Hackers have claimed to have broken into the Commonwealth Bank of Australia's UK site, but with the bank denying any attack, is this just another case of putting one and one together and getting three?
Just the other week, we heard that the Australian Tax Office was storing passwords in plain text. This time, it's one of the UK's intelligence agencies.
Attackers can apply for the security certificates for gTLDs that are yet to be approved, and many legitimate websites may already have certificates that could allow them to conduct man-in-the-middle attacks on gTLDs.
Chinese spies! Advanced persistent threats! Sophisticated "cyber" attacks! They're just buzzwords for attacks that are happening all the time, so why be surprised?
What's worse than a clueless security team that doesn't care about securing the details it receives? One that you're paying for with your tax dollars.
Pessimists, or perhaps realists, in the security industry say that being hacked is a matter of when, not if. But if you're a Mega user, do whatever you can to make sure you're never hacked, because you can't change your password and you can't delete your account.
You should update Java. Or uninstall it. Or not completely uninstall it, but disable it. Or not do anything at all because it's not a problem. Whoever's advice you take, the chances are it's wrong.
When exploits can be sold for money, it was only a matter of time before hackers started attacking each other to undermine their competitors' businesses.
Social-media giants Twitter and Facebook may have left their users' information vulnerable for over 100 days, while a small startup also experiencing the same problem took just two days to take some form of action.
Well intended hackers might discover plenty of security vulnerabilities during their travels across the internet, but when businesses sue them or make it hard to pass the information along, it's no wonder that they don't even bother.
I caved in. I had all intentions of pre-emptively spending my $900 government handout on a $700 HP netbook this weekend. But I was pwned by a shiny little MacBook in about the time it took white hat Charlie Miller to hack its upscale brother, the MacBook Air.
Facebook's answer as to why it removed vigilante groups that had posted details about accused fire-bug Brendan Sokaluk smells of fear that it may be as responsible as media for content published on its network.
Scared of being swept out in a round of redundancies? Then join a security company, where your misery is the industry's opportunity to protect intellectual property.
It's always funny watching an event force a company to break old habits and this IE zero day was enough for Microsoft to do it. As Microsoft Australia's strategic security advisor Stuart Strathdee said "we pulled all stops to get this patch out".
In light of the unpatched IE zero day, AusCERT has cautiously advised organisations to "consider" using an alternative browser; or even kill browsing altogether. For organisations with locked down computers, is it time to support two browsers?