CILIP

JANUARY 5, 2024

Will ‘Project Hope’ protect public libraries? Parliament is not yet sitting (at time of writing), but we already know that 2024 promises to be a year of change as the country moves into a General Election footing. Some councils have opted to replace professional library staff with volunteer or community-run services.

Libraries 85

Libraries Access 85

Enterprise Software Blog

MAY 21, 2024

As we are almost halfway through 2024, the battle between Angular vs. React continues to shake and excite the developers’ community. Quick article topics: Ease of use and customization Learning curve and development expectations Library vs toolset State management and performance Angular and React use cases Angular or React - which is better?

Libraries 52

Libraries Analytics IT Marketing 52

Security Affairs

MAY 14, 2024

Google has released emergency security updates to address a high-severity zero-day vulnerability vulnerability, tracked as CVE-2024-4761, in the Chrome browser. “CVE-2024-4761: Out of bounds write in V8. Reported by Anonymous on 2024-05-09″ reads the advisory. 208 for Mac/Windows and 124.0.6367.207 for Linux. .

Libraries 116

Libraries Access Security IT 116

CILIP

FEBRUARY 20, 2024

Urgent appeal: protect funding for public libraries at risk CILIP is the leading industry voice championing and representing library and information professionals across the United Kingdom, guided by our Royal Charter to develop and improve library and information services, and as a Charity to act in the public good.

Libraries 59

Libraries Risk Education Access 59

Security Affairs

MAY 24, 2024

Google has released a new emergency security update to address a new vulnerability, tracked as CVE-2024-5274, in the Chrome browser, it is the eighth zero-day exploited in attacks disclosed this year. “Google is aware that an exploit for CVE-2024-5274 exists in the wild.” “Type Confusion in V8.

Libraries 96

Libraries Access Security Risk 96

Archive-It

MAY 23, 2024

Aerial photo of the Harold Washington Library Center, Chicago Public Library Archive-It partners and friends are invited to join this year’s partner meeting on Wednesday, August 14th , to coincide with the Society of American Archivists’ ARCHIVES * RECORDS 2024 meeting in Chicago.

Archiving 26

Archiving IT Libraries Analytics 26

OpenText Information Management

MAY 30, 2024

Key features include: Entity Extraction and NLP: Extract critical information with advanced grammar libraries. Data Access and Connectors: Search over 160 repository sources and 1,900+ file types. AI Sentiment Analysis: Real-time sentiment analysis across platforms. Learn more about OpenText IDOL and book your personalized demo today.

Mining 62

Mining Analytics Unstructured data Compliance 62

CILIP

JANUARY 5, 2024

Annual Buyer's Guide 2024t Find out what buyers and providers are saying about technology, ethics, careers, start-ups, pop-up banks and more CILIP’s Annual Buyers’ Guide Directory 2024, which will be delivered with your January/February issue of Information Professional. Find out more about CILIP’s Supplier Partners and how they can help you.

Libraries 52

Libraries Marketing Access Archiving 52

eSecurity Planet

JANUARY 2, 2024

The fix: Access to fix data is currently limited. On December 24, when Barracuda released the security notice, there was no remediation or patch available for CVE-2023-7101 , the Spreadsheet::ParseExcel vulnerability, within the open-source library. Google has already seen this vulnerability exploited in the wild. 1020000 1.26.10-gke.1235000

Authentication 112

Authentication Libraries Cybersecurity Security 112

CILIP

JANUARY 23, 2024

Sanderson Report Shows that libraries are part of something bigger UK media, leading writers, including two former Children's Laureates, and library advocates including CILIP CEO, Nick Poole came out in force to defend public and school libraries in response to Baroness Sanderson’s Review of Libraries.

Libraries 52

Libraries Risk Government Access 52

eSecurity Planet

APRIL 15, 2024

April 8, 2024 Multiple Vulnerabilities Discovered in LG WebOS Smart TVs Type of vulnerability: Authorization bypass, privilege escalation, command injection. The problem: Bitdefender researchers discovered four vulnerabilities in LG WebOS smart TVs that allowed unauthorized access and control.

Libraries 109

Libraries Risk Cybersecurity Honeypots 109

Security Affairs

MARCH 30, 2024

Red Hat warns of a backdoor in XZ Utils data compression tools and libraries in Fedora development and experimental versions. Red Hat urges users to immediately stop using systems running Fedora development and experimental versions because of a backdoor in the latest versions of the “xz” tools and libraries. rpm and xz-libs-5.6.0-2.fc40.x86_64.rpm

Libraries 128

Libraries Authentication Access Risk 128

Archive-It

MARCH 21, 2024

Empowering GLAM Institutions: The Launch of Digital Library Accessibility Policy and Practice Guidelines – The DLF Digital Accessibility Working Group publishes best practices for galleries, libraries, archives, and museums, fostering accessibility through policies and workflows. All are welcome!

Archiving 26

Archiving IT Libraries Digital preservation 26

CILIP

FEBRUARY 20, 2024

Library buyers’ role in tech start-ups Frode Opdahl, CEO of Keenious explains the origins of an AI-driven start-up and how its success depends on library buyers keeping the sector attractive to start-ups that wish to innovate the research experience. It was later that we saw it as a tool for libraries.”

Libraries 52

Libraries Education Artificial Intelligence Sales 52

IT Governance

APRIL 22, 2024

GhostR says it obtained the records from a Singapore-based company with access to the database. Mobile Guardian, which is based in the UK, said that its investigations detected unauthorised access to its systems via an administrative account on its management portal. Account records from the United States were also accessed.

Data Privacy 52

Data Privacy Privacy Manufacturing Security 52

eSecurity Planet

APRIL 1, 2024

March 22, 2024 Emergency Out-of-Band Windows Server Security Updates Type of vulnerability (or attack): Memory leak. or above March 25, 2024 Hackers Pollute Python Package Index Open-Source Libraries Type of vulnerability (or attack): Malicious library code. The fix: Update affected versions ASAP: FortiClient EMS 7.2:

Libraries 109

Libraries Authentication Artificial Intelligence Cloud 109

Security Affairs

APRIL 9, 2024

Researchers found multiple vulnerabilities in LG webOS running on smart TVs that could allow attackers to gain root access to the devices. Bitdefender researchers discovered multiple vulnerabilities in LG webOS running on smart TVs that could be exploited to bypass authorization and gain root access on the devices. Sweden, and Finland.

Authentication 124

Authentication Libraries Access Information Security 124

CILIP

APRIL 15, 2024

CILIP Copyright COnference 2024 By Gary Horrocks THE summer 2023 issue of UKeiG’s open access journal, eLucidate , featured my reflections on the implications of a Members’ Day presentation by Ken Chad on the “library technology ecosystem". Are the LMS we know and love dead in the water? Who pays for the ecosystem?

Libraries 72

Libraries Education Analytics Marketing 72

Security Affairs

MARCH 8, 2024

Cisco addressed two high-severity vulnerabilities in Secure Client that could lead to code execution and unauthorized remote access VPN sessions. Cisco released security patches to address two high-severity vulnerabilities in Secure Client respectively tracked as CVE-2024-20337 and CVE-2024-20338. ” reads the advisory.

Security 93

Security IT Authentication Libraries 93

eSecurity Planet

JANUARY 8, 2024

January 3, 2024 52% of Exposed SSH Servers Vulnerable to Terrapin Attack Type of attack: Secure Shell (SSH) vulnerability enables prefix truncation attacks. and older of the Perl Spreadsheet::ParseExcel library ( CVE-2023-7101 ) contain a RCE vulnerability exploited by Chinese hackers, as noted on December 24th. Versions 0.65

Encryption 109

Encryption Libraries Cybersecurity Communications 109

CILIP

APRIL 8, 2024

CILIP Appoints Louis Coiffait-Gunn as new CEO The CILIP Board has appointed Louis Coiffait-Gunn as the charity's new CEO, and Louis will be starting in the new role on Wednesday 8th May 2024. Louis was introduced to public libraries at a young age as his grandmother was a librarian in a neighbouring village.

Libraries 95

Libraries Education Government Access 95

eSecurity Planet

FEBRUARY 5, 2024

January 29, 2024 Juniper Releases Updates for Critical RCE Vulnerabilities Type of vulnerability: Missing authentication flaw and cross-site scripting (XSS) vulnerability. The fix: Juniper Networks has published out-of-cycle fixes for CVE-2024-21619 and CVE-2024-21620 — apply fixes to the identified versions.

Risk 113

Risk Authentication Cybersecurity Access 113

Archive-It

APRIL 17, 2024

by the Archive-It team Community News Save the Date for 2024 Partner Meeting Archive-It’s annual Partner Meeting returns in person on Wednesday, August 14, 2024 for a half day in Chicago, just ahead of the 2024 ARCHIVES*RECORDS Society of American Archivists (SAA) conference. We hope you can join us!

Archiving 26

Archiving IT Analytics Libraries 26

IT Governance

JANUARY 9, 2024

They accessed 41.5 million customers’ data having gained access via a vulnerability in Hathaway’s Laravel web application framework. million individuals affected HealthEC LLC, a health technology company, has announced that it suffered a data breach in July 2023, in which systems were accessed and files were copied.

Data Privacy 63

Data Privacy Privacy Manufacturing Data breaches 63

Security Affairs

MARCH 11, 2024

ai have published technical details and a proof-of-concept (PoC) exploit for the critical security flaw CVE-2024-1403 in Progress Software OpenEdge Authentication Gateway and AdminServer. ” The vulnerability CVE-2024-1403 (CVSS score 10) is an authentication bypass issue that impacts OpenEdge versions 11.7.18

Authentication 114

Authentication Passwords Libraries Access 114

Security Affairs

MAY 1, 2024

A vulnerability, tracked as CVE-2024-27322 (CVSS v3: 8.8), in the R programming language could allow arbitrary code execution upon deserializing specially crafted R Data Serialization (RDS) or R package files (RDX). This vulnerability, assigned CVE-2024-27322, involves the use of promise objects and lazy evaluation in R.”

Metadata 110

Metadata Libraries Access IT 110

Security Affairs

JANUARY 26, 2024

The maintainers of the open-source platform have addressed nine security vulnerabilities, including a critical flaw, tracked as CVE-2024-23897 , that could lead to remote code execution (RCE). Jenkins has a built-in command line interface (CLI) to access the platform from a script or shell environment.

Libraries 128

Libraries Access IT Security 128

eSecurity Planet

MAY 20, 2024

May 10, 2024 Vulnerability in Python Package Affects AI Models Type of vulnerability: Template injection in Python package. The vulnerability is tracked as CVE-2024-34359 and has a severity rating of 4.0. Always prioritize creating a patch plan if your security teams haven’t developed a methodology already.

Cybersecurity 62

Cybersecurity Libraries Authentication Access 62

CILIP

APRIL 20, 2020

online resources for leadership in libraries launched. Over the past few weeks, those working in our public libraries have demonstrated their expertise, creativity, and commitment to serving their communities. At this particular moment, it is critical that there is support for public library staff at every level. s platform.?

Libraries 52

Libraries Access IT 52

CILIP

MARCH 26, 2024

CILIP Copyright COnference 2024 By Lavinia Bentley, Archive Assistant, Jaguar Daimler Heritage Trust, Collections Centre, British Motor Museum Is starting an apprenticeship in the 60th year of your life a good idea? Galleries, Libraries, Archives and Museums,) sector and was able to mount a small exhibition as part of my End Point Assessment.

Archiving 72

Archiving Libraries Manufacturing Education 72

IT Governance

FEBRUARY 21, 2024

It is not known how long the database was publicly available, nor whether anyone else accessed it. In January 2024, it identified more potential victims, and has now written to inform them that their personal data may have been compromised in the incident. Key dates 31 March 2024 – PCI DSS v4.0 of the Standard.

Data Privacy 52

Data Privacy Manufacturing Privacy Energy and Utilities 52

Security Affairs

MARCH 31, 2024

In March 2024, Trend Micro researchers uncovered a sophisticated campaign conducted by a threat actor tracked as Earth Krahang while investigating the activity of China-linked APT Earth Lusca. The Linux version of DinodasRAT uses Pidgin’s libqq qq_crypt library functions for encryption and decryption of data.

Libraries 134

Libraries Encryption Communications Government 134

Archive-It

FEBRUARY 22, 2024

Users have access to a diverse set of collections, as well as the ARCH user guide with written and video tutorials on how to use and explore ARCH datasets. If you’d like to learn more and request access to your own ARCHWay account, check out the ARCHWay announcement on the Archive-It Blog.

Archiving 20

Archiving Digital preservation IT Libraries 20

Security Affairs

FEBRUARY 18, 2024

CISA: hackers breached a state government organization Russia-linked Turla APT uses new TinyTurla-NG backdoor to spy on Polish NGOs US Gov dismantled the Moobot botnet controlled by Russia-linked APT28 A cyberattack halted operations at Varta production plants North Korea-linked actors breached the emails of a Presidential Office member Nation-state (..)

Security 96

Security Ransomware Data breaches Libraries 96

IT Governance

FEBRUARY 14, 2024

Further victims of last year’s Perry Johnson & Associates data breach identified Last year, the medical transcription company PJ&A (Perry Johnson & Associates) suffered a data breach in which an unauthorised third party was able to access its computer network. Key dates 31 March 2024 – PCI DSS v4.0 of the Standard.

Data Privacy 52

Data Privacy Manufacturing Privacy Security 52

CILIP

MARCH 25, 2024

CILIP Copyright COnference 2024 By Paul Howarth , Head of Content and Resource Development, Suffolk Libraries. At its heart, successful public library collection management is about providing materials that meet the needs of our communities. Again, this is about awareness and using evidence in collection-building strategy.

Libraries 52

Libraries IT Access 52

Security Affairs

APRIL 21, 2024

Researchers from Kaspersky discovered the DuneQuixote campaign in February 2024, but they believe the activity may have been active since 2023. The malware is developed in C/C++ without utilizing the Standard Template Library (STL), and certain segments are coded in pure Assembler.”

Libraries 96

Libraries Communications IT Government 96