Chinese APT Abuses Multiple Cloud Tools to Spy on Mongolia
The threat actor gave itself plenty of options to support command and control, tapping Microsoft Outlook, Slack, Discord, and file.io for online espionage.
Slack is a workplace messaging platform whose integrations, permissions, and exposed data can affect organizational security and privacy.
Search across headline titles and summaries.
Background for this topic.
Slack is a hosted collaboration platform for workplace channels, direct messages, file sharing, and integrations with other services. It is security-relevant because workspaces can contain confidential discussions, credentials, personal data, and operational documents. Unauthorized account access, overly broad channel or guest permissions, and accidental external sharing can expose that content; retention settings may also determine how much information remains available after an incident.
Key attack surfaces include identity and session controls, OAuth applications, bots, webhooks, APIs, and Slack’s desktop, mobile, and browser clients. Security teams should enforce strong authentication, review app permissions and tokens, restrict external access, patch clients, and use audit logs and appropriate retention or data-loss controls. Advisories about client or API vulnerabilities should be assessed for affected versions, required access, and potential reach into workspace data. Investigations may need to examine application tokens, integration activity, and audit records as well as user credentials.
Weekly headline count for the current query.
The threat actor gave itself plenty of options to support command and control, tapping Microsoft Outlook, Slack, Discord, and file.io for online espionage.
The Japanese media giant said thousands of employee and business partners were impacted by an attack that compromised Slack account data and chat histories.
A prompt injection flaw in the AI feature of the workforce collaboration suite makes malicious queries of data sources appear legitimate.
Campaign distributes malware disguised as legitimate installers for popular workplace collaboration apps by abusing a traffic-tracking feature.
The malicious actor used Slack channels as an exfiltration point to upload the stolen data.
It's time to include messaging tool security in your cloud security program. Good first steps include tightening filter parameters on Slack and Teams.
It's a banner year for attacks coming through traditional email as well as newer collaboration technologies, such as Slack and Microsoft Teams. What's next?
High-profile software provider compromises in the past few months show that threat actors are actively targeting the services underpinning corporate infrastructure. Here's what to do about it.
Slack, Docker, Kubernetes, and other applications that allow developers to collaborate have become the latest vector for software supply chain attacks.
A teen hacker reportedly social-engineered an Uber employee to hand over a Slack password, before burrowing deep into Uber's cloud and code repositories.
A single compromised Slack account can easily be leveraged to deceive other users and gain additional access to other users and multiple Slack channels.
The push to embrace Slack, Teams, and Zoom at work comes with new security risks for organizations.