1 Testing to the edge: join us at our virtual UCAAT 2021 By www.etsi.org Published On :: Mon, 16 Aug 2021 10:01:26 GMT Testing to the edge: join us at our virtual UCAAT 2021 Sophia Antipolis, 16 August 2021 The automation of test processes is proven to increase productivity and product quality. The global pandemic has increased the demands on various IT systems and services in terms of interoperability, scalability and adaptability, making test automation even more critical for the delivery of agile solutions in uncertain times. To tackle these challenges, ETSI is organizing the 8th User Conference on Advanced Automated Testing (UCAAT) as a virtual conference on 19-21 October. Read More... Full Article
1 Draft of ETSI Coordinated vulnerability disclosure guide available for public comments By www.etsi.org Published On :: Tue, 24 Aug 2021 09:07:17 GMT Draft of ETSI Coordinated vulnerability disclosure guide available for public comments Sophia Antipolis, 24 August 2021 ETSI will soon release a Guide to Coordinated Vulnerability Disclosure. Before publication, it made the draft publicly available for comments. Please send your feedback by 15 September to the technical committee CYBER at cybersupport@etsi.org Read More... Full Article
1 Congratulations to Optare solutions, winner of the 2021 ETSI MEC Hackathon By www.etsi.org Published On :: Thu, 28 Apr 2022 09:41:55 GMT Congratulations to Optare solutions, winner of the 2021 ETSI MEC Hackathon Sophia Antipolis, 10 November 2021 Following the ETSI MEC Hackathon that took place during the Edge Computing World from 12 to 15 October, you can now discover the winner, the A Team, from Optare solutions, on the event website. The A Team presented the “flex drone concept”, edge AI autonomous drone flights, compliant with ETSI MEC standards. Read More... Full Article
1 ETSI NFV and MEC IOP Plugtests Report 2021 published By www.etsi.org Published On :: Thu, 28 Apr 2022 13:55:08 GMT ETSI NFV and MEC IOP Plugtests Report 2021 published Sophia Antipolis, 26 November 2021 In the context of the NFV Plugtests Programme and in order to accelerate NFV and MEC adoption and interoperability, ETSI organized the NFV&MEC IOP Plugtests 2021 event from 1 to 15 October 2021. The Report of this multi-vendor interoperability (IOP) event, held remotely, is now publicly available for download. NFV and MEC overall interoperability reached a 95% to 100% success rate. Read More... Full Article
1 ETSI Top 10 Webinars in 2021 - Starring: DECT2020, Ultra-Wide Band radio technology, IPv6, MEC By www.etsi.org Published On :: Wed, 08 Dec 2021 08:31:05 GMT ETSI Top 10 Webinars in 2021 - Starring: DECT2020, Ultra-Wide Band radio technology, IPv6, MEC. Sophia Antipolis, 8 December 2021 As 2021 comes to an end, we have selected for you our most popular webinars of the year. If you missed them, listen to the recorded presentations and their Q&A sessions, deep dive into the non-cellular 5G radio DECT2020-NR, IPv6, Multi-access Edge Computing, Open Source MANO and much more. Read More... Full Article
1 ETSI simplifies ICT end-users’ lives with a guide available in 19 European languages By www.etsi.org Published On :: Thu, 21 Jul 2022 08:21:40 GMT ETSI simplifies ICT end-users’ lives with a guide available in 19 European languages Sophia Antipolis, 21 July 2022 ETSI is pleased to announce the new version of the ETSI Guide EG 203 499, developed by experts from the Human Factors Technical Committee. The guide aims to further simplify end-user access to ICT devices, services and applications by providing recommended terms for basic and commonly used ICT-related objects and activities, notably the terms that end users are commonly exposed to. Read More... Full Article
