Security news aggregator

Latest coverage for Virtualisation

Virtualisation security covers hypervisors, virtual machines, and isolated workloads, where flaws or misconfiguration can expose systems and data.

12 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Virtualisation uses software to divide or simulate computing resources so multiple isolated virtual machines (VMs) can share a physical host. Each VM can run its own operating system and applications; a hypervisor controls access to the host’s processors, memory, storage and devices. The term can also include virtual networks and storage, while containers provide a related but less isolated form of workload virtualisation.

Security depends on the hypervisor and its management plane being securely configured, patched and access-controlled. A hypervisor vulnerability or misconfiguration can expose data across VMs, and a VM escape can allow code running in one guest to reach the host or other guests. Virtual machine images, templates and snapshots may retain credentials or sensitive data and therefore require inventory, integrity checks, encryption and controlled retention. Network segmentation between virtual workloads should be enforced through explicit policies rather than assumed from virtual separation. These controls also support reliable investigation and recovery by preserving trustworthy images and records of administrative changes.

Volume over time

Weekly headline count for the current query.

Showing 12 most recent headlines Filtered view
Bank Info Security 3 months, 1 week ago

Breach Roundup: German Police Expose REvil, GandCrab Boss

Also, Medusa Ransomware, Grafana Flaw, German Political Party BreachThis week, German police unmasked a REvil leader, a critical Docker flaw, Medusa ransomware surged, DPRK hackers abused GitHub, Grafana AI bugs enabled data theft, scams hit $20B in the United States, Ivanti exploited and attacks hit Northern Ireland schools and a German political party.

Bank Info Security 5 months, 1 week ago

Docker AI Bug Lets Image Metadata Trigger Attacks

AI Assistant Executes Hidden Commands Embedded in Docker Image LabelsA vulnerability in Docker's Ask Gordon AI assistant allows attackers to execute malicious commands by hiding them in the container application development platform's image metadata, said security researchers. Dubbed DockerDash, the vulnerability exploits a failure across Docker's AI execution chain.

Bank Info Security 5 months, 2 weeks ago

Breach Roundup: Android RAT Hides Behind Hugging Face

Also, SmarterMail Flaw, Nike Breach Probe, Empire Market Co-Creator Pleads GuiltyThis week, researchers exposed an Android RAT abusing Hugging Face. Attackers exploited a SmarterMail flaw. Automakers raised cyber spending. CISA flagged a VMware bug. Microsoft patched Office. An Empire Market co-creator pleaded guilty. Nike probed a breach.

Bank Info Security 7 months, 1 week ago

Brickstorm Malware Hits US Critical Systems, CISA Warns

Chinese-Linked Malware Campaign Targets Critical Environments With Weak MonitoringU.S. and Canadian cyber authorities say Chinese state-backed actors used a backdoor dubbed BRICKSTORM to maintain long-term access into critical infrastructure, exploiting VMware environments to exfiltrate credentials and evade detection through encrypted covert channels.

Bank Info Security 9 months, 2 weeks ago

Breach Roundup: FTC Sues Sendit Over Kid's Data Collection

Also, Cyberattack Disrupts Asahi’s Japan Operations, Halts ProductionThis week, FTC sued Sendit, another Harrods breach, Allianz data breach and a cyberattack disrupted Asahi's Japan operations. WestJet disclosed data theft. Hackers targeted Kido Nursery chain, a VMware privilege escalation flaw was exploited as zero-day, DarkCloud infostealer resurfaced.

Bank Info Security 11 months, 3 weeks ago

Scattered Spider Exploiting VMware vSphere

Hacking Tactics Linked to Retail, Airline CompromisesThe loosely connected band of adolescent cybercriminals tracked as Scattered Spider has joined the VMware hypervisor hacking bandwagon, pivoting into virtual servers through corporate instances of Active Directory. vSphere integration with Active Directory adds a yet another layer of insecurity.

Bank Info Security 1 year, 2 months ago

Scattered Spider Linked to Marks & Spencer Hack

Retailer Continues to Recover From Ransomware IncidentBritish retailer Marks & Spencer was reportedly targeted by financial crime group Scattered Spider, who deployed ransomware on the company's VMware ESXi server. The retailer continues to recover from a cyber incident that disrupted operations in its online and offline stores.

Vulnerabilities Can Apparently Be Chained Together to Execute a Hypervisor EscapeBroadcom's VMware cloud infrastructure software division has issued updates to patch three actively exploited zero-day vulnerabilities in all supported versions of its ESXi hypervisor operating system, which can be used to escape from the hypervisor, in what's also known as a virtual machine escape.

UNC3886 Targeted Edge Devices for Persistence, Mandiant SaysA suspected Chinese hacking group used open-source rootkits to ensure persistence on compromised edge devices such as VMware ESXi servers for espionage campaigns, Google Mandiant said. The hacking group, which Mandiant tracks as UNC3886, is likely a Chinese threat group hacking for Beijing.

Bank Info Security 2 years, 6 months ago

NetScaler, Atlassian, VMWare Disclose Critical Flaws

Citrix NetScaler ADC and Gateway Bugs Exploited in the WildIT infrastructure mainstays including Netscaler, Atlassain and VMWare on Tuesday released fixes for vulnerabilities including some allowing malicious takeover of appliances. NetScaler warned customers Tuesday of two zero day vulnerabilities that researchers say are being exploited in the wild.

Bank Info Security 2 years, 7 months ago

Lazarus Exploits Log4Shell to Deploy Telegram-Based Malware

North Korean Hackers Deploy Novel Malware FamiliesNorth Korean hacking group Lazarus Group is exploiting Log4Shell to target manufacturing, agriculture and physical security sectors, resulting in the deployment of a tailored implant on compromised systems. The attack campaign targeted publicly accessible VMware Horizon servers.

Bank Info Security 2 years, 7 months ago

Why Broadcom Seeks 'Strategic Alternatives' for Carbon Black

Big Overlap With Symantec Makes Carbon Black Redundant, Though Buyers May Be SparseIt looks as if Carbon Black's days as part of Broadcom are numbered. Broadcom CEO Hock Tan told staff at newly acquired VMware in both an email and town hall meeting that he plans to "review strategic alternatives." The move comes just four years after VMware purchased Carbon Black for $2.1 billion.