Slack phishing attacks using webhooks

April 14, 2020 | Ashley Graves
Ashley Graves

Ashley Graves

Ashley is a Cloud Security Researcher at Alien Labs, a part of AT&T Cybersecurity. Previously, she served as a Senior Security Engineer at Indeed with a focus on cloud and SaaS security.

April 14, 2020 | Ashley Graves

Slack phishing attacks using webhooks

Background Slack is a cloud-based messaging platform that is commonly used in workplace communications. It is feature-rich, offering additional functionality such as video calling and screen sharing in addition to a marketplace containing thousands of third-party applications and add-ons. Slack Incoming Webhooks allow you to post messages from your applications to Slack. By specifying a unique URL, your message body,…

March 27, 2020 | Ashley Graves

SIEM and security monitoring for Kubernetes explained

Photo by chuttersnap on Unsplash Kubernetes (K8s) is an open-source system for automating deployment, scaling, and management of containerized applications. It has recently seen rapid adoption across enterprise environments. Many environments rely on managed Kubernetes services such as Google Kubernetes Engine (GKE) and Amazon Elastic Kubernetes Service (EKS) to take advantage of the benefits of both…