CMS, Libraries and Security - Information Management Today

CMS

Libraries

Security

Mozilla fixes critical flaw in Network Security Services (NSS) cryptography library

Security Affairs

DECEMBER 1, 2021

Mozilla fixed a critical memory corruption issue affecting its cross-platform Network Security Services (NSS) set of cryptography libraries. Mozilla has addressed a heap-based buffer overflow vulnerability (CVE-2021-43527) in its cross-platform Network Security Services (NSS) set of cryptography libraries.

Libraries

Libraries Security CMS Communications

Drupal fixed a new flaw related PEAR Archive_Tar library

Security Affairs

JANUARY 22, 2021

Drupal development team released security updates to address a vulnerability that resides in the PEAR Archive_Tar third-party library. The Drupal development team has released security updates to address the CVE-2020-36193 vulnerability in the PEAR Archive_Tar third-party library. and 7 of the popular CMS.

Libraries

Libraries CMS Security IT

Join 55,000+

Insiders

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

Trending Sources

Experts discovered a privilege escalation issue in popular Umbraco CMS

Security Affairs

APRIL 6, 2021

Experts discovered a vulnerability in the popular CMS Umbraco that could allow low privileged users to escalate privileges to “admin.” ” Security experts from Trustwave have discovered a privilege escalation vulnerability in the popular website CMS, Umbraco. “Umbraco version 8.9.0 also seen in 8.6.3)

CMS

CMS Authentication Access Libraries

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

Drupal addressed CVE-2020-13671 Remote Code Execution flaw

Security Affairs

NOVEMBER 19, 2020

Drupal development team has released security updates to address a remote code execution flaw, tracked as CVE-2020-13671. The Drupal development team has released security updates to fix a remote code execution vulnerability related caused by the failure to properly sanitize the names of uploaded files. Pierluigi Paganini.

CMS

CMS Libraries Security Information Security

Drupal fixes 2 critical code execution issues flaws in Drupal 7, 8.5 and 8.6

Security Affairs

JANUARY 17, 2019

Drupal released security updates for Drupal 7, 8.5 that address two “critical” security vulnerabilities that could be exploited for arbitrary code execution. ” reads the security advisory. ” reads the security advisory. “Drupal core uses the third-party PEAR Archive_Tar library.

CMS

CMS Libraries Security Access

US CISA added 17 flaws to its Known Exploited Vulnerabilities Catalog

Security Affairs

JANUARY 23, 2022

The Cybersecurity and Infrastructure Security Agency (CISA) this week added seventeen actively exploited vulnerabilities to the Catalog. CVE Number CVE Title Required Action Due Date CVE-2021-32648 October CMS Improper Authentication 2/1/2022 CVE-2021-21315 System Information Library for node.js Pierluigi Paganini.

CMS

CMS IT Authentication Libraries

CISA adds Log4Shell Log4j flaw to the Known Exploited Vulnerabilities Catalog

Security Affairs

DECEMBER 13, 2021

Cybersecurity and Infrastructure Security Agency (CISA) added 13 new vulnerabilities to the Known Exploited Vulnerabilities Catalog , including recently disclosed Apache Log4Shell Log4j and Fortinet FortiOS flaws. The post CISA adds Log4Shell Log4j flaw to the Known Exploited Vulnerabilities Catalog appeared first on Security Affairs.

CMS

CMS Authentication Libraries Risk

Magecart attacks are still around but are more difficult to detect

Security Affairs

JUNE 22, 2022

Magecart threat actors have switched most of their operations server-side to avoid detection of security firms. Malwarebytes researchers observed the use of 3 different themes by the threat actor to hide their skimmer, named after JavaScript libraries: hal-data[.]org/gre/code.js org” and “js.staticounter[.]net,”

Cleanup

Cleanup CMS Libraries Phishing

Drupal emergency updates fix critical arbitrary PHP code execution

Security Affairs

NOVEMBER 27, 2020

Drupal has released emergency security updates to fix a critical flaw with known exploits that could allow for arbitrary PHP code execution. Drupal has released emergency security updates to address a critical vulnerability with known exploits that could be exploited to achieve arbitrary PHP code execution on some CMS versions.

