This is bash programmable completion for the netfilter.org accounting tool nfacct.

This is bash programmable completion for the conntrack-tools from netfilter.org. The package contains completions for conntrack, conntrackd, and nfct.

iptables-bash_completion provides programmable completion for the iptables and ip6tables programs from netfilter.org. Following the logic of iptables, options are shown only if they are valid at the current context. Additionally to the completion on options, matches and targets, it supports dynamic retrieval of data from the system i.e: chain-, set-names, interfaces, hostnames, etc. Environment variables allow to fine grade completion options. IP and MAC addresses can be fed by file.

This Metasploit module exploits a stack based buffer overflow in CCMPlayer 1.5. Opening a m3u playlist with a long track name, a SEH exception record can be overwritten with parts of the controllable buffer. SEH execution is triggered after an invalid read of an injectable address, thus allowing arbitrary code execution. This Metasploit module works on multiple Windows platforms including: Windows XP SP3, Windows Vista, and Windows 7.

A DLL side loading vulnerability was found in the BDA MPEG2 Transport Information Filter that ships with Windows Vista. This issue can be exploited by loading the filter as an embedded OLE object. When instantiating the object Windows will try to load the DLL ehTrace.dll from the current working directory. If an attacker convinces the user to open a specially crafted (Office) document from a directory also containing the attacker's DLL file, it is possible to execute arbitrary code with the privileges of the target user. This can potentially result in the attacker taking complete control of the affected system.

A FortiSIEM collector connects to a Supervisor/Worker over HTTPS TLS (443/TCP) to register itself as well as relaying event data such as syslog, netflow, SNMP, etc. When the Collector (the client) connects to the Supervisor/Worker (the server), the client does not validate the server-provided certificate against its root-CA store. Since the client does no server certificate validation, this means any certificate presented to the client will be considered valid and the connection will succeed. If an attacker spoofs a Worker/Supervisor using an ARP or DNS poisoning attack (or any other MITM attack), the Collector will blindly connect to the attacker's HTTPS TLS server. It will disclose the authentication password used along with any data being relayed. Versions 5.0 and 5.2.1 have been tested and are affected.

A vulnerability exists within the Microsoft Server Message Block 3.1.1 (SMBv3) protocol that can be leveraged to execute code on a vulnerable server. This local exploit implementation leverages this flaw to elevate itself before injecting a payload into winlogon.exe.

Complaint Management System version 4.2 suffers a remote SQL injection vulnerability that allows for authentication bypass.

This is a simple perl script to perform dictionary attacks against the KeePass password manager.

Simple script to perform RC4 encryption / decryption.

Ecommerce Systempay version 1.0 suffers from a production key brute forcing vulnerability.

The global impact of COVID-19 has been profound, and the public health threat it represents is the most serious seen in a respiratory virus since the 1918 H1N1 influenza pandemic. This report presents the results of epidemiological modeling which has informed policymaking in the UK and other countries in recent weeks.

This Metasploit module exploits a command injection vulnerability in Imperva SecureSphere version 13.x. The vulnerability exists in the PWS service, where Python CGIs did not properly sanitize user supplied command parameters and directly passes them to corresponding CLI utility, leading to command injection. Agent registration credential is required to exploit SecureSphere in gateway mode. This module was successfully tested on Imperva SecureSphere 13.0/13.1/13.2 in pre-ftl mode and unsealed gateway mode.

An exploitable information disclosure vulnerability exists in the ACEManager template_load.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can cause a information leak, resulting in the disclosure of internal paths and files. An attacker can make an authenticated HTTP request to trigger this vulnerability.

The CEO of the UN’s Global Compact initiative, Lise Kingo, talks about the sustainability shift in the C-suite, FDI’s role in achieving the SDGs and how CEOs can address common risks.

tcpdump allows you to dump the traffic on a network. It can be used to print out the headers and/or contents of packets on a network interface that matches a given expression. You can use this tool to track down network problems, to detect many attacks, or to monitor the network activities.

The Inland Empire, which encompasses 27,000 square miles in Southern California, has one of the highest rates of poverty in the U.S.'s twenty-five largest metropolitan areas. One in five people there live at the poverty level. Smooth Transition, Inc., is a nonprofit educational and vocational training organization that has been working with local at-risk populations since 2009. It aims to provide a gateway towards empowerment, educational, and employment opportunities to lead a fulfilling, prosperous, and purposeful life.

Breaking Harmful Cycles

Smooth Transition began working to reach at-risk teens early — before they dropped out of high school or left the foster care system. It later expanded its program to include all at-risk populations, including displaced adults, as a means to better help the community. Smooth Transition's life skills development and educational training increase levels of employability. Its mentorship helps prevent its clients from re-entering the foster and judicial system or repeating poverty and homelessness cycles.

