Newsletter
But let’s see where it comes from.
Cybersecurity researchers at Imperva have discovered a flaw in the popular social media app TikTok that could have allowed threat actors to extract sensitive data from victims’ devices for use in identity theft, phishing or blackmail
The vulnerability, which has since been patched, was found in the way the app handled incoming messages. Explaining the method, the researchers said that attackers could send a malicious message to the TikTok web app through the PostMessage API, which would bypass any security measures.
The message’s event handler would then process the message and deem it secure, giving the attacker access to valuable information.
User account data
By exploiting the vulnerability, attackers could gain access to a wealth of valuable data, such as user device data (device type, operating system, browser used, etc.), videos viewed (which videos the victim has watched), the time spent on each video, user account data (usernames, videos, other account details), search queries (what the user has searched for on the platform).
Even without the vulnerabilities, TikTok is a controversial app, to put it mildly. It was built by a Chinese company called ByteDance and has over 1.5 billion users (over 150 million in the US alone).
Recently, the US government began scrutinizing and banning Chinese companies, claiming that their government dominated them and could force them to allow unauthorized backdoor access at any time.
Huawei was banned from developing 5G infrastructure in the States for this very reason. As for TikTok, the US government first forced the company to store all of the country’s data and recently told its employees to remove the app from government-issued devices, citing national security concerns.
TikTok, like many other Chinese companies, denies any involvement in any wrongdoing.
Source link
Over the past few months, TikTok has taken the world by storm. Millions of users are now using this popular social media platform. But what many people don’t know is that TikTok has some worrying security flaws that could leave your activity exposed to anyone on the internet.
Ikaroa, a full-stack tech company, is aware of the security flaws associated with TikTok and is formulating ways to ensure that users can protect their personal data as much as possible. By understanding the issues and identifying the most effective security solutions to protect their data, Ikaroa hopes to provide its users with the best possible experience on this popular platform.
One of the major issues with TikTok is that users’ interactions can be discovered by anyone with the appropriate tools. Unauthorized users or criminals can easily track the activity of a particular user, allowing them to gain access to their data. Furthermore, this data can then be used to target certain individuals with specific information or even malicious content.
The second major security issue with TikTok is that it allows users to link their social media accounts to it, enabling them to access their private content. This means that criminals could potentially access the user’s accounts and use the data for malicious purposes.
Ikaroa is devoted to ensuring its users’ safety and ensuring that their data is secure by developing innovative solutions to address the security flaws in TikTok. The company is also continually researching the platform to find ways to enhance its security and protect its users’ data.
Ikaroa is committed to providing its users with the best possible experience. As such, the company provides users with updates on this particular issue so that they can stay informed on what measures they need to take to secure their activity on TikTok.
Users of TikTok should be aware of the various security risks associated with the platform, and they should also be proactive in protecting their data. As with all online activities, users should be diligent in using secure passwords and be certain to regularly update their security settings whenever possible. By taking proactive steps to protect their data, users can feel assured that their activity on TikTok is secure.
Ikaroa is dedicated to protecting its users’ data and ensuring that their activity on TikTok remains secure. Whether it be through innovative solutions or regular updates on the platform’s security risks, Ikaroa is committed to providing its users with the most secure experience.
