Tech Companies' Support for CISPA Wavers: Mozilla this week became the first major Internet company to publicly oppose the Cyber Intelligence Sharing and Protection Act (CISPA), and Microsoft has also started to withdraw its previous support for the bill. A Mozilla spokesperson told Forbes\u2019 Andy Greenberg, \u201cCISPA has a broad and alarming reach that goes far beyond Internet security. The bill infringes on our privacy, includes vague definitions of cybersecurity, and grants immunities to companies and government that are too broad around information misuse.\u201d \u00a0\n\tMeanwhile Microsoft, which has more business clout than Mozilla, expressed concern over the bill\u2019s impact on personal privacy. The company said in a statement, \u201cMicrosoft believes that any proposed legislation should facilitate the voluntary sharing of cyber threat information in a manner that allows us to honor the privacy and security promises we make to our customers.\u201d The bill passed the House, and the fight has now moved to the Senate. President Obama said he may veto the bill if it passes in its current form.\n\tAndroid Malware Comes in the Form of a Security Update: New Android malware that uses website injection to infect mobile devices has been identified. \u201cMultiple sites have now emerged with a URL-redirect injected into the HTML body of an infected page,\u201d according to Symantec. Infected devices may be used as proxies that allow attackers to route traffic through them. Mobile device trojans have been used in the past for financial gain or to steal personal data.\n\tFake Justice Department Letter Used in Ransomware: Hackers have combined ransom Trojans with banking malware to produce a hybrid that demands money before attempting to steal user logins. The new variant of the Citadel Malware is called Reveton. The infection happens after users are lured to a drive-by download site that employs a dropper to install the Citadel malware. The program then locks down its host computer and shows a message saying the machine has been identified by the Computer Crime and Intellectual Property Section of the U.S. Department of Justice for visiting websites that contain child pornography or other illegal content, thus violating U.S. federal law. Infected users are then prompted to pay a $100 fine to the DoJ to unlock their machines.