Never miss a story

Get subscribed to our newsletter


×
The researchers leveraged this vulnerability in TikTok to retrieve personal information saved on user accounts including private email addresses and birthdates. VOA

Researchers at Israeli cybersecurity firm Check Point Research on Wednesday exposed multiple vulnerabilities in Chinese short-video making app TikTok, which has over a billion users globally and nearly 300 million in India, saying that personal information such as private and email addresses and sensitive videos of its users are vulnerable to hackers.

The Chinese video making platform is used mainly by teenagers and kids to share, save and keep private (and sometimes very sensitive) videos of themselves and their loved ones.


“Data is pervasive but data breaches are becoming an epidemic, and our latest research shows that the most popular apps are still at risk,” Oded Vanunu, Head of Product Vulnerability Research, Check Point, said in a statement.

The researchers at Check Point Research — the threat intelligence arm of Check Point Software Technologies Ltd — have discovered that an attacker could send a spoofed SMS message to a user containing a malicious link.

When the user clicked on the malicious link, the attacker was able to get a hold of the TikTok account and manipulate its content by deleting videos, uploading unauthorised videos, and making private or “hidden” videos public.

“Social media applications are highly targeted for vulnerabilities as they provide a good source for private data and offer a good attack surface gate.

“Malicious actors are spending large amounts of money and putting in great effort to penetrate into such huge applications. Yet most users are under the assumption that they are protected by the app they are using,” Vanunu added.

The research also found that Tiktok’s subdomain — https://ads.tiktok.com was vulnerable to XSS attacks, which is a type of attack in which malicious scripts are injected into otherwise benign and trusted websites.

The researchers leveraged this vulnerability to retrieve personal information saved on user accounts including private email addresses and birthdates. The Israeli cyber security firm informed TikTok developers of the vulnerabilities exposed in this research and a fix was deployed to ensure its users can safely continue using the TikTok app.


Researchers at Israeli cybersecurity firm Check Point Research on Wednesday exposed multiple vulnerabilities in Chinese short-video making app TikTok, which has over a billion users globally and nearly 300 million in India. VOA

“TikTok is committed to protecting user data. Like many organisations, we encourage responsible security researchers to privately disclose zero day vulnerabilities to us.

“Before public disclosure, CheckPoint agreed that all reported issues were patched in the latest version of our app. We hope that this successful resolution will encourage future collaboration with security researchers,” said Luke Deshotels, PhD, TikTok Security Team.

ALSO READ: Over One Third of Healthcare Costs in the U.S. Goes to Bureaucracy: Study

Available in over 150 markets, used in 75 languages globally, and with over 1 billion users, TikTok is one of the most-downloaded apps. As of October 2019, TikTok is the most-downloaded app in the US, making it the first Chinese app to have achieved such a record. (IANS)


Popular

Pexels

Narakasura's death is celebrated as 'Naraka Chaturdashi' popularly known as Choti Diwali

Diwali is arguably one of the most auspicious and celebrated holidays in South Asia. It is celebrated over the span of five days, where the third is considered most important and known as Diwali. During Diwali people come together to light, lamps, and diyas, savour sweet delicacies and pray to the lord. The day has various origin stories with the main them being the victory of good over evil. While the North celebrates the return of Lord Rama and Devi Sita to Ayodhya, the South rejoices in the victory of Lord Krishna and his consort Satyabhama over evil Narakasura.

Narakasura- The great mythical demon King

Naraka or Narakasur was the son of Bhudevi (Goddess Earth) and fathered either by the Varaha incarnation of Vishnu or Hiranyaksha. He grew to be a powerful demon king and became the legendary progenitor of all three dynasties of Pragjyotisha-Kamarupa, and the founding ruler of the legendary Bhauma dynasty of Pragjyotisha.

Keep Reading Show less
Wikimedia Commons

Safety-pins with charms

For all the great inventions that we have at hand, it is amazing how we keep going back to the safety pin every single time to fix everything. Be it tears in our clothes, to fix our broken things, to clean our teeth and nails when toothpicks are unavailable, to accessorize our clothes, and of course, as an integral part of the Indian saree. Safety pins are a must-have in our homes. But how did they come about at all?

The safety pin was invented at a time when brooches existed. They were used by the Greeks and Romans quite extensively. A man named Walter Hunt picked up a piece of brass and coiled it into the safety pin we know today. He did it just to pay off his debt. He even sold the patent rights of this seemingly insignificant invention just so that his debtors would leave him alone.

Keep Reading Show less
vaniensamayalarai

Sesame oil bath is also called ennai kuliyal in Tamil

In South India, Deepavali marks the end of the monsoon and heralds the start of winter. The festival is usually observed in the weeks following heavy rain, and just before the first cold spell in the peninsula. The light and laughter that comes with the almost week-long celebration are certainly warm to the bones, but there is still a tradition that the South Indians follow to ease their transition from humidity to the cold.

Just before the main festival, the family bathes in sesame oil. This tradition is called 'yellu yennai snaana' in Kannada, or 'ennai kuliyal' in Tamil, which translates to 'sesame oil bath'. The eldest member of the family applies three drops of heated oil on each member's head. They must massage this oil into their hair and body. The oil is allowed to soak in for a while, anywhere between twenty minutes to an hour. After this, they must wash with warm water before sunrise.

Keep reading... Show less