"Dark Seoul" didn't look like hacktivism or simple crime, and now the Republic of Korea has attributed the campaign to North Korea.
An email-based targeted attack probes Asian and European governments. Mounted from a Gmail account, it purports to be from the Chinese military; this is almost surely a false flag.
A new Android Master Key attack is found in the wild: it exploits Android's method of reading APK files to modify legitimate apps with malware.
Researcher Krzysztof Kotowicz reports that Amazon's 1Button browser add-on leaks user data in plain text. McAfee's ePolicy Orchestrator is vulnerable to exploitation (McAfee offers mitigation).
Dark Reading publishes a useful rundown of vulnerabilities in content management platforms. The landrush into disused Yahoo! accounts is on—analysts warn users of identity theft risk. Facebook's Graph Search is coming, and with it more identity exposure.
The cyber criminal black market's upscale offerings expand. The New York Times reports one criminal vendor charges $100k for an annual subscription, with additional fees for individual zero-days. One iOS zero-day seems to have gone for $500k. Insurance dossiers sell for about $1k.
Lloyd's finds cyber threats have risen to third place on its list of business risks. Companies fear insiders more than criminals. (What does this say about corporate culture?)
Start-ups develop privacy tools against government snooping. In-Q-Tel bankrolls HyTrust's insider threat protection.
Britain's GCHQ gets poor marks on internal oversight. Germany takes a tough line on data privacy. Russia's Putin calls Snowden an unwanted "Christmas present" from the US.