I've written before about using a special XMLRPC access rule to stop Wordpress DDoS attacks.
Quick summary: My server was being bombarded with hundreds of thousands of requests from foreign hosts (mostly Chinese). It took about a week before finding a fix - during which time my servers were slow, prone to crashing, and generally unusable. I found a helpful tip here. I simply added the following code to the bottom of my .htaccess file.
You have already been compromised. Your information is safely tucked away on backup tapes and offline servers. Your internet presence is noted every time you log in to your favorite website.
Your passwords, your emails, your Facebook login. Your patterns, your habits, your secrets, your life. They are all up for grabs.
Wired released a fascinating excerpt today about Stuxnet. Stuxnet defies definition, but could be vaguely defined as a disrupter of state-activity. It's not a "weapon" per se - it hasn't weaponized anything that we know of.