Cyber security news for all


    Several Gaps In Tiktok Allowed Attackers To Access User Data

    Security researchers have discovered a number of vulnerabilities in the popular video app Tiktok. At the heart of the vulnerability was a feature on the Tiktok website that allowed attackers to text Tiktok to their potential victims. The attacker could then have integrated his own link into the SMS. This way you could have forwarded victims to a phishing site. It was also possible to send commands to the victim’s Tiktok app using the link, for example to delete or create videos on your behalf. In addition, private videos could have been converted into public videos.


    Tiktok User Data Was At Risk

    The researchers also found a way in their tests to access sensitive user data such as email address, date of birth or payment information via the Tiktok API. There were security mechanisms that should have prevented unauthorized access to this data, but the security experts were able to override them.

    Attackers were able to use the vulnerabilities to access and manipulate the content and user accounts of Tiktok users. The attackers were also able to gain access to the user accounts and thus obtain personal information such as email addresses and contact details. The attackers only had to send a fake SMS message to a user with a correspondingly prepared link. As soon as this link was clicked, the attackers could access the user account. In this way, unauthorized persons could also gain access to private videos of Tiktok users.

    Marketing Threat On Tiktok?

    More and more brands and companies are also creating an account on TikTok in order to reach the young target group. The download numbers show how high the marketing potential of the platform can be, but company accounts also have to deal with the security of the platform. The US Army recently prohibited its soldiers from using the app on their service smartphone after attempting to recruit new soldiers via the platform in October. They stated that TikTok was a potential security risk for the United States.

    Recent Articles

    Judge issues injunction against WeChat

    The US government wanted to take action against the app WeChat. A judge stood sideways. The app should disappear from the platforms in the...

    Mail provider Tutanota becomes target of cyber attacks

    Over the weekend, ongoing DDoS attacks and an infrastructure problem resulted in downtime for hundreds of users. While some were able to mitigate most...

    Amazon accounts are the new target of cyber criminals

    Amazon is a popular target for cyber criminals who want to exploit the trust and image of the company among its customers with emails....

    Hackers stole thousands of passport data in Argentina

    In response to millions of dollars ransom refused by the Argentine Immigration Service, a ransomware group released passport data from hundreds of thousands of...

    USA wants to improve cybersecurity of space systems

    CISA has published a table this week that summarizes Chinese activities against cybersecurity. Some attacks have succeeded and enabled hackers to gain a foothold...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox