Access, Cloud and Libraries - Information Management Today

Microsoft 365 Research Highlights Cloud Vulnerabilities

eSecurity Planet

JUNE 21, 2022

In a sequence that suggests cloud services may be more vulnerable than many think, Proofpoint researchers have demonstrated how hackers could take over Microsoft 365 accounts to ransom files stored on SharePoint and OneDrive. Hackers could also trick users into authorizing rogue third-party apps to access the scope for SharePoint or OneDrive.

Cloud

Cloud Ransomware Libraries Phishing

IBM Cloud solution tutorials: 2023 in review

IBM Big Data Hub

DECEMBER 14, 2023

This year, IBM Cloud introduced projects and deployable architectures. A deployable architecture is a cloud automation for deploying a common architectural pattern that combines one or more cloud resources that are designed for easy deployment, scalability and modularity. Yet another security feature is a trusted profile.

Cloud

Cloud Cleanup Compliance Security

Accelerate your hybrid cloud journey and keep your business running with reliable failover solutions from IBM Power Virtual Server

IBM Big Data Hub

AUGUST 31, 2023

Go hybrid for disaster recovery (DR) With a hybrid cloud strategy, you can deploy your workloads across multiple locations—on-premises or in public or private clouds—and not risk losing them all in the event of a disaster or an attack. What are virtual tape libraries and how can you use them on IBM Power Virtual Server?

Cloud

Cloud Libraries Data breaches Archiving

Webinars

Generative AI Deep Dive: Advancing from Proof of Concept to Production

MORE WEBINARS

GUEST ESSAY: Taking a systematic approach to achieving secured, ethical AI model development

The Last Watchdog

MAY 31, 2024

Encrypting data during transmissionwill prevent unauthorized access. Model encryption should be employed to protect against unauthorized access, tampering, or reverse engineering. Implementing robust network security protocols, including firewalls and intrusion detection systems, is necessary to block unauthorized access.

Artificial Intelligence

Artificial Intelligence Security Encryption Authentication

Kalay cloud platform flaw exposes millions of IoT devices to hack

Security Affairs

AUGUST 17, 2021

FireEye Mandiant researchers have discovered a critical vulnerability in the Kalay cloud platform that exposes millions of IoT devices to attacks. Once the victim will connect the device, his connection will be directed to the attacker that could obtain the credentials used by the victim to access the device. or v3.4.2.0, or v3.4.2.0,

IoT

IoT Cloud Libraries Access

Microsoft Patch Tuesday, November 2023 Edition

Krebs on Security

NOVEMBER 14, 2023

” The second zero day this month is CVE-2023-36033 , which is a vulnerability in the “DWM Core Library” in Microsoft Windows that was exploited in the wild as a zero day and publicly disclosed prior to patches being available.

Phishing

Phishing Authentication Libraries Access

Feedify cloud service architecture compromised by MageCart crime gang

Security Affairs

SEPTEMBER 16, 2018

MageCart cyber gang compromised the cloud service firm Feedify and stole payment card data from customers of hundreds of e-commerce sites. MageCart crime gang appears very active in this period, payment card data from customers of hundreds of e-commerce websites may have been stolen due to the compromise of the cloud service firm Feedify.

Cloud

Cloud Libraries Access Security

Vulnerability Recap 4/1/24: Cisco, Fortinet & Windows Server Updates

eSecurity Planet

APRIL 1, 2024

When either on-premise or cloud-based Active Directory domain controllers process Kerberos authentication requests, the leak causes the LSASS process to stop responding and the domain controller will unexpectedly restart. Checkmarx estimates over 170,000 developers use affected libraries and might possess corrupted code. through 7.2.2

Libraries

Libraries Authentication Artificial Intelligence Cloud

Google Cloud Aims to Share Its Vetted Open Source Ecosystem

Dark Reading

MAY 17, 2022

The online giant analyzes, patches, and maintains its own versions of open source software, and now the company plans to give others access to its libraries and components as a subscription.

IT

IT Libraries Cloud Access

CISA adds ownCloud and Google Chrome bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

DECEMBER 1, 2023

Skia is an open-source 2D graphics library that provides common APIs that work across a variety of hardware and software platforms. CVE-2023-49103 – The vulnerability resides in the Graphapi app, which relies on a third-party GetPhpInfo.php library that provides a URL.

