Showing posts sorted by relevance for query VMware. Sort by date Show all posts
Showing posts sorted by relevance for query VMware. Sort by date Show all posts

VMware Confirmed: The Source Code of ESX kernel Was Indeed Stolen By Hackers

Posted by Avik Sarkar On 11/07/2012 04:12:00 am

VMware Confirmed: The Source Code of ESX kernel Was Indeed Stolen By Hackers

VMware, the global leader in virtualization and cloud infrastructure again faced cyber attack. Earlier in this year a hacker named "Hardcore Charlie" had stolen files from its ESX server hypervisor source code has been posted online. In that attack the hacker managed to steal more than 300MB source code of  VMWare products. Here also after 6 months another hacker named Stun (57UN) claiming to be affiliated with hacker collective Anonymous managed to hack the source code of VMware's ESX kernel. Immediately after the breach the hacker tweeted a link to a torrent site hosting the stolen VMkernel source code. In their official blog post VMware director of platform security Iain Mulholland acknowledged the breach on Sunday and confirmed the source code was indeed stolen. But VMware also confirmed that leaked is source code that dates back to 1998-2004 which was previously leaked Hardcore Charlie. VMware also said that it is investigating what actions to take next. The torrent file posted by 57UN is leading to download you the source code of VMware ESX, that is sized almost 2MB
In a security note VMware said- "our security team became aware of the public posting of VMware ESX source code dating back to 2004. This source code is related to the source code posted publicly on April 23, 2012. It is possible that more related files will be posted in the future. We take customer security seriously and have engaged our VMware Security Response Center to thoroughly investigate. Ensuring customer security is our top priority. As a matter of best practices with respect to security, VMware strongly encourages all customers to apply the latest product updates and security patches made available for their specific environment. We also recommend customers review our security hardening guides. By applying the combination of the most current product updates and the relevant security patches, we believe our customer environments will be best protected. As is our practice, VMware will continue to assess any further security risks, and will provide recommendations and updates here as appropriate..." VMware also encouraged its customers to view the May 3, 2012 security patch information as a resource.

While talking about source code leak, we want to remind you that couple of months ago this hacker (57UN) stolen the source code of Skype. Also earlier in 2012 another hacker group named  The Lords of Dharmaraja has managed to steal the source code of Norton Symantec





SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

VMware Announces The Availability of VMware Workstation™ 9 (Download Free Trial)

Posted by Avik Sarkar On 9/04/2012 03:34:00 pm

VMware Announces The Availability of VMware Workstation™ 9 (Download Free Trial)

The global leader in virtualization and cloud infrastructure, VMware globally announced the general availability of its Workstation Version 9, the latest version of its award-winning personal virtualization software. VMware Workstation 9 delivers best-in-class Windows 8 support and innovative new features that transform the way technical professionals work with virtual machines whether they reside on the PC or on enterprise private clouds.  “For over a decade we have consistently delivered innovative new technologies with each Workstation release and Workstation 9 continues this tradition,” said Vittorio Viarengo, vice president, End-User Computing, VMware. “Workstation 9 brings the power of VMware virtualization to any IT professional desk and enables them to leverage the latest evolution of operating systems, processors and other technologies to be more productive and effective.”

Key  features in VMware Workstation 9 include:-
  • Windows 8 Support– Easy install simplifies the task of creating virtual machines for Windows 8 that can run simultaneously with a variety of legacy operating systems. Unity mode intelligently works with Windows 8 applications, and multi-touch support ensures a true Windows 8 experience. 
  • More Powerful Virtual Machines – Faster startup performance, USB 3.0 support for Windows 8 virtual machines, Intel™ Ivy Bridge compatibility, more powerful virtualization extensions, virtual performance counters, support for OpenGL 2.1 on Linux and improved 3D graphics performance make running highly demanding applications simple and efficient.
  • Increased Mobility – A new Web interface allows access to virtual machines running in Workstation or on VMware vSphere® from tablets, smart phones, laptops or desktop PCs.  This high performance, Web-based interface delivers a native desktop experience and does not require flash or browser-based plug-ins.
  • Restricted Virtual Machines – IT administrators and instructors can create virtual machines and configure them to prevent employees or students from dragging and dropping files between virtual and physical desktops, attaching devices, or tampering with the virtual machine settings.  Once restrictions are configured, the virtual machines can be encrypted and distributed to run on Mac, Windows, or Linux PCs with VMware Fusion® 5 Professional, Workstation 9, or VMware Player™ 5.
  • Better 3D Graphics- With faster 3D graphics and support for DirectX 9.0c Shader Model 3 and OpenGL 2.1 3D graphics in a Windows and now Linux virtual machine, VMware Workstation easily handles demanding 3D applications like AutoCAD, Solidworks, and many current games.

To know detailed information about VMware Workstation 9 click Here. To Download a free trial Click Here.


-Source (VMware)








SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Metasploit 4.2.0 Released With IPv6 Support & Virtualization Target Coverage

