Security News > 2016 > September > Android apps based on Adobe AIR SDK send out unencrypted data (Help Net Security)

Developers using the Adobe AIR SDK should update to the latest version of the software development kit and rebuild the apps as soon as possible if they don’t want their users’ traffic being exposed to attackers. The flaw, discovered by Nightwatch Cybersecurity researchers while monitoring network traffic during testing of some Android applications, directs runtime analytics for AIR applications to several Adobe servers. Unfortunately, that traffic is unencrypted. “Because encryption is not used, this would … More →

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/rQGgIxv5wWc/