Security Affairs

OCTOBER 10, 2023

A vulnerability in the libcue library impacting GNOME Linux systems can be exploited to achieve remote code execution (RCE) on affected hosts. A threat actor can trigger a vulnerability, tracked as CVE-2023-43641 (CVSS score: 8.8), in the libcue library impacting GNOME Linux systems to achieve remote code execution (RCE) on affected hosts.

Libraries 99

Libraries IT Security Access 99

IT Governance

NOVEMBER 6, 2023

Library branches remain open, Wi-Fi is still available and materials can still be borrowed. Records breached: According to the library’s 4 November update , there is “no evidence that the personal information of our staff or customers has been compromised”. However, public computers and printing services are unavailable.

Data Privacy 97

Data Privacy Privacy Libraries Security 97

Security Affairs

SEPTEMBER 11, 2023

Google rolled out emergency security updates to address a new Chrome zero-day (CVE-2023-4863) actively exploited in the wild. Google rolled out emergency security updates to address a zero-day vulnerability that has been actively exploited in attacks in the wild since the start of the year.

Libraries 115

Libraries Security IT Information Security 115

CILIP

NOVEMBER 29, 2023

Partnership to Campaign: Green Libraries is growing Global leaders, thinkers, and activists from industry and politics will gather this weekend in Dubai for the first day of COP28 to rethink, reboot, and refocus the climate agenda. The Green Libraries partnership gathered unprecedented momentum during its first year.

Libraries 83

Libraries Security IT 83

Security Affairs

SEPTEMBER 28, 2023

Google released security updates to address a new actively exploited zero-day vulnerability, tracked as CVE-2023-5217, in the Chrome browser. Google on Wednesday released security updates to address a new actively exploited zero-day flaw in the Chrome browser which is tracked as CVE-2023-5217.

Libraries 111

Libraries Passwords Security IT 111

Security Affairs

MARCH 28, 2024

Google’s Threat Analysis Group (TAG) and Mandiant reported a surge in the number of actively exploited zero-day vulnerabilities in 2023. In 2023, Google (TAG) and Mandiant discovered 29 out of 97 vulnerabilities exploited in the wild. ” reads the report published by Google TAG. ” continues the report.

Government 109

Government Ransomware Libraries Access 109

eSecurity Planet

JANUARY 5, 2023

After a year that saw massive ransomware attacks and open cyber warfare, the biggest question in cybersecurity for 2023 will likely be how much of those attack techniques get commoditized and weaponized. 2023, he predicted, “will not be any easier when it comes to keeping users’ data safe and private.” Trade Cyberthreats.

Security 145

Security Ransomware Cybersecurity Privacy 145

Security Affairs

NOVEMBER 28, 2023

Threat actors started exploiting a critical ownCloud vulnerability (CVE-2023-49103) that can lead to sensitive information disclosure. The vulnerability, tracked as CVE-2023-49103 , resides in the Graphapi app, which relies on a third-party GetPhpInfo.php library that provides a URL. ” reported the company.

Cybersecurity 111

Cybersecurity Libraries Passwords Access 111

Security Affairs

DECEMBER 6, 2023

Atlassian released security patches to address four critical remote code execution vulnerabilities in its products. Below is the list of vulnerabilities addressed by the vendor: CVE-2022-1471 (CVSS score: 9.8) – SnakeYAML library RCE Vulnerability that impacts multiple products. and later.

IT 106

IT Libraries Security Information Security 106

Security Affairs

JANUARY 12, 2024

Researchers published a proof-of-concept (PoC) code for the recently disclosed critical flaw CVE-2023-51467 in the Apache OfBiz. Researchers from cybersecurity firm VulnCheck have created a proof-of-concept (PoC) exploit code for the recently disclosed critical flaw CVE-2023-51467 (CVSS score: 9.8) in the Apache OfBiz.

Honeypots 125

Honeypots Authentication Libraries Passwords 125

eSecurity Planet

OCTOBER 9, 2023

A surge of critical vulnerabilities and zero-day exploits has made for a very busy week in IT security, affecting a range of tech giants like Atlassian, Cisco, Apple, Arm, Qualcomm and Microsoft. And Linux distributions and the TorchServe AI tool were confronted with major security flaws too.

Libraries 104

Libraries Ransomware Access Security 104

Enterprise Software Blog

MAY 19, 2023

And as it appears, Angular is a top framework that enables developers to tackle these challenges with the help of extended features and capabilities packed in different UI libraries. But with so many out there, how can you know which is the best Angular component library? 3rd party libraries are added on top of the actual framework.