CMS

CMS Libraries Security Cybersecurity

Drupal addressed several issues, including a critical file processing bug

Security Affairs

DECEMBER 19, 2019

The most serious issue is related to the Archive_Tar third-party library, it has been assigned a severity rating of critical. “The Drupal project uses the third-party library Archive_Tar, which has released a security update that impacts some Drupal configurations. The issue affects Drupal 7x, 8.7.x x versions.

CMS

CMS Libraries Archiving Access

The Long Run of Shade Ransomware

Security Affairs

FEBRUARY 19, 2019

Since the beginning of the year, security firms observed a new intense ransomware campaign spreading the Shade ransomware. Between January and February, a new, intense, ransomware campaign has been observed by many security firms. The post The Long Run of Shade Ransomware appeared first on Security Affairs. Pierluigi Paganini.

Ransomware

Ransomware Mining File names Encryption

URLs Aren’t Archives ¯_(?)_/¯, and Other Stories

The Schedule

APRIL 20, 2018

The expectation of action on the part of institutions such as the Library of Congress was frustrating. Importantly, modern institutional archives do not make it a practice of taking things, or blindly capturing online records, without first attempting to secure the rights to do so. Frustration all around.

Archiving

Archiving Records Management Libraries Computer and Electronics

Part 1: OMG! Not another digital transformation article! Is it about understanding the business drivers?

ARMA International

SEPTEMBER 13, 2021

For example, organizations can re-package video libraries, songs, research, and course material for different audiences – customers, researchers, academics, students, and so on; and they can monetize the content via CaaS. A CSP exploits diverse content types and serves multiple constituencies and numerous use cases across an organization.”

Digital transformation

Digital transformation Blockchain IT Computer and Electronics

Former OpenText CEO John Shackleton joins Preservica as Chairman of the Board

Preservica

JULY 24, 2019

Digital preservation is a relatively new concept and should be a key component of your information management strategy that complements your content management system (CMS), records management application (RMA), or other collaboration tools.”. Having digital files stored somewhere means nothing if these assets are not readable or usable.

Digital preservation

Digital preservation ECM Archiving CMS

The Week in Cyber Security and Data Privacy: 11 – 18 December 2023

IT Governance

DECEMBER 19, 2023

An investigation determined that personal data, including names, addresses, phone numbers, Social Security numbers, dates of birth and bank account numbers, belonging to nearly 15 million people was obtained by an unauthorised party between 30 October and 1 November. Data breached: personal data belonging to 14,690,284 individuals.

Data Privacy

Data Privacy Manufacturing Privacy Security

Mozilla fixes critical flaw in Network Security Services (NSS) cryptography library

Drupal fixed a new flaw related PEAR Archive_Tar library

Webinars

Trending Sources

Experts discovered a privilege escalation issue in popular Umbraco CMS

Webinars

Drupal addressed CVE-2020-13671 Remote Code Execution flaw

Drupal fixes 2 critical code execution issues flaws in Drupal 7, 8.5 and 8.6

US CISA added 17 flaws to its Known Exploited Vulnerabilities Catalog

CISA adds Log4Shell Log4j flaw to the Known Exploited Vulnerabilities Catalog

Magecart attacks are still around but are more difficult to detect

Drupal emergency updates fix critical arbitrary PHP code execution

Drupal addressed several issues, including a critical file processing bug

The Long Run of Shade Ransomware

URLs Aren’t Archives ¯_(?)_/¯, and Other Stories

Part 1: OMG! Not another digital transformation article! Is it about understanding the business drivers?

Former OpenText CEO John Shackleton joins Preservica as Chairman of the Board

The Week in Cyber Security and Data Privacy: 11 – 18 December 2023

Stay Connected