Ethiopia’s agricultural sector, which is dominated by smallscale, mixed crop, and livestock farming, is the mainstay of the country’s economy. It constitutes more than half the nation’s gross domestic product (GDP), generates more than 85 percent of the foreign exchange earnings, and employs about 80 percent of the population. Ethiopia’s dependence on agriculture makes the country particularly vulnerable to the adverse impacts of climate change on crop and livestock production.

After a decade of stagnation during the 1990s, investments and human resource capacity in public agricultural research and development (R&D) averaged more than 20 percent growth in Sub-Saharan Africa (SSA) during 2001–2008. In 2008, the region spent $1.7 billion on agricultural R&D (in 2005 purchasing power parity dollars)—or $0.8 billion (in 2005 constant US dollars)—and employed more than 12,000 full-time equivalent (FTE) agricultural researchers.

Mechanization service providers in Myanmar were originally interviewed by telephone in early May 2020 in order to determine how their businesses were being affected by COVID-19 related restrictions. The results of that survey were published in Myanmar Strategy Support Program Policy Note 07. To trace the continuing impact of the COVID-19 pandemic on their economic activities, a second phone survey of mechanization service providers was done in mid-June 2020. This Policy Note reports on the results of this second survey.

In this episode of the IoT Insider podcast, Bernard Montel provides a brief history of the evolution of the Cloud and the challenges of securing it.

Tenable®, the exposure management company, today announced new risk prioritization and compliance features for Tenable Nessus, the #1 vulnerability assessment solution in accuracy, coverage and adoption. Nessus supports new and updated vulnerability scoring systems – Exploit Prediction Scoring System (EPSS) and Common Vulnerability Scoring System (CVSS) v4 – to help customers implement more effective prioritization for risk reduction and maintain compliance.

Due to evolving threats and expanding attack surfaces, organizations rely on multiple risk scoring systems, which are not effective risk qualifiers on their own to determine criticality. With Tenable Nessus, customers can take advantage of the latest industry-adopted vulnerability scoring systems – EPSS and CVSS v4 – and Tenable Vulnerability Priority Rating (VPR) to identify and take action on the vulnerabilities that pose the greatest risk specific to their environment. Leveraging an advanced data science algorithm developed by Tenable Research, Tenable VPR combines and analyzes Tenable proprietary vulnerability data, third-party vulnerability data and threat data to effectively and efficiently measure risk.

“EPSS and CVSS are single variables in the risk equation – context around exposures delivers a deeper level of understanding around true risk,” said Shai Morag, chief product officer, Tenable. “Recent Tenable Research found that only 3% of vulnerabilities most frequently result in impactful exposure. We’ve optimized Nessus to meet the evolving needs of our customers, empowering informed vulnerability prioritization strategies to address these critical few.”

Key features in this release include:

• EPSS and CVSS v4 Support enables users to see and filter plugins by EPSS and CVSS v4 score, further informing prioritization strategy. This feature enables security teams to remain compliant with organizational policies that require the use of EPSS or CVSS as the primary scoring system.
• Nessus Offline Mode addresses challenges with conducting vulnerability scans offline in air-gapped environments. Building upon existing offline scanning capabilities, Nessus runs critical services only, removing unwanted traffic generated by functions that rely on an active internet connection, thereby ensuring the security of sensitive data within a secure environment.
• Declarative Agent Versioning On-Prem enables users to create and manage agent profiles in Nessus Manager for Tenable Security Center. Users can specify a product version for an agent deployed in an environment, thereby reducing disruptions in day-to-day operations and enabling users to adhere to enterprise change control policies.

Learn more about vulnerability and risk scoring by checking out the Inaugural Study of EPSS Data and Performance developed by Cyentia Institute and the Forum of Incident Response and Security Teams (FIRST).

Join the upcoming Tenable webinar titled, From Data to Defense: Harnessing Predictive Scoring to Strengthen Your Cybersecurityon September 12, 2024 at 2:00 pm ET, by registering here.

Tenable Nessus is available as a standalone product and is included in Tenable Security Center and Tenable Vulnerability Management. More information on Tenable Nessus is available at: https://www.tenable.com/products/nessus

About Tenable

Tenable® is the exposure management company, exposing and closing the cybersecurity gaps that erode business value, reputation and trust. The company’s AI-powered exposure management platform radically unifies security visibility, insight and action across the attack surface, equipping modern organizations to protect against attacks from IT infrastructure to cloud environments to critical infrastructure and everywhere in between. By protecting enterprises from security exposure, Tenable reduces business risk for more than 44,000 customers around the globe. Learn more at tenable.com.

###

Media Contact:

Tenable

tenablepr@tenable.com

Tenable®, the exposure management company, announced today that Shelly Raban, senior cloud security researcher for Tenable, will give a presentation at fwd:cloudsec Europe 2024, taking place on 17 September, 2024 in Brussels, Belgium.

During the session titled, “Who Watches the Watchmen? Stealing Credentials from Policy-as-Code Engines (and Beyond),” Raban will explore techniques adversaries use to exploit modern policy-as-code and Infrastructure-as-code (IaC) domain-specific languages (DSLs), compromise cloud identities and exfiltrate sensitive data. Raban will conclude her presentation by sharing various detection strategies that cyber defenders can implement to detect malicious activity. 

The session will be hosted in the Main Room from 2:50 - 3:10 pm CEST. 

More information on the event is available on the fwd:cloudsec Europe website. 

