EveryDNS, a company that offers free domain name administration services, has been hit by a massive DDoS (distributed denial-of-service attack) that caused damage to thousands of sites, including OpenDNS (another startup that runs the PhishTank anti-phishing initiative).

The 400mbps botnet attack did not affect the core recursive DNS resolution service offered by OpenDNS but the company's home page and business blog were crippled for about 90 minutes on Dec. 1.

Paradial pronounced the general availability of Paradial's RealTunnel 2.0. In addition to making it simple for clients to deliver fail-safe and secure connections across networks, geographical areas and organizational boundaries, the new version enhances the award winning product with new features and standards-based provisioning capabilities on a significantly reduced footprint.

A new variant of a malicious bot program is spreading exploiting a flaw in Symantec's antivirus software as well as through several holes in Microsoft code.

The worm, called 'Spybot.ACYR' by Symantec and 'Sdbot.worm!811a7027' by McAfee, seems to be targeting educational institutions, according to a blog item posted by Symantec. The security company said: "We are seeing a spike in traffic on port 2967 with activity only in the dot-edu domain. The impact of the attack is minimal thus far."

All the online holiday shopping is fruitful oportunity for online crooks looking to fence a few ill-gotten dollars from unwary customers.

Sophos says a Web poll (already skewed toward Web users) of 280 computer users showed that 71 percent will be shopping online during the holidays. While they're doing that phishers will be right behind them them, waiting to pick up any change they've dropped.

Although Vista's included e-mail client blocked all 10 malware emails present on November's list of most common threats, three got around Vista's built-in resistance when a third-party e-mail client was deployed.

As Microsoft advertized Windows Vista's enhanced security at the operating system's U.S. launch on Thursday, one security vendor said that a third of the month's top 10 exploits can effectively infect a Vista-equipped PC.

Verano, Inc., the SCADA security company, declared that itsReal-Time Application Platform (RTAP) on Linux is now available with aWindows client, Visualizer for RTAP on Linux. Verano's very scalable,mission-critical SCADA application now has the consistency of a Linux server joined with the flexibility and familiarity of a Windows-based operator interface available on low-cost, high performance hardware.

Chicago Teachers Union representatives Monday shocked by admitting a security breach that shared the Social Security numbers of 1,700 former Chicago public school employees with hundreds of their colleagues, creating a risk of identity theft.

Security software developer PC Tools declared that up to 50 percent of new spyware threats originated from China and Russia aims specific information for identity theft.

The advice comes among a flood of terrible predictions, as fraudsters and malware writers gear up for a busy Christmas.

Hackers and security experts made public a vulnerability in Google's search appliances that is putting hundreds of major organizations such as the U.S. Food and Drug Administration, Stanford University and the National Hockey League open to phishing attacks.

A new adware program like a ghost installs itself on Mac OS X systems and opens Web browser windows, said F-Secure.

The software, dubbed iAdware by the Finnish security company, is perhaps the first example of adware for Macs. It is particularly interesting since it doesn't require administrative privileges to lie on the computers, according to F-Secure.