Cybersecurity

5935 readers

17 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected]

Notable mention to [email protected]

founded 2 years ago

MODERATORS

kid

[email protected]

Chinese Hackers Exploit Visual Studio Code in Southeast Asian Cyberattacks (thehackernews.com)

submitted 4 months ago by kid to c/cybersecurity

1 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] sun_is_ra 4 points 4 months ago

"To abuse Visual Studio Code for malicious purposes, an attacker can use the portable version of code.exe (the executable file for Visual Studio Code), or an already installed version of the software," Fakterman noted. "By running the command code.exe tunnel, an attacker receives a link that requires them to log into GitHub with their own account." Visual Studio Code

Once this step is complete, the attacker is redirected to a Visual Studio Code web environment that's connected to the infected machine, allowing them to run commands or create new files.