Stay updated with breaking news from இமெ ராட். Get real-time updates on events, politics, business, and more. Visit us for reliable news and exclusive interviews.
Copy Google Compute Engine virtual machines can be hijacked and made to hand over root shell access via a cunning DHCP attack, according to security researcher Imre Rad. Though the weakness remains unpatched, there are some mitigating factors that diminish the potential risk. Overall, it s a pretty neat hack if a tad impractical: it s an Ocean s Eleven of exploitation that you may find interesting from a network security point of view. In a write-up on GitHub, Rad explains that attackers can take over GCE VMs because they rely on ISC DHCP software that uses a weak random number generator. A successful attack involves overloading a victim s VM with DHCP traffic so that it ends up using a rogue attacker-controlled metadata server, which can be on the same network or on the other side of the internet. The DHCP flood would typically come from a neighboring attacker-controlled system hosted within Google Cloud. ....
KVM flaw on AMD servers gave malicious VMs a route to take over the host theregister.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from theregister.com Daily Mail and Mail on Sunday newspapers.