Security Affairs

MAY 6, 2023

The FBI disrupted once again the illegal eBook library Z-Library the authorities seized several domains used by the service. The Federal Bureau of Investigation (FBI) seized multiple domains used by the illegal shadow eBook library Z-Library. The library is still reachable through TOR and I2P networks.

Libraries 98

Libraries Access Cybersecurity Security 98

Data Breach Today

JUNE 17, 2022

Contrast Security CPO Steve Wilson on Why Log4j Hack Is a Sign of Things to Come The discovery and subsequent exploitation of a critical zero-day vulnerability in Apache's Log4j open-source library has highlighted the importance of code security in today's threat landscape, according to Contrast Security Chief Product Officer Steve Wilson.

Libraries 210

Libraries Security 210

Security Affairs

DECEMBER 1, 2021

Mozilla fixed a critical memory corruption issue affecting its cross-platform Network Security Services (NSS) set of cryptography libraries. Mozilla has addressed a heap-based buffer overflow vulnerability (CVE-2021-43527) in its cross-platform Network Security Services (NSS) set of cryptography libraries.

Libraries 140

Libraries Security CMS Communications 140

Schneier on Security

MARCH 29, 2024

You might think that libraries are kind of boring, but this self-analysis of a 2023 ransomware and extortion attack against the British Library is anything but.

Libraries 116

Libraries Ransomware 116

Security Affairs

JANUARY 30, 2024

Qualys researchers discovered a root access flaw, tracked as CVE-2023-6246, in GNU Library C (glibc) affecting multiple Linux distributions. The Qualys Threat Research Unit discovered four security vulnerabilities in the GNU Library C (glibc) , including a heap-based buffer overflow tracked as CVE-2023-6246. in August 2022.

Libraries 137

Libraries Access Security IT 137

Data Breach Today

OCTOBER 25, 2024

Hackers Backdoor Software Libraries to Deliver Malware Security researchers found backdoored software packages in the NPM software library, apparent evidence of an ongoing campaign by North Korean hackers to social engineer coders into installing infostealers.

Libraries 289

Libraries Security 289

Security Affairs

OCTOBER 10, 2023

A vulnerability in the libcue library impacting GNOME Linux systems can be exploited to achieve remote code execution (RCE) on affected hosts. A threat actor can trigger a vulnerability, tracked as CVE-2023-43641 (CVSS score: 8.8), in the libcue library impacting GNOME Linux systems to achieve remote code execution (RCE) on affected hosts.

Libraries 125

Libraries IT Security Access 125

CILIP

NOVEMBER 29, 2023

Partnership to Campaign: Green Libraries is growing Global leaders, thinkers, and activists from industry and politics will gather this weekend in Dubai for the first day of COP28 to rethink, reboot, and refocus the climate agenda. The Green Libraries partnership gathered unprecedented momentum during its first year.

Libraries 83

Libraries Security IT 83

Security Affairs

JANUARY 3, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chrome and Perl library flaws to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added two Qlik Sense vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog.

Libraries 134

Libraries IT Cybersecurity Risk 134

Security Affairs

SEPTEMBER 27, 2023

Google assigned a maximum score to a critical security flaw, tracked as CVE-2023-5129, in the libwebp image library for rendering images in the WebP format. Google assigned a new CVE identifier for a critical vulnerability, tracked as CVE-2023-5129 (CVSS score 10,0), in the libwebp image library for rendering images in the WebP format.

Libraries 133

Libraries IT Security Information Security 133

Security Affairs

AUGUST 30, 2021

The Boston Public Library was victim of a cyberattack that crippled its computer network, the library revealed in a statement Friday. The Boston Public Library announced on Friday that it was hit by a cyberattack that compromised its computer network. The affected systems were taken offline to prevent the threat from spreading.

Libraries 136

Libraries Communications Cybersecurity IT 136

Security Affairs

MAY 19, 2022

Google addressed a high-severity flaw in its OAuth client library for Java that could allow attackers with a compromised token to deploy malicious payloads. The Google OAuth Client Library for Java is designed to work with any OAuth service on the web, not just with Google APIs. or higher), and Google App Engine. Pierluigi Paganini.

