• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • April 11th, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Security

Notion of Cloud’s Unmatched Security Shattered by ‘Venom’ vulnerability

May 14th, 2015 Waqas Security 0 comments
Notion of Cloud’s Unmatched Security Shattered by ‘Venom’ vulnerability
Share on FacebookShare on Twitter

The CrowStrike researchers discovered that any attacker can burst out of specific virtual machines and exploit whatever is running nearby — The most disturbing fact revealed is that a portion of cloud-hosted network may also be running on that same system.

This revelation nullifies the claim that these vessels are extremely strong and protective.

A critical security flaw has been discovered that allow attackers to access virtual machines freely.

Jason Geffner and a team of researchers at CrowdStrike, an Irvine, California-based security firm, reported the detection of the zero-day vulnerability. Zero-day vulnerability means a previously identified computer bug has been identified within a common virtual machine medium.

notion-of-clouds-unmatched-security-shattered-by-venom-vulnerability-2

Image Source: crowdstrike.com

Virtual machines are actually computers that are simulated within computers and prevent the networks on these machines from impacting each other. Virtual machines are definitely an efficient method to manage massive computer resources at the same time keeping them secure and isolated.

The bug has been named “Venom” which is an abbreviation of “virtualized environment neglected operations manipulation.” Researchers state that this bug affects a technology called hypervisor. This basically controls and coordinates the system that is being controlled by virtual machines.

Venom affects Quick Emulator/QEMU, which is a decades-old, open-source and free hypervisor. It is used in numerous common virtualization products such as KVM (or “kernel-based virtual machine”), Xen hypervisors, the native QEMU client and Oracle VM VirtualBox. On the other hand, the products that don’t get affected are Microsoft Hyper-V and EMC-owned VMWare VMW -0.25%.

notion-of-clouds-unmatched-security-shattered-by-venom-vulnerability

Venom Graph Image Source: crowdstrike.com

According to Jason Geffner, CrowdStrike’s senior security researcher who actually identified this flaw, “this destroys the isolation myth that you can have something run a virtual machine and have it be isolated from everything else. This bug lets you escape a container and get into all other containers. Even if you don’t use these services directly, the chances are that accounts which store your personal data run these products.”

CrowdStrike assessed that Venom could put countless organizations and tens of thousands of users at risk.

Geffner states: “With Venom, you’re able to break out of a virtual machine on a system and get access to other data on that system’s network” and the attackers may exploit it to “execute whatever code they like” simply by overwriting sensitive portions of a machine’s memory.

As a long-term remedy, Dan Kaminsky, White Ops security firm co-founder and researcher, suggests that users should tell their cloud service providers that they only will allow sharing of workflow with people within the company or the domain. It is important to isolate the hardware “if you have this sort of bug that can jump from their little piece of a server to your little piece of a serve. The best way to avoid that is to not have anyone else on your server.” He says that it definitely “costs more, but you’re basically outbidding your attackers

CrowdStrike, says Geffner, has alerted all the major software merchants that utilize this risky QEMU code and the team is working closely with them to resolve the issue.

Geffner hopes and expects that “the good guys are able to patch their systems before the bad guys get access to it.”

[src src=”source” url=”http://venom.crowdstrike.com/”]Crowd Strike[/src]

  • Tags
  • cloud
  • Computers
  • security
  • Venom
  • Vulnerability
Facebook Twitter LinkedIn Pinterest
Previous article US House Votes to end NSA' bulk phone data collection
Next article Researcher claims Starbucks mobile app got hacked, credit card data stolen
Waqas

Waqas

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Related Posts
2 scraped LinkedIn databases with 500m and 827m records sold online

2 scraped LinkedIn databases with 500m and 827m records sold online

Unpatched vulnerable VPN servers hit by Cring ransomware

Unpatched vulnerable VPN servers hit by Cring ransomware

Microsoft Exchange server, Teams, Zoom, Chrome pwned at Pwn2Own

Microsoft Exchange server, Teams, Zoom, Chrome pwned at Pwn2Own

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
2 scraped LinkedIn databases with 500m and 827m records sold online
Cyber Crime

2 scraped LinkedIn databases with 500m and 827m records sold online

Facebook ads dropped malware posing as Clubhouse app for PC
News

Facebook ads dropped malware posing as Clubhouse app for PC

Hackers leak data, 600k card info from Swarmshop cybercrime forum
Cyber Crime

Hackers leak data, 600k card info from Swarmshop cybercrime forum

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us