AIEngine 1.0

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: November 24, 2014

AIEngine is a packet inspection engine with capabilities of learning without any human intervention. It helps network/security professionals to identify traffic & develop signatures for use them on NIDS, Firewalls, Traffic classifiers & so on. View Source

#1337day Atrax Botnet Shell Upload Vulnerability [webapps #exploits #Vulnerability #0day #Exploit]

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: November 24, 2014

View Source

#1337day iBanking botnet Shell Upload Vulnerability [webapps #exploits #Vulnerability #0day #Exploit]

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: November 24, 2014

View Source

#1337day tcpdump 4.6.2 Geonet Decoder Denial of Service Vulnerability [dos #exploits #Vulnerability #0day #Exploit]

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: November 24, 2014

View Source

Maligno 1.4

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: November 24, 2014

Maligno is an open source penetration testing tool written in python, that serves Metasploit payloads. It generates shellcode with msfvenom & transmits it over HTTP or HTTPS. The shellcode is encrypted with AES & encoded with Base64 prior to transmission. View Source

Book Review: Bulletproof SSL and TLS

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 24, 2014

benrothke writes If SSL is the emperor’s new clothes, then Ivan Ristic in Bulletproof SSL & TLS has shown that perhaps the emperor isn’t wearing anything at all. There is a perception that if a web site is SSL secured, then it’s indeed secure. Read a few pages in this significant book, & the SSL[…]

Ubuntu Security Notice USN-2414-1

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: November 24, 2014

Ubuntu Security Notice 2414-1 – Tim Brown & Darron Burton discovered that KDE-Runtime incorrectly handled input validation. An attacker could possibly use this issue to execute arbitrary javascript. View Source

LinkedIn Study: US Attracting Fewer Educated, Highly Skilled Migrants

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 24, 2014

vinces99 writes The U.S. economy has long been powered in part by the nation’s ability to attract the world’s most educated & skilled people to its shores. But a new study of the worldwide migration of professionals to the U.S. shows a sharp drop-off in its proportional share of those workers – raising the question[…]

Married Woman Claims Facebook Info Sharing Created Dating Profile For Her

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 24, 2014

jenningsthecat writes A happily married Ontario woman was shocked & dismayed last January to discover that she had an active account with dating site Zoosk.com. Mari Sherkin saw a pop-up ad on Facebook for Zoosk, yet wasn’t interested, so she “clicked on the X to close it. At least I thought I did.” She immediately[…]

Red Hat Security Advisory 2014-1894-01

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: November 24, 2014

Red Hat Security Advisory 2014-1894-01 – Chromium is an open-source web browser, powered by WebKit. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash or, potentially, execute arbitrary code with the privileges of the user running Chromium. A flaw was found in[…]

Gentoo Linux Security Advisory 201411-10

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: November 24, 2014

Gentoo Linux Security Advisory 201411-10 – Multiple vulnerabilities have been found in Asterisk, the worst of which could lead to Denial of Service. Versions less than 11.13.1 are affected. View Source

Interviews: Ask the Hampton Creek Team About the Science and Future of Food

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 24, 2014

samzenpus writes Hampton Creek is a food technology company that makes food healthier by utilizing a specially made egg substitute in food products. The company was selected by Bill Gates to be featured on his website in a story called, The Future of Food, & has raised $30 million in funding. Hampton Creek’s latest product[…]

Nuclear Weapons Create Their Own Security Codes With Radiation

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 24, 2014

Zothecula writes “Nuclear weapons are a paradox. No one in their right mind wants to use one, yet if they’re to act as a deterrent, they need to be accessible. The trick is to make sure that access is only available to those with the proper authority. To prevent a real life General Jack D[…]

NASA Offering Contracts To Encourage Asteroid Mining

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 24, 2014

An anonymous reader writes “Two private companies, Deep Space Industries & Planetary Resources, have received contracts from NASA to study asteroid redirection & will pursue their plans of asteroid mining. From the article: “Deep Space Industries is planning to build a number of dense spacecrafts called FireFlies, & they plan on sending the satellites on[…]

Red Hat Security Advisory 2014-1893-01

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: November 24, 2014

Red Hat Security Advisory 2014-1893-01 – The libXfont packages provide the X.Org libXfont runtime library. X.Org is an open source implementation of the X Window System. A use-after-free flaw was found in the way libXfont processed certain font files when attempting to add a new directory to the font path. A malicious, local user could[…]

