virtual machine.

Pierluigi Paganini May 26, 2018
Experts show how to defeat AMD’s Secure Encrypted Virtualization

German researchers devised a method, dubbed SEVered, to defeat the security mechanisms Secure Encrypted Virtualization implemented by the AMD Epyc server microchips to automatically encrypt virtual machines in memory. The attack could allow them to exfiltrate data in plaintext from an encrypted guest via a hijacked hypervisor and simple HTTP requests to a web server running […]

Pierluigi Paganini December 21, 2017
VMWare addressed severe Code Execution vulnerabilities in several products

VMware has released security updates to address four vulnerabilities in its ESXi, vCenter Server Appliance (vCSA), Workstation and Fusion products. The flaws were addressed with the release of six patches for ESXi, version 12.5.8 of Workstation, version 8.5.9 of Fusion, and version 6.5 U1d of vCSA. Some of the flaws could be exploited by an attacker […]

Pierluigi Paganini October 09, 2015
Time to update your Veeam to fix a VeeamVixProxy Vulnerability

The vulnerability allows a local unprivileged user of a Windows guest to gain Local and/or Domain Administrator access when VeeamVixProxy is active, the de-facto default in VMWare and Hyper-V environments. Pasquale `sid` Fiorillo, Francesco `ascii` Ongaro from ISGroup, an Italian Security firm, and Antonio `s4tan` Parata from ush team, have just released a critical security […]

Pierluigi Paganini August 18, 2014
Malware is threatening virtual machines

Malware is the primary threats for enterprise virtual machines according to report a recent report issued by Symantec Symantec recently issued the “Threats to virtual environments” report to analyze principal menace for virtualized environments. The report is very actually and considers the rapid diffusion of the virtualization paradigm within enterprises. According to Forrester Research more than 70 […]