IT

IT Libraries Cybersecurity Passwords

1,859 Android and iOS apps were containing hard-coded Amazon AWS credentials

Security Affairs

SEPTEMBER 1, 2022

Researchers from Broadcom Symantec’s Threat Hunter team discovered 1,859 Android and iOS apps containing hard-coded Amazon Web Services (AWS) credentials that allowed access to private cloud services. “Over three-quarters (77%) of the apps contained valid AWS access tokens allowing access to private AWS cloud services.”

Cloud

Cloud Authentication B2B Libraries

The Fenway Library Organization provides affordable digital preservation to its members

Preservica

SEPTEMBER 4, 2019

Preservica’s Cloud Edition for Consortia delivers value of complete Preservica offering for budget-strapped Academic Libraries. FLO helps its members with library systems, resource sharing and technical support, as well as fostering community collaboration and statewide recognition.

Digital preservation

Digital preservation Libraries IT Archiving

Will cryptocurrency mining soon saturate AWS, Microsoft Azure and Google Cloud?

The Last Watchdog

JUNE 20, 2018

Don’t look now but cryptojacking may be about to metastasize into the scourge of cloud services. Then a JavaScript library called Coinhive came along that enabled people to embed mining code on their websites. Bilogorskiy: That’s been happening a lot, especially with companies moving their computing into the cloud.

Mining

Mining Cloud Ransomware Passwords

A Microsoft 365 feature can ransom files on SharePoint and OneDriveCould

Security Affairs

JUNE 17, 2022

Experts discovered a feature in Microsoft 365 suite that could be abused to encrypt files stored on SharePoint and OneDrive and target cloud infrastructure. This step is unique to cloud ransomware compared to the attack chain for endpoint-based ransomware. The versioning settings are under list settings for each document library. .

Libraries

Libraries Encryption Ransomware Cloud

Understanding the Benefits of a Hybrid Cloud: Featured Solutions from Cisco and F5

Adapture

MAY 1, 2022

The cloud is vital for modern businesses. Businesses may have difficulty deciding what type of cloud strategy works for their business. A hybrid cloud strategy utilizes both public cloud infrastructure and private cloud infrastructure. There are multiple businesses where data cannot be located in a public cloud.

Cloud

Cloud Libraries Compliance Access

Threat actors hacked the Dropbox Sign production environment

Security Affairs

MAY 2, 2024

Threat actors breached the Dropbox Sign production environment and accessed customer email addresses and hashed passwords Cloud storage provider DropBox revealed that threat actors have breached the production infrastructure of the DropBox Sign eSignature service and gained access to customer information and authentication data.

Passwords

Passwords Authentication Access Phishing

IBM and Tata Consulting Services collaborate to drive hybrid cloud adoption with IBM Power Virtual Server

IBM Big Data Hub

AUGUST 15, 2023

Our partnership benefits from IBM’s expertise in cloud computing , artificial intelligence (AI) and analytics, and TCS’s experience in digital transformation, consulting and cloud-engineering services. TCS then signed a three-year agreement to use IBM Power Virtual Server and IBM Cloud.

Cloud

Cloud Digital transformation Energy and Utilities Retail

What are the Best Document Management Capabilities?

AIIM

APRIL 8, 2021

Security and access controls. Check-in and check-out are very similar to how a library works – when a book is checked out, nobody else has access to it until it is checked back in. While the document is checked out, nobody else can edit it, and, depending on the solution, it may not even be accessible in a read-only mode.

ECM

ECM Cloud Access File names

Threat actors started exploiting critical ownCloud flaw CVE-2023-49103

Security Affairs

NOVEMBER 28, 2023

It allows individuals and organizations to create their own private cloud storage services, giving them control over their data while facilitating collaboration and file access across multiple devices. When this URL is accessed, it reveals the configuration details of the PHP environment (phpinfo).

Cybersecurity

Cybersecurity Libraries Passwords Access

Preservation and public access to the records of over 240 Kentucky state agencies

Preservica

APRIL 26, 2018

Real-world digital preservation blog series: The Kentucky Department for Libraries and Archives (KDLA). I recently caught up with State Archivist Beth Shields and Electronic Records Branch Manager Kari May at KDLA to learn how they are preserving and providing access to their state’s large volumes of important digital assets.

Digital preservation

Digital preservation Access Archiving Libraries

Chinese actor ‘Unfading Sea Haze’ remained undetected for five years

Security Affairs

MAY 23, 2024

Bitdefender identified a troubling trend, attackers repeatedly regained access to compromised systems, highlighting vulnerabilities such as poor credential hygiene and inadequate patching practices. Upon receiving a request, it executes the encoded JavaScript code using the Microsoft.JScript library.

