"the larger discussion should be on the failings of the Nikkei IT/IS program to protect against some sort of attack that targeted its employees. Why are employees allowed to use Slack on personal devices? So this is really an issue of risk management, In the case of Nikkei, it appears the exploitation was elsewhere [on the system]. The initial access allowed the miscreants to use credentials to gain access to Slack. That's not a compromise of Slack itself, that's a compromise of employee account authentication."
"what happens when someone uses a personal device to get into work systems. Once that device gets hit with malware, it's game over for the credentials. The part that worries me is this could happen anywhere. People forget how much sensitive stuff ends up in Slack: messages, files, links, sometimes even credentials. Once someone has that, they can poke around pretty freely."
Nikkei's IT/IS program failed to prevent an attack targeting employees, enabling miscreants to obtain credentials used to access Slack. Employees were allowed to use Slack on personal devices, increasing exposure to malware and credential theft. The initial exploitation occurred elsewhere on the system and resulted in an account authentication compromise rather than a Slack platform breach. Once a personal device is infected, malware can harvest credentials and give attackers broad access to messages, files, links, and stored credentials. Such exposure reflects a risk-management failure that allows adversaries to move freely within corporate communications.
Read at Computerworld
Unable to calculate read time
Collection
[
|
...
]