Enhancing milk quality in Uganda: Challenges and innovations in the dairy value chain

Improving market incentives.

The post Enhancing milk quality in Uganda: Challenges and innovations in the dairy value chain appeared first on IFPRI.

Síntesis de evidencia: Lineamientos para el diseño de programas crediticios agropecuarios condicionados para el fomento de prácticas agropecuarias sostenibles

Enfoques para el desarrollo de políticas del sistema alimentario.

The post Síntesis de evidencia: Lineamientos para el diseño de programas crediticios agropecuarios condicionados para el fomento de prácticas agropecuarias sostenibles appeared first on IFPRI.

Identifying guidelines for the design of conditional credit programs to promote sustainable agricultural practices in Latin America

Tools for food system policy development.

The post Identifying guidelines for the design of conditional credit programs to promote sustainable agricultural practices in Latin America appeared first on IFPRI.

Reducing food loss and waste for climate outcomes: Insights from national consultations in Bangladesh, Malawi and Nepal

Integrating key goals of food system transformation.

The post Reducing food loss and waste for climate outcomes: Insights from national consultations in Bangladesh, Malawi and Nepal appeared first on IFPRI.

One of the common questions often asked of the IT team is “how many systems are missing patches and how many patches are missing on each system?”  This dashboard uses the “Patch Report” plugin and organizes the current patch status for systems scanned with credentials.  The IT team can now easily communicate the specific systems with missing patches to executives.

The Nessus "Patch Report" plugin (66334) elegantly summarizes all of the missing patches and general remediation actions required to remediate the discovered vulnerabilities on a given host. Instead of counting the number of vulnerabilities, the plugin lists applications that need to be upgraded. The approach is not only much easier for IT administrators to consume, but the count of applications provides a measure of how much "work" is required to secure a system.

The dashboard provides risk guidance using the “Remediation Summary” tool.  This tool works by employing a concept called “top patch”.  Tenable Security Center uses proprietary technology to identify a chain of patches.  The first patch in the chain is called the “top patch”.  If the “top patch” is applied, all subsequent vulnerabilities will also be remediated at the same time.  Using both the Remediation Summary tool and “Patch Report” plugin, the organization can better plan remediation efforts.   

The dashboard and its components are available in the Tenable Security Center Feed, a comprehensive collection of dashboards, reports, assurance report cards and assets.  The dashboard can be easily located in the Tenable Security Center Feed under the category Executive. The dashboard requirements are:

• Tenable Security Center
• Nessus
• This dashboard requires “Full Text Search” to be enabled for each analyzed repository.

Please note the "Full Text Search" option must be enabled for the repository to support the trending component.

Tenable Security Center has the ability to identify all discoverable vulnerabilities, eliminating blind spots. Tenable detects missing patches, incorrect configurations, lapsed defenses, incomplete monitoring and network intruders—so you can mitigate them.  Tenable Security Center can show risk across all systems, enabling informed decisions.  Tenable’s approach to continuous monitoring reaches across cloud, virtual, mobile and traditional systems and measures attack vectors in each of these domains.  Tenable Security Center provides a unique combination of detection, reporting, and pattern recognition utilizing industry recognized algorithms and models.  By providing that single point of data collection, Tenable.sc enables sharing of vulnerability scanning results across the technical groups and business owners. Tenable.sc is continuously updated with information about advanced threats and zero-day vulnerabilities, and new types of regulatory compliance configuration audits.

Components

Remediations Tracking - Top 25 Remediations: This component provides the top 25 remediation actions that can be taken to reduce overall risk.  The table is sorted using vulnerability weight scores, which are calculated differently for each organization.  To determine score weights, login with the admin account, edit your organization and then select “Analysis”.  In the upper right hand corner, there are four scores, one for each severity level. The default scores are: critical = 40, high = 10, medium = 3 and low = 1. The vulnerability weight helps to determine a fully calculated score used in risk analysis.

The Outstanding Remediations - Time Since Patch Publication (Assets) matrix displays the total count of missing patches across the environment. The matrix is comprised of five columns. The first column provides a count of the vulnerabilities that are exploitable, and the last four columns provide counts of vulnerabilities based on Vulnerability Priority Rating (VPR) levels. VPR scores are displayed as column headers in traditional severity text.  Critical represents VPR 9-10, High represents VPR 7-8.9, Medium represents VPR 4-6.9, and Low represents VPR 0.1-3.9. Each row filters the vulnerabilities based on the patch publication date of less than 30 days ago, Current Quarter, Last Quarter, Current Year, Last Year, and greater than 365 Days.

The End of Life Software Detection table displays a list of software that is no longer supported by the vendor. The table is sorted by the count column, which lists a count of the total number of assets affected by the unsupported software package. The filter used is for Plugin Name equals Unsupported. Tenable recommends that assets found here be upgraded to a higher supported version as soon as possible, since vendors no longer list active vulnerabilities for end-of-life software.

The Outstanding Remediations by Device Type (Vulnerabilities) matrix displays the total count of missing patches by device type. The matrix is comprised of five columns. The first column provides a count of the vulnerabilities that are exploitable, and the last four columns provide counts of vulnerabilities based on Vulnerability Priority Rating (VPR) levels. VPR scores are displayed as column headers in traditional severity text.  Critical represents VPR 9-10, High represents VPR 7-8.9, Medium represents VPR 4-6.9, and Low represents VPR 0.1-3.9.  There is a row present which groups devices by type, such as Linux, Windows, or macOS devices. Counts present in each cell represents the number of vulnerabilities present for the device group and VPR score.

In an era of rapidly evolving Artificial Intelligence/Large Language Model (AI/LLM) technologies, cybersecurity practitioners face significant challenges in monitoring unauthorized AI solutions, detecting AI vulnerabilities, and identifying unexpected AI/LLM development. Tenable Security Center leverages advanced detection technologies - agents, passive network monitoring, dynamic application security testing, and distributed scan engines - to surface AI/LLM software, libraries, and browser plugins. The risk managers utilize this dashboard to begin a comprehensive review of the AI/LLM packages in systems and web applications, along with associated vulnerabilities, mitigating risks of exploitation, data leakage, and unauthorized resource consumption.

This dashboard provides a detailed view of AI/LLM use by leveraging Nessus plugin (196906) to detect AI/LLM usage in 3 ways: browser extensions, applications, and file paths all common to AI/LLM implementations. AI/LLM vulnerabilities discovered in web applications are identified using the Web Application Scanner, alongside network traffic analysis using the Nessus Network Monitor (NNM). By combining all methods of data collection, the risk managers are able to identify problem areas and other risks associated with AI/LLM.

AI/LLM technologies are promising and can transform many industries and businesses, offering new innovation and efficiency opportunities. However, the technology represents a huge security challenge at many layers and this impact should not be overlooked. By using Tenable Security Center and Tenable Web App Scanning the organization is able to take a security-first approach. When combined with best practices and robust governance policies, the organizations can harness the power of AI/LLM and mitigate the associated emerging threats.

