#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News

virtual machines | Breaking Cybersecurity News | The Hacker News

Category — virtual machines
CacheWarp Attack: New Vulnerability in AMD SEV Exposes Encrypted VMs

CacheWarp Attack: New Vulnerability in AMD SEV Exposes Encrypted VMs

Nov 14, 2023 Hardware Security / Virtualization
A group of academics has disclosed a new "software fault attack" on AMD's Secure Encrypted Virtualization ( SEV ) technology that could be potentially exploited by threat actors to infiltrate encrypted virtual machines (VMs) and even perform privilege escalation. The attack has been codenamed  CacheWarp  (CVE-2023-20592) by researchers from the CISPA Helmholtz Center for Information Security and the Graz University of Technology. It impacts AMD CPUs supporting all variants of SEV. "For this research, we specifically looked at AMD's newest TEE, AMD SEV-SNP, relying on the experience from previous attacks on Intel's TEE," security researcher Ruiyi Zhang told The Hacker News. "We found the 'INVD' instruction [flush a processor's cache contents] could be abused under the threat model of AMD SEV." SEV, an  extension  to the AMD-V architecture and introduced in 2016, is designed to isolate VMs from the hypervisor by encrypting the me...
The Pirate Bay Runs on 21 "Raid-Proof" Virtual Machines To Avoids Detection

The Pirate Bay Runs on 21 "Raid-Proof" Virtual Machines To Avoids Detection

Sep 23, 2014
The Pirate Bay is the world's largest torrent tracker site which handles requests from millions of users everyday and is in the top 100 most visited websites on the Internet. Generally, The Pirate Bay is famous for potentially hosting illegal contents on its website. Despite years of persecution, it continues to disobey copyright laws worldwide. Even both the founders of The Pirate Bay (TPB) file exchange service were arrested by the authorities and are in prison, but their notorious pirated content exchange continues to receive millions of unique visitors daily. That's really Strange!! But how?? Recently, The Pirate Bay team has revealed how cloud technology made its service's virtual servers truly secure to avoid police raids and detection. While it doesn't own any physical servers, The Pirate Bay is working on " virtual machines " through a few commercial cloud hosting services, even without knowing that whom they are dealing with. According to Torren...
Unlocking Google Workspace Security: Are You Doing Enough to Protect Your Data?

Crowdstrike Named A Leader In Endpoint Protection Platforms

Nov 22, 2024Endpoint Security / Threat Detection
CrowdStrike is named a Leader in the 2024 Gartner® Magic Quadrant™ for Endpoint Protection Platforms for the fifth consecutive time, positioned highest on Ability to Execute and furthest to the right on Completeness of Vision.
Windows 9 Start Menu Demo Video Leaked Online

Windows 9 Start Menu Demo Video Leaked Online

Sep 13, 2014
After providing the glimpses of the next Windows, one of the screenshot leakers has now obtained a short video showing off a build of the very new Windows 9 , aka "Threshold , " features as well as how users can expect to use it. Two German sites, ComputerBase and WinFuture , posted 20 screenshots on Thursday of what purports to be next major version of Windows, presumably called Windows Threshold that Microsoft recently distributed to its partners, giving us a closer look at Microsoft's next platform. Now, there's a video on YouTube , provided by German publication WinFuture, which shows how the returning feature might work in the next iteration of the Operating System. As calculated from the screenshots, the video doesn't provide any major new information about Windows 9, but pretty much confirms what we expected. The video gives Windows' users a first look at the new Start menu in action. It also shows off three new features in Windows 9: ...
cyber security

The AppSec & R&D Playbook: How to Align Security and Innovation

websiteBackslashApplication Security
AppSec vs. R&D? Bridge the gap with clear steps to streamline workflows and foster collaboration.
Mysterious Avatar rootkit with API, SDK, and Yahoo Groups for C&C communication

Mysterious Avatar rootkit with API, SDK, and Yahoo Groups for C&C communication

May 02, 2013
Early 2012 ESET company a mysterious malware, dubbed the Avatar rootkit (Win32/Rootkit.Avatar), advertised in the underground forums by Russian cyber crime . " We present you here previously announced product. In connection with work on other projects, we moved the release date for the public from May to February 2013th 2012go.Now nuclear rootkit AVATAR is available for rental. " Despite the malware was described months ago it was not found and published until now, in March ESET researchers detected two droppers with different C&C servers and having different compilation time stamps as showed in the following pictures: The Avatar rootkit appears very sophisticated, it uses two different infection techniques, the first in the dropper so as to bypass detections by HIPS, and the second one in the rootkit driver to allow the malware to be alive after system reboot, the instance detected works only on x86 systems. The 2 level dropper for Avatar rootkit works in conjunct...
CVE-2012-4501 : Critical vulnerability warned in Cloudstack

CVE-2012-4501 : Critical vulnerability warned in Cloudstack

Oct 09, 2012
Citrix and the Apache Software Foundation have alerted users to a critical vulnerability in the CloudStack open source cloud infrastructure management software. The vulnerability affects all versions of Cloudstack prior to October 7, including the Citrix commercial version. Vulnerability could allow an attacker to take a number of unwanted actions, including deleting all of the virtual machines on a system. There are no known exploits at this time, Details of the issue were disclosed on Sunday. Cloudstack is one of the largest open source cloud infrastructure management systems together with OpenStack and Eucalyptus. Mitigation against the vulnerability is possible by logging into the Cloudstack MySQL database, disabling the system user and setting a random password. " The CloudStack PPMC was notified of a configuration vulnerability that exists in development versions of the Apache Incubated CloudStack project. This vulnerability allows a malicious user to execut...
Expert Insights / Articles Videos
Cybersecurity Resources