Ohio College Building Indoor Drone Pavilion

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 24, 2014

First time accepted submitter Greenargie points out this story approximately an indoor flying pavilion for drones being built at a college in southwestern Ohio. An indoor flying pavilion for students to test & fly drones will be built at a college in southwestern Ohio. Sinclair Community College officials say the 40-foot high pavilion resembling a[…]

Class-Action Suit Claims Copyright Enforcement Company Made Harassing Robo-calls

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 24, 2014

An anonymous reader writes Morgan Pietz, one of the lawyers who took on Prenda Law, has a new target in his sights: copyright enforcement company, Rightscorp. In a class action suit (pdf) Pietz claims the company made illegal, harassing robo-calls to people who were accused of illegal downloading & by doing so Rightscorp broke the[…]

Apple To Donate Profit Portion From Black Friday For AIDS Fight

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 24, 2014

An anonymous reader writes Apple will donate a portion of their sales from online & retail stores on Cyber Monday & Black Friday as a contribution to the worldwide fight against AIDS. Apple kicks off a two-week fundraising campaign for RED, the charity started by U2 lead singer Bono & Bobby Shriver. It includes 25[…]

Multi-National Crew Reaches Space Station

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 24, 2014

An anonymous reader writes A Russian capsule carrying three astronauts from Russia, the United States & Italy has blasted off for the International Space Station. Aboard the capsule are Russian Anton Shkaplerov, Nasa’s Terry Virts & European Space Agency astronaut Samantha Cristoforetti, Italy’s first female astronaut. “I think that 100 years from now, 500 years[…]

Multiple Manufacturers Push Hydrogen Fuel Cell Cars, But Can They Catch Tesla?

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 24, 2014

MojoKid writes After years of working on prototype vehicles, multiple car companies have announced a major push for hydrogen fuel cell automobiles. At the LA Auto Show last week, Toyota showed off its Mirai, a four-door passenger sedan with a $57,500 base sticker price & a hydrogen-only fuel system. Honda recently delayed its hydrogen-powered FCX[…]

Cops 101: NYC High School Teaches How To Behave During Stop-and-Frisk

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 24, 2014

HughPickens.com writes Kate Briquelet reports in the NY Post that Principal Mark Federman of East Side Community HS has invited the New York Civil Liberties Union to donate a two-day training session to 450 students on interacting with police. “We’re not going to candy-coat things — we have a problem in our city that’s affecting[…]

Bidding In Government Auction of Airwaves Reaches $34 Billion

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 24, 2014

An anonymous reader sends word that the 2014 wireless spectrum license auction has surpassed $34 billion. “A government auction of airwaves for use in mobile broadband has blown through presale estimates, becoming the biggest auction in the Federal Communications Commission’s history & signaling that wireless companies expect demand for Internet access by smartphones to continue[…]

Study: Space Rock Impacts Not Random

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 24, 2014

sciencehabit writes When it comes to small space rocks blowing up in Earth’s atmosphere, not all days are created equal. Scientists have found that, contrary to what they thought, such events are not random, & these explosions may occur more frequently on certain days. Rather than random occurrences, many large airbursts might result from collisions[…]

How the World’s Agricultural Boom Has Changed CO2 Cycles

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 24, 2014

An anonymous reader writes Every year levels of carbon dioxide drop in the summer as plants “inhale,” & climb again as they exhale after the growing season in the Northern Hemisphere. However, the last 50 years has seen the size of this swing has increase by as 50%, for reasons that aren’t fully understood. A[…]

Alva Noe: Don’t Worry About the Singularity, We Can’t Even Copy an Amoeba

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 24, 2014

An anonymous reader writes “Writer & professor of philosophy at the University of California, Berkeley, Alva Noe, isn’t worried that we will shortly be under the rule of shiny metal overlords. He says that currently we can’t produce “…machines that exhibit the agency & awareness of an amoeba.” He writes at NPR: “One reason I’m[…]

NASA Remasters 20-Year-Old Galileo Photographs of Jupiter’s Moon, Europa

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 23, 2014

An anonymous reader writes with news that NASA has released remastered pictures of Europa taken by the Galileo spacecraft. “Scientists have produced a new version of what is perhaps NASA’s best view of Jupiter’s ice-covered moon, Europa. The mosaic of color images was obtained in the late 1990s by NASA’s Galileo spacecraft. This is the[…]

