Secunia Security Advisory - SUSE has issued an update for libvirt. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise a vulnerable system.

Secunia Security Advisory - SUSE has issued an update for samba. This fixes a vulnerability, which can be exploited by malicious people to conduct clickjacking attacks.

Secunia Security Advisory - SUSE has issued an update for libvirt. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.

Secunia Security Advisory - SUSE has issued an update for ruby on rails. This fixes multiple vulnerabilities, which can be exploited by malicious people to conduct SQL injection attacks and to compromise a vulnerable system.

Mandriva Linux Security Advisory 2015-046 - Stephen Roettger of the Google Security Team, Sebastian Krahmer of the SUSE Security Team and Harlan Stenn of Network Time Foundation discovered that the length value in extension fields is not properly validated in several code paths in ntp_crypto.c, which could lead to information leakage or denial of service. Stephen Roettger of the Google Security Team reported that ACLs based on IPv6 ::1 addresses can be bypassed.

Mandriva Linux Security Advisory 2015-140 - If no authentication key is defined in the ntp.conf file, a cryptographically-weak default key is generated. ntp-keygen before 4.2.7p230 uses a non-cryptographic random number generator with a weak seed to generate symmetric keys. A remote unauthenticated attacker may craft special packets that trigger buffer overflows in the ntpd functions crypto_recv() (when using autokey authentication), ctl_putdata(), and configure(). The resulting buffer overflows may be exploited to allow arbitrary malicious code to be executed with the privilege of the ntpd process. A section of code in ntpd handling a rare error is missing a return statement, therefore processing did not stop when the error was encountered. This situation may be exploitable by an attacker. Stephen Roettger of the Google Security Team, Sebastian Krahmer of the SUSE Security Team and Harlan Stenn of Network Time Foundation discovered that the length value in extension fields is not properly validated in several code paths in ntp_crypto.c, which could lead to information leakage or denial of service. Stephen Roettger of the Google Security Team reported that ACLs based on IPv6 ::1 addresses can be bypassed. The ntp package has been patched to fix these issues.

Debian Security Advisory DSA 830-1 - Drew Parsons noticed that the post-installation script of ntlmaps, an NTLM authorization proxy server, changes the permissions of the configuration file to be world-readable. It contains the user name and password of the Windows NT system that ntlmaps connects to and, hence, leaks them to local users.

Cisco Security Advisory - Multiple vulnerabilities exist in the Cisco ASA 5500 Series Adaptive Security Appliances and Cisco PIX Security Appliances. These include Windows NT domain authentication bypass, IPv6 denial of service, and a Crypto Accelerator memory leak.

This exploits a buffer overflow in the ISAPI ISM.DLL used to process HTR scripting in IIS 4.0. This Metasploit module works against Windows NT 4 Service Packs 3, 4, and 5. The server will continue to process requests until the payload being executed has exited. If you've set EXITFUNC to 'seh', the server will continue processing requests, but you will have trouble terminating a bind shell. If you set EXITFUNC to thread, the server will crash upon exit of the bind shell. The payload is alpha-numerically encoded without a NOP sled because otherwise the data gets mangled by the filters.

Microsoft Windows NT/2K/XP/2K3/VISTA/2K8/7 NtVdmControl()->KiTrap0d local ring0 exploit. Google flags this as malware so only use this if you know what you are doing. The password to unarchive this zip is the word "infected".

RegLookup is a small command line utility for parsing and searching registry files from Windows NT and later.

RegLookup is a small command line utility for parsing and searching registry files from Windows NT and later.

RegLookup is a small command line utility for parsing and searching registry files from Windows NT and later.

There is a pretty obvious bug in win32k!EPATHOBJ::pprFlattenRec where the PATHREC object returned by win32k!EPATHOBJ::newpathrec does not initialize the next list pointer. This is a local ring0 exploit for Microsoft Windows NT/2K/XP/2K3/VISTA/2K8/7/8.

This Metasploit module exploits a stack buffer overflow in Disk Pulse Enterprise 9.0.34. If a malicious user sends a malicious HTTP login request, it is possible to execute a payload that would run under the Windows NT AUTHORITYSYSTEM account. Due to size constraints, this module uses the Egghunter technique.

This Metasploit module exploits an SEH buffer overflow in Disk Pulse Enterprise version 9.9.16. If a malicious user sends a crafted HTTP GET request it is possible to execute a payload that would run under the Windows NT AUTHORITYSYSTEM account.

Eco Wave Power, based in Israel, plans to raise $5 million by the end of the year to further develop its technology and projects that harness the power of the ocean to generate electricity.

More than 100 world leaders converged upon New York City today to discuss international efforts to reduce carbon emissions and combat climate change. The list of speakers at the UN Climate Summit included U.S. President Barack Obama, UK Prime Minister David Cameron, Brazilian President Dilma Rousseff, French President François Hollande, and Chinese Vice Premier Zhang Gaoli.

California and Quebec, which together created the largest carbon market in North America this year, may come away empty-handed as they woo northeastern U.S. states to join their system.

Europe’s concern about its reliance on Russian fossil fuels may spur governments to prioritize alternative energy, the head of Neste Oil Oyj said.

