Ars Technica: Google Play is fighting an uphill battle against Android adware

Ars Technica: Google Play is fighting an uphill battle against Android adware. “Google’s official Play marketplace is waging an uphill battle against Android apps that display an unending stream of popup ads even when users try to force them to stop, researchers said Friday. The researchers, from UK-based SophosLabs, said they have found a total of 47 apps in the past week that collectively have racked up as many as 6 million downloads.”

Krebs on Security: Credit Card Breach at Buckle Stores

Krebs on Security: Credit Card Breach at Buckle Stores. “On Friday morning, KrebsOnSecurity contacted The Buckle after receiving multiple tips from sources in the financial industry about a pattern of fraud on customer credit and debit cards which suggested a breach of point-of-sale systems at Buckle stores across the country. Later Friday evening, The Buckle Inc. released a statement saying that point-of-sale malware was indeed found installed on cash registers at Buckle retail stores, and that the company believes the malware was stealing customer credit card data between Oct. 28, 2016 and April 14, 2017.”

ZDNet: Jaff ransomware demanding $4,000 to unlock your files? Now you can get them back for free

ZDNet: Jaff ransomware demanding $4,000 to unlock your files? Now you can get them back for free. “Victims of a form of ransomware that demands a huge payment to unlock files can now do so for free, thanks to a newly released decryption tool. that exploits a vulnerability in its malicious code.”

Bleeping Computer: The Nigerian Spammers From the 90s Have Moved on to Keyloggers and RATs

Bleeping Computer: The Nigerian Spammers From the 90s Have Moved on to Keyloggers and RATs. “We’ll be taking a look today at a group of researchers that during the past few months have been reporting malware-infected computers to relevant authorities in countries all over the globe. This team is formed by MalwareHunter, Daniel Gallagher, and a security researcher that goes online only by the name of Guido. For the past few months, using data they search and find on VirusTotal, this group has been identifying malware campaigns, tracking down malware C&C servers, and rummaging through countless of data stolen from infected computers.”

Naked Security: Security SOS Week – learn from our top experts for free

Naked Security: Security SOS Week – learn from our top experts for free. “What’s worse than ransomware? How will the new GDPR data protection laws turn out? When does good security turn into creepy surveillance? What happens if zombie malware shows up on your network? Now you can stay up to speed on all of these topics without even leaving your desk – by joining in the Sophos Security SOS webinar series, which takes place next week, 19-23 June 2017.”

The Verge: Microsoft releases new Windows XP security patches, warns of state-sponsored cyberattacks

The Verge: Microsoft releases new Windows XP security patches, warns of state-sponsored cyberattacks. “Microsoft issued a ‘highly unusual’ patch for Windows XP last month to help prevent the spread of the massive WannaCry malware. At least 75,000 computers in 99 countries were affected by the malware which encrypts a computer and demands a $300 ransom before unlocking it. Microsoft stopped supporting Windows XP in April 2014, but the software giant is now taking the unprecedented move of including it in the company’s Patch Tuesday round of security updates today.”

CNET: Virus scanner — or malware? Beware app store fakes

CNET: Virus scanner — or malware? Beware app store fakes. “RiskIQ, a cybersecurity firm, found seven apps related to WannaCry in the Google Play store and two in Apple’s App Store that demanded excessive permissions such as knowing your phone’s wake password. One of the phony WannaCry apps is actually blacklisted by RiskIQ’s standards because of the red flags it raised. Researchers found hundreds of fraudulent antivirus apps on the market — fakes packed with adware, Trojans and sources of malware.”