Beyond Zoom: How Safe Are Slack and Other Collaboration Apps?

2020-04-06 09:49

Popular video-conferencing app Zoom may currently be in the cybersecurity hot seat, but other collaboration tools, such as Slack, Trello, WebEx and Microsoft Teams, are certainly not immune from cybercriminal attention.

According to a HackerOne bug-bounty report, a HTTP Request Smuggling bug, in a proof-of-concept, was used to force open-redirects within Slack, leading users to a rogue client outfitted with Slack domain cookies.

"Traditional security measures, of tunneling all the remote users back to headquarters, are not working. For example, many organizations today use on-premises firewalls and proxy solutions to protect cloud apps. This system doesn't scale - and more importantly, there is a major hole in that architecture. How do you protect data being created in the cloud and shared between clouds if it never touches an endpoint or the network through apps such as Slack, Box, Office 365, etc?".

How safe are Slack and other collaboration apps? The answer comes down to how much effort has been put into locking them down.

Cequence's Kent said that it's important to recognize just how much is at stake with the increased use of Slack, Teams and other such apps - and to take steps to ensure their safety.

News URL

https://threatpost.com/beyond-zoom-safe-slack-collaboration-apps/154446/

#slack #zoom