Archiving

Archiving Military Communications Phishing

New Pro-Ocean crypto-miner targets Apache ActiveMQ, Oracle WebLogic, and Redis installs

Security Affairs

JANUARY 31, 2021

The new malware implement new and improved rootkit and worm capabilities, it continues to target cloud applications by exploiting known vulnerabilities such as Oracle WebLogic ( CVE-2017-10271 ) and Apache ActiveMQ ( CVE-2016-3088 ) servers. “Pro-Ocean uses known vulnerabilities to target cloud applications.

Cloud

Cloud Libraries Mining IT

KB, National Library of the Netherlands selects Preservica for new digital preservation system

Preservica

SEPTEMBER 16, 2019

Preservica, is pleased to announce that it’s market-leading active digital preservation software has been selected by the KB, National Library of the Netherlands for the library’s new Digital Warehouse. The selection is made subject to a successful proof-of-concept phase. About Preservica.

Digital preservation

Digital preservation Libraries Archiving Access

A high-severity flaw affects VMware Workstation, Fusion and vSphere products.

Security Affairs

JUNE 10, 2020

The CVE-2020-3960 flaw was discovered by Cfir Cohen, a researcher from Google’s cloud security team. ESXi, Workstation and Fusion are affected by an out-of-bounds read vulnerability that can be exploited by an attacker with non-admin access to a virtual machine to read privileged information from memory.

Cloud

Cloud Libraries Authentication Access

New Highly-Evasive Linux Malware Infects All Running Processes

eSecurity Planet

JULY 11, 2022

The module hooks functions called in shared libraries, which is pretty common for malware, but it also implements “advanced evasion techniques” and “remote capabilities over SSH.”. It also uses the environment variable LD_PRELOAD to hijack shared libraries. ” See the Best Open Source Security Tools. Placing shared objects (e.g.

Libraries

Libraries Authentication Security Access

University of Notre Dame Hesburgh Libraries and University Archives modernize digital preservation environment with Preservica

Preservica

SEPTEMBER 25, 2019

As the Hesburgh Libraries move toward "all-digital assets", digital preservation is key. The Hesburgh Libraries is a network of locations across campus that offers expertise, services, resources, and spaces that are integral throughout the full life cycle of teaching and research. About Preservica.

Digital preservation

Digital preservation Libraries Archiving Paper

[Podcast] Tips for Staying Cyber-Safe While Working from Home

AIIM

JUNE 11, 2020

And finally, on this episode, hear an AIIM member case study of how Laserfiche helped Mille Lacs Corporate Ventures migrate their contract management process to the cloud. Click here to access our full library of episodes. Click here to check out this episode. Want more episodes like this?

Libraries

Libraries Cybersecurity Ransomware Cloud

Top 5 Application Security Tools & Software for 2023

eSecurity Planet

MAY 19, 2023

Their main purpose is to protect applications from unauthorized access, data breaches, and malicious attacks. Application security tools and software solutions are designed to identify and mitigate vulnerabilities and threats in software applications. It also provides web application scanning and vulnerability management tools.

Security

Security Cloud Compliance Risk

Vulnerability Recap 4/15/24 – Palo Alto, Microsoft, Ivanti Exploits

eSecurity Planet

APRIL 15, 2024

The problem: Bitdefender researchers discovered four vulnerabilities in LG WebOS smart TVs that allowed unauthorized access and control. CVE-2023-6318 permits privilege escalation to get root access. Looking for an alternative method for secure remote access? Consider exploring virtual desktop infrastructure.

Libraries

Libraries Risk Cybersecurity Honeypots

Preservica launches cloud hosted digital preservation in Australia

Preservica

MAY 16, 2018

Boston, MA, and Oxford, UK | 16 May 2018 | Preservica has today announced that its market-leading range of cloud hosted (SaaS) active digital preservation and access solutions are now available on the AWS Asia Pacific (Sydney) region. Learn more and register here. About Preservica.

Digital preservation

Digital preservation Cloud Libraries Archiving

Patch Tuesday, October 2023 Edition

Krebs on Security

OCTOBER 10, 2023

The patch fixes CVE-2023-42724 , which attackers have been using in targeted attacks to elevate their access on a local device. Amazon , Cloudflare and Google all released advisories today about how they’re addressing CVE-2023-44487 in their cloud environments.

