Semgrep, Microsoft Signs With Rootkits, ATT&CK/D3FEND, & Injured Android – ASW #156
This week in the AppSec News: Visual Studio Code's Workplace Trust, Injured Android an insecure mobile app, Microsoft accidentally signed driver with rootkits, The NSA funds a new sister Matrix to ATT&CK: D3FEND, & "Ransomware: maybe it's you, not them?", and more!
Announcements
Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!
Hosts
Adrian Sanabria
Principal Researcher at The Defenders Initiative
John Kinsella
Senior Engineering Leader at AWS
- 1. Visual Studio Code’s Workplace TrustThe May release of Visual Studio Code added something called Workspace Trust - what looks like a significant improvement in the safety for browsing code from within VSCode. Functionality includes being able to prevent code execution from running Tasks, debugging, workplace settings, or extensions. Looks like they have these features for either workplace or folder granularity.
- 2. Microsoft accidentally signed driver with rootkitsMicrosoft signed a signature request from a vendor that contained malicious software, without either the vendors or Microsoft's awareness. While Microsoft as since signed a clean version, the question is how did this get signed in the first place?
- 3. Ransomware isn’t out of control – security teams areHere's a think piece for us to...think about what we want and expect our security teams to do. While in any environment we need everybody to work on security together, security teams and management must set the direction and goals for us. With that guidance - how can we better prevent security issues, whether they're ransomware or others?
- 4. What are the odds someone will find and exploit this?Up to 80% of developers are releasing software with some known vulnerability. How can we improve that stat?