1 ETSI TeraFlowSDN Winner of the Layer123 Network Transformation ‘Upstart of the Year’ Award By www.etsi.org Published On :: Wed, 07 Dec 2022 13:52:47 GMT ETSI TeraFlowSDN Wins Layer123 Network Transformation ‘Upstart of the Year’ Award Sophia Antipolis, 7 December 2022 The ETSI TeraFlowSDN group (ETSI TFS), launched only six months ago, has won the ‘Upstart of the Year’ award at the Layer123 Network Transformation Awards ceremony, held at the prestigious Berkley Hotel in Knightsbridge, London, last night. This award also recognizes the ETSI strategy to provide new software development tools and practices to an evolving standardization ecosystem. Read More... Full Article
1 ETSI Top 10 Webinars in 2022 Starring: Cybersecurity, AI, IPv6, MEC, Open Source MANO and more By www.etsi.org Published On :: Thu, 12 Jan 2023 08:37:37 GMT Sophia Antipolis, 20 December 2022 As 2022 comes to an end, we have selected for you our most popular webinars of the year. If you missed them, listen to the recorded presentations and their Q&A sessions, deep dive into the Cyber resilience Act and AI Act, IPv6, Multi-access Edge Computing, Open Source MANO and much more. Read More... Full Article
1 ETSI Quantum-Safe Cryptography event: a success 10 years later! By www.etsi.org Published On :: Thu, 16 Feb 2023 09:56:38 GMT Sophia Antipolis, 16 February 2023 The 9th face-to-face ETSI-IQC Quantum-Safe Cryptography event this week attracted a large audience of nearly 200 people from Europe, North America and Asia, bringing together industry, academia and government. The event was kicked off by ETSI Director-General Luis Jorge Romero, who gave an overview of the quantum-safe standardization journey since the first workshop in 2013 and reiterated ETSI’s continued support for this important global effort. Read More... Full Article
1 10 years of ETSI NFV - its Network Operators Council's perspective on the past, present and future By www.etsi.org Published On :: Wed, 08 Mar 2023 11:48:52 GMT Sophia Antipolis, 24 February 2023 In the light of ten years from the NFV introductory whitepaper, is the new whitepaper the ETSI ISG NFV Network Operator Council (NOC), an advisory group of ISG NFV, launched this week, 10 years after the introductory whitepaper. Read More... Full Article
1 ETSI NG112 Emergency Communications remote Plugtests Report now available By www.etsi.org Published On :: Fri, 10 Mar 2023 14:42:38 GMT Sophia Antipolis, 10 March 2023 ETSI has just published the Report of the fifth NG112 remote Plugtests™ event, documenting an overall success rate of 100% of the executed tests carried out during the testing sessions. The interoperability event was organized in cooperation with the European Emergency Number Association (EENA), from 23 January to 3 February 2023 with the support of the ETSI Technical Committee Emergency telecommunications. Read More... Full Article
1 ETSI’s conference for NFV 10th anniversary looks to the future By www.etsi.org Published On :: Thu, 23 Mar 2023 09:20:28 GMT Sophia Antipolis, 14 March 2023 To celebrate the 10th anniversary of ETSI NFV, ETSI organized a conference on the “Evolution of NFV towards the next decade” on 6 and 7 March at its facilities. The face-to-face event provided a unique opportunity for the NFV community to reflect on their achievements in the past 10 years and on the way forward. Carriers, vendors, SDOs representatives, and stakeholders from the whole ecosystem came together to debate on challenges and opportunities. They also addressed how to increase the cooperation between various SDOs and the open-source communities to enhance interoperability and to smooth the deployment of cloudified network telecom functions. Read More... Full Article
