Secunia Security Advisory - SUSE has issued an update for opera. This fixes multiple vulnerabilities, where one has an unknown impact and others can be exploited by malicious people to compromise a user's system.

Secunia Security Advisory - SUSE has issued an update for opera. This fixes a vulnerability with an unknown impact.

Secunia Security Advisory - SUSE has issued an update for flash-player. This fixes two vulnerabilities, which can be exploited by malicious people to compromise a user's system.

Secunia Security Advisory - SUSE has issued an update for wireshark. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.

Secunia Security Advisory - SUSE has issued an update for libvirt. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise a vulnerable system.

Secunia Security Advisory - SUSE has issued an update for samba. This fixes a vulnerability, which can be exploited by malicious people to conduct clickjacking attacks.

Secunia Security Advisory - SUSE has issued an update for libvirt. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.

Secunia Security Advisory - SUSE has issued an update for ruby on rails. This fixes multiple vulnerabilities, which can be exploited by malicious people to conduct SQL injection attacks and to compromise a vulnerable system.

This Metasploit module exploits a code execution flaw in Novell ZENworks Configuration Management 10 SP3 and 11 SP2. The vulnerability exists in the ZEnworks Control Center application, allowing an unauthenticated attacker to upload a malicious file outside of the TEMP directory and then make a second request that allows for arbitrary code execution. This Metasploit module has been tested successfully on Novell ZENworks Configuration Management 10 SP3 and 11 SP2 on Windows 2003 SP2 and SUSE Linux Enterprise Server 10 SP3.

Mandriva Linux Security Advisory 2015-046 - Stephen Roettger of the Google Security Team, Sebastian Krahmer of the SUSE Security Team and Harlan Stenn of Network Time Foundation discovered that the length value in extension fields is not properly validated in several code paths in ntp_crypto.c, which could lead to information leakage or denial of service. Stephen Roettger of the Google Security Team reported that ACLs based on IPv6 ::1 addresses can be bypassed.

Mandriva Linux Security Advisory 2015-140 - If no authentication key is defined in the ntp.conf file, a cryptographically-weak default key is generated. ntp-keygen before 4.2.7p230 uses a non-cryptographic random number generator with a weak seed to generate symmetric keys. A remote unauthenticated attacker may craft special packets that trigger buffer overflows in the ntpd functions crypto_recv() (when using autokey authentication), ctl_putdata(), and configure(). The resulting buffer overflows may be exploited to allow arbitrary malicious code to be executed with the privilege of the ntpd process. A section of code in ntpd handling a rare error is missing a return statement, therefore processing did not stop when the error was encountered. This situation may be exploitable by an attacker. Stephen Roettger of the Google Security Team, Sebastian Krahmer of the SUSE Security Team and Harlan Stenn of Network Time Foundation discovered that the length value in extension fields is not properly validated in several code paths in ntp_crypto.c, which could lead to information leakage or denial of service. Stephen Roettger of the Google Security Team reported that ACLs based on IPv6 ::1 addresses can be bypassed. The ntp package has been patched to fix these issues.

SUSE/Portus version 2.2 suffers from a persistent cross site scripting vulnerability.

Debian Security Advisory DSA 830-1 - Drew Parsons noticed that the post-installation script of ntlmaps, an NTLM authorization proxy server, changes the permissions of the configuration file to be world-readable. It contains the user name and password of the Windows NT system that ntlmaps connects to and, hence, leaks them to local users.

Cisco Security Advisory - Multiple vulnerabilities exist in the Cisco ASA 5500 Series Adaptive Security Appliances and Cisco PIX Security Appliances. These include Windows NT domain authentication bypass, IPv6 denial of service, and a Crypto Accelerator memory leak.

South African Energy Minister Tina Joemat-Pettersson said her department wants to address weaknesses in the process of commissioning renewable-power projects.

Clean energy stocks and the market in general rebounded strongly in August. My broad market benchmark of small cap stocks, IWM, rose 4.5 percent, returning to positive territory up 1.7 percent for the year. My clean energy benchmark PBW also jumped back into the black with an 11.1 percent gain for the month and 10.8 percent for the year to date.

It was good news for renewable energy when President Barack Obama in June proposed carbon dioxide restrictions on existing power plants. It is even better news now that he may use the plan to leverage an international climate accord.

Yield-cos have been grabbing headlines lately. Typically, large utilities spin off their high-yield alternative energy operations into separate smaller companies called yield-cos. These new companies are then taken public to attract individual and institutional investors.

The threat of climate change is driving China and the U.S. — frequent rivals and the world’s two largest greenhouse-gas emitters — to collaborate on dozens of potential clean-energy breakthroughs.

California and Quebec, which together created the largest carbon market in North America this year, may come away empty-handed as they woo northeastern U.S. states to join their system.

Scotland’s decision to vote no to independence from the United Kingdom of Great Britain and Northern Ireland has elicited a collective sigh of relief from energy sector players. Those companies with significant investments in Scottish renewable energy assets had understandably been anxious over the uncertainty that an independent Scotland would engender, for example potentially changing the rules on support measures for renewable energy investment north of the border.

Worries including the conflict with ISIL, Ebola, and economic slow-down in Europe, sent the stock market down in the month to October 3rd, with small cap stocks and clean energy stocks falling even farther than the large cap S&P 500.

The renewable energy market is fast-paced and growing with each passing day. It’s hard to keep up with every industry announcement and insight, so we decided to highlight interesting developments that took place during the past few weeks, and some valuable insights that are worth revisiting.

German electricity consumers will for the first time see a drop in the fee added to their bills to fund renewables, a boost for Chancellor Angela Merkel, who has pledged to curb the cost for voters.

The U.K. Green Investment Bank is set to tie up the first investments in a $1.6 billion fund by the end of March, part of Britain’s push to cement its dominance in offshore wind power.

Last month, NRDC engaged a nationally recognized opinion research firm to conduct polling in New York State to evaluate public attitudes about fracking and clean energy. Importantly, this is the first statewide poll in at least two years — and perhaps ever — to directly ask residents their views of the now six-year-old de facto moratorium on fracking.

October was a spooky month for clean energy stocks. My benchmark Powershares Wilderhill Clean Energy Index (PBW) cringed down 2.9 percent like the young Supergirl who jumped when a mechanical ghost startled her at my door Haloween night.

Every time the U.S. holds midyear elections, the country almost always goes against the incumbent President’s party, which is always sobering to whomever holds The White House. And this week’s elections were no exception.

The world’s decision-makers must not let current events distract them from recognizing and addressing the longer-term signs of stress that are emerging in the global energy system, the International Energy Agency (IEA) warned today at the launch of its annual World Energy Outlook 2014 report in London.

President Barack Obama will pledge $3 billion to a United Nations climate-change fund that’s intended to help poor nations boost renewable energy and counter the ill effects of global warming.

According to the latest "Energy Infrastructure Update" report from the Federal Energy Regulatory Commission's (FERC) Office of Energy Projects, wind power provided over two-thirds (68.41 percent) of new U.S. electrical generating capacity in October 2014. Specifically, five wind farms in Colorado, Kansas, Michigan, Nebraska, and Texas came on line last month, accounting for 574 MW of new capacity.

Technology and equipment giant Siemens AG has decided to sell its tidal energy company, Marine Current Turbines Ltd., citing slow development in the marine and hydrokinetics sector.