Google Researcher Details Windows Cryptographic Library Bug

Data Breach Today

jQuery JavaScript library flaw opens the doors for attacks on hundreds of millions of websites

Security Affairs

The popular jQuery JavaScript library is affected by a rare prototype pollution vulnerability that could allow attackers to modify a JavaScript object’s prototype. versions of the library that are affected by the ‘Prototype Pollution’ vulnerability.

Why presidential libraries are controversial

IG Guru

The post Why presidential libraries are controversial appeared first on IG GURU. Barack Obama’s is dividing opinions, as others have before. Archives Business Record Retention Records Management Risk News

Backdoor mechanism found in Ruby strong_password library

Security Affairs

The developer Tute Costa found a backdoor in the Ruby library during regular security audits before deploying his code in the production environment. The developer Tute Costa found a backdoor in the Ruby library during regular security audits.

Prototype Pollution flaw discovered in all versions of Lodash Library

Security Affairs

Lodash is a JavaScript library which provides utility functions for common programming tasks using the functional programming paradigm. The flaw could be exploited by hackers to compromise the security of affected services using the library. “The popular npm library is used by 4.35

Magecart Returns with Advertising Library Tactic

Threatpost

Malware Web Security adverline Advertising Card skimming group 12 Library magecart third party javascriptThe threat group also has a new subsidiary, Magecart Group 12.

New guide to improving library services using key library assessment methodologies

CILIP

New book on improving library services with assessment data. Facet Publishing announces the publication of Putting Library Assessment Data to Work by Selena Killick and Frankie Wilson. Effective library assessment is crucial for a successful academic library.

Closure JavaScript Library introduced XSS issue in Google Search and potentially other services

Security Affairs

A change made months ago in an open-source JavaScript library introduced a cross-site scripting (XSS) vulnerability in Google Search. The library is named Closure and according to the expert it fails to properly sanitize user input.

How to run a library campaign

CILIP

How to run a library campaign: a work in progress. SAVE Our Libraries Essex. Digital doesn't mean technology. Union. CILIP. CILIP. Contributor: Information Professional. Published: 20 May 2019. More from Information Professional. In depth. Interview. Insight.

The digital transformation of Senate House Library

CILIP

The digital transformation of Senate House Library. The second episode sees further coverage of Kevin Widdop's interview with Senate House Library?s Digital transformation at Senate House Library. And a lot of libraries use a website to bring people onsite and that there?s

Designing Libraries: An academic question

CILIP

Designing Libraries: An academic question. Earlier this year I attended the biennial Liber Architecture Group (Lag) seminar, held in the Zaha Hadid-designed library and learning centre building on the impressive campus of the Vienna University of Economics and Business (known locally as WU).

Google expert disclosed details of an unpatched flaw in SymCrypt library

Security Affairs

Tavis Ormandy, a white hat hacker Google Project Zero announced to have found a zero-day flaw in the SymCrypt cryptographic library of Microsoft’s operating system. The post Google expert disclosed details of an unpatched flaw in SymCrypt library appeared first on Security Affairs.

Multiple Vulnerabilities in LibXL Library Open Door to RCE Attacks

Threatpost

Hackers using a specially crafted XLS files can trigger several remote code execution vulnerabilities in the LibXL library. Hacks Vulnerabilities Buffer Overflow Common Vulnerability Scoring System Excel files Integer Overflow LibXL LibXL Library Microsoft Excel File Format stack-based buffer overflow XLS

Advancing Art Libraries and Curated Web Archives: Notes from a National Forum

Archive-It

Art and museum libraries are on the move! Fifty librarians, archivists, and technologists from around the country assembled at the San Francisco Museum of Modern Art (SFMOMA) for Advancing Art Libraries and Curated Web Archives , a two-day national forum sponsored by the U.S.

With goodwill and a good plan, libraries can deliver

CILIP

With good will and a good plan, libraries can deliver. With good will and a good plan, libraries can deliver. Libraries?Deliver Library and Information Professional spoke to him at this year?s The folks who use and need library services, there is an appreciation there.

UX in Libraries: Cognitive maps

CILIP

UX in Libraries: Cognitive maps. andypriestner ) is a freelance UX trainer and consultant and Chair of the UX in Libraries conference andypriestnertraining.com uxlib.org. Andy Priestner ( info@andypriestnertraining.com.

Open research needs library support

CILIP

Open research needs library support. Open research needs library support. The document, which is available in a variety of formats, includes the opportunity for library and information professionals to contribute directly through GitHub.

Success of AI in academic libraries depends on underlying data

CILIP

Success of AI in academic libraries depends on good underlying data. nder, scientific information specialist: Success of AI in academic libraries depends on good underlying data. Why do we hear so little in this respect from libraries on this side of the Atlantic?

A sustainable model for library advocacy

CILIP

A sustainable model for library advocacy. A sustainable model for library advocacy. s methodology for building public support for libraries in the US, and to share insights from our advocacy work. It was wonderful to meet so many people who are doing amazing work supporting and advocating for libraries across the UK. t have a culture of working on local library campaigns, don?t t an issue that is limited to libraries in the UK.

Apache Struts users have to update FileUpload library to fix years-old flaws

Security Affairs

Apache Struts Users have to update the Commons FileUpload library in Struts 2 that is affected by two vulnerabilities. Apache Struts developers have addressed two vulnerabilities in the Commons FileUpload library in Struts 2, the flaws can be exploited for remote code execution and denial-of-service (DoS) attacks. of the library, while users have to manually update applications using Struts 2.3.36 Commons FileUpload library Version 1.3.3

Deliver creative and exciting public engagement activities with Engaging Libraries

CILIP

Deliver creative and exciting public engagement activities with Engaging Libraries. Public libraries are a safe, trusted space, where people can come together to think, create, learn and encounter new ideas. We see public libraries as a great place for people to engage with new ideas ?

