It's been a busy week in the world of cyber security. Masque made a return to threaten old iOS versions, and the FBI put a $3m bounty on the head of the Gameover Zeus malware maker.
Trend Micro managed to sniff out the source of a large number of banking trojans, while Malwarebytes took a less heavy hand with people using pirated versions of its security software.
Elsewhere in the industry, government snooping agency GCHQ approved six new Master's degrees, and China embraced sweeping new cyber security laws.
Cisco had a week of ups and downs, revealing its purchase plans for OpenDNS to bolster IoT security, but also admitting that three of its enterprise tools are vulnerable to SSH weaknesses.
V3 has a rundown of the most important security from the past seven days.
Apple users at risk from Masque malware attacks, warns FireEye
FireEye warned iPhone users that old versions of iOS are at risk from Masque malware attacks, which could be exploited to ruin iPhones and iPads with malicious apps.
The security firm said that Plugin Masque bypasses iOS entitlement enforcement and hijacks virtual personal network traffic, putting Apple devices running iOS version below 8.1.3 at risk.
FBI puts $3m bounty on head of Gameover Zeus malware creator
The FBI offered a reward of $3m for information leading to the capture of Evgeniy Mikhailovich Bogachev, the notorious Gameover Zeus malware creator.
Bogachev has been in the FBI's sights since June last year when he was accused of being one of the ringleaders behind the malware, which hit the Monster Jobs website earlier this year.
MasterCard planning selfie-based payment system
MasterCard has plans to let customers make purchases with a selfie photograph or by scanning their face to provide a safer alternative to passwords.
The payments firm's face recognition system follows touch payments from companies like Visa, and application-based options from Facebook, Apple and Google.
20-year-old Brazilian student outed as banking malware kingpin
Trend Micro has traced the source of a large number of banking trojans to a 20-year-old man in Brazil, known as 'Hacker's Son', 'Filho de Hakcer' (sic) and 'Lordfenix'.
The malware writer began his career by asking for advice in comment forums and has created over 100 banking trojans valued at over $300 each, according to the security firm.
Malwarebytes offers amnesty for pirated versions of anti-malware suite
Malwarebytes has announced an amnesty with pirates during which it will exchange illegitimate registration keys for its anti-malware software with genuine keys.
The amnesty is now live and the firm said it will offer all users a legitimate copy of the software, no matter how many have come via unauthorised products.
The offer does not assume that installations are wilfully pirated, and suggests that some people will have been duped into a download.
GCHQ approves six more university cyber security Master's degrees
GCHQ certified six more cyber security Master's degrees, bringing the total to 12 offered by universities across England, including Birmingham, Warwick and Royal Holloway.
The second wave of certifications builds on the six Master's degrees last year, and are part of GCHQ's attempts to support cyber security education in Britain.
Dropbox security chief highlights dangers of lax password practices
Dropbox's security chief urged users to better protect their passwords from hackers targeting customers by using passwords gathered from data breaches at other websites.
Patrick Heim, head of trust and security at Dropbox, said this was the biggest cyber security threat to Dropbox users, rather than sophisticated zero-day exploits or malware-driven events.
"On a daily basis it's very obvious that our customers and users are getting attacked, and the way they are being attacked isn't through technical wizardry," he said at a briefing attended by V3.
China embraces sweeping national cyber security laws
The Chinese government passed new national cyber security rules that cover a wide range of areas, including defence, finance, science and technology.
Chinese president Xi Jinping and the National People's Congress (NPC) passed the rules this week, according to state-backed reports from the Xinhua news agency. Just one voter out of 155 declined to back the changes.
NPC spokeswoman Zheng Shuna said that the passing of the laws was led by "ever-growing security challenges" that are external and internal.
Cisco announces IoT and security OpenDNS purchase
Cisco revealed its intention to acquire security company OpenDNS in a deal worth $635m.
The company said the acquisition will "accelerate" plans for cloud and Internet of Things security tools and features under the Cisco Security Everywhere brand.
Cisco admits to SSH weakness in three enterprise products
Cisco admitted in a security advisory that it has discovered SSH problems in three of its enterprise products, including one designed for security management.
The company warned customers that the systems are vulnerable owing to the preinstalled SSH encryption keys. The affected products are the Cisco Web Security Virtual Appliance, Email Security Virtual Appliance and Security Management Virtual Appliance.
VPN provider admits IPv6 security problem and promises fix
Virtual private network (VPN) provider HideMyAss acknowledged claims that it is leaking user data owing to a lack of IPv6 support, and said it is working on an update to fix the problem.
HideMyAss was responding to a survey by Queen Mary University in London which found that 11 out of 14 VPN providers are exposing personal information through a vulnerability known as IPv6 leakage.
Sophos' £1bn IPO a 'benchmark' for UK tech sector
Sophos launched on the London Stock Exchange with a frenzy of investment that won applause from Ed Vaizey, minister of state for culture and the digital economy.
The initial public offering values the company at £1bn, and raised total gross proceeds of £352m, according to the exchange, after the company listed on 26 June.
Users are told that their non-existent 'iPhoneID' is expiring soon
Expansion of SDK intended to expand Amazon Alexa ecosystem
Locky returns from a prolonged rest with two new variants
AMD lambasted over Radeon RX Vega pricing that will add an extra £100 to RX Vega 56 and 64 graphics cards
Company accused of failing to tell anyone that the launch prices were only introductory offers