A look at the security issues making headlines so far this week:
Phishing campaign touts fake 'Heartbleed removal' tool (Computerworld)
The program attached to the emails is actually a keylogger, according to Trend Micro.
Iranian Cyberspies Pose as Journalists Online To Ensnare Their Targets (Dark Reading)
Cyberspying campaign out of Iran combines social engineering and social media to steal credentials from a wide array of US and Israeli military, government, and defense contractors.
US Disrupts $100M GameOver Zeus Malware Cybercrime Ring (Cnet)
Suspected Russian hacker is accused of creating botnet that infected as many as 1 million computers worldwide in order to steal more than $100 million.
American Express Issues Alert After Anonymous Dumps Cardholder Data (CSOonline)
In a letter to the California Attorney General's Office (OAG), American Express says that 76,608 people in the state will get a breach notification letter after some of their data was published by Anonymous Ukraine earlier this year.
Serious Flaw in GnuTLS Library Endangers SSL Clients and Systems (InfoWorld)
A vulnerability patched in the GnuTLS library can potentially be exploited from malicious servers to execute malware on computers.