Amateur astronomers are being warned of a new malware attack claiming to offer images of last night's lunar eclipse. Web monitoring firm Websense said that malware writers are using the eclipse in a social engineering attack and have spammed out emails offering 'footage' of the event.

The 2007 Global Threat Report from Bratislava-based security firm ESET has highlighted the huge success of the Storm worm. The report looked at the social engineering tactics used over the past 12 months and the duration of each technique. ESET believes that malware authors closely monitor the effectiveness of each ploy in an attempt to aid propagation and infection.

Spyware Doctor provides three-way spyware protection for your PC through real-time threat blocking, advanced system scanning and immunization against known browser infections. Anti-virus software and firewalls do not fully protect your system against the majority of spyware and privacy threats. When you consider the amount of valuable and confidential personal information stored on your PC, including credit card and banking details, private e-mails and documents, shopping and browsing habits, the risks of having software intruders snooping on your computer activity are obvious.

Microsoft has issued a security advisory that malicious attackers are targeting versions of its Office Excel with vulnerabilities.

Carphone Warehouse has been warned it could face prosecution for exposing the personal details of thousands of customers online and, in some cases, inadvertently setting debt collectors on them.

A gang that specialises in the theft of banking information through Trojans is attempting to protect its work by spreading a rootkit that veils malware. Until late in December 2007, the Master Boot Record (MBR) rootkit had been a proof of concept but it is now being used by criminals. However, director of intelligence at VeriSign's iDefense division, Rick Howard, said since 12 December, 5,000 infections have now occurred. The rootkit, which is being hosted on seemingly innocent websites and transmitted via malicious iFrames, can hide numerous other dangerous Trojans, according to VeriSign.

Guidelines published this week by the Crown Prosecution Service (CPS) on how to interpret amendments to the Computer Misuse Act (CMA) have been branded "confused" by a renowned security expert.

The majority of UK citizens do not trust the government with their data following the HM Revenue & Customs data breach, according to security vendor Symantec. The personal details of 25 million people claiming or receiving child benefit were lost on two unencrypted CDs in November.

In the wake of the HMRC data debacle, organisations must act to safeguard public confidence in data gathering - and that means considering the impact of new IT systems and technologies on individuals' privacy, says data watchdog the Information Commissioner's Office (ICO). Speaking at a conference on the surveillance society, David Smith, deputy commissioner at the ICO, described the HMRC breach as a watershed and called on organisations to implement new safeguards to protect individuals' privacy. This means considering the impact of new IT systems before they are developed, he said.

Policies, processes and a "corporate ethos" of care of data are more important in securing sensitive information than using encryption technology. Encryption has been back in the spotlight following the HM Revenue & Customs data breach that led to two CDs containing unencrypted records of 25 million people on the child benefit database getting lost in the post.