• About
  • Subscribe
  • Contact
Friday, February 26, 2021
    Login
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Videos
  • Resources
  • Virtual Events
  • Events
No Result
View All Result
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Videos
  • Resources
  • Virtual Events
  • Events
No Result
View All Result
No Result
View All Result

Check Point Research reveals multiple vulnerabilities in TikTok

FutureCIO Editors by FutureCIO Editors
January 13, 2020

Check Point Research, the Threat Intelligence arm of Check Point® Software Technologies Ltd., a provider of cyber security solutions globally, revealed today that it uncovered multiple vulnerabilities in TikTok that could have allowed attacks to manipulate content on user accounts and even extract confidential personal information saved on these accounts. 

TikTok is used mainly by teenagers and kids that use this app to share, save and keep private (and sometimes very sensitive) videos of themselves and their loved ones. The research found that an attacker could send a spoofed SMS message to a user containing a malicious link. When the user clicked on the malicious link, the attacker was able to get a hold of the TikTok account and manipulate its content by deleting videos, uploading unauthorised videos, and making private or "hidden" videos public. 

The research also found that Tiktok's subdomain https://ads.tiktok.com was vulnerable to XSS attacks, a type of attack in which malicious scripts are injected into otherwise benign and trusted websites. Check Point researchers leveraged this vulnerability to retrieve personal information saved on user accounts including private email addresses and birthdates. 

Check Point Research informed TikTok developers of the vulnerabilities exposed in this research and a fix was responsibly deployed to ensure its users can safely continue using the TikTok app.

“Data is pervasive but data breaches are becoming an epidemic, and our latest research shows that the most popular apps are still at risk,” said Oded Vanunu, Check Point’s Head of Product Vulnerability Research. “Social media applications are highly targeted for vulnerabilities as they provide a good source for private data and offer a good attack surface gate. Malicious actors are spending large amounts of money and putting in great effort to penetrate into such huge applications. Yet most users are under the assumption that they are protected by the app they are using.” 

Luke Deshotels, PhD, TikTok Security Team: “TikTok is committed to protecting user data. Like many organisations, we encourage responsible security researchers to privately disclose zero day vulnerabilities to us. Before public disclosure, CheckPoint agreed that all reported issues were patched in the latest version of our app. We hope that this successful resolution will encourage future collaboration with security researchers."

Available in over 150 markets, used in 75 languages globally, and with over 1 billion users, TikTok is definitely one of the most downloaded apps around. As of October 2019, TikTok is the most downloaded app in the United States, making it the first Chinese app to have achieved such a record. 

Related:  Zero Trust – The Modern Approach to Securing the “Keys to the Kingdom”
Tags: Check Pointdata breachesTikTokvulnerabilities
FutureCIO Editors

FutureCIO Editors

No Result
View All Result

Recent Posts

  • IWD 2021: Diversity, equity and inclusion in the workplace
  • IDC outlines the competitive landscape for AI in 2021
  • Critical imperatives for growth and existence after 2021
  • Recovery and growth to drive Govt IT spending in 2021
  • WFH in 2020 saw an 82% spike in web threats

Live Poll - June 2020

In the event of a ransomware attack, should the CEO:
Vote

Categories

  • Big Data, Analytics & Intelligence
  • Business Applications & Databases
  • Business-IT Alignment
  • Careers
  • Case Studies
  • Cloud, Virtualization, Operating Environments and Middleware
  • Computer, Storage, Networks, Connectivity
  • Corporate Social Responsibility
  • Customer Experience / Engagement
  • Education
  • Finance
  • Finance & Insurance
  • General
  • Governance, Risk and Compliance
  • Government and Public Services
  • Growth Strategies
  • Hospitality & Tourism
  • HR, education and Training
  • Industry Verticals
  • Infrastructure & Platforms
  • Latest Stories
  • Logistics & Transportation
  • Management Leadership
  • Manufacturing
  • Media and Telecommunications
  • News Stories
  • Operations
  • Opinion
  • Opinions
  • Retail & Wholesale
  • Sales & Marketing
  • Security
  • Tactics and Strategies
  • Technology
  • Utilities
  • Videos
  • White Papers

Strategic Insights for Chief Information Officers

FutureCIO is about enabling the CIO, his team, the leadership and the enterprise through shared expertise, know-how and experience - through a community of shared interests and goals. It is also about discovering unknown best practices that will help realize new business models.

Quick Links

  • Videos
  • Resources
  • Subscribe
  • Contact

Cxociety Media Brands

  • FutureIoT
  • FutureCFO
  • FutureCIO

Categories

  • Privacy Policy
  • Terms of Use
  • Cookie Policy

Copyright © 2019 Cxociety Pte Ltd | Designed by Pixl

No Result
View All Result
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Videos
  • Resources
  • Virtual Events
  • Events
Login

Copyright © 2019 Cxociety Pte Ltd | Designed by Pixl

Login to your account below

or

Not a member yet? Register here

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In