Posted by Avik Sarkar On 2/24/2012 10:32:00 pm

Metasploit 4.2.0 Released With IPv6 Support & Virtualization Target Coverage
Earlier we haev discussed many times about one of the most famous and widely used exploitation framework named Metasploit. Yet again the Rapid 7 released another updated version of Metasploit. This update brings Metasploit to version 4.2.0, adding IPv6 support and virtualization target coverage. You'll also notice a new Product News section and update notification for our weekly updates. Since the last major release (4.1.0), added 54 new exploits, 66 new auxiliary modules, 43 new post-exploitation modules, and 18 new payloads. 
Brief About Metasploit:- 
The Metasploit Framework is a penetration testing toolkit, exploit development platform, and research tool. The framework includes hundreds of working remote exploits for a variety of platforms. Payloads, encoders, and nop slide generators can be mixed and matched with exploit modules to solve almost any exploit-related task.
Module Changes:-
  •     Novell eDirectory eMBox Unauthenticated File Access
  •     JBoss Seam 2 Remote Command Execution
  •     NAT-PMP Port Mapper
  •     TFTP File Transfer Utility
  •     VMWare Power Off Virtual Machine
  •     VMWare Power On Virtual Machine
  •     VMWare Tag Virtual Machine
  •     VMWare Terminate ESX Login Sessions
  •     John the Ripper AIX Password Cracker
  •     7-Technologies IGSS 9 IGSSdataServer.exe DoS
  •     Microsoft IIS FTP Server <= 7.0 LIST Stack Exhaustion
  •     DNS and DNSSEC fuzzer
  •     CheckPoint Firewall-1 SecuRemote Topology Service Hostname Disclosure
  •     CorpWatch Company ID Information Search
  •     CorpWatch Company Name Information Search
  •     General Electric D20 Password Recovery
  •     NAT-PMP External Address Scanner
  •     Shodan Search
  •     H.323 Version Scanner
  •     Drupal Views Module Users Enumeration
  •     Ektron CMS400.NET Default Password Scanner
  •     Generic HTTP Directory Traversal Utility
  •     Microsoft IIS HTTP Internal IP Disclosure
  •     Outlook Web App (OWA) Brute Force Utility
  •     Squiz Matrix User Enumeration Scanner
  •     Sybase Easerver 6.3 Directory Traversal
  •     Yaws Web Server Directory Traversal
  •     OKI Printer Default Login Credential Scanner
  •     MSSQL Schema Dump
  •     MYSQL Schema Dump
  •     NAT-PMP External Port Scanner
  •     pcAnywhere TCP Service Discovery
  •     pcAnywhere UDP Service Discovery
  •     Postgres Schema Dump
  •     SSH Public Key Acceptance Scanner
  •     Telnet Service Encyption Key ID Overflow Detection
  •     IpSwitch WhatsUp Gold TFTP Directory Traversal
  •     VMWare ESX/ESXi Fingerprint Scanner
  •     VMWare Authentication Daemon Login Scanner
  •     VMWare Authentication Daemon Version Scanner
  •     VMWare Enumerate Permissions
  •     VMWare Enumerate Active Sessions
  •     VMWare Enumerate User Accounts
  •     VMWare Enumerate Virtual Machines
  •     VMWare Enumerate Host Details
  •     VMWare Web Login Scanner
  •     VMWare Screenshot Stealer
  •     Capture: HTTP JavaScript Keylogger
  •     Oracle DB SQL Injection via SYS.DBMS_CDC_SUBSCRIBE.ACTIVATE_SUBSCRIPTION
  •     Asterisk Manager Login Utility
  •     FreeBSD Telnet Service Encryption Key ID Buffer Overflow
  •     Linux BSD-derived Telnet Service Encryption Key ID Buffer Overflow
  •     Java Applet Rhino Script Engine Remote Code Execution
  •     Family Connections less.php Remote Command Execution
  •     Gitorious Arbitrary Command Execution
  •     Horde 3.3.12 Backdoor Arbitrary PHP Code Execution
  •     OP5 license.php Remote Command Execution
  •     OP5 welcome Remote Command Execution
  •     Plone and Zope XMLTools Remote Command Execution
  •     PmWiki <= 2.2.34 pagelist.php Remote PHP Code Injection Exploit
  •     Support Incident Tracker <= 3.65 Remote Command Execution
  •     Splunk Search Remote Code Execution
  •     Traq admincp/common.php Remote Code Execution
  •     vBSEO <= 3.6.0 proc_deutf() Remote PHP Code Injection
  •     Mozilla Firefox 3.6.16 mChannel Use-After-Free
  •     CTEK SkyRouter 4200 and 4300 Command Execution
  •     Adobe Flash Player MP4 SequenceParameterSetNALUnit Buffer Overflow
  •     Icona SpA C6 Messenger DownloaderActiveX Control Arbitrary File Download and Execute
  •     HP Easy Printer Care XMLCacheMgr Class ActiveX Control Remote Code Execution
  •     Viscom Image Viewer CP Pro 8.0/Gold 6.0 ActiveX Control
  •     Java MixerSequencer Object GM_Song Structure Handling Vulnerability
  •     MS05-054 Microsoft Internet Explorer JavaScript OnLoad Handler Remote Code Execution
  •     MS12-004 midiOutPlayNextPolyEvent Heap Overflow
  •     Viscom Software Movie Player Pro SDK ActiveX 6.8
  •     Adobe Reader U3D Memory Corruption Vulnerability
  •     Aviosoft Digital TV Player Professional 1.0 Stack Buffer Overflow
  •     BS.Player 2.57 Buffer Overflow
  •     CCMPlayer 1.5 m3u Playlist Stack Based Buffer Overflow
  •     Free MP3 CD Ripper 1.1 WAV File Stack Buffer Overflow
  •     McAfee SaaS MyCioScan ShowReport Remote Command Execution
  •     Mini-Stream RM-MP3 Converter v3.1.2.1 PLS File Stack Buffer Overflow
  •     MS11-038 Microsoft Office Excel Malformed OBJ Record Handling Overflow
  •     Ability Server 2.34 STOR Command Stack Buffer Overflow
  •     AbsoluteFTP 1.9.6 - 2.2.10 LIST Command Remote Buffer Overflow
  •     Serv-U FTP Server < 4.2 Buffer Overflow
  •     HP OpenView Network Node Manager ov.dll _OVBuildPath Buffer Overflow
  •     XAMPP WebDAV PHP Upload
  •     Avid Media Composer 5.5 - Avid Phonetic Indexer Buffer Overflow
  •     Citrix Provisioning Services 5.6 SP1 Streamprocess Opcode 0x40020000 Buffer Overflow
  •     HP Diagnostics Server magentservice.exe Overflow
  •     StreamDown 6.8.0 Buffer Overflow
  •     Wireshark console.lua Pre-Loading Script Execution
  •     Oracle Job Scheduler Named Pipe Command Execution
  •     SCADA 3S CoDeSys CmpWebServer <= v3.4 SP4 Patch 2 Stack Buffer Overflow
  •     Sunway Forcecontrol SNMP NetDBServer.exe Opcode 0x57
  •     OpenTFTP SP 1.4 Error Packet Overflow
  •     AIX Gather Dump Password Hashes
  •     Linux Gather Saved mount.cifs/mount.smbfs Credentials
  •     Multi Gather VirtualBox VM Enumeration
  •     UNIX Gather .fetchmailrc Credentials
  •     Multi Gather VMWare VM Identification
  •     UNIX Gather .netrc Credentials
  •     Multi Gather Mozilla Thunderbird Signon Credential Collection
  •     Multiple Linux / Unix Post Sudo Upgrade Shell
  •     Windows Escalate SMB Icon LNK dropper
  •     Windows Escalate Get System via Administrator
  •     Windows Gather RazorSQL Credentials
  •     Windows Gather File and Registry Artifacts Enumeration
  •     Windows Gather Enumerate Computers
  •     Post Windows Gather Forensics Duqu Registry Check
  •     Windows Gather Privileges Enumeration
  •     Windows Manage Download and/or Execute
  •     Windows Manage Create Shadow Copy
  •     Windows Manage List Shadow Copies
  •     Windows Manage Mount Shadow Copy
  •     Windows Manage Set Shadow Copy Storage Space
  •     Windows Manage Get Shadow Copy Storage Info
  •     Windows Recon Computer Browser Discovery
  •     Windows Recon Resolve Hostname
  •     Windows Gather Wireless BSS Info
  •     Windows Gather Wireless Current Connection Info
  •     Windows Disconnect Wireless Connection
  •     Windows Gather Wireless Profile
For additional information click Here. To Download Metasploit version 4.2.0 for windows & Linux click Here.

