![]() ![]() Hackers would have also been able to mask malicious links so they looked like URLs to legitimate websites. "The options from there on are endless."Īs Wells suggests, a hacker might have been able to place a malicious link in a Slack channel using RSS feeds, which Slack users can add to channels. ![]() Since many workplaces use Slack in place of email, it seems inevitable that files with sensitive data change hands through the service.Īttackers could even have "inserted malicious code in so that when opened by victim after download, their machine would have been infected," Tenable researcher David Wells, who discovered the bug, wrote. From there, the attacker obviously could have stolen the document. However, it seems no Slack users were affected before the service fixed the vulnerability.Ī researcher with cybersecurity firm Tenable found that hackers could have placed a malicious link in a Slack channel that, when clicked, would have allowed them to redirect a user's downloads to a file server belonging to the attacker. Slack has fixed a bug that could have allowed hackers to intercept and redirect downloads in the Windows desktop version of the messaging app.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |