Wanted to talk a bit more about the VM escape. This would be something the only logging would have exposed in your enterprise. This is exposing a zero-day attack. Something that the vendor has not found as a miss in the code. The attacker has weaponized it; meaning that they have created a script to be able to repeat the attack sequence. The reason for the repeatability is the attack does not alway work on the first try or does the computer alway survive the attack.
The second item is we will have a speaker series from the MIS school the night of April 6th. For that reason I will not have a class on April 6th. The invite has been sent out to the students of both Wade’s class and my class. If anyone is interested that has not gotten the invite please let me know. The session will be held in the Alter Building, but we need to get you onto the list.
In The News:
- WikiLeaks Dumps Docs on CIA’s Hacking Tools
- WHILE MY SMART TV GENTLY WEEPS
- This one is something to keep up on as further developments hit.
- Zero-Day was high on the hit list in this thread.
- Virtual machine escape fetches $105,000 at Pwn2Own hacking contest [updated]
- Drive-by hits MS Edge, Breaks Hypervisor, hits Host