Components

AI/LLM Software Known to Nessus: This matrix provides summary counts of AI/LLM use by leveraging Nessus plugin (196906). This column chart uses the Plugin ID filter and Plugin Output filter to show the AI/LLM applications found on assets scanned using Nessus. Each label displayed is the pattern added to the plugin output search. This search allows the security managers a simplified approach to beginning the understanding into AI usage.

AI/LLM Top 5 Applications: This matrix provides the counts top 5 utilized AI/LLM applications discovered by Tenable Research. The cells use the Plugin ID (196906) and Plugin Output filter to show the AI/LLM application. Each label displayed is the pattern added to the plugin output search. This search allows the security managers a simplified approach to beginning the understanding into AI usage. The top 5 utilized list consists of: TensorFlow, NumPy, H2O Flow, HuggingFace, and scikit-learn.

AI/LLM Detection Statistics: This matrix provides summary counts of AI/LLM use by leveraging Nessus plugin (196906) to detect AI/LLM usage in 3 ways: browser extensions, applications, and file paths all common to AI/LLM implementations. AI/LLM vulnerabilities discovered in web applications are identified using the Web App Scanner, alongside network traffic analysis using the Nessus Network Monitor (NNM). By combining all methods of data collection, the risk managers are able to identify problem areas and other risks associated with AI/LLM.

AI/LLM Software Detected by NNM & WAS: AI/LLM vulnerabilities discovered in web applications are identified using the Web Application Scanner, alongside network traffic analysis using the Nessus Network Monitor (NNM). By combining all methods of data collection, the risk managers are able to identify problem areas and other risks associated with AI/LLM.

AI/LLM Browser Extensions: This matrix provides summary counts of AI/LLM use by leveraging Nessus plugin (196906). The cells use the Plugin ID filter and Plugin Output filter to show the AI/LLM browser extensions grouped into three search patterns. Each label displayed is the pattern added to the plugin output search. This search allows the security managers a simplified approach to beginning the understanding into AI usage.
 

Tenable Research delivers world class exposure intelligence, data science insights, zero day research and security advisories. Our Security Response Team (SRT) in Tenable Research tracks threat and vulnerability intelligence feeds to make sure our research teams can deliver sensor coverage to our products as quickly as possible. The SRT also works to dig into technical details and author white papers, blogs, and additional communications to ensure stakeholders are fully informed of the latest cyber risks and threats. The SRT provides breakdowns for the latest critical vulnerabilities on the Tenable blog.

When security events rise to the level of taking immediate action, Tenable - leveraging SRT intelligence -  notifies customers proactively to provide exposure information, current threat details and how to use Tenable products and capabilities to accelerate remediation.

This dashboard contains indicator style components to highlight any vulnerabilities related to the Tenable Research Advisories where Tenable issues customer guidance that immediate remediation was of paramount importance to all affected organizations. Tenable recommends addressing missing patches as identified in the dashboard components. 

The dashboard and its components are available in the Tenable.sc Feed, a comprehensive collection of dashboards, reports, assurance report cards and assets. The dashboard can be easily located in the Tenable.sc Feed under the category Security Industry Trends.

The dashboard requirements are: 

• Tenable.sc 6.2.0
• Nessus 10.6.1

The following components are included in this dashboard are:

Research Advisories - Citrix NetScaler ADC and NetScaler Gateway: In August 2023, Mandiant identified a zero-day exploitation impacting NetScaler ADC and NetScaler Gateway appliances. When NetScaler ADC or NetScaler Gateway is configured as a gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or as an AAA virtual server, an unauthenticated attacker could exploit the device in order to hijack an existing authenticated session. Depending on the permissions of the account they have hijacked, this could allow the attacker to gain additional access within a target environment and collect other account credentials. Successful exploitation allows the attacker to bypass multi factor authentication (MFA) requirements.

Research Advisories - curl Heap Overflow and Cookie Injection: On October 3, an open-source developer and maintainer of curl, took to X (formerly Twitter) to announce that a new high severity CVE would be fixed in curl 8.4.0. The developer noted that the release would be ahead of schedule and released on October 11, indicating in a reply to the twitter thread that this is 'the worst security problem found in curl in a long time.' 

Research Advisories - MOVEit: The CL0P Ransomware Group, also known as TA505, has exploited zero-day vulnerabilities across a series of file transfer solutions since December 2020. File transfer solutions often contain sensitive information from a variety of organizations. This stolen information is used to extort victims to pay ransom demands. In 2023, CL0P claimed credit for the exploitation of vulnerabilities in both Fortra’s GoAnywhere Managed File Transfer (MFT) and Progress Software’s MOVEit Transfer solutions. 

Research Advisories - log4shell: This matrix alerts organizations to potential concerns regarding the Log4j vulnerability. Displayed are the vulnerabilities that are directly associated with the log4shell CVEs (CVE-2021-44228, CVE-2021-44832, CVE-2021-45046, CVE-2021-4104, and CVE-2021-45105) and Log4j installations. 

Research Advisories - CISA Alerts AA22-011A and AA22-047A: On November 3rd, 2021, Cybersecurity and Infrastructure Security Agency (CISA) issued Binding Operational Directive (BOD) 22-01, and on Jan 11, 2022 CISA issued an alert (AA22-011A) warning of increased risk to U.S. critical infrastructure.  A total of 18 CVEs can be associated with this alert.  Hosts and Vulnerabilities identified and mitigated are displayed using the referenced CVE. 

Research Advisories - PrintNightmare: On July 1, Microsoft released an advisory for CVE-2021-34527. This advisory was released in response to public reports about a proof-of-concept (PoC) exploit for CVE-2021-1675, a similar vulnerability in the Windows Print Spooler. To help clear up confusion about the vulnerability, Microsoft updated its advisory for CVE-2021-1675 to clarify that it is similar but distinct from CVE-2021-34527. On July 6, Microsoft updated its advisory to announce the availability of out-of-band patches for CVE-2021-34527, a critical vulnerability in its Windows Print Spooler that researchers are calling PrintNightmare. This remote code execution (RCE) vulnerability affects all versions of Microsoft Windows. 

Research Advisories - MS Exchange ProxyLogon: On March 2, 2021 Microsoft released several critical security updates for zero-day Microsoft Exchange Server vulnerabilities, and reported that the exploits are actively being exploited by threat actors. Within a single week thousands of organizations world-wide have fallen victim. Tenable released several plugins for Exchange Server 2010, 2013, 2016 and 2019, which can be used to determine which Exchange Server systems are vulnerable in your environment.

The CL0P Ransomware Group, also known as TA505, has exploited zero-day vulnerabilities across a series of file transfer solutions since December 2020. File transfer solutions often contain sensitive information from a variety of organizations. This stolen information is used to extort victims to pay ransom demands. In 2023, CL0P claimed credit for the exploitation of vulnerabilities in both Fortra’s GoAnywhere Managed File Transfer (MFT) and Progress Software’s MOVEit Transfer solutions.

