Top 10 Stories

BBC: A security firm says it has found the first confirmed case of ransomware that encrypts files held by Android devices. Eset reports that the Trojan - called Simplelocker - targets SD cards slotted into tablets and handsets, electronically scrambling certain types of files on them before demanding cash to decrypt the data. The message is in Russian, and payment is requested in Ukrainian currency. One expert said the threat was noteworthy, but limited at this...

The Register: Better code obfuscation has attracted the attention of the prestigious Association of Computing Machinery, which has anointed an Indian-born developer working at IBM's TJ Watson Research Centre with an award for his work. Protecting code, even as a binary, from being reverse-engineered is difficult: any solution that encrypts the code has to keep its functionality in place, and decrypting the code for execution has to be fast.

CNTV: Data just released by the national Computer Emergency Response Coordination Team shows China is one of the primary targets of cyber attacks and US-based hackers are most responsible for attacks on Chinese computer networks. The country’s top cyber security agency says nearly 11 million computers on Chinese mainland were infected and controlled by overseas servers in 2013 and US hackers accounted for over 30 percent of the attacks. More than 61,000 Chinese websites were...

Techcrunch: Despite Congressional bloviation, the NSA doesn’t think that Edward Snowden is a foreign spy. NSA Chief Admiral Michael Rogers doesn’t think it likely that Snowden is working for Russia, or any other country’s intelligence apparatus. “Could he have? Possibly. Do I believe that’s the case? Probably not,” said Rogers. The only surprising element of the Rogers comment is that he said it. There has been a steady drumbeat of intrigue and dreck trying to tie...

Arstechnica:  A recently discovered bug in the GnuTLS cryptographic code library puts users of Linux and hundreds of other open source packages at risk of surreptitious malware attacks until they incorporate a fix developers quietly pushed out late last week. Maliciously configured servers can exploit the bug by sending malformed data to devices as they establish encrypted HTTPS connections. Devices that rely on an unpatched version of GnuTLS can then be remotely hijacked by malicious...

Softpedia: If you're still on Windows XP at the time of reading this article, you're not alone. Stats show that last month, more than 25 percent of the world's desktop computers were still running Windows XP, despite the avalanche of warnings launched by Microsoft since one year ago. A new chart published today by Statista and based on figures provided by Net Applications shows that only little has changed after Microsoft pulled the plug on...

Reuters: Chinese state media lashed out at Google Inc, Apple Inc and other U.S. technology companies on Wednesday, calling on Beijing "to punish severely the pawns" of the U.S. government for monitoring China and stealing secrets. U.S. companies such as Yahoo Inc, Cisco Systems Inc, Microsoft Corp and Facebook Inc threaten the cyber-security of China and its Internet users, said the People's Daily on its microblog, in comments echoed on the front page of the English-language China Daily.  

SC Magazine: Home computers and point-of-sale (POS) devices are both being targeted by a recently identified piece of malware that has already compromised thousands of payment cards – the majority of which were issued in the United States. On May 23, Arbor Networks researchers discovered Soraya, a piece of malware that combines memory scraping techniques found inDexter, a POS malware, with form grabbing abilities seen in Zeus, a trojan that impacts PCs running Windows.

CSO : In a letter to the California Attorney General's Office (OAG), American Express says that 76,608 people in the state will get a breach notification letter after some of their data was published by Anonymous Ukraine earlier this year. In March, Anonymous Ukraine released more than 7 million records as part of a protest against the financial firms that helped "enslave" people the world over.   "After the USA showed its true face when...

Intego: Most TrueCrypt users (whether on Mac, Windows, or Linux) who currently have their hard drives encrypted with TrueCrypt 7.1a probably have no major cause for concern, at least not at this time.   The first phase of the recent TrueCrypt 7.1a audit “found no evidence of backdoors or otherwise intentionally malicious code” in the Windows version, and no “high-severity issues” were found (see the full report, which discloses some medium- and low-severity issues, at istruecryptauditedyet.com)....