- Android apps ‘leak’ personal details, BBC News
- French hacker captures €500,000 with smartphone trojan, The H Security: News and Features
- Researcher Develops Patch for Java Zero-Day, Puts Pressure on Oracle to Deliver its Fix, threatpost
- ‘Looming menace’ of evil browser extensions to be demo’d this week • The Register, The Register
- CyanogenMod logged lockscreen swipe gestures, The H Security: News and Features
- CyanogenMod Fixes Flaw That Logged Users Unlock Codes, threatpost
- Introducing the USB Stick of Death, j00ru//vx tech blog via Four Short Links
- Why Mozilla should join the CryptoParty, The H Open: News and Features
- Adobe Plugs Several Buffer Overflow Holes in Shockwave Player, threatpost
- Fake PayPal Emails Distributing Malware, threatpost
- How a Google Headhunter’s E-Mail Unraveled a Massive Net Security Hole, Threat Level at Wired.com
- Attacking TrueCrypt, The H Security: News and Features
- The 25 worst passwords of the year, The H Security: News and Features
- Attackers Turn to Open DNS Resolvers to Amplify DDoS Attacks, threatpost
- Phony certificates fool faulty crypto in apps from AIM, Chase, and more, Ars Technica
- US-CERT warns DKIM email open to spoofing, The Register
- SSL Vulnerabilities Found in Critical Non-Browser Software Packages, threatpost
- Boarding pass barcodes ‘can be read by smartphones’, BBC News
- Backdoor in computer controls opens critical infrastructure to hackers, Ars Technica
- 4 Simple Changes to Stop Online Tracking, Electronic Frontier Foundation
- TPM Chip in Windows 8 Lays Foundation for Widespread Enhancements to Hardware-Based Security, threatpost
- DoS vulnerability affects older iPhones, Droids, even a Ford car, Ars Technica
- Patch Available for Broadcom Mobile Device Firmware DoS Vulnerability, threatpost