The nonprofit provides flexible and relevant programs that are accredited through the Western Association of Schools and Colleges. Its programs are directly tied to career pathways and provide students with vocational certifications at little or no cost to them. Graduates have a high completion rate as compared with other programs that serve at-risk populations. But students also come away with significant increases in their perceived self-value and a decrease in perceived barriers to success.

Keeping the Computer Labs Secure

In 2016, Smooth Transition served roughly 2,800 people with just four full-time staff members. Many of its programs are computer-based and require that its computer labs serve multiple uses and multiple users. One of the organization's board members manages its IT needs on a volunteer basis. He recommended Symantec's Norton Small Business, and the organization has been using it on its systems since it was founded.

Symantec's donation of antivirus protection — through TechSoup — has enabled the nonprofit to safely use its computer labs and has increased the number of programs and services it can offer to its students. According to Dr. Robin Goins, president and executive director of Smooth Transition, "The donations we receive are the foundation of our success, and we cannot express enough the generational and community impact the Symantec donations provide us. Smooth Transition is an appreciative recipient of the donations we received from Symantec and we look forward to providing even more impactful community programs as a result."

Goins goes on to describe how Smooth Transition's testing centers are networked, with students taking roughly 250,000 different kinds of exams. She worried that without security in the testing centers, the tests would be disrupted, causing a very serious problem. "If we have things disrupting our classes it costs us money. It also costs students the ability to complete their work. Having viruses attack us would be catastrophic for us."

Goins points out that Norton Small Business also helps protect confidential information. "As a school, we're required to protect the identity of our students and a lot of their demographic information," she said.

Smooth Transition will continue to work throughout the Inland Empire to provide flexible training and resources for those who don't fit the traditional education model. Though it faces many challenges in providing students with real, relevant work tools and skills, its staff is relieved, knowing that its systems and data are protected.

spanhidden

Fall has arrived, and with it comes fundraising season. More than one-third of charitable giving happens in the last three months of the year, and the emergence of Giving Tuesday (on November 28 this year) makes the year's end even more critical for charities.

Feeling overwhelmed? Your local NetSquared group is here to help with free, in-person events being held across the U.S. and the globe.

Naples, Florida, is hosting a meetup on tools for effective email fundraising; Chippewa Falls, Wisconsin, is hosting a series of Giving Tuesday brainstorming sessions; and Chicago, Illinois, will explore how your CRM can save end-of-year fundraising plans.

With more than 75 events scheduled for October, there's probably an event scheduled for your community, so RSVP now for one of our meetups.

Join us!

Upcoming Tech4Good Events

This roundup of face-to-face nonprofit tech events includes meetups from NetSquared, NTEN's Tech Clubs, and other awesome organizations. If you're holding monthly events that gather the #nptech community, let me know, and I'll include you in the next community calendar, or apply today to start your own NetSquared group.

Jump to events in North America or go international with events in

• Africa and Middle East
• Asia and Pacific Rim
• Central and South America
• Europe and U.K.

North America

Monday, October 2, 2017

• Vancouver, British Columbia: Photojournalism for Nonprofits and Small Businesses #Storymakers2017

Tuesday, October 3, 2017

• Portland, Oregon
  • Happy Hour with Nonprofit Tech Luminaries
  • NTEN Presents: Oregon Nonprofit Tech Roundup
• Montréal, Québec: Développer une Présence Web Efficace
• Naples, Florida: Tools for Effective Email Communication
• Mason, Ohio: Connecting Nonprofits and Techies in Cincinnati

Wednesday, October 4, 2017

• Pittsburgh, Pennsylvania: Bagels and Bytes — Allegheny
• Baltimore, Maryland: WordPress 101 and Tech Help and Consultations
• San Francisco, California: Code for America Civic Hack Night (Weekly)

Thursday, October 5, 2017

• Calgary, Alberta: Evening on Data Ethics

Friday, October 6, 2017

• Seattle, Washington: King County Executive Director Forum

Monday, October 9, 2017

• Chippewa Falls, Wisconsin: Giving Tuesday Brainstorming

Tuesday, October 10, 2017

• Columbus, Ohio: Nonprofit IT Forum
• Decatur, Illinois: Free and Low-Cost Resources for Nonprofit Software
• Ottawa, Ontario: Review Progress on Data Analysis Projects

Wednesday, October 11, 2017

• Mason, Ohio: Help Create an App for Homeless to Manage Money More Effectively
• San Francisco, California: Code for America Civic Hack Night (Weekly)
• Boston, Massachusetts: Tech Networks of Boston Roundtable: Building an Effective Data Culture at Your Nonprofit
• O’Fallon, Missouri: Learn How to Apply for a $10,000 per Month Google AdWords Grant
• Phoenix, Arizona: Website Building 101: Quick and Easy Web Presence for Nonprofits
• Los Angeles, California: Nonprofit Volunteer Management
• Chicago, Illinois: Net Neutrality

