Bigger than Heartbleed - 'Venom' Threatens Datacenters

Uploaded on 2015-06-08 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms, TECHNOLOGY--Resilience

A security research firm is warning that a new bug could allow a hacker to take over vast portions of a datacenter, from within. The zero-day vulnerability lies in a legacy common component in widely used virtualization software, allowing a hacker to infiltrate potentially every machine across a datacenter's network.

Most datacenters nowadays condense customers, including major technology companies and smaller firms, into virtualized machines, or multiple operating systems on one single server. Those virtualized systems are designed to share resources but remain as separate entities in the host hypervisor, which powers the virtual machines. 
 
Before Heartbleed: Worst vulnerabilities ever?
There have been some pretty bad vulnerabilities before Heartbleed. Is it really any more severe than CodeRed or Blaster?    
The cause is a widely ignored, legacy virtual floppy disk controller that, if sent specially crafted code, can crash the entire hypervisor. That can allow a hacker to break out of their own virtual machine to access other machines, including those owned by other people or companies.
    
The bug, found in open-source computer emulator QEMU, dates back to 2004. Many modern virtualization platforms, including Xen, KVM, and Oracle's VirtualBox, include the buggy code.
VMware, Microsoft Hyper-V, and Bochs hypervisors are not affected.

The flaw may be one of the biggest vulnerabilities found this year. It comes just over a year after the notorious Heartbleed bug, which allowed malicious actors to grab data from the memory of servers running affected versions of the open-source OpenSSL encryption software.
"Heartbleed lets an adversary look through the window of a house and gather information based on what they see," said Geffner, using an analogy. "Venom allows a person to break in to a house, but also every other house in the neighborhood as well."
Geffner said that the company worked with software makers to help patch the bug. As many companies offer their own hardware and software, patches can be applied to thousands of affected customers without any downtime.

To take advantage of the flaw, a hacker would have to gain access to a virtual machine with high or "root" privileges of the system. Geffner warned that it would take little effort to rent a virtual machine from a cloud computing service to exploit the hypervisor from there.

Dan Kaminsky, a veteran security expert and researcher, said in an email that the bug went unnoticed for more than a decade because almost nobody looked at the legacy disk drive system, which happens to be in almost every virtualization software.

ZD Net:  

« US Calls for Cyber Reform After Massive Hack
Nasdaq Bets on Bitcoin's Future »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

Clifford Chance

Clifford Chance

Clifford Chance are one of the world's pre-eminent law firms with resources across five continents. Practice areas include Cyber Security & Information Protection

Fortinet

Fortinet

Fortinet is a provider of network security systems. Our products provide protection against dynamic security threats while simplifying the IT security infrastructure.

CyberVista

CyberVista

CyberVista is a cybersecurity training education and workforce development company. Our mission is to eliminate the skills gap by creating job ready professionals.

exceet Secure Solutions

exceet Secure Solutions

exceet Secure Solutions is your experienced specialist for Internet of Things (IoT), Heath Telematics, electronic signatures and timestamps and IT security.

ValidSoft

ValidSoft

ValidSoft is a security software company, providing telecommunications-based multi-factor authentication, identity and transaction verification technology.

Rubrik

Rubrik

Rubrik helps enterprises achieve data control to drive business resiliency, cloud mobility, and regulatory compliance.

Hex-Rays

Hex-Rays

Founded in 2005, privately held, Belgium based, Hex-Rays SA focuses on the development of fast, stable, and robust binary analysis tools for the IT security market.

SandboxAQ

SandboxAQ

SandboxAQ is an enterprise SaaS company combining AI + Quantum tech to solve hard problems impacting society.

Information Technology Solutions (ITS)

Information Technology Solutions (ITS)

Information Technology Solutions is a single source provider for managing and securing mission-critical IT services.

RankedRight

RankedRight

RankedRight empowers security teams to take immediate action on their most critical risks.

ANY.RUN

ANY.RUN

ANY.RUN is an interactive online malware analysis service created for dynamic as well as static research of multiple types of cyber threats.

LOCH Technologies

LOCH Technologies

LOCH Wireless Machine Vision platform delivers next generation cybersecurity, performance monitoring, and cost management for all 5G and for broad-spectrum IoT, IoMT and OT wireless environments.

Synagex

Synagex

Synagex Modern IT is a simple IT and cybersecurity solution for businesses.

Endari

Endari

Endari specializes in building cybersecurity maturity within the operational DNA of early-stage startups and SMBs.

Black Duck Software

Black Duck Software

Black Duck (formerly the Synopsys Software Integrity Group) is the market leader in application security testing (AST).

Upwind Security

Upwind Security

Upwind delivers comprehensive cloud security, precisely when and where it’s most critical.