1 ETSI unveils 2023 Fellows at its 81th General Assembly By www.etsi.org Published On :: Fri, 31 Mar 2023 13:28:27 GMT Sophia Antipolis, 31 March 2023 ETSI is pleased to unveil its 2023 ETSI Fellows who were announced at the 81th ETSI General Assembly on 29 March. The award ceremony took place in the Fernand Leger museum, in Biot, near ETSI facilities in the South of France where art, science and technology mixed beautifully. Scott Cadzow, Hans Johansson and Robert Sarfati were unanimously nominated as ETSI Fellows for their outstanding personal contributions to the organization by the Award committee, composed of the GA Chair and Vice-Chairs, the Board Chair and the ETSI Director-General. Read More... Full Article
1 Preparing for a secure future: industry and business share plans for quantum era at 10th ETSI/IQC Quantum-Safe Cryptography Conference By www.etsi.org Published On :: Mon, 08 Jul 2024 08:56:55 GMT Sophia Antipolis, 24 May 2024 Speakers at the 10th ETSI/IQC Quantum Safe Cryptography Conference have called on organizations to prepare their cybersecurity infrastructures to address the challenges of a post-quantum world. Organized by ETSI and the Institute for Quantum Computing, this year’s conference was hosted from 14-16 May by the Centre for Quantum Technologies (CQT), National University of Singapore (NUS), in partnership with the Infocomm Media Development Authority (IMDA) and the Cyber Security Agency (CSA) of Singapore. The event attracted an impressive 235 onsite delegates from 27 countries, reflecting fast-growing interest worldwide in the critical importance of quantum-safe cryptography in today’s cybersecurity strategies. Read More... Full Article
1 ETSI Announces 1st Release of SDG OpenCAPIF Delivering a Robust, Secure, and Efficient 3GPP API Management Platform By www.etsi.org Published On :: Fri, 12 Jul 2024 08:12:20 GMT Sophia Antipolis, 9 July 2024 ETSI is excited to announce OpenCAPIF Release 1 is now available in the ETSI Labs. OpenCAPIF develops a Common API Framework as defined by 3GPP and this new version introduces several improvements and new features to deliver a more robust, secure, and efficient API Management Platform. These advancements are developed in tight collaboration and incorporating feedback from a growing Research Ecosystem including SNS projects such as 6G-SANDBOX, FIDAL, IMAGINEB5G, SAFE6G, ORIGAMI, ENVELOPE and SUNRISE6G. Read More... Full Article
1 ETSI NFV Release 5 (Version 5.1.1) is now available! By www.etsi.org Published On :: Thu, 05 Sep 2024 14:09:20 GMT Sophia Antipolis, 5 September 2024 The ETSI Industry Specification Group for Network Functions Virtualization (ISG NFV) has just published its specifications of Release 5 first drop as version 5.1.1. Read More... Full Article
1 ETSI completes F5G Advanced Release 3 enabling 10Gbits to everybody By www.etsi.org Published On :: Tue, 08 Oct 2024 10:38:31 GMT Sophia Antipolis, 8 October 2024 ETSI announces the completion of its Release 3 specifications on Fifth Generation Advanced Fixed Network (F5G-A). Building on the achievements of the Release 1 and Release 2, the ETSI ISG F5G has specified a series of new features and capabilities, further elevating fixed fiber networks to a new level: Specification of F5G AdvancedETSI ISG F5G unveiled the "F5G Advanced Generation Definition", which not only further enhances existing three foundational features of F5G-Enhanced Fixed Broadband (eFBB), Full Fiber Connectivity (FFC), and Guaranteed Reliable Experience (GRE), but also introduces three new key features: Real-time Resilient Link (RRL), Optical Sensing and Visualization (OSV), and Green Agile Optical network (GAO). Read More... Full Article
1 Somewhere in the Nadir of African American History, 1890-1920 By nationalhumanitiescenter.org Published On :: Fri, 12 Feb 2010 11:10:22 -0400 New essay by Glenda Gilmore just added to Freedom's Story: Teaching African American Literature and History, TeacherServe from the National Humanities Center. Full Article