 -Source (rapid7)



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

VMware acquires Shavlik Technologies for vulnerability, configuration management

Posted by Avik Sarkar On 5/17/2011 12:54:00 pm

Virtualization security giant VMware Inc., has announced it will acquire Shavlik Technologies, extending the company’s security portfolio into patch and configuration management.

Financial terms of the acquisition were not disclosed. New Brighton, Minn-based Shavlik Technologies is a security firm that sells patch and configuration management software that can be configured to work in virtual environments. The company sells both on-premise and SaaS-based software that appeal to small and midsized businesses.
In March, Shavlik announced VMware GO, a SaaS offering it developed with VMware, which assists SMBs with deployment and management of VMware vSphere software. Mark Shavlik, CEO of Shavlik, said the company has been building its portfolio around its presence in the SMB market. Last Spring, the company announced a Web-based version of its software, stripped down to vulnerability and virtual machine management.
"The enthusiasm, creativity and operational excellence of our two companies will allow us to better serve our global customers and partners by accelerating IT management innovations," Shavlik said in a statement.
VMware said the two companies would develop a complete portfolio for managing, monitoring and securing IT environments, including developing a centralized IT management console and automated tools for patch management, compliance and configuration for virtual environments. The software could be used by managed service providers to better service their SMB customers, VMware said.

"With the Shavlik acquisition, VMware will be able to provide simple to use and affordable management services developed to address the specific demands of SMBs," Raghu Raghuram, senior vice president and general manager of cloud infrastructure and management at VMware, said in a statement.
VMware has slowly built up its security arsenal starting with the acquisition of Determina in 2006, which sold host-based intrusion prevention system (HIPS) technology that were configured to work in a variety of virtual scenarios.  It acquired BlueLane Technologies in 2008. BlueLane can sit between the hypervisor and the virtual machine for application-aware firewalling, visibility of traffic between virtual machines and intrusion prevention capabilities.
In 2010, VMware acquired Tricipher for identity and access management services. Tricpher provides secure authentication and single sign-on access for SaaS-based software. 
VMware’s acquisitions make it clear that it expects to grow out the features of its security product sets, said Pete Lindstrom, a research director with Spire Security. Lindstrom said Shavlik has a stellar reputation in the security industry for its patch management capabilities.  Shavlik has been slowly building out its capabilities into configuration and compliance management and extended it for virtual systems, he said.
“We’ve been talking forever about potential benefits for patching in virtual environments,” Lindstrom said. “It will be interesting to see if we get some traction into the benefits we’ve anticipated with patching for virtual instances.”


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

VMWare Source Code Was Stolen at The Time of CEIEC Breach

Posted by Avik Sarkar On 4/29/2012 05:05:00 pm

VMWare Source Code Was Stolen at The Time of CEIEC Breach 

In the official blog VMWare, the visualization software company has revealed that a hacker associated with hacktivist calling himself "Hardcore Charlie" has stolen at least one and possibly many more source files for its software - and has begun posting them on line. VMware on Tuesday announced that a single file from its ESX server hypervisor source code has been posted online, and it held out the possibility that more proprietary files could be leaked in the future. The fact that the source code may have been publicly shared does not necessarily mean that there is any increased risk to VMware customers, Said by VMWare official. Earlier we covered that Hardcore Charlie claimed to breach China NationalElectronics Import-Export Corporation (CEIEC), based in Beijing, he got inside CEIEC and posted documents ranging from purported U.S. military transport information to internal reports about business matters on several file-sharing sites, but the authenticity of the documents could not be independently confirmed. Hacker Charlie' claims to have found program files for virtualisation software on CEIEC. In a conversation with Kaspersky Lab, the hacker claimed to have 300MB of VMWare source code. 
The hacker also claimed to have cracked cryptographic hashes on the credentials of hundreds of thousands of sina.com email accounts with the help of another hacker, who goes by the name of @Yamatough and who is thought to have been involved in the distribution of documents suggesting that the Indian government had put in monitoring systems for Nokia, RIM and Apple smartphones. The companies all denied the claim, and the documents were later shown to be faked.
VMWare insisted that the code dated back to 2003-04, though it did not say whether that section of the code had been changed since then. "We will continue to provide updates to the VMware community if and when additional information is available," said Iain Mulholland, director of VMware's security response centre in a statement. VMWare didn't indicate whether its own systems had been breached, and seemed to widen the number of potential targets to include commercial partners.  
Like VMWare, a hacker group named The Lords of Dharmaraja has managed to steal the source code of Norton anti-virus, Symantec. There also hacker leaked the source code and hacktivist Anonymous take the responsibility of the entire phenomena





SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

VMware Patches Denial of Service & Memory Corruption Vulnerability

Posted by Avik Sarkar On 6/22/2012 04:57:00 pm

VMware Patches Denial of Service & Memory Corruption Vulnerability in Desktop, Server Virtualization Products

Critical arbitrary code execution vulnerability in Desktop, Server Virtualization Products of VMware has been patched. Giant in Visualization software vendor VMware has released security patches for its Workstation, Player, Fusion, ESXi and ESX products in order to address two vulnerabilities that could allow attackers to compromise the host system or even crash a virtual machine completely.
Attackers could exploit this validation error by loading specially crafted checkpoint files to trigger a memory corruption and potentially execute arbitrary code on the host system. VMware advised customers to upgrade to the newly released Workstation 8.0.4, Player 4.0.4 and Fusion 4.1.3 or to install the patches available for their respective versions of ESXi and ESX.
According to VMware security advisory the more serious vulnerability is identified as CVE-2012-3288 and stems from an improper validation of input data when loading virtual machine checkpoint files.
The second vulnerability addressed by the new security updates could allow attackers to crash a virtual machine by sending malformed traffic from a remote virtual device. Remote virtual devices are devices like CD-ROMs that are made available to a virtual machine, but are physically attached to a remote computer. Traffic coming from remote virtual devices is incorrectly handled, VMware said.



-Source (VMware & PCWorld)



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

VMware vSphere 5 to add cloud virtualization support for Mac OS X Server

Posted by Avik Sarkar On 5/01/2011 11:34:00 am


The upcoming release of VMware's vSphere 5 virtualization platform is reported to include guest OS support for Mac OS X 10.6 Snow Leopard, indicating new options for enterprise use of Apple's server platform without the now discontinued Xserve.

VMware's plans for the next release of vSphere, as discussed in February at the company's Partner Exchnge conference, have been detailed in a posting by Virtualization.info, including mention of support for Mac OS X Server.

The vSphere product allows companies to build a private of public cloud of pooled infrastructure, offering enterprise planners more flexible capacity management than if they were required to allocate dedicated hardware to every server instance.

The product also helps data center managers to automate disaster recovery plans and monitor and manage performance while accurately reporting the costs needed to provide IT services.

By pooling server hardware, VMware says businesses can reduce their requirements of power, cooling and server storage, cutting energy cost by as much as 80 percent.

Formerly named VMware Infrastructure 4, the cloud-enabled vSphere platform is built upon the company's core virtualization hypervisor called ESXi, which runs as a low level microkernel OS on actual server hardware, and facilitates flexible, virtual deployment of guest OS virtual machines on top, moving around virtual images to use available hardware as necessary.

The product currently supports Microsoft Windows 7, Windows Server 2008, Oracle Solaris 10, as well as enterprise versions of Linux from RedHat, SUSE and Ubuntu. By adding support for Mac OS X Server, VMware will give its enterprise customers an option for virtualizing the deployment of Apple's server features without having to dedicate rack space to Mac hardware.

While Apple has backed out of the dedicated server hardware market, first by discontinuing the Xserve RAID and then by terminating its Xserve rack mounted server, it continues to develop its Mac OS X Server product, with the next major version adding the formerly premium server features to the standard edition.

Mac OS X Server includes WebDAV-based calendar and contact management, easy to use wiki services for building group collaboration tools, and under Mac OS X Lion Server 10.7, will incorporate expanded support for iOS mobile devices, including WebDAV file sharing for iPhone and iPads, expanded Push Notifications for messaging services, and a new Profile Manager that provides setup and management features for iPhone, iPad, iPod touch and Mac OS Lion computers. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

VMware Patches Arbitrary Code Execution Vulnerability

Posted by Avik Sarkar On 10/08/2011 04:00:00 pm


Visualization specialist VMware has warned of a vulnerability (CVE-2011-3868) that could allow attackers to execute arbitrary code. The vulnerability lies in the way UDF filesystems are handled within VMware's Workstation, Player, and Fusion applications, and could be exploited by an attacker to execute code should a user install software from a specially crafted malicious ISO image. The problem was discovered by an anonymous person via the SecuriTeam Secure Disclosure program, and is believed to be present on all host operating systems.
VMware versions up to and including Workstation 7.1.4, Player 3.1.4, and Fusion 3.1.2 are affected; other products are not vulnerable. Updated releases of all three products have been made available, and should be downloaded by affected users. Further details are available in VMware's Security Advisory.


-News Source (The H, VMware)


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

VMware Fusion 4.1 Allowing Virtualization of Mac OS X

Posted by Avik Sarkar On 11/21/2011 06:31:00 pm


VMware Fusion 4.1.0 released for Mac OS X. Last last week VMware released an update to its popular virtualization software that adds many improvements and bug fixes. The biggest improvement is the applications ability to run older versions of Mac OS X Leopard and Snow Leopard. Apple changed the Mac OS X licensing terms with the release of Mac OS X Lion. The new software license allows users to install and use virtual machines running the client or server version of Lion on their Mac.  It doesn’t mention anything about older versions of Mac OS X so it is assumed that you still aren’t allowed to run either of them in a virtual machine.
Apparently VMWare is leaving the decision whether or not they virtualize either of the older versions of Mac OS X to the user. If a user tries to install Leopard or Snow Leopard in Fusion 4.1 they will be prompted with a dialog that asks: “Verify that the operating system is license to run in a virtual machine. ” If you select Continue then Fusion will go ahead with the installation of the operating system leaving the decision to go ahead entirely in the user’s hands.

