Groups, Libraries and Tools - Information Management Today

TeamTNT group adds new detection evasion tool to its Linux miner

Security Affairs

JANUARY 28, 2021

The TeamTNT cybercrime group has improved its Linux cryptocurrency miner by implementing open-source detection evasion capabilities. The TeamTNT cybercrime group has upgraded their Linux cryptocurrency miner by adding open-source detection evasion capabilities, AT&T Alien Labs researchers warn. Set persistence through systemd.

IT

IT Libraries Mining Security

Barracuda fixed a new ESG zero-day exploited by Chinese group UNC4841

Security Affairs

DECEMBER 27, 2023

Security firm Barracuda addressed a new zero-day, affecting its Email Security Gateway (ESG) appliances, that is actively exploited by the China-linked UNC4841 group. The vulnerability has been actively exploited by the Chinese hacker group UNC4841 Chinese. ” reads the advisory. ” reads the advisory.

Libraries

Libraries Access Cybersecurity Security

Learning from our Past: Celebrating Black History Month with Lancaster University Library

CILIP

OCTOBER 20, 2023

Learning from our Past: Celebrating Black History Month with Lancaster University Library Slavery Banner in Lancaster Universit Library (to Sunita Abraham) Lancaster University Library takes the lead in decolonisation to reach staff and students of the university, with a diverse range of engaging, and enriching activites, initiatives, and projects.

Libraries

Libraries Access Communications IT

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Clasiopa group targets materials research in Asia

Security Affairs

FEBRUARY 25, 2023

The experts noticed that both the Domino and Agile software appear to be using old certificates and the Agile servers use old vulnerable libraries. The arsenal of the Clasiopa group includes: Atharvan custom remote access Trojan (RAT). A custom proxy tool. Modified versions of the publicly available Lilith RAT.

Passwords

Passwords Libraries Archiving Access

How to Package and Price Embedded Analytics

Just by embedding analytics, application owners can charge 24% more for their product. How much value could you add? This framework explains how application enhancements can extend your product offerings. Brought to you by Logi Analytics.

Analytics

Top Code Debugging and Code Security Tools

eSecurity Planet

AUGUST 26, 2021

Code debugging and code security tools exist to find and help developers fix the problems that occur. Such tools typically capture exceptions as they occur and provide diagnostic and contextual data to make resolution easier. How they go about it differs from tool to tool. Some use hard-coded algorithms in error grouping.

Security

Security Libraries IT Cloud

SandboxAQ Open Sources Cryptography Management Tool for Post-Quantum Era

eSecurity Planet

AUGUST 8, 2023

. “Modern cryptography management and cryptographic agility are becoming increasingly more essential for businesses of all sizes; however, there has been a distinct lack of open-source tools for developers to support these features,” Graham Steel, head of product for the company’s Quantum Security Group, said in a statement.

Encryption

Encryption Cybersecurity Libraries Access

Experts attribute WyrmSpy and DragonEgg spyware to the Chinese APT41 group

Security Affairs

JULY 20, 2023

China-linked group APT41 was spotted using two previously undocumented Android spyware called WyrmSpy and DragonEgg China-linked APT group APT41 has been observed using two previously undocumented Android spyware called WyrmSpy and DragonEgg. WyrmSpy uses popular rooting tools such as KingRoot11 and IovyRoot/IvyRoot12.

File names

File names Libraries Cybersecurity IT

Apple will delay the rollout of new child pornography protection tools

Security Affairs

SEPTEMBER 4, 2021

Apple will delay the introduction of its new child pornography protection tools due to a heated debate raised by privacy advocates. Apple announced this week that it will delay the rollout of its new child pornography protection tools after many experts and privacy advocated claimed it poses a threat to user privacy.

Privacy

Privacy Libraries IT Security

Central and local must government to come together and safeguard the future of our libraries

CILIP

JUNE 9, 2023

Central and local must government to come together and safeguard the future of our libraries The current regulation and oversight of library services in England means that the Government is failing in its duty of accountability to the taxpayer and in its specific duty of sector development and improvement.

Libraries

Libraries Government IT

News alert: SandboxAQ launches new open source framework to simplify cryptography management

The Last Watchdog

AUGUST 8, 2023

8, 2023 – SandboxAQ today announced Sandwich, an open source framework and meta-library of cryptographic algorithms that simplifies modern cryptography management. Rowe Price, Eric Schmidt (chairman of SandboxAQ), Breyer Capital, Guggenheim Partners, Marc Benioff, Thomas Tull, Paladin Capital Group, and other leading investors.