Research conducted as part of security audits has revealed additional vulnerabilities. This dashboard contains a list of vulnerabilities known to be exploited by the CL0P ransomware group as well as other vulnerabilities that could be leveraged by CL0P and other threat actors. Operations teams can use this data to identify the assets affected by the associated CVEs targeted by the CL0P ransomware group. The following Nessus plugins identify the affected vulnerabilities:

•  90190: Progress MOVEit Transfer Installed (Windows)
• 176735: Progress MOVEit Transfer Web Interface Detection
• 176736: Progress MOVEit Transfer FTP Detection
• 176567: Progress MOVEit Transfer
• 177371: Progress MOVEit Transfer Critical Vulnerability (June 15, 2023)

The dashboard and its components are available in the Tenable.sc Feed, a comprehensive collection of dashboards, reports, assurance report cards and assets. The dashboard can be easily located in the Tenable Security Center Feed under the category Security Industry Trends.

The requirements for this dashboard are:

• Tenable Security Center 6.1.1
• Tenable Nessus 10.5.2

The Security Response Team (SRT) in Tenable Research digs into technical details and tests proof-of-concept attacks, when available, to ensure customers are fully informed of risks. The SRT also provides breakdowns for the latest vulnerabilities in the Tenable blog.

Tenable Research has posted the FAQ for MOVEit Transfer Vulnerabilities and CL0P Ransomware Gang blog post to provide the latest information about this threat.

Components

CL0P Ransomware Group MOVEit – This table displays assets that are vulnerable to recent targeted attacks by the CL0P Ransomware Group (aka TA505) related to Progress Software’s MOVEit Transfer solutions. The component specifically provides results for pluginIDs 90190, 176735, 176736, 176567, 177082, and 177371. These vulnerabilities are associated with a zero-day that is actively being exploited. The table displays the IP address, NetBIOS, DNS, and OS CPE of any identified vulnerable assets, and the Vulnerabilities severity bar.

CL0P Ransomware Group Fortra GoAnywhere MFT – This table displays assets that may be vulnerable to recent targeted attacks by the CL0P Ransomware Group (aka TA505) related to Fortra GoAnywhere Managed File Transfer (MFT). The component specifically provides results for pluginIDs 171845, 171558, 171771, and 113896. These vulnerabilities are associated with a zero-day that is actively being exploited. The table displays the IP address, NetBIOS, DNS, OS CPE of any identified vulnerable assets, and the Vulnerabilities severity bar. 

CL0P Ransomware Group Accellion File Transfer – This table displays assets that may be vulnerable to recent targeted attacks by the CL0P Ransomware Group (aka TA505) for CGI abuses related to Accellion Secure File Transfer. The component specifically provides results for pluginIDs 85007, 146927, and 154933. These vulnerabilities are associated with a zero-day that is actively being exploited by the CL0P Ransomware Group, also known as TA505. The table displays the IP address, NetBIOS, DNS, and OS CPE of any identified vulnerable assets, and the Vulnerabilities severity bars.

CL0P Ransomware Group Patched Assets – This table displays vulnerabilities that have been remediated related to recent targeted attacks by the CL0P Ransomware Group (aka TA505). The remediated vulnerabilities displayed are specifically related to the vulnerabilities related to Progress Software’s MOVEit Transfer solutions, Fortra GoAnywhere Managed File Transfer, and Accellion Secure File Transfer. These vulnerabilities are associated with a zero-day that is actively being exploited. The table displays the PluginID, Vulnerability Name, Plugin Family, Severity, and Total of remediated vulnerabilities.

Web application security is a key concern for any organization that develops or uses web applications. The software security community created the Open Web Application Security Project (OWASP)  to help educate developers and security professionals on the latest web application security risks. This dashboard provides organizations the ability to monitor web applications by identifying the top 10 most critical web application security risks as described in OWASP's Top 10 Application Security Risks document for 2021.

The OWASP Application Security Risks document outlines several different categories of web-based security concerns, such as Cross-Site Scripting attacks (XSS), security misconfigurations, and sensitive data exposure. OWASP's focus is to reduce risk across the most vulnerable business assets across the internet. Following these guidelines empowers organizations to reduce risk of organizational and consumer data theft.

Administrators need to ensure that their organization is not vulnerable to any of the attacks identified by OWASP. Remediating compliance related issues, such as known vulnerable components and insufficient logging, is important to eliminate gaps in an organization's infrastructure that are not directly tied to exploitable attacks.

These dashboards are available in the Tenable.sc Feed, a comprehensive collection of dashboards, reports, Assurance Report Cards, and assets. The dashboards can be easily located in the Tenable.sc Feed under the category Compliance & Configuration Assessment. The dashboard requirements are:

• Tenable.sc 6.2.0
• Tenable Web Application Scanning

This dashboard covers all versions of the OWASP Top 10 from 2010 to 2021, and provides administrators the tools and information needed to aid their efforts. The dashboard provides comparative view between version, using the cross-reference field utilized by plugins. The information will guide organizations on the actions to mitigate business risk through strong security practices. 

Components

WAS Data Concerns: This bar chart displays current (2021) OWASP vulnerability counts, sorted by plugin family and severity. According to OWASP, "the Top 10 represents a broad consensus about the most critical security risks to web applications." Identifying and fixing these issues provides organizations with a solid foundation for secure web development.

OWASP Categories by URL: This component displays vulnerability status counts for each Uniform Resource Locator (URL) within the organization. The URLs are sorted from those with the highest, most severe vulnerabilities to the least severe. Each URL has a graph of severity results for each severity category. 

OWASP Versions by State: This matrix displays the current and all previous OWASP versions along with a column displaying each state (New, Current, Resurfaced, Fixed). This information assists organizations in identifying OWASP vulnerabilities that are new, currently active, have previously been mitigated and have resurfaced, or have been fixed, for each OWASP version. 

OWASP Versions by Severity: This matrix displays the current and all previous OWASP Top 10 from Critical to Low. Each cell displays data on the count of web application vulnerabilities associated with the OWASP Top 10 release, and severity level. This information assists organizations in identifying the most severe OWASP vulnerabilities for the OWASP version in use. 

From e-commerce to online banking, the world is interconnected with web applications. The internet provides a contactless method to conduct office meetings, engage with healthcare professionals, shop, attend classes, and more. Protecting data has never been more important. Failure to secure web applications can lead to serious financial and reputational consequences. According to statistics published in Tenable's Threat Landscape Report, web application vulnerabilities continue to repeatedly pose a significant threat to organizations.

Web application security refers to the practices employed to detect and mitigate threats and vulnerabilities that may compromise the confidentiality, integrity, and availability of web applications. As the internet has evolved to become an integral part of how organizations conduct business, web applications have become increasing popular and essential to meet the requirements. This growing popularity of web applications and online transactions provides lucrative targets for cybercriminals. Data presented within this dashboard highlights the top most vulnerable web applications and assets at risk for exploitation.

