G Data reports discovering a new ransomware strain on Christmas Eve, DeriaLock, which demands $30 from its victims in equally subliterate all-dein-Basen-gehoren-uns German or English, take your pick. And Bleeping Computer describes an odd Koolova variant seen in development that offers decryption in exchange for the victim's downloading and reading two articles on ransomware—apparently a misguided educational initiative?
The skids at R.I.U. Star Patrol, known for their recent attack on Tumblr ("There is no sinister motive. It's all for light hearted [sic] fun," as the Patrol explains) said they planned Christmas denial-of-service attacks on Xbox One and Playstation 4 servers. The attacks are essentially motiveless. Outages have been reported early this morning; how extensive they are remains unclear.
Gamers seeking an unfair advantage over their online opponents face a targeted threat—a malicious cheat code for CounterStrike overwrites their Master Boot Record.
Two patches are particularly worthy of attention: Cisco offers an update to mitigate vulnerabilities in its CloudCenter Orchestrator, and PHP Mailer 5.2.18 closes a remote code execution hole in the widely used (WordPress, Drupal, Joomla, and elsewhere) software.
We are in the midst of 2016 retrospectives and 2017 predictions. Predictions generally project the past year's trends into the future (reasonably enough): an increasing military optempo in cyberspace, more adaptation of online media to influence operations, widespread attacks on (and via) the Internet-of-Things, the commodification of ransomware, a persistent appetite for surveillance among the world's governments, and the likelihood that emerging technologies will bring fresh threats to privacy.