More information about Tenable Cloud Security is available at: https://www.tenable.com/products/tenable-cloud-security 

About Tenable

Tenable® is the exposure management company, exposing and closing the cybersecurity gaps that erode business value, reputation and trust. The company’s AI-powered exposure management platform radically unifies security visibility, insight and action across the attack surface, equipping modern organizations to protect against attacks from IT infrastructure to cloud environments to critical infrastructure and everywhere in between. By protecting enterprises from security exposure, Tenable reduces business risk for more than 44,000 customers around the globe. Learn more at tenable.com. 

###

Media Contact:

Tenable

tenablepr@tenable.com

Tenable®, the exposure management company, today announced the release of AI Aware, advanced detection capabilities designed to rapidly surface artificial intelligence solutions, vulnerabilities and weaknesses available in Tenable Vulnerability Management, the world’s #1 vulnerability management solution. Tenable AI Aware provides exposure insight into AI applications, libraries and plugins so organizations can confidently expose and close AI risk, without inhibiting business operations.

The rapid development and adoption of AI technologies in the past two years has introduced major cybersecurity and compliance risks that organizations must proactively address without established best practices. As a result, cybersecurity teams face significant AI-related challenges, such as vulnerability detection and remediation, containing data leakage and reining in unauthorized AI use. 

According to recent Tenable Research, more than one-third of security teams are finding usage of AI applications in their environment that might not have been provisioned via formal processes. In fact, during a 75-day period between late June and early September, Tenable found over 9 million instances of AI applications on more than 1 million hosts. The cybersecurity risk of unfettered AI usage is compounded by the increasing volume of AI vulnerabilities. Tenable Research has found and disclosed several vulnerabilities in AI solutions, including in Microsoft Copilot, Flowise, Langflow, among others.

With AI Aware, Tenable transforms proactive security for AI solutions. Tenable AI Aware uniquely leverages agents, passive network monitoring, dynamic application security testing and distributed scan engines to detect approved and unapproved AI software, libraries and browser plugins, along with associated vulnerabilities, thereby mitigating risks of exploitation, data leakage and unauthorized resource consumption. The combined depth of these multiple assessment methods delivers the most complete detection of AI in the modern ecosystem. 

[Watch the Tenable AI Aware product demo video here.]

“In an effort to keep pace with the sea change introduced by AI, organizations around the world ran full speed ahead, potentially bypassing countless cybersecurity, privacy and compliance red flags,” said Shai Morag, chief product officer, Tenable. “Perhaps more so than with any other new technology we’ve seen, there are many risk factors to consider, especially with rushed development and deployment. Tenable AI Aware empowers organizations to deploy AI confidently, ensuring their security measures keep pace with the rapid evolution of AI technologies.”

In addition to AI software and vulnerability detection, key AI Aware features available in Tenable Vulnerability Management, Tenable Security Center and Tenable One include:

• Dashboard Views provide a snapshot of the most common AI software discovered in the ecosystem, top assets with vulnerabilities related to AI and the most common communication ports leveraged by AI technologies. 
• Shadow Software Development Detection illuminates the unexpected existence of the building blocks of AI development in the environment, enabling businesses to align initiatives with organizational best practices.
• Filter Findings for AI Detections enable teams to focus on AI-related findings when reviewing vulnerability assessment results. Combined with the power of Tenable Vulnerability Prioritization Rating (VPR), teams can effectively assess and prioritize vulnerabilities introduced by AI packages and libraries. 
• Asset-Centric AI-Inventory provides a complete inventory of AI-related packages, libraries and browser plugins while reviewing the detailed profile of an asset. 

Join the upcoming Tenable webinar titled, "Mitigating AI-Related Security Risks: Insights and Strategies with Tenable AI Aware" on October 9, 2024 at 11:00 am ET, by registering here.

More information on Tenable AI Aware is available at: https://www.tenable.com/products/vulnerability-management/ai-aware 

About Tenable

Tenable® is the exposure management company, exposing and closing the cybersecurity gaps that erode business value, reputation and trust. The company’s AI-powered exposure management platform radically unifies security visibility, insight and action across the attack surface, equipping modern organizations to protect against attacks from IT infrastructure to cloud environments to critical infrastructure and everywhere in between. By protecting enterprises from security exposure, Tenable reduces business risk for more than 44,000 customers around the globe. Learn more at tenable.com. 

###

Media Contact:

Tenable

tenablepr@tenable.com

Tenable®, the exposure management company, today announced the availability of Tenable Enclave Security, a solution that supports the needs of customers operating in highly secure environments, such as those that are classified or otherwise air-gapped. Backed by Tenable Security Center, Tenable Enclave Security protects IT assets and modern workloads with risk assessment and contextual insight so organizations can identify exposures before they cause damage.

Federal agencies face unique security and compliance regulations when deploying cloud solutions, and Tenable Enclave Security is key to supporting public sector customers, as well as commercial organizations with strict data residency, security or privacy requirements. 

Built to support the strictest security requirements, including FedRAMP High and Impact Level 5, Tenable Enclave Security empowers agencies to know, expose and close IT and container exposures from a single, highly secure platform. This consolidated approach also eliminates tool sprawl, reduces costs and boosts efficiency for public sector organizations.

“As a leader in vulnerability management and cloud security and a longtime partner of governments all around the world, we’re perfectly positioned to tap into our expertise and deliver mission critical capabilities to assist government agencies as they transform their IT strategy and safely embrace modern workloads to speed innovation,” said Robert Huber, chief security officer and president, Tenable Public Sector, Tenable. “With Tenable Enclave Security, agencies are now able to gain a fuller understanding of their exposure and risk with the ability to continuously discover, assess and prioritize vulnerabilities across IT assets and container images, all from a single, highly secure framework.”

