Bugs in open-source libraries impact 70% of modern software

Security Affairs

70 percent of mobile and desktop applications that today we use are affected at least by one security flaw that is present in open-source libraries. According to the Veracode’s annual State of Software Security report, 70 percent of mobile and desktop applications being used today have at least one security flaw that is the result of the use of an open-source library. In addition, most languages feature the same set of core libraries.”

The Cyentia Library Relaunches

Adam Shostack

I’m excited to see that they’re Re-introducing the Cyentia Research Library , with cool (new?) The Cyentia Library lets us see what people are doing in terms of research and data. ’ My longstanding interest in how attackers get access is underserved. When I comment that “how attackers get access” is underserved, what I mean is that its insufficiently well addressed in 2000 reports to have emerged or been noticed by the NLP and manual analyses.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Malware attack took down 600 computers at Volusia County Public Library

Security Affairs

System supporting libraries in Volusia County were hit by a cyber attack, the incident took down 600 computers at Volusia County Public Library (VCPL) branches. 600 staff and public access computers were taken down at Volusia County Public Library (VCPL) branches in Daytona Beach, Florida, following a cyberattack. “The county’s technology staff were immediately notified and coordinated recovery efforts with library staff,” reads the official statement.

Mobile Libraries: Culture on the Go

Unwritten Record

National Bookmobile Day is April 22, part of National Library Week (April 19-25). . A library is a place that stores information, a place where people from all walks of life have the opportunity to obtain textual and audiovisual material for education, entertainment, and enlightenment. But sometimes a patron is unable to access a library due to limitations of location or distance. What better solution to this problem than to implement a mobile library?

Welsh Library Team of the Year

CILIP

Welsh Library Team of the Year. NHS Wales Library and Knowledge Service and Newtown Area Library have been recognized by CILIP Cymru Wales, the Library and Information association in Wales, for their incredible commitment and innovative services during a turbulent 2020.

The British Library?s International Library Leaders Programme

CILIP

The British Library?s s International Library Leaders Programme. Ilene McKenna is the Lead Archivist, Archival Information System Renewal at Library and Archives Canada. In November 2019, she had the opportunity to take part in British Library?s

Arup Library: 60 years

CILIP

Arup Library: 60 years. Arup Library: 60 years. Key projects include the Sydney Opera House, the Pompidou Centre and the British Library. The first library in the firm?s What follows is a brief overview of 60 years of the Arup Library in London. Early Arup Library. s first professional librarian and founder of the first library in Ove Arup & Partners. The library itself was located on the ground floor of No.13 Henry managed the library?s

Instagram RCE gave hackers remote access to your device

Security Affairs

The vulnerability ties on how Instagram uses third-party libraries for image processing, in particular, the open-source JPEG decoder Mozjpeg. A malicious code could allow the hackers to access a device’s phone contacts, camera, GPS data, and files stored into the device.

Where my heart is: Lee Child and Libraries

CILIP

Lee Child and Libraries. Heather Martin looks at how a love of libraries and the services they. From access to books to feed his voracious appetite for reading as a child, to characters. libraries have always played. In the beginning was the library. ?Nobody

Discover a world of reading this Libraries Week

CILIP

Discover a world of reading this Libraries Week. This Libraries Week (5-10 October 2020) libraries across the UK will showcase their reading offer as we celebrate the vital role of libraries in the UK?s ExpressYourShelf this Libraries Week by taking part in CILIP?s

COVID-19 Guidance for School Libraries

CILIP

COVID-19 Guidance for School Libraries. This Guidance has been developed by a Working Party convened jointly by CILIP, the CILIP School Libraries Group (CILIP SLG) and the School Library Association (SLA). Schools and school libraries differ vastly in their size, governance and operations. This Guidance further presumes that school library staff are not themselves in a clinically vulnerable category, are not ?shielding? all library services resumed?).

Celebrating the Library of the Future for Libraries Week

CILIP

s children build their Library of the Future for Libraries Week. Children, young people and LEGO enthusiasts from age 2 to 85 have been hard at work as part of Libraries Week ? s much-loved libraries. In a CILIP competition to build the Library of the Future out of LEGO bricks, hundreds of entries have highlighted the many different ways in which libraries will support their users in the future. to distribute books to library users. library lates?,

Police can access My Health Record without court order, parliamentary library warns

The Guardian Data Protection

Advice from independent researcher contradicts health minister and raises more privacy concerns The health minister, Greg Hunt, was wrong to claim that patients’ My Health Record could only be accessed by police with a court order, according to advice from the parliamentary library.

Access to Research ? a great, free digital resource for public libraries

CILIP

Access to Research ? a great, free digital resource for public libraries. Access to Research ? a great, free digital resource for public libraries. DO your library users have health issues they want to find out more about? Do students living locally need to access academic articles in their university holidays? The service is only available on terminals in public libraries and cannot be accessed remotely. users on library premises. "At

Parliamentary library deletes post confirming police can access My Health Record

The Guardian Data Protection

Page removed after complaint from health department about ‘potential inaccuracies’ A complaint from the federal health department has prompted the parliamentary library to pull its advice that patients’ My Health Record could be accessed by police without a court order.