2014 Hour of Code: Do Ends Justify Disney Product Placement Means?

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 23, 2014

theodp writes “The purpose of product placement/product integration/branded entertainment,” explains Disney in a job posting, “is to donate a brand exposure outside of their traditional media buy.” So, one imagines the folks in Disney Marketing must be thrilled that Disney Frozen princesses Anna & Elsa will be featured in the ‘signature tutorial’ for CSEdWeek’s 2014[…]

Highly Advanced Backdoor Trojan Cased High-Profile Targets For Years

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 23, 2014

An anonymous reader points out this story at Ars approximately a new trojan on the scene. Researchers have unearthed highly advanced malware they believe was developed by a wealthy nation-state to spy on a wide range of international targets in diverse industries, including hospitality, energy, airline, & research. Backdoor Regin, as researchers at security firm[…]

Elon Musk Talks "X-Wing" Fins For Reusable Rockets, Seafaring Spaceport Drones

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 23, 2014

An anonymous reader writes Elon Musk sent a number of tweets recently in which he detailed a program to test the function of “X-Wing” style grid fins that could assist spacecraft navigate upon re-entry. The tweets describing how it would work, moreover include an autonomous seafaring platform, which can hold its position within three meters[…]

Blame America For Everything You Hate About "Internet Culture"

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 23, 2014

An anonymous reader writes If you hate cat videos, personality quizzes, & endless list stories approximately a specific school or region, then you should blame the USA according to this story. From the article: “‘In France, articles approximately cats do not work,’ Buzzfeed’s Scott Lamb told Le Figaro, a leading Parisian paper. Instead, he explained,[…]

Prospects Rise For a 2015 UN Climate Deal, But Likely To Be Weak

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 23, 2014

An anonymous reader writes with news that a global climate deal seems to be on the horizon. “A global deal to combat climate alter in 2015 looks more likely after promises for action by China, the United States & the European Union, yet any agreement will probably be too weak to halt rising temperatures. Delegates[…]

Spaceport America Loses $1.7 Million Due To Virgin Galactic Delays

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 23, 2014

An anonymous reader writes “Officials of New Mexico’s Spaceport Authority were grilled by lawmakers approximately the now vacant Spaceport America following the deadly crash of Virgin Galactic’s SpaceShipTwo. The spaceport was built as a hub for commercial space flights. Its immediate future is uncertain since Virgin Galactic has indefinitely pushed back the launch date of[…]

Corning Reveals Gorilla Glass 4, Promises No More Broken IPhones

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 23, 2014

An anonymous reader writes “Corning introduced next-generation Gorilla Glass, which it said is ten times tougher than any competitive cover glass now in the market. The company says that the Gorilla Glass 4 so launched is to address the No.1 problem among the smartphones users- screen breakage due to everyday drops.” Read more of this[…]

DreamWorks Reveals Glimpse of "Super Cinema" Format For VR Films

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 23, 2014

An anonymous reader writes Warren Mayoss, Head of Technology Product Development at DreamWorks Animation, spoke at the 2014 Samsung Developer Conference last week approximately the company’s forays into the young medium of virtual reality. In addition to real-time experiences, DreamWorks is exploring ways to enabled their bread & butter in VR: high-fidelity pre-rendered CGI. One[…]

In a Self-Driving Future, We May Not Even Want To Own Cars

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 23, 2014

HughPickens.com writes: Jerry Hirsch writes in the LA Times that personal transportation is on the cusp of its greatest transformation since the advent of the internal combustion engine. For a century, cars have been symbols of freedom & status. But according to Hirsch, passengers of the future may well view vehicles as just another form[…]

How "Big Ideas" Are Actually Hurting International Development

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 23, 2014

schnell writes: The New Republic is running a fascinating article that analyzes the changing state of foreign development. Tech entrepreneurs & celebrities are increasingly realizing the inefficiencies of the old charitable NGO-based model of foreign aid, & shifting their support to “disruptive” new ideas that have been demonstrated in small experiments to deliver disproportionately beneficial[…]

