Bugs in open-source libraries impact 70% of modern software

Security Affairs

70 percent of mobile and desktop applications that today we use are affected at least by one security flaw that is present in open-source libraries. Experts pointed out that every library could be affected by one o more issues which will be inherited from all the applications that use them.

One world, one library network

CILIP

One world, one library network. Working Internationally for Libraries Virtual Conference 2021: A free, virtual conference for Public Libraries in the UK and across the world. Two, look for advocacy ideas and how best to campaign to keep libraries funded and active.?

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Google Researcher Details Windows Cryptographic Library Bug

Data Breach Today

Flaw Could Cause Denial-of-Service Event in Windows Fleet, Researcher Claims A Google security researcher has disclosed what he calls an unpatched bug in the main cryptographic library used in newer versions of the Windows operating system that he claims could affect an entire fleet of Windows-based devices

Malware attack took down 600 computers at Volusia County Public Library

Security Affairs

System supporting libraries in Volusia County were hit by a cyber attack, the incident took down 600 computers at Volusia County Public Library (VCPL) branches. ” As a result of the incident, the computers at the library were not able to surf the web.

10 Rules for Managing Apache Kafka

Kafka is a powerful piece of software that can solve a lot of problems. Like most libraries and frameworks, you get out of it what you put into it. Learn ten rules that will help you perfect your Kafka system to get ahead.

Crowley Company Honored with Four 2021 Platinum Modern Library Awards

IG Guru

The post Crowley Company Honored with Four 2021 Platinum Modern Library Awards appeared first on IG GURU. Featured IG News Information Governance Scanning Crowley Company Honored Modern Library AwardsFrederick, Md. –

The Cyentia Library Relaunches

Adam Shostack

I’m excited to see that they’re Re-introducing the Cyentia Research Library , with cool (new?) The Cyentia Library lets us see what people are doing in terms of research and data.

Insider Attack on the Carnegie Library

Schneier on Security

Greg Priore, the person in charge of the rare book room at the Carnegie Library, stole from it for almost two decades before getting caught. It's a perennial problem: trusted insiders have to be trusted. insiders theft

Bitcoin Stealers Hide in 700+ Ruby Developer Libraries

Threatpost

Cybercriminals uploaded typosquatted malicious libraries to RubyGems, which contains open-source components that are used as basic application building blocks by software developers.

Mobile Libraries: Culture on the Go

Unwritten Record

National Bookmobile Day is April 22, part of National Library Week (April 19-25). . A library is a place that stores information, a place where people from all walks of life have the opportunity to obtain textual and audiovisual material for education, entertainment, and enlightenment.

Open letter concerning proposed cuts and closures to Croydon Libraries

CILIP

Croydon Libraries: Open letter concerning proposed cuts and closures to Croydon Libraries. Dear Councillor Lewis, Open letter concerning proposed cuts and closures to Croydon Libraries. Elizabeth Ash, Save Croydon Libraries. Public libraries

Public Library Staff: Making a Difference

CILIP

Public Library Staff: Making a Difference. Public library staff are an integral part of library services and arguably its most vital asset. Our new research Making a Difference: Libraries, Lockdown and Looking Ahead has made this, among other things, abundantly clear.

Cisco Talos discovered 2 critical flaws in the popular OpenCV library

Security Affairs

Maintainers of the OpenCV library addressed two buffer overflow flaws that could lead to arbitrary code execution. Maintainers of the OpenCV library addressed two high-severity buffer overflow vulnerabilities that could be exploited by an attacker to execute arbitrary code.

Drupal fixed a new flaw related PEAR Archive_Tar library

Security Affairs

Drupal development team released security updates to address a vulnerability that resides in the PEAR Archive_Tar third-party library. The Drupal development team has released security updates to address the CVE-2020-36193 vulnerability in the PEAR Archive_Tar third-party library.

