Podcasts about microsoft visual studio code

Подкаст RadioDotNet выпуск №116 от 2 июня 2025 года Подкаст поддерживает международный разработчик высоконагруженного ПО Altenar. Узнать подробнее про их митапы и не только: https://t.me/+_TzcYVVVqEgyZGIyРеклама. ООО «Аистсофт». ИНН 3327121697. Erid: 2VtzqvRzqRP Сайт подкаста: radio.dotnet.ru Boosty (₽): boosty.to/RadioDotNet Темы: [00:01:40] — .NET Aspire 9.3 with GitHub Copilot devblogs.microsoft.com/dotnet/introducing-dotnet-aspire-93 [00:07:55] — Announcing dotnet run app.cs devblogs.microsoft.com/dotnet/announcing-dotnet-run-app [00:28:35] — ReSharper Comes to Microsoft Visual Studio Code blog.jetbrains.com/dotnet/resharper-comes-to-microsoft-vi... blog.jetbrains.com/ai/jetbrains-ai-assistant-now-in-visua... [00:33:50] — Circuit Breaker Policy Fine-tuning Best Practice devblogs.microsoft.com/dotnet/circuit-breaker-policy-finetuni... [00:48:05] — ZLinq, a Zero-Allocation LINQ Library for .NET neuecc.medium.com/zlinq-a-zero-allocation-linq-library-f... [01:05:10] — Scalar вместо Swagger UI. Надо ли оно нам? habr.com/ru/articles/892508 [01:18:50] — Кратко о разном blog.jetbrains.com/dotnet/resharper-2025-2-eap-2-oop-mode habr.com/ru/articles/911670 gitlab.winehq.org/mono/mono/-/releases/mono-6.14.0 vk.com/SevDotNet Фоновая музыка: Максим Аршинов «Pensive yeti.0.1»

Today we unravel the second ransomware extortion of Change Healthcare by RansomHub, the cunning malvertising campaign targeting IT pros with malware-laden ads for PuTTY and FileZilla, and the deceptive tactics on GitHub fooling developers into downloading malware. Discover protective strategies and engage with expert insights on bolstering defenses against these evolving cyber threats. Original URLs: https://www.securityweek.com/second-ransomware-group-extorting-change-healthcare/ https://www.helpnetsecurity.com/2024/04/10/malvertising-putty-filezilla/ https://thehackernews.com/2024/04/beware-githubs-fake-popularity-scam.html https://www.bleepingcomputer.com/news/security/malicious-visual-studio-projects-on-github-push-keyzetsu-malware/ Follow us on Instagram: https://www.instagram.com/the_daily_decrypt/ Thanks to Jered Jones for providing the music for this episode. https://www.jeredjones.com/ Logo Design by https://www.zackgraber.com/ Tags: cybersecurity, ransomware, malvertising, GitHub scams, Change Healthcare, IT professionals, data protection, cybercrime, malware, software development Search Phrases: How to protect against ransomware attacks Strategies to combat malvertising campaigns Tips for IT professionals on avoiding malicious ads Safeguarding software development from GitHub scams Change Healthcare ransomware extortion case study Cybersecurity advice for IT administrators Dealing with malware in system utilities ads Best practices for data protection in healthcare Understanding cybercrime tactics on GitHub Preventing repeated ransomware extortions Transcript: Transition (Long) 2 Welcome back to the Daily Decrypt. Change Healthcare falls victim to a second ransomware extortion in just a month, now at the hands of the Emergent Ransom Hub Group, wielding over 4 terabytes of sensitive data stolen in the February 2024 cyberattack. Which comes as a result from the Black Cat Exit Scam. Next, we're turning over to a new malvertising campaign where searching for essential utilities for IT professionals like Putty and Filezilla leads to malware laden ads, and you all know what I'm going to say about this. Don't click Google Ads. And finally, GitHub becomes a battlefield as cybercriminals exploit its search functionality to trick developers into downloading repositories full of malware. How can developers ensure the repositories they download from GitHub are safe and not just traps set by cybercriminals? All right, so at the end of February of this year, you may remember that Change Healthcare, which is a subsidiary of UnitedHealthcare, was the victim of a ransomware attack by the notorious and since disbanded ransomware group named Black Cat. Well, Change Healthcare finds itself in the crosshairs of a ransomware extortion scheme for the second time in just over a month, coming from a new ransomware group called Ransom Hub. There hasn't been a second attack. But this is believed to be a result of the exit scam that Black Cat pulled, where they kept all of the ransom payment that Change Healthcare had made. Allegedly, Optum, which is a subsidiary of Change Healthcare, paid Black Cat 22 million in ransom after the attack. Black Cat then pulled an apparent exit scam and disappeared without paying the affiliate who carried out the attack. And according to Qualys Cyber Threat Director Ken Dunham, it's not uncommon for companies that give in and pay these ransoms to quickly become additional targets or soft targets where their information is extorted again and again and again. Paying and giving