Top 10 Stories

Security Researchers at Symantec have spotted Network Time Protocol (NTP) reflection DDoS attacks being launched by cyber criminals during the Christmas Holidays. In 2013, we have seen a significant increase in the use of a specific distributed denial of service (DDoS) methodology known as Distributed Reflection Denial of Service attacks (DrDoS). Open and misconfigured DNS (Domain Name System) can be used by anyone to resolve domain names to IP addresses are increasingly abused to launch powerful...

Visitors to Yahoo's Web pages who viewed ads the past few days are potentially at risk of having their computers infected by malware, according to published reports Sunday. Fox IT -- an Internet security firm that discovered the alleged malware infection -- says 300,000 users were visiting the infected ads every hour. That means roughly 27,000 computers and devices were being infected every hour since typically 9% of computers are actually infected after visiting the...

It began with a Reuters story from Joe Menn: Exclusive: Secret contract tied NSA and security industry pioneer in which it was disclosed that RSA, the crypto pioneer and security products vendor, had allegedly accepted a secret $10 million payment from the NSA in order to incorporate a backdoor in to their BSafe crypto suite. There is a rising tide of anger growing within the security community against the appalling depth and breadth of the NSA’s surveillance programs. Many...

A U.S. surveillance court has renewed its approval of a National Security Agency program that collects U.S. residents' telephone records in bulk. The U.S. Foreign Intelligence Surveillance Court on Friday again approved the NSA phone records program amid multiple lawsuits challenging the legality of the program and more than 20 bills in Congress that seek to alter the program. The U.S. Office of the Director of National Intelligence asked the FISC for a renewal of...

In its latest Security Intelligence Report, the Microsoft Malware Protection Center (MMPC) determined that the malware encounter rate in Turkey is far greater than that of any other country in the entire world, let alone the other countries among the top 10 in malware infections. Encounter rate, per the MMPC’s definition, is the percentage of computers that reported at least one detection of malware. Microsoft measured national encounter rates under six categories: miscellaneous Trojans, worms, exploits,...

Over many years, there has been countless amounts of data revealing specific regions of the world that happened to be responsible for a majority of malware during a particular time. In a recent study conducted by Kaspersky Lab, it was revealed how Brazil was the Latin American country with the highest occurrence of malware threats infected computers during the first half of 2013. Although Brazil is the largest South American country by a long shot,...

The website of major Australian retailer Myer was brought down for over a week during the post-Christmas sales due to a "communication breakdown". "An IBM team of local and global experts worked around the clock with Myer to resolve the issue with its online store. The technical issue was caused by a communication breakdown between internet servers and a software application," an IBM spokesperson told ZDNet on Monday. "IBM and Myer will work together to...

Sharp-eyed blogger Alvaro Lopez Ortega has spotted something fascinating: Coca Cola has reserved a block of media access control (MAC) addresses. The IEEE records the beverage company's actions here. MAC addresses are a unique identifier for networked devices, usually comprised of six pairs of hexadecimal characters.

French telco Orange is to take legal action following allegations that the US National Security Agency intercepted data on a submarine cable it uses to transport data from France to Africa and Asia. Orange's planned lawsuit comes in response to details of efforts by the NSA to tap the SeaMeWe 4 (SMW-4) submarine cable, which carries internet traffic between Marseille in France, Sicily, North Africa, the Gulf states, Pakistan, India, Malaysia, Singapore and Thailand.

The official website for the widely used OpenSSL code library was compromised four days ago in an incident that is stoking concerns among some security professionals. Code repositories remained untouched in the December 29 hack, and the only outward sign of a breach was a defacement left on the OpenSSL.org home page. The compromise is nonetheless rattling some nerves. In a brief advisory last updated on New Year's Day, officials said "the attack was made via hypervisor through the hosting...