A ‘high severity’ TikTok vulnerability allowed one-click account hijacking

-
Nick Barclay / The Verge

A vulnerability in the TikTok app for Android could have let attackers take over any account that clicked on a malicious link, potentially affecting hundreds of millions of users of the platform.

Details of the one-click exploit were revealed today in a blog post from researchers on Microsoft’s 365 Defender Research Team. The vulnerability was disclosed to TikTok by Microsoft, and has since been patched.

The bug and its resulting attack, labelled a “high severity vulnerability,” could have been used to hijack the account of any TikTok user on Android without their knowledge, once they clicked on a specially crafted link. After the link was clicked, the attacker would have access to all primary functions of the account, including the...

Continue reading…



source https://www.theverge.com/2022/8/31/23329662/tiktok-vulnerability-microsoft-one-click-exploit-high-severity

Comments

Post a Comment

Popular posts from this blog

In a world first, China lands a spacecraft gently on the Moon’s far side

-
Image
This evening, China became the first nation to land a spacecraft gently on the far side of the Moon, according to China Global Television Network America . A Chinese robotic lander and rover, which launched from China in early December, descended into a crater on the side of the Moon that’s always facing away from Earth. The touchdown marks a significant technological feat for the country, and puts China in an elite category of spaceflight achievement all its own. The landing is part of China’s Chang’e-4 mission — one of a series of planned missions to explore the lunar surface. Prior to this program, China sent a lander and a rover to the Moon, making it the third country to ever softly land on the lunar surface. That lander, part of the... Continue reading… source https://www.theverge.com/2019/1/2/18165807/china-change-4-mission-lunar-lander-rover-moon-farside
Read more

Snap suspends two anonymous messaging apps after cyberbullying lawsuit

-
Image
Images from Yolo’s now-removed App Store listing. | Image: Yolo Technologies Snap will suspend two anonymous messaging integrations from Snapchat after a lawsuit sought to hold them responsible for a teenager’s death, the Los Angeles Times reports . The lawsuit was filed on Monday by Kristin Bride, the mother of a teenager who died by suicide in June after being bullied on the two apps. “In light of the serious allegations raised by the lawsuit, and out of an abundance of caution for the safety of the Snapchat community, we are suspending both Yolo and LMK’s Snap Kit integrations while we investigate these claims,” a spokesperson for Snap said in a statement. Representatives for the two apps, Yolo and LMK, did not immediately respond to The Verge ’s request for comment. “We are suspending both Yolo and LMK’s Snap... Continue reading… source https://www.theverge.com/2021/5/12/22431883/snap-inc-snapchat-anonymous-messaging-qa-lawsuit-teenager-death
Read more