Chinese APT Abuses Multiple Cloud Tools to Spy on Mongolia
The threat actor gave itself plenty of options to support command and control, tapping Microsoft Outlook, Slack, Discord, and file.io for online espionage.
Slack is a workplace messaging platform whose integrations, permissions, and exposed data can affect organizational security and privacy.
Search across headline titles and summaries.
Background for this topic.
Slack is a hosted collaboration platform for workplace channels, direct messages, file sharing, and integrations with other services. It is security-relevant because workspaces can contain confidential discussions, credentials, personal data, and operational documents. Unauthorized account access, overly broad channel or guest permissions, and accidental external sharing can expose that content; retention settings may also determine how much information remains available after an incident.
Key attack surfaces include identity and session controls, OAuth applications, bots, webhooks, APIs, and Slack’s desktop, mobile, and browser clients. Security teams should enforce strong authentication, review app permissions and tokens, restrict external access, patch clients, and use audit logs and appropriate retention or data-loss controls. Advisories about client or API vulnerabilities should be assessed for affected versions, required access, and potential reach into workspace data. Investigations may need to examine application tokens, integration activity, and audit records as well as user credentials.
The threat actor gave itself plenty of options to support command and control, tapping Microsoft Outlook, Slack, Discord, and file.io for online espionage.
A previously undocumented state-backed threat actor named GopherWhisper is using a Go-based custom toolkit and legitimate services like Microsoft 365 Outlook, Slack, and Discord in attacks against government entities. [...]
Keeping it simple for the developers can lead to very complex headaches later PWNED Welcome back to PWNED, the column where we celebrate the people who’ve taught us how not to secure a server. If you’ve ever tied your own shoelaces together, then tripped over them, or attempted to dive into a swimming pool but hit your head on the diving board, we’ll be talking about your cyber equivalent.…