For More Information & To Download VMware Fusion 4.1 Click Here


SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Back Track 5 R1 (Penetration Testing Distribution) Released

Posted by Avik Sarkar On 8/19/2011 09:38:00 pm

 
Back Track 5 R1 (Penetration Testing Distribution) released. According to the earlier press release BT development team said that BT5 R1 will be available on the 10th of this month but due to some security update and other reason they delay the time and finally released the Release 1 of BT5 on the 18th of August. In this edition 120 bugs has been fixed along with that 30 new tools are added in this version. Also BT team updated 70 tools in this edition of Back Track. The kernel was also updated to 2.6.39.4 and includes the relevant injection patches.
 
According to Back Track Team:-
 
"We’re finally ready to release BackTrack 5 R1. This release contains over 120 bug fixes, 30 new tools and 70 tool updates. We will be rolling out some howto’s on our wiki in the next few days, such as VMWare tool installation, alternate compat-wireless setups, etc. The kernel was updated to 2.6.39.4 and includes the relevant injection patches. As usual, please report bugs to us through our redmine ticket system for the fastest response. Don’t forget to also check our forums and wiki (will be updated in the next few days).
We are really happy with this release, and believe that as with every release, this is our best one yet. Some pesky issues such as rfkill in VMWare with rtl8187 issues have been fixed, which provides for a much more solid experience with BackTrack.
We’ve released Gnome and KDE ISO images for 32 and 64 bit (no arm this release, sorry!), as well as a VMWare image of a 32 bit Gnome install, with VMWare Tools pre-installed.
Lastly, I would like to thank the whole BackTrack team for pulling off the late nights working on this release, as well as Offensive Security for funding all of this stuff. If you need real world Penetration Testing Training – head on over to Offensive-Security and get ready for a bumpy ride!..."

To Download Back Track Click Here

-News Source (Back Track)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Flashback Trojan Targeting Mac OS X in VMware Fusion

Posted by Avik Sarkar On 10/18/2011 05:48:00 pm

Underscoring the growing sophistication of Mac-based malware, a trojan preying on OS X users has adopted several stealth techniques since it was discovered last month.
Updates to the Flashback trojan, which gets installed by disguising itself as an Adobe Flash update, now prevent the malware from running on Macs that use VMware Fusion. Such virtual machine software is routinely used by security researchers to test the behavior of a malware sample because it's easier to delete a virtual instance when they're finished than it is to wipe the hard drive clean and reinstall the operating system.
According to MAC Security Blog:-
The latest version, Flashback.D, has gotten a bit sneakier. First, it checks to see if the user is running Mac OS X in VMware Fusion. If so, it does not execute. It does this because many malware researchers test malware in virtual machines, rather than infect full installations, as it is easier to delete them and start over with clean copies. This means that security researchers analyzing and looking for this malware need to be running regular Macs.
Next, the installer for the malware downloads the payload when running the postinstall script.

Finally, it no longer installs the easy-to-spot ~/Library/Preferences/Preferences.dylib. Instead, it installs the backdoor inside Safari, and does so in two ways. It adds information to Safari’s info.plist file, with the location of the backdoor, and it adds the actual backdoor module at /Applications/Safari.app/Contents/Resources/UnHackMeBuild.


Even if a user removes the above file (UnHackMeBuild), they need to edit Safari’s info.plist file; if not, Safari will look for the backdoor on launch, and, if it is not found, Safari will quit.

-News Source (Intego Blog, The Register)




SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

BackTrack 5 R3 Released & Available To Download

Posted by Avik Sarkar On 8/14/2012 02:44:00 am

BackTrack 5 R3 Released & Available To Download!!

In our last post about BackTrack we mention the release date of long awaited BT 5 Release 3. So finally the countdown is over. The time has come to refresh our security tool arsenal – BackTrack 5 R3 has been released world wide. First BT5 R3 preview was released  in BlackHat 2012 Las Vegas for the enjoyment of conference attendees. The main aim of that pre-release was to figure out their last bug reports and tool suggestions from the BH / Defcon crowds. This final release mainly focuses on bug-fixes as well as the addition of over 60 new tool. A whole new tool category was populated – “Physical Exploitation”, which now includes tools such as the Arduino IDE and libraries, as well as the Kautilya Teensy payload collection.
As usual KDE and GNOME, 32/64 bit ISOs, have been released a single VMware Image (Gnome, 32 bit). 
We would also like to give to reminder that the first release candidate (R1) of BackTrack 5 was released in August last year. Later in March this year we got the second release candidate (R2) of BT 5. 
For those requiring other VM flavors of BackTrack If you want to build your own VMWare image then instructions can be found in the BackTrack Wiki. Direct ISO downloads will be available once all our HTTP mirrors have synched. But still you can download BackTrack 5 R3 via torrent from the below links. 