This dashboard leverages data from Tenable Web App Scanning, a comprehensive and automated vulnerability scanning tool for modern web applications. Organizations can perform Dynamic Application Security Tests (DAST) on any application, anywhere, at any point in the application lifecycle. Of specific importance is the Tenable Web App Scanning ability to scan for vulnerabilities from the Open Web Application Security Project (OWASP) Top 10 risks, and provide comprehensive and accurate vulnerability data.

The Open Web Application Security Project (OWASP) is a non-profit foundation that provides community-driven consensus insight into web application security concerns. The OWASP Top 10 list highlights several different aspects of web-based security, such as Cross-Site Scripting attacks, security misconfigurations, and sensitive data exposure. The focus of the OWASP Top 10 is to reduce risk across the most vulnerable aspects of web applications across the internet. Following these guidelines enables organizations to reduce risk of organizational and customer data theft.

In addition, Common Vulnerability and Exposures (CVE), and other configuration tests provide insight into thousands of related vulnerabilities and misconfigurations. Vulnerability data presented in this dashboard leverages all the gathered web application vulnerability information to provide organizations with a method to break the vulnerability cycle. The data provided in the dashboard enables organizations to better communicate risk, prioritize patching efforts, and reduce the attack surface.

Components

Top 100 Most Vulnerable Web Applications (Last 14 Days): The table displays a list of the vulnerabilities the application from most severe to least severe. This information enables analysts to prioritize remediation efforts by identifying the top vulnerabilities to remediate that will reduce the organization's overall attack surface. 

Top 100 WAS Vulnerabilities by Plugins (Last 14 Days): This table provides a list of Web Application vulnerabilities that have been seen within the last 14 days as well as the total number of instances of each vulnerability. The Plugin Family is displayed as well as the Plugin ID and Severity of each vulnerability. This information enables analysts to prioritize remediation efforts by identifying the top vulnerabilities to remediate that will reduce the organization's overall attack surface. 

Web App Vulnerabilities by State: This matrix provides a view into the vulnerability life cycle for web applications. Tracking web application vulnerabilities through each state provides management information on the progress of risk mitigation efforts.

Top 2021 OWASP Categories Discovered in the Last 14 Days: This matrix displays active Web Application vulnerabilities from Tenable Web App Security by OWASP category for 2021. Displayed is a row for assets and vulnerabilities for each OWASP category. 

The prevalence of web applications makes them a prime target for cyber criminals. Failure to secure web applications can lead to serious financial and reputational consequences. This dashboard provides a high-level summary of vulnerability data discovered by Tenable Web App Scanning.

Tenable Web App Scanning provides comprehensive and accurate vulnerability scanning and risk analysis by leveraging OWASP Top 10 risks to vulnerable web application components. Tenable provides comprehensive and automated vulnerability scanning for modern web applications using Dynamic Application Security Tests (DAST). The security and development teams leverage these detailed vulnerability scans of the application at any point in the development lifecycle and are able understand the true security risks of the web application.

Tenable Security Center uses a comprehensive list of attributes to increase visibility into web application vulnerabilities. Risk managers are able to focus on security challenges that pose the greatest threat and most risk by leveraging Common Vulnerability Scoring System (CVSS) and OWASP references. The dashboard provides a detailed view of the web application components and custom code vulnerabilities. Additionally, vulnerability details related to Log4J are provided , which displays any detected applications that are found to be vulnerable to Log4J exploits.

The dashboard and its components are available in the Tenable.sc Feed, a comprehensive collection of dashboards, reports, assurance report cards and assets. The dashboard can be easily located in the Tenable Security Center Feed under the category Security Industry Trends.

• The requirements for this dashboard are:
• Tenable Security Center 6.2.0
• Tenable Web Application Scanner

Security leaders need to SEE everything, PREDICT what matters most and ACT to address cyber risk and effectively align cybersecurity initiatives with business objectives. Tenable Security Center discovers and analyzes assets continuously to provide an accurate and unified view of an organization's security posture.

Components

Web App Scanning - Statistics: The matrix provides a quick overview of actionable metrics collected using Nessus and Tenable Web AppScanner. The first column shows a count of vulnerabilities with a CVSSv3 score present, followed by the most critical of vulnerabilities with a CVSSv3 score greater than 9.  The "Needs Review" column displays the vulnerabilities with CVSSv3 base score of 5 to 8. The "Remediated" column shows all vulnerabilities with a CVSSV3 score greater than 5 that have been remediated.  The last two columns are focused on OWASP based vulnerabilities. The matrix provides two rows, the top showing vulnerabilities detected by Nessus.

Web App Scanning - Log4Shell Vulnerabilities: This chart presents a list of log4shell vulnerabilities detected by both Nessus and Tenable Web App Scanning. The chart uses the plugin name string and "Include Web App Results" to provide ring segments for each discovered vulnerability. Tenable recommends that these applications be prioritized immediately for remediation efforts.

Web App Scanning - OWASP 2021 Categories: This matrix provides a count of assets and vulnerabilities for each OWASP 2021 category that were detected using the Tenable Web App Scanner. Security and compliance frameworks, such as the Open Web Application Security Project (OWASP) Top 10, enables risk managers to gain insight into methods used by adversaries to exploit common flaws and misconfigurations.  Tenable Web App Scanner attributes vulnerabilities using the Cross Reference field to link to all published OWASP versions. Upon completion of the web application scan, the vulnerabilities detected and linked to OWASP 2021 provide an industry best practice approach to mitigating vulnerabilities.

Web App Scanning - Tenable Detected Applications Vulnerable to Log4Shell: The table presents a list of assets detected by both Nessus and Tenable Web App Scanning that are vulnerable to log4shell. The chart uses the plugin name string and "Include Web App Results" to provide entries for assets with the log4shell vulnerability. Tenable recommends that these applications be prioritized immediately for remediation efforts.

Web applications often have the ability to interface with system functions and critical databases to add or modify data. By design, web applications need to enable customers and users to access this data.  This capability means that attackers are often able to leverage the same forms or other data entry methods to exploit flaws in web frameworks or other related software to bypass access controls. Web applications exist on remote servers or in cloud environments, and data is transmitted over public networks, presenting a very real and present attack path in the organization’s global attack vector. Web application security is a critical aspect to ensure the confidentiality, integrity, and availability of web applications. This dashboard provides a combined view of data collected using the Tenable Web App Scanner and Tenable Vulnerability Management using Nessus.

Organizations need to know what web services are operating in the environment to ensure these web services are analyzed for current known vulnerabilities and attacks. Tenable Security Center along with Web Application Scanning provides a thorough view of risks related to web services.  Leveraging both scan methods, enables the security operations team and application developers to see risk and threat vectors from application frameworks and vulnerabilities on the host servers themselves.  

