Good news ! Hackbusters community is waiting for you !  https://discuss.hackbusters.com
KnowBe4 has been running the HackBusters site for a few years now, providing you with trending IT security news. We are expanding it and have launched a new exciting online community! The forum is divided into four main topics or categories: Social Engineering, Ransomware, Phishing and Security Awareness Training. You are invited to be one of the first to join us at: https://discuss.hackbusters.com.

Russian exploit developer publicly disclosed VirtualBox zero-day vulnerability

Virtualbox-zero-day-vulnerability

An independent IT security researcher and exploit developer from Russia has publicly revealed a zero-day vulnerability in all versions of VirtualBox (VB) 5.2.20 and prior. VB is commonly used open source virtualization software that has been developed by Oracle.

According to the analysis of Sergey Zelenyuk, his exploit is hundred percent reliable and memory corruption issues are responsible for this zero-day vulnerability. It affects the Intel PRO / 1000 MT Desktop (82540EM) network card (E1000) if the network mode is set to Network Address Translation/NAT. The issue is prevailing in a shared code base of the virtualization software, which is available on literally all operating systems.

This vulnerability is not platform or OS specific primarily because it is present in a shared code base. Zelenyuk has also demonstrated the steps to follow for exploiting the vulnerability in a video. Through exploiting this flaw, an attacker can evade the virtual environment of a guest...(continued)

View All Trending Stories