into these ransomware artists might seem like a quick fix to your problems, but once you've proven that you will and can pay, they're gonna come after you again. The data doesn't just disappear or get deleted. It's very valuable, and in this case it's worth 22 million dollars, so even if the attackers say they're gonna delete it, maybe they won't and maybe they'll come hit you again. So even though Black Cat has disbanded, whether or not they were taken down by the FBI or performed an exit scam, The data that they pillaged from Change Healthcare is now in the hands, or supposedly in the hands, of a group called Ransomhub, which is extorting Change Healthcare all over again. IT professionals have found themselves at the crosshairs of an ongoing malvertising campaign. These attackers are using malicious Google Ads to disguise malware as popular system utilities, like Putty, which is a free SSH IntelNet client. And FileZilla, which is a FTP application. This research comes from Malwarebytes researcher Jerome Segura, and he points out that even after alerting Google about these malicious ads, the campaign continues unabated. This sophisticated scheme begins when IT administrators search for these utilities on Google. The top search results, or sponsored ads, lead them through a series of cloaking pages. These pages are designed to filter out non target traffic such as bots or security researchers, directing only potential victims to imitation sites. Unwittingly, when these IT administrators download what they believe to be legitimate software, they instead receive nitrogen malware, which is a dangerous software for cybercriminals, enabling them to infiltrate private networks or steal data, deploy ransomware attacks, and was used by the notorious Black Cat from the previous story. The method of infiltration is known as DLL sideloading, which involves the malware masquerading as a legitimate and signed executable to launch a DLL, thereby avoiding detection. So what this essentially means is these IT professionals are probably getting the tool, FileZilla, Putty, that they're looking for, The functionality might remain exactly the same, which only serves to benefit the attackers because once the IT professionals download the software, there's no indicators that it's incorrect or fake, but this software such as Putty or FileZilla will then launch a separate DLL, which is just an executable that contains the malware. So one way you can prevent this as someone downloading software from the web, is to find what's called an MD5 hash, which is essentially a signature of sorts that verifies the integrity of the file you've downloaded. Now, hashing isn't necessarily something we need to get into, Right now on this podcast, but all you need to know is it's sort of like math where you multiply the data from within this piece of software or do algebra or something to create this long string of characters. that can't be replicated if the files have been altered. So as soon as the files are altered, the mathematical equation puts out a different set of characters, right? So the creators of the software release this hash, they display it on their website, and then when you download the software, you run the same algorithm against that software to see if those two hashes match. Now I personally am guilty of Not always checking the hash for softwares. And I know a lot of other IT professionals are guilty of that as well, but it's time to set up a new good habit and consistently check these hashes, maybe even develop a web scraper that will go grab the hash and also run the software through it, comparing it, reducing the amount of work you have to do on the other end, but in summary, as I always say, do not click Google ads unless you absolutely have to, unless the thing you're searching for down below. Unless the thing you're specifically searching for is not in the search results below, and is only present in the advertisement, which will probably only be for things like thedailydecrypt. com, where I haven't been around long enough to boost my search result ranking naturally, so eventually maybe I'll start buying ad space, trying to get to people who are looking for the content that we're providing. But if you're going to download some software, there's no need to click the ads, especially something as popular as FileZilla or PuTTY, VS Code, whatever you're trying to download, go find it in the search results. Do not click the ad. And in a similar vein, let's talk about a scam on GitHub that's fooling developers into downloading dangerous malware. Cybercriminals are exploiting GitHub's search features, luring users into downloading fake yet seemingly popular repositories. This scheme has been identified to distribute malware hidden within Microsoft Visual Studio Code project files, which are cunningly designed to