Hacktivists and cyber-rioters remain relatively quiescent for a second day (although Anonymous claims a Microsoft take-down no one else seems to have much noticed).
Cyber criminals, however, continue their expected high crime tempo. Trend Micro warns of malware masquerading as AutoCAD, the apparent role of which is to serve as a preparation for further attacks. Symantec describes Linux Trojan "Linux.Fokirtor," which stealthily exfiltrates stolen data. Kaspersky researchers find a crime marketer offering a kit that seeds code into banking sites viewed with IE or Firefox. (The offeror claims the ability to attack "about 100" banks.) CSIS dissects the crimekit "Atrax," which goes for the low price of $250 on the black market. EvilGrab is still out there, mostly in Japan and China.
Security experts urge vigilance over vulnerabilities in Ruby on Rails and InMobi. And CryptoLocker remains a threat: small businesses should be particularly alert during the holidays.
The black market continues to mirror the legitimate market. Hackers-for-hire fill the criminal labor market, and (since there's no honor among thieves) fraudsters find themselves in need of fraud protection.
KnowBe4 estimates the costs of cybercrime at $113B. Symantec's CEO finds IP theft a bigger worry than cyber war. Analysts continue to see US IT international sales depressed by surveillance fears.
NIST's cyber security framework is summarized by ISSS.
The UN passes a digital privacy resolution. France's National Assembly, unimpressed, debates extending electronic surveillance; the US Senate considers restricting it. Activists say Google could knock down the Great Firewall in ten days.