Wind River, an IoT and industrial operating system owned by Intel will be acquired by TPG, global alternative asset firm. Terms of the deal were not disclosed. Intel had bought Wind River Systems for $884 million in 2009

Wind River operates in several markets, including aerospace and defense, automotive, industrial, medical and networking technologies. Its core products in these markets are operating systems, software infrastructure platforms, device management, and simulation software. The IoT practice of Wind River provides consulting services for customers building IoT applications.

In a statement for Wind River, Nehal Raj, Partner and Head of Technology investing at TPG said “We see a tremendous market opportunity in industrial software driven by the convergence of the Internet of Things (IoT), intelligent devices and edge computing. As a market leader with a strong product portfolio, Wind River is well positioned to benefit from these trends. We are excited about the prospects for Wind River as an independent company, and plan to build on its strong foundation with investments in both organic and inorganic growth.”

Wind River’s main IoT product is Helix Device Cloud, a cloud-offering capable of managing deployed IoT devices and industrial equipment across a machine’s lifecycle. Helix can connect and manage devices remotely.

Helix platform’s key uses cases are gateway management, proactive maintenance, security updates, and device provisioning.

[News24Wire] Western Cape Premier Alan Winde has written to President Cyril Ramaphosa to request urgent intervention due to backlogs at the National Health Laboratory Service (NHLS) that are causing delays in test results, he said on Friday.

Winds are from the West at 27.6 gusting to 35.7 MPH (24 gusting to 31 KT). The pressure is 1010.6 mb and the humidity is 50%. The wind chill is 25. Last Updated on May 9 2020, 11:53 am EDT.

The wind was a constant factor at the Ottawa University Invitational the last two days but the men's golf team battled to a fourth place finish.  In their first fall tournament of the season, Haskell Indian Nations University had to overcome a team high score of 333 on Monday at Eagle Bend Golf Course in Lawrence.  Head Coach Gary Tanner's squad would improve play by eight strokes Tuesday but it wasn't enough to make a big move on the final day of competition.  Kansas Wesleyan University won the tournament with a two-day total of 626 (304, 322) while KWU's Tyler Clark took the top individual honor with a 154 (76, 78).  However, HINU would not be far behind in this category as Josiah Kurley finished runner-up in the event with a 156 (79, 77).

A couple of evenings ago, my cousin Debika and I were discussing how we’d react if we were told we had just a few months to live. She said she would try and do everything she liked in that time, and surround herself with her family. I said that I’d be inclined to save people I cared for the pain of watching me die—whatever that took. Ironically and unexpectedly, shortly after this conversation, we found ourselves watching François Ozon’s remarkable film Time to Leave.

The film begins with its protagonist, Romain, discovering that he is terminally ill with cancer, and deciding not to bother with treatment. He does not tell his friends or family of his condition. He is rude to his sister, and drives her to tears. He tells his lover, Sasha, that he does not love him, and drives him to move out of their house. This is a transparent lie, but though we see it, Sasha doesn’t. He confides to his grandmother—marvellously played by Jeanne Moreau—because she is like him, and “will die soon.” But even in this winding up, complications ensue.

Melvil Poupaud plays Romain, and is magnificent – understated, yet effortlessly expressive. But it is Ozon’s storytelling that makes this film memorable. It is spare, focussing only on the essential, and revealing its essence. There is not a frame out of place in this heartbreaking film that ends, like Romain, too soon and in great beauty.

Rave Out © 2007 IndiaUncut.com. All rights reserved.
India Uncut * The IU Blog * Rave Out * Extrowords * Workoutable * Linkastic

A recap of the blogs published in the Library Characterization Tidbits blog series.(read more)

scrrun.dll on Microsoft Windows 10 suffers from file creation, folder creation, and folder deletion vulnerabilities.

Multiple Microsoft Windows 98/ME/2000/XP/2003 HTML Help file loading hijack vulnerabilities exist. Proof of concept included.

This Metasploit module exploits the Windows OLE automation array remote code execution vulnerability. The vulnerability exists in Internet Explorer 3.0 until version 11 within Windows 95 up to Windows 10.

3DEXPERIENCE, V5 and ENOVIAvpm support on Windows 10, Version1909

Microsoft Windows WizardOpium local privilege escalation exploit.

Deep Instinct Windows Agent version 1.2.29.0 suffers from an unquoted service path vulnerability.

CoronaBlue aka SMBGhost proof of concept exploit for Microsoft Windows 10 (1903/1909) SMB version 3.1.1. This script connects to the target host, and compresses the authentication request with a bad offset field set in the transformation header, causing the decompresser to buffer overflow and crash the target.