fetch further malicious payloads from remote URLs, as reported by checkmarks. So the attackers are mimicking popular repositories and employing automated updates and fake stars to climb GitHub's search rankings. So unlike Google, I don't believe there are ads you can buy in GitHub search to boost your search rankings. So attackers are becoming a little more creative. Making the repository look like it's consistently updated, helps boost the search rankings, and then naming the repositories, things that developers are constantly searching for will also help boost its rankings in its SEO. So since many of these repositories are disguised legitimate projects, it can be pretty tricky to identify them, but among the discoveries, some repositories were found downloading an encrypted file named feedbackapi. exe. which is an executable and is notably large at 750 megabytes. This executable is designed to bypass antivirus detection and deploy malware, similar to the Kizetsu Clipper, a notorious tool known for hijacking cryptocurrency transactions. And unlike softwares downloaded from the internet by clicking on Google ads in the previous story, there may or may not be hashes for these repositories. Most likely not. Sometimes if they're an executable or a package, they'll provide a hash. But if you're on the GitHub repository, you think it's legit, they might list the hash, but that's just the hash to their malware, giving you a false sense of security, just be extra vigilant when you're downloading anything to your computer, especially open source things that are generally found on GitHub, it can't be that hard to create. A thousand GitHub accounts, or maybe even you can buy them online. And that immediately gives your repo a thousand stars, making it look legitimate. So if you're looking for a tool, it's best to find it on the web within, from within a reputable website. GitHub search feature is not the most reliable. And that's all I've got for you today. Thanks so much for tuning in. Today I'll be traveling to Florida to Participate in the Hackspace conference where I'm really excited to learn a little bit more about how cybersecurity and satellites and other spacecraft intertwine. I'll also be meeting up with dogespan where we'll hopefully do a joint episode, our first ever one in person. So be sure to tune in tomorrow for that episode.

#Microsoft Visual Studio Code uygulamasına hızlı bakış atıyoruz.

Dave & David installing the software required for the uSupply development. Yep, one whole hour of installing software, for all you software installation aficionados. Microsoft Visual Studio Code, cMake, Ninja, OpenOCD, and ST ARM programmers. Doxygen and how to do automatically documenting code. Forum: https://www.eevblog.com/forum/blog/eevblog-1264-usupply-software-development-setup/

Microsoft Visual Studio Code - https://code.visualstudio.com/Live Share Extension - https://marketplace.visualstudio.com/items?itemName=MS-vsliveshare.vsliveshare-packPatrick Chanezon - https://twitter.com/chanezonEpisode TranscriptionWelcome back to The Byte, just made it back from San Francisco, struggling with a little jet lag. I'm sure everyone understands this. In this episode, we're going to talk about Microsoft Visual Studio Live Share. Live Share is a code collaboration tool which allows us to invite people to Microsoft Visual Studio Code, to actually review our code, actually interact with the code. So we can actually see multiple different cursors moving, and we can invite people to our server, we can share our terminals. I mean we can really do a lot of information. We can do a lot of collaboration with this.Now typically people use screen sharing, or talk over the phone, or sending screenshots, and I find Visual Studio Live Share is actually much more collaborative. Because you can actually spawn a call within Live Share. So you can actually have a Skype call going, while you're doing Live Share, and you can actually do live debugging, you can do a collaboration, you can do actually code review. And I quite like it, personally, for doing training. Teaching people how to use something remotely. They can log in, they can see the link, they can actually interact with the code, they can see what I'm doing, how I'm executing things. So it brings a whole new use case to collaboration with editors.Now Live Share is just an extension within Microsoft Visual Studio Code. And you install it like any other extension, you go to extensions, search for Live Share, install it. And you have to connect it to some sort of authentication provider. So I connected mine to GitHub, it's owned by Microsoft anyway, so no problem. And from there, you can then collaborate with people. It installs an additional extension, and then at the bottom of the screen, you see your name usually, your GitHub name. And in here, you can invite others