Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » Yik Yak flaw de-anonymizes user, allows control over account

Yik Yak flaw de-anonymizes user, allows control over account

2014/12/08

Softpedia - (International) SilverSky researchers identified and reported a vulnerability in the Yik Yak anonymous social media platform for iOS that could allow an attacker to discover the identity of a user and take over their account due to the Flurry advertising tool sending the app's secure ID used by the app in the place of a password without encryption. The researchers reported the issue to Yik Yak and a patch was released in December.

Source: http://news.softpedia.com/news/Yik-Yak-Flaw-De-anonymizes-User-Allows-Control-Over-Account-466877.shtml

Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at: http://www.dhs.gov/dhs-daily-open-source-infrastructure-report.


Last Updated: 27 May 2016 10:22:43