In Cybersecurity Minute Episode 25, analyst Chris Hughes reacts to a recently-discovered bug within the Slack platform, which compromised user passwords since 2017.
Highlights
00:08 — Popular workplace communication platform Slack recently reset 60,000 user passwords deemed vulnerable to a bug that persisted for more than five years.
00:48 — This particular vulnerability transmitted hashed versions of user passwords to other workspace members, which could be reverse-engineered and used maliciously. The bug was reportedly caused by a shared invite link functionality.
01:17 — The bug potentially exposed passwords for any user who created or shared an access link between April 17, 2017 and July 17, 2022.
01:53 — While there isn’t yet evidence of malicious actors abusing this information, the extended range of time during which this bug remained active makes the possibility extremely likely.
Want to see more content about cybersecurity from Cloud Wars Expo? More than 40 hours of on-demand cloud and cybersecurity education content is rolling out now and available for free to Acceleration Economy subscribers.
Want more cybersecurity insights? Visit the Cybersecurity channel:
