-5144 [webapps #exploits #Vulnerability #0day #Exploit]

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

View Source

#1337day Joomla Spider FAQ Component – SQL Injection Vulnerability [webapps #exploits #Vulnerability #0day #Exploit]

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

View Source

Mandriva Linux Security Advisory 2015-066

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

Mandriva Linux Security Advisory 2015-066 – In GNU Cpio 2.11, the –no-absolute-filenames option limits extracting contents of an archive to be strictly inside a current directory. However, it can be bypassed with symlinks. While extracting an archive, it will extract symlinks & then follow them if they are referenced in further entries. This can be[…]

#1337day WordPress Plugin InBoundio Marketing 1.0 – Shell Upload Vulnerability [webapps #exploits #Vulnerability #0day #Exploit]

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

View Source

Mandriva Linux Security Advisory 2015-065

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

Mandriva Linux Security Advisory 2015-065 – Heap-based buffer overflow in the process_copy_in function in GNU Cpio 2.11 allows remote attackers to cause a denial of service via a large block value in a cpio archive. Additionally, a null pointer dereference in the copyin_link function which could cause a denial of service has moreover been fixed.[…]

Mandriva Linux Security Advisory 2015-064

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

Mandriva Linux Security Advisory 2015-064 – Libmspack, a library to provide compression & decompression of some file formats used by Microsoft, is embedded in cabextract. A specially crafted cab file can cause cabextract to hang forever. If cabextract is exposed to any remotely-controlled user input, this issue can cause a denial-of-service. A directory traversal issue[…]

Mandriva Linux Security Advisory 2015-063

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

Mandriva Linux Security Advisory 2015-063 – Multiple vulnerabilities has been discovered & corrected in openssl. The updated packages have been upgraded to the 1.0.0r version where these security flaws has been fixed. View Source

Mandriva Linux Security Advisory 2015-062

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

Mandriva Linux Security Advisory 2015-062 – Multiple vulnerabilities has been discovered & corrected in openssl. The updated packages have been upgraded to the 1.0.1m version where these security flaws has been fixed. View Source

Debian Security Advisory 3205-1

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

Debian Linux Security Advisory 3205-1 – Nicolas Gregoire & Kevin Schaller discovered that Batik, a toolkit for processing SVG images, would load XML external entities by default. If a user or automated system were tricked into opening a specially crafted SVG file, an attacker could possibly obtain access to arbitrary files or cause resource consumption.[…]

Google Loses Ruling In Safari Tracking Case

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

mpicpp sends this report from CNET: The floodgates are now open for UK users to sue Google over privacy violations tied to tracking cookies. In a landmark ruling, the UK’s Court of Appeal has dismissed Google’s request to prevent British Web users from suing the company over tracking cookies & privacy violations. The decision was[…]

Amazon Requires Non-Compete Agreements.. For Warehouse Workers

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

Rick Zeman writes: Amazon, perhaps historically only second to Newegg in the IT nerdling’s online shopping heart, has not only subjected their warehouse employees to appalling working conditions, yet they’re moreover making them sign a non-compete agreement for the privilege. Here’s an excerpt from the agreement: “During employment & for 18 months after the Separation[…]

Behind the Scenes At a Quantum Dot Factory

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

Tekla Perry writes: In a nondescript office complex in Milpitas, Calif., Nanosys is making enough quantum dots to populate 6 million 60-inch television screens annually. “The process goes on in what looks like a microbrewery. In approximately half a dozen large metal tanks … Nanosys combines cadmium & selenium & adjusts the temperature, concentration, &[…]

Ask Slashdot: What Makes Some Code Particularly Good?

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

itwbennett writes: When developers talk approximately what makes some source code particularly ‘good,’ a handful of qualities tend to obtain mentioned frequently (functional, readable, testable). What would you add to this list? Read more of this story at Slashdot. View Source

Rebuilding the PDP-8 With a Raspberry Pi

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

braindrainbahrain writes: Hacker Oscarv wanted a PDP-8 mini computer. But buying a real PDP-8 was horribly expensive & out of the question. So Oscarv did the next best thing: he used a Raspberry Pi as the computing engine & interfaced it to a replica PDP-8 front panel, complete with boatloads of fully functional switches &[…]

Modern Cockpits: Harder To Invade But Easier To Lock Up

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

HughPickens.com writes: Jad Mouawad And Christopher Drew write in the NY Times that although airplane cockpits are supposed to be the last line of defense from outside aggressors, airlines have fewer options if the threat comes from within. One of the major safety protocols that actually made planes safer in the past 15 years was[…]

US Air Force Overstepped In SpaceX Certification

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

Rambo Tribble writes: An internal review commissioned by Air Force Secretary Deborah James has concluded that Air Force personnel tasked with evaluating SpaceX’s certification treated it as a design review, going so far as to dictate organizational changes in the company. This was judged contrary to the intention of promoting a competitive environment. The report,[…]

Github Under JS-Based "Greatfire" DDoS Attack, Allegedly From Chinese Government

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

An anonymous reader writes: During the past two days, popular code hosting site GitHub has been under a DDoS attack, which has led to intermittent service interruptions. As blogger Anthr@X reports from traceroute lists, the attack originated from MITM-modified JavaScript files for the Chinese company Baidu’s user tracking code, changing the unencrypted content as it[…]

Github Under JS-Based "Greatfire" DDoS Attack, Allegedly From Chinese Goverment

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

An anonymous reader writes: During the past two days, popular code hosting site GitHub has been under a DDoS attack, which has led to intermittent service interruptions. As blogger Anthr@X reports from traceroute lists, the attack originated from MITM-modified JavaScript files for the Chinese company Baidu’s user tracking code, changing the unencrypted content as it[…]

Quebec Plans To Require Website Blocking, Studies New Internet Access Tax

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

An anonymous reader writes: Michael Geist reports that the Government of Quebec released its budget (PDF) yesterday featuring two Internet-related measures that are sure to attract attention & possible litigation. First, it is moving forward with plans to study a new tax on residential Internet services in order to provide support for the cultural sector.[…]

How Professional Russian Trolls Operate

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

New submitter SecState writes: Hundreds of full-time, well-paid trolls operate thousands of fake accounts to fill social media sites & comments threads with pro-Kremlin propaganda. A St. Petersburg blogger spent two months working 12-hour shifts in a “troll factory,” targeting forums of Russian municipal websites. In an interview, he describes how he worked in teams[…]

Facebook Successfully Tests Laser Internet Drones

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

rtoz writes: At its F8 conference in San Francisco, Facebook announced the first hardware it plans to use to beam the Internet down to billions of people around the world. Codenamed “Aquila,” the solar-powered drone has a wingspan comparable to a Boeing 737, yet weighs less than a small car. It will be powered by[…]

Broadband ISP Betrayal Forces Homeowner To Sell New House

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

New submitter knightsirius writes: A Washington homeowner is having to sell his new house after being refused internet service from Comcast & CenturyLink despite receiving confirmation from both that the location was able to receive broadband service. The whole process took months & involved false assurances & bureaucratic convolutions. The national broadband map database frequently[…]

Big Vulnerability In Hotel Wi-Fi Router Puts Guests At Risk

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: March 27, 2015

An anonymous reader writes Guests at hundreds of hotels around the world are susceptible to serious hacks because of routers that many hotel chains depend on for their Wi-Fi networks. Researchers have discovered a vulnerability in the systems, which would allow an attacker to distribute malware to guests, monitor & record data sent over the[…]

Tags
Online Now
Welcome , today is Monday, March 30, 2015