#perl

The ransomware group claimed it had breached the Federal Reserve, but the target now appears to have been an Arkansas-based bank, Evolve.

Responding to an incident quickly is important, but it shouldn't come at the expense of reporting it to the appropriate regulatory bodies.

The attacks infiltrate enterprise networks through browsers, and show an evolution in evasive and adaptive tactics from well-resourced state-sponsored actors.

Red Hat Security Advisory 2024-4108-03 - An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

Red Hat Security Advisory 2024-4106-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

Affected devices could include wireless access points, routers, switches and VPNs.

Ubuntu Security Notice 6819-4 - Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service. Chenyuan Yang discovered that the RDS Protocol implementation in the Linux kernel contained an out-of-bounds read vulnerability. An attacker could use this to possibly cause a denial of service.

The heightened regulatory and legal pressure on software-producing organizations to secure their supply chains and ensure the integrity of their software should come as no surprise. In the last several years, the software supply chain has become an increasingly attractive target for attackers who see opportunities to force-multiply their attacks by orders of magnitude. For example, look no

For a while, the botnet spread but did essentially nothing. All the malicious payloads came well after.

## Summary ZIP files uploaded to the server-side endpoint handling a `CodeChecker store` are not properly sanitized. An attacker can exercise a path traversal to make the `CodeChecker server` load and display files from an arbitrary location on the server machine. ## Details ### Target The vulnerable endpoint is `/<PRODUCT_URL>/v6.53/CodeCheckerService@massStoreRun`. ### Exploit overview The attack is made possible by improper sanitization at one point in the process. 1. When the ZIP file is uploaded by `CodeChecker store`, it is first unzipped to a temporary directory (safely). 2. When deciding which files to insert into CodeChecker's internal database, the decision is made based on the `content_hashes.json` in the ZIP. An attacker has control over the contents of this file. 3. After reading that file, the paths specified in the JSON are normalized by this code: https://github.com/Ericsson/codechecker/blob/fa41e4e5d9566b5a4f5a80a27bddec73a5146f5a/web/server/codechecker_server/a...