One of the most exciting talks at Blackhat was Immunity’s CLOUDBURST talk. Basically a few months back a bunch of VMware bugs popped. Immunity people being insane decided to attempt to exploit them and was successful. This is incredibly cool because many organizations are using VMware as a core network component. Additionally researchers use VMware to test exploits and malware. This type of bug is therefore very serious.
For me, this bug is particularly meaningful. At my last company I had an arguement with a VP about deploying a client portal, black testing (exploits/malware), and development all on one physical box separated by “virtual networks”. I thought this was insane — especially for a security consulting company. I argued, unsuccessfully, that a “virtual firewall” is just more software that could be broken and offers no defense-in-depth.
Within a few weeks the CLOUDBURST info was hinted at. At Blackhat details were published and yeah, they can pop out of a client onto the host running ESX. Awesome.