Monday 9th January 2023

Threat intelligence weekly update | 6th January 2023

Key Issue: Slack discloses data breach affecting its GitHub code repositories

Cybercriminals: Ransomware groups observed using custom malware payloads

Nation-State: CSIRT GOV announces increase in pro-Russian campaigns against Poland

Hacktivists: Killnet founder KillMilk conducts data theft against 150 million individuals

Slack discloses data breach affecting its GitHub code repositories

This week we reported on a data breach affecting the popular instant messaging platform Slack, which saw the theft of a number of Slack employee tokens that were used to gain access to its GitHub repositories. Slack has subsequently issued a security update assuring that no customer data was affected, and that it is carrying out an investigation to assess any potential impact on its customers. Despite Slack’s transparency, researchers claim that a HTML feature ‘noindex’ was used to exclude this security update from search engines.

It is highly likely that this was done to limit coverage of the page and this incident. We have previously reported on the LastPass and GoTo data breach whereby the companies were criticised on social media for employing the same ‘noindex’ method to limit coverage of security updates pertaining to the incident. We assess that the lack of transparency surrounding the disclosure of data breaches will undermine consumer confidence and affect customers that may not realise their data has been publicly exposed. We encourage companies to be fully transparent and avoid exacerbating any reputational damage by limiting access to data breach disclosures.

Subscribe below to receive the full version.

Get our latest cyber intelligence insights straight into your inbox

Fill out the short form below to subscribe to our newsletter so that you never miss out on our cyber intelligence insights and news.