Boston Public Library discloses cyberattack

Security Affairs

The Boston Public Library was victim of a cyberattack that crippled its computer network, the library revealed in a statement Friday. The Boston Public Library announced on Friday that it was hit by a cyberattack that compromised its computer network.

A zero-day exploit for Log4j Java library could have a tsunami impact on IT giants

Security Affairs

Experts publicly disclose Proof-of-concept exploits for a critical zero-day vulnerability in the Apache Log4j Java-based logging library. Open-source projects like ElasticSearch, Elastic Logstash, Redis, and the NSA’s Ghidra also use the library.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Experts monitor ongoing attacks using exploits for Log4j library flaws

Security Affairs

Researchers from DrWeb monitored attacks leveraging exploits for vulnerabilities in the Apache Log4j library. Dr. Web set up one of its honeypots to analyze the impact of the Log4J vulnerabilities on systems exposed online and discovered an intense activity between December 17th-20th.

Bugs in open-source libraries impact 70% of modern software

Security Affairs

70 percent of mobile and desktop applications that today we use are affected at least by one security flaw that is present in open-source libraries. Experts pointed out that every library could be affected by one o more issues which will be inherited from all the applications that use them.

10 Rules for Managing Apache Kafka

Kafka is a powerful piece of software that can solve a lot of problems. Like most libraries and frameworks, you get out of it what you put into it. Learn ten rules that will help you perfect your Kafka system to get ahead.

I Am Parting With My Crypto Library

Schneier on Security

The time has come for me to find a new home for my (paper) cryptography library. It’s about 150 linear feet of books, conference proceedings, journals, and monographs — mostly from the 1980s, 1990s, and 2000s.

Malicious npm library removed from the repository due to backdoor capabilities

Security Affairs

The npm security team has removed a malicious JavaScript library named “ twilio-npm ” from its repository because contained malicious code. The tainted JavaScript library was spotted by the researcher Ax Sharma from security firm Sonatype.

Mozilla fixes critical flaw in Network Security Services (NSS) cryptography library

Security Affairs

Mozilla fixed a critical memory corruption issue affecting its cross-platform Network Security Services (NSS) set of cryptography libraries. The flaw ties the way the libraries handle DER-encoded DSA or RSA-PSS signatures in email clients and PDF viewers using vulnerable NSS versions.

Insider Attack on the Carnegie Library

Schneier on Security

Greg Priore, the person in charge of the rare book room at the Carnegie Library, stole from it for almost two decades before getting caught. It's a perennial problem: trusted insiders have to be trusted.

The Cyentia Library Relaunches

Adam Shostack

I’m excited to see that they’re Re-introducing the Cyentia Research Library , with cool (new?) The Cyentia Library lets us see what people are doing in terms of research and data. I am grateful for their work, and how it shines a light on where we are.

Malware attack took down 600 computers at Volusia County Public Library

Security Affairs

System supporting libraries in Volusia County were hit by a cyber attack, the incident took down 600 computers at Volusia County Public Library (VCPL) branches. ” As a result of the incident, the computers at the library were not able to surf the web.

Drupal fixed a new flaw related PEAR Archive_Tar library

Security Affairs

Drupal development team released security updates to address a vulnerability that resides in the PEAR Archive_Tar third-party library. The Drupal development team has released security updates to address the CVE-2020-36193 vulnerability in the PEAR Archive_Tar third-party library.

npm libraries coa and rc. have been hijacked to deliver password-stealing malware

Security Affairs

Two popular npm libraries, coa and rc. The security team of the npm JavaScript package warns that two popular npm libraries, coa and rc. Two npm libraries that have a total of 23 million weekly downloads, a data that is worrisome. The post npm libraries coa and rc.

Mobile Libraries: Culture on the Go

Unwritten Record

National Bookmobile Day is April 22, part of National Library Week (April 19-25). . A library is a place that stores information, a place where people from all walks of life have the opportunity to obtain textual and audiovisual material for education, entertainment, and enlightenment.

Google discloses a severe flaw in widely used Libgcrypt encryption library

Security Affairs

Google discovered a flaw in GNU Privacy Guard (GnuPG)’s Libgcrypt encryption library that could be exploited to get remote code execution. It’s also the crypto library used by systemd for DNSSEC. It seems that Fedora 34 and Gentoo are already using 1.9.0”

Independent Review of Public Library Financing Panel announcement

CILIP

Independent Review of Public Library Financing Panel announcement. CILIP is delighted to announce the expert members of the recently established Independent Review of Public Library Financing Panel. In recent years, libraries have found their creative identity ? Public librarie

jQuery JavaScript library flaw opens the doors for attacks on hundreds of millions of websites

Security Affairs

The popular jQuery JavaScript library is affected by a rare prototype pollution vulnerability that could allow attackers to modify a JavaScript object’s prototype. The impact of the issue could be severe considering that the jQuery JavaScript library is currently used on 74 percent of websites online, most sites still use the 1.x versions of the library that are affected by the ‘Prototype Pollution’ vulnerability. SecurityAffairs – hacking, jQuery JavaScript library ).

Public Library Staff: Making a Difference

CILIP

Public Library Staff: Making a Difference. Public library staff are an integral part of library services and arguably its most vital asset. Our new research Making a Difference: Libraries, Lockdown and Looking Ahead has made this, among other things, abundantly clear.

One world, one library network

CILIP

One world, one library network. Working Internationally for Libraries Virtual Conference 2021: A free, virtual conference for Public Libraries in the UK and across the world. Two, look for advocacy ideas and how best to campaign to keep libraries funded and active.?

