Anonymous have made an announcement today that they have somehow obtained a copy of a earlier version of the VMware ESX server kernel. View full post on Cyber War News
View full post on The Cyber Wars
Posts Tagged ‘VMware’
04
Nov
2012
Anonymous Leak VMware ESX Server Kernel
VMware has released security patches for its Workstation, Player, Fusion, ESXi and ESX products in order to address two vulnerabilities that could allow attackers to compromise the host system or crash a virtual machine.
 |
 |
View full post on Techworld.com security
View full post on National Cyber Security
Michael Harper for RedOrbit.com Members from the hacktivist group “LulzSec” are at it again, as source code from VMWare’s ESX hypervisor technology has been leaked to a website used to anonymously host hacked files. According to a company blog , VMWare has said a “single file” from their ESX source code had been leaked and posted to Pastebin . The company also went on to say the source code is 8 …
View full post on hacker – Yahoo! News Search Results
View full post on National Cyber Security » Computer Hacking
VMware ESX source code has been stolen and posted online, but the company says its virtualisation platform doesn’t necessarily pose an increased risk to customers.
The stolen code amounts to a single file from sometime around 2003 or 2004, the company said.
“The fact that the source code may have been publicly shared does not necessarily mean that there is any increased risk to VMware customers,” according to a blog written by Iain Mulholland, director of the company’s Security Response Center.
The code was stolen from a Chinese company called China Electronics Import Export Corporation (CEIEC) during a March breach, according to a posting on the Kaspersky Threat Post blog.
The code along with internal VMware emails were posted online three days ago.
Eric Chiu, president of virtualisation security firm Hytrust, says it’s hard to say what VMware customers should do because there’s not enough detail about how the exposed code is being used in current products.
In general, though, customers should review the security for virtual environments to address the fact that a compromised hypervisor exposes multiple virtual machines.
While the incident is reminiscent of the breach last year of RSA source code, the circumstances differ. An RSA partner was breached and that breach was used to send a malware-laced email to an RSA staffer who opened it.
In VMware’s case, the CEIEC network was hacked and finding the source code was fortuitous.
VMware said: “On April 23, 2012, our security team became aware of the public posting of a single file from the VMware ESX source code and the possibility that more files may be posted in the future. The posted code and associated commentary dates to the 2003 to 2004 timeframe.
“The fact that the source code may have been publicly shared does not necessarily mean that there is any increased risk to VMware customers. VMware proactively shares its source code and interfaces with other industry participants to enable the broad virtualization ecosystem today. We take customer security seriously and have engaged internal and external resources, including our VMware Security Response Center, to thoroughly investigate. We will continue to provide updates to the VMware community if and when additional information is available.”
View full post on National Cyber Security » Computer Hacking
02
Apr
2012
VMWare privilege escalation
<!– VMWare privilege escalation –>
VMWare privilege escalation
news /
advisories /
forum /
software /
advertising /
search /
exploits
<!–
google_ad_client = “pub-9080155680222782″;
google_ad_width = 468;
google_ad_height = 15;
google_ad_format = “468x15_0ads_al”;
//2007-01-19: Inside
google_ad_channel = “6209105484″;
google_color_border = “333333″;
google_color_bg = “0D0030″;
google_color_link = “AAAAAA”;
google_color_text = “999999″;
google_color_url = “C0C0C0″;
//–><!– script type="text/javascript"
src=”http://pagead2.googlesyndication.com/pagead/show_ads.js” –>
BUGTRAQSecurityVulns ID:12293Type:VMWARE : VMware Server 1.0 VMWARE : VMware ESXi 3.5 VMWARE : VMware Server 2.0 VMWARE : VMware Workstation 7.1 VMWARE : VMware ESXi 4.1CVE:CVE-2012-1515Original documentds.adv.pub_(at)_gmail.com, VMware High-Bandwidth Backdoor ROM Overwrite Privilege Elevation (02.04.2012)Discuss:Read or add your comments to this news (0 comments)
Article source: http://securityvulns.com/news/VMWare/BIOS.html
View full post on National Cyber Security
How to use vSphere 5 tools to streamline configuration and patch management.
<img alt="VMware configuration management, patching best practices, Blog, practices, Management, best., VMware, configuration, patching"height="0" width="0" border="0" style="display:none" src="http://segment-pixel.invitemedia.com/pixel?code=TechBiz
&partnerID=167&key=segment”/>
View full post on SearchCloudSecurity: RSS Feed
View full post on National Cyber Security
…establishing disaster recovery policies and procedures. Involved with technologies including Visioncore eRanger, VCP, and Replicator. Assists in the development, management, and enforcement of company’s network security policy.
View full post on View network-security jobs – TEKsystems.com
View full post on National Cyber Security
Discover how organizations improve the reliability of backups and the recoverability of virtual machines. Supporting data growth, integrating with existing processes and protecting virtualized applications are all key components of an optimal storage solution for virtual infrastructures. Together, NETGEAR and Veeam provide integrated backup and data protection, efficient storage and simple offsite DR solutions at a fraction of the cost of traditional big IT vendors
View full post on National Cyber Security » Announcements
Discover how organizations improve the reliability of backups and the recoverability of virtual machines. Supporting data growth, integrating with existing processes and protecting virtualized applications are all key components of an optimal storage solution for virtual infrastructures. Together, NETGEAR and Veeam provide integrated backup and data protection, efficient storage and simple offsite DR solutions at a fraction of the cost of traditional big IT vendors
View full post on National Cyber Security » Announcements
Discover how organizations improve the reliability of backups and the recoverability of virtual machines. Supporting data growth, integrating with existing processes and protecting virtualized applications are all key components of an optimal storage solution for virtual infrastructures. Together, NETGEAR and Veeam provide integrated backup and data protection, efficient storage and simple offsite DR solutions at a fraction of the cost of traditional big IT vendors
View full post on National Cyber Security » Announcements