Security Affairs

DECEMBER 4, 2020

Hundreds of millions of Android users are potentially exposed to the risk of hack due to the use of Android Play Core Library versions vulnerable to CVE-2020-8913. The CVE-2020-8913 flaw is a local, arbitrary code execution vulnerability that resides exists in the SplitCompat.install endpoint in Android’s Play Core Library.

Libraries 106

Libraries e-Delivery Risk Authentication 106

CILIP

JUNE 13, 2023

Connecting town and gown through the library How to help a community explore its slave-trading history: Lesley English, Head of Library Engagement at Lancaster University Library, explains how the library plays a key role in building bridges between town and gown. We connect, we innovate, we include.”

Libraries 52

Libraries Access Agriculture Education 52

Security Affairs

NOVEMBER 19, 2020

Drupal development team has released security updates to address a remote code execution flaw, tracked as CVE-2020-13671. The Drupal development team has released security updates to fix a remote code execution vulnerability related caused by the failure to properly sanitize the names of uploaded files. Pierluigi Paganini.

CMS 107

CMS Libraries Security Information Security 107

Security Affairs

NOVEMBER 11, 2020

Microsoft Patch Tuesday updates for November 2020 address 112 flaws, including a Windows bug that was chained with Chrome issues in attacks. The IT giant also addressed the CVE-2020-17087 Windows flaw that was chained with the CVE-2020-15999 Chrome bug in attacks in the wild. Pierluigi Paganini.

Libraries 101

Libraries Security Access IT 101

IT Governance

NOVEMBER 6, 2023

Library branches remain open, Wi-Fi is still available and materials can still be borrowed. Records breached: According to the library’s 4 November update , there is “no evidence that the personal information of our staff or customers has been compromised”. However, public computers and printing services are unavailable.

Data Privacy 97

Data Privacy Privacy Libraries Security 97

Security Affairs

JULY 1, 2020

Microsoft has silently released an emergency security update through the Windows Store app to address two vulnerabilities in Windows codecs. Microsoft has silently released two out-of-band security updates through the Windows Store app to address two vulnerabilities in the Windows Codecs Library. Pierluigi Paganini.

Libraries 102

Libraries Security IT Information Security 102

The Texas Record

AUGUST 20, 2020

This event is organized by the Texas State Library and Archives Commission (TSLAC) and co-sponsored with the Texas Department of Information Resources (DIR) to promote electronic records management in Texas government. The deadline for submitting presentation proposals is FRIDAY, September 4, 2020.

Records Management 98

Records Management Communications Libraries Government 98

ForAllSecure

JANUARY 28, 2021

The US government has published a software library called six-library designed to parse and manipulate satellite imagery and data for both internal and public use. When examining six-library for potential entry points for fuzzing I kept the following in mind: Look for functions amenable to consuming raw binary data.

Libraries 52

Libraries Data structuring Government IT 52

ForAllSecure

JANUARY 28, 2021

The US government has published a software library called six-library designed to parse and manipulate satellite imagery and data for both internal and public use. When examining six-library for potential entry points for fuzzing I kept the following in mind: Look for functions amenable to consuming raw binary data.

Libraries 52

Libraries Data structuring Government IT 52

Security Affairs

AUGUST 5, 2020

Cyber Defense Magazine august 2020 Edition has arrived. OVER 145 PAGESALWAYS FREE – LOADED WITH EXCELLENT CONTENT Learn from the experts, cybersecurity best practices Find out about upcoming information security related conferences, expos and trade shows. The post Cyber Defense Magazine – August 2020 has arrived.

B2C 76

B2C IT Libraries Information Security 76

Security Affairs

JULY 2, 2020

Cyber Defense Magazine July 2020 Edition has arrived. OVER 165 PAGESALWAYS FREE – LOADED WITH EXCELLENT CONTENT Learn from the experts, cybersecurity best practices Find out about upcoming information security related conferences, expos and trade shows. The post Cyber Defense Magazine – July 2020 has arrived.

B2C 75

B2C IT Libraries Information Security 75

Security Affairs

MAY 5, 2020

A proof-of-concept (PoC) exploit for the recently fixed CVE-2020-1967 denial-of-service (DoS) issue in OpenSSL has been made public. The CVE-2020-1967 vulnerability has been described as a “segmentation fault” in the SSL_check_chain function, it is the first issue addressed in OpenSSL in 2020. continues the advisory.

