Google Researcher Details Windows Cryptographic Library Bug

Data Breach Today

Back-to-School Scams Target Students with Library-Themed Emails

Threatpost

Web Security back to school credential harvesting education cyberattack fake login pages library portals malware MediaGet torrent application downloader Phishing scam Scams student students university portals Win32.Agent.ifdx malware downloader WinLNK.Agent.gen downloader

jQuery JavaScript library flaw opens the doors for attacks on hundreds of millions of websites

Security Affairs

The popular jQuery JavaScript library is affected by a rare prototype pollution vulnerability that could allow attackers to modify a JavaScript object’s prototype. versions of the library that are affected by the ‘Prototype Pollution’ vulnerability.

Shh! No Hacking the Census in the Library

WIRED Threat Level

Opinion: Millions of folks filling out the 2020 Census on public library computers also are putting themselves at risk. Security Opinion Security / Cyberattacks and Hacks

What are libraries worth?

CILIP

What are libraries worth? What are libraries worth? Suffolk Libraries has recently commissioned and published research to do just that: convert the social value of three of its core services into pounds and pence. Bruce Leeke, chief executive of Suffolk Libraries said: ?Talking

A backdoor mechanism found in tens of Ruby libraries

Security Affairs

Maintainers of the RubyGems package repository have removed 18 malicious versions of 11 Ruby libraries that contained a backdoor. Maintainers of the RubyGems package repository have discovered a backdoor mechanism in 18 malicious versions of 11 Ruby libraries.

The Big Issue and Library Champion Bobby Seagull bring the case for library funding to Parliament

CILIP

The Big Issue and Library Champion Bobby Seagull bring the case for library funding to Parliament. 250m investment in the Culture Investment Fund, of which 50% is to be allocated to library and museum sector development. Chair of the Libraries APPG Gill Furniss commented, ?Libraries

Backdoor mechanism found in Ruby strong_password library

Security Affairs

The developer Tute Costa found a backdoor in the Ruby library during regular security audits before deploying his code in the production environment. The developer Tute Costa found a backdoor in the Ruby library during regular security audits.

Prototype Pollution flaw discovered in all versions of Lodash Library

Security Affairs

Lodash is a JavaScript library which provides utility functions for common programming tasks using the functional programming paradigm. The flaw could be exploited by hackers to compromise the security of affected services using the library. “The popular npm library is used by 4.35

Designing Libraries: Making space for makerspaces

CILIP

Recently I heard a librarian say that introducing makerspaces into libraries was one of the riskiest undertakings the service had ever embarked upon. I found this a little odd, since we are all in the information business and a lot of library time is taken up with answering ?how

Two malicious Python libraries were stealing SSH and GPG keys

Security Affairs

The Python security team removed two trojanized Python libraries from PyPI (Python Package Index) that were stealing SSH and GPG keys from the projects of infected developers. The expert discovered the two libraries on December 1, by the German software developer Lukas Martini.

Why presidential libraries are controversial

IG Guru

The post Why presidential libraries are controversial appeared first on IG GURU. Barack Obama’s is dividing opinions, as others have before. Archives Business Record Retention Records Management Risk News

Uncovering vulnerabilities in Cryptographic libraries: Mayhem, Matrixssl, and WolfSSL

ForAllSecure

As part of a recent initiative at ForAllSecure to analyze more open source software with Mayhem, a next-generation fuzzing solution, we decided to investigate some cryptographic libraries. Introduction.

Celebrating the Library of the Future for Libraries Week

CILIP

s children build their Library of the Future for Libraries Week. Children, young people and LEGO enthusiasts from age 2 to 85 have been hard at work as part of Libraries Week ? s much-loved libraries. to distribute books to library users. Inspire Library?: ?Inspire

Libraries Week 2019 celebrates libraries in a digital world

CILIP

Libraries Week 2019 celebrates libraries in a digital world. Annual Libraries Week celebrations (7-12 October 2019) will showcase how libraries have transformed their digital offer, featuring events and activities in more than 1,000 libraries across the UK.

The impact of Universal Credit on frontline public library workers

CILIP

The impact of Universal Credit on frontline public library workers. benefit that requires the vast majority of claimants to make and manage their claim online - is having on public library services across the UK. Public libraries

A flaw in the Libarchive library impacts major Linux distros

Security Affairs

Google experts found a flaw, tracked as CVE-2019-18408, in the compression library libarchive could lead to arbitrary code execution. Google experts found a vulnerability, tracked as CVE-2019-18408, in the compression library libarchive could be exploited to execute arbitrary code. .

The Library of Everything

CILIP

Emerging Technologies: The Library of Everything. Library of Babel ([link] in real life ? a (practically) infinite library. ? CILIP non member newsletter. Close. With limited space on shelves and hard drives alike, librarians can spend significant amounts of time ?weeding?

Closure JavaScript Library introduced XSS issue in Google Search and potentially other services

Security Affairs

A change made months ago in an open-source JavaScript library introduced a cross-site scripting (XSS) vulnerability in Google Search. The library is named Closure and according to the expert it fails to properly sanitize user input.

Library-Themed University Phishing Attack Expands to Massive Scale

Threatpost

Cobalt Dickens (a.k.a. Silent Librarian) is now actively targeting 380 universities, bent on stealing credentials and moving deeper into school networks. Breach Web Security cobalt dickens CTU expansion phishing campaign Proofpoint silent librarian student credentials universities

Google expert disclosed details of an unpatched flaw in SymCrypt library

Security Affairs

Tavis Ormandy, a white hat hacker Google Project Zero announced to have found a zero-day flaw in the SymCrypt cryptographic library of Microsoft’s operating system. The post Google expert disclosed details of an unpatched flaw in SymCrypt library appeared first on Security Affairs.