Libraries

Libraries Authentication Communications Cloud

Cybereason released Logout4Shell, a vaccine for Log4Shell Apache Log4j RCE

Security Affairs

DECEMBER 11, 2021

Chinese security researcher p0rz9 publicly disclosed a Proof-of-concept exploit for a critical remote code execution zero-day vulnerability, tracked a CVE-2021-44228 ( aka Log4Shell ), in the Apache Log4j Java-based logging library. The Log4j is widely used by both enterprise apps and cloud services, including Apple iCloud and Steam.

Libraries

Libraries Cloud Access Cybersecurity

MY TAKE: Log4j’s big lesson – legacy tools, new tech are both needed to secure modern networks

The Last Watchdog

MARCH 29, 2022

This is all part of corporations plunging into the near future: migration to cloud-based IT infrastructure is in high gear, complexity is mushrooming and fear of falling behind is keeping the competitive heat on. It reinforces the notion that a new portfolio of cloud-centric security frameworks must take hold, the sooner the better.

Security

Security Cloud Digital transformation Cybersecurity

Digital cloud system to protect and store Rauner materials

Preservica

OCTOBER 4, 2018

Caitlin Birch, Digital Collections and Oral History Archivist at Dartmouth College Library, speaks to The Dartmouth , America's Oldest College Newspaper, about their decision to select Preservica for their digital preservation requirements.

Cloud

Cloud Digital preservation Libraries Paper

Accelerating partner innovation through digital self-serve co-create experience with IBM

IBM Big Data Hub

DECEMBER 5, 2022

IBM invests in our partner ecosystem because we want to ensure that partners like you have the resources to build your business and develop software for your customers using IBM’s industry-defining hybrid cloud and AI platform. Furthermore, users can even take the solution to production using IBM Cloud Credits. It’s that simple!

Libraries

Libraries Education Digital transformation Cloud

INFRA:HALT flaws impact OT devices from hundreds of vendors

Security Affairs

AUGUST 4, 2021

IN FRA:HALT is a set of vulnerabilities affecting a popular TCP/IP library commonly OT devices manufactured by more than 200 vendors. ” The flaw could be exploited by a threat actor that has gained access to the OT network of an organization. ” Forescout Device Cloud.

Manufacturing

Manufacturing Libraries Cloud Security

12 Types of Vulnerability Scans & When to Run Each

eSecurity Planet

JULY 7, 2023

To centrally launch vulnerability scans or establish an automatic schedule, this approach requires administrator-credentialed access. Open ports may suggest possible vulnerabilities or network-accessible services. Instead, they collect information through network protocols and remote interactions.

Cloud

Cloud Compliance Authentication Access

CISA Urges Exchange Online Authentication Update

eSecurity Planet

JUNE 30, 2022

Cybersecurity and Infrastructure Security Agency (CISA) is recommending that government agencies and private organizations that use Microsoft’s Exchange cloud email platform migrate users and applications to Modern Auth before Basic Auth is deprecated in October. In contrast, Modern Auth that relies on OAuth 2.0 Click Save.

Authentication

Authentication Libraries Cloud Passwords

Hackers target Docker servers to deploy the new Kinsing cryptocurrency miner

Security Affairs

APRIL 6, 2020

Cloud security firm Aqua Security uncovered a hacking campaign carried out during the past months, hackers are scanning the Internet for Docker servers running API ports exposed without a password. gopsutil – a process utility library, used for system and processes monitoring. “The spre. ssh/config,bash_history, /.ssh/known_hosts,

Mining

Mining Libraries Cloud Communications

6 Ways to elevate the Salesforce experience for your users

IBM Big Data Hub

FEBRUARY 15, 2024

Whether using Experience Cloud, Sales Cloud, or Service Cloud, your Salesforce user experience should be seamless, personalized and hyper-relevant, reflecting all the right context behind every interaction. At the same time, Salesforce is a big investment, and you need to show return on that investment as quickly as possible.

Cloud

Cloud Sales Libraries Education

Quebec shuts down thousands of sites as disclosure of the Log4Shell flaw

Security Affairs

DECEMBER 12, 2021

Quebec shut down nearly 4,000 of its sites in response to the discovery of the Log4Shell flaw in the Apache Log4j Java-based logging library. Quebec shut down nearly 4,000 of its sites as a preventative measure after the disclosure of a PoC exploit for the Log4Shell flaw ( CVE-2021-44228 ) in the Apache Log4j Java-based logging library.