Libraries 138

Libraries Authentication Cybersecurity Security 138

CILIP

AUGUST 28, 2024

its role of Eco Champion and sponsor of the Green Libraries Campaign.The Green Libraries Campaign brings together a diverse and dedicated community of libraries and library professionals, united by a shared vision of a greener, more sustainable future for people and planet.

Libraries 52

Libraries Sales IT Security 52

CILIP

JANUARY 16, 2024

CILIP welcomes publication of Sanderson Review of Public Libraries CILIP has welcomed the publication of the findings of Baroness Sanderson of Welton’s Independent Review of Public Libraries, announced today at an event at the House of Lords attended by our CEO, Nick Poole.

Libraries 85

Libraries Government Education Communications 85

Security Affairs

NOVEMBER 10, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Security 111

Security Mining Libraries Ransomware 111

Security Affairs

APRIL 15, 2023

The Goldoson library was discovered by researchers from McAfee’s Mobile Research Team, it collects lists of applications installed on a device, and a history of Wi-Fi and Bluetooth devices information, including nearby GPS locations. The experts have found more than 60 applications in Google Play that were containing the malicious library.

Libraries 98

Libraries Data collection Education Security 98

Security Affairs

MAY 26, 2020

70 percent of mobile and desktop applications that today we use are affected at least by one security flaw that is present in open-source libraries. Experts pointed out that every library could be affected by one o more issues which will be inherited from all the applications that use them. ” reads the report.

Libraries 145

Libraries Security Access IT 145

The Last Watchdog

AUGUST 19, 2024

Related: Europe mandates resiliency Requiring a formal inventory of all components, libraries and modules in all business applications can help lock down software supply chains, especially in light of the SolarWinds and Colonial Pipeline attacks. He drew a vivid parallel between food safety and software security.

Security 173

Security Libraries Cloud Cybersecurity 173

KnowBe4

JULY 19, 2023

KnowBe4 offers the world’s largest library of always-fresh security awareness and compliance training content that includes assessments, interactive training modules, videos, games, posters and newsletters via the KnowBe4 ModStore.

Libraries 90

Libraries Security awareness Compliance Security 90

Security Affairs

NOVEMBER 3, 2020

The npm security team has removed a malicious JavaScript library named “ twilio-npm ” from its repository because contained malicious code. The tainted JavaScript library was spotted by the researcher Ax Sharma from security firm Sonatype. SecurityAffairs – hacking, npm library). tcp.ngrok[.]io:11425

Libraries 127

Libraries Security IT Information Security 127

Enterprise Software Blog

MARCH 15, 2024

However, the abundance of Blazor component libraries overfilling the market today can make it a bit challenging to select the right one. That’s why I gathered the top 7 Blazor component libraries that match all this, empowering developers to create outstanding user interfaces while saving time and effort.

Libraries 59

Libraries Access IT Authentication 59

Security Affairs

DECEMBER 27, 2021

Researchers from DrWeb monitored attacks leveraging exploits for vulnerabilities in the Apache Log4j library. Researchers from DrWeb monitored attacks leveraging exploits for vulnerabilities (CVE-2021-44228, CVE-2021-45046, CVE2021-4104, and CVE-2021-42550) in the Apache Log4j library warning of the need to adopt protective measures.

Libraries 145

Libraries Honeypots Security IT 145

Schneier on Security

JULY 30, 2021

The time has come for me to find a new home for my (paper) cryptography library. New owner pays all packaging and shipping costs, and possibly a purchase price depending on who you are and what you want to do with the library. If you think you can break it up and sell it, I’ll consider that as a last resort. I can send photos.

Libraries 145

Libraries Paper Education IT 145

Data Breach Today

SEPTEMBER 2, 2021

and Below Are Affected by the Vulnerabilities Several companies that use the OpenSSL cryptography library toolkit are reportedly scrambling and releasing security advisories to their users following patching of two vulnerabilities that were first fixed and disclosed to users on Aug. OpenSSL v1.1.1k

Security 295

Security Libraries 295

Security Affairs

JANUARY 22, 2021

Drupal development team released security updates to address a vulnerability that resides in the PEAR Archive_Tar third-party library. The Drupal development team has released security updates to address the CVE-2020-36193 vulnerability in the PEAR Archive_Tar third-party library. ” reads the advisory.