Multiple Vulnerabilities in LibXL Library Open Door to RCE Attacks

Threatpost

Hackers using a specially crafted XLS files can trigger several remote code execution vulnerabilities in the LibXL library. Hacks Vulnerabilities Buffer Overflow Common Vulnerability Scoring System Excel files Integer Overflow LibXL LibXL Library Microsoft Excel File Format stack-based buffer overflow XLS

Truman Library Ground-breaking Ceremony

Archives Blogs

Truman Presidential Library in Independence, MO, is undergoing a year-long renovation that will result in a new Truman permanent exhibition, new amenities for visitors, and enhanced educational and community programming. Truman Library’s renovation. The Harry S.

CILIP welcomes Labour Party Manifesto commitment to libraries

CILIP

CILIP welcomes Labour Party Manifesto commitment to libraries. s Library and Information Association, has welcomed the commitment in the Labour Party?s s 2019 General Election manifesto to secure the long-term future of public libraries. Manifesto for Libraries?,

Prison library: Bringing children and dads together

CILIP

Prison library: Bringing children and dads together. THE world of the prison library is, by its very nature, hidden from the view of most people. The library is situated fairly near the main gate in one of the Victorian wings, but it looks very much like any small branch library ?

Should library services be cutting their most dynamic spaces?

CILIP

Should library services be cutting their most dynamic spaces? Photo credit: Should library services be cutting their most dynamic spaces? A recent report, Libraries on the Move , by Dr Alyson Tyler, studied the impact of mobile libraries in Scotland. Libraries don?t

New guide to improving library services using key library assessment methodologies

CILIP

New book on improving library services with assessment data. Facet Publishing announces the publication of Putting Library Assessment Data to Work by Selena Killick and Frankie Wilson. Effective library assessment is crucial for a successful academic library.

Designing Libraries: An academic question

CILIP

Designing Libraries: An academic question. Earlier this year I attended the biennial Liber Architecture Group (Lag) seminar, held in the Zaha Hadid-designed library and learning centre building on the impressive campus of the Vienna University of Economics and Business (known locally as WU).

An Island Library and Archives explored

CILIP

An Island Library and Archives explored. An Island Library and Archives explored. It first opened its doors in November 1922, including an active library from the outset, managed by the first librarian William Cubbon. or free to search from the library reading room.

How to run a library campaign

CILIP

How to run a library campaign: a work in progress. SAVE Our Libraries Essex. Digital doesn't mean technology. Union. CILIP. CILIP. Contributor: Information Professional. Published: 20 May 2019. More from Information Professional. In depth. Interview. Insight.

The "Extended Random" Feature in the BSAFE Crypto Library

Schneier on Security

Matthew Green wrote a fascinating blog post about the NSA's efforts to increase the amount of random data exposed in the TLS protocol, and how it interacts with the NSA's backdoor into the DUAL_EC_PRNG random number generator to weaken TLS. backdoors cryptanalysis cryptography nsa randomnumbers tls

Working Internationally for Libraries: How to write effective grant proposals

CILIP

Working Internationally for Libraries: How to write effective grant proposals. I had heard about the International Federation of Library Associations (IFLA) during my MSc, but I didn?t We all know that libraries are facing tough financial times.

UX in Libraries: Cognitive maps

CILIP

UX in Libraries: Cognitive maps. andypriestner ) is a freelance UX trainer and consultant and Chair of the UX in Libraries conference andypriestnertraining.com uxlib.org. Andy Priestner ( info@andypriestnertraining.com.

Analyzing Matio and stb_vorbis Libraries with Mayhem

ForAllSecure

At ForAllSecure, our mission is to help developers find critical bugs in their software quicker, easier, and faster than standard development practices and tools.

Critical Bug Impacts Live555 Media Streaming Libraries

Threatpost

A critical streaming bug impacts Live Networks LIVE555 RTSPServer, but not the popular VLC and MPLayer client-side software. Hacks Vulnerabilities CVE-2018-4013 LIVE555 MPLayer RCE Bug Real Time Streaming Protocol RTSP VLC media player

Advancing Art Libraries and Curated Web Archives: Notes from a National Forum

Archive-It

Art and museum libraries are on the move! Fifty librarians, archivists, and technologists from around the country assembled at the San Francisco Museum of Modern Art (SFMOMA) for Advancing Art Libraries and Curated Web Archives , a two-day national forum sponsored by the U.S.

The digital transformation of Senate House Library

CILIP

The digital transformation of Senate House Library. The second episode sees further coverage of Kevin Widdop's interview with Senate House Library?s Digital transformation at Senate House Library. And a lot of libraries use a website to bring people onsite and that there?s

Open research needs library support

CILIP

Open research needs library support. Open research needs library support. The document, which is available in a variety of formats, includes the opportunity for library and information professionals to contribute directly through GitHub.

UK Library Association responds to Boris Johnson?s comments on the Andrew Marr Show

CILIP

UK Library Association responds to Boris Johnson?s s Library and Information Association has responded to comments made by Conservative leader Boris Johnson during his interview with Andrew Marr on Sunday 1st December. I love libraries? Manifesto for Libraries?

Apache Struts users have to update FileUpload library to fix years-old flaws

Security Affairs

Apache Struts Users have to update the Commons FileUpload library in Struts 2 that is affected by two vulnerabilities. Apache Struts developers have addressed two vulnerabilities in the Commons FileUpload library in Struts 2, the flaws can be exploited for remote code execution and denial-of-service (DoS) attacks. of the library, while users have to manually update applications using Struts 2.3.36 Commons FileUpload library Version 1.3.3