Great Firewall of China Blocks Edgecast CDN, Thousands of Websites Affected

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 23, 2014

An anonymous reader writes: Starting approximately a week ago, The Great Firewall of China began blocking the Edgecast CDN. This was spurred by Great Fire’s Collateral Freedom project, which used CDNs to obtain around censorship of individual domains. It left China with either letting go of censorship, or breaking significant chunks of the Internet for[…]

Judge Unseals 500+ Stingray Records

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 23, 2014

An anonymous reader sends this excerpt from Ars Technica: A judge in Charlotte, North Carolina, has unsealed a set of 529 court documents in hundreds of criminal cases detailing the use of a stingray, or cell-site simulator, by local police. This move, which took place earlier this week, marks a rare example of a court[…]

Samsung Seeking To Block Nvidia Chips From US Market

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 23, 2014

An anonymous reader writes: Bloomberg reports that Samsung has filed a complaint with the U.S. International Trade Commission asking them to block the import of Nvidia’s graphics chips . This is part of Samsung’s retaliation for a similar claim filed by Nvidia against Samsung & Qualcomm back in September. Both companies are wielding patents pertaining[…]

Doubling Saturated Fat In Diet Does Not Increase It In Blood

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 22, 2014

An anonymous reader writes: A new study by researchers at Ohio State University found that dramatically increasing the amount of saturated fat in a person’s diet did not increase the amount of saturated fat found in their blood. Professor Jeff Volek, the study’s senior author, said it “challenges the conventional wisdom that has demonized saturated[…]

#1337day WordPress wpDataTables 1.5.3 SQL Injection Vulnerability [webapps #exploits #Vulnerability #0day #Exploit]

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: November 22, 2014

View Source

#1337day WordPress wpDataTables 1.5.3 shell Upload Exploit [webapps #exploits #0day #Exploit]

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: November 22, 2014

View Source

#1337day DukaPress 2.5.2 Path Traversal Vulnerability CVE-2014-8799 [webapps #exploits #Vulnerability #0day #Exploit]

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: November 22, 2014

View Source

#1337day TP-Link TL-WR740N Wireless Router MitM httpd Denial Of Service [dos #exploits #0day #Exploit]

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: November 22, 2014

View Source

Ask Slashdot: Best Practices For Starting and Running a Software Shop?

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 22, 2014

An anonymous reader writes: I’m a systems architect (and a former Unix sysadmin) with many years of experience on the infrastructure side of things. I have a masters in CS yet not enough practical exposure to professional software development. I’d like to start my own software product line & I’d like to avoid outsourcing as[…]

Eizo Debuts Monitor With 1:1 Aspect Ratio

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 22, 2014

jones_supa writes: Eizo has introduced an absorbing new PC monitor with a square aspect ratio: the Eizo FlexScan EV2730Q is a 26.5-inch screen with 1:1 aspect ratio & an IPS panel with resolution of 1920 x 1920 pixels. “The extended vertical space is convenient for displaying large amounts of information in long windows, reducing the[…]

Upgrading the Turing Test: Lovelace 2.0

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 22, 2014

mrspoonsi tips news of further research into updating the Turing test. As computer scientists have expanded their knowledge approximately the true domain of artificial intelligence, it has become clear that the Turing test is somewhat lacking. A replacement, the Lovelace test, was proposed in 2001 to strike a clearer line between true AI & an[…]

Profanity-Laced Academic Paper Exposes Scam Journal

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 22, 2014

Frosty P writes: A scientific paper titled “Get Me Off Your F****** Mailing List” was actually accepted by the International Journal of Advanced Computer Technology. As reported at Vox & other web sites, the journal, despite its distinguished name, is a predatory open-access journal. These sorts of low-quality journals spam thousands of scientists, offering to[…]

Ukraine’s IT Brigade Supports the Troops

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 22, 2014

An anonymous reader sends this story from BusinessWeek: Eight months ago, David Arakhamiya was running a small IT company in the southern Ukrainian city of Mykolayiv. Today, as an adviser to Ukraine’s defense minister, he oversees a massive crowdfunding effort that since March has raised approximately $300 million from ordinary citizens. The money is being[…]

Extreme Shrimp May Hold Clues To Alien Life On Europa

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 22, 2014

HughPickens.com writes: Scientists at NASA’s Jet Propulsion Laboratory are studying a mysterious ecosystem at one of the world’s deepest undersea hydrothermal vents to obtain clues approximately what life could be like on other planetary bodies, such as Jupiter’s icy moon Europa, which has a subsurface ocean. At the vents, tiny shrimp are piled on top[…]