Open letter concerning proposed cuts and closures to Croydon Libraries

CILIP

Croydon Libraries: Open letter concerning proposed cuts and closures to Croydon Libraries. Dear Councillor Lewis, Open letter concerning proposed cuts and closures to Croydon Libraries. Elizabeth Ash, Save Croydon Libraries. Public libraries

International library leaders explore the purpose and future of libraries

CILIP

International library leaders explore the purpose and future of libraries. Facet Publishing announces the publication of Bold Minds: Library leadership in a time of disruption edited by Margaret Weaver and Leo Appleton. Are librarians and libraries relevant in the 21st century?

Cisco Talos discovered 2 critical flaws in the popular OpenCV library

Security Affairs

Maintainers of the OpenCV library addressed two buffer overflow flaws that could lead to arbitrary code execution. Maintainers of the OpenCV library addressed two high-severity buffer overflow vulnerabilities that could be exploited by an attacker to execute arbitrary code.

It's High Time for a Security Scoring System for Applications and Open Source Libraries

Dark Reading

A benchmarking system would help buyers choose more secure software products and, more importantly, light a fire underneath software producers to make products secure

Arup Library: 60 years

CILIP

Arup Library: 60 years. Arup Library: 60 years. It was founded in 1946 by engineer Ove Arup, who was born in Newcastle to Danish parents. Key projects include the Sydney Opera House, the Pompidou Centre and the British Library. The first library in the firm?s

Wartime Reading: The Library War Service

Unwritten Record

When America entered World War I in 1917, the American Library Association decided to take part in the war effort by establishing the Library War Service. Its purpose was to provide library services to American soldiers in training camps and overseas. Poster used in A.L.A.

Feminist leadership, libraries and Covid-19

CILIP

Feminist leadership, libraries and Covid-19. s Library which was established in 1991 and now has more than 20 paid staff ? Here she talks about how the Clore Leadership Fellowship programme helped her focus on her own professional development and assess what it means to be a leader.

Learning Journey ? Apprentice Library Assistant

CILIP

Apprentice Library Assistant. Working in a library was always a goal of mine, but I was never quite sure how to get there. The librarian felt like a role you were born into, and the path towards it seemed almost hidden. it can introduce you to a whole new world of possibilities!

The British Library?s International Library Leaders Programme

CILIP

The British Library?s s International Library Leaders Programme. Ilene McKenna is the Lead Archivist, Archival Information System Renewal at Library and Archives Canada. In November 2019, she had the opportunity to take part in British Library?s

Should libraries fine users for late return of books and other items?

CILIP

Should libraries fine users for late return of books and other items? We asked you what you thought about the use of library fines and you didn?t All fines do is scare people, especially those on low-incomes from accessing the library. Public libraries

What are libraries worth?

CILIP

What are libraries worth? What are libraries worth? WHETHER it?s Suffolk Libraries has recently commissioned and published research to do just that: convert the social value of three of its core services into pounds and pence. 1 spent on three of Suffolk Libraries?

Six-Library Vulnerability in NGA

ForAllSecure

Although we may not think about it all the time, satellites are a part of our daily lives. The US government has published a software library called six-library designed to parse and manipulate satellite imagery and data for both internal and public use.

Two malicious Python libraries were stealing SSH and GPG keys

Security Affairs

The Python security team removed two trojanized Python libraries from PyPI (Python Package Index) that were stealing SSH and GPG keys from the projects of infected developers. The expert discovered the two libraries on December 1, by the German software developer Lukas Martini.

Shift happens: the future office/library in a connected world

CILIP

Shift happens: the future office/library in a connected world. This seems a long way away from February when the Financial Times ran a piece in its New Workplace series that noted, inter alia, that many organisations were reviewing their working practices. But it?s It wasn?t

Six-Library Vulnerability in NGA

ForAllSecure

Although we may not think about it all the time, satellites are a part of our daily lives. The US government has published a software library called six-library designed to parse and manipulate satellite imagery and data for both internal and public use.

COVID-19 Guidance for School Libraries

CILIP

COVID-19 Guidance for School Libraries. This Guidance has been developed by a Working Party convened jointly by CILIP, the CILIP School Libraries Group (CILIP SLG) and the School Library Association (SLA). It will be updated periodically when new information becomes available.

A backdoor mechanism found in tens of Ruby libraries

Security Affairs

Maintainers of the RubyGems package repository have removed 18 malicious versions of 11 Ruby libraries that contained a backdoor. Maintainers of the RubyGems package repository have discovered a backdoor mechanism in 18 malicious versions of 11 Ruby libraries. The backdoor was used by attackers to inject mining code in Ruby projects using the malicious versions of the libraries. “It seems that rest-client 1.6.13

Welsh Library Team of the Year

CILIP

Welsh Library Team of the Year. NHS Wales Library and Knowledge Service and Newtown Area Library have been recognized by CILIP Cymru Wales, the Library and Information association in Wales, for their incredible commitment and innovative services during a turbulent 2020.

Apprenticeships: supporting new talent in to libraries

CILIP

Apprenticeships: supporting new talent in to libraries. Last summer Kirklees Libraries recruited two new apprentices as part of a council-wide programme to develop and deliver apprentice opportunities. ve worked for Kirklees libraries for 35 years. If it?s

Honey, I blockchained the library

CILIP

Honey, I blockchained the library. Honey, I blockchained the library. A floor wax and a shoe polish that beats, as it sweeps, as it cleans, if you like. I suspect it is equally annoying for many information and computer scientists. ?We A new kind of library.

All You Need to Know About Python and its Libraries

Cllax

Python, with its versatility and flexibility, has become one of the most preferred languages in the web world. The post All You Need to Know About Python and its Libraries first appeared on Cllax - Top of IT.