"TikTok Flaw Allows Threat Actors to Plant Forged Videos in User Feeds"
Researchers have discovered a security weakness in the popular TikTok video-sharing service, which could allow a local attacker to hijack any video content streamed to a user's TikTok feed and swap it out with hacker-generated content. The flaw is that the TikTok app uses insecure HTTP for video content so that it can improve the speed with which it can transfer data. This lack of protection, allows adversaries to easily identify and alter any HTTP traffic (including videos) flowing over the network.
Threatpost reports: "TikTok Flaw Allows Threat Actors to Plant Forged Videos in User Feeds"
Submitted by Anonymous
on