Skip to main content
Tag

vulnerability

“My IT company handles my security.” The importance of verification.

By Cybersecurity No Comments

If you have a managed service provider (MSP) you are already doing the right thing. We have written in the past that in business, it is a good idea to stick with what you are good at and pay someone else for specialties work. You pay for lawyers.  you pay for accountants.  Pay for IT in the same way.  But just as with all of those professions, it pays to periodically check on your MSP to make sure they are doing the job that you are paying them to do. What am I paying for? Many MSPs will help set your…

Read More

VM Vulnerability: VENOM

By Cybersecurity No Comments

A new zero-day exploit has been discovered by Jason Geffner, a Senior Security Researcher at CrowdStrike, and its target is the virtual data center.  VENOM (short for Virtualized Environment Neglected Operations Manipulation) allows a malicious user to send a command to their own virtual instance that will cause it to crash and open the door for exploitation of the entire hypervisor and connected network.  This means that the attacker could gain full bare metal control of other companies’ virtual machines, if they’re hosted in the same virtual data center or cloud.  The command targets a commonly ignored component of most virtual machines -the legacy floppy disk…

Read More