Slack fixes 'critical' vulnerability that left desktop app users open to attack

August 30, 2020 0
Slack fixes 'critical' vulnerability that left desktop app users open to attack

Slack and its scores of desktop app users just dodged a major bullet. 

The communications tool relied upon by journalists, tech workers, and D&D fans alike disclosed on Friday a "critical" vulnerability — now fixed — that would have let hackers run wild on users' computers. Slack's internal security team didn't even find the bug; rather, it was a third-party security researched who reported it, through the bug bounty platform HackerOne in January.

Notably, the exploit allowed for something known as "remote code execution," which is just as bad as it sounds. Before Slack fixed it, an attacker using the exploit could have done some pretty wild stuff, such as gaining "access to private files, private keys, passwords, secrets, internal network access etc.," and "access to private conversations, files etc. within Slack." Read more...

More about Cybersecurity, Slack, Tech, and Cybersecurity


tech technology tech news technology news latest technology news new technology latest technology latest tech news technews technology news today tech news today technical news new technologies technology websites tech websites August 30, 2020 at 12:06AM
Tags:

No comments

Subscribe to: Post Comments ( Atom )
Powered by Blogger.