Slack phishing attacks using webhooks

Background
Slack is a cloud-based messaging platform that is commonly used in workplace communications. It is feature-rich, offering additional functionality such as video calling and screen sharing in addition to a marketplace containing thousands of third-party applications and add-ons.
Slack Incoming Webhooks allow you to post messages from your applications to Slack. By specifying a unique URL, your message body, and a destination channel, you can send a message to any webhook that you know the URL for in any workspace, regardless of membership. Webhooks take the format of https://ift.tt/2pLcG01.
Generally, Slack webhooks are considered a low risk integration due to the following assumptions:
Webhook configuration requires selection of a target channel, reducing the scope of abuse to a single channel.
The unique webhook URL is secret.
The webhook only accepts data, and thus alone cannot expose sensitive data to third parties.
A…

Posted by: Ashley Graves

Read full post

       

The post Slack phishing attacks using webhooks appeared first on Cybersecurity Insiders.

April 15, 2020 at 09:08AM

Posted in: Cyber Security, Cybersecurity Insiders, Hacking, Hacking Articles, Hacking News, Security