virtual machines | Breaking Cybersecurity News | The Hacker News

A group of academics has disclosed a new "software fault attack" on AMD's Secure Encrypted Virtualization ( SEV ) technology that could be potentially exploited by threat actors to infiltrate encrypted virtual machines (VMs) and even perform privilege escalation. The attack has been codenamed  CacheWarp  (CVE-2023-20592) by researchers from the CISPA Helmholtz Center for Information Security and the Graz University of Technology. It impacts AMD CPUs supporting all variants of SEV. "For this research, we specifically looked at AMD's newest TEE, AMD SEV-SNP, relying on the experience from previous attacks on Intel's TEE," security researcher Ruiyi Zhang told The Hacker News. "We found the 'INVD' instruction [flush a processor's cache contents] could be abused under the threat model of AMD SEV." SEV, an  extension  to the AMD-V architecture and introduced in 2016, is designed to isolate VMs from the hypervisor by encrypting the me

The Pirate Bay is the world's largest torrent tracker site which handles requests from millions of users everyday and is in the top 100 most visited websites on the Internet. Generally, The Pirate Bay is famous for potentially hosting illegal contents on its website. Despite years of persecution, it continues to disobey copyright laws worldwide. Even both the founders of The Pirate Bay (TPB) file exchange service were arrested by the authorities and are in prison, but their notorious pirated content exchange continues to receive millions of unique visitors daily. That's really Strange!! But how?? Recently, The Pirate Bay team has revealed how cloud technology made its service's virtual servers truly secure to avoid police raids and detection. While it doesn't own any physical servers, The Pirate Bay is working on " virtual machines " through a few commercial cloud hosting services, even without knowing that whom they are dealing with. According to Torren

As a vCISO, you are responsible for your client's cybersecurity strategy and risk governance. This incorporates multiple disciplines, from research to execution to reporting. Recently, we published a comprehensive playbook for vCISOs, "Your First 100 Days as a vCISO – 5 Steps to Success" , which covers all the phases entailed in launching a successful vCISO engagement, along with recommended actions to take, and step-by-step examples.  Following the success of the playbook and the requests that have come in from the MSP/MSSP community, we decided to drill down into specific parts of vCISO reporting and provide more color and examples. In this article, we focus on how to create compelling narratives within a report, which has a significant impact on the overall MSP/MSSP value proposition.  This article brings the highlights of a recent guided workshop we held, covering what makes a successful report and how it can be used to enhance engagement with your cyber security clients.

After providing the glimpses of the next Windows, one of the screenshot leakers has now obtained a short video showing off a build of the very new Windows 9 , aka "Threshold , " features as well as how users can expect to use it. Two German sites, ComputerBase and WinFuture , posted 20 screenshots on Thursday of what purports to be next major version of Windows, presumably called Windows Threshold that Microsoft recently distributed to its partners, giving us a closer look at Microsoft's next platform. Now, there's a video on YouTube , provided by German publication WinFuture, which shows how the returning feature might work in the next iteration of the Operating System. As calculated from the screenshots, the video doesn't provide any major new information about Windows 9, but pretty much confirms what we expected. The video gives Windows' users a first look at the new Start menu in action. It also shows off three new features in Windows 9:

Early 2012 ESET company a mysterious malware, dubbed the Avatar rootkit (Win32/Rootkit.Avatar), advertised in the underground forums by Russian cyber crime . " We present you here previously announced product. In connection with work on other projects, we moved the release date for the public from May to February 2013th 2012go.Now nuclear rootkit AVATAR is available for rental. " Despite the malware was described months ago it was not found and published until now, in March ESET researchers detected two droppers with different C&C servers and having different compilation time stamps as showed in the following pictures: The Avatar rootkit appears very sophisticated, it uses two different infection techniques, the first in the dropper so as to bypass detections by HIPS, and the second one in the rootkit driver to allow the malware to be alive after system reboot, the instance detected works only on x86 systems. The 2 level dropper for Avatar rootkit works in conjunct

Citrix and the Apache Software Foundation have alerted users to a critical vulnerability in the CloudStack open source cloud infrastructure management software. The vulnerability affects all versions of Cloudstack prior to October 7, including the Citrix commercial version. Vulnerability could allow an attacker to take a number of unwanted actions, including deleting all of the virtual machines on a system. There are no known exploits at this time, Details of the issue were disclosed on Sunday. Cloudstack is one of the largest open source cloud infrastructure management systems together with OpenStack and Eucalyptus. Mitigation against the vulnerability is possible by logging into the Cloudstack MySQL database, disabling the system user and setting a random password. " The CloudStack PPMC was notified of a configuration vulnerability that exists in development versions of the Apache Incubated CloudStack project. This vulnerability allows a malicious user to execute ar