At the security industry's big annual confab, the RSA Conference, going on this week in San Francisco, security researcher Joanna Rutkowska described a new type of virtualization-based malware that could be used to take control of a machine running virtualization software. Because virtualization allows companies to store many virtualized software "images" of computers on a single physical machine, an attack like the one Rutkowska envisions would allow a hacker not only to control a single machine but to siphon data from any virtual machine it contains.http://www.blogger.com/img/gl.link.gif
Rutkowska, the founder of security research firm Invisible Things Lab, in Warsaw, Poland, isn't the first to target virtualization as a weak point in the emerging IT landscape. Over the past year, security researchers have revealed bugs in practically every piece of virtualization software, including products from virtualization heavyweights VMware (nyse: VMW - news - people ) and Microsoft (nasdaq: MSFT - news - people ).
Hack is coming, hack is coming, hack is coming...
Read more here