article thumbnail

Boston Public Library discloses cyberattack

Security Affairs

The Boston Public Library was victim of a cyberattack that crippled its computer network, the library revealed in a statement Friday. The Boston Public Library announced on Friday that it was hit by a cyberattack that compromised its computer network.

article thumbnail

Google OAuth client library flaw allowed to deploy of malicious payloads

Security Affairs

Google addressed a high-severity flaw in its OAuth client library for Java that could allow attackers with a compromised token to deploy malicious payloads. The Google OAuth Client Library for Java is designed to work with any OAuth service on the web, not just with Google APIs.

Libraries 101
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Bugs in open-source libraries impact 70% of modern software

Security Affairs

70 percent of mobile and desktop applications that today we use are affected at least by one security flaw that is present in open-source libraries. Experts pointed out that every library could be affected by one o more issues which will be inherited from all the applications that use them.

article thumbnail

Libraries and sanctuary

CILIP

Libraries and sanctuary. John Vincent has been actively tackling social exclusion in libraries and other cultural and heritage organisations through The Network (www.seapn.org.uk) and the Libraries of Sanctuary project, that evolved from the Cities of Sanctuary. Go for it!

article thumbnail

10 Rules to More Streamlined Data Modeling

Apache Kafka is a powerful piece of software that can solve a lot of problems. Like most libraries and frameworks, you get out of it what you put into it. Learn 10 rules that will help you perfect your Kafka system to get ahead.

article thumbnail

Researchers disclosed a remote code execution flaw in Fastjson Library

Security Affairs

Researchers disclosed a remote code execution vulnerability, tracked as CVE-2022-25845, in the popular Fastjson library. Fastjson is a Java library that can be used to convert Java Objects into their JSON representation. SecurityAffairs – hacking, Fastjson library).

article thumbnail

I Am Parting With My Crypto Library

Schneier on Security

The time has come for me to find a new home for my (paper) cryptography library. It’s about 150 linear feet of books, conference proceedings, journals, and monographs — mostly from the 1980s, 1990s, and 2000s.

Libraries 113
article thumbnail

A zero-day exploit for Log4j Java library could have a tsunami impact on IT giants

Security Affairs

Experts publicly disclose Proof-of-concept exploits for a critical zero-day vulnerability in the Apache Log4j Java-based logging library. Open-source projects like ElasticSearch, Elastic Logstash, Redis, and the NSA’s Ghidra also use the library.

Libraries 106
article thumbnail

Remote code execution bug discovered in the popular JsonWebToken library

Security Affairs

The open-source jsonwebtoken (JWT) library is affected by a high-severity security flaw that could lead to remote code execution. The package is maintained by Auth0, it had over 9 million weekly downloads as of January 2022 and it is used by more than 22.000 projects.

article thumbnail

£135,000 funding for Anti-racist library collections in Wales

CILIP

£135,000 funding for Anti-racist library collections in Wales. The investment will fund a new project – Anti-racist Library Collections: a training plan for public libraries in Wales with the purpose of raising the profile of libraries. Public libraries

article thumbnail

10 Rules for Managing Apache Kafka

Kafka is a powerful piece of software that can solve a lot of problems. Like most libraries and frameworks, you get out of it what you put into it. Learn ten rules that will help you perfect your Kafka system to get ahead.

article thumbnail

Insider Attack on the Carnegie Library

Schneier on Security

Greg Priore, the person in charge of the rare book room at the Carnegie Library, stole from it for almost two decades before getting caught. It's a perennial problem: trusted insiders have to be trusted.

