Google Researcher Details Windows Cryptographic Library Bug

Data Breach Today

Back-to-School Scams Target Students with Library-Themed Emails

Threatpost

Web Security back to school credential harvesting education cyberattack fake login pages library portals malware MediaGet torrent application downloader Phishing scam Scams student students university portals Win32.Agent.ifdx malware downloader WinLNK.Agent.gen downloader

jQuery JavaScript library flaw opens the doors for attacks on hundreds of millions of websites

Security Affairs

The popular jQuery JavaScript library is affected by a rare prototype pollution vulnerability that could allow attackers to modify a JavaScript object’s prototype. versions of the library that are affected by the ‘Prototype Pollution’ vulnerability.

The Big Issue and Library Champion Bobby Seagull bring the case for library funding to Parliament

CILIP

The Big Issue and Library Champion Bobby Seagull bring the case for library funding to Parliament. 250m investment in the Culture Investment Fund, of which 50% is to be allocated to library and museum sector development. Chair of the Libraries APPG Gill Furniss commented, ?Libraries

Shh! No Hacking the Census in the Library

WIRED Threat Level

Opinion: Millions of folks filling out the 2020 Census on public library computers also are putting themselves at risk. Security Opinion Security / Cyberattacks and Hacks

A backdoor mechanism found in tens of Ruby libraries

Security Affairs

Maintainers of the RubyGems package repository have removed 18 malicious versions of 11 Ruby libraries that contained a backdoor. Maintainers of the RubyGems package repository have discovered a backdoor mechanism in 18 malicious versions of 11 Ruby libraries.

Magecart Returns with Advertising Library Tactic

Threatpost

Malware Web Security adverline Advertising Card skimming group 12 Library magecart third party javascriptThe threat group also has a new subsidiary, Magecart Group 12.

Designing Libraries: Making space for makerspaces

CILIP

Recently I heard a librarian say that introducing makerspaces into libraries was one of the riskiest undertakings the service had ever embarked upon. I found this a little odd, since we are all in the information business and a lot of library time is taken up with answering ?how

Celebrating the Library of the Future for Libraries Week

CILIP

s children build their Library of the Future for Libraries Week. Children, young people and LEGO enthusiasts from age 2 to 85 have been hard at work as part of Libraries Week ? s much-loved libraries. to distribute books to library users. Inspire Library?: ?Inspire

Backdoor mechanism found in Ruby strong_password library

Security Affairs

The developer Tute Costa found a backdoor in the Ruby library during regular security audits before deploying his code in the production environment. The developer Tute Costa found a backdoor in the Ruby library during regular security audits.

Prototype Pollution flaw discovered in all versions of Lodash Library

Security Affairs

Lodash is a JavaScript library which provides utility functions for common programming tasks using the functional programming paradigm. The flaw could be exploited by hackers to compromise the security of affected services using the library. “The popular npm library is used by 4.35

Libraries Week 2019 celebrates libraries in a digital world

CILIP

Libraries Week 2019 celebrates libraries in a digital world. Annual Libraries Week celebrations (7-12 October 2019) will showcase how libraries have transformed their digital offer, featuring events and activities in more than 1,000 libraries across the UK.

Why presidential libraries are controversial

IG Guru

The post Why presidential libraries are controversial appeared first on IG GURU. Barack Obama’s is dividing opinions, as others have before. Archives Business Record Retention Records Management Risk News

Library-Themed University Phishing Attack Expands to Massive Scale

Threatpost

Cobalt Dickens (a.k.a. Silent Librarian) is now actively targeting 380 universities, bent on stealing credentials and moving deeper into school networks. Breach Web Security cobalt dickens CTU expansion phishing campaign Proofpoint silent librarian student credentials universities

The Library of Everything

CILIP

Emerging Technologies: The Library of Everything. Library of Babel ([link] in real life ? a (practically) infinite library. ? CILIP non member newsletter. Close. With limited space on shelves and hard drives alike, librarians can spend significant amounts of time ?weeding?

Closure JavaScript Library introduced XSS issue in Google Search and potentially other services

Security Affairs

A change made months ago in an open-source JavaScript library introduced a cross-site scripting (XSS) vulnerability in Google Search. The library is named Closure and according to the expert it fails to properly sanitize user input.

Truman Library Ground-breaking Ceremony

Archives Blogs

Truman Presidential Library in Independence, MO, is undergoing a year-long renovation that will result in a new Truman permanent exhibition, new amenities for visitors, and enhanced educational and community programming. Truman Library’s renovation. The Harry S.

Google expert disclosed details of an unpatched flaw in SymCrypt library

Security Affairs

Tavis Ormandy, a white hat hacker Google Project Zero announced to have found a zero-day flaw in the SymCrypt cryptographic library of Microsoft’s operating system. The post Google expert disclosed details of an unpatched flaw in SymCrypt library appeared first on Security Affairs.

Analyzing Matio and stb_vorbis Libraries with Mayhem

ForAllSecure

At ForAllSecure, our mission is to help developers find critical bugs in their software quicker, easier, and faster than standard development practices and tools.

