jQuery JavaScript library flaw opens the doors for attacks on hundreds of millions of websites

Security Affairs

The popular jQuery JavaScript library is affected by a rare prototype pollution vulnerability that could allow attackers to modify a JavaScript object’s prototype. versions of the library that are affected by the ‘Prototype Pollution’ vulnerability.

Closure JavaScript Library introduced XSS issue in Google Search and potentially other services

Security Affairs

A change made months ago in an open-source JavaScript library introduced a cross-site scripting (XSS) vulnerability in Google Search. The library is named Closure and according to the expert it fails to properly sanitize user input.

Magecart Returns with Advertising Library Tactic


Malware Web Security adverline Advertising Card skimming group 12 Library magecart third party javascriptThe threat group also has a new subsidiary, Magecart Group 12.

Upcoming webinar: Advancing Art Libraries and Curated Web Archives


We invite you to join a webinar on the outcomes of Advancing Art Libraries and Curated Web Archives , the national forum led by partners at the Internet Archive and New York Art Resources Consortium (NYARC) and funded by the Institute of Museum and Library Services (IMLS). The project team engaged art and museum libraries to identify key opportunities and challenges to collecting web-based resources for art scholarship. Announcements Museums and Art Libraries

Designing Libraries: An academic question


Designing Libraries: An academic question. Earlier this year I attended the biennial Liber Architecture Group (Lag) seminar, held in the Zaha Hadid-designed library and learning centre building on the impressive campus of the Vienna University of Economics and Business (known locally as WU).

Advancing Art Libraries and Curated Web Archives: Notes from a National Forum


Art and museum libraries are on the move! Fifty librarians, archivists, and technologists from around the country assembled at the San Francisco Museum of Modern Art (SFMOMA) for Advancing Art Libraries and Curated Web Archives , a two-day national forum sponsored by the U.S.

Open research needs library support


Open research needs library support. Open research needs library support. The document, which is available in a variety of formats, includes the opportunity for library and information professionals to contribute directly through GitHub.

Apache Struts users have to update FileUpload library to fix years-old flaws

Security Affairs

Apache Struts Users have to update the Commons FileUpload library in Struts 2 that is affected by two vulnerabilities. Apache Struts developers have addressed two vulnerabilities in the Commons FileUpload library in Struts 2, the flaws can be exploited for remote code execution and denial-of-service (DoS) attacks. of the library, while users have to manually update applications using Struts 2.3.36 Commons FileUpload library Version 1.3.3

Multiple Vulnerabilities in LibXL Library Open Door to RCE Attacks


Hackers using a specially crafted XLS files can trigger several remote code execution vulnerabilities in the LibXL library. Hacks Vulnerabilities Buffer Overflow Common Vulnerability Scoring System Excel files Integer Overflow LibXL LibXL Library Microsoft Excel File Format stack-based buffer overflow XLS

Critical Bug Impacts Live555 Media Streaming Libraries


A critical streaming bug impacts Live Networks LIVE555 RTSPServer, but not the popular VLC and MPLayer client-side software. Hacks Vulnerabilities CVE-2018-4013 LIVE555 MPLayer RCE Bug Real Time Streaming Protocol RTSP VLC media player

[InfoToday.eu] Archiving and Preserving Tweets Using a Library Management System

Hanzo Learning Center

The Welsh Government's Information and Archive Service carried out a mini-pilot project to explore making tweets available via its Library Management System. Compliance News

SFMOMA to host National Forum on Advancing Art Libraries and Curated Web Archives


Today we are pleased to announce that the National Forum, Advancing Art Libraries and Curated Web Archives ,will be held at the San Francisco Museum of Modern Art (SFMOMA) on February 11-12, 2019. Announcements Conferences Museums and Art Libraries

Facebook Launches Fizz Library for Dev Speed, Security

Dark Reading

New open source TLS library aims to help developers incorporate speed and security into apps and services

ICRM Partners with LIU Post Palmer School of Library and Information Science

IG Guru

The post ICRM Partners with LIU Post Palmer School of Library and Information Science appeared first on IG Guru.

The "Extended Random" Feature in the BSAFE Crypto Library

Schneier on Security

Matthew Green wrote a fascinating blog post about the NSA's efforts to increase the amount of random data exposed in the TLS protocol, and how it interacts with the NSA's backdoor into the DUAL_EC_PRNG random number generator to weaken TLS. backdoors cryptanalysis cryptography nsa randomnumbers tls

UX in Libraries: Behaviour Mapping - decisions and desires


UX in Libraries: Behaviour Mapping - decisions and desires. While the routes we take may not command much of our attention, in service industries such as libraries, it is worth inspecting choices of route more closely. Why do we choose one route over another?

Community Webs to bring web archiving to public libraries


The Internet Archive is accepting applications from public librarians to participate in a program of continuing education, training, and services to enable public libraries to build collections of historically-valuable, web published materials documenting their local communities.

Parliamentary library was pressured on My Health Record advice, emails reveal

The Guardian Data Protection

The health department complained that the library’s advice contradicted Greg Hunt’s assurances on police access Pressure from the health department prompted the parliamentary library to remove then amend advice issued in June that contradicted the health minister Greg Hunt’s assurances about police access to My Health Records, new correspondence reveals.

Google Researcher Unpacks Rare Android Malware Obfuscation Library

Dark Reading

Analysis exposes the lengths malware authors will go to in order to protect their code from disassembly and reverse engineering

UX in Libraries: Affinity Mapping ? Bringing your research to life


Related content: UX in Libraries. core technique for processing the research data you gather, because as I never tire of saying: there?s s no point in gathering data if you are not going to do anything with it.

