As the year comes to a close we’re taking a look back at some of the events that shaped the tech landscape in twenty-fifteen. When it comes to security we saw a fair share of controversies and security blunders with the likes of Apple, Google, Lenovo -- among others -- and governments around the world as protagonists. These are the stories that caught our readers’ attention.

#12 New crypto-ransomware attack holds your PC games hostage unless you cough up $500

The malware, which is a variant of crypto-ransomware called TeslaCrypt, seeks out over 50 file extensions related to video games including Steam, single and multiplayer games, even game development software, and locks the files down until you pay up.

#11 User information is shared everywhere by iOS and Android apps

Surprise, surprise: researchers have discovered that apps available in both the Google Play Store and the iOS App Store frequently send personal information to a multitude of sources, often without notifying the user.

#10 Fully patched versions of Firefox, Chrome, IE 11 and Safari exploited at Pwn2Own hacking competition

pwn2own firefox chrome safari research zero day cansecwest security researchers hackers hack hacks hwelett-packard zero day initiative

As in years past, the latest patched versions of the most popular web browsers around stood little chance against those competing in the annual Pwn2Own hacking competition.

#9 Hacking a locked-down Linux PC is apparently as easy as pressing backspace 28 times

A pair of security researchers from the Cybersecurity Group at the Polytechnic University of Valencia in Spain have discovered a method of hacking into a Linux computer that's so easy, you'd be forgiven for thinking it wasn't legit.

#8 AVG's updated policy explains how it can sell users' browsing and search history data to advertisers

Security firm AVG has come under fire from users after revealing its new, “transparent” privacy policy which states that the company can sell search and browser history data to advertisers in order to "make money" from its free antivirus software.

#7 Lenovo caught preloading 'Superfish' adware on laptops, removal tool made available

The Superfish debacle was an embarrassment and legal concern to Lenovo, a headache to affected customers and yet another concern for the security community.

#6 Hackers discover how to remotely change target and disable self-aiming sniper rifles

Cybersecurity researchers Runa Sandvik and Michael Auger have discovered a design flaw that allows someone to take control of a TrackingPoint self-aiming sniper rifle.

#5 Slack user database compromised, counters with two-factor authentication and password kill switch

slack security breach breach it security hack hacked slack hack

Slack, the company behind the team communication tool by the same name, revealed that its database was compromised by hackers during a four-day period in February.

#4 uTorrent update selectively installs cryptocurrency mining software without notice

utorrent bittorrent bitcoin virtual currency torrents cryptocurrency litecoin miner cryptocurrency miner bitcoin miner

uTorrent, one of the most popular BitTorrent clients on the web, earns revenue through in-app advertising and also presents users with special offers to try third-party software. These offers are usually opt-in but that no longer appears to be the case.

#3 Kaspersky Lab uncovers a suite of surveillance platforms that hide in hard drive firmware

Security researchers at Kaspersky Lab have unearthed a suite of surveillance platforms that can hide within the firmware of hard drives from more than a dozen manufacturers.

#2 Popular free VPN service, Hola, discovered to have malware-like behavior

popular vpn hola malware chrome extension extension free vpn

One of the most popular free VPN and geo-unblocking services, Hola, is uncovered as exhibiting malware-like behavior by reselling users' idle bandwidth.

#1 Tech companies face criminal charges if they notify users of UK government spying

UK ministers want to make it a criminal offence for tech firms to warn users of requests for access to their communication data made by security organizations.