Tenable Enclave Security will immediately enable organizations to: 

• Meet cloud security and data residency restrictions: Tenable Enclave Security enables customers to meet stringent cloud security and data residency requirements, such as FedRAMP High or Impact Level 5. It can meet customers’ needs wherever they reside, with the ability to be deployed on-prem, in a virtual private cloud or commercial cloud.
• Secure containers before they hit production: As agencies modernize their infrastructure, containers create a more efficient manner to create applications and modernize existing ones. Tenable Enclave Security empowers organizations to quickly assess the risk in their container images, expose their vulnerabilities and understand the breadth of impact.
• Centralize security tools: Unlike siloed solutions with fragmented visibility, Tenable Enclave Security provides protection for IT assets and modern workloads from a single deployment architecture. 

For more information on Tenable Enclave Security, please visit: https://www.tenable.com/products/enclave-security 

About Tenable

Tenable® is the exposure management company, exposing and closing the cybersecurity gaps that erode business value, reputation and trust. The company’s AI-powered exposure management platform radically unifies security visibility, insight and action across the attack surface, equipping modern organizations to protect against attacks from IT infrastructure to cloud environments to critical infrastructure and everywhere in between. By protecting enterprises from security exposure, Tenable reduces business risk for more than 44,000 customers around the globe. Learn more at tenable.com. 

###

Media Contact:

Tenable

tenablepr@tenable.com

Tenable®, the exposure management company, today released its 2024 Tenable Cloud Risk Report, which examines the critical risks at play in modern cloud environments. Most alarmingly, nearly four in 10 organizations globally are leaving themselves exposed at the highest levels due to the “toxic cloud trilogy” of publicly exposed, critically vulnerable and highly privileged cloud workloads. Each of these misalignments alone introduces risk to cloud data, but the combination of all three drastically elevates the likelihood of exposure access by cyber attackers.

Security gaps caused by misconfigurations, risky entitlements and vulnerabilities combine to dramatically increase cloud risk. The Tenable Cloud Risk Report provides a deep dive into the most pressing cloud security issues observed in the first half of 2024, highlighting areas such as identities and permissions, workloads, storage resources, vulnerabilities, containers and Kubernetes. It also offers mitigation guidance for organizations seeking ways to limit exposures in the cloud.

Publicly exposed and highly privileged cloud data lead to data leaks. Critical vulnerabilities exacerbate the likelihood of incidents. The report reveals that a staggering 38% of organizations have cloud workloads that meet all three of these toxic cloud trilogy criteria, representing a perfect storm of exposure for cyber attackers to target. When bad actors exploit these exposures, incidents commonly include application disruptions, full system takeovers, and DDoS attacks that are often associated with ransomware. Scenarios like these could devastate an organization, with the 2024 average cost of a single data breach approaching $5 million.¹ 

Additional key findings from the report include: 

• 84% of organizations have risky access keys to cloud resources: The majority of organizations (84.2%) possess unused or longstanding access keys with critical or high severity excessive permissions, a significant security gap that poses substantial risk. 
• 23% of cloud identities have critical or high severity excessive permissions: Analysis of Amazon Web Services (AWS), Google Cloud Platform (GCP) and Microsoft Azure reveals that 23% of cloud identities, both human and non-human, have critical or high severity excessive permissions. 
• Critical vulnerabilities persist: Notably, CVE-2024-21626, a severe container escape vulnerability that could lead to the server host compromise, remained unremediated in over 80% of workloads even 40 days after its publishing. 
• 74% of organizations have publicly exposed storage: 74% of organizations have publicly exposed storage assets, including those in which sensitive data resides. This exposure, often due to unnecessary or excessive permissions, has been linked to increased ransomware attacks. 
• 78% of organizations have publicly accessible Kubernetes API servers: Of these, 41% also allow inbound internet access. Additionally, 58% of organizations have cluster-admin role bindings — which means that certain users have unrestricted control over all the Kubernetes environments.

“Our report reveals that an overwhelming number of organizations have access exposures in their cloud workloads of which they may not even be aware,” said Shai Morag, chief product officer, Tenable. “It’s not always about bad actors launching novel attacks. In many instances, misconfigurations and over-privileged access represent the highest risk for cloud data exposures. The good news is, many of these security gaps can be closed easily once they are known and exposed.”

The report reflects findings by the Tenable Cloud Research team based on telemetry from millions of cloud resources across multiple public cloud repositories, analyzed from January 1 through June 30, 2024.

To download the report today, please visit: https://www.tenable.com/cyber-exposure/tenable-cloud-risk-report-2024 

¹ IBM Security Cost of a Data Breach Report 2024

About Tenable

Tenable® is the exposure management company, exposing and closing the cybersecurity gaps that erode business value, reputation and trust. The company’s AI-powered exposure management platform radically unifies security visibility, insight and action across the attack surface, equipping modern organizations to protect against attacks from IT infrastructure to cloud environments to critical infrastructure and everywhere in between. By protecting enterprises from security exposure, Tenable reduces business risk for more than 44,000 customers around the globe. Learn more at tenable.com. 

###

Media Contact:

Tenable

tenablepr@tenable.com

Tenable®, the exposure management company, today announced new data security posture management (DSPM) and artificial intelligence security posture management (AI-SPM) capabilities for Tenable Cloud Security, the actionable cloud security solution. By extending exposure management capabilities to cloud data and AI resources, Tenable Cloud Security reduces risk to two of the biggest emerging threats.

