Category: General|Jan 9, 2020 | Author: Admin

Researchers found critical gaps in TikTok: - Security breaches are becoming epidemic

Share on

Attackers could take over accounts.

23064174_7861487_According_to_estimates_from_industry_analyst_SensorTower_TikTok__a_49_1578415325895.jpg

Attackers could take over accounts.

TikTok is one of the world's largest social media giants with its 1.5 billion users. But the security of the app has been anything but satisfactory - security company Check Point Research can reveal.

False SMS
The company has discovered that personal information, such as private addresses and e-mail addresses, has been exposed for a long time. Not only one vulnerability has been detected, but several, says Check Point Research.

Through a fake SMS containing a malicious link, the attackers could take over TikTok accounts and manipulate the content, for example by deleting videos, uploading unauthorized videos, and publishing private or "hidden" videos.

- Data usage is extensive and security breaches are becoming epidemic, and our latest research in the area shows that the most popular apps are still at risk. Social media applications are very vulnerable to vulnerability because they represent a good attack surface. Hackers use huge sums of money and effort to penetrate these huge applications. Most users still live under the condition that they are protected through the app they use, says Nils-Ove Gamlem, chief technology officer at Check Point Norway.

Notified TikTok - bug fix launched
Check Point Research's investigations also revealed that TikTok's subdomain, https://ads.tiktok.com, was vulnerable to XXS attacks. This is a type of attack where malicious script is placed on usually reliable websites. According to the researchers, this vulnerability could be used to steal personal information, including email addresses and gender and birth date information.

After the findings were discovered, Check Point Research provided information to TikTok. The company should have initiated internal investigations and a bug fix that sealed the holes was later launched.

- TikTok is committed to protecting user data. Like many organizations, we encourage serious security researchers to report zero-day vulnerabilities to us. Prior to publication, all reported events were patched in the latest version of our app, in agreement with Check Point. We hope this successful solution will stimulate a future collaboration with security researchers, says Luke Deshotel of the TikTok Security Team.

Here's how to attack:

Sponsored Ads:

Comments:


Fiber.jpg

'Massive' transatlantic data cable landed on beach in Bude

Category: Google|Sep 17, 2021 | Author: Admin
Discord.png

YouTube shuts down Discord music bot ‘Rythm’

Category: Google|Sep 16, 2021 | Author: Admin
Facebook.webp

Facebook's secret rules differentiate between the "elite" and most people

Category: General|Sep 15, 2021 | Author: Admin
Apple.webp

Apple suddenly had to crisis-update the iPhone and Mac

Category: Apple|Sep 14, 2021 | Author: Admin
Epic.webp

Epic is blocked forever on all Apple platforms

Category: Apple|Sep 13, 2021 | Author: Admin
Desktop-Screenshot.png

NVIDIA To Launch GeForce RTX 30 SUPER ‘Ampere Refresh’ In January 2022, GeForce RTX 40 ‘Ada Lovelace’ GPUs in October 2022

Category: General|Sep 12, 2021 | Author: Admin
chrome-os-secret-weapon-100856418-large.jpg

3 smart shortcuts for a curiously hidden Chrome OS command

Category: Google|Sep 11, 2021 | Author: Admin
sunset-gold-iphone-13-render.png

iPhone 13 unveiled in Ukraine

Category: Apple|Sep 10, 2021 | Author: Admin
iCloud.jpg

Apple brings iCloud passwords to Windows, Microsoft's Edge

Category: Apple|Sep 9, 2021 | Author: Admin
AI.webp

AI will determine if you are allowed to drive

Category: General|Sep 8, 2021 | Author: Admin
TPM.png

The game is now blocking unsupported Windows 11 machines

Category: IT|Sep 7, 2021 | Author: Admin
Tech.png

US court rejects patent applications from AIs

Category: General|Sep 6, 2021 | Author: Admin
black.png

Facebook apologizes: their AI tagged video of black men as 'Primates'

Category: General|Sep 5, 2021 | Author: Admin
Apple.png

Apple postpones abuse monitoring after massive criticism

Category: Apple|Sep 4, 2021 | Author: Admin
Microsoft.png

If you do not have a supported machine, you will be thrown out of the Windows 11 testing

Category: Microsoft|Sep 3, 2021 | Author: Admin
more