Bolinda UK Ltd and CILIP join forces to activate Libraries Week 2021

CILIP

Bolinda UK Ltd and CILIP join forces to activate Libraries Week 2021. CILIP is pleased to announce that Bolinda UK Ltd , the creators of BorrowBox , has joined forces with CILIP as a supporter for Libraries Week 2021 alongside Nielsen Book. Libraries Week is a celebration of the nation?s

Public Libraries as part of the HM Government ?roadmap? for COVID-19 Recovery

CILIP

Public Libraries as part of the HM Government ?roadmap? CILIP welcomes the recognition of libraries as essential services and library staff as ?key s pandemic response, demonstrating the vital role public libraries have to play in our national recovery. Public libraries

Feminist leadership, libraries and Covid-19

CILIP

Feminist leadership, libraries and Covid-19. s Library which was established in 1991 and now has more than 20 paid staff ? s was Roly Keating, Chief Executive of the British Library. s Library were sown.? s Library (GWL) and having been involved in a range of women?s

jQuery JavaScript library flaw opens the doors for attacks on hundreds of millions of websites

Security Affairs

The popular jQuery JavaScript library is affected by a rare prototype pollution vulnerability that could allow attackers to modify a JavaScript object’s prototype. The impact of the issue could be severe considering that the jQuery JavaScript library is currently used on 74 percent of websites online, most sites still use the 1.x versions of the library that are affected by the ‘Prototype Pollution’ vulnerability. SecurityAffairs – hacking, jQuery JavaScript library ).

International library leaders explore the purpose and future of libraries

CILIP

International library leaders explore the purpose and future of libraries. Facet Publishing announces the publication of Bold Minds: Library leadership in a time of disruption edited by Margaret Weaver and Leo Appleton. Are librarians and libraries relevant in the 21st century?

Google discloses a severe flaw in widely used Libgcrypt encryption library

Security Affairs

Google discovered a flaw in GNU Privacy Guard (GnuPG)’s Libgcrypt encryption library that could be exploited to get remote code execution. It’s also the crypto library used by systemd for DNSSEC.

Six-Library Vulnerability in NGA

ForAllSecure

The US government has published a software library called six-library designed to parse and manipulate satellite imagery and data for both internal and public use. Imagine if all of the sudden satellites across the world stopped working.

Two malicious Python libraries were stealing SSH and GPG keys

Security Affairs

The Python security team removed two trojanized Python libraries from PyPI (Python Package Index) that were stealing SSH and GPG keys from the projects of infected developers. The expert discovered the two libraries on December 1, by the German software developer Lukas Martini.

Learning Journey ? Apprentice Library Assistant

CILIP

Apprentice Library Assistant. Working in a library was always a goal of mine, but I was never quite sure how to get there. Getting into my apprenticeship with Southmead Library was a fruitful result of a vigilant library career quest, including countless job searches and CV tweaks.

Back-to-School Scams Target Students with Library-Themed Emails

Threatpost

Web Security back to school credential harvesting education cyberattack fake login pages library portals malware MediaGet torrent application downloader Phishing scam Scams student students university portals Win32.Agent.ifdx malware downloader WinLNK.Agent.gen downloaderStudents should keep their eyes peeled for phishing emails purporting to be from their colleges, as well as online student resources laced with malware, researchers warn.

Wartime Reading: The Library War Service

Unwritten Record

When America entered World War I in 1917, the American Library Association decided to take part in the war effort by establishing the Library War Service. Its purpose was to provide library services to American soldiers in training camps and overseas. Poster used in A.L.A.

CILIP welcomes NLT research into Primary School Libraries

CILIP

CILIP welcomes NLT research into Primary School Libraries. CILIP has been pleased to work with the National Literacy Trust (NLT) on the Primary School Library Review , announced today to coincide with Cressida Cowell?s

The British Library?s International Library Leaders Programme

CILIP

The British Library?s s International Library Leaders Programme. Ilene McKenna is the Lead Archivist, Archival Information System Renewal at Library and Archives Canada. In November 2019, she had the opportunity to take part in British Library?s

Arup Library: 60 years

CILIP

Arup Library: 60 years. Arup Library: 60 years. Key projects include the Sydney Opera House, the Pompidou Centre and the British Library. The first library in the firm?s What follows is a brief overview of 60 years of the Arup Library in London. Early Arup Library.