Today’s cloud environments are more complex than ever. The challenge of managing this complexity has led to preventable security gaps caused by misconfigurations, risky entitlements and vulnerabilities, leaving sensitive data and AI resources vulnerable. In fact, Tenable Research found that 38% of organizations are battling a toxic cloud trilogy – cloud workloads that are publicly exposed, critically vulnerable and highly privileged. 

Tenable Cloud Security exposes risk from across hybrid and multi-cloud environments, including vulnerabilities, misconfigurations and excess privilege, that affects data and AI resources. Integrating DSPM and AI-SPM into Tenable Cloud Security enables users to automatically discover, classify and analyze sensitive data risk with flexible, agentless scanning. With Tenable Cloud Security’s intuitive user interface, security leaders can easily answer tough questions – such as “What type of data do I have in the cloud and where is it located?,” “What AI resources are vulnerable and how do I remediate the issue?” and “Who has access to my sensitive cloud and AI data?”

“Data is constantly on the move and new uses for data in today’s AI-driven world have created new risks,” said Liat Hayun, vice president of product management for Tenable Cloud Security. “DSPM and AI-SPM capabilities from Tenable Cloud Security bring context into complex risk relationships, so teams can prioritize threats based on the data involved. This gives customers the confidence to unlock the full potential of their data without compromising security.”

“The importance of cloud data has made communicating data exposure risk one of the biggest security challenges for CISOs,” said Philip Bues, senior research manager, Cloud Security at IDC. “Tenable is at the forefront of this emerging DSPM-CNAPP conversation, enabling customers to contextualize and prioritize data risk and communicate it, which is pertinent to almost every domain in CNAPP.”

AI-SPM features enable customers to confidently forge ahead with AI adoption by enforcing AI and machine learning configuration best practices and securing training data. With the combined power of AI-SPM and Tenable Cloud Security’s market-leading cloud infrastructure entitlement management (CIEM) and Cloud Workload Protection (CWP) capabilities, customers can manage AI entitlements, reduce exposure risk of AI resources, and safeguard critical AI and machine learning training data to ensure data integrity. 

Available to all Tenable Cloud Security and Tenable One customers, these new features enable customers to:

• Gain complete visibility and understanding of cloud and AI data - Tenable Cloud Security continuously monitors multi-cloud environments to discover and classify data types, assign sensitivity levels and prioritize data risk findings in the context of the entire cloud attack surface. 
• Effectively prioritize and remediate cloud risk - Backed by vulnerability intelligence from Tenable Research, context-driven analytics provides security teams with prioritized and actionable remediation guidance to remediate the most threatening cloud exposures.
• Proactively identify cloud and AI data exposure - Unique identity and access insights enable security teams to reduce data exposure in multi-cloud environments and AI resources by monitoring how data is being accessed and used and detect anomalous activity. 

Join the upcoming Tenable webinar, “Know Your Exposure: Is Your Cloud Data Secure in the Age of AI?” on October 22, 2024 at 10 am BST and 11 am ET, by registering here. 

Read today’s blog post, “Harden your cloud security posture by protecting your cloud data and AI resources” here. 

With a Net Promoter Score of 73, Tenable Cloud Security helps customers around the world expose and close priority threats. More information about DSPM and AI-SPM capabilities available in Tenable Cloud Security is available at: https://www.tenable.com/announcements/dspm-ai-spm

About Tenable

Tenable® is the exposure management company, exposing and closing the cybersecurity gaps that erode business value, reputation and trust. The company’s AI-powered exposure management platform radically unifies security visibility, insight and action across the attack surface, equipping modern organizations to protect against attacks from IT infrastructure to cloud environments to critical infrastructure and everywhere in between. By protecting enterprises from security exposure, Tenable reduces business risk for approximately 44,000 customers around the globe. Learn more at tenable.com. 

###

Media Contact:

Tenable

tenablepr@tenable.com

It is a blustery spring day, and Mouse and Mole are very excited. They are going to go bird watching and plan to make bird books. It turns out, birds are not so easy to watch. Together, they come up with a plan to get closer to the birds.

In this groundbreaking book, authors Russell Friedman and John W. James show listeners how to move on from their unsuccessful past relationships and finally find the love of their lives. Demonstrating revolutionary ideas that have worked for thousands of their clients at the Grief Recovery Institute, Friedman and James give listeners the strategies they need to effectively mourn the loss of the relationship, while opening themselves up to love in the future. With compassionate guidance, Friedman and James help listeners to close a chapter of their romantic past so that they can be ready to begin again.

Overcoming your pain-proven strategies for grief recovery Coping with loss is difficult, but that doesn't mean you have to suffer alone. Based on the proven-effective acceptance and commitment therapy (ACT) treatment, Moving Through Grief provides simple and effective techniques to help you get unstuck and start living a rich and fulfilling life again, loss and all. ACT is all about embracing what hurts and committing to actions that will improve and enrich your life. Whether you're dealing with the loss of a loved one, your health, home, or even career, Moving Through Grief provides you with creative exercises that will help you work through your pain and reconnect with the things you love. In Moving Through Grief, you will learn: - How you can show up for your life and experience joy and satisfaction again, even as you work through the pain of your loss -Ddiscover how the six tools of ACT-values, committed action, acceptance, being present, cognitive diffusion, and self-as-context-can ease your pain and aid with the healing process - And make real progress towards feeling like yourself again with straightforward exercises, like identifying your values and setting realistic goals. Find out how ACT can change the way you relate to your pain with Moving Through Grief.

A lawyer with a growing stockpile of securities in the bank, three beautiful children, a compliant and decorative wife, and a lovely house in the suburbs, Walter Bridge has achieved all that is expected of someone of his race and background. But try as he might to control the lives of those around him, they prove perversely independent. In Mr. Bridge and its companion, Mrs. Bridge, Evan S. Connell has brilliantly realized the lives of upper-middle-class Americans living in the years just before and during World War II.

El museo de Orsay presenta la obra de la pionera pintora noruega Harriet Backer. Del...

El Met inaugura la primera gran exposición en EE.UU. centrada en la pintura antigua sienesa...

Web application security is a key concern for any organization that develops or uses web applications. The software security community created the Open Web Application Security Project (OWASP) to help educate developers and security professionals on the latest web application security risks. Tenable has published reports for each OWASP version that has been released (2010,2013,2017, API 2019, and 2021). The individual reports provide organizations the ability to monitor web applications by identifying the top 10 most critical web application security risks as described in OWASP's Top 10 Application Security Risks document for the OWASP version being utilized.

The OWASP Top 10 Application Security Risks document outlines several different aspects of web-based security concerns, such as Cross-Site Scripting attacks (XSS), security misconfigurations, and sensitive data exposure. The focus of the OWASP Top 10 is to reduce risk across the most vulnerable business assets across the internet. Following these guidelines empowers organizations to reduce risk of organizational and consumer data theft.

Administrators need to ensure that their organization is not vulnerable to any of the attacks identified in the OWASP Top 10 Application Security Risks document for the relevant OWASP version being currently being used. Compliance related issues, such as known vulnerable components and insufficient logging, must be remediated to eliminate gaps in an organization's security that are not directly tied to exploitable attacks.

This report covers all aspects of the OWASP Top 10 version being utilized and provides administrators the tools and information needed to aid their efforts. The report contains 10 chapters, each aligned with one of the ten most critical web application risks (A1-A10). The information provides guidance to organizations on the actions necessary to mitigate business risk through strong security practices. The report requirements are Tenable Web App Scanning.

Report Templates:

The OWASP Top 10 categories are updated every 3 to 4 years and highlight the most critical web application security vulnerabilities. The following report templates are available and contain sections for each of the listed OWASP Top 10 categories.

• OWASP Categories 2010 - For 2010, the OWASP Top 10 focuses on Injection, Cross-Site Scripting (XSS), and Broken Authentication in the top three positions.
• OWASP Categories 2013 - For 2013, the OWASP Top 10 focuses on Injection, Broken Authentication and Session Management in the top three positions.
• OWASP Categories 2017 - For 2017, the OWASP Top 10 focuses on Injection, Broken Authentication, and Sensitive Data Exposure in the top three positions.
• OWASP Categories API 2019 - For 2019, the OWASP Top 10 focuses on Broken Object Level Authorization, Broken User Authentication, and Excessive Data Exposure in the top three positions.
• OWASP Categories 2021 - For 2021, the OWASP Top 10 focuses on Broken Access Control, Cryptographic Failures, and Injection in the top three positions.

As a Father's Day gift Wayne Anderson's oldest daughter Jerilyn, often called Jeril, presented him with a fat three-hole notebook containing the letters and stories he had written her from the time she was twenty until she was thirty-eight-from 1977 to 1995. It was one of his dearest Father's Day gifts ever. And it was an especially appropriate gift as she had been an avid reader since childhood and was now a creative librarian who continued to cherish the written word. Anderson was amazed at how much detail there was in the letters about his adventures around the world. He has decided to share the parts of these letters that other travelers, active or armchair, might enjoy in this Venture Bound Book.

Sir Edward Grey (1862-1933) was Britain's longest-serving Foreign Secretary, holding office from December 1905 to December 1916. Best known today for his observation on the eve of World War I, "The lamps are going out all over Europe; we won't see them lit again in our lifetime," Grey had worked tirelessly to keep the lamps on, while keeping Britain and the Empire secure. During his eventful and stressful years in office, and before and after, Grey corresponded extensively with Katharine Lyttelton (1860-1943), the wife of a high-ranking general who served as the first Chief of the General Staff. Though they were probably not lovers-readers can decide for themselves-the relationship was an intimate one, and Grey was able confide in her thoughts and feelings he concealed from Cabinet colleagues and his male friends. The letters, selected and edited by Jeff Lipkes, reveal a side to Grey that has not been fully appreciated. He was amusing, shrewd, and humane, and a close observer of individuals as well as of nature. His observations still speak to us. They will resonate with everyone who loves the outdoors and solitude. Those coping with an overpowering grief, with a strong distaste for their work, or with approaching blindness may find them especially poignant. But others not so afflicted may discover they have become kinder, more courageous, and more observant for having read Grey's letters. Dear Kathanine Courageous includes an eighty-page introduction by Lipkes on Grey, Lytellton, and their circle, and an Afterword on the Foreign Secretary's private life.

Patricia writes to Kevin about some of the the experiences that they shared from her perspective.