Linux On a Motorola 68000 Solder-less Breadboard

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 22, 2014

New submitter lars_stefan_axelsson writes: When I was an undergrad in the eighties, “building” a computer meant that you received a bunch of chips & a soldering iron & went to work. The art is still alive today, yet instead of a running BASIC interpreter as the ultimate proof of success, today the crowning achievement is[…]

#1337day MyBB 1.8.2 – unset_globals() Function Bypass and Remote Code Execution Vulnerability [#0day #Exploit]

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: November 22, 2014

View Source

#1337day Supr Shopsystem 5.1.0 – Persistent UI Vulnerability [webapps #exploits #Vulnerability #0day #Exploit]

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: November 22, 2014

View Source

Judge Approves $450M Settlement For Apple’s Ebook Price Fixing

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 22, 2014

An anonymous reader writes: On Friday a U.S. federal judge approved a settlement in the Apple ebook price-fixing case that could see the technology giant paying $450 million. $400 million of that would go to the roughly 23 million consumers thought to be affected by the price fixing, & the rest would go to lawyers.[…]

Some Early Nexus 6 Units Returned Over Startup Bug

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 22, 2014

The Register reports that Motorola has issued a recall for an early batch of its hotly anticipated new Nexus 6 smartphones that were sold through U.S. mobile carrier AT&T, owing to a software glitch that can reportedly causes the devices to boot to a black screen. … AT&T retail stores have reportedly been told to[…]

Google’s Project Loon Can Now Launch Up To 20 Balloons Per Day, Fly 10x Longer

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 22, 2014

An anonymous reader writes Google [Thursday] shared an update from Project Loon, the company’s initiative to bring high-speed Internet access to remote areas of the world via hot air balloons. Google says it now has the ability to launch up to 20 of these balloons per day. This is in part possible because the company[…]

Indian Brick-and-Mortar Retailers Snub Android One Phones

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 22, 2014

oyenamit writes Online shopping in India is still in its infancy yet is growing tremendously to reach the mostly untapped market of 1.2 billion people. Invariably, the conflict between pure online retailers like Amazon & Flipkart & brick & mortar stores was bound to emerge. Unfortunately for Google’s Android One, it has been on the[…]

Critical XSS Flaws Patched In WordPress and Popular Plug-In

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 22, 2014

itwbennett writes The WordPress development team on Thursday released critical security updates that address an XSS vulnerability in the comment boxes of WordPress posts & pages. An attacker could exploit this flaw to create comments with malicious JavaScript code embedded in them that would obtain executed by the browsers of users seeing those comments. ‘In[…]

Startup Assembly Banks On Paid, Open-Source Style Development

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 22, 2014

enbody writes A year-old startup, Assembly, is built on the premise of creating products using open-source style development, yet structured in a way that you obtain paid for your contributions. Open-source development is well-known in the Slashdot community, as are a variety of ways to earn a living around open-source, such as support. What is[…]

Another Hint For Kryptos

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 22, 2014

rastos1 writes Four years ago Jim Sanborn, the sculptor who created the wavy metal pane called Kryptos that sits in front of the CIA in Langley revealed a clue for breaking the last remaining part of the encrypted message on Kryptos. The clue was: BERLIN. But the puzzle resisted all all decryption efforts & is[…]

Mozilla’s 2013 Report: Revenue Up 1% To $314M; 90% From Google

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 21, 2014

An anonymous reader writes Mozilla has released its annual financial report for 2013, & the numbers hint as to why the organization signed a five-year deal with Yahoo, announced by the duo on November 19. Revenue increased just 1 percent, & the organization’s reliance on Google stayed flat at 90 percent. The total revenue for[…]

Molecular Clusters That Can Retain Charge Could Revolutionize Computer Memory

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 21, 2014

jfruh writes:Computing devices have been gobbling up more & more memory, yet storage tech has been hitting its limits, creating a bottleneck. Now researchers in Spain & Scotland have reported a breakthrough in working with metal-oxide clusters that can retain their charge. These molecules could serve as the basis for RAM & flash memory that[…]

#1337day Netgear Wireless Router WNR500 Local File Inclusion Vulnerability [webapps #exploits #Vulnerability #0day #Exploit]

