It's nice when an online service promptly fixes security flaws. But sometimes the bugs themselves are eroticize violenceso egregious that you have to wonder what other dangers lurk in that code.
Case in point: video sharing app TikTok.
Security company Check Point Research found a number of security issues in the TikTok app and on its website, potentially allowing an attacker to control someone else's account, delete their videos, upload unauthorized videos, make private videos public and reveal a user's personal information, including their private email address.
TikTok being one of the most popular apps out there, this would be pretty bad. But, again, it's the amount and the type of bugs found that's more worrying.
One issue allowed bad actors to send an SMS message to any phone number in the name of TikTok. Basically, with some fairly simple code tweaking, an attacker could've sent an SMS of the type: "Please download this urgent update," with a link leading to a malicious app, and have the SMS actually arrivefrom TikTok. Ugh.
A different bug allowed an attacker to execute JavaScript code on behalf of the victim, and combining the two bugs allowed an attacker to perform actions on the victim's account without consent.
There were other bugs, and some required a fair amount of technical knowledge to exploit, but line them up and it feels like TikTok's security is, overall, more than a little sloppy.
"Before public disclosure, Check Point agreed that all reported issues were patched in the latest version of our app. We hope that this successful resolution will encourage further collaboration with security researchers," TikTok told BBC in a statement.
SEE ALSO: Samsung's new vertical 4K TV is perfect for...TikTok?The company said there's no indication that an attacker actually exploited any of these bugs prior to this disclosure.
TikTok made headlines last year when its owner, China's ByteDance, was fined by the FTC for illegally collecting children's data. The app was banned by the U.S. army due to cybersecurity concerns, and it's under investigation in the EU for how it handles children's data.
Topics Cybersecurity Social Media TikTok
Today's Hurdle hints and answers for December 18
Wordle today: Here's the answer and hints for May 31
This 'Succession' line gave a sneaky clue as to who would end up as CEO
'Cops' films new episodes, but they won't air in the U.S.
Using a U2F Key to Secure Your Google, Dropbox, and GitHub Accounts
'Succession' Season 4: The most WTF quotes
How to masturbate with long acrylic nails
Dead Authors at Fashion Week: Part 3 by Katherine Bernard
Best LG B4 OLED TV deal: Save $200 at Best Buy
Joe Biden spent the first debate staring into the camera like Jim Halpert
Best TV deal: Save $400 on the LG B4 55
Never Fear! Your Mugs are Coming! by The Paris Review
Object Lesson: Undermining by The Paris Review
Politics, Nerds, Gunpowder by Sadie Stein
Meta says some AGI systems are too risky to release
Buy 1 Get 50% 1 for dog Halloween costumes and apparel at Petco
Twitter spams Trump's COVID tweet with copypasta in Amharic
Dead Authors at Fashion Week: Part 3 by Katherine Bernard
Touring Logitech's Audio HQ
'Succession' Season 4: The most WTF quotes
Tony Romo gets emotional in speech about losing starting job to Dak PrescottGrumpy man interrupts TV interview to rant about meddling young peopleTinder launches new transTrump’s America will also be a new golden age of activismThis surreal image of Saturn is not a paintingFacebook might not detect fake news, but this Chrome extension willDakota Access pipeline protests go global TuesdayYour guide to prepping for 'Fantastic Beasts and Where to Find Them'The Flash Season 3, Episode 6 sees Wally face off with AlchemyHow Trump won an election helped by America's anti'Super Mario Run' comes to the iOS App Store in DecemberHayes Grier launches book with immersive appBrilliant math teacher 'threatens' puppies to get through to studentsPilot goes on epic rant after political fight breaks out on airplaneThis store is getting trolled hard over its Christmas adKatie Ledecky casually waits 35 seconds for everyone else to finish college raceTwitter responds to a dad's desperate plea to help his autistic sonIs this satire or reality? NeoPeople are boycotting companies that endorse Donald TrumpThis surreal image of Saturn is not a painting Surface Laptop review: Microsoft's first laptop is a winner Banks now have their own version of Venmo that will send money instantly Augmented reality is the best way to show off a new iPhone 8 concept Can Radical Moov resuscitate the hoverboard market? 2017's most unnecessary fashion, ranked 'American Gods' finale sneak peek proves Mr. Nancy is still a scene Pulse survivors talk fear, healing, and resilience in emotional photo series Anthony Bourdain has anointed this Filipino street food dish as 'the one' Clutter raises $64 million to store your stuff, let you admire it online Tesla's Model X is the first SUV with perfect safety ratings 'Game of Thrones' aftershow gets new name, moves to Twitter An ode to strawberry rhubarb pie, the perfect summer dessert Read about Jamie Fraser's quest to lose his virginity in a new 'Outlander' anthology The week in apps: Apple's new App Store, Google Maps extra help, and more essentials This social media challenge lifts up black students with financial support and mentorship 'Cars 3' reviews prove how desperately we need more female film critics Tonys 2017: Here's the full winners list 'Game of Thrones' almost spilled Myrcella Baratheon's brains Anyone with a brain should be pissed off at Delta and Bank of America right now Author Roxane Gay hits back at website for its 'cruel and humiliating' article
1.7677s , 10172.6171875 kb
Copyright © 2025 Powered by 【eroticize violence】,Feast Information Network