Session to Address Vulnerability That May Allow a vSphere User to Take Over Data Center Guest Machines
Jul 19, 2017, 08:50 ET
SAN FRANCISCO and TEL AVIV, Israel, July 19, 2017 /PRNewswire/ -- GuardiCore, a leader in internal data center and cloud security, today announced it would unveil a significant vulnerability affecting all recent VMware vSphere versions including 6.5, 6.0, 5.5 and provide mitigation at the upcoming Black Hat USA 2017.
In his session entitled, Escalating Insider Threats Using VMware's API, scheduled for July 27, 9:00 AM, Ofri Ziv, Head of GuardiCore Labs, will unveil a vulnerability in the VMware vSphere platform, today's number one data center virtualization solution. A malicious actor can break the security model of host-guest isolation - crucial for compliance and defense - and gain root privileges on guest machines. As part of his session, Ziv will demo the attack and show how this vulnerability can be mitigated. GuardiCore Labs reported the issue to VMware on May 27, 2017 and a security advisory will be released by VMware after the Black Hat session.
"Today's dynamic and virtualized environments present evolving security challenges and demand strict attention to policy and infrastructure management," said Ziv. "Through the VMware example, we hope to shed light on the continued importance of monitoring and enforcing privileges in the modern data center."
GuardiCore Labs is a global cyber security research team that conducts in-depth research and analysis, providing the security industry with actionable insights into the latest and most advanced threats facing data centers and clouds. GuardiCore Labs delivers cutting-edge breach detection and response methodologies to help GuardiCore customers continually enhance their security posture to protect critical business applications and infrastructure. GuardiCore Labs' recent, high-profile threat discoveries include the Bondnet botnet used to mine different cryptocurrencies, a variant of the MongoDB ransomware attack targeting MySQL databases, the Trojan.sysscan malware and the Infection Monkeythat was presented at Black Hat 2016.
GuardiCore is an innovator in internal data center and cloud security focused on delivering more accurate and effective ways to stop advanced threats through real-time breach detection and response. Developed by the top cyber security experts in their field, GuardiCore is changing the way organizations are fighting cyber attacks in their data centers. For more information, visit www.guardicore.com.