The Android app of Ring, the Amazon-owned firm that offers doorbells and indoor and outdoor surveillance cameras, had a vulnerability that could have allowed threat actors to steal identity (opens in new tab) data including geolocation and camera recordings. Cybersecurity researchers from Checkmarx found the vulnerability in the com. ringapp/com.
ring.
nh.
deeplink.
DeepLinkActivity activity, noting that this was, “implicitly exported in the Android Manifest and, as such, was accessible to other applications on the same device.
…
Read more