Server security: a poisonous threat

After heartbleed, a breakthrough new vulnerability has emerged in some of the world’s leading virtualization platforms, powering millions of VPS hosting contracts, virtual private servers, and shared hosting. This is Virtualized Environment Neglected Operations Manipulations (VENOM, English poison), which allows those who know how to exploit it to control of not only the virtual machine affected by the bug but also all those on the same hypervisor. By analogy, if someone with Heartbleed had the chance to enter your home and take possession of it, now VENOM can take control of your home and neighborhood.

Read more