An update to the apparent North Korean intrusion into RoK military networks—South Korean sources now say that some information was successfully exfiltrated during the attack. As the security industry looks toward 2017, most observers forecast an increase in state-sponsored cyber threats.
Recorded Future warns that the Flash zero-day Adobe patched in an October update has been incorporated into seven exploit kits.
The Petya-Mischa ransomware combination has been updated, researchers tell Bleeping Computer, into a "GoldenEye" version. The malware targets German-speaking enterprises, coming across as a "Bewerbung" ("application," as in a job application), so if you're working in HR or recruiting around Frankfurt or Hamburg, sei doch vorsichtig.
Another ransomware strain, VO_ransomware, seems less dangerous than some of its competitors. Still, it's a nuisance, and 2-Spyware offers suggestions on purging it from your systems.
Some organizations are still finding it easier to pay up than fight extortionists—the Alleghany County state prosecutor's office in Pennsylvania coughed up $1400 to get rid of Avalanche.
Steganographic threats return as ESET reports a campaign that uses malicious banner ads to install malware in Internet Explorer users' systems. They call the attack campaign, appropriately, "Stegano."
Some eighty models of Sony IP cameras are found vulnerable to exploitation through a backdoor, and Sony has closed that backdoor with a firmware update.
As the transitioning US Administration considers recent recommendations on cybersecurity, Russia announces “a new national system of managing the Russian segment of the Internet.”
Content filtering goes to court in Canada and the EU.