Q: Considering the success of pentests and attackers at horizontal/vertical movement on unsegmented networks once they have code execution, is Meltdown/Spectre an expectional, new category of risk to most orgs? How would cross-VM disclosure/privesc suddenly be required to win?
-
-
I do think this opens a new potential escalation path, indeed. Atm, execution is subtle but might not remain that way.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.