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

"CloudOpen" Open-source Cloud Conference Will Be Hosted By Linux Foundation on August

Posted by Avik Sarkar On 4/29/2012 04:32:00 pm

"CloudOpen" Open-source Cloud Conference Will Be Hosted By Linux Foundation on August
The Linux Foundation announced that it would hold a symposium on the cloud, big data and open source this August in San Diego dubbed CloudOpen. Topics like Hadoop, Gluster, Chef and KVM -- in addition to Linux -- are to be on the menu, as the event aims to inform developers and IT operations personnel alike.
Amanda McPherson, vice president of marketing and developer services for the Linux Foundation, said that the free exchange of ideas is a crucial concern for the community.
"This conference is built on one belief: open works. We know this from experience and know that the cloud demands it in order to be successful for the long term. Because Linux, open-source software and collaborative development are the foundations of the cloud, it's important to provide a vendor-neutral forum where those who are committed to openness can advance this work and users and industry can learn about 'open' as it is related to the cloud," she stated.
The foundation also released a call for proposals, asking that submissions be made by June 1. While there were a couple of seemingly high-profile absences from the announcement -- both Canonical and VMware are nowhere to be found on the official statement -- Linux Foundation communications director Jennifer Cloer says the organization is in talks with both companies and that both are expected to participate in CloudOpen.
The announcement comes at a crucial time for VMware and Canonical, as the latter firm is planning to make waves of its own with the official release of Ubuntu 12.04 later this week and the former battles an increasingly clouded public perception in the open-source sector. The foundation has confirmed that Canonical will be a founding sponsor of CloudOpen



-Source (Network World)



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Red Hat Enterprise Linux (RHEL) 6.2 Released

Posted by Avik Sarkar On 12/07/2011 02:56:00 pm



After RHEL 6.2 Beta now Red Hat the world’s leading provider of open source solutions, today announced the general availability of Red Hat Enterprise Linux 6.2. With this milestone, Red Hat includes many enhancements that deliver benefits spanning multiple areas, including performance and scalability. Red Hat Enterprise Linux 6 operating system achieved the largest multi-core Linux configuration results certified to-date on the two-tier SAP® Sales and Distribution (SD) standard application benchmark.1 Proven to perform and scale, Red Hat Enterprise Linux 6 effectively supports large, mission-critical enterprise computing environments.
Vice President and General Manager, Platform Business Unit at Red Hat, said, “The exciting features in Red Hat Enterprise Linux 6.2 with new impressive SAP® benchmark results allow our enterprise customers to have increased confidence that Red Hat Enterprise Linux 6 can run their enterprise workloads with high performance across physical, virtual and cloud computing environments.”
Enterprises can confidently migrate to the latest multi-core technology with Red Hat Enterprise Linux 6. On the latest two-tier SAP SD standard application benchmark, Red Hat Enterprise Linux 6 achieved more than 22,000 SAP SD benchmark users on a single system. On this same benchmark, the HP DL980 G7 system running Red Hat Enterprise Linux 6 fully utilized all 80 cores and 160 threads in the 8-processor system running MaxDB 7.8 and the SAP enhancement package 4 for the SAP ERP 6.0 application. This is the largest Linux result submitted to SAP to-date. The results demonstrate the capabilities of the HP ProLiant DL980 G7 8-processor system’s PREMA architecture and smart CPU caching technology. Results are as of December 2, 2011, certification number 2011052.
“Clients need solutions to automate, scale-up or virtualize their environments to best fit their business requirements,” said Martin Whittaker, vice president, Systems and Solutions Engineering, Enterprise Servers, Storage and Networking at HP. “Optimizing Red Hat Enterprise Linux on HP ProLiant DL980 systems extends the power of open source to HP Converged Infrastructure, delivering uptime, increased capacity and faster processing speeds.”
Red Hat Enterprise Linux 6.2 delivers significant improvements in resource management and high availability, as well as new features aimed at storage and file system performance and identity management. Red Hat Enterprise Linux 6.2 provides additional capabilities to manage system resources. For service providers or internal IT organizations that deliver applications or hosted services via multi-tenant environments, maximums can be set for CPU time associated with a given application, business process or a virtual machine. This allows for more efficient management of SLAs and enables the ability to implement service priorities, similar to those associated with network Quality of Service (QoS).

When an enterprise deploys its applications to run in a Red Hat Enterprise Linux 6.2 guest hosted by VMware, the applications can now be utilized for High Availability (HA) Add-Ons. This also includes full support for use of GFS2 shared storage file system by the virtual machines. The result is additional deployment flexibility for customers requiring HA within a portion of their virtualized environment, as well as full support for Red Hat Enterprise Linux on the VMware hypervisor.

Red Hat Enterprise Linux 6.2 adds enhancements to storage and file system features including full support of iSCSI extension for RDMA. Now, benefits of low latency and high throughput through a standard SAN implementation based on 10Gb Ethernet are available to even the most demanding storage environments. This allows customers to opt out of expensive Infiniband hardware or other dedicated interconnect fabrics. Other enhancements around file system include delayed meta data logging, asynchronous and parallel file system writes, as well as support for multiple active instances of Samba in a cluster which improves overall throughput and increases availability for large Samba clustered deployments.

Identity Management:-
In Red Hat Enterprise Linux 6.2 provides the administrative tools to quickly install, configure and manage server authentication and authorization in Linux/Unix enterprise environments, while still providing the option to interoperate with Microsoft Active Directory. This enables enterprises to manage Linux infrastructure easily and cost-effectively. Centralized identity management and host-based access control can reduce administrative overhead, streamlines provisioning and improves security.

Performance:- 
Is key to all customers. Red Hat Enterprise Linux 6.2 continues to put an emphasis on accelerating I/O such as network traffic steering to improve network throughput by as much as 30 percent in performance tests conducted by Red Hat and delivering numerous file system enhancements that reduce read-write times and boost overall system utilization.

Red Hat expects to deliver the beta for Red Hat Enterprise Linux 5.8 later this month. Also fully underway is development for Red Hat Enterprise Linux 7, the next major release of Red Hat Enterprise Linux. Red Hat received an outstanding response from all Red Hat subscribers – users and partners – for requested features coming from the recent Red Hat Enterprise Linux 7 Ideas discussion group posted on the Red Hat customer portal. This important feedback allows Red Hat to continue to make Red Hat Enterprise Linux a computing foundation for the next generation of operating system platforms.

