YoVDO

1-Click to Infiltrate Your Organization via Vulnerable VS Code Extensions

Offered By: Ekoparty Security Conference via YouTube

Tags

Ekoparty Security Conference Courses Cybersecurity Courses Vulnerability Analysis Courses Supply Chain Attacks Courses

Course Description

Overview

Explore a conference talk from Ekoparty 2021 that delves into the emerging threat of vulnerable VS Code extensions as a means for attackers to compromise organizations through developers. Learn how popular VS Code extensions can be exploited to carry out supply chain attacks, shifting the focus from traditional attack vectors like malicious third-party packages, leaked credentials, and unpatched vulnerabilities. Gain insights from security researchers Raul Onitza-Klugman and Kirill Efimov as they discuss their findings and demonstrate the potential risks associated with IDE vulnerabilities. Discover the importance of securing development environments and staying vigilant against evolving cyber threats in this 32-minute presentation from the Ekoparty Security Conference main track.

Syllabus

1-click to infiltrate your organization via vulnerable VS Code extensions ▪ Ekoparty 2021


Taught by

Ekoparty Security Conference

Related Courses

Computer Security
Stanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network