with a link, you can share terminals, you can share servers, and you can stop the collaborations sessions. And you see like little icon next to it, it's like a team icon. And you see how many people are actually viewing your code simultaneously.Now once you have it up and running, I mean it's quite cool, because you can invite somebody in. And they see your code, and you can see everyone's cursor, where everyone's working, you can see the debugging. And I find it quite helpful. I've used it a couple of times where people say, "Oh no, you know this docker composed file or whatever is not running." And we start up a session, I look at it, and like okay, walk me through exactly what you're doing, let me see. And you can identify right away what's going on. And you can actually interact with it, and jump in the terminal, and they see exactly what you're typing, etc. So it actually is a great learning tool. I find it's a great learning tool.Now some of the common use cases, which people say they're using Live Share for is often you see quick assistance. I'm having an error, can you help me? Office hours, I want to demo my project, how about like mob programming, like pair programming, coding competitions, hackathons, school group projects, developer streaming, then interactive education. And I find interactive education is probably the best use case for the Live Share because I see it as really a learning tool. And I'll give you an example, at DockerCon, Patrick Chanezon actually did his session with Live Share. And he invited someone from I to think the UK, and DockerCon was in San Francisco. He called them up with Skype and said, "Hey, we're going to do this really quick." They interacted with Live Share, they were doing actually Kubectl commands, via Live Share, sharing the terminal. And it was really amazing. I mean this is the first time I've seen it in a conference, someone actually doing collaborative editing with the editor. So it was really nice.Other use cases, code reviews, and technical interviews. Maybe someone wants to show you what they're working on and walk you through the code and how it works, which is also quite interesting. Then you can share it with multiple people, you don't have to be in the same room. Especially since we're getting into more of a remote type of context. More people are working remotely. This is really helpful to see the code and understand what their thought process is when they're looking at the code. Because someone just sends you a GitHub link, that's great. But when someone can walk you through the code, interactively, and highlight the different sections, this changes the whole aspect of how the code lives, an how it communicates different people.So I'm using it quite often and I'm going to use it more for my training sessions. I'm going to kick out some workshops, and I'm going to actually do everything through Microsoft Live Share. So people can actually interact, they can see exactly what's going on, then they can try it on their terminals to see what's going on as well. So it's learning by doing a type of thing, but it's very easy to identify exactly what I'm doing, what step I'm in, and it's clear. I actually find it a little bit easier than attending workshops, because you see the code, you see how I'm typing, you see how I'm interacting.The only limitation I find is you definitely need two screens. So you can work on one screen and view the other screen. Now I'm going to start using this more and more, I've used it a couple of times already. I see tons and tons of use cases for it. I highly encourage everyone to go check it out. I mean just go to Microsoft Visual Studio Code, install Live Share, connect it to GitHub. And then within the Live Share client, I mean right when you click your name, you can just copy the link, drop it into Slack, you can email it to anyone. And once this other person clicks this link, they connect to your session. It is that easy. And then you can do Skype calls, or you can do Hangouts, however, you want to talk. So you can have a call going while you're doing the live share.Give it a try, I mean it's very, very helpful. You can see a ton of use cases out of it. I mean to try it out, give me some feedback. Let me know what you think of it, like I said, in DockerCon they demoed it, they demoed part of the session using it. So I can see more and more use cases coming along. And I can see this type of collaborative workshops, code reviews, and just collaboration on projects generally should increase. So we're getting away from screen sharing, we're actually all using the same terminal, same code base, and view exactly what's going on at the same time like we're all sitting in the same room.Well, that's all for this episode, Microsoft Visual Studio Live Share, give it a try. Have a great day and we will see you next time.

