Mandriva Linux Security Advisory 2015-225 - The cherokee_validator_ldap_check function in validator_ldap.c in Cherokee 1.2.103 and earlier, when LDAP is used, does not properly consider unauthenticated-bind semantics, which allows remote attackers to bypass authentication via an empty password.

Mandriva Linux Security Advisory 2015-226 - FCGI does not perform range checks for file descriptors before use of the FD_SET macro. This FD_SET macro could allow for more than 1024 total file descriptors to be monitored in the closing state. This may allow remote attackers to cause a denial of service (stack memory corruption, and infinite loop or daemon crash) by opening many socket connections to the host and crashing the service.

Mandriva Linux Security Advisory 2015-223 - Multiple integer signedness errors in the Dispatch_Write function in proxy/dispatcher/idirectfbsurface_dispatcher.c in DirectFB allow remote attackers to cause a denial of service and possibly execute arbitrary code via the Voodoo interface, which triggers a stack-based buffer overflow. The Dispatch_Write function in proxy/dispatcher/idirectfbsurface_dispatcher.c in DirectFB allows remote attackers to cause a denial of service and possibly execute arbitrary code via the Voodoo interface, which triggers an out-of-bounds write.

Mandriva Linux Security Advisory 2015-227 - This update provides MariaDB 5.5.43, which fixes several security issues and other bugs.

Mandriva Linux Security Advisory 2015-228 - It was found that libuv does not call setgoups before calling setuid/setgid. This may potentially allow an attacker to gain elevated privileges. The libuv library is bundled with nodejs, and a fixed version of libuv is included with nodejs as of version 0.10.37. The nodejs package has been updated to version 0.10.38 to fix this issue, as well as several other bugs.

Mandriva Linux Security Advisory 2015-229 - It was discovered that the snmp_pdu_parse() function could leave incompletely parsed varBind variables in the list of variables. A remote, unauthenticated attacker could exploit this flaw to cause a crash or, potentially, execute arbitrary code.

Mandriva Linux Security Advisory 2015-230 - Squid configured with client-first SSL-bump does not correctly validate X509 server certificate domain / hostname fields.

Mandriva Linux Security Advisory 2015-231 - Tilmann Haak from xing.com discovered that XML::LibXML did not respect the expand_entities parameter to disable processing of external entities in some circumstances. This may allow attackers to gain read access to otherwise protected resources, depending on how the library is used.

Mandriva Linux Security Advisory 2015-232 - A malformed certificate input could cause a heap overflow read in the DER decoding functions of Libtasn1. The heap overflow happens in the function _asn1_extract_der_octet().

I am often asked what I see as the biggest potential game-changers in tech — particularly as it relates to social good. Mobile, social, the cloud, and analytics continue to emerge as key themes. However, analytics is emerging as the true game changer — catalyzed by advances in open architecture.

Let me unpack what I mean by "open architecture." Open means that anyone can access it, contribute to it, and innovate on top of it. At Blackbaud, where I serve as chief technology officer, one of our core tenets has been to design an open, cloud-based software and data architecture. We're cultivating a technical community of partners, customers, and engineers (inside and outside of the company) who are innovating in different ways and contributing to this ecosystem.

From this vantage point, I see the way that openness accelerates the velocity of innovation. Looking at it from a different angle, open ecosystems also yield data and analytics that enable everyone who is part of them to gain more insights and intelligence.

This data can power intelligent software solutions, surface actionable events, maintain accurate and current data assets, and generally drive more results for users. In other words, an open cloud-based architecture elevates usage, which in turn generates more and more data and intelligence that make the system even more powerful.

With data, analytics, and intelligence in mind, the following capabilities emerge as candidates to have a great positive impact.

The Internet of Things

Internet of Things (IoT) technology is cheap and accessible and can transform normal household items into network devices that generate data. In my house, the lights, thermostats, appliances, cars, doors, and windows are all connected devices. These connected devices generate data and intelligence (such as trends in usage, optimization of electricity consumption, and so on). Much like a household, there are many IoT possibilities for nonprofits and other players in the social good space to generate valuable, actionable data.

Instrumentation

Instrumentation provides us with the ability to understand what's happening within our software. As Blackbaud ships features and capabilities within solutions, we monitor usage. We do so to understand if our customers can easily discover the new capability (do they use it the first time they log on?) and to determine if our customers find it valuable (is their use ongoing?). This data-driven approach is an extremely effective way of measuring both the quality of the user experience and the overall value of the work we're doing.

