Tips & advice

The risks of using government use of malicious code in cyber conflict are examined in this paper by Andrew Lee and Stephen Cobb: Malware is called malicious for a reason: the risks of weaponizing code.

New malware targeting point of sale (PoS) systems, detected by ESET as Win32/Spy.Agent.OKG is described in a warning and analysis distributed by US-CERT, a reminder to increase security around PoS access.

This week in security news saw the world’s researchers discover a whole new range of Achilles Heels for PCs, the online privacy service Tor, and even ‘connected’ gadgets such as internet fridges.

Users of the online privacy service Tor - designed to allow users to access hidden sites anonymously - may have been unmasked after an attack lasting five months, crafted to de-anonymise traffic on the service.

The billions of USB ports in use in PCs are vulnerable to a new attack - which can undetectably install malware, steal data and seize control of machines.

A new report found hundreds of serious security flaws in some of the most popular Internet of Things gadgets - the problem is far deeper than thought, with 70% of the most popular such gadgets having serious security flaws.

If intelligence and law enforcement agencies have a genuine need to spy upon some communications then it should not be via a backdoor that could put millions of innocent, law-abiding users at risk.

A single email wiped $300 million off the value of an Australian mining company, after an environmental activist, Jonathan Moylan and sent a press release to media organizations.

Victims of the notorious attack against Sony’s online gaming service and associated websites in 2011, which exposed details for up to 77 million subscribers, are to be offered $15m in digital goods as compensation.