Security Affairs

OCTOBER 10, 2023

A vulnerability in the libcue library impacting GNOME Linux systems can be exploited to achieve remote code execution (RCE) on affected hosts. A threat actor can trigger a vulnerability, tracked as CVE-2023-43641 (CVSS score: 8.8), in the libcue library impacting GNOME Linux systems to achieve remote code execution (RCE) on affected hosts.

Libraries 101

Libraries IT Security Access 101

Security Affairs

DECEMBER 1, 2021

Mozilla fixed a critical memory corruption issue affecting its cross-platform Network Security Services (NSS) set of cryptography libraries. Mozilla has addressed a heap-based buffer overflow vulnerability (CVE-2021-43527) in its cross-platform Network Security Services (NSS) set of cryptography libraries.

Libraries 120

Libraries Security CMS Communications 120

Security Affairs

AUGUST 30, 2021

The Boston Public Library was victim of a cyberattack that crippled its computer network, the library revealed in a statement Friday. The Boston Public Library announced on Friday that it was hit by a cyberattack that compromised its computer network. The affected systems were taken offline to prevent the threat from spreading.

Libraries 113

Libraries Communications Cybersecurity IT 113

Security Affairs

APRIL 15, 2023

The Goldoson library was discovered by researchers from McAfee’s Mobile Research Team, it collects lists of applications installed on a device, and a history of Wi-Fi and Bluetooth devices information, including nearby GPS locations. The experts have found more than 60 applications in Google Play that were containing the malicious library.

Libraries 95

Libraries Data collection Education Security 95

Data Breach Today

SEPTEMBER 2, 2021

and Below Are Affected by the Vulnerabilities Several companies that use the OpenSSL cryptography library toolkit are reportedly scrambling and releasing security advisories to their users following patching of two vulnerabilities that were first fixed and disclosed to users on Aug. OpenSSL v1.1.1k

Security 321

Security Libraries 321

Security Affairs

MAY 26, 2020

70 percent of mobile and desktop applications that today we use are affected at least by one security flaw that is present in open-source libraries. Experts pointed out that every library could be affected by one o more issues which will be inherited from all the applications that use them. ” reads the report.

Libraries 128

Libraries Security Access IT 128

IT Governance

NOVEMBER 6, 2023

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Library branches remain open, Wi-Fi is still available and materials can still be borrowed. However, public computers and printing services are unavailable.

Data Privacy 97

Data Privacy Privacy Libraries Security 97

Data Breach Today

JUNE 12, 2019

Flaw Could Cause Denial-of-Service Event in Windows Fleet, Researcher Claims A Google security researcher has disclosed what he calls an unpatched bug in the main cryptographic library used in newer versions of the Windows operating system that he claims could affect an entire fleet of Windows-based devices.

Libraries 192

Libraries Security 192

Security Affairs

FEBRUARY 1, 2021

Google discovered a flaw in GNU Privacy Guard (GnuPG)’s Libgcrypt encryption library that could be exploited to get remote code execution. Just decrypting some data can overflow a heap buffer with attacker controlled data, no verification or signature is validated before the vulnerability occurs.”

Libraries 136

Libraries Encryption Privacy IT 136

Security Affairs

NOVEMBER 3, 2020

The npm security team has removed a malicious JavaScript library named “ twilio-npm ” from its repository because contained malicious code. The tainted JavaScript library was spotted by the researcher Ax Sharma from security firm Sonatype. SecurityAffairs – hacking, npm library). tcp.ngrok[.]io:11425

Libraries 115

Libraries Security IT Information Security 115

Security Affairs

DECEMBER 10, 2021

Experts publicly disclose Proof-of-concept exploits for a critical zero-day vulnerability in the Apache Log4j Java-based logging library. Experts publicly disclose Proof-of-concept exploits for a critical remote code execution zero-day vulnerability, tracked a CVE-2021-44228 (aka Log4Shell ), in the Apache Log4j Java-based logging library.

Libraries 141

Libraries IT Cloud Paper 141

Security Affairs

JUNE 16, 2022

Researchers disclosed a remote code execution vulnerability, tracked as CVE-2022-25845, in the popular Fastjson library. Cybersecurity researchers from JFrog disclosed details of a now patched high-severity security vulnerability in the popular Fastjson library that could be potentially exploited to achieve remote code execution.

Libraries 76

Libraries Cybersecurity Security IT 76

Enterprise Software Blog

MAY 19, 2023

Many applications bump into a stack of similar challenges, like providing an intuitive and consistent user interface (UI), handling or rendering large data sets, allowing seamless data integration, and communicating with other systems using APIs. But with so many out there, how can you know which is the best Angular component library?

Libraries 52

Libraries Access IT Authentication 52

Security Affairs

OCTOBER 19, 2022

Researcher discovered a remote code execution vulnerability in the open-source Apache Commons Text library. GitHub’s threat analyst Alvaro Munoz discovered a remote code execution vulnerability, tracked as CVE-2022-42889, in the open-source Apache Commons Text library. ” wrote the security team. Pierluigi Paganini.

Libraries 98

Libraries IT Security Information Security 98

CILIP

JUNE 13, 2023

Connecting town and gown through the library How to help a community explore its slave-trading history: Lesley English, Head of Library Engagement at Lancaster University Library, explains how the library plays a key role in building bridges between town and gown. We connect, we innovate, we include.”

Libraries 52

Libraries Access Agriculture Education 52

Data Breach Today

FEBRUARY 2, 2024

Log4Shell burst into public awareness in late 2021 when security researchers identified a flaw in the ubiquitous Apache Log4J 2 Java library.

