"Greenbug," the group associated with Shamoon attacks against Saudi enterprises, uses the remote access Trojan Ismdoor to steal credentials from its targets. Researchers at Arbor Networks say they've found that Greenbug has moved away from http-based command-and-control, and that it now cloaks its communication with Ismdoor in DNS TXT record queries and responses.
Don't use the Super Free Music Player app from Google's PlayStore: it's malware.
Fraudulent SIM swaps enable criminals to take over your phone's identity (and kill your phone).
A researcher claims to have demonstrated a privilege-escalation vulnerability in demotically named VPN service HideMyAss.
Research presented at the IEEE European Symposium on Security and Privacy found that ultrasonic beaconing (a marketing tool with privacy implications) is becoming increasingly common in Android applications—some two-hundred-thirty-four current apps use it. Many of those apps are quite mainstream, and their users are typically quite unaware that the functionality is part of the package.
TrendLabs warns of the risks inherent in industrial routers.
Concerns over fake news has spooked service providers and emboldened various national authorities to seek ways of controlling it. China plans to establish its own state-vetted Wikipedia alternative inside the Great Firewall, UK MPs want a legal review of hate speech, and Malaysia threatens WhatsApp admins with jail for spreading rumors. Facebook plans to hire three-thousand analysts to review its users' content.
Commenting on espionage in cyberspace, security expert and entrepreneur Eugene Kaspersky observes that "everyone hacks everyone." Two accounts of US and Russian practices merit comparison and contrast.