Prison library: Bringing children and dads together

CILIP

Prison library: Bringing children and dads together. THE world of the prison library is, by its very nature, hidden from the view of most people. The library is situated fairly near the main gate in one of the Victorian wings, but it looks very much like any small branch library ?

Multiple Vulnerabilities in LibXL Library Open Door to RCE Attacks

Threatpost

Hackers using a specially crafted XLS files can trigger several remote code execution vulnerabilities in the LibXL library. Hacks Vulnerabilities Buffer Overflow Common Vulnerability Scoring System Excel files Integer Overflow LibXL LibXL Library Microsoft Excel File Format stack-based buffer overflow XLS

New guide to improving library services using key library assessment methodologies

CILIP

New book on improving library services with assessment data. Facet Publishing announces the publication of Putting Library Assessment Data to Work by Selena Killick and Frankie Wilson. Effective library assessment is crucial for a successful academic library.

An Island Library and Archives explored

CILIP

An Island Library and Archives explored. An Island Library and Archives explored. It first opened its doors in November 1922, including an active library from the outset, managed by the first librarian William Cubbon. or free to search from the library reading room.

Designing Libraries: An academic question

CILIP

Designing Libraries: An academic question. Earlier this year I attended the biennial Liber Architecture Group (Lag) seminar, held in the Zaha Hadid-designed library and learning centre building on the impressive campus of the Vienna University of Economics and Business (known locally as WU).

How to run a library campaign

CILIP

How to run a library campaign: a work in progress. SAVE Our Libraries Essex. Digital doesn't mean technology. Union. CILIP. CILIP. Contributor: Information Professional. Published: 20 May 2019. More from Information Professional. In depth. Interview. Insight.

UX in Libraries: Cognitive maps

CILIP

UX in Libraries: Cognitive maps. andypriestner ) is a freelance UX trainer and consultant and Chair of the UX in Libraries conference andypriestnertraining.com uxlib.org. Andy Priestner ( info@andypriestnertraining.com.

The digital transformation of Senate House Library

CILIP

The digital transformation of Senate House Library. The second episode sees further coverage of Kevin Widdop's interview with Senate House Library?s Digital transformation at Senate House Library. And a lot of libraries use a website to bring people onsite and that there?s

Advancing Art Libraries and Curated Web Archives: Notes from a National Forum

Archive-It

Art and museum libraries are on the move! Fifty librarians, archivists, and technologists from around the country assembled at the San Francisco Museum of Modern Art (SFMOMA) for Advancing Art Libraries and Curated Web Archives , a two-day national forum sponsored by the U.S.

Critical Bug Impacts Live555 Media Streaming Libraries

Threatpost

A critical streaming bug impacts Live Networks LIVE555 RTSPServer, but not the popular VLC and MPLayer client-side software. Hacks Vulnerabilities CVE-2018-4013 LIVE555 MPLayer RCE Bug Real Time Streaming Protocol RTSP VLC media player

Open research needs library support

CILIP

Open research needs library support. Open research needs library support. The document, which is available in a variety of formats, includes the opportunity for library and information professionals to contribute directly through GitHub.

Apache Struts users have to update FileUpload library to fix years-old flaws

Security Affairs

Apache Struts Users have to update the Commons FileUpload library in Struts 2 that is affected by two vulnerabilities. Apache Struts developers have addressed two vulnerabilities in the Commons FileUpload library in Struts 2, the flaws can be exploited for remote code execution and denial-of-service (DoS) attacks. of the library, while users have to manually update applications using Struts 2.3.36 Commons FileUpload library Version 1.3.3

Success of AI in academic libraries depends on underlying data

CILIP

Success of AI in academic libraries depends on good underlying data. nder, scientific information specialist: Success of AI in academic libraries depends on good underlying data. Why do we hear so little in this respect from libraries on this side of the Atlantic?

With goodwill and a good plan, libraries can deliver

CILIP

With good will and a good plan, libraries can deliver. With good will and a good plan, libraries can deliver. Libraries?Deliver Library and Information Professional spoke to him at this year?s The folks who use and need library services, there is an appreciation there.

The JavaScript Supply Chain Paradox: SRI, CSP and Trust in Third Party Libraries

Troy Hunt

All of which means this: Versioned external libraries can easily be protected with SRI because the contents of that specific version will never change. They might change the API endpoints the library calls. is a perfect example as it relates to client-side libraries.

A sustainable model for library advocacy

CILIP

A sustainable model for library advocacy. A sustainable model for library advocacy. s methodology for building public support for libraries in the US, and to share insights from our advocacy work. It was wonderful to meet so many people who are doing amazing work supporting and advocating for libraries across the UK. t have a culture of working on local library campaigns, don?t t an issue that is limited to libraries in the UK.

Deliver creative and exciting public engagement activities with Engaging Libraries

CILIP

Deliver creative and exciting public engagement activities with Engaging Libraries. Public libraries are a safe, trusted space, where people can come together to think, create, learn and encounter new ideas. We see public libraries as a great place for people to engage with new ideas ?

CILIP and EveryLibrary Institute announce new partnership for libraries

CILIP

CILIP and EveryLibrary Institute announce new partnership for libraries. The new partnership will harness the skills and networks of both organisations to transform the ability of public libraries to engage and demonstrate public support.