Backdoors VMware ESXi servers to hijack virtual machines

gb00s

Well-Known Member
Jul 25, 2018
777
306
63
Poland
" This attack requires the threat actor to have admin-level privileges to the hypervisor. "
This was for informational purposes for ignorant or arrogant sysadmins. Have talked to lots of bored and lazy sysadmins confusing admin privileges with local access only.
 

BoredSysadmin

Not affiliated with Maxell
Mar 2, 2019
894
349
63
This was for informational purposes for ignorant or arrogant sysadmins. Have talked to lots of bored and lazy sysadmins confusing admin privileges with local access only.
I'm not saying it's not severe, but vshpere admin-level access should be exceptionally well guarded to start with, but yes, I found a bit too often how every service account gets full admin access in vcenter. IE - good security practices should help prevent or protect vs this vun.
I also realize the irony with my forum name, but the idea there is a bored sysadmin is one that works smart, not hard to design an environment that doesn't require constant work.
 
  • Like
Reactions: gb00s