Hace tiempo que estoy suscrito a Amazon Prime, mas que nada por la ventaja, y ahorro que representa no tener que pagar gastos de envío. Sin embargo, esta solo es una de las ventajas que aporta. Además tiene otros muchos servicios, como Prime Video, Prime Music, Prime Photos. Esto te lo cuento porque recientemente he comenzado a ver la serie Jack Ryan que se emite en Amazon Video. Te recomiendo esta serie, si te gustan las series de acción. La serie narra parte de la vida de Jack Ryan, el personaje creado por Tom Clancy y que conocemos por películas como La caza del octubre rojo o Juego de patriotas. Sin embargo, el que me interesa es el malo de la serie, Suleiman. Este personaje, se ve empujado al terrorismo por los prejuicios de la sociedad. Seguramente, llegados a este punto te preguntarás ¿Que tiene que ver esto con mi entorno de desarrollo? La cuestión es que hace un tiempo, Microsoft cambio el rumbo de su política hacia el software libre. Mucho tiempo ha pasado ya desde las famosas palabras del ex CEO de Microsoft. Ballmer, en 2001, llegó a decir que Linux era un Cáncer. Por contra, el actual CEO de Microsoft, Satya Nadella, ha cambiado totalmente el rumbo, y ha mostrado una nueva actitud hacia el software libre. Existen muchos hechos relevantes que lo demuestran. Hechos como la incorporación de Microsoft como miembro platino de la Fundación Linux, la compra de GitHub o la liberación de una herramienta de desarrollo tan potente como es Microsoft Visual Studio Code. Sin embargo a día de hoy, todavía hay muchos usuarios y desarrolladores que siguen pensado que Microsoft es el demonio. Y yo me pregunto, ¿No estaremos actuando como en la serie de Jack Ryan?¿Nuestros prejuicios no empujaran a Microsoft a ser el malo de la película? ¿Quieres conocer mi entorno de desarrollo? Sigue leyendo en las notas del programa Sobre mi entorno de desarrollo

Hace tiempo que estoy suscrito a Amazon Prime, mas que nada por la ventaja, y ahorro que representa no tener que pagar gastos de envío. Sin embargo, esta solo es una de las ventajas que aporta. Además tiene otros muchos servicios, como Prime Video, Prime Music, Prime Photos. Esto te lo cuento porque recientemente he comenzado a ver la serie Jack Ryan que se emite en Amazon Video. Te recomiendo esta serie, si te gustan las series de acción. La serie narra parte de la vida de Jack Ryan, el personaje creado por Tom Clancy y que conocemos por películas como La caza del octubre rojo o Juego de patriotas. Sin embargo, el que me interesa es el malo de la serie, Suleiman. Este personaje, se ve empujado al terrorismo por los prejuicios de la sociedad. Seguramente, llegados a este punto te preguntarás ¿Que tiene que ver esto con mi entorno de desarrollo? La cuestión es que hace un tiempo, Microsoft cambio el rumbo de su política hacia el software libre. Mucho tiempo ha pasado ya desde las famosas palabras del ex CEO de Microsoft. Ballmer, en 2001, llegó a decir que Linux era un Cáncer. Por contra, el actual CEO de Microsoft, Satya Nadella, ha cambiado totalmente el rumbo, y ha mostrado una nueva actitud hacia el software libre. Existen muchos hechos relevantes que lo demuestran. Hechos como la incorporación de Microsoft como miembro platino de la Fundación Linux, la compra de GitHub o la liberación de una herramienta de desarrollo tan potente como es Microsoft Visual Studio Code. Sin embargo a día de hoy, todavía hay muchos usuarios y desarrolladores que siguen pensado que Microsoft es el demonio. Y yo me pregunto, ¿No estaremos actuando como en la serie de Jack Ryan?¿Nuestros prejuicios no empujaran a Microsoft a ser el malo de la película? ¿Quieres conocer mi entorno de desarrollo? Sigue leyendo en las notas del programa Sobre mi entorno de desarrollo