Libraries 100

Libraries Cybersecurity Security IT 100

CILIP

OCTOBER 4, 2020

Discover a world of reading this Libraries Week. This Libraries Week (5-10 October 2020) libraries across the UK will showcase their reading offer as we celebrate the vital role of libraries in the UK?s ExpressYourShelf this Libraries Week by taking part in CILIP?s My Library, My Books and Me?,

Libraries 52

Libraries Access IT Security 52

Security Affairs

FEBRUARY 18, 2024

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security 95

Security Ransomware Data breaches Libraries 95

Schneier on Security

DECEMBER 3, 2020

Way back in 1999, I wrote about open-source software: First, simply publishing the code does not automatically mean that people will examine it for security flaws. Security researchers are fickle and busy people. So while opening up source code is a good thing, it is not a guarantee of security.

Security 118

Security Libraries IT Cybersecurity 118

The Texas Record

DECEMBER 14, 2020

Achieving Your 2020 Vision” with Bob O’Connor and Sarah Holleman of Teacher Retirement System of Texas (TRS) and Todd Brown of Access Sciences was a crowd favorite. Jennifer Snyder of GovQA and Stephen Jones from Microsoft brought us a sequel to 2019 with “Slay the Public Records Request Dragons: The 2020 Effect.” Brian Thomas, TSLAC.

Archiving 93

Archiving Blockchain Records Management Cloud 93

Security Affairs

JANUARY 15, 2020

Microsoft has released a security update to address “a broad cryptographic vulnerability” that is impacting its Windows operating system. The flaw, dubbed ‘NSACrypt’ and tracked as CVE-2020-0601, resides in the Crypt32.dll ” reads the security advisory published by Microsoft. Pierluigi Paganini.

Libraries 74

Libraries Encryption Security Risk 74

Security Affairs

AUGUST 10, 2021

Microsoft released patch Tuesday security updates for August that address 120 CVEs in Microsoft products including a zero-day actively exploited in the wild. One of the most severe flaws addressed by the company, tracked as CVE-2020-1380, is a scripting Engine Memory corruption vulnerability. Pierluigi Paganini.

Security 99

Security Libraries IT 99

Security Affairs

OCTOBER 18, 2020

Microsoft released two out-of-band security updates to address remote code execution (RCE) bugs in the Microsoft Windows Codecs Library and Visual Studio Code. The two vulnerabilities, tracked as CVE-2020-17022 and CVE-2020-17023 , have been rated as important severity. ” reads the advisory. Pierluigi Paganini.

Libraries 112

Libraries Manufacturing Security IT 112

WIRED Threat Level

AUGUST 22, 2019

Opinion: Millions of folks filling out the 2020 Census on public library computers also are putting themselves at risk.

Libraries 59

Libraries Risk Security 59

Security Affairs

NOVEMBER 8, 2020

Every week the best security articles from Security Affairs free for you in your email box. Every week the best security articles from Security Affairs free for you in your email box. Every week the best security articles from Security Affairs free for you in your email box. Pierluigi Paganini.

Security 81

Security Ransomware Data breaches Libraries 81

CILIP

MARCH 2, 2020

Time to end a decade of library austerity. CILIP and Library Champion Bobby Seagull delivered a petition to Downing Street last Thursday calling for an end to a decade of public library austerity and demanding secure revenue funding for public libraries in the Chancellor?s Library Champion, Bobby Seagull, added; ?libraries

Libraries 52

Libraries Government Access IT 52

Schneier on Security

NOVEMBER 14, 2020

This is a current list of where and when I am scheduled to speak: I’m speaking at the (ISC)² Security Congress 2020 , November 16, 2020. I’ll be on a panel at the OECD Global Blockchain Policy Forum 2020 on November 17, 2020. I’ll be keynoting the HITB CyberWeek Virtual Edition on November 18, 2020.

Blockchain 114

Blockchain Libraries Privacy Security 114

Security Affairs

FEBRUARY 4, 2021

Google released Chrome 88.0.4324.150 version that addressed an actively exploited zero-day security vulnerability. We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.” ” Google adds. Pierluigi Paganini.

Libraries 115

Libraries Security Access IT 115

Security Affairs

AUGUST 26, 2021

Cybersecurity and Infrastructure Security Agency (CISA) released five malware analysis reports (MARs) related to samples found on compromised Pulse Secure devices. CISA published five malware analysis reports (MARs) related to samples found on compromised Pulse Secure devices. v1: Pulse Connect Secure MAR-10334057-3.v1:

Security 126

Security Authentication Libraries Passwords 126

Security Affairs

SEPTEMBER 21, 2023

The recently discovered Free Download Manager (FDM) supply chain attack, which distributed Linux malware, started back in 2020. The maintainers of Free Download Manager (FDM) confirmed that the recently discovered supply chain attack dates back to 2020. collect) that launches the /var/tmp/crond file every 10 minutes.”