1 The Civil Rights Movement: 1968-2008 By nationalhumanitiescenter.org Published On :: Mon, 28 Jun 2010 11:02:43 -0400 New essay by Nancy MacLean, "The Civil Rights Movement: 1968-2008," added to Freedom's Story: Teaching African American Literature and History, TeacherServe from the National Humanities Center. Full Article
1 Summary of Comments to CSA/CIRO Staff Notice 23-331 Request for Feedback on December 2022 SEC Market Structure Proposals and Potential Impact on Canadian Capital Markets By www.osc.ca Published On :: Fri, 20 Sep 2024 12:37:28 GMT This document is only available in PDF format. Full Article
1 Notice of Coming into Force of National Instrument 93-101 Derivatives: Business Conduct By www.osc.ca Published On :: Thu, 26 Sep 2024 13:51:06 GMT National Instrument 93-101 Derivatives: Business Conduct (the Rule) will come into force on September 28, 2024 (the Effective Date), pursuant to section 143.4 of the Securities Act (Ontario). Full Article
1 Multilateral Instrument 93-101 Derivatives: Business Conduct By www.osc.ca Published On :: Thu, 26 Sep 2024 14:03:22 GMT This document is only available as a PDF. Full Article
1 Companion Policy 93-101 Derivatives: Business Conduct By www.osc.ca Published On :: Thu, 26 Sep 2024 14:11:27 GMT This document is only available as a PDF. Full Article
1 Notice of Ministerial Approval of Amendments to OSC Rule 91-507 Trade Repositories and Derivatives Data Reporting and Consequential Amendments to OSC Rule 13-502 Fees By www.osc.ca Published On :: Thu, 10 Oct 2024 14:22:57 GMT The Minister of Finance has approved amendments to Ontario Securities Commission (OSC) Rule 91-507 Trade Repositories and Derivatives Data Reporting and consequential amendments to OSC Rule 13-502 Fees (collectively, the Amendments) pursuant to Full Article
1 Amendments to OSC Rule 91-507 Trade Repositories and Derivatives Data Reporting By www.osc.ca Published On :: Thu, 10 Oct 2024 14:35:58 GMT 1. Ontario Securities Commission Rule 91-507 Trade Repositories and Derivatives Data Reporting is amended by this Instrument. Full Article
1 OSC Staff Notice 11-737 (Revised) – Securities Advisory Committee – Vacancies By www.osc.ca Published On :: Thu, 17 Oct 2024 13:10:29 GMT The Securities Advisory Committee (“SAC”) is a committee of industry experts established by the Commission to advise it and its staff on a variety of matters including policy initiatives and capital markets trends. Full Article
1 Detailed Data on Balance of Issuers in ninth Staff Review of Disclosure regarding Women on Boards and in Executive Officer Positions By www.osc.ca Published On :: Tue, 29 Oct 2024 15:24:59 GMT Full Article
1 CSA Multilateral Staff Notice 58-317 - Review of Disclosure Regarding Women on Boards and in Executive Officer Positions - Year 10 Report By www.osc.ca Published On :: Tue, 29 Oct 2024 15:41:58 GMT This document is only available in PDF format. Full Article
1 Detailed Data on CSA Multilateral Staff Notice 58-317 Report on tenth Staff Review of Disclosure regarding Women on Boards and in Executive Officer Positions By www.osc.ca Published On :: Tue, 29 Oct 2024 15:53:42 GMT Full Article
1 OSC Staff Notice 81-736 - Summary Report for Investment Fund and Structured Product Issuers By www.osc.ca Published On :: Tue, 05 Nov 2024 15:32:52 GMT This document is only available in PDF format. Full Article
1 CSA Staff Notice 51-365 Continuous Disclosure Review Program Activities for the Fiscal Years Ended March 31, 2024 and March 31, 2023 By www.osc.ca Published On :: Thu, 07 Nov 2024 13:52:57 GMT This document is only available in PDF format. Full Article
1 SpotOn London 2012 Storify: eBooks and apps By www.nature.com Published On :: Tue, 20 Nov 2012 10:53:56 +0000 Here is a Storify round up of the SpotOn London session: Enhanced eBooks & BookApps: The Full Article Featured SpotOn London (#SoLo) Storifys Tools #solo12ebook
