Saturday, November 23, 2024
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

virtualization

Security TrendMicro 

3 Reasons to Use VMware NSX with Trend Micro™ Deep Discovery™

admin , ,

Credit to Author: Dhanya Thakkar| Date: Wed, 08 Nov 2017 15:11:08 +0000

Enterprises have begun adopting network virtualization for their IT infrastructure. According to a 2016 survey conducted by Accenture, 95 percent of small, medium, and large enterprises believe “network services will be virtualized.” Meanwhile, 25 percent of those who have adopted network virtualization have already seen cost reductions. Why has network virtualization suddenly become the hot…

Read more
Security TrendMicro 

Setting Sail with Docker

admin ,

Credit to Author: Justin Foster| Date: Tue, 18 Apr 2017 12:00:18 +0000

This week thousands of people are heading to Austin, Texas for DockerCon 2017. Docker’s popularity has been explosive, with thousands of organizations using it’s platform to modernize applications, build microservices, optimize infrastructure and embrace a true DevOps practice. Like any transformation, moving to Docker is a journey for an organization. In preparation for sailing on…

Read more
ComputerWorld Independent 

Critical Xen hypervisor flaw endangers virtualized environments

admin ,

Credit to Author: Lucian Constantin| Date: Wed, 05 Apr 2017 10:59:00 -0700

A critical vulnerability in the widely used Xen hypervisor allows attackers to break out of a guest operating system running inside a virtual machine and access the host system’s entire memory.

This is a serious violation of the security barrier enforced by the hypervisor and poses a particular threat to multi-tenant data centers where the customers’ virtualized servers share the same underlying hardware.

The open-source Xen hypervisor is used by cloud computing providers and virtual private server hosting companies, as well as by security-oriented operating systems like Qubes OS.

The new vulnerability affects Xen 4.8.x, 4.7.x, 4.6.x, 4.5.x, and 4.4.x and has existed in the Xen code base for over four years. It was unintentionally introduced in December 2012 as part of a fix for a different issue.

To read this article in full or to leave a comment, please click here

Read more
ComputerWorld Independent 

VMware patches critical virtual machine escape flaws

admin , ,

Credit to Author: Lucian Constantin| Date: Thu, 30 Mar 2017 03:53:00 -0700

VMware has released critical security patches for vulnerabilities demonstrated during the recent Pwn2Own hacking contest that could be exploited to escape from the isolation of virtual machines.

The patches fix four vulnerabilities that affect VMware ESXi, VMware Workstation Pro and Player and VMware Fusion.

Two of the vulnerabilities, tracked as CVE-2017-4902 and CVE-2017-4903 in the Common Vulnerabilities and Exposures database, were exploited by a team from Chinese internet security firm Qihoo 360 as part of an attack demonstrated two weeks ago at Pwn2Own.

The team’s exploit chain started with a compromise of Microsoft Edge, moved to the Windows kernel, and then exploited the two flaws to escape from a virtual machine and execute code on the host operating system. The researchers were awarded $105,000 for their feat.

To read this article in full or to leave a comment, please click here

Read more
MalwareBytes Security 

Explained: Packer, Crypter, and Protector

admin , , , , , ,

Credit to Author: Pieter Arntz| Date: Mon, 27 Mar 2017 15:00:38 +0000

In this article we will try to explain the terms packer, crypter, and protector in the context of how they are used in malware.

Categories:

Tags:

(Read more…)

The post Explained: Packer, Crypter, and Protector appeared first on Malwarebytes Labs.

Read more