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: November 21, 2014

View Source

#1337day Liferay Portal 6.2 EE SP8 Cross Site Scripting Vulnerability [webapps #exploits #Vulnerability #0day #Exploit]

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: November 21, 2014

View Source

#1337day WordPress SP Client Document Manager 2.4.1 SQL Injection Vulnerability [webapps #exploits #Vulnerability #0day #Exploit]

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: November 21, 2014

View Source

#1337day Privacyware Privatefirewall 7.0 Privilege Escalation Vulnerability [remote #exploits #Vulnerability #0day #Exploit]

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: November 21, 2014

View Source

The EU Has a Plan To Break Up Google

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 21, 2014

An anonymous reader points out a report at the Financial Times (paywalled) which says the European Parliament is preparing to call for the break-up of Google. According to the draft seen by the FT, a potential solution to ongoing anti-trust concerns with Google is “unbundling search engines from other services.” The article notes, “The European[…]

Top NSA Official Raised Alarm About Metadata Program In 2009

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 21, 2014

An anonymous reader sends this report from the Associated Press: “Dissenters within the National Security Agency, led by a senior agency executive, warned in 2009 that the program to secretly collect American phone records wasn’t providing enough intelligence to justify the backlash it would cause if revealed, current & former intelligence officials say. The NSA[…]

Obama’s Immigration Order To Give Tech Industry Some, Leave ‘Em Wanting More

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 21, 2014

theodp writes: “The high-tech industry,” reports the Washington Post’s Nancy Scola, “will have at least two things to be pleased approximately in President Obama’s speech outlining executive actions he’ll take on immigration. The president plans to grant the tech industry some, yet not nearly all, of what it has been after in the immigration debate.[…]

CERN Releases LHC Data

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 21, 2014

An anonymous reader writes: Ever wished you had access to CERN’s LHC data to assist with your backyard high-energy physics research? Today you’re in luck. CERN has launched its Open Data Portal, which makes experimental data produced by the Large Hadron Collider open to the public. “The first high-level & analyzable collision data openly released[…]

Harvard Scientists Say It’s Time To Start Thinking About Engineering the Climate

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 21, 2014

merbs writes: Harvard has long been home to one of the fiercest advocates for climate engineering. This week, Harvard’s School of Engineering & Applied Sciences published a research announcement headlined “Adjusting Earth’s Thermostat, With Caution.” That might read as oxymoronic — intentionally altering the planet’s climate has rarely been considered a cautious enterprise — yet[…]

Privacyware Privatefirewall 7.0 Privilege Escalation

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: November 21, 2014

Privacyware Privatefirewall version 7.0 suffers from an unquoted search path issue impacting the Core Service ‘PFNet’ service for Windows deployed as part of Privatefirewall bundle. This could potentially allow an authorized yet non-privileged local user to execute arbitrary code with elevated privileges on the system. A successful attempt would require the local user to be[…]

Netgear Wireless Router WNR500 Local File Inclusion

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: November 21, 2014

The Netgear Wireless Router WNR500 suffers from an authenticated file inclusion vulnerability (LFI) when input passed thru the ‘getpage’ parameter to ‘webproc’ script is not properly verified before being used to include files. This can be exploited to include files from local resources with directory traversal attacks. View Source

Mandriva Linux Security Advisory 2014-222

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: November 21, 2014

Mandriva Linux Security Advisory 2014-222 – Eric Blake discovered that libvirt incorrectly handled permissions when processing the qemuDomainFormatXML command. An attacker with read-only privileges could possibly use this to gain access to certain information from the domain xml file. View Source

Mandriva Linux Security Advisory 2014-221

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: November 21, 2014

Mandriva Linux Security Advisory 2014-221 – Although Mandriva forgot to include a problem description in this advisory, it appears that their latest packages for php-smarty may have address cross site scripting & code execution vulnerabilities. View Source

Mandriva Linux Security Advisory 2014-220

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: November 21, 2014

Mandriva Linux Security Advisory 2014-220 – Michael S. Tsirkin discovered that QEMU incorrectly handled vmxnet3 devices. A local guest could possibly use this issue to cause a denial of service, or possibly execute arbitrary code on the host. Multiple integer overflow, input validation, logic error, & buffer overflow flaws were discovered in various QEMU block[…]

