The Internet has been abuzz over the recently discovered Heartbleed bug. If you're not already familiar, Heartbleed is a vulnerability in the OpenSSL software library that allows an attacker to steal data directly from the memory space of an application and learn the private keys used to keep data securely encrypted as it travels over the Internet. The implications of this kind of leak are certainly severe, and it has everybody rushing to either install updates that fix the bug or implement workarounds to disable it.
Scary tales about Android malware have been told since before people started guessing what dessert name would start with the letter 'D' (it's "Donut," in case anybody has forgotten.) Most of those claims came and went, amounting to little more than ghost stories. Unfortunately, there are a few real ghouls and goblins for which we should be afraid. Back in February, one such monster was discovered lurking about that allowed modified APKs to be installed on your device while successfully side-stepping the cryptographic signature used to prevent that very thing.
There may be many ways to root an Android phone, but there's allegedly one root to rule them all. At this year's Black Hat USA 2013 conference, security researcher Jeff Forristal will detail how to gain system access and control on nearly any Android device. The bug was disclosed back in February, and Google presumably has worked to patch the vulnerability in the months since, so don't get too excited.