It's nice when an online service promptly fixes security flaws. But sometimes the bugs themselves are ук рк порнографияso egregious that you have to wonder what other dangers lurk in that code.
Case in point: video sharing app TikTok.
Security company Check Point Research found a number of security issues in the TikTok app and on its website, potentially allowing an attacker to control someone else's account, delete their videos, upload unauthorized videos, make private videos public and reveal a user's personal information, including their private email address.
TikTok being one of the most popular apps out there, this would be pretty bad. But, again, it's the amount and the type of bugs found that's more worrying.
One issue allowed bad actors to send an SMS message to any phone number in the name of TikTok. Basically, with some fairly simple code tweaking, an attacker could've sent an SMS of the type: "Please download this urgent update," with a link leading to a malicious app, and have the SMS actually arrivefrom TikTok. Ugh.
A different bug allowed an attacker to execute JavaScript code on behalf of the victim, and combining the two bugs allowed an attacker to perform actions on the victim's account without consent.
There were other bugs, and some required a fair amount of technical knowledge to exploit, but line them up and it feels like TikTok's security is, overall, more than a little sloppy.
"Before public disclosure, Check Point agreed that all reported issues were patched in the latest version of our app. We hope that this successful resolution will encourage further collaboration with security researchers," TikTok told BBC in a statement.
SEE ALSO: Samsung's new vertical 4K TV is perfect for...TikTok?The company said there's no indication that an attacker actually exploited any of these bugs prior to this disclosure.
TikTok made headlines last year when its owner, China's ByteDance, was fined by the FTC for illegally collecting children's data. The app was banned by the U.S. army due to cybersecurity concerns, and it's under investigation in the EU for how it handles children's data.
Topics Cybersecurity Social Media TikTok
nafany: "I can see that if Ax1Le has some struggles, sh1ro can fix it"
Apple plans a big rebrand of iOS and macOS, report says
Renault hires 200 workers in China R&D center, Bloomberg says · TechNode
Zoom transitions to AI
Digital and Media Content Conference This Weekend
Best controller deal: Save $30 on the PlayStation DualSense Wireless Controller
NYT Strands hints, answers for May 30
Anker UFO 3
PHOTOS: Riding High at Sun Valley Obon
Windows may soon be able to update all your software at once
karrigan: "The main issue we have is we don't have a pick that's 100% safe for us"
Chery becomes first Chinese automaker to produce cars in Europe · TechNode
NYT Connections hints and answers for May 30: Tips to solve 'Connections' #719.
Best Garmin deal: Save $50 on the Garmin Lily 2 at Amazon
South Bay Ballet’s ‘Nutcracker’ Pirouettes into 10th Season
Samsung invests $15.2 million to expand semiconductor packaging at Suzhou plant · TechNode
Chery becomes first Chinese automaker to produce cars in Europe · TechNode
Best travel deal: Save 19% on the Anker Laptop Power Bank
Obon Observances at Senshin Buddhist Temple
Key executives depart as Baidu restructures healthcare division · TechNode
NiKo: "I took the IGL role after going 0Family FiestaWoW and Fabricant Collaborate to Create Web3 Digital Fashion CollectionINTO THE NEXT STAGE: Attacking Comedy Hosts While a Guest on Their ShowMetaverse Real Estate Sells for a Record $5,000,000 Inside TCG WorldSan Fernando Valley Buddhist Temple Obon Festival 2015DeFi Saver, a DeFi Management App, Expands to Arbitrum and OptimismVeChain Becomes First Official LayerBitsliced, the Revolution Behind Asset TokenizationNALIP to Screen ‘No Más Bebés’ SpaceX fires employees who condemned Elon Musk's behavior in open letter: Report 'Overwatch 2' devs talk free to play, Loot Boxes, and other changes How to fix your Instagram Story bug Netflix's free walking tours show you where your favourite series are made 'Westworld' review: Bring yourself back online for a phenomenal Season 4 Hacker steals $100 million from Harmony blockchain bridge 'Chloe' review: BBC and Prime Video's mystery series is a tense identity charade Microsoft officially kills Internet Explorer Telegram is now offering a Premium subscription Everything in 'Battlefield 2042' Season 1 that makes it worth playing now
0.1419s , 7985.5390625 kb
Copyright © 2025 Powered by 【ук рк порнография】TikTok fixes a number of ugly security flaws,Feature Flash
