Last week in security was dominated by snooping, from Facebook warning its users about profile spying by nation states to FBI denials that it has Bourne-style biometric tracking capabilities.
In other news, Chinese hackers are still attacking US networks following a supposed cyber truce between the two nations.
Read on for the top security news from V3:
Facebook battles nation-state snooping to protect users from prying eyes
Most people use Facebook to post status updates, chat with friends and share photos, and would never imagine being the target of government spies.
But Facebook announced that it will alert users if it believes government agencies are actively spying on their profiles, whether that's the US National Security Agency or China's People's Liberation Army.
Security patch culture 'fundamentally flawed' as experts call for change
Frequent security updates and a patch-as-you-go approach to software flaws have led a number of security experts to question whether the problem needs a fresh approach.
Microsoft, Adobe and Oracle unveiled over 200 updates in October alone, many marked critical, backing up the notion that security patches are now an inevitable reality for the industry.
NHS-approved online pharmacy fined £130,000 for selling customer data
The UK's largest NHS-approved online pharmacy was fined £130,000 after selling details on over 20,000 customers to overseas organisations without customers' permission.
Pharmacy2U was found to have advertised details on over 100,000 customers as being for sale. These details were often sold on the basis of why the customer had used the website, such as for conditions including asthma and Parkinson's disease. The records were sold for as little as £130 per 1,000.
Apple pulls 250 apps from App Store over privacy fears
Apple removed over 250 apps from the App Store after it was revealed that they were siphoning off user data in breach of privacy rules.
The apps were almost all made by Chinese developers using an SDK created by a Chinese mobile advertising firm called Youmi. The firm evolved the SDK to be able to siphon off data such as email addresses and device identifiers and send it to its own servers.
FBI cyber experts deny Bourne-style biometric snooping exists, but it may one day
Cyber spooks in films and TV programmes often have access to a sprawling, real-time surveillance system capable of watching and scanning the faces of the public anywhere in the world.
Yet technology experts with experience of the FBI recently claimed that this is far removed from the realities of biometric systems.
China continues hacking operations against US despite cyber truce
Chinese hackers continue to attack American companies, according to security firm CrowdStrike, despite a so-called cyber peace agreement between the US and Chinese governments.
The agreement announced on 25 September said that neither super power would engage in cyber actions against the other and would "never knowingly" support the theft of intellectual property.
Trend Micro buys HP's TippingPoint for $300m to boost security offerings
Trend Micro announced that it will acquire HP's TippingPoint security division in a deal worth $300m. The company said that the purchase will broaden its portfolio of services covering everything from endpoint protection to cloud security.
Users are told that their non-existent 'iPhoneID' is expiring soon
Expansion of SDK intended to expand Amazon Alexa ecosystem
Locky returns from a prolonged rest with two new variants
AMD lambasted over Radeon RX Vega pricing that will add an extra £100 to RX Vega 56 and 64 graphics cards
Company accused of failing to tell anyone that the launch prices were only introductory offers