1 SpotOn London 2012 Storify: Collaborating and building your online presence: educating scientists and science students By www.nature.com Published On :: Wed, 21 Nov 2012 10:24:27 +0000 Jenny Evans has created a Storify summary of her SpotOn London session: Collaborating and building your online Full Article Featured SpotOn London (#SoLo) Storifys Tools #solo12edu
1 SpotOn London 2012 Storify: BrainSpace, a global interest graph for scientists By www.nature.com Published On :: Tue, 18 Dec 2012 13:20:35 +0000 Here is a Storify summary of the SpotOn London session: BrainSpace, a global interest graph for Full Article Featured SpotOn London (#SoLo) Storifys Tools #solo12PD
1 SpotOn London 2013 – draft programme: Tools track By www.nature.com Published On :: Wed, 02 Oct 2013 16:02:22 +0000 This year, Digital Science are sponsoring the Tools track and we’re grateful to them for Full Article Featured Information SpotOn London (#SoLo) Tools #solo13 programme tools
1 SpotOn London 2013: What should the scientific record look like in the digital age? By www.nature.com Published On :: Thu, 07 Nov 2013 10:34:33 +0000 Julia Schölermann is the organiser for this year’s SpotOn London session on, What should the scientific Full Article Featured SpotOn London (#SoLo) Tools
1 SpotOn London 2013: How are online tools changing science education? By www.nature.com Published On :: Thu, 07 Nov 2013 14:08:14 +0000 The place we’re in as a society is a crowded field of scattered tools and Full Article Featured Guest Posts SpotOn London (#SoLo) Tools
1 Microsoft’s November 2024 Patch Tuesday Addresses 87 CVEs (CVE-2024-43451, CVE-2024-49039) By www.tenable.com Published On :: Tue, 12 Nov 2024 14:02:10 -0500 4Critical82Important1Moderate0LowMicrosoft addresses 87 CVEs and one advisory (ADV240001) in its November 2024 Patch Tuesday release, with four critical vulnerabilities and four zero-day vulnerabilities, including two that were exploited in the wild.Microsoft patched 87 CVEs in its November 2024 Patch Tuesday release, with four rated critical, 82 rated important and one rated moderate.This month’s update includes patches for:.NET and Visual StudioAirlift.microsoft.comAzure CycleCloudAzure Database for PostgreSQLLightGBMMicrosoft Exchange ServerMicrosoft Graphics ComponentMicrosoft Office ExcelMicrosoft Office WordMicrosoft PC ManagerMicrosoft Virtual Hard DriveMicrosoft Windows DNSRole: Windows Hyper-VSQL ServerTorchGeoVisual StudioVisual Studio CodeWindows Active Directory Certificate ServicesWindows CSC ServiceWindows DWM Core LibraryWindows Defender Application Control (WDAC)Windows KerberosWindows KernelWindows NT OS KernelWindows NTLMWindows Package Library ManagerWindows RegistryWindows SMBWindows SMBv3 Client/ServerWindows Secure Kernel ModeWindows Task SchedulerWindows Telephony ServiceWindows USB Video DriverWindows Update StackWindows VMSwitchWindows Win32 Kernel SubsystemRemote code execution (RCE) vulnerabilities accounted for 58.6% of the vulnerabilities patched this month, followed by elevation of privilege (EoP) vulnerabilities at 29.9%.ImportantCVE-2024-43451 | NTLM Hash Disclosure Spoofing VulnerabilityCVE-2024-43451 is a NTLM hash spoofing vulnerability in Microsoft Windows. It was assigned a CVSSv3 score of 6.5 and is rated as important. An attacker could exploit this flaw by convincing a user to open a specially crafted file. Successful exploitation would lead to the unauthorized disclosure of a user’s NTLMv2 hash, which an attacker could then use to authenticate to the system as the user. According to Microsoft, CVE-2024-43451 was exploited in the wild as a zero-day. No further details about this vulnerability were available at the time this blog post was published.This is the second NTLM spoofing vulnerability disclosed