Oracle is about to issue a warning that Java users could be exposed to malware, the media have reported on Tuesday.

The exposure is the result of a flaw that existed in Java’s software update tool. After an investigation conducted by the US Federal Trade Commission, Oracle (Java’s distributor) has agreed to issue a warning over its social media channels and on its website, otherwise it would have been fined.

It's the time of year when companies inevitably turn to their crystal balls and try to predict what the coming year will have in store.

Where security is concerned there's a focus across the board on the evolving threat landscape and the tools needed to deal with it. We've brought together predictions from some of the leading industry experts.

Online security concerns mean that we have become reliant on passwords to access so many different services. The sensible and secure route to take is to use a unique password for every site and service you access, but unless you have a record-breaking memory, this can prove tricky. Google has a solution: ditch the password entirely.

While this may be seen as a step down from the two-factor authentication that so many companies have been pushing for in recent years, it is actually quite similar in many respects. Google's method focuses on speed and convenience, and still requires the use of a smartphone.

To some this will come as a surprise, to others not as much, but the Distributed Denial of Service, also known as DDoS -- was the most popular type of cyber-attack in the past year.

According to a report by security firm Akamai, there has been a jump of 180 percent in the number of DDoS attacks in 2015. The ending year also saw records broken in the size of the attacks, as well.

With many U.S. lawmakers calling for an end to encryption, Tim Cook has decided to reiterate Apple’s stance on the matter. Apple’s CEO believes that when it comes to encryption there is no trade-off between privacy and national security.

During CBS’ program 60 Minutes, on Sunday Cook defended the need for encryption and how it important it is to Apple and its consumers. According to Cook, there is no reason why Americans should not be able to have privacy while simultaneously protecting America’s national security.

Tim Cook is a vocal opponent of any form of encryption weakening, and now Apple has spoken out against the UK government's Investigatory Powers Bill -- otherwise known as the snooper's charter. Currently in draft form, the bill would require ISPs to retain customers' browsing histories for a year, and would require technology companies to implement backdoors that would allow encryption to be bypassed.

Apple says that it has serious concerns about the proposed bill in its current form, and calls for sweeping changes to be implemented. The company has famously refused to allow access to encrypted iMessage chats, and this is a stance it is reiterating.

Security experts from Panda Security warn that 2016 is set to be a bumper year of attacks and malware infections. The company says that malware will grow at "an exponential rate", with Android, mobile payment platforms, and the Internet of Things being key targets.

Business, individuals, and corporate users alike are at risk, and it is predicted that infections via JavaScript and Windows 10's Powershell are to be common attack vectors. Exploit kits are due to increase in popularity, largely because of the fact that it is not currently easy to combat them.

A virtual private network (VPN) brings additional security to anyone using a public network, such as the Internet. Using a variety of security methods, such as encryption, the VPN is able to safeguard any data transmitted across the network, which may be at risk if it simply used the underlying public network infrastructure.

VPNs are often employed when it would not be practical to use a physical private network, usually due to financial reasons. As businesses embrace mobile working and face increasing pressure to protect sensitive information, many are employing virtual private networks to improve their network security.

A new survey of cyber security professionals from information management company Nuix shows that businesses are placing greater emphasis on insider threats.

The report reveals that 71 percent of respondents report that they have an insider threat program or policy, and 14 percent say that they allocate 40 percent or more of their budget to insider threats.

The demise of Flash has been long, lingering, and painful -- and highly over due in many people's books. There has been a spate of high profile ditchings of Flash recently: Speedtest.net, Twitch, Chrome and Netflix to name but a few. Now Facebook has thrown its hat in the ring switching to HTML5 video.

This is a move that is browser-agnostic, and means that every single video you see on the social network will default to HTML5. While many will see this as a cause for celebration, the change does not completely spell the death of Flash -- it will continue to be used on Facebook for many games.

Dating services are big business these days, and they offer a modern way to meet a life partner. But there's also a dark side. Tinder is perhaps the most well-known dating app, and Grindr is a near identical service aimed at gay and bisexual men.

Police in London are warning that the app -- which is available for iOS and Android -- is being used by an armed gang to set up fake dates with men. With two million people using the app around the world, Grindr offers rich pickings for homophobes to look for victims.

Linux is usually touted as the operating system of choice for those concerned about privacy, but a recently discovered bug makes it unbelievably simple to bypass authentication. A vulnerability in Grub2 -- the bootloader used by many Linux distros -- means that all it takes to take control of a computer is to press the backspace key 28 times.

Two researchers from the Cybersecurity Group at Spain's Polytechnic University of Valencia published a paper that reveals just how easy it is to gain access to many Linux systems. It's not a problem that Ubuntu, Red Hat, and Debian users need to worry about too much as patches have already been issued, and users of other distros can make use of an emergency patch in the Grub2 git repository.

You might think that talking about Facebook and privacy in the same breath is a little odd. The two just don’t go hand in hand, surely? Trying to use Facebook whilst maintaining your privacy is an exercise in futility, right? Well, yes, it’s certainly true that hitting a social network is not the thing to do if you want to fly under the radar, but many people do not realize just how easy it is to unwittingly hand over reams of personal information to companies and persons unknown.

While a majority of users are aware that anything they post -- essentially -- becomes Facebook's property, and can be exploited in a variety of ways. Anything shared to the social network can be used to dig up an ever-more accurate picture of who you are, where you are, what you do, what you like, and who you know. Quizzes, personality tests, friend comparisons, and year in review apps, however, are blackholes for personal data -- and the huge range of apps from Meaww have been singled out as being a major cause for concern.

Networking manufacturer Juniper has discovered backdoors built into its firewalls. The company says that a number of its devices running the ScreenOS operating system include serious vulnerabilities that could be used to take remote control of networked devices, or to decrypt VPN traffic.

The company says that the security issues were unearthed during an internal code review and has issued an out-of-cycle fix to address the vulnerabilities. Network admins are advised to treat the threats seriously, and to make use of the available patches immediately.

Google is placing an increased importance on security in 2016. The company has set aside $1 million to fund independent research into the security of its Drive cloud storage service, and will continue to offer a bug bounty program.

Acknowledging that "keeping files safe in Google Drive is super important", Google says that next year it will make the money available to independent security researchers. The money comes in addition to the funds that are used to employ hundreds of security experts at the company, with independence bringing an extra level of scrutiny.