Full of "can't look away" moments, Dear Killer is a psychological thriller perfect for fans of gritty realistic fiction such as Dan Wells's I Am Not a Serial Killer and Jay Asher's Thirteen Reasons Why, as well as television's Dexter. Rule One-Nothing is right, nothing is wrong. Kit looks like your average seventeen-year-old high school student, but she has a secret-she's London's notorious "Perfect Killer." She chooses who to murder based on letters left in a secret mailbox, and she's good-no, perfect-at what she does. Her moral nihilism-the fact that she doesn't believe in right and wrong-makes being a serial killer a whole lot easier . . . until she breaks her own rules by befriending someone she's supposed to murder, as well as the detective in charge of the Perfect Killer case.

How do we find lasting, trusting, and fulfilling friendships? Is it by being popular? Dazzling others with your genius? Looking for that ultimate BFF? Hiding all your imperfections and trying hard to fit in? Deep and enduring friendships are essential to our psychological and physical well-being. Unfortunately, between bullying, social anxiety, peer pressure, and other issues, many teens feel isolated. In Dear Libby, trusted columnist Libby Kiszner offers a breakthrough approach to friendship and connection. You can create friendships from the inside out-rather than from the outside in. You can experience friendships with vibrant self-expression in every stage of life, making Dear Libby a book that can be read and reread at any age. Containing seven core principles, this life-changing resource not only explains the dynamics of connections and friendships but also gives practical tools to develop them. Integrating contemporary issues, timeless insight, real-life skills, and unique perspectives, Dear Libby provides a hands-on guide for dealing with everyday friendship struggles faced by teens today. Teens and readers of all ages will gain insight and understanding on how to make profound, joyful relationships possible. Find answers to real questions like: What should I do when people who are supposed to be my friends call me names or embarrass me? What should I do I do if I'm being ignored at school? What is the best way to handle loneliness? Someone just stole my friend. What can I do? What can I do when my friends get together and "forget" to invite me?

Tricia LaVoice's life turned upside-down when her parents were tragically killed in an automobile accident. Her close relationships with her mother and father made everyday life afterwards a challenge. Happily married and with a beautiful baby girl, Tricia had no time to fall apart. Over the years as her family grew, Tricia met two strong, dynamic women, both survivors of their own life challenges, whose wonderful friendships and unconditional maternal love and strength guide her to trust in life. But tragedy strikes Tricia's family again, shaking her faith in life once more. It was during this time of suffering and loneliness that she found an unexpected respite in nature, in the form of a beautiful pine tree Tricia named Martha. This rare bond inspires Tricia who literally talks to Martha daily as she heals the hurt in her heart. Tricia learns to listen to her inner voice, and heals herself by finding her source of courage and strength is within her.

At the turn of the 20th century, Jewish families scattered by migration could stay in touch only through letters. Jews in the Russian Empire and America wrote business letters, romantic letters, and emotionally intense family letters. But for many Jews who were unaccustomed to communicating their public and private thoughts in writing, correspondence was a challenge. How could they make sure their spelling was correct and they were organizing their thoughts properly? A popular solution was to consult brivnshtelers, Yiddish-language books of model letters. Dear Mendl, Dear Reyzl translates selections from these model-letter books and includes essays and annotations that illuminate their role as guides to a past culture.

Designed for the use of senior citizens to recall the traditions associated with Christmas in America.

L'enorme potentiel agricole de la Republique Democratiqu du Congo (RDC) est bien documente. Le pays est doté de plus de deux millions de kilomètres carrés (km²) de terres, dont 800 mille sont arables, et pourtant, la portion de terres cultivées ne s’élève qu’à 10 pour cent. La RDC bénéficie également de conditions climatiques et météorologiques favorables, permettant plusieurs récoltes de nombreuses cultures chaque année.

Les modèles d’équilibre général calculable (MEGC), largement admis dans la littérature et utilisés comme outils d’analyse d’impacts potentiels de politiques économiques, sont alimentés par des données provenant de la Matrice de Comptabilité Sociale (MCS). Celle-ci appartient à la grande famille des comptes nationaux, représentant l’ensemble des interrelations entre les activités, les institutions d’une économie.

Cette note propose un résumé des politiques, stratégies et plans d’action ayant trait à la nutrition (désignés ici sous le terme de « politiques ») en Afrique de l’Ouest.

Ce document présente une analyse des chaînes de valeur agroalimentaires de manioc, de riz, de lait et de poisson le long du corridor économique entre les capitales provinciales de Bukavu (Sud-Kivu) et Kalemie (Tanganyika) situées dans la partie orientale de la République démocratique du Congo (RDC). Les principales données utilisées pour cette étude proviennent d’enquêtes menées en 2021 auprès d’environ 3000 acteurs conomiques familiaux, y compris des agriculteurs, des transformateurs et des intermédiaires, actifs dans une ou plusieurs des quatre filières ciblées.

En 2022, le monde a subi des crises multiples. Les perturbations des systèmes alimentaires dues à la longue pandémie de COVID-19, des catastrophes naturelles majeures, des troubles civils, l’instabilité politique et les impacts croissants du changement climatique ont persisté, tandis qe l’inflation et la guerre entre la Russie et l’Ukraine ont exacerbé la crise alimentaire mondiale et la crise des engrais.

Créée notamment pour promouvoir le commerce intra-régional de biens dans la région, la Communauté économique des États d'Afrique de l'Ouest devait aussi permettre d'y réduire l'insécurité alimentaire. Mais les « points de sécurité », dressés le long des corridors de commerce par les autorités administratives qui prélèvent des pots-de-vin, sont venus limiter cette ambition. S’élevant jusqu’à 576 dollars aux 100 kms au Togo en 2017, cette corruption se mesure aussi en temps perdu, avec plus de trois heures aux 100 kms.

