A group of researchers has developed a side-channel attack targeting virtual machines that could pose a threat to cloud computing environments. The attack is the first such attack demonstrated on a symmetric multiprocessing system virtualized using a modern VMM (Xen) The underlying vulnerable code is in the most recent version of the libgcrypt library, according to the report. “So highly sensitive workloads should not be placed in a public cloud,” says chief scientist at EMC’s RSA security division.”]
Source: https://www.darkreading.com/attacks-breaches/researchers-develop-cross-vm-side-channel-attack