Email
Password
Remember meForgot password?
    Log in with Twitter

article imageSecurity expert on TikTok's security flaws Special

By Tim Sandle     Jan 10, 2020 in Technology
TikTok’s multiple vulnerabilities that allowed attackers to manipulate user accounts and expose personal data including names, email addresses and dates of birth. A security expert details the consequences.
According to The Verge, cybersecurity experts at Check Point Research have detected “multiple vulnerabilities” within video sharing app TikTok. These flaws demonstrated the social media app's insecurity. This adds to the additional scrutiny that the Chinese-owned company has come under, in relation to data and privacy matters.
These concerns, CBC reports, have led some U.S. politicians to take the view that TikTok (owned by ByteDance), represents a national security threat.
One of the flaws is through the TikTok website, which allows users to send a text message to themselves containing a link to download its app on their devices. This, CISO Mag says, could lead to user data exploitation for malicious purposes.
To understand more, Digital Journal spoke with Executive Director Greg Wendt of Appsian. Wendt sets out why identity theft is especially concerning for mobile apps and why traditional login credentials are no longer effective.
According to Wednt, all social media remains at risk from hacking: “As long as its economically viable to steal identities – hackers will constantly look to evolve their tactics."
However, some platforms are more at risk than others, such as TikTok: "This is especially troubling with mobile apps, where users are conditioned to receive notifications and alerts via SMS. If a hacker has your phone number, they essentially have a highly effective channel for corrupting your credentials (for a multitude of apps.)"
In terms of what actions should be taken, the correction requires a better understanding of use preferences, as Wednt explains: "Organizations must understand that in a connected, global economy - a person’s identity is ultimately the perimeter of an application. Usernames and passwords as a primary authentication model are not effective and additional authentication measures must be implemented – especially if access is coming from an unusual location.”
More about TikTok, Cybersecurity, Security, Social media
 
Latest News
Top News