Escalating Insider Threats Using VMware's API
Offered By: Black Hat via YouTube
Course Description
Overview
Explore a critical security vulnerability in VMware's API that could allow insider threats to escalate privileges and bypass crucial security measures. Delve into how enterprises commonly use VMware's security model to separate infrastructure and guest machine domains, restricting IT teams from accessing sensitive data inside administered machines. Learn about a discovered method to exploit VMware's API, potentially enabling malicious insiders to manipulate files and interact with guest machine consoles despite lacking proper permissions. Gain insights into this 20-minute Black Hat conference talk by Ofri Ziv, which highlights the importance of robust security measures and the potential risks associated with seemingly secure virtualization environments.
Syllabus
Escalating Insider Threats Using VMware's API
Taught by
Black Hat
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network