Security and compliance frameworks, such as the Open Web Application Security Project (OWASP) Top 10, provides risk managers insight into methods used by adversaries to exploit common flaws and misconfigurations. Tenable Web Application Scanner attributes vulnerabilities using the Cross Reference field to link to all published OWASP versions. Upon completion of the web application scan, the vulnerabilities detected and linked to OWASP 2021 provide an industry best practice approach to mitigating vulnerabilities.  

The dashboard and its components are available in the Tenable.sc Feed, a comprehensive collection of dashboards, reports, assurance report cards and assets. The dashboard can be easily located in the Tenable Security Center Feed under the category Threat Detection & Vulnerability Assessments.

The requirements for this dashboard are:

• Tenable Security Center 6.2.0
• Tenable Nessus X.Y.Z
• Tenable Web Application Scanner

Security leaders need to SEE everything, PREDICT what matters most and ACT to address cyber risk and effectively align cybersecurity initiatives with business objectives. Tenable Security Scanner discovers and analyzes assets continuously to provide an accurate and unified view of an organization's security posture. 

Components

Web Services - WAS Highest Vulnerabilities by Plugin Family: This component provides a summary of the highest risk affecting (severity Medium to Critical) vulnerabilities collected using Tenable Web App Scanner. The Plugin Family Summary tool enables security teams to see at a high level the percentage of high-risk vulnerabilities. In addition to the severity filter, a new filter called Web App Scanning, set to “Only Web App Results” ensures that only the vulnerabilities that are collected from the web application scan are presented.  The drill down will also go straight to the “Web App Scanning” tab in the Analysis view.

Web Services - Most Critical Web Application Vulnerabilities Discovered by Nessus: This component provides a summary of the highest risk affecting (severity Medium to Critical) vulnerabilities collected using Nessus. The Plugin Family Summary tool enables security teams to see at a high level the percentage of high-risk vulnerabilities. The component also uses the Plugin Family filter and only selects the CGI and Web Server families. In addition to the severity and Plugin Family filters, a new filter called Web App Scanning, set to “Exclude Web App Results” ensures that only the vulnerabilities that are collected from a Nessus scan are presented.  

Web Services - Host and Web Application SSL Vulnerabilities: This matrix compares the web server related vulnerabilities by severity and collection method. Each row is separated using the Web App Scanning filter.  The top row has the filter set to “Exclude Web App Results” and bottom row is set to “Only Web App Results”.  This view allows the security operations team to get a side-by-side view of web-based vulnerabilities linked by severity.  

Web Services - Most Critical OWASP 2021 Categories: This matrix provides an indicator for each OWASP 2021 category where vulnerabilities were detected using the Tenable Web App Scanner. In addition to Cross Reference filter, the matrix uses CVSSv3 Vectors to provide a higher level of risk. The vectors used are: Attack Vector: Network (AV:N), Attack Complexity: Low (AC:L), Privileges Required: None (PR). If the vulnerability has any of these vectors applied, the attacks on the asset are at a greater risk to being exploited, and need to be addressed immediately.

Web Services - Web App Vulnerabilities over last 50 days: This component provides a trend summary of the highest risk affecting (severity Medium to Critical) vulnerabilities collected using Tenable Web App Scanner.  The data points are calculated with the Vulnerability Last Observed set to within the last day, thus each query point in the graph will show the total vulnerabilities that were seen since the last query point. In addition to the date and severity filters, a new filter called Web App Scanning, set to “Only Web App Results” ensures that only the vulnerabilities that are collected from the web application scan are presented.

When dealing with compliance regulations, each organization can face a variety of potential risks. Without having a full understanding of an organization’s risk exposure, critical systems and data will be at risk for attacks or data leakage. The Center for Internet Security (CIS) developed a series of best practice benchmarks for a variety of applications, operating systems, servers, and databases used within organizations today. Each benchmark contains recommended security settings designed to harden systems and applications from attack while maintaining overall system functionality. The components in these dashboards present a summary of results gathered from CIS compliance scans using the CIS Benchmarks.

Tenable has been certified by CIS to perform a wide variety of platform and application audits based on the best practice consensus benchmarks developed by CIS. Tenable submits example test cases for all of the criteria within each unique benchmark, and then submits our results to CIS personnel for official certification. Tenable has developed audit files based on the CIS Benchmarks tested on systems, and has been approved and certified by CIS staff members.

When performing managed scans with Tenable.sc, some CIS audits require additional patch audits and vulnerability checks. Any additional requirements for completing an audit using the CIS Benchmarks will be included within the audit file description text. In some cases, multiple scans may be required, as Tenable provides both Level 1 and Level 2 audit checks. Level 1 checks provide minimum settings recommendations, and are generally considered safe to apply to most systems. Level 2 checks include recommendations for complex or highly secure environments, and can lead to reduced functionality of systems within the network.

Information presented within these dashboards includes a summary of CIS audit checks currently supported by Tenable. Results will highlight one of three severity levels that will provide valuable information analysts can use to harden systems within the enterprise. The informational severity level is considered “Passed”, indicating that the configuration setting matches the expected result of the audit check. Results assigned a medium severity must be evaluated by an analyst to determine whether the results are accurate or not. When an audit check fails, the severity is set to high, indicating that the collected result and the expected result do not match. Each failure should be reviewed, fixed, and re-scanned to ensure that the system has been secured properly. Using these benchmarks will help to assess the effectiveness of existing security controls on systems, and provide the critical context needed to strengthen an organization's security posture.

If needed, audit files can be modified to an organization’s specific requirements. Additional information on how to edit audit files can be found within the “Nessus Compliance Checks” document in the Support Portal.

These dashboards are available in the Tenable.sc Feed, a comprehensive collection of dashboards, reports, Assurance Report Cards, and assets. The dashboards can be easily located in the Tenable.sc Feed under the category Compliance & Configuration Assessment. The dashboard requirements are:

• Tenable.sc 5.2.0
• Nessus 8.6.0
• CIS Audit Files
• Compliance Data

In order to maintain the overall security of systems and data within the enterprise, organizations must have an effective and repeatable way to measure compliance results. Tenable Tenable.sc helps organizations obtain results using the CIS Benchmarks by measuring compliance in real time, providing an accurate assessment of an organization’s security posture. By prioritizing remediation actions of misconfigured systems, the organization can maximize their investment in compliance reporting and system hardening efforts. With more supported technologies than any other vendor, Tenable assists organizations in obtaining the most comprehensive view of the network and the intelligence needed to assess and protect systems using CIS compliance standards.

There are 3 dashboards with over 40 individual components. As with all dashboards in Tenable.sc, individual components can be rearranged, edited, or removed to focus on the components of interest. To edit or delete a component, click on the Gear menu in the upper-right title area of a component and select the appropriate menu item. Components can be rearranged using drag and drop. To change the visual display of the entire dashboard, for example from 3 columns to 2 columns or 1 column, from the Options menu select Edit Dashboard and select a layout style.  

