Hypervisor Introspection blocks EternalDarkness/SMBGhost Privilege Escalation Exploit (CVE-2020-0796)
EternalDarkness or SMBGhost is the latest vulnerability affecting the Microsoft SMB protocol which was first reported in March 2020 This is high-severity threat because SMB vulnerabilities very-often are quickly adopted by “wormified” malicious attacks. As-of publishing of this post, PoCs exist for DoS and local privilege escalation Bitdefender Hypervisor Introspection ... Read More
BlueKeep Exploit Code Released, Blocked by Hypervisor Introspection
BlueKeep is a wormable security flaw in Microsoft Remote Desktop Services that allows attackers to take control remotely of vulnerable systems. Metasploit developers released the first functional prototype of exploit code with payload execution capabilities. Bitdefender tested the newly released exploit code and Hypervisor Introspection prevents this attack (demo included) ... Read More
Protecting Against SWAPGS Attack with Bitdefender Hypervisor Introspection
Speculative execution-based attacks exploit CPU architecture flaws to allow attackers to leak sensitive information from privileged operating system kernel memory The SWAPGS Attack leverages a new speculative execution vulnerability discovered by Bitdefender security researchers The SWAGS Attack circumvents all existing side-channel attack mitigations and allows attackers to gain unprivileged access ... Read More
Agentless Workload Security with GravityZone and NSX-T 2.4 Data Center
VMware NSX-T Data Center 2.4 release now includes Guest Introspection services via agentless endpoint protection. Bitdefender GravityZone Security for Virtualized Environment (SVE) is the first, and currently the only, security vendor that integrates NSX-T Guest Introspection. If you are upgrading to NSX-T Bitdefender solves real operational challenges for highly-dense, large ... Read More
