Researchers at a German university have broken the encryption of the two main standards used to protect calls from satellite phones, giving them the ability to intercept conversations that are meant to be private. The attacks on the GMR-1 and GMR-2 standards are thought to be the first such work against the satellite phone ciphers.

Injecting malicious code into the HTML used on legitimate Web sites is a key part of the infection lifecycle for many attack crews, and they often disguise and obfuscate their code to make it more difficult to analyze or so it appears to be legitimate code. The latest instance of this technique has seen attackers employing code that is meant to look like Google Analytics snippets, but instead sends victims off to a remote site that's hosting the Black Hole Exploit Kit. Not the desired result.

The Blackhole exploit kit has a near monopoly on infected Web pages, according to Web security firm M86’s latest Security Labs Report, issued today. (PDF)

Google has released an initial beta of Chrome for Android devices, and the new mobile browser includes a full set of security and privacy functions. The new mobile version of Chrome has the sandbox functionality that has been so important in the desktop browser, as well as a strict permission model for mobile apps.

Scammers are using the super-popular Temple Run game for iOS as bait to lure Android users into installing a phony version of the game on their phones. The incident comes amid reports of an explosion in traffic to mobile Web pages and application stores.

In the face of mounting evidence that the CA system is inherently flawed, Google officials are in the process of making changes to the way Chrome handles certificate revocations, and no longer will be using online revocation checks. Instead, Chrome will use the existing update system in the browser to accomplish this task.

DDoS attacks come in all shapes and sizes, and in a lot of cases, the victims of the attacks don't much care who is executing the attack or why. They just know that their network is being overwhelmed with junk traffic. But the last year has seen a major volume of politically motivated attacks, and new research shows that as much as 35 percent of DDoS are the result of some political or ideological motivation.

Adobe, which has spent the last few years trying to dig out of a deep hole of vulnerabilities and buggy code, is making a major change to Flash, adding a sandbox to the version of the player that runs in Firefox. The sandbox is designed to prevent many common exploit techniques against Flash.

A report from Web security firm zScaler finds that Web pages hosted by the firm Dreamhost are being redirected to a scam Web site in Russia following a hack of the company's servers last month.

Apple has issued a new patch for Mac OS X Snow Leopard to fix a problem that users were reporting with application-compaitibility with the original fix issued last week. The new patch is designed to alleviate problems with the Rosetta technology in Snow Leopard.