Some of the nation’s largest wireless carriers say they last year collectively received some 1.3 million requests from law enforcement for customers’ phone records – a number that continues to rise. The information shared with police includes geolocation information, content of text messages, wiretaps and aggregated cell tower activity for a specific block of time.

Symantec is warning of new malware masquerading as two apps on Google Play that claimed up to 100,000 victims before the Trojan was removed.Both “Super Mario Bros.” and “GTA 3 Moscow City” racked up 50,000 to 100,000 downloads after being posted June 24 on Google Play.

Microsoft issued nine bulletins fixing 16 vulnerabilities in the July 2012 edition of Patch Tuesday. Three of the bulletins received Microsoft’s most severe ‘critical’ rating, while the remaining six were deemed merely ‘important.’

UPDATED–In the wake of the Flame malware attack, which involved the use of a fraudulent Microsoft digital certificate, the software giant has reviewed its certificates and found nearly 30 that aren’t as secure as the company would like and has revoked them. Microsoft also released its new updater for certificates as a critical update for Windows Vista and later versions as part of today’s July Patch Tuesday.

A new family of malware has infected some 100,000 Android devices via malicious application downloads on nine separate third-party markets in China, according to researchers at the mobile security provider TrustGo.

The FTC is nearing completion of its investigation into allegations that Google used a special technique to circumvent the privacy settings on Safari to enable better tracking of users, even when tracking was disabled by the user. The decision may cost Google millions of dollars in fines, but it’s not clear whether that will serve as any kind of deterrent for a company that brings in tens of billions of dollars in revenue each year.

The security firm Trusteer reports that new Web-based attacks are targeting Android smartphone users in a campaign to circumvent two-factor sign-on features used by many banks to protect account holders.