Default passwords for VAX/VMS, DEC-10, TOPS 10,

Pretty complete file on hacking VAX/VMS machines

DECnet, UNIX UUCP files, VAX - Tekno DCS help,

CERT Advisory - VAX/VMS Breakins

Modernz #11. VMS / VAX

User's Guide to VAX/VMS

The VAX/VMS SYSUAF.DAT file

Open-Xchange OX App Suite suffers from a content spoofing, cross site scripting, and information disclosure vulnerabilities. Versions affected vary depending on the vulnerability.

Macs Framework version 1.14f suffers from cross site scripting and remote SQL injection vulnerabilities.

Project Open CMS version 5.0.3 suffers from cross site scripting and remote SQL injection vulnerabilities.

hits script version 1.0 suffers from a remote SQL injection vulnerability.

NTCrackPipe is a basic local Windows account cracking tool.

NTCrackPipe is a basic local Windows account cracking tool.

Apple iPhone 4 with iOS 4.3 (8F190) suffers from a passphrase disclosure vulnerability that allows all local processes access to it.

Checkview version 1.1 for iPhone / iPod Touch suffers from a directory traversal vulnerability.

iPhone/iPad Phone Drive version 1.1.1 suffers from a directory traversal vulnerability.

This is a brief whitepaper discussing how to perform forensics on iOS 5 on the iPhone.

IPhone TreasonSMS suffers from html injection and file inclusion vulnerabilities.

This article explains the technical procedure and challenges involved in extracting data and artifacts from iPhone backups.

Air Transfer Iphone version 1.3.9 suffers from remote denial of service and unauthenticated file access vulnerabilities.

WordPress Windows Desktop and iPhone Photo Uploader plugin suffers from a remote shell upload vulnerability.

Symantec Mobile Encryption for iPhone version 2.1.0 suffers from a denial of service vulnerability.

Visual Voicemail for iPhone suffers from a use-after-free vulnerability in IMAP NAMESPACE processing.

An issue exists where a malformed iMessage can brick an iPhone. A method in IMCore can throw an NSException due to a malformed message containing a property with key IMExtensionPayloadLocalizedDescriptionTextKey with a value that is not a NSString.

Wifiphisher is a security tool that mounts fast automated phishing attacks against WPA networks in order to obtain the secret passphrase. It is a social engineering attack that unlike other methods it does not include any brute forcing. It is an easy way for obtaining WPA credentials.

Teltonika RUT9XX routers with firmware before 00.05.01.1 are prone to cross site scripting vulnerabilities in hotspotlogin.cgi due to insufficient user input sanitization.

An exploitable command injection vulnerability exists in the ACEManager iplogging.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can inject arbitrary commands, resulting in arbitrary command execution. An attacker can send an authenticated HTTP request to trigger this vulnerability.

An exploitable cross-site scripting vulnerability exists in the ACEManager ping_result.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP ping request can cause reflected javascript code execution, resulting in the execution of javascript code running on the victim's browser. An attacker can get a victim to click a link, or embedded URL, that redirects to the reflected cross-site scripting vulnerability to trigger this vulnerability.

This Metasploit module exploits a vulnerability in Total.js CMS. The issue is that a user with admin permission can embed a malicious JavaScript payload in a widget, which is evaluated server side, and gain remote code execution.

China's coronavirus outbreak is having a seismic effect in Asia and beyond, writes Lawrence Yeo.

GE Renewable Energy announced the shipment of the four tower sections that will be part of GE’s Haliade-X 12 MW prototype to be installed later this summer in Maasvlakte-Rotterdam (NL). The four segments at tower manufacturer GRI’s site in Seville, will be arriving in the Netherlands before the end of the month.

Sweden’s ambitious plan to drastically cut emissions from transport by bringing millions of electric cars onto the road could be derailed by a lack of power capacity for new charging stations in major cities.

Voith has received an order for the Ritom pumped storage power plant in Switzerland, which began operating in 1920 and will be replaced with a new facility.

ENGIE Storage has announced it will supply and operate a 19 MW/38 MWh portfolio of six energy storage sites that will contribute to the Solar Massachusetts Renewable Target Program and participate in ISO-New England wholesale markets.

France’s Neoen SA has outlined plans to build a giant renewables complex in South Australia, including battery storage with up to nine times more capacity than the Tesla Inc. design at its nearby Hornsdale plant, which is billed as the world’s largest lithium-ion battery.

A trailblazing wind-solar hybrid project in western Minnesota could be a preview of what’s to come as renewable developers look for new ways to bolster projects.

Enel Foundation has signed a landmark agreement to become the exclusive Global Knowledge Partner of the 2019 Clarion Power and Energy series of events.

Today, Alabama Municipal Electric Authority (AMEA) and Lightsource BP announced the development of a 100-MW (AC) solar energy project in Montgomery County, Alabama. Lightsource BP will finance, develop, build, own, and operate the solar facility and will deliver energy to AMEA under a 20-year power purchase agreement (PPA). The project, situated 15 miles from AMEA’s headquarters in Montgomery, will supply clean energy to AMEA’s 11 Member utilities located across the state and will generate enough electricity to power more than 20,000 homes.

A report that examines statements about rolling blackouts made by regional grid operator ISO-New England, shows that sustained growth of renewables, and not more gas, will boost reliability of New England’s electric power system.

About a month ago, legislators for the District of Columbia introduced a bill that, if passed, could revolutionize how utilities deliver power to customers. The bill is known as the Distributed Energy Resources Authority Act. It would establish an independent body that ensures DC utilities look at non-wires alternatives whenever they propose to spend more than $25M on construction to expand capacity or enhance reliability. The independent body would determine if any of the capacity or reliability requirements could be met with energy efficiency, demand response or distributed energy resources (DERs) like solar and storage.

This week Autogrid announced that it entered into a partnership with Swell Energy to provide software for managing Swell’s growing fleet of distributed energy resources (DER).

U.S. President Donald Trump tapped Energy Department staffer Bernard McNamee to join the nation’s top energy regulator, potentially smoothing the path for a brewing bailout of money-losing coal and nuclear plants.

Global funding for clean-energy projects sagged in 2018 after China’s decision to curb subsidies dragged down installations in the world’s biggest solar market.

This week, Los Angeles Mayor Eric Garcetti announced that rather than investing in the Haynes, Harbor and Scattergood natural gas power plants to meet the requirements of a 2010 law related to a practice known as once through cooling, the Los Angeles Department of Water and Power (LADWP) will phase them out in favor of renewable energy.

Last week, Sunrun announced that its bid to supply 20 MW of residential solar + storage capacity into the New England ISO Forward Capacity Market for 2022-2023 was approved. According to Chris Rauscher, Director of Policy and Storage Market Strategy for Sunrun, this is not a pilot project or an experiment in any way.

Sweden’s ambitious plan to drastically cut emissions from transport by bringing millions of electric cars onto the road could be derailed by a lack of power capacity for new charging stations in major cities.

ENGIE Storage has announced it will supply and operate a 19 MW/38 MWh portfolio of six energy storage sites that will contribute to the Solar Massachusetts Renewable Target Program and participate in ISO-New England wholesale markets.