Libraries 52

Libraries Access IT Authentication 52

Security Affairs

JUNE 6, 2023

Google released security updates to address a high-severity zero-day flaw in the Chrome web browser that it actively exploited in the wild. Google released security updates to address a high-severity vulnerability, tracked as CVE-2023-3079, in its Chrome web browser. ” reads the advisory published by the company.

Libraries 90

Libraries Security IT Information Security 90

Security Affairs

APRIL 19, 2023

Google rolled out emergency security patches to address another actively exploited high-severity zero-day flaw in the Chrome browser. Google rolled out emergency fixes to address another actively exploited high-severity zero-day flaw, tracked as CVE-2023-2136 , in its Chrome web browser.

Libraries 90

Libraries Education Access Cybersecurity 90

Security Affairs

DECEMBER 1, 2023

Cybersecurity and Infrastructure Security Agency (CISA) added ownCloud and Google Chrome vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. Skia is an open-source 2D graphics library that provides common APIs that work across a variety of hardware and software platforms.

IT 91

IT Libraries Cybersecurity Passwords 91

Security Affairs

NOVEMBER 14, 2023

Patch Tuesday security updates for November 2023 fixed three vulnerabilities actively exploited in the wild. – CVE-2023-36036 – Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability An attacker can exploit this flaw to gain SYSTEM privileges. ” reads the post published by ZDI.

Security 108

Security Libraries Cloud Phishing 108

Security Affairs

APRIL 14, 2023

Google released an emergency security update to address a zero-day vulnerability in Chrome which is actively exploited in the wild. Google released an emergency security update to address the first Chrome zero-day vulnerability (CVE-2023-2033) in 2023, the company is aware of attacks in the wild exploiting the issue.

Libraries 84

Libraries Education Cybersecurity Security 84

eSecurity Planet

MAY 19, 2023

Application security tools and software solutions are designed to identify and mitigate vulnerabilities and threats in software applications. These tools play a vital role in ensuring the security, integrity, and confidentiality of sensitive information, such as personal data and financial records.

Security 104

Security Cloud Compliance Risk 104

Security Affairs

APRIL 9, 2023

The development team behind the vm2 JavaScript sandbox library addressed a critical Remote Code Execution vulnerability. The developers behind the vm2 JavaScript sandbox module have addressed a critical vulnerability, tracked as CVE-2023-29017 (CVSS score 9.8), that could be exploited to execute arbitrary shellcode.

Libraries 70

Libraries File names Education Cybersecurity 70

The Last Watchdog

JULY 13, 2023

Pittsburgh, PA – July 13, 2023 – Security Journey, a best-in-class application security education company, has today announced an acceleration of its secure coding training platform enhancements. undergraduate computer science programs mandate courses in application security.

Security 189

Security Education Communications Libraries 189

eSecurity Planet

SEPTEMBER 18, 2023

Active Vulnerability Exploits This Week Vulnerabilities are serious business, but the sheer number of assets and vulnerabilities can leave many IT and security teams struggling to keep up with vulnerability management and patch management. The fix: All 8 vulnerabilities were patched by Microsoft as part of Patch Tuesday on August 8.

Cybersecurity 109

Cybersecurity Ransomware Libraries Risk 109

Security Affairs

APRIL 22, 2023

US Cybersecurity and Infrastructure Security Agency (CISA) added MinIO, PaperCut, and Chrome vulnerabilities to its Known Exploited Vulnerabilities catalog. CVE-2023-27350 (CVSS score – 9.8) – PaperCut MF/NG Improper Access Control Vulnerability. CVE-2023-2136 – Google Chrome Skia Integer Overflow Vulnerability.

IT 90

IT Libraries Cybersecurity Education 90

Security Affairs

JANUARY 11, 2023

Microsoft Patch Tuesday security updates for January 2023 fixed 97 flaws and an actively exploited zero-day. One of the flaws addressed this month, tracked as CVE-2023-21674 (CVSS score 8.8), is listed as being in the wild at the time of release. Another issue fixed by Microsoft is the CVE-2023-21549 (CVSS Score 8.8)

Security 96

Security Libraries Encryption Authentication 96

CILIP

DECEMBER 14, 2022

£135,000 funding for Anti-racist library collections in Wales. CILIP Cymru Wales on behalf of CILIP has just secured £135,000 funding from the Welsh Government. The investment will fund a new project – Anti-racist Library Collections: a training plan for public libraries in Wales with the purpose of raising the profile of libraries.