Thursday, October 12, 2017

• Chicago, Illinois: It's Never Too Late: How Your CRM Can Save End-of-Year Fundraising
• Seattle, Washington: What You Need to Know About Board Governance

Saturday, October 14, 2017

• Saint Paul, Minnesota: Minnesota Blogger Conference | by Get Social Events, the Social Media Breakfast Folks ($25)

Monday, October 16, 2017

• San Francisco, California: Social Impact in Tech: Panel Discussion with LinkedIn, Lyft, and Salesforce
• Chippewa Falls, Wisconsin: Giving Tuesday Brainstorming
• Seattle, Washington: Fall Nonprofit Technology Speed Geek

Tuesday, October 17, 2017

• Buffalo, New York: Essential Data Management
• Orlando, Florida: Tech4Good Orlando October: Search Engine Optimization and Strategy

Wednesday, October 18, 2017

• San Francisco, California: Code for America Civic Hack Night (Weekly)
• Houston, Texas: NetSquared Houston
• Research Triangle Park, North Carolina: Crowdsourcing Change: The Social Web to Nonprofits

Thursday, October 19, 2017

• Monroeville, Pennsylvania: TechNow 2017 Conference
• Sweet Briar, Virginia: Using Data to Reach Your Audience

Friday, October 20, 2017

• West Chester, Ohio: Southwest Ohio Give Camp
• Boston, Massachusetts: Tech Networks of Boston Roundtable: Can Appmaker Help You? A Free Database Tool from Google

Monday, October 23, 2017

• Chippewa Falls, Wisconsin: Giving Tuesday Brainstorming
• Austin, Texas: Engaging the Millennial Donor

Tuesday, October 24, 2017

• Vancouver, British Columbia: How Delivering Webinars Can Benefit Your Mission

Wednesday, October 25, 2017

• Baltimore, Maryland: Salesforce 101 for Nonprofits and Free Tech Help and Guidance
• San Francisco, California: Code for America Civic Hack Night (Weekly)
• Seattle, Washington: Recruit, Engage, and Retain a Great Board

Monday, October 30, 2017

• Chippewa Falls, Wisconsin: Giving Tuesday Brainstorming

Tuesday, October 31, 2017

• Seattle, Washington: Bolder and Wiser: Nonprofit Advocacy Rights (Part 2)

Central and South America

Wednesday, October 4, 2017

• Guatemala City, Guatemala: Pechakucha Guatemala — Historias Digitales Vol. 15

Africa and Middle East

Sunday, October 1, 2017

• Cotonou, Benin: L'Utilité des Logiciels de TechSoup dans la Progression d Nos ONG dans le Monde
• Kampala, Uganda: Digital Storytelling for Nonprofits Workshop

Monday, October 2, 2017

• Ouagadougou, Burkina Faso: Monthly Meeting of Local Members

Saturday, October 7, 2017

• Matloding, South Africa: Technology for Rural Development
• Bunda, Tanzania: Microsoft Cloud Computing
• Morogoro, Tanzania: Role of ICT for Farm Management

Wednesday, October 11, 2017

• Bamenda, Cameroon: How to Create Digital Stories

Friday, October 13, 2017

• Katabi, Uganda: Using Social Media Applications for Development
• Pangani, Tanzania: Storymakers Campaign

Saturday, October 14, 2017

• Bunda, Tanzania: Microsoft Cloud Computing

Sunday, October 15, 2017

• Cotonou, Benin: Les Logiciels Mis en Don par Techsoup.org pour les ONG et Association au Benin

Saturday, October 21, 2017

• Bunda, Tanzania: Microsoft Cloud Computing

Saturday, October 28, 2017

• Bunda, Tanzania: Microsoft Cloud Computing
• Morogoro, Tanzania: Technology for Livelihood Improvement

Asia and Pacific Rim

Tuesday, October 3, 2017

• Taipei, Taiwan: NGO要怎麼搞群眾募資？- 綠盟經驗談

Wednesday, October 4, 2017

• Singapore, Singapore: DataJam!

Tuesday, October 10, 2017

• Wellington, New Zealand: Set Your Email Newsletter on Fire | Net2Welly Oct '17 Meetup

Sunday, October 15, 2017

• Jakarta, Indonesia: Web Hosting

Europe and U.K.

Tuesday, October 3, 2017

• Paris, France: AdWords Express — Grands Débutants

Wednesday, October 4, 2017

• Puidoux, Switzerland: 7ème Journée Pédagogique ESV-SPV (AVMES/AVMD)

Friday, October 6, 2017

• Carouge, Switzerland: 12h de Hackaton pour Afficher les Termes et Conditions, Que Vous Ne Lirez Jamais

Saturday, October 7, 2017

• Genève, Switzerland: LINforum3 Partage Idée, Réflexion, Projet, Startup, Service … Responsables!

