security risks

Calls for Visual Studio security tweak fall on deaf ears despite one-click RCE exploit

by

October 13, 2023 at 11:38AM A single-click exploit has raised concerns about the security of Microsoft’s Visual Studio IDE once again. Developed by security researcher Zhiniang Peng, the exploit takes advantage of the default implementation of the IDE’s “trusted locations” feature. Peng argues that enabling this feature by default would protect users from potential attacks, … Read more

Uber’s Ex-CISO Appeals Conviction Over 2016 Data Breach

by

October 12, 2023 at 09:59AM Former Uber CISO Joseph Sullivan’s lawyers have argued in an appeal that his conviction for charges related to a 2016 data breach should not stand as it threatens bug bounty programs. They describe the verdict as “profoundly flawed” and claim that it jeopardizes the valuable tool used by security teams … Read more