Home

Jan 12, 2020

Multiple TikTok Vulnerabilities Could Exploit Or Delete Users’ Personal Data

authorarticle: Master3395
TikTok_800x445.jpg
video: 
youtube: 
sources: 
keywords: Check Point, CheckPoint, Cross-Site Request Forgery, cross-site scripting, CSRF, CSRF flaws, CSRF vulnerabilities, flaws, SMS spoofing, spoofing, TikTok, TikTok app, TikTok bug, TikTok flaw, TikTok vulnerability, vulnerabilities, vulnerability, xss, xss f
Category: General
Posted by: Admin

Social media craze TikTok has now made it to the news owing to security issues. Researchers have found numerous vulnerabilities in the TikTok app that could risk users’ security. Exploiting the bugs could allow an attacker to add or delete users’ videos or alter privacy settings.

Multiple TikTok Vulnerabilities Found Researchers from Check Point Research have found numerous vulnerabilities in the TikTok app.

The vulnerabilities could have serious security consequences if exploited by an adversary. Detailing their findings in a blog post, the researchers stated that numerous security flaws affected the app in different ways. In brief, a successful attack required a perpetrator to first use SMS spoofing to send malicious links to the target.

Clicking on the link would then exploit the ‘deep links’ functionality of Tiktok. This would subsequently allow the attacker to trigger an intent in the app via the browser URL.

Then, the malicious link would redirect the victim to a malicious website, opening the possibilities for cross-site scripting (XSS) attacks, cross-site request forgery (CSRF) attacks, and data exposure. Some possible attack scenarios include deletion of videos from users’ accounts, adding videos to the account, or making private videos public.

Moreover, the attacker could simply take control of the target account and gain access to the victim’s personal information. The following video demonstrates how an adversary could exploit all the flaws for a successful attack.

TikTok Patched The Flaws Check Point has confirmed that TikTok has addressed the issues after the researchers reported the matter to them. So for now, TikTok users can continue to use the app safely.

Let us know your thoughts in the comments.

authorarticle: Master3395
TikTok_800x445.jpg
video: 
youtube: 
sources: 
keywords: Check Point, CheckPoint, Cross-Site Request Forgery, cross-site scripting, CSRF, CSRF flaws, CSRF vulnerabilities, flaws, SMS spoofing, spoofing, TikTok, TikTok app, TikTok bug, TikTok flaw, TikTok vulnerability, vulnerabilities, vulnerability, xss, xss f

Comments:

comments powered by Disqus

Return

Sponsored Ads:

Discord

Page 1 of 576  >  >>

USB-C explained: How to get the most from it (and why it keeps getting better)

USB-C.jpg

Oct 30, 2020 | Category: IT | Comments

At the office, home or school, USB-C has arrived. We’ve got tips on how to take advantage of those new ports, along with a peek at the future of data transfer and video.

read more…

Microsoft Planner cheat sheet

Planner.jpg

Oct 29, 2020 | Category: Microsoft | Comments

Planner gives Office 365 users a built-in task-management tool that small teams can use to track plans, tasks, and progress. Here’s our guide to using Planner on its own and within Microsoft Teams.

read more…

Microsoft expands anti-IE tack, compels 1,000 sites to open in Edge

Microsoft.jpg

Oct 28, 2020 | Category: Microsoft | Comments

Beginning with the release of Edge 87 in November, Microsoft plans to push more than 1,000 websites away from Internet Explorer to the much newer Edge browser.

read more…

Page 1 of 576  >  >>