For More Information, New Technical Features and Benefits document Click Here



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Symantec to Extend Leading Backup Software to the Cloud and Appliances

Posted by Avik Sarkar On 5/03/2011 11:31:00 pm


Symantec Vision -- Symantec Corp. (NASDAQ: SYMC) today announced a new approach to help small and mid-sized organizations protect data through new delivery models including Backup Exec.cloud, Backup Exec appliances, as well as an enhanced version Backup Exec 2010 software. For the first time, a company will be able to leverage the benefits of backup from Symantec as software, as a cloud service, or as an appliance, signaling the end of the complexity and delivering a fast, easy and modern backup infrastructure. 

 "Customers want choice in how they manage their backup environment, and Symantec is leading the transformation of the backup market with new appliances, cloud and enhanced software for Backup Exec," said Amit Walia, vice president of product management, Symantec. "The future of backup will be defined by simplicity, flexibility and allowing companies to deploy a modern infrastructure that best fits their needs."
Backup Exec 2010 Software Updates
  • Improved Virtualization Backup Performance: Available worldwide on May 3, Backup Exec 2010 R3 delivers improved backup and deduplication performance in virtualized environments. The V-Ray technology embedded into the core solution gives customers X-Ray vision to easily see, protect and recover their virtual machines with the same solution that protects their physical environments. Additionally, Symantec's Backup Exec Management Plug-in for VMware is now part of the standard agent for VMware providing Backup Exec management through vCenter.
  • New Security Layer: Backup Exec 2010 now provides SSL support from the agent to the server, providing an extra layer of security for customers that transmit backup data across the WAN or to a private cloud. The added security features help ensure that backed up data sent over a public Internet connection is secure and protected.
  • Improved Archiving for Data Management and Recovery: Archiving complements backup by helping companies identify what to store, what to delete and when to move older data to secondary systems, while ensuring fast discovery and recovery of older data. Symantec continues to streamline the integration between archiving and backup, helping customers to control storage costs and recovery times. Backup Exec 2010 Agent for Enterprise Vault now supports Enterprise Vault 10 beta backup, recovery and migration. Additionally, the Backup Exec Archive Option for Exchange now includes Virtual Vault, allowing users to access archived emails directly from within Outlook.
Backup Exec Cloud Strategy
  • Simple, Cloud-Based Backup: Expected to be available later this year, Symantec Backup Exec.cloud will be an ideal solution for small businesses or remote offices that want to offload their IT infrastructure. The hosted backup service will automatically protect the data on Windows desktops and servers with simple, online backup and recovery. Furthermore, customers will benefit from an expanded Symantec.cloud portfolio of SaaS offerings, that provide integrated solutions for security, email management, and data protection.
  • Automatic Backups and Easy Restore: Customers will be able to quickly protect their critical data by streaming it over a SSL connection to Symantec's secure, off-site data centers. Backups can be triggered by file changes or run according to a set schedule, while modified files are protected continuously. Should disaster strike, the service will help businesses stay up and running by restoring critical files to any service-enabled machine with just an internet connection. Employees may also take advantage of individual file restore for everyday file retrieval.
  • Predictable Pricing: Symantec plans to offer predictable, subscription-based pricing for Backup Exec.cloud.
Backup Exec Appliance Strategy
  • Secure, Optimized and Simple: The new Backup Exec appliances, scheduled to be available later this year as part of a phased launch, will provide businesses with purpose-built, secure and easy to manage backups that run Backup Exec software. Symantec will leverage its appliance model success within the enterprise segment to provide a tailored offering that meets the needs of its SMB customers and remote offices for larger organizations.
  • Easily Deployed, Consistent Architecture: Backup Exec appliances can be managed alongside other Backup Exec software installations. The appliance form factor assures a consistent technology deployed across an organization, allowing administrators to manage their information from a data center, by a channel partner, or from other remote locations for reliable on and off-site recovery protection.
Supporting Quotes
  • "IDC sees Purpose Built Backup Appliances (PBBA) as becoming a preferred deployment option for many companies and as a significant area for growth," said Robert Amatruda, research director, Data Protection and Recovery at IDC. "Symantec's strategy to deliver Backup Exec as a purpose built backup appliance for SMBs makes a lot of sense, and as the market share leader in backup this new strategy has the potential to shift the backup landscape for many years."
  • "Software-as-a-Service and online backup are important emerging options for small businesses and are poised for increased adoption," said Lauren Whitehouse, senior analyst, Enterprise Strategy Group. "Backup Exec.cloud promises to deliver simple, reliable backup that requires no on site hardware, and both small businesses and large organizations with remote offices could benefit."
  • "The latest version of Backup Exec 2010 has significantly improved install times, increased the speed of our backups, and has become more efficient in recovering data," said Patrick Manness, network analyst, Paul's Hauling Ltd. "Overall, I am impressed with the improvements and it has made my life easier."
  • "Backup Exec is comprehensive in its feature set and easy to implement," said Adam Miller, infrastructure services architect, Virginia Institute of Marine Science. "As we move to a virtualized IT environment, I look forward to using Backup Exec that can see into both our virtual and physical servers for greater ease of use."
  • "As a Symantec SMB Specialized partner, we understand that our SMB customers need cost-effective products and services that protect their critical information. We have relied on Backup Exec for years to protect our customers' data in both physical and virtual environments," said Dave Irvine, president and CEO, Irvine Consulting Services. "There is no one-sized-fits-all approach, and Symantec is the only major backup vendor that delivers the flexibility and choice for our customers' backup delivery models including software, appliance, or cloud-based solution -- all with deep support for virtual environments." 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Now Mac OS X 10.7 Lion can be Installed in a Virtualized Environment

