The Cold War may be over, but the global battle over information security is heating up, as U.S. intelligence experts struggle to fend off relentless cyber attacks from China and Russia.

The notorious Storm worm trojan has continued its holiday-themed onslaught with a massive wave of "love" notes that attempt to deliver a poison kiss to a recipient's PC in the form of malicious code.

Script-based attacks that cycle through multiple exploits and target trusted websites, increasingly sophisticated botnets, and cyberespionage that uses phishing to steal terabytes of data head SANS Institute's Top 10 list of 2008 security menaces.

A researcher has warned that the Silentbanker trojan apparently is able to circumvent two-factor authorization and inject itself into the middle of ongoing banking transactions, duping bank customers into sending money to attackers while the customer proceeds with what looks like a valid transaction.

A leading analyst says there currently is little risk of large-scale malware attacks on Wi-Fi networks, responding to a warning by an Indiana University research team that a virus could be used to quickly infect most Wi-Fi routers in a large city.

Fortinet has reported that the notorious Storm Worm botnet was deployed this week to mount phishing attacks on two banks, including international giant Barclays, directing customers to fake sites set up to steal their account log-in and password data.

FAA has notified Boeing that it must make sure the new 787's flight control system can't be hacked by passengers surfing the web, but it did not mandate a manual override of in-flight internet access as requested by the pilots' association.

Two leading spyware researchers have warned visitors to Sears Holdings' My SHC Community that they risk intrusive third-party tracking if they download marketing software on the site.

A U.S-based Chinese news website which hosts hundreds of blogs - outlets for repressed political and social commentary in China - is struggling to reactivate the blogs after suffering a DoS bombardment that crashed Boxun.com/blogs on Dec. 24.

Symantec warned this week that it has encountered a new form of pump-and-dump spam that features a link to a high-definition video stream touting a uranium mining stock.