Mandriva Linux Security Advisory 2014-219

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: November 21, 2014

Mandriva Linux Security Advisory 2014-219 – Fernando Russ from Groundworks Technologies reported a buffer overflow flaw in srtp, Cisco’s reference implementation of the Secure Real-time Transport Protocol(SRTP), in how the crypto_policy_set_from_profile_for_rtp() function applies cryptographic profiles to an srtp_policy. A remote attacker could exploit this vulnerability to crash an application linked against libsrtp, resulting in a[…]

Windows Kernel Version Bumped To 10.0

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 21, 2014

jones_supa writes: In Windows, the kernel version number is once again in sync with the product version. Build 9888 of Windows 10 Technical Preview is making the rounds in a private channel & the kernel version has indeed been bumped from 6.4 to 10.0. Version 6.x has been in use since Windows Vista. Neowin speculates[…]

Ask Slashdot: What’s the Most Hackable Car?

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 21, 2014

An anonymous reader writes: When looking for a new (or used) car, I have readily available information regarding features, maintenance history, & potential issues for that specific model or generation. What I would really like is a car that is readily hackable on the convenience-feature level. For example, if I want to install a remote[…]

Culberson As Chair of NASA Fundng Subcommittee Makes Europa Mission More Likely

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 21, 2014

MarkWhittington writes: As many have expected, Rep. John Culberson (R-TX) has been elevated to chair the House Appropriations Subcommittee for Commerce, Justice, & Science. The subcommittee has charge of NASA funding, something of keen interest for the congressman, whose Houston district is close to the Johnson Spaceflight Center. Moreover, Culberson’s enthusiasm for space exploration goes[…]

It’s Not Developers Slowing Things Down, It’s the Process

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 21, 2014

An anonymous reader writes: Software engineers understand the pace of writing code, yet frequently managers don’t. One line of code might take 1 minute, & another line of code might take 1 day. But generally, everything averages out, & hitting your goals is more a function of properly setting your goals than of coding quickly[…]

Google Launches Service To Replace Web Ads With Subscriptions

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 21, 2014

An anonymous reader writes: Everyone understands by now that ads fund most of the sites on the web. Other sites have put up paywalls or started subscription bonuses, with varying success. Google, one of the web’s biggest ad providers, saw a problem with that: it’s a huge pain for readers to manage subscriptions for all[…]

Aereo Files For Bankruptcy

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 21, 2014

An anonymous reader writes: After losing its Supreme Court case in June & briefly attempting to transform itself into a cable company, Aereo is now filing for chapter 11 bankruptcy. Their service worked by letting people stream over-the-air television to their internet-connected devices. The content industry pushed back, & though Aereo argued its way through[…]

Microsoft Rolls Out Robot Security Guards

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 21, 2014

An anonymous reader writes: Microsoft is testing a group of five robot security guards. They contain a sophisticated sensor suite that includes 360-degree HD video, thermal imaging, night vision, LIDAR, & audio recorders. They can moreover detect various chemicals & radiation signatures, & do some rudimentary behavioral analysis on people they see. (And they look[…]

Leaked Documents Show EU Council Presidency Wants To Impair Net Neutrality

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 21, 2014

NotInHere writes: The advocacy group “European Digital Rights” (EDRi) reports on leaked documents proposed by the Presidency of the council of the EU (currently held by Italy), which plans to remove vital parts from the telecommunications package that introduced net neutrality. The changes include removing the definition of “net neutrality” & replacing it with a[…]

Swedish Court Refuses To Revoke Julian Assange’s Arrest Warrant

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 21, 2014

An anonymous reader writes A Swedish court rejected an appeal by Julian Assange to revoke a detention order issued over allegations of sexual assault. “In the view of the Court of Appeal there is no reason to set aside the detention solely because Julian Assange is in an embassy & the detention order cannot be[…]

Coal Plants Get New Lease On Life With Natural Gas

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 21, 2014

HughPickens.com writes Christina Nunez reports in National Geographic that in the past four years, at least 29 coal-fired plants in 10 states have switched to natural gas or biomass while another 54 units, mostly in the US Northeast & Midwest, are slated to be converted over the next nine years. By switching to natural gas,[…]