The impact of Universal Credit on frontline public library workers

CILIP

The impact of Universal Credit on frontline public library workers. benefit that requires the vast majority of claimants to make and manage their claim online - is having on public library services across the UK. We are conducting this research because the Department for Work and Pensions is encouraging people to use the library to make and manage a claim if they do not have internet access at home and/or they need support with digital skills. Public libraries

Get ready for Libraries Week 2020

CILIP

Get ready for Libraries Week 2020. CILIP is delighted to launch campaign assets for Libraries Week 2020, recognising the amazing contribution that libraries make to the UK?s Libraries Week is a weeklong celebration of the nation?s s much-loved libraries organised by CILIP, with a focus this year on celebrating books and reading. Libraries Week 2020 is sponsored by Nielsen Book and OverDrive.

Honey, I blockchained the library

CILIP

Honey, I blockchained the library. Honey, I blockchained the library. A new kind of library. What could that mean for libraries? And for academic libraries and publishers, could micropayments per journal article supersede today?s In the world of academic and research libraries, blockchain offers the potential to revolutionise our processes ? What would the library look like as a DAO? in a new kind of library ?

Libraries: don't mess with trust

CILIP

Libraries: don't mess with trust. Libraries: don't mess with trust. Jeni Tennison, CEO of the ODI discusses how libraries could fit into it without damaging themselves. Operational uses such as using data to support the day-to-day running of a library. Increasing access to data that might help others work with them. where the libraries are for example. ?Most What can libraries do? ?So So what should libraries be doing with personal data??

Apache Struts users have to update FileUpload library to fix years-old flaws

Security Affairs

Apache Struts Users have to update the Commons FileUpload library in Struts 2 that is affected by two vulnerabilities. Apache Struts developers have addressed two vulnerabilities in the Commons FileUpload library in Struts 2, the flaws can be exploited for remote code execution and denial-of-service (DoS) attacks. of the library, while users have to manually update applications using Struts 2.3.36 Commons FileUpload library Version 1.3.3

Making Access Happen through the Digital Public Library of America

Archives Blogs

Providing public access to Federal Government records is central to the mission of the National Archives. Open access to government records strengthens democracy by allowing Americans to claim their rights of citizenship, hold their government accountable, and understand their history so they can participate more effectively in their government.

Seeking Public Library Participants for Community History Web Archiving Program

Archive-It

Public libraries play a critical role in building community-oriented archives and these collections are particularly important in recording the impact of unprecedented events on the lives of local citizens. by the Archive-It team.

Uncovering Vulnerabilities In Cryptographic Libraries: Mayhem, MatrixSSL, And WolfSSL (CVE-2019-13470)

ForAllSecure

As part of a recent initiative at ForAllSecure to analyze more open source software with Mayhem, a next-generation fuzzing solution, we decided to investigate some cryptographic libraries. Why Crypto Libraries? Why look at crypto libraries? Introduction.

CILIP Open Access resources

CILIP

Open Access Webinar recordings. The Public Health England Knowledge and Library Services Team have developed a comprehensive set of information resources about the virus, its symptoms and how to promote public health - [link]. Due to the highly localised and specific nature of the virus response, CILIP cannot provide advice to cover every type of library, information and knowledge service. If your library, information or knowledge service is to be fully-closed.

UX in Libraries: Cognitive maps

CILIP

UX in Libraries: Cognitive maps. andypriestner ) is a freelance UX trainer and consultant and Chair of the UX in Libraries conference andypriestnertraining.com uxlib.org. d like to focus on a UX research technique that offers unparalleled access to the thoughts, preferences and experiences of your users: the cognitive map. Contributor: Andy Priestner ( @andypriestner ) is a freelance UX trainer and consultant and Chair of the UX in Libraries conference.

Beyond digital literacy: STEM learning ideas from library professionals in the UK and Ireland

CILIP

Libraries are not just books ? We need] strong advocates who see the library as a place where STEM-rich learning takes place. ? In the words of one research participant, STEM learning in libraries is about ?promoting in other libraries or from STEM or education organisations ?

Dominic Cummings: Libraries are "desperately needed"

CILIP

Dominic Cummings: Libraries are ?desperately Dominic Cummings: Libraries are ?desperately DURING the 2019 General Election Boris Johnson said he loved libraries and wanted to invest in opening more of them, but added: ?We His special adviser, Dominic Cummings, has no such conditions attached to his support for libraries. libraries plus internal historians? His view was not that libraries needed equal treatment, they needed a much-improved status in government:

Stepping into Leadership ? online resources for leadership in libraries launched

CILIP

online resources for leadership in libraries launched. Over the past few weeks, those working in our public libraries have demonstrated their expertise, creativity, and commitment to serving their communities. At this particular moment, it is critical that there is support for public library staff at every level. These are open to all and free to access on CILIP?s s Carnegie Library Lab programme. Isobel Hunter, Chief Executive, Libraries Connected said: ?Strong,

Prison library: Bringing children and dads together

CILIP

Prison library: Bringing children and dads together. THE world of the prison library is, by its very nature, hidden from the view of most people. But prison libraries are a statutory requirement (The Prison Rules, 1999 [link] and there is some wonderful work going on in jails around the country, which few people get to hear about. The library is situated fairly near the main gate in one of the Victorian wings, but it looks very much like any small branch library ?