Apprenticeships: supporting new talent in to libraries

CILIP

Apprenticeships: supporting new talent in to libraries. Last summer Kirklees Libraries recruited two new apprentices as part of a council-wide programme to develop and deliver apprentice opportunities. ve worked for Kirklees libraries for 35 years.

A backdoor mechanism found in tens of Ruby libraries

Security Affairs

Maintainers of the RubyGems package repository have removed 18 malicious versions of 11 Ruby libraries that contained a backdoor. Maintainers of the RubyGems package repository have discovered a backdoor mechanism in 18 malicious versions of 11 Ruby libraries. The backdoor was used by attackers to inject mining code in Ruby projects using the malicious versions of the libraries. The post A backdoor mechanism found in tens of Ruby libraries appeared first on Security Affairs.

Welsh Library Team of the Year

CILIP

Welsh Library Team of the Year. NHS Wales Library and Knowledge Service and Newtown Area Library have been recognized by CILIP Cymru Wales, the Library and Information association in Wales, for their incredible commitment and innovative services during a turbulent 2020.

What are libraries worth?

CILIP

What are libraries worth? What are libraries worth? Suffolk Libraries has recently commissioned and published research to do just that: convert the social value of three of its core services into pounds and pence. Bruce Leeke, chief executive of Suffolk Libraries said: ?Talking

COVID-19 Guidance for School Libraries

CILIP

COVID-19 Guidance for School Libraries. This Guidance has been developed by a Working Party convened jointly by CILIP, the CILIP School Libraries Group (CILIP SLG) and the School Library Association (SLA). all library services resumed?).

Magecart Returns with Advertising Library Tactic

Threatpost

Malware Web Security adverline Advertising Card skimming group 12 Library magecart third party javascriptThe threat group also has a new subsidiary, Magecart Group 12.

Backdoor mechanism found in Ruby strong_password library

Security Affairs

The developer Tute Costa found a backdoor in the Ruby library during regular security audits before deploying his code in the production environment. The developer Tute Costa found a backdoor in the Ruby library during regular security audits. The dangerous code was used to check the password strength of user-chosen passwords when the library was being used in a production environment. The attacker created a new version of the library (version 0.0.7

Trends in the library technology market ? a UK perspective

CILIP

Trends in the library technology market ? Ken Chad looks at the underlying issues and trends that are shaping library technology. His piece focuses on public libraries and libraries in higher education institutions. In his 2020 Library Systems anoted, ?Technology

Why presidential libraries are controversial

IG Guru

The post Why presidential libraries are controversial appeared first on IG GURU. Barack Obama’s is dividing opinions, as others have before. Archives Business Record Retention Records Management Risk News

Open letter concerning proposal changes to the National Art Library

CILIP

Open letter concerning proposal changes to the National Art Library. Dear Dr Hunt, Open letter concerning proposed changes to the National Art Library. s new facilities in Hackney will of necessity restrict access to the Library?s

The Big Issue and Library Champion Bobby Seagull bring the case for library funding to Parliament

CILIP

The Big Issue and Library Champion Bobby Seagull bring the case for library funding to Parliament. At a Parliamentary event at the House of Lords today, The Big Issue and Library Champion Bobby Seagull will join forces with CILIP, the UK library association, to make the case for long-term sustainable funding for libraries. 250m investment in the Culture Investment Fund, of which 50% is to be allocated to library and museum sector development.

Blindingly obvious! Digital literacy starts in the school Library

CILIP

Library Management ip_system_news (LMS) break free from the school library. When a school librarian or school are looking to buy or update their Library Management Systems (LMS) one of the major considerations, understandably is the cost.