One Article Review
| Source |  Network World |
|---|---|
| Identifiant | 327009 |
| Date de publication | 2017-03-02 12:07:52 (vue: 2017-03-02 12:07:52) |
| Titre | Slack bug paved the way for a hack that can steal user access |
| Texte | One bug in Slack, the popular work chat application, was enough for a security researcher to design a hack that could trick users into handing over access to their accounts.Bug bounty hunter Frans Rosen noticed he could steal Slack access tokens to user accounts due to a flaw in the way the application communicates data in an internet browser.“Slack missed an important step when using a technology called postMessage,†Rosen said on Wednesday in an email.  PostMessage is a kind of command that can let separate browser windows communicate with each other. In Slack, it's used whenever the chat application opens a new window to enable a voice call.To read this article in full or to leave a comment, please click here |
| Envoyé | Oui |
| Condensat | access accounts application article bounty browser bug call called can chat click command comment communicate communicates could data design due each email enable enough flaw frans full hack handing here hunter important internet kind leave let missed new noticed one opens other over paved please popular postmessage read researcher rosen said security separate slack steal step technology tokens trick used user users using voice way wednesday when whenever window windows work â postmessage †“slack |
| Tags | |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.