Security Alerts & News
by Tymoteusz A. Góral

History
#673 Hacking Slack accounts: As easy as searching GitHub
A surprisingly large number of developers are posting their Slack login credentials to GitHub and other public websites, a practice that in many cases allows anyone to surreptitiously eavesdrop on their conversations and download proprietary data exchanged over the chat service.

According to a blog post published Thursday, company researchers recently estimated that about 1,500 access tokens were publicly available, some belonging to people who worked for Fortune 500 companies, payment providers, Internet service providers, and health care providers. The researchers privately reported their findings to Slack, and the chat service said it regularly monitors public sites for posts that publish the sensitive tokens.
Read more
#682 A dramatic rise in ATM skimming attacks
#681 Phony Google update spreads data-stealing Android malware
#680 U.S. labels Switzerland an internet piracy haven
#679 Google patches 9 security flaws in new Chrome browser build
#678 GCHQ has disclosed over 20 vulnerabilities this year, including ones in Apple iOS
#677 The critical hole at the heart of our cell phone networks
#676 AV comparatives: Anti-Spam Test (PDF)
#675 Locky ransomware spreads via Flash and Windows kernel exploits
#674 Almost two-thirds of software companies contributing to open source
#673 Hacking Slack accounts: As easy as searching GitHub
#672 Toymaker’s website pushes ransomware that holds visitors’ files hostage
#671 Google's OnHub is the first WiFi router to support IFTTT
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12