Libraries

Libraries Encryption Access Cybersecurity

China-linked APT group Aquatic Panda leverages Log4Shell in recent attack

Security Affairs

DECEMBER 29, 2021

China-linked APT group Aquatic Panda is exploiting the Log4Shell vulnerability to compromise a large academic institution. China-linked cyberespionage group Aquatic Panda was spotted exploiting the Log4Shell vulnerability ( CVE 2021-44228 ) in an attack aimed at a large academic institution. ” concludes the report.

Libraries

Libraries Access Security IT

Nation-State Attackers, Ransomware Groups Take Aim at Apache Log4j Flaw

eSecurity Planet

DECEMBER 15, 2021

Nation-state cyber threat groups and ransomware attackers are moving in to exploit a critical flaw found in the seemingly ubiquitous Apache Log4j open-source logging tool, as attacks spread just days after the vulnerability that could affect hundreds of millions of devices was made public late last week. Escalation of Exploit Attempts.

Ransomware

Ransomware Cybersecurity Access Libraries

PYSA ransomware gang is the most active group in November

Security Affairs

DECEMBER 22, 2021

PYSA and Lockbit were the most active ransomware gangs in the threat landscape in November 2021, researchers from NCC Group report. Security researchers from NCC Group reported an increase in ransomware attacks in November 2021 over the past month, and PYSA (aka Mespinoza) and Lockbit were the most active ransomware gangs.

Ransomware

Ransomware Encryption Government Retail

Role of Library and Knowledge Specialists in Moving Education and Training Online

CILIP

JULY 30, 2020

Role of Library and Knowledge Specialists in Moving Education and Training Online. This is a statement by the Information Literacy Group, a special interest group of the CILIP, the library and information association. You can find further information on the Information Literacy Group website.

Libraries

Libraries Education

DRBControl cyber-espionage group targets gambling, betting companies

Security Affairs

FEBRUARY 19, 2020

The DRBControl APT group has been targeting gambling and betting companies worldwide with malware that links to two China-linked APT groups. Security researchers from TrendMicro have uncovered a cyber espionage campaign carried out by an APT group tracked as DRBControl that employed a new family of malware.

Libraries

Libraries Phishing Passwords IT

Terry Kendrick helps libraries achieve their marketing, communications and engagement goals

CILIP

JUNE 7, 2021

Now more than ever, libraries must find ways to engage with their communities in order to demonstrate the value they create and deliver. It takes each element of the strategic marketing domain and outlines both current marketing best practice and its detailed application in the library and information sector.

Libraries

Libraries Marketing Communications Education

Arup Library: 60 years

CILIP

JANUARY 28, 2020

Arup Library: 60 years. Arup Library: 60 years. Key projects include the Sydney Opera House, the Pompidou Centre and the British Library. The first library in the firm?s What follows is a brief overview of 60 years of the Arup Library in London. Early Arup Library. It mentions that ?people

Libraries

Libraries Computer and Electronics Archiving Paper

FIN7 targeted a large U.S. carmaker phishing attacks

Security Affairs

APRIL 18, 2024

BlackBerry reported that the financially motivated group FIN7 targeted the IT department of a large U.S. The attackers employed the lure of a free IP scanning tool to infect the systems with the Anunak backdoor and gain an initial foothold using living-off-the-land binaries, scripts, and libraries (lolbas).

Phishing

Phishing Manufacturing Libraries IT

InvisiMole group targets military sector and diplomatic missions in Eastern Europe

Security Affairs

JUNE 18, 2020

Researchers uncovered a recent campaign carried out by the InvisiMole group that has been targeting a small number of high-profile organizations. The group has been active since at least 2013, ESET experts linked the group to the Gamaredon Russian APT group Gamaredon despite considers the two crews independent.

Military

Military Communications Libraries Encryption

China-linked Budworm APT returns to target a US entity

Security Affairs

OCTOBER 13, 2022

The Budworm espionage group resurfaced targeting a U.S.-based This is the first time that Symantec researchers have observed the Budworm group targeting a U.S-based The group also targeted a hospital in South East Asia. The China-linked APT27 group has been active since 2010, it targeted organizations worldwide, including U.S.