Libraries 98

Libraries Passwords Access IT 98

Threatpost

DECEMBER 3, 2020

Patches for a flaw (CVE-2020-8913) in the Google Play Core Library have not been implemented by several popular Google Play apps, including Cisco Teams and Edge.

Libraries 94

Libraries Security 94

Security Affairs

NOVEMBER 12, 2020

Both zero-day flaws, tracked as CVE-2020-16013 and CVE-2020-16017, were reported by anonymous sources. “Google is aware of reports that exploits for CVE-2020-16013 and CVE-2020-16017 exist in the wild.” CVE-2020-16009 – is a Heap buffer overflow in Freetype in Google Chrome. Pierluigi Paganini.

Libraries 120

Libraries Security IT Information Security 120

Security Affairs

APRIL 14, 2020

Microsoft Patch Tuesday security updates for April 2020 address 113 flaws, including three Windows issues that have been exploited in attacks in the wild. Microsoft Patch Tuesday security updates for April 2020 address 113 flaws, including two remote code execution flaws in Windows that are actively exploited.

Libraries 97

Libraries Authentication Security Risk 97

IT Governance

DECEMBER 1, 2020

We recorded 103 cyber security incidents in November, which accounted for 586,771,602 leaked records. The post List of data breaches and cyber attacks in November 2020 – 586 million records breached appeared first on IT Governance UK Blog. Here is our complete list of November’s cyber attacks and data breaches.

Data breaches 137

Data breaches Ransomware e-Discovery Personal data 137

Security Affairs

APRIL 29, 2020

The discovery urges Apple into implementing additional security measures to protect these components, following the approach already adopted by Google to protect multimedia processing libraries. Multimedia processing libraries are used by the modern mobile OS to automatically manage multimedia files (i.e. Pierluigi Paganini.

Libraries 115

Libraries Paper Security Cybersecurity 115

ForAllSecure

AUGUST 18, 2020

Earlier this year we uncovered bugs in the GNU libc functions cosl, sinl, sincosl, and tanl due to assumptions in an underlying common function, leading to CVE-2020-10029. Yet security analysis -- including fuzzing -- of floating point arithmetic often goes undone. The GNU libc library. Finding CVE-2020-10029 in glibc.

Libraries 52

Libraries IT Security 52

ForAllSecure

AUGUST 18, 2020

Earlier this year we uncovered bugs in the glibc functions cosl, sinl, sincosl, and tanl due to assumptions in an underlying common function, leading to CVE-2020-10029. Yet security analysis -- including fuzzing -- of floating point arithmetic often goes undone. The GNU libc library. Finding CVE-2020-10029 in glibc.

Libraries 52

Libraries IT Security 52

ForAllSecure

AUGUST 18, 2020

Earlier this year we uncovered bugs in the glibc functions cosl, sinl, sincosl, and tanl due to assumptions in an underlying common function, leading to CVE-2020-10029. Yet security analysis -- including fuzzing -- of floating point arithmetic often goes undone. The GNU libc library. Finding CVE-2020-10029 in glibc.

Libraries 52

Libraries IT Security 52

Security Affairs

JANUARY 28, 2021

The TeamTNT botnet is a crypto-mining malware operation that has been active since April 2020 and that targets Docker installs. If the custom shared library exports a function with the same signature of a library that is located in the system libraries, the custom version will override it. Pierluigi Paganini.

IT 118

IT Libraries Mining Security 118

eSecurity Planet

MAY 19, 2023

Application security tools and software solutions are designed to identify and mitigate vulnerabilities and threats in software applications. These tools play a vital role in ensuring the security, integrity, and confidentiality of sensitive information, such as personal data and financial records.

Security 96

Security Cloud Compliance Risk 96

Security Affairs

MARCH 7, 2023

The security breach suffered by LastPass was caused by the failure to update Plex on the home computer of one of its engineers. The issue, tracked as CVE-2020-5741 (CVSS score: 7.2), can be exploited by a remote, authenticated attacker to execute arbitrary Python code. ” reads the advisory published by Plex.

Data breaches 98

Data breaches Passwords Libraries Authentication 98