Musée d’Orsay showcases the work of pioneering Norwegian painter Harriet Backer. From 24 September 2024...

Guggenheim Museum presents “Harmony and Dissonance: Orphism in Paris, 1910–1930” From 8 November 2024 to...

Web application security is a key concern for any organization that develops or uses web applications. The software security community created the Open Web Application Security Project (OWASP)  to help educate developers and security professionals on the latest web application security risks. This dashboard provides organizations the ability to monitor web applications by identifying the top 10 most critical web application security risks as described in OWASP's Top 10 Application Security Risks document for 2021.

The OWASP Application Security Risks document outlines several different categories of web-based security concerns, such as Cross-Site Scripting attacks (XSS), security misconfigurations, and sensitive data exposure. OWASP's focus is to reduce risk across the most vulnerable business assets across the internet. Following these guidelines empowers organizations to reduce risk of organizational and consumer data theft.

Administrators need to ensure that their organization is not vulnerable to any of the attacks identified by OWASP. Remediating compliance related issues, such as known vulnerable components and insufficient logging, is important to eliminate gaps in an organization's infrastructure that are not directly tied to exploitable attacks.

These dashboards are available in the Tenable.sc Feed, a comprehensive collection of dashboards, reports, Assurance Report Cards, and assets. The dashboards can be easily located in the Tenable.sc Feed under the category Compliance & Configuration Assessment. The dashboard requirements are:

• Tenable.sc 6.2.0
• Tenable Web Application Scanning

This dashboard covers all versions of the OWASP Top 10 from 2010 to 2021, and provides administrators the tools and information needed to aid their efforts. The dashboard provides comparative view between version, using the cross-reference field utilized by plugins. The information will guide organizations on the actions to mitigate business risk through strong security practices. 

Components

WAS Data Concerns: This bar chart displays current (2021) OWASP vulnerability counts, sorted by plugin family and severity. According to OWASP, "the Top 10 represents a broad consensus about the most critical security risks to web applications." Identifying and fixing these issues provides organizations with a solid foundation for secure web development.

OWASP Categories by URL: This component displays vulnerability status counts for each Uniform Resource Locator (URL) within the organization. The URLs are sorted from those with the highest, most severe vulnerabilities to the least severe. Each URL has a graph of severity results for each severity category. 

OWASP Versions by State: This matrix displays the current and all previous OWASP versions along with a column displaying each state (New, Current, Resurfaced, Fixed). This information assists organizations in identifying OWASP vulnerabilities that are new, currently active, have previously been mitigated and have resurfaced, or have been fixed, for each OWASP version. 

OWASP Versions by Severity: This matrix displays the current and all previous OWASP Top 10 from Critical to Low. Each cell displays data on the count of web application vulnerabilities associated with the OWASP Top 10 release, and severity level. This information assists organizations in identifying the most severe OWASP vulnerabilities for the OWASP version in use. 

Tenable Research delivers world class exposure intelligence, data science insights, zero day research and security advisories. Our Security Response Team (SRT) in Tenable Research tracks threat and vulnerability intelligence feeds to make sure our research teams can deliver sensor coverage to our products as quickly as possible. The SRT also works to dig into technical details and author white papers, blogs, and additional communications to ensure stakeholders are fully informed of the latest cyber risks and threats. The SRT provides breakdowns for the latest critical vulnerabilities on the Tenable blog.

When security events rise to the level of taking immediate action, Tenable - leveraging SRT intelligence -  notifies customers proactively to provide exposure information, current threat details and how to use Tenable products and capabilities to accelerate remediation.

This dashboard contains indicator style components to highlight any vulnerabilities related to the Tenable Research Advisories where Tenable issues customer guidance that immediate remediation was of paramount importance to all affected organizations. Tenable recommends addressing missing patches as identified in the dashboard components. 

The dashboard and its components are available in the Tenable.sc Feed, a comprehensive collection of dashboards, reports, assurance report cards and assets. The dashboard can be easily located in the Tenable.sc Feed under the category Security Industry Trends.

The dashboard requirements are: 

• Tenable.sc 6.2.0
• Nessus 10.6.1

The following components are included in this dashboard are:

Research Advisories - Citrix NetScaler ADC and NetScaler Gateway: In August 2023, Mandiant identified a zero-day exploitation impacting NetScaler ADC and NetScaler Gateway appliances. When NetScaler ADC or NetScaler Gateway is configured as a gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or as an AAA virtual server, an unauthenticated attacker could exploit the device in order to hijack an existing authenticated session. Depending on the permissions of the account they have hijacked, this could allow the attacker to gain additional access within a target environment and collect other account credentials. Successful exploitation allows the attacker to bypass multi factor authentication (MFA) requirements.

Research Advisories - curl Heap Overflow and Cookie Injection: On October 3, an open-source developer and maintainer of curl, took to X (formerly Twitter) to announce that a new high severity CVE would be fixed in curl 8.4.0. The developer noted that the release would be ahead of schedule and released on October 11, indicating in a reply to the twitter thread that this is 'the worst security problem found in curl in a long time.' 

Research Advisories - MOVEit: The CL0P Ransomware Group, also known as TA505, has exploited zero-day vulnerabilities across a series of file transfer solutions since December 2020. File transfer solutions often contain sensitive information from a variety of organizations. This stolen information is used to extort victims to pay ransom demands. In 2023, CL0P claimed credit for the exploitation of vulnerabilities in both Fortra’s GoAnywhere Managed File Transfer (MFT) and Progress Software’s MOVEit Transfer solutions. 