Libraries 109
article thumbnail

Digital Leadership for Libraries empowering England’s public library workforce

CILIP

Digital Leadership for Libraries empowering England’s public library workforce. CILIP has launched Digital Leadership for Libraries , five open-access, online learning modules created for public library workers, volunteers and apprentices.

article thumbnail

Take action with your library this Libraries Week

CILIP

Take action with your library this Libraries Week. This Libraries Week (4-10 October 2021) libraries across the UK showcase their vital role in supporting active and engaged communities as we celebrate the transformative impact libraries can have on people?s

article thumbnail

Experts monitor ongoing attacks using exploits for Log4j library flaws

Security Affairs

Researchers from DrWeb monitored attacks leveraging exploits for vulnerabilities in the Apache Log4j library. Dr. Web set up one of its honeypots to analyze the impact of the Log4J vulnerabilities on systems exposed online and discovered an intense activity between December 17th-20th.

article thumbnail

How Libraries Can Support Those with Dementia

CILIP

How Libraries Can Support Those with Dementia Libraries are often considered the heart of the community, but not everyone understands just how much they have to offer. When it comes to dementia services, libraries have enormous potential to support people with dementia and their carers.

article thumbnail

The Cyentia Library Relaunches

Adam Shostack

I’m excited to see that they’re Re-introducing the Cyentia Research Library , with cool (new?) The Cyentia Library lets us see what people are doing in terms of research and data. I am grateful for their work, and how it shines a light on where we are.

article thumbnail

Library and Archives Canada (LAC) Opens its New Preservation Storage Facility

IG Guru

Check out the link here. Archives IG News Canada Government

article thumbnail

Malware attack took down 600 computers at Volusia County Public Library

Security Affairs

System supporting libraries in Volusia County were hit by a cyber attack, the incident took down 600 computers at Volusia County Public Library (VCPL) branches. ” As a result of the incident, the computers at the library were not able to surf the web.

article thumbnail

Text4Shell, a remote code execution bug in Apache Commons Text library

Security Affairs

Researcher discovered a remote code execution vulnerability in the open-source Apache Commons Text library. GitHub’s threat analyst Alvaro Munoz discovered a remote code execution vulnerability, tracked as CVE-2022-42889, in the open-source Apache Commons Text library.

article thumbnail

Drupal fixed a new flaw related PEAR Archive_Tar library

Security Affairs

Drupal development team released security updates to address a vulnerability that resides in the PEAR Archive_Tar third-party library. The Drupal development team has released security updates to address the CVE-2020-36193 vulnerability in the PEAR Archive_Tar third-party library.

Libraries 108
article thumbnail

Popular open-source PJSIP library is affected by critical flaws

Security Affairs

Researchers from JFrog’s Security Research team discovered five vulnerabilities in the PJSIP open-source multimedia communication library. PJSIP is a communication library written in C language implementing standard-based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE.

article thumbnail

Mobile Libraries: Culture on the Go

Unwritten Record

National Bookmobile Day is April 22, part of National Library Week (April 19-25). . A library is a place that stores information, a place where people from all walks of life have the opportunity to obtain textual and audiovisual material for education, entertainment, and enlightenment.

article thumbnail

A DNS flaw impacts a library used by millions of IoT devices

Security Affairs

A vulnerability in the domain name system (DNS) component of the uClibc library impacts millions of IoT products. The uClibc library is used by major vendors, including Linksys, Netgear, and Axis, or Linux distributions such as Embedded Gentoo.

IoT 95
article thumbnail

Artefacto announced to develop ?Digital Leadership for Libraries? eLearning modules

CILIP

Digital Leadership for Libraries? Digital Leadership in Libraries? programme for the Public Library workforce. These discussions recognised the need for library staff and leadership to consolidate the ?digital Digital Leadership for Libraries? Public libraries

article thumbnail

Preserving Our Libraries’ Digital Collections is Simple, Powerful, and Affordable

Preservica

Academic libraries are in the midst of rapid, widespread changes as it shifts into the digital age. Our libraries have been a steady flame for patrons to depend on, not just throughout the pandemic, but throughout history. But, don't just take our word for it.

article thumbnail

African libraries provide perspectives on digital literacy for sustainable development

CILIP

African libraries provide perspectives on digital literacy for sustainable development. The African library sector has been a key advocate for digital literacy across the continent, and a new book published today delves into what has been achieved and what more needs to be done.

article thumbnail

It's High Time for a Security Scoring System for Applications and Open Source Libraries

Dark Reading

A benchmarking system would help buyers choose more secure software products and, more importantly, light a fire underneath software producers to make products secure

