Jump to content
Sign in to follow this  
skok

VMware Confirms Hacker Leaked Source Code For ESX Hypervisor !!!

Recommended Posts

Πηγή : http://www.darkreading.com/cloud-security/167901092/security/application-security/232900971/vmware-confirms-hacker-leaked-source-code-for-esx-hypervisor.html

http://vmblog.com/archive/2012/04/24/vmware-warns-of-esx-hypervisor-source-code-leak.aspx

http://www.computerworld.com/s/article/9226581/VMware_downplays_leaks_of_source_code

http://threatpost.com/en_us/blogs/e-mail-source-code-vmware-bubbles-compromised-chinese-firm-042412

Οπως ανακοίνωσε και επίσημα η VMWare στο http://blogs.vmware.com/security/2012/04/vmware-security-note.html στις 23/4 κάποιος hacker έβγαλε online μέρος source code του

ESX Hypervisor αλλά είπαν ότι είναι του 2003 /2004 :

"Yesterday, April 23, 2012, our security team became aware of the public posting of a single file from the VMware ESX source code and the possibility that more files may be posted in the future. The posted code and associated commentary dates to the 2003 to 2004 timeframe.

The fact that the source code may have been publicly shared does not necessarily mean that there is any increased risk to VMware customers. VMware proactively shares its source code and interfaces with other industry participants to enable the broad virtualization ecosystem today. We take customer security seriously and have engaged internal and external resources, including our VMware Security Response Center, to thoroughly investigate. We will continue to provide updates to the VMware community if and when additional information is available.

Iain Mulholland
Director, VMware Security Response Center"

Οπως αναφέρετε στο http://threatpost.com/en_us/blogs/e-mail-source-code-vmware-bubbles-compromised-chinese-firm-042412 και στο http://www.ehackingnews.com/2012/04/anonymous-hacker-hardcorecharle-leaked.html  o Anonymous Hacker 'HardcoreCharlie' αναφέρει σε IRC tweets ότι κατέχει 300 MB από το VMWare source code και θα τα ανακοινώσει.

Το κομμάτι του VMWare source code έγινε post στο Pastebin από LulzSec-related hacker "Hardcore Charlie" στις 8/4.

Οπως ανάφερε ο Paul Roberts, blogger στα Kaspersky Lab's ThreatPost http://betanews.com/2012/04/25/vmware-source-code-leak-it-equivalent-of-the-deepwater-horizon-oil-spill/:

"calls the breach the "IT equivalent of the Deepwater Horizon oil spill disaster", pointing to the fact that VMware itself cannot rule out that its own source code repository may have been hacked."

Γιατί μου θυμίζει το hack αυτό, ότι έγινε στο Sony Network που στην αρχή πήγαν να το υποβαθμίζουν ...και μετά δεν ήξεραν που και τι πήραν ...

Νο Comments !!!

VMware source code leak: 'IT equivalent of the Deepwater Horizon oil spill'

Deepwater-Horizon-burns.png

Share this post


Link to post
Share on other sites
Sign in to follow this  

×
×
  • Create New...