قالب وردپرس درنا توس
Home / LifeStyle / Researchers compromise bare-metal cloud servers

Researchers compromise bare-metal cloud servers




Eclypsium has revealed that hackers can corrupt the firmware of bare-metal cloud servers so they can regain access to the servers after they've been released and reassigned to other customers.

A bare-metal server is a physical server that is rented to one customer at a time and many companies in the cloud.

However, in its latest experiment, Eclypsium has discovered that

The server has a bad memory server (BMC) firmware that could potentially be used to access a server after it has been replaced

Last year, researchers from Eclypsium discovered vulnerabilities in the BMC firmware of Super Micro motherboards and IBM's SoftLayer cloud service which uses Super Micro hardware.

The company explained why it chose IBM SoftLayer for its experiment, saying:

"We originally chose SoftLayer for our testing environment because of its simplified logist SoftLayer was very vulnerable. It should be noted that SoftLayer uses other hardware vendors in addition to SuperMicro, and SuperMicro devices are used by many other service providers. "

Eclypsium called its successful test Cloudborne and the company's research team server's BMC firmware with one they have prepared in one bit, so they could not recognize it at a later point. [1

9659002] IBM responded to Eclypsium's research in a blog post in which it detailed how it reconfigured its cloud service to reflash all BMC's firmware to factory settings and erase all logs and generate new passwords for each client.

ZDNet [19659011]
Source link