Libraries

Libraries Digital transformation Education Government

LastPass hack caused by an unpatched Plex software on an employee’s PC

Security Affairs

MARCH 7, 2023

The attackers targeted one of the four DevOps engineers who had access to the decryption keys needed to access the cloud storage service. This issue allowed an attacker with access to the server administrator’s Plex account to upload a malicious file via the Camera Upload feature and have the media server execute it.

Data breaches

Data breaches Passwords Libraries Authentication

Microsoft March 2022 Patch Tuesday updates fix 89 vulnerabilities

Security Affairs

MARCH 8, 2022

Below is the complete list of vulnerabilities addressed by Microsoft: Tag CVE ID CVE Title Severity.NET and Visual Studio CVE-2022-24512.NET NET and Visual Studio Remote Code Execution Vulnerability Important.NET and Visual Studio CVE-2022-24464.NET

Libraries

Libraries IoT Cloud Security

[Podcast] Finding Success at the Intersection of Content Services, Cloud, and Analytics

AIIM

JULY 9, 2019

Click here to access our full library of episodes. Listen to Stephen discuss the changing strategies and approaches to content services on this podcast episode ; then, check out the webinar for even more information ( note: the webinar will also be available on-demand after the live date ). Want more episodes like this?

Content services

Content services ECM Analytics Cloud

Microsoft 365 Research Highlights Cloud Vulnerabilities

IBM Cloud solution tutorials: 2023 in review

Webinars

Trending Sources

Accelerate your hybrid cloud journey and keep your business running with reliable failover solutions from IBM Power Virtual Server

Webinars

GUEST ESSAY: Taking a systematic approach to achieving secured, ethical AI model development

Kalay cloud platform flaw exposes millions of IoT devices to hack

Microsoft Patch Tuesday, November 2023 Edition

Feedify cloud service architecture compromised by MageCart crime gang

Vulnerability Recap 4/1/24: Cisco, Fortinet & Windows Server Updates

Google Cloud Aims to Share Its Vetted Open Source Ecosystem

CISA adds ownCloud and Google Chrome bugs to its Known Exploited Vulnerabilities catalog

1,859 Android and iOS apps were containing hard-coded Amazon AWS credentials

The Fenway Library Organization provides affordable digital preservation to its members

Will cryptocurrency mining soon saturate AWS, Microsoft Azure and Google Cloud?

A Microsoft 365 feature can ransom files on SharePoint and OneDriveCould

Understanding the Benefits of a Hybrid Cloud: Featured Solutions from Cisco and F5

Threat actors hacked the Dropbox Sign production environment

IBM and Tata Consulting Services collaborate to drive hybrid cloud adoption with IBM Power Virtual Server

What are the Best Document Management Capabilities?

Threat actors started exploiting critical ownCloud flaw CVE-2023-49103

Preservation and public access to the records of over 240 Kentucky state agencies

Chinese actor ‘Unfading Sea Haze’ remained undetected for five years

New Pro-Ocean crypto-miner targets Apache ActiveMQ, Oracle WebLogic, and Redis installs

KB, National Library of the Netherlands selects Preservica for new digital preservation system

A high-severity flaw affects VMware Workstation, Fusion and vSphere products.

New Highly-Evasive Linux Malware Infects All Running Processes

University of Notre Dame Hesburgh Libraries and University Archives modernize digital preservation environment with Preservica

[Podcast] Tips for Staying Cyber-Safe While Working from Home

Top 5 Application Security Tools & Software for 2023

Vulnerability Recap 4/15/24 – Palo Alto, Microsoft, Ivanti Exploits

Preservica launches cloud hosted digital preservation in Australia

Patch Tuesday, October 2023 Edition

Cybereason released Logout4Shell, a vaccine for Log4Shell Apache Log4j RCE

MY TAKE: Log4j’s big lesson – legacy tools, new tech are both needed to secure modern networks

Digital cloud system to protect and store Rauner materials

Accelerating partner innovation through digital self-serve co-create experience with IBM

INFRA:HALT flaws impact OT devices from hundreds of vendors

12 Types of Vulnerability Scans & When to Run Each

CISA Urges Exchange Online Authentication Update

Hackers target Docker servers to deploy the new Kinsing cryptocurrency miner

6 Ways to elevate the Salesforce experience for your users

Quebec shuts down thousands of sites as disclosure of the Log4Shell flaw

LastPass hack caused by an unpatched Plex software on an employee’s PC

Microsoft March 2022 Patch Tuesday updates fix 89 vulnerabilities

[Podcast] Finding Success at the Intersection of Content Services, Cloud, and Analytics

Stay Connected