A ‘high severity’ TikTok vulnerability allowed one-click account hijacking

-
Nick Barclay / The Verge

A vulnerability in the TikTok app for Android could have let attackers take over any account that clicked on a malicious link, potentially affecting hundreds of millions of users of the platform.

Details of the one-click exploit were revealed today in a blog post from researchers on Microsoft’s 365 Defender Research Team. The vulnerability was disclosed to TikTok by Microsoft, and has since been patched.

The bug and its resulting attack, labelled a “high severity vulnerability,” could have been used to hijack the account of any TikTok user on Android without their knowledge, once they clicked on a specially crafted link. After the link was clicked, the attacker would have access to all primary functions of the account, including the...

Continue reading…



source https://www.theverge.com/2022/8/31/23329662/tiktok-vulnerability-microsoft-one-click-exploit-high-severity

Comments

Post a Comment

Popular posts from this blog

GE made a 27-inch smart display for above your stove that streams Netflix and Spotify

-
Image
GE wants to put a smart display at head level while you’re cooking. The Kitchen Hub is a 27-inch touchscreen that runs Android and also functionally replaces your exhaust vent at its mounting above your stove. The company first teased the device at last year’s CES but ultimately never shipped it . It has updated this year’s version with a sleeker interface and tons of features like video calls and streaming movies. The Kitchen Hub supports Google Assistant, meaning you can ask Google to create grocery lists, look up recipes, or control other smart home devices like thermostats, lights, and cameras. The Hub can also run apps like Netflix and Spotify, so you can stream The Great British Baking Show or listen to music while you cook. There’s... Continue reading… source https://www.theverge.com/2019/1/7/18170285/ge-google-netflix-spotify-exhaust-vent-smart-display-kitchen-hub-ces-2019
Read more

Mophie’s battery pack case for the new iPhones lets you use wired headphones

-
Image
Mophie’s newest iPhone battery case, the Juice Pack Access, represents a first for the company: an exposed Lightning port. Mophie’s cases typically plug into each iPhone’s Lightning port, and that’s how it charges the phone. This new case leaves that port exposed, so users can plug their Lightning headphones in and listen to music, even while using the case. The case will support the iPhone X, XS, XS Max, and XR. Instead of the Micro USB port that’s included with the Juice Pack Air for the iPhone X, the Access case can charge wirelessly on any Qi-enabled charging pad. It’ll charge the iPhone first and then focus on itself. It also has a USB-C port, so it can be wired and charge, too. Mophie says the iPhone XS and X case provides up to... Continue reading… source https://www.theverge.com/2019/1/7/18168914/mophie-juice-pack-access-iphone-x-xs-max-xr-headphones
Read more

Google Assistant will soon be on a billion devices, and feature phones are next

-
Image
As CES kicks off, Google has a massive presence: monorails, a booth that’s three times larger than last year, and likely a giant pile of news to announce. But ahead of all the actual product news, the company wants to beat its chest a little by announcing some numbers. By the end of the month, it expects that Google Assistant will be on 1 billion devices — up from 500 million this past May. That’s 900 million more than the number Amazon just gave us for Alexa . But just like Amazon, Google’s number comes with caveats. In an interview with The Verge , Manuel Bronstein, the company’s vice president of Google Assistant, copped to it. “The largest footprint right now is on phones. On Android devices, we have a very very large footprint,” he... Continue reading… source https://www.theverge.com/2019/1/7/18169939/google-assistant-billion-devices-feature-phones-ces-2019
Read more