The following dashboards are available:

• CIS Audit Summary (Networking and Applications): This dashboard provides the components for application servers (Apache, MongoDB, Oracle, RDMS), networking or container based services (Cisco, Docker, Kubernetes, Palo Alto, VMwareESXi) and other similar benchmarks.
• CIS Audit Summary (Microsoft): This dashboard provides the components for all Microsoft benchmarks, including servers, workstation, and various other applications.  
• CIS Audit Summary (Linux Benchmarks): This dashboard provides the components for AlmaLinux, Rocky Linux, Amazon Linux, CentOS, Debian, Fedora, HP-UX, macOS, NGINX, RedHat, SUSE, and other similar operating systems.

2022 began with concerns over supply chains and Software Bills of Material (SBOM) as organizations worldwide were forced to reconsider how they respond to incidents in anticipation of the next major event. Tenable’s Security Response Team (SRT) continuously monitors the threat landscape throughout the year, always at the forefront of trending vulnerabilities and security threats. This dashboard provides a summary of Tenable data that has been compiled over the past year.

In a year marked by hacktivism, ransomware and attacks targeting critical infrastructure in a turbulent macroeconomic environment, organizations struggled to keep pace with the demands on cybersecurity teams and resources. Attacks against critical infrastructure remained a common concern. Ransomware continued to wreak havoc, even as some groups had operations shuttered by law enforcement, collapsed under the weight of internal power struggles, or splintered into new groups. New and complex vulnerabilities emerged, providing remediation challenges.

Perhaps most alarming is that the vulnerabilities of years past continue to haunt organizations. In fact, known flaws were so prominent inn 2022 that they warranted a spot on Tenable’s list of top vulnerabilities of 2022. We cannot stress this enough: Threat actors continue to find success with known and proven exploitable vulnerabilities that organizations have failed to patch or remediate successfully.

The constant evolution of the modern digital environment introduces new challenges for security practitioners. Successful security programs must take a comprehensive approach and understand where the most sensitive data and systems reside and what vulnerabilities or misconfigurations pose the greatest risk. Given the brisk rate of digital transformation, a complete understanding of the external attack surface is paramount.

With thousands of new vulnerabilities patched each year, only a small subset will ever see active exploitation. Focusing resources on the vulnerabilities that are exploitable and understanding how attackers chain vulnerabilities and misconfigurations enables security teams to design comprehensive strategies to reduce their overall risk exposure.

The Tenable 2022 Threat Landscape Report (TLR) inspects key aspects of the cybersecurity landscape and describes how organizations can revise their programs to focus on reducing risk. The TLR covers:

• Significant vulnerabilities disclosed and exploited throughout the year, including how common cloud misconfigurations can affect even large tech companies
• The continuous transformation of the ransomware ecosystem and the rise of extortion-only threat groups
• Ongoing risks, vulnerabilities and attacks within the software supply chain
• Tactics used by advanced persistent threat groups to target organizations with cyber espionage as well as financially motivated attacks.
• Breach factors and the challenges in analyzing breach data, given the limited information available and lack of detailed reporting requirements
• Details of the key vulnerabilities affecting enterprise software

Tenable Research delivers world class cyber exposure intelligence, data science insights, alerts, and security advisories. The Tenable Research teams perform diverse work that builds the foundation of vulnerability management. The Security Response Team (SRT) tracks threat and vulnerability intelligence feeds and provides rapid insight to the Vulnerability Detection team, enabling them to quickly create plugins and tools that expedite vulnerability detection. This fast turnaround enables customers to gain immediate insight into their current risk posture. Tenable Research has released over 180,000 plugins and leads the industry on CVE coverage. Additionally, the SRT provides breakdowns for the latest vulnerabilities on the Tenable Blog and produces an annual Threat Landscape Report. The SRT continuously analyzes the evolving threat landscape, authors white papers, blogs, Cyber Exposure Alerts, and additional communications to provide customers with comprehensive information to evaluate cyber risk.

Security leaders need to SEE everything, PREDICT what matters most and ACT to address cyber risk and effectively align cybersecurity initiatives with business objectives. Tenable.sc discovers and analyzes assets continuously to provide an accurate and unified view of an organization’s security posture. The requirements for this dashboard is: Nessus.

Components

TLR 2022 – Top 5 Vulnerabilities:  This component features the top five vulnerabilities of 2022 as described in Tenable's 2022 Threat Landscape Report: Log4shell, Apache Log4j - CVE-2021-44228, Follina, Microsoft Support Diagnostic Tool - CVE-2022-30190, Atlassian Confluence Server and Data Center - CVE-2022-26134, ProxyShell, Microsoft Exchange Server - CVE-2021-34473, and Known Vulnerabilities - CVE-20XX-XXXX.

2022 TLR – Mitigation Tasks:  This component provides a list of patches that mitigate the key vulnerabilities in 2022, leveraging the CVEs identified in Tenable's 2022 Threat Landscape Report (TLR). The Remediation Summary tool uses the concept of a Patch Chain, and identifies the top patch to be remediated for the greatest risk reduction. When the top patch is applied, all other patches in the chain will be remediated.

2022 TLR – 90 Day Trend Analysis of Key Vulnerabilities: This component provides a 90-day analysis of the most notable vulnerabilities in 2022, leveraging the CVEs identified in Tenable's 2022 Threat Landscape Report (TLR). There are over 180 CVEs discussed in the TLR, which, combined with the trend line, helps risk managers determine how risk has been reduced over a period of 90 days. The vulnerability last observed filter is set to 1 day to display risk changes on a daily basis.

2022 TLR CVSS to VPR Heat Map: This component provides a correlation between CVSSv3 scores and Vulnerability Priority Rating (VPR) scoring for the key vulnerabilities listed in the 2022 Threat Landscape Report (TLR). The CVSSv3 scores are the standard scoring system used to describe the characteristics and severity of software vulnerabilities. Tenable's VPR helps organizations refine the severity level of vulnerabilities in the environment by leveraging data science analysis and threat modeling based on emerging threats. Each cell is comprised of a combination of cross-mapping of CVSS, VPR scoring, and 2022 CVE identifiers. Using a heat map approach, the filters begin in the left upper corner with vulnerabilities that present least risk.  Moving to the right and lower down the matrix the colors change darker from yellow to red as the risk levels increase.  Tenable recommends that operations teams prioritize remediation for risks in the lower right corners, and then work towards the upper left cells.

2022 TLR – Zero Day Vulnerabilities by Software/Hardware Type: This component displays a list of software/hardware that had zero-day vulnerabilities described in the 2022 Threat Landscape Report (TLR). Each indicator uses CVE from the report through the entire 2022 year. Details are provided in Tenable's 2021 Threat Landscape Report (TLR).