Posted by Avik Sarkar On 7/03/2011 03:04:00 pm


Mac OS X 10.7 Lion will bring quite a few new features from a user interface stand point. However, it looks like Lion will also bring a long awaited capability for the more advanced users. Apple will allow users to install Mac OS Lion client in a virtual environment. In 2007 Apple allowed Mac OS X Server to be installed in a virtualized environment, like VMWare Fusion and Parallels, but now Mac OS X Lion client will be possible to install in a virtual machine.
According to the end-user licensing agreement for Mac OS X 10.7 Lion, users can install up to two additional copies or instances within virtual operating system environments on each Mac Computer they own.
Why is this important? As we mentioned, this might not affect the everyday user but if you are a developer, you will be able to test your application in a virtualized environment without affecting your base installation. Or, if you like to test new software, you will be able to do so in a virtualized environment and then decide if you want to move that new software in your base, everyday desktop. And, if you buy/try an app from the Mac App Store, following the Mac App Store rules, you are entitled to install that app on all your Mac OS X installations, including the virtualized ones.
What makes this possible? We believe Apple is realizing that Mac OS X it self is not a huge stream of money. This explains the price of Mac OS X Lion at just $29.99 (Mac OS X 10.5 Leopard was priced at $129 in 2007). Where is Apple making its money? This is from the Mac App Store. The more Mac OS X environments out there, more potential customers for developers, more money for Apple (Apple is getting 30% of the app revenue).
The licensing agreement specifically mentions that users are entitled to install Mac OS X 10.7 Lion on virtual environments running on a Mac. So, if you are a Windows user, or have Windows computers at home, you are not allowed to run a virtual machine with Lion on these machines. However it will be interesting to see if users can easily port such a virtual machine on a Windows environment running VMWare Workstation or Parallels for Windows.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Red Hat Enterprise Linux (RHEL) 6.3 Released & Globally Available

Posted by Avik Sarkar On 6/24/2012 05:41:00 pm

Red Hat Enterprise Linux (RHEL) 6.3 Released & Globally Available

Only six months after the release of RHEL 6.2. Red Hat officially announced the global availability of the next minor release of Red Hat Enterprise Linux operating system platform, Red Hat Enterprise Linux 6.3. Couple of months ago we got the Beta of RHEL 6.3 and with this final release Red Hat has tweaked the enterprise grade Linux distribution to add new capabilities in storage, virtualization, security, developer tools, file systems, scalability and performance.

Highlighted Features :-
  • Developer Tools: In addition to OpenJDK6 support in Red Hat Enterprise Linux 6, the newly introduced OpenJDK7 allows customers running Red Hat Enterprise Linux 6.3 to develop and test with the latest version of open source Java. The Red Hat Developer Day is scheduled for June 26th at the 2012 Red Hat Summit & JBoss World. More about this and other capabilities will be presented, including the Red Hat Enterprise Linux toolset (updated GCC), performance optimization, thread programming and NUMA. For more information about developer day, please visit here.
  • Virtualization: Red Hat Enterprise Linux 6.3 helps smooth migration to a virtualized environment. This is achieved with the help of new Virt-P2V tools that can easily convert a Red Hat Enterprise Linux or Microsoft Windows system running on physical hardware to run as KVM guests. This release implements a more robust mechanism to protect data associated with defunct virtual machines. The method by which virtual disk images are securely wiped has been enhanced to allow greater security and stronger compliance with Payment Card Industry Data Security Standards (PCI-DSS).
  • Security: Users can now use two-factor authentication for securely accessing their Red Hat Enterprise Linux environment. This type of authentication mechanism is more secure than simple password based authentication. Two-factor authentication is being adopted into enterprise environments and is often referenced in industry standards. Red Hat Enterprise Linux 6.3 also includes advanced encryption capabilities so data blocks can be encrypted in parallel by taking advantage of underlying multi-processor capabilities. This is supported by the introduction of AES-CTR (Advanced Encryption Standard Counter Mode) cipher for OpenSSH. AES-CTR is well suited for high-speed networking environments.
  • Scalability: Red Hat Enterprise Linux 6.3 continues to test the outer bounds of scalability for an operating system platform by increasing the maximum number of virtual CPUs (vCPUs) per guest to 160 from 64. This is significantly higher than the 32 vCPU per guest limit for VMware ESX 5.0. The maximum supported memory configuration for KVM guests has also been increased from 512GB to 2TB.
  • File Systems: File system improvements include O_DIRECT support in FUSE (File system in user space). When enabled, all FUSE reads and writes go directly to storage, bypassing the server cache. This capability can lead to more consistent response times and predictable access to data by multiple accessors for certain use-cases, including database writes and deduplication. GFS2 (shared storage file system) can now read and write data to the disks faster than in previous releases for certain use-cases. In addition, file system check utilities for GFS2 can now be used to check the integrity of the older GFS1 file system.
  • Storage: The Logical Volume Manager (LVM) now provides support for RAID levels 4, 5, and 6 to simplify overall storage administration by consolidating all management functions, such as creating and re-sizing volumes, deploying RAID, and taking snapshots into a single interface. It is now possible to deploy Red Hat Enterprise Linux 6 as a FCoE based storage target server providing the high level of reliability and performance available with native Fibre Channel but at a significantly lower cost. This feature complements the FCoE Initiator support that was delivered in Red Hat Enterprise Linux 6.0.
  • Subscription Management: With Red Hat Enterprise Linux 6.3, by default customers can use Red Hat Subscription Management (SAM), an enhanced subscription management capability using X.509 certificates that allows customers to effectively manage subscriptions locally and report on subscription distribution and utilization. This helps facilitate compliance, upgrades, and long-term planning. Customers register their systems using Red Hat Subscription Manager to the Red Hat award-winning customer portal or an instance of Red Hat Enterprise Linux SAM. Customers who used RHN Classic subscription management with prior releases of Red Hat Enterprise Linux, can continue to use it or migrate to Red Hat Subscription Management.



SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-

Related Posts Plugin for WordPress, Blogger...

Site search