File names

File names Financial Services Manufacturing Libraries

China-linked APT31 targets Russia for the first time

Security Affairs

AUGUST 4, 2021

China-linked APT31 group employed a new strain of malware in attacks aimed at entities in Mongolia, Belarus, Canada, the US, and Russia. In July 2021, the French national cyber-security agency ANSSI warned of ongoing attacks against a large number of French organizations conducted by the Chine-linked APT31 cyberespionage group.

Libraries

Libraries Security IT Cybersecurity

2023 Retrospective: One year at CILIP & 125 years of Chartership

CILIP

DECEMBER 21, 2023

To celebrate this century and a quarter of Royal Chartership, we created the CILIP 125, a group of 125 cross-sector librarians and info-pros who have shown outstanding work and talent in our field, that were announced CILIP’s leadership-focussed conference in July.

Libraries

Libraries Archiving Communications Access

Cyber Authorities Sound The Alarm On Critical Vulnerability In Java Library

Data Protection Report

DECEMBER 13, 2021

This is a critical vulnerability of very high significance to government and industry groups. Adjust firewalls and other endpoint tools to prevent outbound connections from systems with log4j. Ensure network logging exists to record activity related to a vulnerable Apache Log4j logging library. See the CISA alert and NIST alert.

Libraries

Libraries Ransomware Cloud Risk

Iran-linked group Cobalt Dickens hit over 60 universities worldwide

Security Affairs

SEPTEMBER 12, 2019

Iran-linked Cobalt Dickens APT group carried out a spear-phishing campaign aimed at tens of universities worldwide. This operation is similar to the threat group’s August 2018 campaign , using compromised university resources to send library-themed phishing emails.” and Switzerland.

Phishing

Phishing Libraries File names Metadata

New Highly-Evasive Linux Malware Infects All Running Processes

eSecurity Planet

JULY 11, 2022

The module hooks functions called in shared libraries, which is pretty common for malware, but it also implements “advanced evasion techniques” and “remote capabilities over SSH.”. ” See the Best Open Source Security Tools. ” See the Best Open Source Security Tools. OrBit Malware Details. Placing shared objects (e.g.

Libraries

Libraries Authentication Security Access

New Gallmaker APT group eschews malware in cyber espionage campaigns

Security Affairs

OCTOBER 10, 2018

A previously unknown cyber espionage group, tracked as Gallmaker, has been targeting entities in the government, military and defense sectors since at least 2017. A new cyber espionage group tracked as Gallmaker appeared in the threat landscape. ” concluded Symantec.

Military

Military File names Libraries Government

Magecart 5 hacker group targets L7 Routers

Security Affairs

SEPTEMBER 27, 2019

IBM researchers observed one of the Magecart groups using a malicious code to inject into commercial-grade layer 7 L7 routers. IBM X-Force Incident Response and Intelligence Services (IRIS) experts observed that one of the Magecart groups, tracked as MG5, is using malware to inject into commercial-grade L7 routers. Pierluigi Paganini.

Libraries

Libraries Access IT Security

CILIP Launches fully revised and updated Professional Knowledge and Skills Base online tool

CILIP

AUGUST 24, 2021

CILIP Launches fully revised and updated Professional Knowledge and Skills Base online tool. CILIP is delighted to launch the new, comprehensively revised and updated, version of the Professional Knowledge and Skills Base online tool. For CILIP members the PKSB online tool provides the best access and functionality.

Libraries

Libraries Access IT

OceanLotus APT group leverages a steganography-based loader to deliver backdoors

Security Affairs

APRIL 3, 2019

The OceanLotus APT group, also known as APT32 or Cobalt Kitty , leverages a steganography-based loader to deliver backdoors on compromised systems. The APT32 group, also known as OceanLotus Group, has been active since at least 2013, according to the experts it is a state-sponsored hacking group.