Over 95 percent of climate scientists have concluded that CO2 is the primary cause of global warming. Solving the problem requires a dramatic reduction in CO2 emissions. Some people are altruistic, but almost all businesses are bottom line oriented and will not reduce their CO2 emissions unless they have an economic incentive to do so. There are two realistic incentives: taxing CO2 emissions or setting up a cap and trade program for CO2. Since increasing taxes is politically unfeasible, the most practical approach is with a cap and trade program.

The European Union is seeking to speed up the creation of a common energy market to help its shift to a low-carbon economy and boost security of energy supplies amid a natural-gas dispute between Russia and Ukraine.

Kenya’s renewable energy ambitions have attracted growing attention in recent months. There has been a strong uptick in interest in the country’s wind energy potential in particular. Last year, Kenya’s Ministry of Energy and Petroleum said in an investment prospectus for 2013-2016 that it plans to boost wind power generation by 630 MW as part of its target to increase electricity levels by 5,000 MW by 2016. In March, the Kenyan government also signed a financing document for the largest private investment in Kenya.

The green revolution and, in particular, renewable energy products such as solar power, wind turbines, geothermal and algae-based fuels are not waiting for viable technology — it already exists in many forms. What they are waiting for is a massive sea change in our antiquated financial accounting systems.

A new report by utility and finance experts contains positive news for the environment, our air and our (and our utilities’) pocketbooks — the economics of electric power resources have made zero-emissions energy efficiency and renewable energy technologies the most financially attractive options to meet the nation’s future energy demands.

The advice that Pennwell’s 2014 Woman of the Year, Mary Powell, gave to women in the power industry during Tuesday’s Women in Power Luncheon might come as a surprise to some. It was this: Stop undercutting each other. Powell said the most difficult obstacles she has encountered in her various leadership roles have not come from men, but rather from other women. Small comments like “I don’t know how you do it [being a mom and holding a high-level job]”, serve to bring doubt and uncertainty to high achieving women in any industry, and ultimately can lead to women exiting their careers in order to fit what they perceive is the societal norm.

Shinzo Abe’s re-election as prime minister risks undercutting Japan’s commitment to clean energy at a time when incentives are under review and the nation’s utilities say they can’t accommodate capacity already planned.

Renewable energy stakeholders are well aware that clean energy is slowly but steadily transforming the energy landscape and that message couldn’t have been more clear at the recently concluded Power-Gen International, the largest show for the traditional power generation industry. Since all forms of power generation are represented at the show through the four co-located conferences, PennWell calls the second week in December "Power Generation Week."

All of us here at RenewableEnergyWorld.com would like to wish everyone a very merry Christmas and a happy holiday season.

Developers, manufacturers, investors and other renewable energy industry stakeholders need updates on the latest and greatest finance mechanisms available today. Since 2003, global consultancy Ernst & Young has released its Country Attractiveness Indices, which ranks global renewable energy markets by analyzing investment strategies and resource availability.

Developers, manufacturers, investors and other renewable energy industry stakeholders need to know where the next big market is going to be so that they can adjust their business decisions accordingly.

The UN climate conference in Lima set the stage for Paris in 2015. Next year’s accord is to provide a working, albeit not a final, answer to the question: Is it possible to keep global warming at or below the 2 degree Celsius limit? This limit is considered the boundary beyond which the negative climatic, economic and social consequences of climate change are thought to become intolerably severe and potentially irreversible.

The Brazilian bank Itau Unibanco Holding SA raised 1.05 billion reais ($408 million) to finance renewable energy and water treatment projects.

Germany’s utilities, battered by the country’s shift to wind turbines and solar panels, would be glad to sell you a power plant on the cheap. They’ll even pack it up and ship it to another country.

Labor, business, and environmental leaders have formed a unique coalition that will urge Illinois lawmakers to pass new standards for energy efficiency and renewable energy, leading to tens of thousands of new, local jobs.

Cleantech investing has taken quite a hit in recent years. Last year, CBS News highlighted the “cleantech crash” on U.S. primetime television, and Bloomberg New Energy Finance, a Bloomberg-owned energy data firm, has tracked the multi-year decline in cleantech investing. However, there are additional trends that tell another side of the cleantech story and suggest innovation and hope for a low-cost, low-carbon future are far from gone.

In a previous article, I had a conversation with former-CIA chief Jim Woolsey to discuss one of America’s greatest national security vulnerabilities, its power grid. The issues that Woolsey has been concerned with for over a decade has been the ease in which a terrorist group or other actor (think North Korea for example) could attack the grid and plunge the country into darkness for months, if not years. And if that seems far-fetched, just recall how a tree limb fell in Ohio in 2003 and blacked out the entire Northeast and part of Canada for several days.

Apple and Google have changed our lives forever, both because of their technological innovations and sheer size as global corporations. Now, they’re aiming to reshape the energy landscape.

The European Commission has unveiled “A Framework Strategy for a Resilient Energy Union with a Forward-Looking Climate Change Policy,” which is a key plank in the development of its plans for Europe’s energy sector through 2030.