Somebody sent me this blog my way today so I had a dig into it for a few hours. https://medium.com/@amitassaraf/the-story-of-extensiontotal-how-we-hacked-the-vscode-marketplace-5c6e66a0e9d7

Yes, Amit is right. Visual Studio Marketplace is a clusterfuck.

✅ anybody can verify themselves using just a domain name
✅ anybody can set any display name
✅ extensions allow RCE, no sandboxing or limits at all
✅ full access to developer + build
✅ anybody can link any GitHub repo, even if it has nothing to do with the extension
✅ I’ve already found malware - backdoors, beacons etc etc

I've said it before and I'll say it again - the two top SaaS app features that I, as a person responsible for Security and IT want to see in your app - above all else:

1. Single Sign On with SCIM Support either included or at a price that is not insane.

2. An invoice that comes to me in email, attached as a PDF, so I can auto-populate expense reports and not have to waste time logging into every frigging app every frigging month to get it.

Thank you for your time.

I’ve been out of the CISO world for 3.5 months now, and that’s given me a lot of perspective. I’ve had a chance to reflect on what I’ve learned over 30 years in IT and spoke to a bunch of people recently.

I can summarize what organizations need to do to better secure their data, prevent ransomware and whatnot:

Stop fucking around.

I think that will be the title of my book.

8 dead, 2,700 injured after simultaneous pager explosions in Lebanon

Lithium-ion batteries may have been triggered to explode.

https://arstechnica.com/security/2024/09/8-dead-2700-injured-after-simultaneous-pager-explosions-in-lebanon/?utm_brand=arstechnica&utm_social-type=owned&utm_source=mastodon&utm_medium=social