News Targeted


Category: General|Jan 9, 2020 | Author: Admin

Researchers found critical gaps in TikTok: - Security breaches are becoming epidemic

Share on

Attackers could take over accounts.

Attackers could take over accounts.

TikTok is one of the world's largest social media giants with its 1.5 billion users. But the security of the app has been anything but satisfactory - security company Check Point Research can reveal.

False SMS
The company has discovered that personal information, such as private addresses and e-mail addresses, has been exposed for a long time. Not only one vulnerability has been detected, but several, says Check Point Research.

Through a fake SMS containing a malicious link, the attackers could take over TikTok accounts and manipulate the content, for example by deleting videos, uploading unauthorized videos, and publishing private or "hidden" videos.

- Data usage is extensive and security breaches are becoming epidemic, and our latest research in the area shows that the most popular apps are still at risk. Social media applications are very vulnerable to vulnerability because they represent a good attack surface. Hackers use huge sums of money and effort to penetrate these huge applications. Most users still live under the condition that they are protected through the app they use, says Nils-Ove Gamlem, chief technology officer at Check Point Norway.

Notified TikTok - bug fix launched
Check Point Research's investigations also revealed that TikTok's subdomain, https://ads.tiktok.com, was vulnerable to XXS attacks. This is a type of attack where malicious script is placed on usually reliable websites. According to the researchers, this vulnerability could be used to steal personal information, including email addresses and gender and birth date information.

After the findings were discovered, Check Point Research provided information to TikTok. The company should have initiated internal investigations and a bug fix that sealed the holes was later launched.

- TikTok is committed to protecting user data. Like many organizations, we encourage serious security researchers to report zero-day vulnerabilities to us. Prior to publication, all reported events were patched in the latest version of our app, in agreement with Check Point. We hope this successful solution will stimulate a future collaboration with security researchers, says Luke Deshotel of the TikTok Security Team.

Here's how to attack:

Sponsored Ads:

Comments:

Previous article >


Giant change at Google could change everything

Category: Google|Apr 19, 2024 | Author: Admin

Now Windows will be bothered about this too

Category: Microsoft|Apr 18, 2024 | Author: Admin

Test the new AI trick with Logitech

Category: IT|Apr 17, 2024 | Author: Admin

The US Government Has a Microsoft Problem

Category: Microsoft|Apr 16, 2024 | Author: Admin

Now comes the commercial

Category: Microsoft|Apr 15, 2024 | Author: Admin

Linux Foundation is leading fight against fauxpen source

Category: IT|Apr 14, 2024 | Author: Admin

3000 news articles!!! Happy reading!

Category: General|Apr 13, 2024 | Author: Admin

Google shuts down new product

Category: IT|Apr 12, 2024 | Author: Admin

YouTube CEO warns OpenAI that training models on its videos is against the rules

Category: IT|Apr 11, 2024 | Author: Admin

Google unveils Arm-based data center processor, new AI chip

Category: Google|Apr 10, 2024 | Author: Admin

Microsoft to invest $2.9 bln to expand AI, cloud infra in Japan

Category: Microsoft|Apr 9, 2024 | Author: Admin

Nintendo shuts off online access for 3DS and Wii U today

Category: IT|Apr 8, 2024 | Author: Admin

Musk challenges Brazil's order to block certain X accounts

Category: IT|Apr 7, 2024 | Author: Admin

Here’s how much Microsoft will charge for Win10 security updates once support ends

Category: Microsoft|Apr 6, 2024 | Author: Admin

Samsung has beaten Apple again

Category: IT|Apr 5, 2024 | Author: Admin
more