Libraries 270

Libraries Security 270

Security Affairs

NOVEMBER 5, 2021

Two popular npm libraries, coa and rc. The security team of the npm JavaScript package warns that two popular npm libraries, coa and rc. Two npm libraries that have a total of 23 million weekly downloads, a data that is worrisome. The post npm libraries coa and rc. The last stable coa version 2.0.2

Libraries 100

Libraries Passwords Access Security 100

eSecurity Planet

SEPTEMBER 22, 2022

Trellix security researchers have revealed a major vulnerability in the Python tarfile library that could be exploited in software supply chain attacks. See the Top Code Debugging and Code Security Tools. The post Unpatched Python Library Affects More Than 300,000 Open Source Projects appeared first on eSecurityPlanet.

Libraries 91

Libraries Archiving Risk Security 91

Security Affairs

MARCH 30, 2024

Red Hat warns of a backdoor in XZ Utils data compression tools and libraries in Fedora development and experimental versions. Red Hat urges users to immediately stop using systems running Fedora development and experimental versions because of a backdoor in the latest versions of the “xz” tools and libraries. x versions.

Libraries 129

Libraries Authentication Access Risk 129

Data Breach Today

DECEMBER 6, 2022

Aqua's Dror Davidoff Shares How Open-Source Repositories Create Risk for Cloud Apps Software has increasingly relied on components developed by third parties or from open-source libraries, which Aqua Security CEO Dror Davidoff says injects additional risk.

Cloud 130

Cloud Libraries Security Risk 130

Security Affairs

MARCH 26, 2023

On Friday, OpenAI revealed that the recent exposure of users’ personal information and chat titles in its chatbot service was caused by a bug in the Redis open-source library. we had a significant issue in ChatGPT due to a bug in an open source library, for which a fix has now been released and we have just finished validating.

Libraries 98

Libraries IT Security Data breaches 98

Security Affairs

FEBRUARY 18, 2024

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security 97

Security Ransomware Data breaches Libraries 97

Security Affairs

JANUARY 4, 2020

Maintainers of the OpenCV library addressed two buffer overflow flaws that could lead to arbitrary code execution. Maintainers of the OpenCV library addressed two high-severity buffer overflow vulnerabilities that could be exploited by an attacker to execute arbitrary code. Both vulnerabilities were reported to the vendor in July 2019.

Libraries 67

Libraries Data structuring Security IT 67

Security Affairs

MAY 6, 2023

Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security 95

Security Libraries Data breaches Ransomware 95

IT Governance

MAY 7, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Data scraping is a typically automated process that extracts information from websites, allowing criminals to compile data sets containing personal information.

Data breaches 59

Data breaches Education Manufacturing Retail 59

CILIP

MARCH 28, 2021

Here he speaks to Information Professional Editor Rob Green about how librarians and library services are now a central part of that function, and how the library service is supporting the wider needs of the Department. s library services more directly within the DWP?s Trevor recently incorporated the department?s Trevor says.

Libraries 52

Libraries Access Government Analytics 52

ForAllSecure

JANUARY 28, 2021

The US government has published a software library called six-library designed to parse and manipulate satellite imagery and data for both internal and public use. When examining six-library for potential entry points for fuzzing I kept the following in mind: Look for functions amenable to consuming raw binary data.

Libraries 52

Libraries Data structuring Government IT 52

ForAllSecure

JANUARY 28, 2021

The US government has published a software library called six-library designed to parse and manipulate satellite imagery and data for both internal and public use. When examining six-library for potential entry points for fuzzing I kept the following in mind: Look for functions amenable to consuming raw binary data.

Libraries 52

Libraries Data structuring Government IT 52

IT Governance

JANUARY 9, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Publicly disclosed data breaches and cyber attacks: in the spotlight Hathaway breached, 41.5 The compromised data allegedly includes names, email addresses and phone numbers.

Data Privacy 75

Data Privacy Privacy Manufacturing Data breaches 75

Security Affairs

JANUARY 7, 2024

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Artificial Intelligence 93

Artificial Intelligence Data breaches Security Ransomware 93

The Guardian Data Protection

JANUARY 10, 2022

EU police body accused of unlawfully holding information and aspiring to become an NSA-style mass surveillance agency The EU’s police agency, Europol, will be forced to delete much of a vast store of personal data that it has been found to have amassed unlawfully by the bloc’s data protection watchdog.

Personal data 119

Personal data Big data Libraries Encryption 119

Security Affairs

APRIL 16, 2023

Every week the best security articles from Security Affairs are free for you in your email box. Every week the best security articles from Security Affairs are free for you in your email box. The post Security Affairs newsletter Round 415 by Pierluigi Paganini – International edition appeared first on Security Affairs.

Data breaches 74

Data breaches Security Libraries Retail 74

CILIP

APRIL 15, 2024

CILIP Copyright COnference 2024 By Gary Horrocks THE summer 2023 issue of UKeiG’s open access journal, eLucidate , featured my reflections on the implications of a Members’ Day presentation by Ken Chad on the “library technology ecosystem". Ken notes there is “a dichotomy between the provision of library resources and learning resources.”

Libraries 72

Libraries Education Analytics Marketing 72

The Last Watchdog

MARCH 29, 2022

Log4j is the latest, greatest vulnerability to demonstrate just how tenuous the security of modern networks has become. By no means has the cybersecurity community been blind to the complex security challenges spinning out of digital transformation. Log4j, for instance, is a ubiquitous logging library.

Security 223

Security Cloud Digital transformation Cybersecurity 223

Security Affairs

OCTOBER 1, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Artificial Intelligence 102

Artificial Intelligence Security Ransomware Data breaches 102