Libraries 127

Libraries CMS Security IT 127

CILIP

OCTOBER 27, 2023

Invitation to Tender - Anti-Racist Library Collections training for Wales Content Developers needed for the Anti-Racist Library Collections project. There is scope to develop one, two or three anti-racist library collection modules that will form a program of training for public libraries across Wales.

Libraries 86

Libraries Government Security 86

Security Affairs

MAY 3, 2022

A vulnerability in the domain name system (DNS) component of the uClibc library impacts millions of IoT products. Nozomi Networks warns of a vulnerability, tracked as CVE-2022-05-02, in the domain name system (DNS) component of the uClibc library which is used by a large number of IoT products. ” continues the advisory.

Libraries 125

Libraries IoT Security Cybersecurity 125

Data Breach Today

JUNE 12, 2019

Flaw Could Cause Denial-of-Service Event in Windows Fleet, Researcher Claims A Google security researcher has disclosed what he calls an unpatched bug in the main cryptographic library used in newer versions of the Windows operating system that he claims could affect an entire fleet of Windows-based devices.

Libraries 164

Libraries Security 164

Security Affairs

MARCH 2, 2022

Researchers from JFrog’s Security Research team discovered five vulnerabilities in the PJSIP open-source multimedia communication library. Researchers from JFrog’s Security Research team discovered five vulnerabilities in the popular PJSIP open-source multimedia communication library. on February 24, 2022.

Libraries 98

Libraries Communications Security IT 98

Security Affairs

FEBRUARY 1, 2021

Google discovered a flaw in GNU Privacy Guard (GnuPG)’s Libgcrypt encryption library that could be exploited to get remote code execution. It’s also the crypto library used by systemd for DNSSEC. The team recommends users to stop using the vulnerable version of the library. which we released last week.

Libraries 144

Libraries Encryption Privacy IT 144

The Last Watchdog

JUNE 26, 2024

June 26, 2024, CyberNewsWire — FireTail today announced a free version of its enterprise-level API security tools, making them accessible to developers and organizations of all sizes. FireTail , a disruptor in API security, unveils free access for all to its cutting-edge API security platform. McLean, Va.,

Access 130

Access Security IT Libraries 130

Security Affairs

DECEMBER 10, 2021

Experts publicly disclose Proof-of-concept exploits for a critical zero-day vulnerability in the Apache Log4j Java-based logging library. Experts publicly disclose Proof-of-concept exploits for a critical remote code execution zero-day vulnerability, tracked a CVE-2021-44228 (aka Log4Shell ), in the Apache Log4j Java-based logging library.

Libraries 145

Libraries IT Cloud Data breaches 145

Security Affairs

JUNE 16, 2022

Researchers disclosed a remote code execution vulnerability, tracked as CVE-2022-25845, in the popular Fastjson library. Cybersecurity researchers from JFrog disclosed details of a now patched high-severity security vulnerability in the popular Fastjson library that could be potentially exploited to achieve remote code execution.

Libraries 98

Libraries Cybersecurity Security IT 98

Security Affairs

APRIL 9, 2023

The development team behind the vm2 JavaScript sandbox library addressed a critical Remote Code Execution vulnerability. servers, it has approximately four million weekly downloads and its library is part of 722 packages. servers, it has approximately four million weekly downloads and its library is part of 722 packages.

Libraries 94

Libraries File names Education Cybersecurity 94

Security Affairs

JANUARY 10, 2023

The open-source jsonwebtoken (JWT) library is affected by a high-severity security flaw that could lead to remote code execution. The open-source JsonWebToken ( JWT ) library is affected by a high-severity security flaw, tracked as CVE-2022-23529 (CVSS score: 7.6), that could lead to remote code execution.

Libraries 97

Libraries Security awareness Authentication Security 97