2022 TLR Key Vulnerabilities: This component displays cells for the most significant vulnerabilities of 2022 using CVE filters from the 2022 Threat Landscape Report. These filters display the key vulnerabilities from 2022 as well as the notable legacy vulnerabilities from prior years. Details are provided in Tenable's 2022 Threat Landscape Report.

Depuis la pandémie de COVID-19 et plus récemment la crise russo-ukrainienne, la problématique de construire des systèmes alimentaires résilients et durables est devenue une urgence pour la plupart des pays d’Afrique au Sud du Sahara (ASS) dont le Sénégal. Très récemment, le Gouvernement du Sénégal à travers le Ministère de l’Agriculture de l’Équipement Rural et de la Souveraineté Alimentaire (MAERSA) a validé le Programme Alimentaire pour la Souveraineté Alimentaire Durable (PASAD 2021-2025).

Créée notamment pour promouvoir le commerce intra-régional de biens dans la région, la Communauté économique des États d'Afrique de l'Ouest devait aussi permettre d'y réduire l'insécurité alimentaire. Mais les « points de sécurité », dressés le long des corridors de commerce par les autorités administratives qui prélèvent des pots-de-vin, sont venus limiter cette ambition. S’élevant jusqu’à 576 dollars aux 100 kms au Togo en 2017, cette corruption se mesure aussi en temps perdu, avec plus de trois heures aux 100 kms.

En 2022, le monde a subi des crises multiples. Les perturbations des systèmes alimentaires dues à la longue pandémie de COVID-19, des catastrophes naturelles majeures, des troubles civils, l’instabilité politique et les impacts croissants du changement climatique ont persisté, tandis qe l’inflation et la guerre entre la Russie et l’Ukraine ont exacerbé la crise alimentaire mondiale et la crise des engrais.

Ce document présente une analyse des chaînes de valeur agroalimentaires de manioc, de riz, de lait et de poisson le long du corridor économique entre les capitales provinciales de Bukavu (Sud-Kivu) et Kalemie (Tanganyika) situées dans la partie orientale de la République démocratique du Congo (RDC). Les principales données utilisées pour cette étude proviennent d’enquêtes menées en 2021 auprès d’environ 3000 acteurs conomiques familiaux, y compris des agriculteurs, des transformateurs et des intermédiaires, actifs dans une ou plusieurs des quatre filières ciblées.

Cette note propose un résumé des politiques, stratégies et plans d’action ayant trait à la nutrition (désignés ici sous le terme de « politiques ») en Afrique de l’Ouest.

Les modèles d’équilibre général calculable (MEGC), largement admis dans la littérature et utilisés comme outils d’analyse d’impacts potentiels de politiques économiques, sont alimentés par des données provenant de la Matrice de Comptabilité Sociale (MCS). Celle-ci appartient à la grande famille des comptes nationaux, représentant l’ensemble des interrelations entre les activités, les institutions d’une économie.

L'enorme potentiel agricole de la Republique Democratiqu du Congo (RDC) est bien documente. Le pays est doté de plus de deux millions de kilomètres carrés (km²) de terres, dont 800 mille sont arables, et pourtant, la portion de terres cultivées ne s’élève qu’à 10 pour cent. La RDC bénéficie également de conditions climatiques et météorologiques favorables, permettant plusieurs récoltes de nombreuses cultures chaque année.

Le changement climatique constitue une menace croissante pour nos systèmes alimentaires, dont les implications sont graves pour la sécurité alimentaire et nutritionnelle, les moyens de subsistance et le bien-être général, en particulier pour les personnes pauvres et vulnérables du monde entier. Une action urgente contre le changement climatique est attendue à l’échelle mondiale – à la fois pour réaliser les importantes réductions d’émissions requises pour limiter le réchauffement climatique et pour accroître les capacités d’adaptation et la résilience.

L’investissement dans les agriculteurs, c’est-à-dire le capital humain de l’agriculture, est crucial pour relever les défis que posent nos systèmes agroalimentaires.

Designed for the use of senior citizens to recall the traditions associated with Christmas in America.

Humbert, a divorced British professor, travels to small-town America for a teaching position. He allows himself to be swept into a relationship with Charlotte, whom he marries in order that he might pursue her 14-year-old daughter, Lolita.

Now adults, Theodore Templeton and his estranged brother take a magical formula that transforms them into babies for 48 hours. Together, they must now go under cover to prevent an evil genius from turning fellow toddlers intro monstrous brats.

David desperately tries to keep his family together during a separation from his wife. They agree to see other people but David struggles to cope with his wife's new relationship.

Eli Roth explores the dark power and wicked fun of scary movies, the craft that went into making them and the ways that horror films reflect the anxieties of their times. The themes include Houses of Hell, Monsters, Body Horror, Witches, Chilling Children, and Classic Horror. Interviewees include Stephen King, Quentin Tarantino, Jordan Peele and more.

A documentary film that focuses on the Confederate battle flag and its impact on the people, politics, and perceptions of South Carolina and beyond. Through firsthand interviews featuring various perspectives and a wealth of historical footage, Downing of a Flag traces the symbol's controversial relationship with the Palmetto State, exploring its true meaning and how an unspeakable tragedy catalyzed its long-debated removal. The story begins with the end of the Civil War and chronicles the flag's more than 150-year journey from the blood-soaked battlefields of Virginia to its use in American popular culture in the 1970s and 1980s, to its final removal from the South Carolina State House grounds in July 2015. Preceded by the killing of nine black parishioners at Charleston's historic Mother Emanuel AME Church by a white supremacist, the Confederate Battle flag's furling and the days and actions that led to that event could represent the final shots and battles of the American Civil War.

Season four finds Bravo Team up against some of the biggest obstacles yet, both on and off the battlefield. Jason Hayes wrestles with the toll of his long career as a Special Operator and struggles to guide an evolving Bravo Team. Also, Ray Perry delves into the world of Special Activities, and Clay Spenser and Sonny Quinn face unexpected crossroads in their personal lives.

Season four finds Bravo Team up against some of the biggest obstacles yet, both on and off the battlefield. Jason Hayes wrestles with the toll of his long career as a Special Operator and struggles to guide an evolving Bravo Team. Also, Ray Perry delves into the world of Special Activities, and Clay Spenser and Sonny Quinn face unexpected crossroads in their personal lives.

Season four finds Bravo Team up against some of the biggest obstacles yet, both on and off the battlefield. Jason Hayes wrestles with the toll of his long career as a Special Operator and struggles to guide an evolving Bravo Team. Also, Ray Perry delves into the world of Special Activities, and Clay Spenser and Sonny Quinn face unexpected crossroads in their personal lives.

The seventh season finds Pride and the team fighting for justice in their beloved city as New Orleans grapples with the effects of COVID-19. Pride, seeing how the pandemic has overwhelmed the system, finds creative ways to help his neighbors with the assistance of Rita Devereaux, and is asked by the Mayor to be a part of a special task force assigned to help make actual change in their city. Also, Wade is overwhelmed by the high volume in the morgue due to COVID-19, Hannah shoulders being separated from her daughter, and Tammy and Carter investigate a suspicious death aboard a humanitarian ship offshore, where they learn that some crew members are infected with the deadly virus.

