HackerOne announced a free version of its platform for open source projects.
Tag Archives: Slack
Threatpost News Wrap, March 3, 2017
The news of the week is recapped, including the fallout around CloudBleed, the CloudPets breach, and a Slack token bug. The life of Howard Schmidt is also remembered.
Slack Fixes Cross-Origin Token Theft Bug
The cloud-based collaboration tool Slack was quick to fix a bug earlier this month that could have let an attacker steal a user’s private Slack token.
Slack Plugs Token Security Hole
Slack fixes a security loophole that opened hundreds of corporate Slack accounts to the public.
Slack Discloses Breach of Its User Profile Database, Implements 2FA
Collaboration providers Slack disclosed that a database storing its user profile information has been breached. The break-in has been stopped, and Slack announced that it has implemented two-factor authentication going forward.