in 2024. Microsoft patched CVE-2024-30081 in its July Patch Tuesday release.ImportantCVE-2024-49039 | Windows Task Scheduler Elevation of Privilege VulnerabilityCVE-2024-49039 is an EoP vulnerability in the Microsoft Windows Task Scheduler. It was assigned a CVSSv3 score of 8.8 and is rated as important. An attacker with local access to a vulnerable system could exploit this vulnerability by running a specially crafted application. Successful exploitation would allow an attacker to access resources that would otherwise be unavailable to them as well as execute code, such as remote procedure call (RPC) functions.According to Microsoft, CVE-2024-49039 was exploited in the wild as a zero-day. It was disclosed to Microsoft by an anonymous researcher along with Vlad Stolyarov and Bahare Sabouri of Google's Threat Analysis Group. At the time this blog post was published, no further details about in-the-wild exploitation were available.ImportantCVE-2024-49019 | Active Directory Certificate Services Elevation of Privilege VulnerabilityCVE-2024-49019 is an EoP vulnerability affecting Active Directory Certificate Services. It was assigned a CVSSv3 score of 7.8 and is rated as important. It was publicly disclosed prior to a patch being made available. According to Microsoft, successful exploitation would allow an attacker to gain administrator privileges. The advisory notes that “certificates created using a version 1 certificate template with Source of subject name set to ‘Supplied in the request’” are potentially impacted if the template has not been secured according to best practices. This vulnerability is assessed as “Exploitation More Likely” according to Microsoft’s Exploitability Index. Microsoft’s advisory also includes several mitigation steps for securing certificate templates which we highly recommend reviewing.ImportantCVE-2024-49040 | Microsoft Exchange Server Spoofing VulnerabilityCVE-2024-49040 is a spoofing vulnerability affecting Microsoft Exchange Server 2016 and 2019. It was assigned a CVSSv3 score of 7.5 and rated as important. According to Microsoft, this vulnerability was publicly disclosed prior to a patch being made available. After applying the update, administrators should review the support article Exchange Server non-RFC compliant P2 FROM header detection. The supplemental guide notes that as part of a “secure by default” approach, the Exchange Server update for November will flag suspicious emails which may contain “malicious patterns in the P2 FROM header.” While this feature can be disabled, Microsoft strongly recommends leaving it enabled to provide further protection from phishing attempts and malicious emails.CriticalCVE-2024-43639 | Windows Kerberos Remote Code Execution VulnerabilityCVE-2024-43639 is a critical RCE vulnerability affecting Windows Kerberos, an authentication protocol designed to verify user or host identities. It was assigned a CVSSv3 score of 9.8 and is rated as “Exploitation Less Likely.”To exploit this vulnerability, an unauthenticated attacker needs to leverage a cryptographic protocol vulnerability in order to achieve RCE. No further details were provided by Microsoft about this vulnerability at the time this blog was published.Important29 CVEs | SQL Server Native Client Remote Code Execution VulnerabilityThis month's release included 29 CVEs for RCEs affecting SQL Server Native Client. All of these CVEs received CVSSv3 scores of 8.8 and were rated as “Exploitation Less Likely.” Successful exploitation of these vulnerabilities can be achieved by convincing an authenticated user into connecting to a malicious SQL server database using an affected driver. A full list of the CVEs are included in the table below.CVEDescriptionCVSSv3CVE-2024-38255SQL Server Native Client Remote Code Execution Vulnerability8.8CVE-2024-43459SQL