Rakuten OverDrive in partnership with CILIP to support Libraries Week 2019

CILIP

Rakuten OverDrive in partnership with CILIP to support Libraries Week 2019. CILIP is proud to announce that Rakuten OverDrive, the leading digital reading platform for libraries and schools worldwide, is supporting Libraries Week 2019 as a sponsor. About Libraries Week.

eBook 52

CILIP and EveryLibrary Institute announce new partnership for libraries

CILIP

CILIP and EveryLibrary Institute announce new partnership for libraries. The new partnership will harness the skills and networks of both organisations to transform the ability of public libraries to engage and demonstrate public support.

Winner of Excellence in Prison Libraries Award 2019

CILIP

The CILIP prison Libraries Group is delighted to announce that the winner of the 2019 Excellence in Prison Libraries Award is HMP/YOI Chelmsford for their ?Family Family Library Time? TITLE.

The JavaScript Supply Chain Paradox: SRI, CSP and Trust in Third Party Libraries

Troy Hunt

All of which means this: Versioned external libraries can easily be protected with SRI because the contents of that specific version will never change. They might change the API endpoints the library calls. is a perfect example as it relates to client-side libraries.

Upcoming webinar: Advancing Art Libraries and Curated Web Archives

Archive-It

We invite you to join a webinar on the outcomes of Advancing Art Libraries and Curated Web Archives , the national forum led by partners at the Internet Archive and New York Art Resources Consortium (NYARC) and funded by the Institute of Museum and Library Services (IMLS). The project team engaged art and museum libraries to identify key opportunities and challenges to collecting web-based resources for art scholarship. Announcements Museums and Art Libraries

Critical Bug Impacts Live555 Media Streaming Libraries

Threatpost

A critical streaming bug impacts Live Networks LIVE555 RTSPServer, but not the popular VLC and MPLayer client-side software. Hacks Vulnerabilities CVE-2018-4013 LIVE555 MPLayer RCE Bug Real Time Streaming Protocol RTSP VLC media player

LibrariesDeliver Campaign Launches to Activate the Public about Libraries and Librarians

CILIP

LibrariesDeliver Campaign Launches to Activate the Public about Libraries and Librarians. LibrariesDeliver is dedicated to addressing real challenges to library funding by organizing and focusing support from people across England and the UK. ?We s library and information association.

The "Extended Random" Feature in the BSAFE Crypto Library

Schneier on Security

Matthew Green wrote a fascinating blog post about the NSA's efforts to increase the amount of random data exposed in the TLS protocol, and how it interacts with the NSA's backdoor into the DUAL_EC_PRNG random number generator to weaken TLS. backdoors cryptanalysis cryptography nsa randomnumbers tls

SFMOMA to host National Forum on Advancing Art Libraries and Curated Web Archives

Archive-It

Today we are pleased to announce that the National Forum, Advancing Art Libraries and Curated Web Archives ,will be held at the San Francisco Museum of Modern Art (SFMOMA) on February 11-12, 2019. Announcements Conferences Museums and Art Libraries

Over 1,000 City Planning Library reports now available!

Archives Blogs

The Archives is very pleased to announce that the Planning Department’s former reference library material is now available to researchers in the Archives’ Reading Room.

Digital Transformations for UK public libraries: five approaches to a ?Single Digital Presence?

CILIP

Digital Transformations for UK public libraries: five approaches to a ?Single CILIP welcomes the publication of Digital Transformation for UK Public Libraries: Five approaches to a ?Single We welcome the British Library?s celebrating libraries in a digital world?

Facebook Launches Fizz Library for Dev Speed, Security

Dark Reading

New open source TLS library aims to help developers incorporate speed and security into apps and services

Making Access Happen through the Digital Public Library of America

Archives Blogs

It is clear that collaboration is the path to the future, and nowhere is this more apparent than through the efforts of the Digital Public Library of America (DPLA) to connect people to our nation’s shared history.

ICRM Partners with LIU Post Palmer School of Library and Information Science

IG Guru

The post ICRM Partners with LIU Post Palmer School of Library and Information Science appeared first on IG Guru.

UX in Libraries: Behaviour Mapping - decisions and desires

CILIP

UX in Libraries: Behaviour Mapping - decisions and desires. While the routes we take may not command much of our attention, in service industries such as libraries, it is worth inspecting choices of route more closely. Why do we choose one route over another?

Parliamentary library was pressured on My Health Record advice, emails reveal

The Guardian Data Protection

The health department complained that the library’s advice contradicted Greg Hunt’s assurances on police access Pressure from the health department prompted the parliamentary library to remove then amend advice issued in June that contradicted the health minister Greg Hunt’s assurances about police access to My Health Records, new correspondence reveals.

Community Webs to bring web archiving to public libraries

Archive-It

The Internet Archive is accepting applications from public librarians to participate in a program of continuing education, training, and services to enable public libraries to build collections of historically-valuable, web published materials documenting their local communities.

[InfoToday.eu] Archiving and Preserving Tweets Using a Library Management System

Hanzo Learning Center

The Welsh Government's Information and Archive Service carried out a mini-pilot project to explore making tweets available via its Library Management System. Compliance News

Parliamentary library deletes post confirming police can access My Health Record

The Guardian Data Protection

Page removed after complaint from health department about ‘potential inaccuracies’ A complaint from the federal health department has prompted the parliamentary library to pull its advice that patients’ My Health Record could be accessed by police without a court order.