Date:18/03/20
A critical vulnerability was discovered in the popular Slack corporate messenger, which allowed attackers to seize control over other people’s accounts and conduct attacks on users, which made their data endangered. This was announced by cybersecurity expert Evan Custodio.
In the publication on Hackerone He said that due to a security problem, criminals could steal cookies with user data, as well as intercept accounts under their control.
Custodio emphasized that with the help of bots attacks could be carried out continuously. At the same time, among the users of the messenger that could suffer from the actions of fraudsters, there are many organizations and companies using it for work correspondence. The specialist reported a discovered vulnerability in Slack, after which the developers fixed it.
It was previously reported that in the popular social network Facebook discovered vulnerability, with which it is possible to hack any account. A problem that has existed for about 10 years has been discovered in the login function via Facebook using the OAuth 2.0 authorization protocol.
Slack is a popular corporate messenger that uses a system of chats, private groups and private messages. It has its own hosting and allows you to search among all messages at once. Used in many private companies as a means of working correspondence.
Slack vulnerability allowing account takeovers
A critical vulnerability was discovered in the popular Slack corporate messenger, which allowed attackers to seize control over other people’s accounts and conduct attacks on users, which made their data endangered. This was announced by cybersecurity expert Evan Custodio.In the publication on Hackerone He said that due to a security problem, criminals could steal cookies with user data, as well as intercept accounts under their control.
Custodio emphasized that with the help of bots attacks could be carried out continuously. At the same time, among the users of the messenger that could suffer from the actions of fraudsters, there are many organizations and companies using it for work correspondence. The specialist reported a discovered vulnerability in Slack, after which the developers fixed it.
It was previously reported that in the popular social network Facebook discovered vulnerability, with which it is possible to hack any account. A problem that has existed for about 10 years has been discovered in the login function via Facebook using the OAuth 2.0 authorization protocol.
Slack is a popular corporate messenger that uses a system of chats, private groups and private messages. It has its own hosting and allows you to search among all messages at once. Used in many private companies as a means of working correspondence.
Views: 409
©ictnews.az. All rights reserved.
Similar news
- Cellphone Use May Raise Cancer Risk
- Australian police pushes cyber safety education
- Vietnam aims to lead in e-government
- Senate Website Gets Hacked
- US builds net for cyber war games
- Japan enacts anti-computer virus law
- India passes law vs e-waste
- Anonymous Declares War On The City Of Orlando
- Microsoft highlights evolving dangers as online identity data proliferates
- Consumers want internet security to be provided by banks
- Government facilities targets of cyber attack
- South Korean web attacks might been war drill
- Sri Lanka to Establish National Passport Database to Increase Border Security
- Hi-tech crime agencies set to employ information security professionals
- Phone hacking and online campaign bring down the News of the World
