skok Posted April 26, 2012 Report Share Posted April 26, 2012 Πηγή : http://www.darkreading.com/cloud-security/167901092/security/application-security/232900971/vmware-confirms-hacker-leaked-source-code-for-esx-hypervisor.html http://vmblog.com/archive/2012/04/24/vmware-warns-of-esx-hypervisor-source-code-leak.aspx http://www.computerworld.com/s/article/9226581/VMware_downplays_leaks_of_source_code http://threatpost.com/en_us/blogs/e-mail-source-code-vmware-bubbles-compromised-chinese-firm-042412 Οπως ανακοίνωσε και επίσημα η VMWare στο http://blogs.vmware.com/security/2012/04/vmware-security-note.html στις 23/4 κάποιος hacker έβγαλε online μέρος source code του ESX Hypervisor αλλά είπαν ότι είναι του 2003 /2004 : "Yesterday, April 23, 2012, our security team became aware of the public posting of a single file from the VMware ESX source code and the possibility that more files may be posted in the future. The posted code and associated commentary dates to the 2003 to 2004 timeframe.The fact that the source code may have been publicly shared does not necessarily mean that there is any increased risk to VMware customers. VMware proactively shares its source code and interfaces with other industry participants to enable the broad virtualization ecosystem today. We take customer security seriously and have engaged internal and external resources, including our VMware Security Response Center, to thoroughly investigate. We will continue to provide updates to the VMware community if and when additional information is available. Iain MulhollandDirector, VMware Security Response Center" Οπως αναφέρετε στο http://threatpost.com/en_us/blogs/e-mail-source-code-vmware-bubbles-compromised-chinese-firm-042412 και στο http://www.ehackingnews.com/2012/04/anonymous-hacker-hardcorecharle-leaked.html o Anonymous Hacker 'HardcoreCharlie' αναφέρει σε IRC tweets ότι κατέχει 300 MB από το VMWare source code και θα τα ανακοινώσει. Το κομμάτι του VMWare source code έγινε post στο Pastebin από LulzSec-related hacker "Hardcore Charlie" στις 8/4. Οπως ανάφερε ο Paul Roberts, blogger στα Kaspersky Lab's ThreatPost http://betanews.com/2012/04/25/vmware-source-code-leak-it-equivalent-of-the-deepwater-horizon-oil-spill/: "calls the breach the "IT equivalent of the Deepwater Horizon oil spill disaster", pointing to the fact that VMware itself cannot rule out that its own source code repository may have been hacked." Γιατί μου θυμίζει το hack αυτό, ότι έγινε στο Sony Network που στην αρχή πήγαν να το υποβαθμίζουν ...και μετά δεν ήξεραν που και τι πήραν ... Νο Comments !!! VMware source code leak: 'IT equivalent of the Deepwater Horizon oil spill' Link to comment Share on other sites More sharing options...
Recommended Posts