XSLeak flaw in Slack could allow a malicious workspace member to launch de-anonymisation attacks

clock • 3 min read
XSLeak flaw in Slack could allow a malicious workspace member to launch de-anonymisation attacks
Image:

XSLeak flaw in Slack could allow a malicious workspace member to launch de-anonymisation attacks

Slack says users can prevent such attacks by ensuring that everyone in their workspace is 'trusted'

A security researcher claims to have uncovered a cross-site leak (XSLeak) flaw in the file-sharing feature of Slack's web application which could enable threat actors to identify users outside of t...

To continue reading this article...

Join Computing

  • Unlimited access to real-time news, analysis and opinion from the technology industry
  • Receive important and breaking news in our daily newsletter
  • Be the first to hear about our events and awards programmes
  • Join live member only interviews with IT leaders at the ‘IT Lounge’; your chance to ask your burning tech questions and have them answered
  • Access to the Computing Delta hub providing market intelligence and research
  • Receive our members-only newsletter with exclusive opinion pieces from senior IT Leaders

Join now

 

Already a Computing member?

Login

More on Hacking

Russian attacks come from both the state and allegedly unaffiliated 'criminal groups'

Microsoft warns of rising Russian cyberattacks

The country is targeting states that have supported Ukraine - especially the USA and Poland.

clock 27 June 2022 • 2 min read
Italian spyware used to target Apple and Android phones, says Google

Italian spyware used to target Apple and Android phones, says Google

News comes as NSO says Pegasus spyware used by at least five EU countries

clock 24 June 2022 • 3 min read
Paige Thompson worked for Amazon from2015-2016, and conducted her hack three years later in July 2019

Ex-Amazon worker found guilty in Capital One breach

Paige Thompson built a tool to find vulnerable AWS accounts, exfiltrate data and plant cryptomining software

clock 21 June 2022 • 3 min read