More on Martin Luther King. Day: Linda Sugarman writes: “When Dr. King visited Temple Israel in 1964, he met illustrator Tracy Sugarman. Tracy — my father-in-law — decided to go to Mississippi,  to belp register voters. “The result of that experience was  ‘Stranger at the Gates,’ published in 1966. Over the years after the Mississippi Freedom Summer, Tracy, his wife June, and their friends Bill and Ellie Buckley created an educational film production company called  Rediscovery Films. “They produced many films about the people involved in that summer, and about the continuing struggle throughout the South for recognition and support of the quest for civil rights and attaining the vote. “The Westport Library has copies of all of their films, and of the book… Source link
Read More »New Year's Eve events scheduled throughout the Valley – Mat-Su Valley Frontiersman
New Year’s Eve events are scheduled throughout the Valley. Festivities are below. City of Wasilla .link-button { border-radius: 5px; border-color: #333; background-color: #C5D9E2; color:#333; width:50%; align:center; max-width: 175px; margin: 5px; } .button-text { font-family: ‘Open Sans’,Helvetica,Arial,sans-serif; color: #000000; font-size: 14px; line-height: 1.42857143; } Copy article link Source link
Read More »â€˜An incredible year of learning’: Executive Director Rudyard Griffiths on the state of The Hub heading into 2023
This episode of Hub Dialogues features host Sean Speer in conversation with The Hub’s executive director, Rudyard Griffiths, about the experience of launching The Hub over the past two years, including how we’re doing, what we’ve learned, and what to expect in 2023. You can listen to this episode of Hub Dialogues on Acast, Amazon, Apple, Google, Spotify, or YouTube. The episodes are generously supported by The Ira Gluskin And Maxine Granovsky Gluskin Charitable Foundation. SEAN SPEER: Welcome to Hub Dialogues. I’m your host, Sean Speer, editor-at-large at The Hub. I’m honoured to be joined today by Rudyard Griffiths, The Hub’s executive director. I thought it would be a good idea to wrap up 2022 with a conversation about The Hub at 20 months, including how we’re doing,… Source link
Read More »The nuclear fusion breakthrough – false hope or tantali…
It is a thought as old as human existence. It is as old as the first time a sentient being looked up at the sky and realised the great glowing thing in the sky above was what gave the Earth its warmth and light throughout the day. How could they capture some of it? And, could they find something like it right here on Earth for themselves? Speculations such as those have triggered humanity’s myths and legends — as well as its scientific explorations. In one of his most lyrical short stories, The Golden Apples of the Sun, Ray Bradbury, the renowned 20th-century speculative fiction author, described a rocket expedition from Earth whose mission was to skim right across the surface of the sun to scoop up a cargo of the sun’s actual material — the very hydrogen being fused into… Source link
Read More »Security Bulletin 02 Nov 2022 – Cyber Security Agency of Singapore
CVE Number Description Base Score Reference CVE-2017-16544 In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially result in code execution, arbitrary file writes, or other attacks. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2017-16544 CVE-2019-0542 A remote code execution vulnerability exists in Xterm.js when the component mishandles special characters, aka “Xterm Remote Code Execution Vulnerability.” This affects… Source link
Read More »Security Bulletin 26 Oct 2022 – Cyber Security Agency of Singapore
CVE Number Description Base Score Reference CVE-2018-3839 An exploitable code execution vulnerability exists in the XCF image rendering functionality of Simple DirectMedia Layer SDL2_image-2.0.2. A specially crafted XCF image can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2018-3839 CVE-2019-7280 Prima Systems FlexAir, Versions 2.3.38 and prior. The session-ID is of an insufficient length and can be exploited by brute force, which may allow a remote attacker to obtain a valid session… Source link
Read More »Security Bulletin 26 Oct 2022 – Cyber Security Agency of Singapore
CVE Number Description Base Score Reference CVE-2018-3839 An exploitable code execution vulnerability exists in the XCF image rendering functionality of Simple DirectMedia Layer SDL2_image-2.0.2. A specially crafted XCF image can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2018-3839 CVE-2019-7280 Prima Systems FlexAir, Versions 2.3.38 and prior. The session-ID is of an insufficient length and can be exploited by brute force, which may allow a remote attacker to obtain a valid session… Source link
Read More »Security Bulletin 19 Oct 2022 – Cyber Security Agency of Singapore
CVE Number Description Base Score Reference CVE-2019-5924 Cross-site request forgery (CSRF) vulnerability in Smart Forms 2.6.15 and earlier allows remote attackers to hijack the authentication of administrators via a specially crafted page. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2019-5924 CVE-2019-6727 This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the XFA remerge method. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of… Source link
Read More »Security Bulletin 19 Oct 2022 – Cyber Security Agency of Singapore
CVE Number Description Base Score Reference CVE-2019-5924 Cross-site request forgery (CSRF) vulnerability in Smart Forms 2.6.15 and earlier allows remote attackers to hijack the authentication of administrators via a specially crafted page. 8.8 https://nvd.nist.gov/vuln/detail/CVE-2019-5924 CVE-2019-6727 This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the XFA remerge method. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of… Source link
Read More »Researchers Detail Critical RCE Flaw Reported in Popular vm2 JavaScript Sandbox
A now-patched security flaw in the vm2 JavaScript sandbox module could be abused by a remote adversary to break out of security barriers and perform arbitrary operations on the underlying machine. “A threat actor can bypass the sandbox protections to gain remote code execution rights on the host running the sandbox,” GitHub said in an advisory published on September 28, 2022. The issue, tracked as CVE-2022-36067 and codenamed Sandbreak, carries a maximum severity rating of 10 on the CVSS vulnerability scoring system. It has been addressed in version 3.9.11 released on August 28, 2022. vm2 is a popular Node library that’s used to run untrusted code with allowlisted built-in modules. It’s also one of the most widely downloaded software, accounting for nearly 3.5 million downloads per… Source link
Read More »