Cyber combat continues in Syria's civil war, as pro–Assad factions grow more capable and aggressive in targeting the opposition.
US retailer Target's recovery from its recent payment card data breach continues. New reports indicate that Canadian as well as US points-of-sale may have been affected. The incident has become common phishbait; consumers are advised to be on their guard when emails arrive purporting to give information or warning about the breach. Target's liability in fines alone may be large, with some analysts quoting figures so high as to be hardly credible.
Israeli researchers report finding vulnerabilities in Samsung's Knox BYOD software. A new, possibly copycat version of CryptoLocker (worm_crilock.a) displays novel propagation routines and detection–evasion techniques that include hardcoding of command–and–control urls as opposed to using more familiar domain-generation algorithms.
As Bitcoin becomes more widely adopted (if still imperfectly understood by its users) a less well–known cryptocurrency, Dogecoin, suffers its first hack.
Snapchat's API has been published, as have two exploits that associate names with phone numbers and enable creation of bogus accounts.
Cyber criminals miss Blackhole, and cast about for something to replace their favorite exploit kit.
Mikko Hypponen and Edward Snowden mark Christmas with requiems for privacy. Other security experts develop arguments for why privacy is indeed worth preserving.
In the US, discussion of the Presidential surveillance panel's report increasingly centers on developing an intelligence version of a principle of publicity: if no public justification of surveillance could in principle be given, then it shouldn't be undertaken.