Joomla Fabrik component version 3.9.11 suffers from a directory traversal vulnerability.

Online Job Portal version 1.0 suffers from a cross site request forgery vulnerability.

Joomla GMapFP component version 3.30 suffers from an arbitrary file upload vulnerability.

Jolla Phone with Sailfish OS versions 1.1.1.27 and below suffer from a telephone URI spoofing vulnerability.

Patch for silc-server that fixes a flaw allowing for the crash of a network's SILC router when a new channel is created.

This archive contains proof of concepts and a whitepaper that describes multiple email client implementations where popular clients for email are vulnerable to signature spoofing attacks.

iJoomla AdAgency component version 6.0.9 suffers from a remote SQL injection vulnerability.

TP-LINK Cloud Cameras including products NC200, NC210, NC220, NC230, NC250, NC260, and NC450 suffer from a command injection vulnerability. The issue is located in the swSystemSetProductAliasCheck method of the ipcamera binary (Called when setting a new alias for the device via /setsysname.fcgi), where despite a check on the name length, no other checks are in place in order to prevent shell metacharacters from being introduced. The system name would then be used in swBonjourStartHTTP as part of a shell command where arbitrary commands could be injected and executed as root.

Here's a simple way to keep your data safe from potential bad actors in one easy step. Are you ready? Here it is: Log out and lock your computer whenever you're not in front of it.

That's right, it's so simple it can almost be seen as an analog approach to cybersecurity. But make no mistake, all those in-depth disk encryption efforts can be rendered pointless. If you step away from your computer while it's on and unlocked, anyone passing by can access it.

Working Remotely Promotes Data Vulnerability

What's perhaps most insidious about someone gaining physical access to your computer is the fact that the attacker doesn't need any advanced technical know-how to steal sensitive information. A momentary lapse in vigilance at work or a coffee shop can result in a data breach of epic proportions.

Let's say you're working remotely at your favorite café down the street from your apartment and you get up to put in an order for a late breakfast, forgetting to lock your laptop. During that brief moment, a low-key cybervillian could easily stick a USB drive into your computer and copy any sensitive files about you — or your organization — and leave undetected.

Furthermore, if you were logged in to Gmail, your medical records, or your bank account, that malefactor could wreak havoc on your personal and professional life in a matter of minutes.

Tips for Protecting Yourself

The good news about all of this is that warding off these types of would-be data plunderers is really, really easy — it's simply a matter of using your operating system's screen locking functionality. If you don't want to do this, then at the very least you should log out of any sensitive online accounts whenever you step away from your machine.

For each of the following options, be sure you are aware of the password connected to your user login before locking yourself (or anyone else) out.

Screen Locking in Microsoft Windows

• Press Ctrl+Alt+Delete and select Lock this computer
• Press Windows+L

Either of these will lock your computer and require a password to log back in. You can choose Control Panel > Personalization > Screen Saver Settings and set up a screen saver that provides a login screen to get back in once it's been initiated.

Screen Locking in macOS

• On an external keyboard or older laptops, press Ctrl+Shift+Eject
• On a MacBook Air or Pro Retina, press Ctrl+Shift+Power

You can also go to System Preferences > Security & Privacy > General and select Require password immediately after sleep or screen saver begins (provided you have already set up a screen saver by clicking System Preferences > Desktop & Screen Saver).

Additional Cybersecurity Resources

• Find out how to recognize suspicious emails and protect yourself against malware through better password security
• Check out our recent post on the future of security threats

Get more security tips from the National Cyber Security Alliance. National Cyber Security Awareness Month — observed every October — was created as a collaborative effort between government and industry to ensure that all Americans have the resources they need to stay safer and more secure online. Find out how you can get involved.

Image: National Cyber Security Alliance

spanhidden

London is crowned best major city in Europe in fDi's FDI Strategy category, with Glasgow, Vilnius, Reykjavik and Galway also winning out.

The documentary "American Factory" tells us communities need to go beyond the job creation narrative when it comes to attracting foreign investment. 

Steve Armitage, general manager of destination at Auckland Tourism, Events and Economic Development explains why the New Zealand city’s international profile is growing so fast.

Bolivian President Evo Morales has inaugurated the 69-MW San Jose II Hydroelectric Power Plant in the municipality of Colomi, department of Cochabamba.

While the industry is welcoming more women leaders, its rank-and-file workforce is still a lot like those at fossil-fuel companies: white and dominated by men. The lack of gender diversity is being driven by manufacturing jobs, and that means women are now missing out on the biggest jobs boom America has to offer.

This week, San José’s Community Choice Aggregator (CCA) which is called San José Clean Energy (SJCE) and EDP Renewables SA (EDPR), through its fully owned subsidiary EDP Renewables North America LLC (EDPR NA), signed a 20-year power purchase agreement (PPA) for 100 MW of new solar energy capacity and 10 MW of battery storage at the Sonrisa Solar Park in Fresno County, California. The project is anticipated to be operational in 2022.

The Trump administration cast the fate of the nation’s first major offshore wind farm into doubt by extending an environmental review for the $2.8 billion Vineyard Wind project off Massachusetts.

This week Aman, Jordan-based Philadelphia Solar announced that the 8.2-MW solar PV project that it installed at the Abdali Medical Center in Jordan has entered commercial operation.

As renewable energy proliferates, major players like Hitachi, ABB and GE are seeing value in combining grid and generation business units.

Pennsylvania is promoting a new roadmap to electrify transportation by designing policies and setting targets to get more electric vehicles on the roads.

Last week, the Energy Web Foundation (EWF) announced it had officially signed more than 100 affiliates in an effort to become the world’s largest blockchain ecosystem.

Clean industry leaders celebrated the passage of the Clean Energy Jobs Act (CEJA) by state lawmakers yesterday. The bill now goes to the governor’s desk for signature.

This week, Enel S.p.A. announced the opening of its newest Innovation Hub in Boston at Greentown Labs, the largest cleantech startup incubator in the United States. The Hub will provide Enel, one of the world’s leading power companies, access to Greentown Labs’ startup community and innovation expertise.

Oil companies, automakers and consumer products manufacturers will unleash a campaign for a U.S. tax on carbon dioxide emissions even though it may lead to higher prices for their products.

While the industry is welcoming more women leaders, its rank-and-file workforce is still a lot like those at fossil-fuel companies: white and dominated by men. The lack of gender diversity is being driven by manufacturing jobs, and that means women are now missing out on the biggest jobs boom America has to offer.

A recent report by the Energy Futures Initiative (EFI), established by former Energy Secretary Ernest Moniz, and the National Association of State Energy Officials confirms that the energy sector as a whole grew 2 percent last year, which is .3 percent more than the national job growth percentage of 1.7 percent.