Making WordPress.org

Opened 8 years ago

Closed 6 years ago

#1291 closed enhancement (maybelater)

Slack security

Reported by: netweb's profile netweb Owned by:
Milestone: Priority: normal
Component: Communication (Matrix, Slack, IRC) Keywords:
Cc:

Description

Recently there was an issue in #forums on Slack where a malicious file was uploaded to Slack.

We should investigate options available to us to prevent this if possible in the future.

To that end, Slack tweeted out the following link to DBot today:

"Introducing DBOT — the first Slack integrated security Bot.

"DBOT monitors Slack conversations for URL, File and IP addresses and alerts users on malicious content before harm is done."
DBOT automates security intelligence collection and delivers the relevant security information in real time via Slack. DBOT is a free & open source product and we intend it to keep it this way."

Relevant links:

Change History (5)

#1 @kidsguide
8 years ago

  • Cc mpsplugins@… added

Agreed.

#2 @netweb
8 years ago

Another instance of this occurred today: (The file has since been removed)

https://wordpress.slack.com/archives/core/p1445091587000855

danmaby [1:19 AM] I need help with this, please.
helen [1:20 AM] @danmaby: could you elaborate?
danmaby [2:00 AM] @helen apologies but I did not post that. I’ve not been in here for weeks, password changed

https://wordpress.slack.com/archives/slackhelp/p1445091530000031

danmaby [1:18 AM] I need help with this
andywashere [2:57 AM] @danmaby: This slack group is for discussions around the making of the WordPress project itself. For support, you’ll either want to post on the WordPress.org forums, or join #wordpress on IRC (freenode.net)
danmaby [3:13 AM] Hey @andywashere my account must have been compromised as I did not post this. The same thing was posted in #core I have removed the file.
andywashere [3:14 AM] gotcha. if you haven’t already, go to your Slack profile and click "Sign out all other sessions”, then change your password
danmaby [3:14 AM] already done and 2fa activated, thanks
andywashere [3:14 AM] cool

This ticket was mentioned in Slack in #slackhelp by netweb. View the logs.


8 years ago

#4 @netweb
8 years ago

DBOT is now available via Slack apps: https://slack.com/apps/A06KY3VLY-dbot-by-demisto

"DBOT is free and open source Security Bot integrated into Slack. DBOT scans all the URLs, Files and IP addresses on the channels, groups and private messages in the background. It alerts users of malicious URL/files before the user clicks and gets compromised."

#5 @netweb
6 years ago

  • Resolution set to maybelater
  • Status changed from new to closed

Closing this as maybelater, occurrences of the above type of behaviour are pretty rare and can continue to be dealt with on a case-by-case basis...

Note: See TracTickets for help on using tickets.