Ukrainian officials confirm that December's power outages were caused by a cyberattack.
The Ukrainian government, Politico also reports, is quietly trying to mend fences with the incoming US Administration after evidently having conducted some quiet, minor influence operations of its own on behalf of the President-elect's opponent. In any case, observers are busy telling as surprising many unsurprising stories of influence operations over the years. President-elect Trump has also said he now thinks the Russians hacked the DNC.
The strange arrest of two Italian citizens—a brother and sister—for hacking high-profile Italian figures (and at least one high-profile Cardinal in the Vatican) draws attention to EyePyramid malware. Trend Micro describes this as a data exfiltration package delivered as a malicious email attachment. In this case EyePyramid was used to siphon more than 87 gigabytes of data, "including usernames, passwords, browsing data, and filesystem content." The hackers' motives are unclear: they appear political, but Italian police think they were financial.
Hamas is using catphish as honeytraps to install spyware on Israeli soldiers' smartphones. The IDF thinks the damage minimal, but with the troops one never knows—one thing does lead to another, sir.
Criminals are turning to botnets for increasingly creative schemes.
The peace sign hack may be joining the Gummibear hack as a way stealing fingerprints for biometric registration, according to Japan's National Institute for Informatics. It's a lot quicker and a lot less sticky.
In industry news, Arxan buys Apperian; Infocyte wins $3.4 million in Series A funding.