Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://swecyb.com/users/nopatience/statuses/114105929239738740">Christoffer S. (nopatience@swecyb.com)'s status on Wednesday, 05-Mar-2025 05:01:31 JST</a><a href="https://swecyb.com/@nopatience" title="nopatience@swecyb.com"><img src="https://gnusocial.jp/avatar/153738-48-20250323164920.webp" width="48" height="48" alt="Christoffer S." style="position: absolute; left: 0; top: 0;">Christoffer S.</a><div><ul><li><li><a href="https://gnusocial.jp/user/92418" title="dangoodin@infosec.exchange">Dan Goodin</a></li></ul></div></section><article><p><a href="https://cyberplace.social/@GossiTheDog">@GossiTheDog</a> <a href="https://infosec.exchange/@dangoodin">@dangoodin</a> </p><p>If you perhaps remember the attack against TietoEvry in Sweden... there has been speculation that it was executed because of exactly this.</p><p>Attacker escaped from VM into the entire VMware cluster... which led to pretty much a full compromise of the entire datacenter.</p><p>Now it's NOT KNOWN whether this was the actual flaw that led to the successful attack, but it certainly is a very plausible (and viable) vector.</p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/4672334#notice-9151229">In conversation</a><time datetime="2025-03-05T05:01:31+09:00" title="Wednesday, 05-Mar-2025 05:01:31 JST">about 4 months ago</time> <span>from <span><a href="https://gnusocial.jp/notice/9151229" rel="external" title="Sent from gnusocial.jp via ActivityPub">gnusocial.jp</a></span></span><a href="https://gnusocial.jp/notice/9151229">permalink</a></footer></blockquote>

Corresponding Notice

Embed this notice
Christoffer S. (nopatience@swecyb.com)'s status on Wednesday, 05-Mar-2025 05:01:31 JSTChristoffer S.
- Kevin Beaumont
- Dan Goodin
@GossiTheDog @dangoodin
If you perhaps remember the attack against TietoEvry in Sweden... there has been speculation that it was executed because of exactly this.
Attacker escaped from VM into the entire VMware cluster... which led to pretty much a full compromise of the entire datacenter.
Now it's NOT KNOWN whether this was the actual flaw that led to the successful attack, but it certainly is a very plausible (and viable) vector.
In conversationabout 4 months ago from gnusocial.jppermalink

Public

Embed Notice

HTML Code

Corresponding Notice