slack – Computer Security Articles

Why using Google OAuth in work applications is unsafe

January 18, 2024 admin accounts, authentication, Business, enterprise, google, OAuth, risks, slack, SMB, zoom

Credit to Author: Alanna Titterington| Date: Thu, 18 Jan 2024 17:19:06 +0000

A bug in the Google OAuth sign-in mechanism can be exploited by fired employees to retain access to accounts

A week in security (January 9—15)

January 16, 2023 admin 2023 predictions, awis, department of interior, Facebook, GitHub, google, Identity Theft, instagram, k-12 security, K–12, Magecart, maternal & family health services, meta, microsoft, news, nso group, pokemon nft, ransomware. vice society ransomware, royal mail, slack, snapchat, TikTok, vice society, weak passwords, Week in security, weekly blog roundup, WhatsApp, Youtube

Categories: News

Tags: AWIS

Tags: weekly blog roundup

Tags: week in security

Tags: Slack

Tags: GitHub

Tags: Magecart

Tags: Microsoft

Tags: Pokemon NFT

Tags: Facebook

Tags: Instagram

Tags: Snapchat

Tags: TikTok

Tags: YouTube

Tags: Google

Tags: Meta

Tags: identity theft

Tags: Maternal & Family Health Services

Tags: 2023 predictions

Tags: Royal Mail

Tags: K-12 security

Tags: K-12

Tags: WhatsApp

Tags: NSO Group

Tags: Department of Interior

Tags: weak passwords

Tags: Vice Society

Tags: ransomware. Vice Society ransomware

The most interesting security related news from the week of January 9—15.

(Read more…)

The post A week in security (January 9—15) appeared first on Malwarebytes Labs.

MalwareBytes Security

Slack private code on GitHub stolen

January 9, 2023 admin compromised tokens, data breach, GitHub, news, slack, slack breach

Categories: News

Tags: Slack

Tags: GitHub

Tags: data breach

Tags: Slack breach

Tags: compromised tokens

Stolen employee tokens gave an attacker access to Slack’s private code repositories.

(Read more…)

The post Slack private code on GitHub stolen appeared first on Malwarebytes Labs.

MalwareBytes Security

Uber hacked

September 16, 2022 admin hackerone, mfa, news, push notification, slack, Uber

Categories: News

Tags: Uber

Tags: MFA

Tags: push notification

Tags: Slack

Tags: HackerOne

Uber was forced to take several systems offline after reports of a serious breach

(Read more…)

The post Uber hacked appeared first on Malwarebytes Labs.

Independent Krebs

Leaked Chats Show LAPSUS$ Stole T-Mobile Source Code

April 22, 2022 admin A Little Sunshine, amtrak, apple, bitbucket, Breadcrumbs, Dan Goodin, Doxbin, Electronic Arts, emergency data request, everlynn, Flashpoint, genesis, globant, iqor, kt, lapsus$, lapsus$ jobs, michelin, microsoft, Mobile Device Management, mox, Ne'er-Do-Well News, nvidia, recursion team, russian market, Samsung, sascar, SIM swapping, slack, source code theft, SWATting, T-Mobile, t-mobile atlas, whitedoxbin

Credit to Author: BrianKrebs| Date: Fri, 22 Apr 2022 13:09:39 +0000

KrebsOnSecurity recently reviewed a copy of the private chat messages between members of the LAPSUS$ cybercrime group in the week leading up to the arrest of its most active members last month. The logs show LAPSUS$ breached T-Mobile multiple times in March, stealing source code for a range of company projects. T-Mobile says no customer or government information was stolen in the intrusion. LAPSUS$ is known for stealing data and then demanding a ransom not to publish or sell it. But the leaked chats indicate this mercenary activity was of little interest to the tyrannical teenage leader of LAPSUS$, whose obsession with stealing and leaking proprietary computer source code from the world’s largest tech companies ultimately led to the group’s undoing.

ComputerWorld Independent

Slack beefs up mobile security controls for Enterprise Grid

August 6, 2019 admin Collaboration, Mobile, Security, slack

Credit to Author: Matthew Finnegan| Date: Tue, 06 Aug 2019 08:00:00 -0700

Slack today unveiled new security capabilities for Enterprise Grid customers, including tighter controls for admins who oversee mobile device access.

Enterprise Grid was launched in 2017 for Slack’s biggest customers, with additional features to support large-scale deployments. Among the 150 organizations now using Enterprise Grid are Capital One, IBM and Target.

Slack has continued to build out security and compliance features for the software since its introduction, including the addition of enterprise key management last September.

To read this article in full, please click here

Independent Krebs

Capital One Data Theft Impacts 106M People

July 30, 2019 admin Capital One breach, data breaches, GitHub, Masergy, Ne'er-Do-Well News, Paige A. Thompson, Ray Watson, slack, Twitter

Credit to Author: BrianKrebs| Date: Tue, 30 Jul 2019 13:59:54 +0000

Federal prosecutors this week charged a Seattle woman with stealing data from more than 100 million credit applications made with Capital One Financial Corp. Incredibly, much of this breached played out publicly over several months on social media and other open online platforms. What follows is a closer look at the accused, and what this incident may mean for consumers and businesses.

MalwareBytes Security

A week in security (June 24 – 30)

July 1, 2019 admin a week in security, atm attacks, ATM fraud, atm malware strains, ATM scam, Azure, cryptocurrency scams, Facial Recognition, fake jquery, greenflas, Internet of Things, IoT, JavaScript, Massachusettes, Microsoft Azure, scareware, slack, Slack outage, Somerville, spyware, stalkerware, Yandex

Credit to Author: Malwarebytes Labs| Date: Mon, 01 Jul 2019 17:02:56 +0000

A roundup of cybersecurity news from June 24–30, including top malicious web campaigns, updates on the GreenFlash Sundown exploit, a Malwarebytes initiative to double down on stalkerware detection and awareness, and more.

Categories:

A week in security

Tags: atm attacks atm fraud atm malware strains ATM scam Azure cryptocurrency scams facial recognition fake jquery greenflas Internet of Things IoT JavaScript Massachusettes Microsoft Azure scareware Slack Slack outage Somerville spyware stalkerware Yandex

(Read more…)

The post A week in security (June 24 – 30) appeared first on Malwarebytes Labs.

← Previous