Posted by Nightwatch Cybersecurity Research on Feb 08
[Original blog post here:https://wwws.nightwatchcybersecurity.com/2019/02/07/content-injection-in-amazon-kindles-fireos-cve-2019-7399/]
SUMMARY
The FireOS operating system provided by Amazon for Fire tablet devices
can be injected with malicious content by an MITM attacker. An
attacker can also capture the serial number of the device. The root
cause is lack of HTTPS for legal content (terms of use and privacy
policy) within the settings...