Details of a dangerous virtual machine escape exploit were revealed Wednesday by French research outfit VUPEN Security. The attack exploits a recently reported vulnerability in Xen hypervisors and allows an attacker within a guest virtual machine to escape to the host and execute code.
Browsing Category: Virtualization
With the deluge of malware and advanced attacks continuing unabated, security approaches that sandbox applications or isolate processes are garnering increased attention. Researcher Joanna Rutkowska and Invisible Things Lab were the latest to go in that direction with the official release on Tuesday of the Qubes operating system.
The Windows version of the Crisis Trojan is able to sneak onto VMware implementations, making it possibly the first malware to target such virtual machines. It also has found a way to spread to Windows Mobile devices.
The Honeynet Project launched a new project Thursday that is designed to snare malware that spreads by infecting removable USB (universal serial bus) storage drives, citing the increased reliance of malicious programs on portable drives to move from computer to computer.
Right on cue this week, the anarchic hacking collective Anonymous stepped up and grabbed the story line away from the lions of the IT security industry.With the annual RSA Conference set to begin, the whistle blowing site Wikileaks released the first of some five million e-mail messages stolen from the security intelligence firm Stratfor. Ever sensitive to the fickle attention of the media, Anonymous inserted itself into the story, claiming responsibility for leaking the data and pointing a finger of blame at Stratfor and its media, private and public sector customers, which Anonymous accuses of spying and other dark offenses.
By Rob LemosThere are a lot of good reasons to have remote-access software installed on a business network: It might be there to allow a remote administrator to manage a database; or to give a third-party point-of-sale management firm to apply patches; or even to allow a PBX vendor access to the server managing their client’s voice-over-IP lines. Unfortunately, through poor configuration, bad passwords or vulnerabilities, the software is also allowing attackers in to steal data and is becoming an increasingly popular attack vector.
Join Paul Roberts, Threatpost editor, and his guests, Michael Guigli, CEO of CloudConnect and Tim Armstrong, Malware Researcher at Kaspersky Lab as they discuss Virtualization and the security challenges faced by small businesses.
A new version of the REMnux specialized Linux distribution has been released, and it now includes a group of new tools for reverse-engineering malware. The new additions include a tool for memory forensics as well as one for analyzing potentially malicious PDFs.
Online criminals registered far fewer Web domains for use in phishing attacks in the first half of 2011, in what may signal a decrease in phishing scams, according to a global phishing survey released this month by the Anti-Phishing Working Group (APWG).
by Dan GeerEditor’s Note: As the CISO of In-Q-Tel, the CIA-backed strategic investment firm focused on developing technologies for the intelligence community, Dan Geer gets paid to help find the answers to big questions about computer security, national security, privacy and technology. Headlines proliferate about sophisticated cyber attacks, the looming specter of cyber warfare and ongoing espionage by nations like China and Russia. That means Dan’s job gets more important with each passing day. So what’s on Dan Geer’s mind these days? We asked him what questions he was mulling and, as usual, the answers we got back were both eye-opening and provocative. Here, in Monday morning ‘shot of espresso’ format (and with as little editing as possible) is our three minute speed date with Dan’s brain.