Libraries 107
article thumbnail

Experts disclosed a 22-year-old bug in popular SQLite Database library

Security Affairs

A high-severity vulnerability, tracked as CVE-2022-35737, has been disclosed in the SQLite database library. special character to enable unicode character scanning, then it is possible to achieve arbitrary code execution in the worst case, or to cause a DoS condition.

article thumbnail

Unpatched Python Library Affects More Than 300,000 Open Source Projects

eSecurity Planet

Trellix security researchers have revealed a major vulnerability in the Python tarfile library that could be exploited in software supply chain attacks. Because the code trusts its inputs too much and joins paths that are passed to the extract functions, it can be abused.

article thumbnail

Mozilla fixes critical flaw in Network Security Services (NSS) cryptography library

Security Affairs

Mozilla fixed a critical memory corruption issue affecting its cross-platform Network Security Services (NSS) set of cryptography libraries. The flaw ties the way the libraries handle DER-encoded DSA or RSA-PSS signatures in email clients and PDF viewers using vulnerable NSS versions.

Libraries 101
article thumbnail

Libraries call to strengthen link between local authorities and library services on green policy

CILIP

Libraries call to strengthen link between local authorities and library services on green policy. It is guided by a vision to build a better future for planet and people, empowered and supported by librarians and library workers.

article thumbnail

Arts Council England and partners launch Green Libraries programme

CILIP

Arts Council England and partners launch Green Libraries programme. 163,000 to CILIP, the Chartered Institute of Library and Information Professionals, to launch the Green Libraries programme, which aims to help libraries address their environmental impact.

article thumbnail

Libraries, inflation and the cost-of-living crisis

CILIP

Libraries, inflation and the cost-of-living crisis. As economists predict a period of high inflation and a cost-of-living crisis, Paul Howarth, Head of Content & Resource Development at Suffolk Libraries, discusses some the problems and solutions for public library services.

article thumbnail

Martin Lewis sparks a warm welcome in UK libraries this winter

CILIP

Martin Lewis sparks a warm welcome in UK libraries this winter. CILIP, the library and information association has today (11 October 2022) published a set of guidelines: ‘A Warm Welcome. in libraries, public buildings, etc.)' I wasn’t the only one thinking it.

article thumbnail

Opensource from hell: malicious JavaScript distributed via opensource libraries, again

Pwnie Express

Opensource from hell: malicious JavaScript distributed via opensource libraries, again. It’s open source, anyone can audit it, but is it safe? 17.Mar.2022. Florian Barre. Thu, 03/17/2022 - 08:01. Martin Jartelius, CSO, Outpost24. Ghost Labs. Teaser.

article thumbnail

Google discloses a severe flaw in widely used Libgcrypt encryption library

Security Affairs

Google discovered a flaw in GNU Privacy Guard (GnuPG)’s Libgcrypt encryption library that could be exploited to get remote code execution. It’s also the crypto library used by systemd for DNSSEC. It seems that Fedora 34 and Gentoo are already using 1.9.0”

article thumbnail

Next generation public library LMS

CILIP

Next generation public library LMS. The technology and people underpinning the Library Consortium?s The Library Consortium (until recently the London Library Consortium) has existed since 2002. s library management system was hosted by Axiell. It allows us to use ?best

article thumbnail

jQuery JavaScript library flaw opens the doors for attacks on hundreds of millions of websites

Security Affairs

The popular jQuery JavaScript library is affected by a rare prototype pollution vulnerability that could allow attackers to modify a JavaScript object’s prototype. The impact of the issue could be severe considering that the jQuery JavaScript library is currently used on 74 percent of websites online, most sites still use the 1.x versions of the library that are affected by the ‘Prototype Pollution’ vulnerability. SecurityAffairs – hacking, jQuery JavaScript library ).

article thumbnail

Public Library Staff: Making a Difference

CILIP

Public Library Staff: Making a Difference. Public library staff are an integral part of library services and arguably its most vital asset. Our new research Making a Difference: Libraries, Lockdown and Looking Ahead has made this, among other things, abundantly clear.