Blocking Visual Studio Code embedded reverse shell before it's too late
(ipfyx.fr)
from tedu@azorius.net to cloudsec@azorius.net on 23 Sep 2023 19:22
https://azorius.net/g/cloudsec/p/LKXmqX2b2KJftqQ3BV-Blocking-Visual-Studio-Code-embedded-reverse-she
from tedu@azorius.net to cloudsec@azorius.net on 23 Sep 2023 19:22
https://azorius.net/g/cloudsec/p/LKXmqX2b2KJftqQ3BV-Blocking-Visual-Studio-Code-embedded-reverse-she
Since July 2023, Microsoft is offering the perfect reverse shell, embedded inside Visual Studio Code, a widely used development tool. With just a few clicks, any user with a github account can share their visual studio desktop on the web. VS code tunnel is almost considered a lolbin (Living Of the Land Binary).
I am so glad that my users now have the ability to expose their computer with highly sensitive data right on the web, through an authentication I nor control, nor supervise. My internal network is now accessible from anywhere !
#cloudsec
threaded - newest
I think this is not the end of the world, but another example of continuing trend where every program does everything, which now includes remote sharing. Impossible to enumerate the feature set of installed software when it's infinite.