Wednesday, October 11, 2017

• Cambridge, United Kingdom: Social Media Surgery — Hands-on Help with Social Media

Thursday, October 12, 2017

• Paris, France: La Data pour Vous Renforcer

Saturday, October 14, 2017

• Pully, Switzerland: Intergen.Digital à Pully

Monday, October 16, 2017

• Birmingham, United Kingdom: Social Media Session

Tuesday, October 17, 2017

• Dublin, Ireland: Smart Cities for Good

Wednesday, October 18, 2017

• Paris, France: Forum National des Associations et des Fondations
• Bordeaux, France: Les Personas pour Optimiser Votre Conversion

Thursday, October 19, 2017

• Bath, United Kingdom: Tech for Good Community Mapping
• Paris, France: Brainstorming, Plans d'Actions sur Internet

Wednesday, October 25, 2017

• Manchester, United Kingdom: Tech for Good: At the BBC
• Paris, France: AdWords – Initiation
• Paudex, Switzerland: RdV4–0.ch: 3. Solutions Informatiques — Cloud — SaaS — Services en Ligne

Thursday, October 26, 2017

• Barcelona, Spain: ¡Relanzamos NetSquared Barcelona! ¡Te Esperamos!
• Paris, France: Analytics — Initiation

Tuesday, October 31, 2017

• Renens, Switzerland: OpenLab: Visite du Fablab de Renens

Left photo: Gregory Munyaneza / NetSquared Rwanda / CC BY

Center photo: Chrispin Okumu / NetSquared Kenya / CC BY

Right photo: Chrispin Okumu / NetSquared Kenya / CC BY

spanhidden

Here's a simple way to keep your data safe from potential bad actors in one easy step. Are you ready? Here it is: Log out and lock your computer whenever you're not in front of it.

That's right, it's so simple it can almost be seen as an analog approach to cybersecurity. But make no mistake, all those in-depth disk encryption efforts can be rendered pointless. If you step away from your computer while it's on and unlocked, anyone passing by can access it.

Working Remotely Promotes Data Vulnerability

What's perhaps most insidious about someone gaining physical access to your computer is the fact that the attacker doesn't need any advanced technical know-how to steal sensitive information. A momentary lapse in vigilance at work or a coffee shop can result in a data breach of epic proportions.

Let's say you're working remotely at your favorite café down the street from your apartment and you get up to put in an order for a late breakfast, forgetting to lock your laptop. During that brief moment, a low-key cybervillian could easily stick a USB drive into your computer and copy any sensitive files about you — or your organization — and leave undetected.

Furthermore, if you were logged in to Gmail, your medical records, or your bank account, that malefactor could wreak havoc on your personal and professional life in a matter of minutes.

Tips for Protecting Yourself

The good news about all of this is that warding off these types of would-be data plunderers is really, really easy — it's simply a matter of using your operating system's screen locking functionality. If you don't want to do this, then at the very least you should log out of any sensitive online accounts whenever you step away from your machine.

For each of the following options, be sure you are aware of the password connected to your user login before locking yourself (or anyone else) out.

Screen Locking in Microsoft Windows

• Press Ctrl+Alt+Delete and select Lock this computer
• Press Windows+L

Either of these will lock your computer and require a password to log back in. You can choose Control Panel > Personalization > Screen Saver Settings and set up a screen saver that provides a login screen to get back in once it's been initiated.

Screen Locking in macOS

• On an external keyboard or older laptops, press Ctrl+Shift+Eject
• On a MacBook Air or Pro Retina, press Ctrl+Shift+Power

You can also go to System Preferences > Security & Privacy > General and select Require password immediately after sleep or screen saver begins (provided you have already set up a screen saver by clicking System Preferences > Desktop & Screen Saver).

Additional Cybersecurity Resources

• Find out how to recognize suspicious emails and protect yourself against malware through better password security
• Check out our recent post on the future of security threats

Get more security tips from the National Cyber Security Alliance. National Cyber Security Awareness Month — observed every October — was created as a collaborative effort between government and industry to ensure that all Americans have the resources they need to stay safer and more secure online. Find out how you can get involved.

Image: National Cyber Security Alliance

spanhidden

Poor infrastructure and political instability deter tourism, but small and manageable steps to avoid chaos and promote hospitality can work wonders.

Kenya’s cabinet secretary for the national treasury and planning, Ukur Yatani, discusses the country’s agenda of fiscal reforms and the importance of constructing an east-west Africa highway.

Bradford has been rated as the most improved city by the Good Growth for Cities 2019 index, while Oxford remained the highest performing UK city.