We can learn a lot about our customers just by observing what they do. Across the software industry, instrumentation is driving advances in understanding that enable more targeted solutions to users' challenges.

Usage Information

Like instrumentation, usage data enables us to understand the leading indicators that yield the best, most effective outcomes. For example, through usage data, we were able to understand that nonprofits who proactively thank donors within one week of giving have an advantage. They were much more effective at converting those individuals to longer-term supporters and recurring donors.

Predictive Intelligence

Predictive analytics showcase some of the most stunning and innovative applications of data. At Blackbaud, we think of predictive analytics as a kind of "self-driving car." It guides and sometimes fully automates tasks for our users, enabling them to gain much greater results. A few examples of predictive analytics scenarios that we're working on include

• Extending the most compelling message to a specific person at just the right time via the best channel, to keep them engaged, generate a donation, invite them to an event, or simply share a story.
• Intelligently connecting nonprofits, corporations, individuals, foundations, faith-based organizations, schools, and other stakeholders across the ecosystem we serve. That action enables us to more efficiently coordinate efforts and services and drive greater good together.
• Leveraging social information, an understanding of a person's network, geographical context, and other analytics to help connect an advocate with a nonprofit, school, or foundation, in just the right way.

We leverage the correlation of many different, disparate data sources to drive true intelligence and to power new, predictive user experiences across our applications. Our data platform is what powers this intelligence. This platform drives value across our solutions in other ways, including

• Correcting, appending, and de-duplicating data across the system
• Business intelligence and reporting that shows trends in data
• Real-time data pipelines that spark events across the system based on changes to the data

I’ve included only a few examples of technology capabilities we're researching that we believe will have a strong positive impact. The central theme of these capabilities is providing more actionable data and intelligence. Our commitment to delivering a robust, scalable, and flexible data architecture as well as open, cloud-based software enables us to take advantage of this technology. It also enables us to harness these capabilities to drive greater value for the customers we serve.

This blog post was written by Mary Beth Westmoreland.

spanhidden

This Metasploit module exploits a vulnerability in Total.js CMS. The issue is that a user with admin permission can embed a malicious JavaScript payload in a widget, which is evaluated server side, and gain remote code execution.

On top of EU access, an impressive quality of life, talented labour and a thriving tourism sector, Madeira offers a white-listed preferential tax regime that is conducive to long-term, productive investments. Sebastian Shehadi reports.

Antwerp’s vice-mayor, Claude Marinower, talks about the city's history as a diverse business location, and its plans to promote traditional industries alongside innovative concepts.

With a multilingual population, Antwerp enjoys a diverse talent pool that has made it a popular testbed for digital innovation and entrepreneurship.

Moldova's wine industry has gained some international recognition but the country remains largely untroubled by tourists, a combination that is enticing some foreign investors.

Canada's Atlantic Ocean-bordering provinces are making the most of their coastal resources, using decades of knowhow to balance economic growth with sustainability.

German utility EnBW has acquired French wind and solar developer and operator VALECO.

Iowa economic development officials are tentatively endorsing a tax credit for battery storage to complement the state’s wind and solar generation.

Back in the 1980s and 1990s, the twin forces of privatization and deregulation of public infrastructure services ascended to a global paradigm of progress and development. Government management of services such as telecommunications, transportation, water, and energy was deemed inefficient, underperforming, and monopolistic. Private industry – accountable to the profits and losses of an open market and, thus, believed more efficient than government – was proclaimed the better way for consumer choice and a more efficient use of taxpayers’ expenses.

Last week in San Antonio, Texas, about 150 DISTRIBUTECH stakeholders convened to discuss industry trends, best practices for marketing and sales in the utility industry and set the educational agenda for the 2020 event.

Digitalisation is one of the biggest enablers of the global transition to clean energy. From intelligent asset management, to Artificial Intelligence and the Internet of Things. Find out how digitalisation is transforming the management, operation and maintenance of renewable energy assets, and driving a more efficient renewable world.

A report recently released by the U.S. Department of Energy defines and evaluates cost and performance parameters of six battery energy storage technologies (BESS) and four non-BESS storage technologies.

