Security News
ByteDance, the tech firm behind TikTok, has addressed a security vulnerability in the video-sharing social networking service which could have allowed attackers to steal users' private personal information. The security vulnerability found by Check Point researchers in TikTok's 'Find Friends' allowed attackers to bypass the platform's privacy protections enabling them to gain access to users' private personal information including but not limited to phone numbers and user IDs.
The ongoing controversies surrounding TikTok hit a new gear on Thursday with a bombshell report accusing the Chinese company of spying on millions of Android users using a technique banned by Google. The Wall Street Journal said TikTok was exploiting a loophole to collect MAC addresses for at least 15 months.
TikTok has decided to boost privacy measures for its underage users, the popular video-sharing social-media company announced. TikTok's popularity is being driven by teens - the company reported in 2019 about 60 percent of its 26.5 monthly users are between the ages of 16 and 24, and these latest measures are an attempt to make the platform safer for its youngest users, according to the company.
The US Treasury on Wednesday said it had extended by seven days the November 27 deadline given to the Chinese owner of TikTok to sell the popular social media platform's American business. Trump, who lost his bid for re-election this month, has claimed that TikTok - which has some 100 million US users - can be used to collect data on Americans for Chinese espionage, a claim denied by the company.
A researcher has earned nearly $4,000 from TikTok after discovering a couple of vulnerabilities that could have been chained to hijack accounts. Muhammed Taskiran, a 20-year-old researcher based in Germany, informed TikTok in late August that a URL parameter on tiktok.com was "Reflecting its value without being properly sanitized."
TikTok has addressed two vulnerabilities that could have allowed attackers to take over accounts with a single click when chained together for users who signed-up via third-party apps. German bug bounty hunter Muhammed Taskiran discovered a reflected cross-site scripting security bug - also known as a non-persistent XSS - in a TikTok URL parameter reflecting its value without proper sanitization.
Instagram and TikTok social-media influencers Kelly Fitzpatrick and Sabrina Kelly-Krejci are among 13 defendants in a lawsuit filed by Amazon, which alleges that they participated in an an online scam to sell counterfeit luxury goods. Counterfeit goods are strictly forbidden in the Amazon marketplace, but generic products - often called "Dupes" - are allowed.
President Donald Trump's administration said Wednesday it was still working to resolve its security concerns over Chinese-owned app TikTok after the firm sought to delay a deadline to sell its US operations. On Wednesday, the US Treasury Department said in a statement it "Remains focused on reaching a resolution of the national security risks arising from ByteDance's acquisition of Musical.ly."
TikTok asked a Washington court Tuesday to stop an order from US President Donald Trump's administration from taking effect this week as the White House seeks to ban the Chinese-owned app in the United States. In its court petition, TikTok asked for more time, saying it has not received enough feedback on its proposed solution.
A US federal judge on Friday issued an injunction temporarily blocking an executive order by President Donald Trump aimed at banning TikTok, throwing up a legal roadblock ahead of a November 12 deadline. TikTok influencers suing the president over the ban convinced US District Court Wendy Beetlestone to issue the injunction against it.