Libraries

Libraries Encryption Communications Manufacturing

Luck, self-reflection, and learning on the path to success as a Health Librarian

CILIP

FEBRUARY 2, 2024

I realised my passion was in reading and interacting with the kids, and not so much the teaching, so I took my first jobas a library assistant.” Everyone needs a bit of luck Luck (or coincidence) got her the next step in her career when she saw an ad for a library assistant in a mental health hospital. “I

Libraries

Libraries Sales IT

Expert identifies new Nazar APT group referenced in 2017 Shadow Brokers leak

Security Affairs

APRIL 23, 2020

A security expert uncovered an old APT operation, tracked Nazar, by analyzing the NSA hacking tools included in the dump leaked by Shadow Brokers in 2017. The post Expert identifies new Nazar APT group referenced in 2017 Shadow Brokers leak appeared first on Security Affairs. Pierluigi Paganini. SecurityAffairs – Nazar, hacking).

Libraries

Libraries Cybersecurity Access IT

Feature Spotlight: Internal Seeds Groups

Archive-It

APRIL 12, 2023

by Tanya Ulmer, Web Archivist for Archive-It Seed groups have been around for a while, allowing partners to organize their seeds on their public collections’ pages at archive-it.org. But did you know that seed groups are no longer necessarily displayed publicly? Why would a partner organization want to use internal seed groups?

Archiving

Archiving Metadata Libraries IT

Success of AI in academic libraries depends on underlying data

CILIP

JUNE 26, 2019

Success of AI in academic libraries depends on good underlying data. nder, scientific information specialist: Success of AI in academic libraries depends on good underlying data. Why do we hear so little in this respect from libraries on this side of the Atlantic? In what way have the working methods in libraries changed?

Libraries

Libraries Unstructured data Artificial Intelligence Archiving

Open Source Security: A Big Problem

eSecurity Planet

AUGUST 5, 2021

Amid discussions on the security of open source technologies like eBPF and Hadoop, OpenSSF speakers Jennifer Fernick, SVP and head of global research at NCC Group, and Christopher Robinson, Intel’s director of security communications, outlined the group’s vision to secure open source software “end to end, at massive scale.”

Security

Security Big data Libraries Communications

CILIP connects librarians with NHS in Digital Health Literacy Partnership

CILIP

JULY 7, 2023

Pilot projects received funding in two cohorts to try out different approaches to improving health and digital literacy in a collaboration between CILIP, national NHS Knowledge and Library Services team (at NHS England, formerly Health Education England), Libraries Connected and Arts Council England.

Libraries

Libraries Education Access

Stayin’ Alive campaign targets high-profile Asian government and telecom entities. Is it linked to ToddyCat APT?

Security Affairs

OCTOBER 13, 2023

The researchers pointed out that the basic characteristics of the tools used by the threat actors and their broad diversity, suggest that they are disposable tools employed for downloading and executing additional payloads. The tools have no code similarities with any known tool used by other threat actors.

Government

Government IT Encryption Libraries

Raspberry Robin malware used in attacks against Telecom and Governments

Security Affairs

DECEMBER 24, 2022

. “The main payload itself is packed with more than 10 layers for obfuscation and is capable of delivering a fake payload once it detects sandboxing and security analytics tools.” The group behind Raspberry Robin is the maker of some of the tools LockBit is also using. exe to execute a malicious command.

Government

Government Communications Ransomware Manufacturing

Weekly Vulnerability Recap – October 9, 2023 – Zero-Days Strike Android, Microsoft, Apple, Cisco & More

eSecurity Planet

OCTOBER 9, 2023

Major zero-day vulnerabilities were reported in Atlassian and Cisco tools, while Apple responded to its own zero-day issue. And Linux distributions and the TorchServe AI tool were confronted with major security flaws too. Arm also published two additional vulnerabilities, CVE-2023-33200 and CVE-2023-34970. published on August 28, 2023.

Libraries

Libraries Ransomware Access Security

Joint statement from CILIP & the Rare Books and Special Collections Group (RBSCG)

CILIP

FEBRUARY 9, 2021

CILIP and the Rare Books and Special Collections Group (RBSCG) work together to champion the role of professional librarians in unlocking the richness and diversity of the collections held by knowledge and memory institutions, including Universities, museums, heritage sites, galleries, historic houses, National Libraries and other cultural heritage (..)

Libraries

Libraries IT Risk Access

China-linked APT41 group targets telecommunications companies with new backdoor

Security Affairs

OCTOBER 31, 2019

China-linked APT41 group is targeting telecommunications companies with a new piece of malware used to spy on text messages of highly targeted individuals. Researchers at FireEye discovered a new backdoor tracked as MessageTap that China-linked APT41 group are using to spy on text messages sent or received by highly targeted individuals.