According to Vattenfall, the project will help provide less pronounced energy peaks and an overall more efficient use of energy infrastructure

Minnesota’s largest utility wants to change how the state calculates its trailblazing “value of solar” rate as it faces a potential spike in payments to community solar operators.

Pennsylvania is promoting a new roadmap to electrify transportation by designing policies and setting targets to get more electric vehicles on the roads.

Over the past week, the U.S. Department of Energy (DOE) has announced multiple funding opportunities to renewable energy research including $130M for early-stage solar and $28M for wind. Further, the National Offshore Wind Research and Development Consortium announced up to $7M in funding for offshore wind.

Nevada is joining the growing list of U.S. places that aim to ban fossil fuels from its electricity supply.

Renewables firm Pangea Energy and vanadium battery producer CellCube have signed on to build a 50MW storage system alongside a solar farm in South Australia.

CleanChoice Energy on Thursday said it was opening an additional 20.51 MW of community solar capacity for residential customers of Xcel. The new capacity is being supplied by fifteen solar farms owned and operated by AltusPower America in various locations in Minnesota. CleanChoice Energy is the largest community solar provider in Minnesota with more than 85 megawatts of solar capacity.

As the world responds to the challenges of climate change, energy systems are evolving, and evolving fast. The past 10 years have seen the rise (and dramatic cost reduction) of renewable energy such as wind and solar, to the extent that they are no longer considered alternative energy. They have become mainstream energy sources. Now, what will be the “next big thing” as the world shifts to a low carbon future?

Iowa economic development officials are tentatively endorsing a tax credit for battery storage to complement the state’s wind and solar generation.

Back in the 1980s and 1990s, the twin forces of privatization and deregulation of public infrastructure services ascended to a global paradigm of progress and development. Government management of services such as telecommunications, transportation, water, and energy was deemed inefficient, underperforming, and monopolistic. Private industry – accountable to the profits and losses of an open market and, thus, believed more efficient than government – was proclaimed the better way for consumer choice and a more efficient use of taxpayers’ expenses.

Nissan’s Leaf-based van for Europe gets larger. More mobile charging is on the way for bigger electric trucks. And could the pandemic pinch material supply for EV makers and the clean energy sector? This and more, here at Green Car Reports. The coronavirus pandemic could tighten the supply of some materials needed for the creation of...

Care Technology provides technological solutions to the needs of customers through innovations like energy-efficient LED lighting and transportable heat sources that operate without power racks or induction heaters. We spoke to co-founder Belinda Wong about the production of their sustainable offerings and the benefits of green technology.

When California voted to get 100 percent of its electricity from renewable sources by 2045, it sent a signal to the market about which types of power generation technologies will remain competitive into the future. And according to Mike Ferguson, Director, North America Energy Infrastructure and Sustainable Finance with S&P Global Ratings, what California does, other states may soon follow.

The Nevada National Security Site (NNSS) inaugurated the Mercury Solar Project late last month and moved it further down the path of sustainability, giving NNSA its first net-zero-energy building.

Today, Smithfield Foods and Roeslein Alternative Energy (RAE) announced that they have formed a joint venture called Monarch Bioenergy to produce renewable natural gas (RNG) across Smithfield’s hog farms in Missouri.

As the world responds to the challenges of climate change, energy systems are evolving, and evolving fast. The past 10 years have seen the rise (and dramatic cost reduction) of renewable energy such as wind and solar, to the extent that they are no longer considered alternative energy. They have become mainstream energy sources. Now, what will be the “next big thing” as the world shifts to a low carbon future?

German utility EnBW has acquired French wind and solar developer and operator VALECO.

Last week in San Antonio, Texas, about 150 DISTRIBUTECH stakeholders convened to discuss industry trends, best practices for marketing and sales in the utility industry and set the educational agenda for the 2020 event.

There are few countries better placed than Australia to meet the growing global demand for foods that enhance health and wellness.

Austrade has launched a digital health website showcasing Australia as an ideal location for developing, testing and launching the next generation of digital medical technologies.

Naval shipbuilder Navantia Australia, a subsidiary of Spain-based Navantia S.A., has opened a new design and engineering centre in Melbourne.

A 200-hectare commercial wet-season cotton crop has been planted in Western Australia’s Ord Irrigation Scheme.

Actress Natalie Portman, environmentalist Robert F. Kennedy, Jr., and other high-profile Harvard University alumni are calling for demonstrations to urge divestment from fossil fuels.