December 21, 2014

Flash Player as a spy system

If a forged certificate is accepted when accessing the Flash Player’s Settings Manager, which is available exclusively online, attackers can potentially manipulate the player’s website privacy settings. This allows a web page to access a computer’s web cams and microphones and remotely turn the computer into a covert listening device or surveillance camera.

Read the full article here.

Source:[TheHSecurity]

Android app secretly uploads GPS data, warns Symantec

Researchers from anti-virus provider Symantec have outted a gaming application in Google’s Android Market that tracks users’ whereabouts so they can be secretly monitored in real-time.

The free app is known as Tapsnake, which bills itself as an Android variation of a video game that has been around for three decades. What the description doesn’t say is that every 15 minutes, the app uploads the user’s GPS coordinates to a server that can be monitored by people running a separate $4.99 app known as GPS Spy, which is made by the same developer shop.

Read the full story here.

Source: [TheRegister]