Russia May Be Planning National Space Station To Replace ISS

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 21, 2014

An anonymous reader writes with news that Russia may be building its own space station to replace the ISS. Russia may be planning to build a new, independent national space station rather than prolong its participation in the $150 billion International Space Station (ISS) program beyond its current 2020 end date. The U.S. space agency[…]

The Man Who Made Tetris

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 21, 2014

rossgneumann writes Life gets pretty chill after creating ‘Tetris’ & escaping the KGB. A quick web search for “Alexey Pajitnov” brings up pages of articles & interviews that fixate only on his seminal creation—a work that remains, far & away, the best selling video game of all time. But clearly, there’s more to the man[…]

Greenwald Advises Market-Based Solution To Mass Surveillance

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 21, 2014

Nicola Hahn writes In his latest Intercept piece Glenn Greenwald considers the recent defeat of the Senate’s USA Freedom Act. He remarks that governments “don’t walk around trying to figure out how to limit their own power.” Instead of appealing to an allegedly irrelevant Congress Greenwald advocates utilizing the power of consumer demand to address[…]

Harvard Students Move Fossil Fuel Stock Fight To Court

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 21, 2014

mdsolar writes A group of Harvard students, frustrated by the university’s refusal to shed fossil fuel stocks from its investment portfolios, is looking beyond protests & resolutions to a new form of pressure: the courts. The seven law students & undergraduates filed a lawsuit on Wednesday in Suffolk County Superior Court in Massachusetts against the[…]

Asterisk Project Security Advisory – AST-2014-018

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: November 21, 2014

Asterisk Project Security Advisory – The DB dialplan function when executed from an external protocol (for instance AMI), could result in a privilege escalation. View Source

Asterisk Project Security Advisory – AST-2014-017

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: November 21, 2014

Asterisk Project Security Advisory – The CONFBRIDGE dialplan function when executed from an external protocol (for instance AMI), could result in a privilege escalation. Also, the AMI action “ConfbridgeStartRecord” could moreover be used to execute arbitrary system commands without first checking for system access. View Source

Zenario CMS 7.0.2d Cross Site Scripting / Open Redirect

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: November 21, 2014

Zenario CMS version 7.0.2d suffers from cross site scripting & open redirection vulnerabilities. View Source

The Nintendo DS Turns 10

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 21, 2014

An anonymous reader writes The Nintendo DS has reached a remarkable milestone: it’s turned 10 years old. A new retrospective on one of Nintendo’s greatest ever smash hits points out that it’s now old enough to become a Pokemon trainer, & looks back at some of the greatest (and possibly overlooked) titles on the platform[…]

WordPress 3.9.2 Cross Site Scripting

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: November 21, 2014

A security flaw in WordPress 3 allows injection of JavaScript into certain text fields. In particular, the problem affects comment boxes on WordPress posts & pages. These do not require authentication by default. View Source

Asterisk Project Security Advisory – AST-2014-016

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: November 21, 2014

Asterisk Project Security Advisory – When handling an INVITE with Replaces message the res_pjsip_refer module incorrectly assumes that it will be operating on a channel that has just been created. If the INVITE with Replaces message is sent in-dialog after a session has been established this assumption will be incorrect. The res_pjsip_refer module will then[…]

Asterisk Project Security Advisory – AST-2014-015

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: November 21, 2014

Asterisk Project Security Advisory – The chan_pjsip channel driver uses a queue approach for actions relating to SIP sessions. There exists a race condition where actions may be queued to answer a session or send ringing AFTER a SIP session has been terminated using a CANCEL request. The code will incorrectly assume that the SIP[…]

Customers Creating Fake Amazon Pages To Get Cheap Electronics At Walmart

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 21, 2014

turkeydance writes People are reportedly creating fake Amazon pages to show fake prices on electronics & other items. In the most heavily publicized cases, Walmart was reportedly duped into selling $400 PlayStation 4 consoles for under $100. From the article: “The company announced on Nov. 13 that it would price-match select online retailers, including Amazon.com.[…]

UNSW Has Collected an Estimated $100,000 In Piracy Fines Since 2008

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: November 20, 2014

Jagungal (36053) writes The SMH reports that The University of NSW says it has issued 238 fines — estimated to total around $100,000 – to students illicitly downloading copyright infringing material such as movies & TV shows on its Wi-Fi network since 2008. The main issues are that the University is not returning any money[…]

Tags
Online Now
Welcome , today is Tuesday, November 25, 2014