Paul’s Security Weekly (Video)
Technology
Sonar Vulnerability Researchers Thomas Chauchefoin and Paul Gerste conducted research on the security of Visual Studio Code — the most popular code editor out there — which was presented at DEF CON 31 in August. The pair uncovered a few ways for attackers to gain code execution on a victim's computer if they clicked on a specially crafted link or opened a malicious folder in Visual Studio Code, bypassing existing mitigations like Workspace Trust. Developers tend to trust their IDEs and do not expect such security issues to exist. As developers have access to source code and production systems, they make for very interesting targets for threat actors. Important to note is that the security concepts that the two are able to demonstrate apply not just to Visual Studio Code, but to most other code editors. This is also the story of how the researchers got an unexpected $30,000 bounty from Microsoft for these bugs, by mistake!
Segment Resources:
BLOG POSTS Securing Developer Tools: Argument Injection in Visual Studio Code (https://www.sonarsource.com/blog/securing-developer-tools-argument-injection-in-vscode/) Securing Developer Tools: Git Integrations (https://www.sonarsource.com/blog/securing-developer-tools-git-integrations/)
CVEs CVE-2023-36742 (https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36742) CVE-2022-30129 (https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2022-30129) CVE-2021-43891 (https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2021-43891)
Show Notes: https://securityweekly.com/psw-804
Ping of Death, 500 Year Old Ciphers, Pwn The Dev, & Chatbot's Order 66 - PSW #766
Severe BMC Vulnerabilities - Nate Warfield - PSW #766
To The Cloud! (Or Not Yet?) - Sinan Eren - PSW #766
Open Source Security - Josh Bressers, Kurt Seifried - PSW #765
RCE in Muddy Waters, Hacking Smart Watches, FCC Bans Stuff, & When BMC's Attack - PSW #765
Stealing Mastodon Passwords, Update Your Firmware on Linux, & Oops I Leaked Again - PSW #764
UEFI & SMM Vulnerabilities - Jesse Michael - PSW #764
Urlscan, BYODC, Indirect Branch Tracking, Don't Hack Me Bro, & Fizzling Out Security - PSW #763
A Case for Threat Informed Penetration Testing - Dan DeCloss - PSW #763
OpenSSL Vulns, RepoJacking, Authentication Bypass, & Supercharging Your Hacking - PSW #762
Blenster - Hacking Hardware - Ben Hibben - PSW #762
Exploiting Hacker Tools, Microsoft "Fixes" Driver Problem, Moles, & Deconflictions - PSW #761
Linux Rust & Retro - Charles Shirer - PSW #761
EDR, Driver Signing, SBOMS - Do They Work? - PSW #760
SANS Annual SOC Survey Insights - Christopher Crowley - PSW #760
Shifting to a Victory Mindset - Michael Meis - PSW #760
Detecting Deepfake Audio, Supply PHP Attack, UMAS Secrets, & Pixel 6 Bootloader - PSW #759
A Day in the Life of a Threat Researcher - Ismael Valenzuela - PSW #759
Pig Butchering, Dell Driver FTW, Deep Access, & PHP Supply Chain Attacks - PSW #758
Device Paradox: Why Security & Criticality Don’t Overlap in Embedded Systems - Ang Cui - PSW #758
Create your
podcast in
minutes
It is Free
Insight Story: Tech Trends Unpacked
Zero-Shot
Fast Forward by Tomorrow Unlocked: Tech past, tech future
The Unbelivable Truth - Series 1 - 26 including specials and pilot
Acquired