Libraries 52

Libraries Government Security IT 52

IT Governance

JUNE 1, 2023

IT Governance found 98 publicly disclosed security incidents in May 2023, accounting for 98,226,877 breached records. Also be sure to check out our new page, which provides a complete list of data breaches and cyber attacks for 2023. million) Apria Healthcare suffers security breach (1.8

Data breaches 98

Data breaches Ransomware Insurance Personal data 98

Security Affairs

DECEMBER 27, 2023

Security firm Barracuda addressed a new zero-day, affecting its Email Security Gateway (ESG) appliances, that is actively exploited by the China-linked UNC4841 group. “Spreadsheet::ParseExcel is an open source library used by the Amavis virus scanner within the ESG appliance.” ” reads the advisory.

Libraries 111

Libraries Access Cybersecurity Security 111

Security Affairs

DECEMBER 20, 2023

Google has released emergency updates to address a new zero-day vulnerability, tracked as CVE-2023-7024, in its web browser Chrome. The flaw was reported by Clément Lecigne and Vlad Stolyarov of Google’s Threat Analysis Group on 2023-12-19 and fixed in just one day. TODAY, 1 day later, Chrome has a fix out to protect users!!!

Libraries 112

Libraries Access IT Information Security 112

IBM Big Data Hub

DECEMBER 14, 2023

As it has become tradition , the team creating the looks back and shares the personal highlights of the year 2023. Kids completing homework with ChatGPT, the rest of us generating images, PowerPoint slides, poems, code skeletons and security hacks. IBM introduced watsonx as the AI and data platform built for business.

Cloud 72

Cloud Cleanup Compliance Security 72

CILIP

SEPTEMBER 25, 2023

Download Now: Making the Difference - an Excellence Framework for Prison Libraries Making the Difference - an Excellence Framework for Prison Libraries supports prison library providers and prison library staff to develop, deliver and promote prison library services. Every prison library is different.

Libraries 52

Libraries Education Access IT 52

eSecurity Planet

JANUARY 8, 2024

Speed remains critical to security, but more importantly, patching teams need to make progress with patch and vulnerability management. Here’s a roundup of the week’s major vulnerabilities that security teams should mitigate or patch. For CVE-2023-7024, update to the latest version of Chrome. Versions 0.65

Encryption 109

Encryption Libraries Cybersecurity Communications 109

Security Affairs

OCTOBER 1, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Artificial Intelligence 100

Artificial Intelligence Security Ransomware Data breaches 100

CILIP

JULY 6, 2023

CILIP and Michael Rosen bring Great School Library Campaign to Parliament CILIP CEO, Nick Poole joined leading writer, poet, former Childrens Laureate, broadcaster and columnist Michael Rosen and Margaret Greenwood MP (Wirral West, LAB) in the first of a series of events to engage MPs and make sure every child has access to a great school library.

Libraries 52

Libraries Access Government Security 52

CILIP

JUNE 13, 2023

Connecting town and gown through the library How to help a community explore its slave-trading history: Lesley English, Head of Library Engagement at Lancaster University Library, explains how the library plays a key role in building bridges between town and gown. We connect, we innovate, we include.”

Libraries 52

Libraries Access Agriculture Education 52

Security Affairs

MAY 6, 2023

Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security 94

Security Libraries Data breaches Ransomware 94

Security Affairs

JULY 24, 2023

OpenSSH (Open Secure Shell) is a set of open-source tools and utilities that provide secure encrypted communication over a network. The now-patched vulnerability, tracked as CVE-2023-38408 , can be exploited by a remote attacker to potentially execute arbitrary commands on vulnerable OpenSSH’s forwarded ssh-agent.

Libraries 89

Libraries Authentication Encryption Communications 89

IT Governance

NOVEMBER 28, 2023

9 million records breached through decade-long data leak A former temporary employee of a subsidiary of NTT West (Nippon Telegraph and Telephone West Corp) illegally accessed about 9 million personal data records over the course of a decade (2013 to 2023). This should make it easier for you to quickly find the information you want.

Data Privacy 52

Data Privacy Privacy Energy and Utilities Data breaches 52

Security Affairs

APRIL 28, 2024

Security experts at Deep Instinct Threat Lab have uncovered a targeted campaign against Ukraine, exploiting a Microsoft Office vulnerability dating back almost seven years to deploy Cobalt Strike on compromised systems. The researchers found a malicious PPSX (PowerPoint Slideshow signal-2023-12-20-160512.ppsx) space and petapixel[.]fun

Military 111

Military Mining Libraries Security 111