Paul’s Security Weekly (Video)
Technology
Sonar Vulnerability Researchers Thomas Chauchefoin and Paul Gerste conducted research on the security of Visual Studio Code — the most popular code editor out there — which was presented at DEF CON 31 in August. The pair uncovered a few ways for attackers to gain code execution on a victim's computer if they clicked on a specially crafted link or opened a malicious folder in Visual Studio Code, bypassing existing mitigations like Workspace Trust. Developers tend to trust their IDEs and do not expect such security issues to exist. As developers have access to source code and production systems, they make for very interesting targets for threat actors. Important to note is that the security concepts that the two are able to demonstrate apply not just to Visual Studio Code, but to most other code editors. This is also the story of how the researchers got an unexpected $30,000 bounty from Microsoft for these bugs, by mistake!
Segment Resources:
BLOG POSTS Securing Developer Tools: Argument Injection in Visual Studio Code (https://www.sonarsource.com/blog/securing-developer-tools-argument-injection-in-vscode/) Securing Developer Tools: Git Integrations (https://www.sonarsource.com/blog/securing-developer-tools-git-integrations/)
CVEs CVE-2023-36742 (https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36742) CVE-2022-30129 (https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2022-30129) CVE-2021-43891 (https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2021-43891)
Show Notes: https://securityweekly.com/psw-804
Browser In Your Browser, Sock Puppets, Performance Killing Patches, & GIFShell - PSW #755
Using No-Code Automation to Tackle Analyst Burnout - Thomas Kinsella - PSW #755
Crappy Exploits, $8 Mil 0-Day, Mac Updates, & Anti-Cheat Is NOT Anti-Hack - PSW #754
Turning Cybersecurity Education Into Industry Impact - John Hammond - PSW #754
Mudge, Tox P2P Messenger, 8 Year Old Linux Flaws, Dirty Pipe, & Unix Legends - PSW #753
Data Integrity Lights the Way: Security With the Decentralized Web - Davi Ottenheimer - PSW #753
StarLink Hacks, Ramsomware Extortion, Signal/Twilio Compromise, Hacking Cars and Tractors - PSW #752
InfoSec Lessons from Military Strategy, Tactics, and Operational Art - Greg Conti - PSW #752
Not-So-Secure Boot - Jesse Michael, Mickey Shkatov - PSW #751
Unearthed Easter Eggs, Black Hat/DEF CON Talks, Decrypting Oz, & 27 Factor Auth - PSW #751
Re-Routing Traffic, Pseudo Keyloggers, TLS Inside, LockBit, Cobalt Strike & Defender - PSW #750
Career in Infosec, SANS Work, & End User Awareness Training - Guy Bruneau - PSW #750
FreeBSD, Steam Decks, Ancient Computers, UEFI Rootkits, & Office Macro Saga Continues - PSW #749
Apple Airtag Detection & Simulation - PSW #749
Linux Distros, The Linux Firewall, CIA Agents, Vault 7 Leaks, & The "Coolest" Laptop - PSW #748
ICS Security - Lesley Carhart - PSW #748
ExpressLRS Protocol, Pi Pico W Wireless, Apple v. Spyware, & Lenovo UEFI Flaws - PSW #747
Six Degrees of BloodHound - Andy Robbins - PSW #747
Prank Calls, Lazarus APT, WordPress Critical Vulns, CISA Adds 41 Flaws, & Zoom Bugs - PSW #742
Building Career Links to Secure the Real Supply Chain - John Pescatore - PSW #742
Create your
podcast in
minutes
It is Free
Insight Story: Tech Trends Unpacked
Zero-Shot
Fast Forward by Tomorrow Unlocked: Tech past, tech future
The Unbelivable Truth - Series 1 - 26 including specials and pilot
Darknet Diaries