伊藤直也さんをゲストに迎えて、開発合宿、Apple TV, Electron, Game Center, Twitter, ドメイン駆動設計, Rails などについて話しました。 Show Notes Off-site meeting Hack Week @ Twitter Perl QA Hackathons 積読消化+開発合宿をしたら大失敗だった話 Salvatore Sanfilippo, the author of Redis: from Sicily Rubyist Hotlinks 中田伸悦さん Rebuild TVJS/TVML app Apple TV Markup Language Reference Apple Podcasts app spotted for new Apple TV Electron Microsoft Visual Studio Code Electron: YAPC::Asia Tokyo 2015 Photon HBFav for Desktop New Apple Photos app contains 'UXKit' framework Crossy Road Alto's Adventure Lumino City Twitter officially kills off favorites and replaces them with likes German expression for “Likes” is 21 characters long Introducing Twitter Polls エリック・エヴァンスのドメイン駆動設計 70ページでドメイン駆動設計の要点を押さえられるDomain-Driven Design Reference Ruby on Railsはプログラミングではない！ (cache) @miyagawa: Few things about "Programming" in Rails Sinatra Padrino Ruby Web Framework

Tras varias semanas sin poder grabar un nuevo episodio por el periodo de exámenes, os traemos un episodio en el que os contamos todas las novedades de los eventos de la Microsoft Build, el Google IO y la WWDC de Apple. Microsoft Build Así sí, Microsoft: Visual Studio Code, gratuito y también disponible en Linux y OS X – https://www.genbeta.com/actualidad/asi-si-microsoft-visual-studio-code-gratuito-y-tambien-disponible-en-linux-y-os-xEl nuevo (y atractivo) conejo en la chistera de Microsoft para atraer a los developers – https://www.xataka.com/aplicaciones/este-es-el-plan-de-microsoft-para-llenar-su-tienda-de-apps-tiene-trucoWindows 10 llega el 29 de julio: preparaos – https://www.xataka.com/aplicaciones/windows-10-llega-el-29-de-julio-preparaosLos usuarios de Windows 7 y 8 ya pueden reservar su copia de Windows 10 – https://www.xatakawindows.com/windows/los-usuarios-de-windows-7-y-8-ya-pueden-reservar-su-copia-de-windows-10 Google IO Brillo: así es el sistema operativo de Google para el Internet de las cosas – https://www.xataka.com/internet-of-things/brillo-asi-es-el-sistema-operativo-de-google-para-el-internet-de-las-cosasNuevo Android M: estas son las seis claves del próximo Android – https://www.xataka.com/moviles/estas-son-las-seis-claves-de-android-m-que-google-quiere-que-conozcamosGoogle juega con diminutos radares que son capaces de reconocer movimientos de nuestras manos: Project Soli – https://www.xataka.com/wearables/google-juega-con-diminutos-radares-que-son-capaces-de-reconocer-los-gestos-de-nuestras-manos-project-soliProject Jacquard, estos son los wearables que de verdad estamos esperando – https://www.xataka.com/wearables/project-jacquard-estos-son-los-wearables-que-de-verdad-estamos-esperandoProject Tango sigue vivo y empieza a salir a la calle – https://www.xataka.com/tablets/project-tango-sigue-vivo-y-empieza-a-salir-a-la-calleAndroid Studio 1.3 añade soporte C/C++ – https://elandroidelibre.elespanol.com/2015/05/la-version-previa-de-android-m-disponible-hoy-para-desarrolladores.htmlGoogle Inbox ya puede ser utilizado sin invitación – https://www.genbeta.com/actualidad/google-inbox-ya-puede-ser-utilizado-sin-invitacion Apple WWDC WWDC 2015 – http://applelizados.com/resumen-mas-completo-wwdc-2015-98765 Podéis encontrarnos en Twitter y en Facebook!

Matthew discusses his contributions to the Tumblr app for iOS, Quotebook and Velocity at Lickability, iOS 9 and OS X 10.11 at WWDC 2015, Microsoft Visual Studio Code, thoughts on the Apple Watch, and Watch OS.