Research Advisories - log4shell: This matrix alerts organizations to potential concerns regarding the Log4j vulnerability. Displayed are the vulnerabilities that are directly associated with the log4shell CVEs (CVE-2021-44228, CVE-2021-44832, CVE-2021-45046, CVE-2021-4104, and CVE-2021-45105) and Log4j installations. 

Research Advisories - CISA Alerts AA22-011A and AA22-047A: On November 3rd, 2021, Cybersecurity and Infrastructure Security Agency (CISA) issued Binding Operational Directive (BOD) 22-01, and on Jan 11, 2022 CISA issued an alert (AA22-011A) warning of increased risk to U.S. critical infrastructure.  A total of 18 CVEs can be associated with this alert.  Hosts and Vulnerabilities identified and mitigated are displayed using the referenced CVE. 

Research Advisories - PrintNightmare: On July 1, Microsoft released an advisory for CVE-2021-34527. This advisory was released in response to public reports about a proof-of-concept (PoC) exploit for CVE-2021-1675, a similar vulnerability in the Windows Print Spooler. To help clear up confusion about the vulnerability, Microsoft updated its advisory for CVE-2021-1675 to clarify that it is similar but distinct from CVE-2021-34527. On July 6, Microsoft updated its advisory to announce the availability of out-of-band patches for CVE-2021-34527, a critical vulnerability in its Windows Print Spooler that researchers are calling PrintNightmare. This remote code execution (RCE) vulnerability affects all versions of Microsoft Windows. 

Research Advisories - MS Exchange ProxyLogon: On March 2, 2021 Microsoft released several critical security updates for zero-day Microsoft Exchange Server vulnerabilities, and reported that the exploits are actively being exploited by threat actors. Within a single week thousands of organizations world-wide have fallen victim. Tenable released several plugins for Exchange Server 2010, 2013, 2016 and 2019, which can be used to determine which Exchange Server systems are vulnerable in your environment.

Identifying guidelines for the design of conditional credit programs to promote sustainable agricultural practices in Latin America

Tools for food system policy development.

The post Identifying guidelines for the design of conditional credit programs to promote sustainable agricultural practices in Latin America appeared first on IFPRI.

Síntesis de evidencia: Lineamientos para el diseño de programas crediticios agropecuarios condicionados para el fomento de prácticas agropecuarias sostenibles

Enfoques para el desarrollo de políticas del sistema alimentario.

The post Síntesis de evidencia: Lineamientos para el diseño de programas crediticios agropecuarios condicionados para el fomento de prácticas agropecuarias sostenibles appeared first on IFPRI.

Beyond the Health Extension Program: Developing a focused approach to improve nutrition in Ethiopia

A study points to reforms.

The post Beyond the Health Extension Program: Developing a focused approach to improve nutrition in Ethiopia appeared first on IFPRI.

How much does take-up timing for agricultural inputs depend on price? Evidence from an experiment in Nigeria

Insights into buying behavior.

The post How much does take-up timing for agricultural inputs depend on price? Evidence from an experiment in Nigeria appeared first on IFPRI.

Potential impact of zinc-enriched rice on zinc intakes in Bangladesh, Indonesia, and the Philippines

Nutritional benefits of enhanced biofortification.

The post Potential impact of zinc-enriched rice on zinc intakes in Bangladesh, Indonesia, and the Philippines appeared first on IFPRI.

Does conflict-driven internal displacement influence demand for agricultural inputs? Evidence from Nigeria

Examining the effectiveness of vouchers and marketing information.

The post Does conflict-driven internal displacement influence demand for agricultural inputs? Evidence from Nigeria appeared first on IFPRI.

The likely U.S. longshoreman strike and its implications for agricultural trade

Disruptions ahead for some developing countries exporting to the U.S.

The post The likely U.S. longshoreman strike and its implications for agricultural trade appeared first on IFPRI.

Global Food Policy Report 2024: Improving governance to create supportive environments for diet and nutrition policies

Key steps to strengthen institutions and relationships

The post Global Food Policy Report 2024: Improving governance to create supportive environments for diet and nutrition policies appeared first on IFPRI.

Reach, Benefit, Empower, Transform: Approaches to helping rural women secure their resource rights

Avenues to empowerment.

The post Reach, Benefit, Empower, Transform: Approaches to helping rural women secure their resource rights appeared first on IFPRI.

World Food Day 2024: The critical role of healthy diets for realizing the right to food

IFPRI's 2024 Global Food Policy Report on a key paradigm shift.

The post World Food Day 2024: The critical role of healthy diets for realizing the right to food appeared first on IFPRI.

Mercosur Outlook launch: Charting a course for sustainable agricultural growth amid uncertainty

Meeting challenges of the coming growing season and beyond in South America.

The post Mercosur Outlook launch: Charting a course for sustainable agricultural growth amid uncertainty appeared first on IFPRI.

Survey: Rural Papua New Guinea faces an array of food security challenges

Starch-heavy diets, the reach of extension instruction, and other issues.

The post Survey: Rural Papua New Guinea faces an array of food security challenges appeared first on IFPRI.

Unleashing the potential of Generation Z for food system transformation in Africa

A new research agenda.

The post Unleashing the potential of Generation Z for food system transformation in Africa appeared first on IFPRI.

From risk to resilience: How strategic government partnerships can enhance access to insurance-linked credit for smallholders in Zambia

The power of bundled solutions

The post From risk to resilience: How strategic government partnerships can enhance access to insurance-linked credit for smallholders in Zambia appeared first on IFPRI.