Server Native Client Remote Code Execution Vulnerability8.8CVE-2024-43462SQL Server Native Client Remote Code Execution Vulnerability8.8CVE-2024-48993SQL Server Native Client Remote Code Execution Vulnerability8.8CVE-2024-48994SQL Server Native Client Remote Code Execution Vulnerability8.8CVE-2024-48995SQL Server Native Client Remote Code Execution Vulnerability8.8CVE-2024-48996SQL Server Native Client Remote Code Execution Vulnerability8.8CVE-2024-48997SQL Server Native Client Remote Code Execution Vulnerability8.8CVE-2024-48998SQL Server Native Client Remote Code Execution Vulnerability8.8CVE-2024-48999SQL Server Native Client Remote Code Execution Vulnerability8.8CVE-2024-49000SQL Server Native Client Remote Code Execution Vulnerability8.8CVE-2024-49001SQL Server Native Client Remote Code Execution Vulnerability8.8CVE-2024-49002SQL Server Native Client Remote Code Execution Vulnerability8.8CVE-2024-49003SQL Server Native Client Remote Code Execution Vulnerability8.8CVE-2024-49004SQL Server Native Client Remote Code Execution Vulnerability8.8CVE-2024-49005SQL Server Native Client Remote Code Execution Vulnerability8.8CVE-2024-49006SQL Server Native Client Remote Code Execution Vulnerability8.8CVE-2024-49007SQL Server Native Client Remote Code Execution Vulnerability8.8CVE-2024-49008SQL Server Native Client Remote Code Execution Vulnerability8.8CVE-2024-49009SQL Server Native Client Remote Code Execution Vulnerability8.8CVE-2024-49010SQL Server Native Client Remote Code Execution Vulnerability8.8CVE-2024-49011SQL Server Native Client Remote Code Execution Vulnerability8.8CVE-2024-49012SQL Server Native Client Remote Code Execution Vulnerability8.8CVE-2024-49013SQL Server Native Client Remote Code Execution Vulnerability8.8CVE-2024-49014SQL Server Native Client Remote Code Execution Vulnerability8.8CVE-2024-49015SQL Server Native Client Remote Code Execution Vulnerability8.8CVE-2024-49016SQL Server Native Client Remote Code Execution Vulnerability8.8CVE-2024-49017SQL Server Native Client Remote Code Execution Vulnerability8.8CVE-2024-49018SQL Server Native Client Remote Code Execution Vulnerability8.8ImportantCVE-2024-43602 | Azure CycleCloud Remote Code Execution VulnerabilityCVE-2024-43602 is a RCE vulnerability in Microsoft’s Azure CycleCloud, a tool that helps in managing and orchestrating High Performance Computing (HPC) environments in Azure. This flaw received the highest CVSSv3 score of the month, a 9.9 and was rated as important. A user with basic permissions could exploit CVE-2024-43602 by sending specially crafted requests to a vulnerable AzureCloud CycleCloud cluster to modify its configuration. Successful exploitation would result in the user gaining root permissions, which could then be used to execute commands on any cluster in the Azure CycleCloud as well as steal admin credentials.Tenable SolutionsA list of all the plugins released for Microsoft’s November 2024 Patch Tuesday update can be found here. As always, we recommend patching systems as soon as possible and regularly scanning your environment to identify those systems yet to be patched.For more specific guidance on best practices for vulnerability assessments, please refer to our blog post on How to Perform Efficient Vulnerability Assessments with Tenable.Get more informationMicrosoft's November 2024 Security UpdatesTenable plugins for Microsoft November 2024 Patch Tuesday Security UpdatesJoin Tenable's Security Response Team on the Tenable Community.Learn more about Tenable One, the Exposure Management Platform for the modern attack surface. Full Article
1 OSC announces $150,000 award to international whistleblower By www.osc.ca Published On :: Wed, 23 Oct 2024 13:03:00 GMT TORONTO – The Ontario Securities Commission (OSC) has issued an award of nearly $150,000 to an international whistleblower who provided information about significant issues at an early-stage firm. Full Article