Microsoft Windows SMB version 3.1.1 suffers from a code execution vulnerability.

Microsoft Windows 10 SMB version 3.1.1 SMBGhost local privilege escalation exploit.

The Windows "net use" network logon type-3 command does not prompt for authentication when the built-in Administrator account is enabled and both remote and originating systems suffer from password reuse. This also works as "standard" user but unfortunately we do not gain high integrity privileges. However, it opens the door and increases the attack surface if the box we laterally move to has other vulnerabilities present.

Microsoft Windows suffers from an NtFilterToken ParentTokenId incorrect setting that allows for elevation of privileges.

In Microsoft Windows, by using the poorly documented SE_SERVER_SECURITY Control flag it is possible to set an owner different to the caller, bypassing security checks.

This Metasploit module exploits a logic flaw due to how the lpApplicationName parameter is handled. When the lpApplicationName contains a space, the file name is ambiguous. Take this file path as example: C:program fileshello.exe; The Windows API will try to interpret this as two possible paths: C:program.exe, and C:program fileshello.exe, and then execute all of them. To some software developers, this is an unexpected behavior, which becomes a security problem if an attacker is able to place a malicious executable in one of these unexpected paths, sometimes escalate privileges if run as SYSTEM. Some software such as OpenVPN 2.1.1, OpenSSH Server 5, and others have the same problem.

571 bytes small Microsoft Windows x86 dynamic bind shell and null-free shellcode.

195 bytes small Windows/x86 null-free WinExec Calc.exe shellcode.

An elevation of privilege vulnerability exists in Microsoft Windows when the Win32k component fails to properly handle objects in memory. This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This Metasploit module is tested against Windows 10 v1703 x86.

Microsoft Windows 7 Build 7601 (x86) local privilege escalation exploit.

Microsoft Windows suffers from an Internet Settings misconfiguration security feature bypass vulnerability. Versions affected include Windows 7 SP1, 8.0, 8.1 x86 and x64 with full patches up to July 2019.

Microsoft Windows 7 (x86) BlueKeep remote desktop protocol windows kernel use-after-free exploit.

9 bytes small Microsoft Windows 7 screen locking shellcode.

The Windscribe VPN client application for Windows makes use of a Windows service WindscribeService.exe which exposes a named pipe \.pipeWindscribeService allowing execution of programs with elevated privileges. Windscribe versions prior to 1.82 do not validate user-supplied program names, allowing execution of arbitrary commands as SYSTEM. This Metasploit module has been tested successfully on Windscribe versions 1.80 and 1.81 on Windows 7 SP1 (x64).

This Metasploit module exploits a NULL pointer dereference vulnerability in MNGetpItemFromIndex(), which is reachable via a NtUserMNDragOver() system call. The NULL pointer dereference occurs because the xxxMNFindWindowFromPoint() function does not effectively check the validity of the tagPOPUPMENU objects it processes before passing them on to MNGetpItemFromIndex(), where the NULL pointer dereference will occur. This module has been tested against Windows 7 x86 SP0 and SP1. Offsets within the solution may need to be adjusted to work with other versions of Windows, such as Windows Server 2008.

52 bytes small Win32/XP SP3 windows magnifier shellcode.

netABuse is a scanner that identifies systems susceptible to a Microsoft Windows insufficient authentication logic flaw.

Whitepaper called Windows User Accounts Penetration Testing. Written in Persian.

644 bytes small Microsoft Windows x86 shellcode that disables the Windows firewall, adds the user MajinBuu with password TurnU2C@ndy!! to the system, adds the user MajinBuu to the local groups Administrators and Remote Desktop Users, and then enables the RDP Service.

Druva inSync Windows Client version 6.5.2 suffers from a local privilege escalation vulnerability.

The Microsoft Windows kernel suffers from a 64-bit pool memory disclosure vulnerability via REG_RESOURCE_LIST registry values (CmResourceTypeDevicePrivate entries).

The Microsoft Windows kernel suffers from a 64-bit pool memory disclosure vulnerability via REG_RESOURCE_LIST registry values (videoprt.sys descriptors).

The Microsoft Windows kernel suffers from a 64-bit pool memory disclosure vulnerability via REG_RESOURCE_REQUIREMENTS_LIST registry values.

Microsoft Windows suffers from a Desktop Bridge Virtual Registry arbitrary file read / write privilege escalation vulnerability.

Microsoft Windows suffers from a Desktop Bridge Virtual Registry NtLoadKey arbitrary file read / write privilege escalation vulnerability.