Mitigate Spectre and Meltdown impact with vSphere ESXi

Meltdown-Spectre

As most of the folks in the IT, I’ve spent last couple of days researching about famous Spectre and Meltdown attacks and their possible impact to our infrastructure. These security flaws are especially bad, not only because they’ve been here for more than 2 decades, but mitigation comes with significant … Continue reading

Security issue after updating to vCenter 6.0

I did a crazy thing last week, I decided to update our vCenter appliance (VCSA) from version 5.5U3a to version 6.0 Update1 3040890. I was surprised how flawlessly it went. It was finished in couple of hours, “almost” everything was working as expected, so big success 🙂 Until users started … Continue reading

ALERT: VENOM Vulnerability CVE-2015-3456, Clouds Exposed!

alert

Crowdstrike disclosed a serious VM Escape vulnerability – codename VENOM, CVE-2015-3456 which has been around here since 2004. This one is especially serious because it is affecting the VMs in their default configuration and could be also affecting thousands of the VMs in cloud. This vulnerability may allow an attacker … Continue reading