Virtualization | Threatpost

Browsing Category: Virtualization

February 11, 2013, 4:25PM

VMware Fixes Privilege Escalation Vulnerability

by Brian Donohue

Categories: Virtualization

Virtualization software maker VMware issued an update last Thursday resolving a virtual machine communication interface (VMCI) vulnerability in its ESX Server, Workstation, Fusion and View products that could lead to a privilege escalation if unpatched.According to the VMware security advisory, a local attacker could potentially exploit a control code handling vulnerability in vmci.sys in order to tamper with memory allocation in the VMCI code and eventually obtain elevated privileges on Windows-based hosts and guest operating systems.

November 04, 2012, 10:56PM

Virtual Machine Escape Exploit Targets Xen

by Michael Mimoso

Categories: Virtualization, Vulnerabilities

Details of a dangerous virtual machine escape exploit were revealed Wednesday by French research outfit VUPEN Security. The attack exploits a recently reported vulnerability in Xen hypervisors and allows an attacker within a guest virtual machine to escape to the host and execute code.

September 05, 2012, 2:27PM

Qubes OS Release Enhances Security Via Domain Isolation

by Michael Mimoso

Categories: Virtualization

With the deluge of malware and advanced attacks continuing unabated, security approaches that sandbox applications or isolate processes are garnering increased attention. Researcher Joanna Rutkowska and Invisible Things Lab were the latest to go in that direction with the official release on Tuesday of the Qubes operating system.

August 22, 2012, 2:36AM

Crisis Trojan Makes Its Way onto Virtual Machines

by Anne Saita

Categories: Virtualization

The Windows version of the Crisis Trojan is able to sneak onto VMware implementations, making it possibly the first malware to target such virtual machines. It also has found a way to spread to Windows Mobile devices.

June 14, 2012, 3:06PM

Honeynet Project Launches ‘Ghost’ To Snare USB Malware

by Paul Roberts

Categories: Hacks, Malware, Microsoft, Videos, Virtualization, Web Security

The Honeynet Project launched a new project Thursday that is designed to snare malware that spreads by infecting removable USB (universal serial bus) storage drives, citing the increased reliance of malicious programs on portable drives to move from computer to computer.

February 28, 2012, 10:21AM

RSA: Chaos In the Security World, And the Situation Is Perfect

by Paul Roberts

Categories: Apple, Compliance, Cryptography, Data Breaches, Government, Hacks, Microsoft, Mobile Security, Social Engineering, Virtualization, Vulnerabilities, Web Security

Right on cue this week, the anarchic hacking collective Anonymous stepped up and grabbed the story line away from the lions of the IT security industry.With the annual RSA Conference set to begin, the whistle blowing site Wikileaks released the first of some five million e-mail messages stolen from the security intelligence firm Stratfor. Ever sensitive to the fickle attention of the media, Anonymous inserted itself into the story, claiming responsibility for leaking the data and pointing a finger of blame at Stratfor and its media, private and public sector customers, which Anonymous accuses of spying and other dark offenses.

February 14, 2012, 1:25PM

Remote-Access Apps Continue to Serve As Popular Attack Vectors

by Robert Lemos

Categories: Microsoft, SMB Security, Virtualization

By Rob LemosThere are a lot of good reasons to have remote-access software installed on a business network: It might be there to allow a remote administrator to manage a database; or to give a third-party point-of-sale management firm to apply patches; or even to allow a PBX vendor access to the server managing their client’s voice-over-IP lines. Unfortunately, through poor configuration, bad passwords or vulnerabilities, the software is also allowing attackers in to steal data and is becoming an increasingly popular attack vector.

January 30, 2012, 5:29PM

Virtualization: Threats and Protections For SMBs

by Chris Brook

Categories: SMB Security, Virtualization

Join Paul Roberts, Threatpost editor, and his guests, Michael Guigli, CEO of CloudConnect and Tim Armstrong, Malware Researcher at Kaspersky Lab as they discuss Virtualization and the security challenges faced by small businesses.

December 16, 2011, 7:13PM

New Version of REMnux Malware-Analysis Linux Distribution Released

by Dennis Fisher

Categories: Malware, Virtualization

A new version of the REMnux specialized Linux distribution has been released, and it now includes a group of new tools for reverse-engineering malware. The new additions include a tool for memory forensics as well as one for analyzing potentially malicious PDFs.