Turning over new leaves: Can outdoor spaces help libraries grow?

CILIP

Turning over new leaves: Can outdoor spaces help libraries grow? Turning over new leaves: Can outdoor spaces help libraries grow? ?IF IF you have a garden and a library, you have everything you need,? If you have a garden in your library, everything will be complete!? The inspiration for this piece of evidence grew from my recent visit to the Sir Alex Ferguson Library (previously known as the Saltire Centre), which houses the library of Glasgow Caledonian University.

Open research needs library support

CILIP

Open research needs library support. Open research needs library support. The document, which is available in a variety of formats, includes the opportunity for library and information professionals to contribute directly through GitHub. The report highlights a multi-disciplinary approach to Open Scholarship, but points to librarians and libraries as being crucial advocates and drivers of change. Research funders and libraries hold most of the purse strings,?

Overdrive CEO, Steve Potash, makes the case for public libraries

CILIP

Overdrive founder and CEO, Steve Potash makes the case for Public Libraries. Steve Potash, Lord John Bird, Bobby Seagull, Johanna Brinton Abela and Erica Lazzaro at the launch of Public Libraries: The Case for Support. Overdrive founder and CEO, Steve Potash, makes the case for Public Libraries. It is critical that the issues in Public Libraries: The Case for Support are being brought to the forefront of public dialogue. 1 invested in public libraries.

Advancing Art Libraries and Curated Web Archives: Notes from a National Forum

Archive-It

Art and museum libraries are on the move! Fifty librarians, archivists, and technologists from around the country assembled at the San Francisco Museum of Modern Art (SFMOMA) for Advancing Art Libraries and Curated Web Archives , a two-day national forum sponsored by the U.S. Institute of Museum & Library Services (IMLS). Deborah Kempe (NYARC, Frick Art Reference Library) opens the forum at SFMOMA. Conferences Museums and Art Libraries

A sustainable model for library advocacy

CILIP

A sustainable model for library advocacy. A sustainable model for library advocacy. s methodology for building public support for libraries in the US, and to share insights from our advocacy work. It was wonderful to meet so many people who are doing amazing work supporting and advocating for libraries across the UK. t have a culture of working on local library campaigns, don?t t an issue that is limited to libraries in the UK.

Time to end a decade of library austerity

CILIP

Time to end a decade of library austerity. CILIP and Library Champion Bobby Seagull delivered a petition to Downing Street last Thursday calling for an end to a decade of public library austerity and demanding secure revenue funding for public libraries in the Chancellor?s s towns and communities by reinstating revenue funding for libraries to its pre-austerity level in the forthcoming Budget. Library Champion, Bobby Seagull, added; ?libraries

An Island Library and Archives explored

CILIP

An Island Library and Archives explored. An Island Library and Archives explored. It first opened its doors in November 1922, including an active library from the outset, managed by the first librarian William Cubbon. We are still situated in the Manx Museum, although the library location has moved several times to allow for expansion and improved public facilities. Listed alphabetically, it offers search access to objects, items, sites and monuments.

Democratizing Access to our Records

Archives Blogs

The National Archives has a big, hairy audacious strategic goal to provide public access to 500 million digital copies of our records through our online Catalog by FY24.

UNCOVERING VULNERABILITIES IN CRYPTOGRAPHIC LIBRARIES: MAYHEM, MATRIXSSL, AND WOLFSSL

ForAllSecure

As part of a recent initiative at ForAllSecure to analyze more open source software with Mayhem, a next-generation fuzzing solution, we decided to investigate some cryptographic libraries. Why Crypto Libraries? Why look at crypto libraries? First there is the obvious: SSL, TLS, and related protocols managed by these libraries power much of the secure web. As is the case with many of these libraries, much of the code could be considered on the attack surface.

Public library content in an age of impact

CILIP

Public library content in an age of impact. Public library content in an age of impact. The range of activities, services and impacts a modern library service provides has grown significantly and undeniably in recent years. Alongside this, how we understand the results and the effects of what libraries deliver has shifted away from transactional measures. Very few public library services now have the luxury of dedicated, in-house cataloguers.

Analyzing MATIO And stb_vorbis Libraries With Mayhem

ForAllSecure

In this post, we will examine how we analyzed two open source libraries using Mayhem in a specific workflow that we’ve found to be particularly effective for finding bugs. For a library, this is usually determined by the host application.