Washington's attorney general has settled the first case prosecuted under the state's 2005 Computer Spyware Act.

The settlement, declared Monday, is with antispyware vendor Secure Computer LLC. The White Plains, New York, software company was charged of marketing its product via deceptive spam and pop-up ads, which offered free spyware scans that always detected a problem with the computer that was scanned.

A federal grand jury has accused a Romanian hacker on 10 charges of breaking into computers owned by the Jet Propulsion Laboratory, the Goddard Space Flight Center, Sandia National Laboratory and the US Naval Observatory.

Victor Faur, 26, of Arad in Romania, is the suspected leader of a hacking faction called the 'WhiteHat Team' accused of hacking the servers "because they were so secure".

The attack starts with a Quicktime file being set in a Profile page. If the user "runs" the file (simply visiting the infected page is enough to trigger the attack in most cases), it uses the HREF function to activate some Javascript.

An HREF track is a particular type of text track that adds interactivity to a QuickTime movie. HREF tracks enclose URLs that can specify movies that replace the current movie, load another frame, or that loads QuickTime Player. They can also include JavaScript functions or Web pages that load a specific browser frame or window.

EveryDNS, a company that offers free domain name administration services, has been hit by a massive DDoS (distributed denial-of-service attack) that caused damage to thousands of sites, including OpenDNS (another startup that runs the PhishTank anti-phishing initiative).

The 400mbps botnet attack did not affect the core recursive DNS resolution service offered by OpenDNS but the company's home page and business blog were crippled for about 90 minutes on Dec. 1.

Paradial pronounced the general availability of Paradial's RealTunnel 2.0. In addition to making it simple for clients to deliver fail-safe and secure connections across networks, geographical areas and organizational boundaries, the new version enhances the award winning product with new features and standards-based provisioning capabilities on a significantly reduced footprint.

A new variant of a malicious bot program is spreading exploiting a flaw in Symantec's antivirus software as well as through several holes in Microsoft code.

The worm, called 'Spybot.ACYR' by Symantec and 'Sdbot.worm!811a7027' by McAfee, seems to be targeting educational institutions, according to a blog item posted by Symantec. The security company said: "We are seeing a spike in traffic on port 2967 with activity only in the dot-edu domain. The impact of the attack is minimal thus far."

All the online holiday shopping is fruitful oportunity for online crooks looking to fence a few ill-gotten dollars from unwary customers.

Sophos says a Web poll (already skewed toward Web users) of 280 computer users showed that 71 percent will be shopping online during the holidays. While they're doing that phishers will be right behind them them, waiting to pick up any change they've dropped.

Although Vista's included e-mail client blocked all 10 malware emails present on November's list of most common threats, three got around Vista's built-in resistance when a third-party e-mail client was deployed.

As Microsoft advertized Windows Vista's enhanced security at the operating system's U.S. launch on Thursday, one security vendor said that a third of the month's top 10 exploits can effectively infect a Vista-equipped PC.

Verano, Inc., the SCADA security company, declared that itsReal-Time Application Platform (RTAP) on Linux is now available with aWindows client, Visualizer for RTAP on Linux. Verano's very scalable,mission-critical SCADA application now has the consistency of a Linux server joined with the flexibility and familiarity of a Windows-based operator interface available on low-cost, high performance hardware.

Chicago Teachers Union representatives Monday shocked by admitting a security breach that shared the Social Security numbers of 1,700 former Chicago public school employees with hundreds of their colleagues, creating a risk of identity theft.