Libraries

Libraries Education Risk Security

Cyber espionage campaign targets Asian countries since 2021

Security Affairs

SEPTEMBER 13, 2022

A cyber espionage group targets governments and state-owned organizations in multiple Asian countries since early 2021. ” The attackers employed a broad range of legitimate tools to deliver malware in attacks aimed at government institutions related to finance, aerospace, and defense, as well as state-owned media, IT, and telecom firms.

Government

Government Access Libraries Education

PyMICROPSIA Windows malware includes checks for Linux and macOS

Security Affairs

DECEMBER 15, 2020

Experts discovered a new Windows info-stealer, named PyMICROPSIA, linked to AridViper group that is rapidly evolving to target other platforms. Experts spotted the PyMICROPSIA info stealer while investigating attacks of the AridViper group (also tracked as Desert Falcon and APT-C-23 ). ” concludes the analysis.

Communications

Communications Libraries IT Security

Security Affairs newsletter Round 415 by Pierluigi Paganini – International edition

Security Affairs

APRIL 16, 2023

hacking tools and electronics A new round of the weekly SecurityAffairs newsletter arrived! hacking tools and electronics A new round of the weekly SecurityAffairs newsletter arrived! A new round of the weekly SecurityAffairs newsletter arrived!

Data breaches

Data breaches Security Libraries Retail

TeamTNT group adds new detection evasion tool to its Linux miner

Barracuda fixed a new ESG zero-day exploited by Chinese group UNC4841

Webinars

Trending Sources

Learning from our Past: Celebrating Black History Month with Lancaster University Library

Webinars

Clasiopa group targets materials research in Asia

How to Package and Price Embedded Analytics

Top Code Debugging and Code Security Tools

SandboxAQ Open Sources Cryptography Management Tool for Post-Quantum Era

Experts attribute WyrmSpy and DragonEgg spyware to the Chinese APT41 group

Apple will delay the rollout of new child pornography protection tools

Central and local must government to come together and safeguard the future of our libraries

News alert: SandboxAQ launches new open source framework to simplify cryptography management

China-linked APT group Aquatic Panda leverages Log4Shell in recent attack

Nation-State Attackers, Ransomware Groups Take Aim at Apache Log4j Flaw

PYSA ransomware gang is the most active group in November

Role of Library and Knowledge Specialists in Moving Education and Training Online

DRBControl cyber-espionage group targets gambling, betting companies

Terry Kendrick helps libraries achieve their marketing, communications and engagement goals

Arup Library: 60 years

FIN7 targeted a large U.S. carmaker phishing attacks

InvisiMole group targets military sector and diplomatic missions in Eastern Europe

China-linked Budworm APT returns to target a US entity

China-linked APT31 targets Russia for the first time

2023 Retrospective: One year at CILIP & 125 years of Chartership

Cyber Authorities Sound The Alarm On Critical Vulnerability In Java Library

Iran-linked group Cobalt Dickens hit over 60 universities worldwide

New Highly-Evasive Linux Malware Infects All Running Processes

New Gallmaker APT group eschews malware in cyber espionage campaigns

Magecart 5 hacker group targets L7 Routers

CILIP Launches fully revised and updated Professional Knowledge and Skills Base online tool

OceanLotus APT group leverages a steganography-based loader to deliver backdoors

Luck, self-reflection, and learning on the path to success as a Health Librarian

Expert identifies new Nazar APT group referenced in 2017 Shadow Brokers leak

Feature Spotlight: Internal Seeds Groups

Success of AI in academic libraries depends on underlying data

Open Source Security: A Big Problem

CILIP connects librarians with NHS in Digital Health Literacy Partnership

Stayin’ Alive campaign targets high-profile Asian government and telecom entities. Is it linked to ToddyCat APT?

Raspberry Robin malware used in attacks against Telecom and Governments

Weekly Vulnerability Recap – October 9, 2023 – Zero-Days Strike Android, Microsoft, Apple, Cisco & More

Joint statement from CILIP & the Rare Books and Special Collections Group (RBSCG)

China-linked APT41 group targets telecommunications companies with new backdoor

Cyber espionage campaign targets Asian countries since 2021

PyMICROPSIA Windows malware includes checks for Linux and macOS

Security Affairs newsletter Round 415 by Pierluigi Paganini – International edition

Stay Connected