- Smoke-belching flash drive self-destructs on command, The Register
- Malware charges users for free Android apps on Google Play, ZDNet
- SIGINT: Few advances in GSM security, The H Security: News and Features
- Facebook account cancellation is malware, not Adobe Flash, ZDNet
- RSA SecurID software token cloning: a new how-to, Ars Technica
- Nmap now fully ready for IPv6, The H Open Source: News and Features
- Iranian Students Claim to have Stolen Thousands of Researcher’s Records, threatpost
- Sudo broken, sudo fixed, ZDNet
- Google to Warn 500,000+ of DNS Changer Infections, Krebs on Security
- Anatomy of a hack: 6 separate bugs needed to bring down Google browser, Ars Technica
- Wireshark updates close DoS security holes, The H Security: News and Features
- Common Firewall Feature Enables TCP Hijacking Attacks, threatpost
- Cross-browser worm uses commercial Javascript extension engine, The H Security: News and Features
- Months After A Patch, Targeted Attacks Still Using Adobe Flash Bug, threatpost
- SSL fix flags forged certificates before they’re accepted by browsers, Ars Technica
- United Airlines reportedly spills passenger information, Ars Technica
- Researchers Unveil New Way to Trust Certificates, threatpost
- New SpyEye plugin takes control of crimeware victims’ webcam and microphone, ZDNet
- Google Patches 13 Flaws in Chrome 19, threatpost
- Comcast phishing site contains valid TRUSTe seal, ZDNet
- Android Malware Genome Project launched, The H Open Source: News and Features
- NMap 6.0 arrives, The Register