Police can access My Health Record without court order, parliamentary library warns

The Guardian Data Protection

Advice from independent researcher contradicts health minister and raises more privacy concerns The health minister, Greg Hunt, was wrong to claim that patients’ My Health Record could only be accessed by police with a court order, according to advice from the parliamentary library.

Making Access Happen through the Digital Public Library of America

Archives Blogs

It is clear that collaboration is the path to the future, and nowhere is this more apparent than through the efforts of the Digital Public Library of America (DPLA) to connect people to our nation’s shared history.

The JavaScript Supply Chain Paradox: SRI, CSP and Trust in Third Party Libraries

Troy Hunt

All of which means this: Versioned external libraries can easily be protected with SRI because the contents of that specific version will never change. They might change the API endpoints the library calls. is a perfect example as it relates to client-side libraries.

Professional SharePoint 2010 Library


Check out my Professional SharePoint 2010 Library list. The number of SharePoint 2010 titles is increasing daily. If you are a SharePoint architect, developer, or designer, you need to select titles that speak to your specific needs, rather than one of the many "how to do stuff with SharePoint" titles (many of which are excellent for non-IT business leaders and users). To this end, I created an Amazon ListMania!

Parliamentary library deletes post confirming police can access My Health Record

The Guardian Data Protection

Page removed after complaint from health department about ‘potential inaccuracies’ A complaint from the federal health department has prompted the parliamentary library to pull its advice that patients’ My Health Record could be accessed by police without a court order.

Internet Archive and New York Art Resources Consortium Receive Grant for a National Forum to Advance Web Archiving in Art and Museum Libraries


27 Public Libraries and the Internet Archive Launch “Community Webs” for Local History Web Archiving


by the Archive-It team.

Microsoft Patches Zero-Day Under Active Attack by APT


Vulnerabilities CVE-2010-3190 Excel Exchange Server FruityArmor Microsoft Foundation Class Library October Patch Tuesday Office Suite Outlook PowerpointA zero-day vulnerability tied to the Window’s Win32k component is under active attack, warns Microsoft.

“Make It Weird”: Building a collaborative public library web archive in an arts & counterculture community


by Dylan Gaffney, Forbes Library. Google form used to solicit nomination for Forbes Library Web Archive.

Poetry in Protest, a new Exhibit in Strozier Library

Archives Blogs

The selections from FSU Libraries’ Special Collections encompass nearly 2,500 years of poetical dissent, including Sappho, William Wordsworth, Gwendolyn Brooks, Allen Ginsberg, Amiri Baraka, Tupac Shakur, and many more.

The Current State of Description for Archives

IG Guru

Archives IG News libraries Margot Note museumsIn July 1945, Atlantic Monthly published “As We May Think,” by army scientist Vannevar Bush, an essay that had an immense influence on the history of computing.

Archiving the Web @EBRPL: Creating and following a web collecting policy in a public library


By Emily Ward, Digital Archivist, East Baton Rouge Parish Library. The first iteration of the EBRPL Collections Development Policy for Web Archives was modeled after the Intellectual Property Rights section of the Bentley Historical Library.

Joining the Digital Public Library of America

Archives Blogs

The SSDN will coordinate the work of harvesting Florida digital collections into the Digital Public Library of America (DPLA). The following is from the original press release by FSU Libraries : Florida State University Libraries and their partners are pleased to announce the launch of the Sunshine State Digital Network (SSDN). The SSDN is part of the Digital Public Library of America and FSU is proud to be the service hub for the state of Florida.

Deep-C Joins the Digital Library

Archives Blogs

One of our brilliant student workers just finished describing a born-digital collection for the University Archives. We’ll let her tell you more! My name is Meg Barrett, and I’m a junior studying Art History and French.

Study 26

ESI, ROT, and LBJ – Thoughts on Data Management While Visiting the Lyndon Johnson Presidential Library: eDiscovery Trends

eDiscovery Daily

A friend met me there, and one of the things we’d hoped to do (besides listen to a lot of live music) was visit the LBJ Presidential Library housed at the University of Texas campus. From the 4th floor mezzanine, you can see the upper floors of the library through glass — Five through Nine contain Johnson’s documents — five floors of paper documents, that may be historically significant and valuable to researchers.

ROT 31

Evans & Dixon readies for the future by streamlining their document management with OpenText eDOCS

OpenText Information Management

Information Management ADV Document control document repository document security document sharing edocs email filing law firm lawyers library version controlIs your document management solution scalable to your firm’s future growth?

Zip Slip Flaw Affects Thousands of Open-Source Projects


Vulnerabilities archive critical vulnerability developer projects file extraction file overwrite file traversal Libraries open source flaw remote code execution snyk zip slipAn exploit allows attackers to remotely overwrite archive files with their own content, and from there pivot to achieving remote command execution on the machine.

Understanding web archive access and use with Google Analytics: Lessons and questions from the Federal Depository Library Program


Stump and Bower introduce how Archive-It partners at the Federal Depository Library Program (FDLP) Web Archive have implemented and use Google Analytics to understand the use of their existing collections and plan for the future.

Canadian Library Consortia OCUL and COPPUL Join Forces with Archive-It to Expand Web Archiving in Canada


The Council of Prairie and Pacific University Libraries (COPPUL) and the Ontario Council of University Libraries (OCUL) have joined forces in a multi-consortial offering of Archive-It, the web archiving service of the Internet Archive. by the Archive-It Team.

Corner of Bar vs Corner of Library: The Twitter Conundrum

Collaboration 2.0

On the eve of a couple of international Enterprise 2.0 Conferences, I’m revisiting in this post a core concept about the fundamental dichotomy of behavioral patterns around marketing people and business operations people. As a general rule the people running the strategy and tactics of companies rely on a trusted cadre of advisors and keep their