The US is said to be preparing retaliation for Russian intelligence and influence operations conducted during the 2016 election season. The nature of the response is unspecified, but it's being described as "proportionate," and as in all likelihood including some covert operations in cyberspace. Members of both major parties in Congress have been pushing the Administration to act, urging among other measures exposure of personal corruption in the Russian leadership. (This would resemble Russian doxing of the Democratic National Committee, which good-government advocate Putin has observed, without acknowledging responsibility, was actually a contribution to American political transparency. That's one way of looking at it.)
Investigation of Russian influence operations continues. The US Intelligence Community blogged on December 16 that it wouldn't share further information until the inquiry is complete and reported to Congress. Journalists who filed a Freedom of Information Act request for access to preliminary results filed suit in a Federal court seeking to require the IC to be more forthcoming.
Security Research Labs (SRL) revealed the discouraging results of their inspection of air travel booking systems yesterday at the Chaos Communications Congress. The three major services that handle some 90% of airline bookings—Amadeus, Sabre, and Travelport—were found, according to SRL, to lack meaningful authentication (not even "a first authentication factor"). Passenger itineraries and personal information are easily exposed, stolen, and manipulated.
Some financial analysts think the Yahoo! breaches will have little effect on the company's deal with Verizon: customers, they think, have grown blasé about breaches.