The seventh season finds Pride and the team fighting for justice in their beloved city as New Orleans grapples with the effects of COVID-19. Pride, seeing how the pandemic has overwhelmed the system, finds creative ways to help his neighbors with the assistance of Rita Devereaux, and is asked by the Mayor to be a part of a special task force assigned to help make actual change in their city. Also, Wade is overwhelmed by the high volume in the morgue due to COVID-19, Hannah shoulders being separated from her daughter, and Tammy and Carter investigate a suspicious death aboard a humanitarian ship offshore, where they learn that some crew members are infected with the deadly virus.

The seventh season finds Pride and the team fighting for justice in their beloved city as New Orleans grapples with the effects of COVID-19. Pride, seeing how the pandemic has overwhelmed the system, finds creative ways to help his neighbors with the assistance of Rita Devereaux, and is asked by the Mayor to be a part of a special task force assigned to help make actual change in their city. Also, Wade is overwhelmed by the high volume in the morgue due to COVID-19, Hannah shoulders being separated from her daughter, and Tammy and Carter investigate a suspicious death aboard a humanitarian ship offshore, where they learn that some crew members are infected with the deadly virus.

The seventh season finds Pride and the team fighting for justice in their beloved city as New Orleans grapples with the effects of COVID-19. Pride, seeing how the pandemic has overwhelmed the system, finds creative ways to help his neighbors with the assistance of Rita Devereaux, and is asked by the Mayor to be a part of a special task force assigned to help make actual change in their city. Also, Wade is overwhelmed by the high volume in the morgue due to COVID-19, Hannah shoulders being separated from her daughter, and Tammy and Carter investigate a suspicious death aboard a humanitarian ship offshore, where they learn that some crew members are infected with the deadly virus.

The twelth season finds Callen and Sam continuing to take on dangerous, vital cases with international ties while working to find balance as they each try to maintain new and blossoming relationships. Also, Hetty finds a cryptic way to lure Nell back to NCIS, and Deeks and Kensi will take the big step of looking to purchase their first home as they continue to try to have a baby, which may need to take a backseat when Deeks finds himself sidelined from his job, and a case from Kensi’s past will put her life in jeopardy.

The twelth season finds Callen and Sam continuing to take on dangerous, vital cases with international ties while working to find balance as they each try to maintain new and blossoming relationships. Also, Hetty finds a cryptic way to lure Nell back to NCIS, and Deeks and Kensi will take the big step of looking to purchase their first home as they continue to try to have a baby, which may need to take a backseat when Deeks finds himself sidelined from his job, and a case from Kensi’s past will put her life in jeopardy.

Der Welthunger-Index (WHI) 2017 ist der zwölfte in einer Reihe jährlicher Berichte, in denen die Hungersituation weltweit, nach Regionen, auf Länder- und auf nationaler Ebene mithilfe eines multidimensionalen Ansatzes dargestellt wird. Er zeigt, dass seit dem Jahr 2000 weltweit Fortschritte bei der Bekämpfung von Hunger gemacht wurden, die jedoch mit noch immer „ernsten“ oder „sehr ernsten“ Hungerwerten in 51 Ländern sowie einem „gravierenden“ Wert in einem Land ungleich verteilt sind.

Der Welthunger-Index (WHI) 2017 zeigt langfristige Fortschritte in der Reduzierung des Hungers in der Welt. Diese Fortschritte waren allerdings ungleich verteilt. Nach wie vor leiden Millionen von Menschen unter chronischem Hunger, und an vielen Orten herrschen akute Nahrungskrisen und gar Hungersnöte. Laut den WHI-Werten 2017 ist der Hunger weltweit gegenüber 2000 um 27 Prozent gesunken. In einem der 119 Länder, die im diesjährigen Bericht bewertet werden, ist die Situation als „gravierend“ einzustufen; sieben Länder entsprechen auf der WHI-Schweregradskala der Kategorie „sehr ernst“.

Der Welthunger-Index (WHI) 2016 ist der elfte in einer Reihe jährlicher Berichte, in denen die Hungersituation weltweit, nach Regionen und auf Länderebene mithilfe eines multidimensionalen Ansatzes dargestellt wird. Er zeigt, dass seit dem Jahr 2000 weltweit Fortschritte bei der Bekämpfung von Hunger gemacht wurden, dass aber angesichts noch immer „ernster“ oder „sehr ernster“ Hungerwerte in 50 Ländern nach wie vor viel zu tun bleibt. Der vorliegende Bericht stellt den Paradigmenwechsel in der internationalen Zusammenarbeit durch die Agenda 2030 für nachhaltige Entwicklung vor.

Die Entwicklungsländer konnten seit dem Jahr 2000 beträchtliche Erfolge bei der Reduzierung des Hungers erzielen. Der Welthunger-Index (WHI) 2016 zeigt, dass der Hungerwert in den Entwicklungsländern insgesamt um 29 Prozent gesunken ist. Die Fortschritte sind jedoch nicht überall gleich groß; zwischen Regionen, Ländern und innerhalb von Ländern gibt es erhebliche Unterschiede.

Der Welthunger-Index (WHI) 2015 ist der zehnte in einer Reihe jährlicher Berichte, in denen die Hungersituation weltweit, nach Regionen und auf Länderebene mithilfe eines multidimensionalen Ansatzs dargestellt wird. Er zeigt, dass weltweit seit dem Jahr 2000 Fortschritte bei der Bekämpfung von Hunger erzielt wurden, dass aber angesichts noch immer „ernster“ oder „sehr ernster“ Hungerwerte in 52 Ländern nach wie vor viel zu tun bleibt. Das Thema des vorliegenden Berichts lautet „Hunger und bewaffnete Konflikte“. Konflikt und Hunger stehen in enger Beziehung.

Die Entwicklungsländer haben seit dem Jahr 2000 Fortschritte bei der Hungerreduzierung gemacht. Der Welthunger-Index 2015 (WHI) zeigt, dass die Hungerwerte dort insgesamt um 27 Prozent gesunken sind. Dennoch bleibt die Hungersituation weltweit „ernst“. In diesem Jahr hat IFPRI zum zehnten Mal den weltweiten Hunger mithilfe dieses multidimensionalen Instruments erfasst.

At the turn of the 20th century, Jewish families scattered by migration could stay in touch only through letters. Jews in the Russian Empire and America wrote business letters, romantic letters, and emotionally intense family letters. But for many Jews who were unaccustomed to communicating their public and private thoughts in writing, correspondence was a challenge. How could they make sure their spelling was correct and they were organizing their thoughts properly? A popular solution was to consult brivnshtelers, Yiddish-language books of model letters. Dear Mendl, Dear Reyzl translates selections from these model-letter books and includes essays and annotations that illuminate their role as guides to a past culture.