What is Cloudburst VM escape? - Definition from Whatis.com

Home
Topics
Cloud Computing Virtualization: Secure Multitenancy - Hypervisor Protection
Cloudburst VM escape

Definition

Cloudburst VM escape

Cloudburst virtual machine escape is an exploit method that enables a guest-level virtual machine (VM) to attack its host. The method takes advantage of a flaw in VMware Workstation working in conjunction with Cloudburst, IBM's cloud service provisioning software for cloud providers.

In a virtual machine escape, an attacker runs code on a VM that allows an operating system running within it to break out and interact directly with the hypervisor. A VM escape gives the attacker access to the host operating system and all other virtual machines running on that host.

Research firm Kostya Kortchinsky Immunity Inc. developed the Cloudburst VM escape method.

Related glossary terms: hypervisor security, virtual firewall, BIOS rootkit , AV storm, blue pill rootkit, BIOS rootkit attack

This was last updated in April 2012

Editorial Director: Margaret Rouse

Email Alerts

Register now to receive SearchCloudSecurity.com-related news, tips and more, delivered to your inbox.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Dig Deeper

McAfee and Intel cloud computing security strategy unveiled

Companies offer up collection of technologies to help overcome enterprise concern about cloud security.
VMware downplays ESX hypervisor source code leak

Company says source code was leaked online but says may not mean increased risk.
PCI virtualization compliance: Three steps for PCI compliance in the cloud

PCI compliance in the cloud is tough but implementing these strategies can help.

People who read this also read...

Show me more

Do you have something to add to this definition? Let us know.

Send your comments to techterms@whatis.com

Join the conversationComment

Share

Comments

Results

Contribute to the conversation

All fields are required. Comments will appear at the bottom of the article.

Research More Tech Terms

Search thousands of tech definitions
Browse tech definitions
Browse Alphabetically:
- A
- B
- C
- D
- E
- F
- G
- H
- I
- J
- K
- L
- M
- N
- O
- P
- Q
- R
- S
- T
- U
- V
- W
- X
- Y
- Z
- #

Powered by WhatIs.com

File Extensions and File Formats

File Extension and File Formats List:

A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z
#

Powered by WhatIs.com

More from Related TechTarget Sites

Security
Security Channel
Security UK
Cloud computing
Server Virtualization
VMware

Security
- PCI Council urges P2P encryption for mobile payments
  
  A PCI Council guidance document requires merchants to use a validated PIN entry device or secure card reader to accept payments using mobile devices.
- Steve Lipner on the Microsoft SDL, critical infrastructure protection
  
  Microsoft’s senior director of security engineering says core SDL principles should be at the foundation of critical infrastructure system protection.
- Android security model doing best to enable mobile malware spread
  
  At Information Security Decisions 2012, Dan Guido put the mobile malware focus on the Android security model and Google’s mobile app vetting process.
Security Channel
- Biometric authentication methods: Comparing smartphone biometrics
  
  Biometric authentication helps ensure only authorized smartphone users can access a network. David Jacobs weighs the pros and cons of three methods.
- F5 Vault program embraces incentives for F5 firewall, security sales
  
  The Vault partner program uses incentives to increase visibility for F5 firewalls and its architecture bundle.
- Using DMARC to improve DKIM and SPF email antispam effectiveness
  
  DMARC aids the DKIM and SPF protocols that help keep spam out and let legitimate emails in. David Jacobs explains how.
Security UK
- ICO fines Welsh health board £70,000 for patient record loss
  
  For the first time, the ICO fines an NHS organisation for sending patient data to the wrong person.
- With mobile payments, security teams must move quickly
  
  As employees make payments on their mobile devices, the security team must act quickly to ensure corporate assets remain secure.
- SOCA takes its website offline in DDoS response
  
  Just days after SOCA shut down carder sites, the agency was the victim of a DDoS attack, leading SOCA to takes its website offline.
Cloud computing
- Download the Private Cloud E-Zine
  
  Get exclusive access to this expert bi-monthly e-zine with essential resources for building your private cloud infrastructure.
- What makes a good cloud provider?
  
  Fair costs and SLAs were once enough to discern top cloud providers. In today’s packed cloud market, vendors must bring more to the table.
- Azure’s identity crisis and other cloud computing sound bites
  
  Microsoft Azure wants to be called Loretta. No, that’s not true. Or is it? Find out that answer and other news overheard in the cloud this past week.
Server Virtualization
- Download the Virtual Data Center E-Zine
  
  Get exclusive access to the Virtual Data Center E-Zine, published monthly by the experts at SearchServerVirtualization.com.
- Ten easy ways to extend virtual host resources on the cheap
  
  Virtual host resources are the lifeblood a virtualization project. Finding ways to extend them will promote growth, even during lean budgetary times.
- Taking the pain out of the Internet Explorer requirement for RHEV 3.0
  
  Despite the hoopla over ditching Windows Server, RHEV 3.0 still requires Internet Explorer. But configuring IE doesn’t need to be a hassle.
VMware
- Promoting green initiatives with VMware software
  
  Green initiatives aren’t just for data centers. Reducing electricity use and preventing e-waste at home can be as simple as using free VMware software to virtualize desktops.
- Replacing self-signed SSL certificates to improve ESXi security
  
  VMware’s default, self-signed SSL certificates ensure data encryption. By importing certificates from trusted, third-parties, however, you can improve ESXi security even further.
- Using vCloud Director 1.5 in the real world: Ask the expert
  
  Although many organizations have been slow to adopt vCloud Director 1.5, one expert predicts a coming increase and offers advice for administrators who are looking to get started.

All Rights Reserved, Copyright 2011 - 2012, TechTarget