Security News
VMWare has made Workstation Pro and Fusion Pro free for personal use, allowing home users and students to set up their own virtualized test labs and play with another operating system at little to no cost. We have some good news for a change, with VMware announcing yesterday that VMware Workstation Pro and Fusion Pro are now free for personal use.
Multiple security flaws have been disclosed in VMware Workstation and Fusion products that could be exploited by threat actors to access sensitive information, trigger a denial-of-service (DoS)...
VMware fixed four security vulnerabilities in the Workstation and Fusion desktop hypervisors, including three zero-days exploited during the Pwn2Own Vancouver 2024 hacking contest. Theori security researchers Gwangun Jung and Junoh Lee also went home with $130,000 in cash for escaping a VMware Workstation VM to gain code execution as SYSTEM on the host Windows OS using an exploit chain targeting three vulnerabilities: an uninitialized variable bug, a UAF weakness, and a heap-based buffer overflow.
Chilean data center and hosting provider IxMetro Powerhost has suffered a cyberattack at the hands of a new ransomware gang known as SEXi, which encrypted the company's VMware ESXi servers and backups. On Monday, PowerHost's Chile division, IxMetro, warned customers that it suffered a ransomware attack early Saturday morning that encrypted some of the company's VMware ESXi servers that are used to host virtual private servers for customers.
Chilean data center and hosting provider IxMetro Powerhost has suffered a cyberattack at the hands of a new ransomware gang known as SEXi, which encrypted the company's VMware ESXi servers and backups. On Monday, PowerHost's Chile division, IxMetro, warned customers that it suffered a ransomware attack early Saturday morning that encrypted some of the company's VMware ESXi servers that are used to host virtual private servers for customers.
VMware has fixed four vulnerabilities in ESXi, Workstation, Fusion and Cloud Foundation, some of which could allow attackers to escape the sandbox and execute code on the host machine. VMware ESXi is a bare-metal hypervisor, VMware Workstation and Fusion are desktop hypervisors, and VMware Cloud Foundation is a hybrid cloud platform.
Hypervisor heavyweight VMware by Broadcom yesterday revealed its hypervisors are not quite so inviolable as it might like. The nastiest two - CVE-2024-22252 and 22253 - are rated 9.3/10 on VMware's Workstation and Fusion desktop hypervisors and 8.4 on the ESXi server hypervisor.
VMware released security updates to fix critical sandbox escape vulnerabilities in VMware ESXi, Workstation, Fusion, and Cloud Foundation products, allowing attackers to escape virtual machines and access the host operating system.These types of flaws are critical as they could permit attackers to gain unauthorized access to the host system where a hypervisor is installed or access other virtual machines running on the same host, breaching their isolation.
VMware has released patches to address four security flaws impacting ESXi, Workstation, and Fusion, including two critical flaws that could lead to code execution. Tracked as CVE-2024-22252 and...
Cybersecurity researchers have discovered a new Linux variant of a remote access trojan (RAT) called BIFROSE (aka Bifrost) that uses a deceptive domain mimicking VMware. "This latest version of...