1 Canadian securities regulators announce results of 10th annual review of representation of women on boards and in executive officer positions in Canada By www.osc.ca Published On :: Tue, 29 Oct 2024 18:20:36 GMT TORONTO – Participating Canadian securities regulators today published the results of their 10th consecutive annual review of disclosures relating to women on boards and in executive officer positions, as well as the underlying data that was used to prepare the report. Full Article
1 SpotOn London 2012 Storify: Fixing the fraud: how do we safeguard science from misconduct? By www.nature.com Published On :: Wed, 14 Nov 2012 12:00:49 +0000 #solo12fraud Full Article Featured Policy SpotOn London (#SoLo) Storifys #solo12fraud
1 SpotOn London 2012 Storify: Crowdfunded science – new opportunities or dangerous echo chamber? By www.nature.com Published On :: Wed, 14 Nov 2012 14:55:52 +0000 Finding sources for funding research can be a demanding task, and one that's not always successful. A new trend that's emerging out of the necessity to fund projects that have no traditional means of support is "crowdfunding." A panel at SpotOnLondon weighs the resulting apprehensions and benefits. Full Article Featured Policy SpotOn London (#SoLo) Storifys #solo12funding
1 SpotOn London 2012: My not-so-secret-anymore double life: Juggling research and science communication By www.nature.com Published On :: Mon, 19 Nov 2012 12:52:44 +0000 Dr Anne Osterrieder is a Research and Science Communication Fellow in Plant Cell Biology at the Department of Full Article Policy SpotOn London (#SoLo) #solo12jobs
1 SpotOn London 2012 Storify: Incentivising Open Access and Open Science: Carrot and Stick By www.nature.com Published On :: Tue, 20 Nov 2012 13:12:21 +0000 Here is a Storify round up of the SpotOn London session: Incentivising Open Access and Open Full Article Featured Policy SpotOn London (#SoLo) Storifys #solo12open
1 SpotOn London 2012 Storify: ORCID – why do we need a unique researcher ID? By www.nature.com Published On :: Tue, 20 Nov 2012 15:53:18 +0000 Here is a Storify round up of the SpotOn London session: ORCID – why do we Full Article Featured Policy SpotOn London (#SoLo) Storifys #solo12ORCID
1 SpotOn London 2012 Storify: What do you need to start a revolution? By www.nature.com Published On :: Wed, 21 Nov 2012 11:57:53 +0000 Here is a Storify round up of the SpotOn London session: What do you need to Full Article Featured Policy SpotOn London (#SoLo) Storifys #solo12revo
1 SpotOn London 2012 Storify: Tackling the terabyte: how should research adapt to the era of big data? By www.nature.com Published On :: Wed, 21 Nov 2012 15:09:37 +0000 Here is a Storify round up of the SpotOn London session: Tackling the terabyte: how should Full Article Featured Policy SpotOn London (#SoLo) Storifys #solo12tera
1 SpotOn London 2013 – draft programme: Policy track By www.nature.com Published On :: Wed, 02 Oct 2013 16:07:30 +0000 As we’re getting ready to make tickets available for this year’s SpotOn London conference, we’re Full Article Featured Information Policy SpotOn London (#SoLo) #solo13 policy programme
1 SpotOn London 2013: Altmetrics – The Opportunities and the Challenges By www.nature.com Published On :: Tue, 05 Nov 2013 13:52:42 +0000 Marie Boran is a PhD candidate at the INSIGHT Centre for Data Analytics, the National Full Article Featured Guest Posts Policy SpotOn London (#SoLo) #solo13alt
1 SpotOn London 2013: Contract for interdisciplinary working By www.nature.com Published On :: Tue, 05 Nov 2013 13:53:59 +0000 In preparation for this year’s SpotOn London 2013 workshop, Interdisciplinary research: what can scientists, humanists Full Article Featured Guest Posts Policy #solo13hss
