Playing around in the evenings trying to get GPU Passthrough/IOMMU working using #Proxmox to very limited success. Might have to try #VMWare if I want this to work in a stable manner. I mean -- I guess I could just run Ubuntu on the Workstation, but it'd be such a waste. I'd rather slice it up into VMs and just pass the GPU into the VMs that need to do inference.
CVE-2022-31696: @renorobertr takes an in-depth look at this #VMware#ESXi type confusion privilege escalation he discovered. He shows his research methodology and looks at the patch released to fix it.
📨 Latest issue of my curated #cybersecurity and #infosec list of resources for week #24/2023 is out! It includes, but not only:
→ 🇺🇸 🇨🇳 The US Navy, NATO, and #NASA are using a shady Chinese company’s #encryption chips
→ 🦠 🏢 #Ransomware Group Starts Naming Victims of #MOVEit Zero-Day Attacks
→ ☁️ 🪣 New Supply Chain Attack Exploits Abandoned #S3Buckets to Distribute Malicious Binaries
→ ☁️ #XSS Vulnerabilities in #Azure Led to Unauthorized Access to User Sessions
→ 🇨🇳 🦠 #Barracuda ESG zero-day attacks linked to suspected Chinese hackers
→ 🇷🇺 🇺🇸 Russian national arrested in Arizona, charged for alleged role in #LockBit ransomware attacks
→ 🇷🇺 🇺🇦 Russia-backed hackers unleash new USB-based malware on #Ukraine’s military
→ 🇺🇸 💰 LockBit Ransomware Extorts $91 Million from U.S. Companies
→ 🇷🇺 🇺🇦 #Microsoft identifies new hacking unit within Russian military intelligence
→ 🦠 Fake Researcher Profiles Spread #Malware through #GitHub Repositories as PoC Exploits
→ 🎣 👟 Massive #phishing campaign uses 6,000 sites to impersonate 100 brands
→ 🇨🇳 Chinese Cyberspies Caught Exploiting #VMware ESXi #ZeroDay
→ 🩹 Microsoft #PatchTuesday, June 2023 Edition
→ ☁️ Microsoft: Azure Portal #outage was caused by traffic “spike”
→ 🇨🇳 🇺🇸 #China's cyber now aimed at infrastructure, warns CISA boss
→ 🇰🇷 🇨🇳 Ex-Samsung executive alleged to have stolen tech to recreate chip plant in China
→ 🇨🇭 🗄️ Swiss Fear Government Data Stolen in Cyberattack
→ 🩹 🔐 #Fortinet fixes critical RCE flaw in #Fortigate SSL-VPN devices, patch now
📚 This week's recommended reading is: "The Cyber Effect: An Expert in Cyberpsychology Explains How Technology Is Shaping Our Children, Our Behavior, and Our Values — and What We Can Do About It" by Prof Mary Aiken
Subscribe to the #newsletter to have it piping hot in your inbox every Sunday ⬇️
One of our #vCenter went crazy and populated its #VCLs in a temporary #Veeam#NFS datastore. As a result, Veeam unmounted the datastore and the VCLs are now gone. Time to play with Retreat mode...
A story:
Yesterday evening I (re)started a project to clean up the DNS records in all my domains.
For a few reasons, my DNS setup is a bit complex, with 'leaf' DNS entries being CNAMEs referencing service pivot points.
I'll detail that more later.
But in doing so I realized my "big spreadsheet of domains" is a bit out of date. So not only do I need to update that, but I really do want to at least put landing pages on some of them. [1/5]
One thing leads to another and now I have a much nicer VM template & deploy setup but still no new web server and now I am remembering I never actually cleaned up the domain spreadsheet.
📨 Latest issue of my curated #cybersecurity and #infosec list of resources for week #17/2023 is out! It includes, but not only:
‣ Hackers target vulnerable #Veeam#backup servers exposed online
‣ #FBI queries for Americans’ digital data drops, yet advocates for surveillance reform remain undeterred
‣ #OpenAI: #ChatGPT Back in #Italy After Meeting Watchdog Demands
‣ Many Public #Salesforce Sites are Leaking Private Data
‣ #NIST CSF 2.0 Core discussion draft released, stakeholder feedback invited
‣ #Paperbug Attack: New Politically-Motivated Surveillance Campaign in #Tajikistan
‣ #Linux version of RTM Locker #ransomware targets #VMware ESXi servers
‣ New Atomic #macOS info-stealing #malware targets 50 crypto wallets
‣ #Google Gets Court Order to Take Down #CryptBot That Infected Over 670,000 Computers
‣ #Telegram restricted in #Brazil after refusal to supply user data to authorities
‣ #Cisco discloses XSS zero-day flaw in server management tool
‣ Ukrainian arrested for selling data of 300M people to Russians
‣ Hackers are breaking into AT&T email accounts to steal #cryptocurrency
‣ #Accenture, #IBM, #Mandiant join Elite Cyber Defenders Program to secure critical infrastructure
‣ ATT&CK v13 April Updates
‣ New Data Sharing Platform Serves as Early Warning System for #OTSecurity Threats
‣ North Korean Hackers Target Mac Users With New ‘#RustBucket’ Malware
‣ New All-in-One "#EvilExtractor" Stealer for #Windows Systems Surfaces on the Dark Web
📚 This week's recommended book is: "This Is How They Tell Me the World Ends: The Cyberweapons Arms Race" by Nicole Perlroth
Subscribe to the #newsletter to have it piping hot in your inbox every Sunday ⬇️
I have an Intel NUC6I7KYK/i7 running ESXi. It has been a solid performer for many years. Now the guests are shutting down randomly, I am assuming a ESXi crash.
Now it has decided to shut itself down altogether. It was doing this with ESXi v7 so I rebuilt it with v8. No better, no worse.
Does anyone have any ideas what to look for, or can recommend a good replacement? It has 2x 512GB SSDs for storage and 32GB of ram.
I want to build labs that a learner can spin up from a front facing website. I believe I need to learn Terraform to spin these up and collapse when done. Where do I start? #infrastructure#terraform#infrastructureascode#vmware
Hi, I'm Scott. I've been a blogger since 2005, an author since 2009, & a podcast host since 2016. I've worked for companies like #EMC (acquired by Dell), #Nicira (acquired by #VMware), #Heptio (acquired by VMware), & #Kong; currently I'm working on the #DevRel team at #Pulumi. I post about #Linux, #Kubernetes, #AWS, #IaC, & other technical topics.
On the personal side, I'm a devoted husband, a loving father, & a Christian who strives to love instead of condemn.