Summary:
Questions about the effect of cyberhacking by the Russians during the US presidential campaign have dogged the aftermath of Donald Trump's electoral college victory. In December, President Obama ordered a review of what the intelligence community knew about the activity. This has resulted in a great deal of discussion about motivations and results.

Summary:
As if the disclosure of a half million accounts hacked in 2012 were not sufficiently disturbing, Yahoo up the numbers considerably when it revealed that in 2013 one billion accounts were throroughly hacked. The result was disclosure of all information associated with the accounts: name, telephone number, password, etc. According to their chief information officer, the hackers stole source code that enabled them to forge web cookies. With that, they were able to get unfettered access to the accounts.

Summary:
When you view an online video ad, money changes hands. The owner of website that delivered the content to you will be paid for attracting the click that leads to the delivery. The advertiser will be billed for that service. A Russian cyberforgery ring has managed to infiltrate and automate that market, and the result is that advertisers are paying up to $5M per day for views that are inititated not by humans but by software impersonations.

NIST SP 800-185, "SHA-3 Derived Functions: cSHAKE, KMAC, TupleHash and ParallelHash". The document is available at https://doi.org/10.6028/NIST.SP.800-185 . Received public comments will be posted at http://csrc.nist.gov/publications/PubsSPs.html.

Summary:
General James Cartwright pled guilty to lying to investigators about his role in confirming US involvement in the Stuxnet malware that crippled Iran's nuclear enrichment program.

Summary:
General James Cartwright and Chelsea Manning had their sentences commuted by outgoing US President Obama. Manning had leaked a trove of classified information to Wikileaks and served 7 years of a 35-year sentence.

Summary:
The Global Positioning System has been deemed a "single point of failure for critical infrastructure" by the Department of Homeland Security. The location service depends on satellite signals that can be easily jammed, either deliberately or by physical obstructions, solar storms, and innocent but faulty TV antennae. Since 2004 there have been recommendations to defuse the single-point failure vulnerability with a backup system of some kind, but this has never been a priority for the US administration.

Summary:
The FDA stepped into an argument that had been brewing since last August. The agency confirmed that an implantable cardiac device could be accessed by hackers. The potential damage includes shocks, incorrect heart pacing, and battery depletion. The developer of the device promised to "continue to actively address cybersecurity risks." The device is designed to allow remote monitoring, but apparently hackers could use the transmitter access to get control of the device. The implants have a "universal code" that allows access.

Summary:
The WhatsApp messaging system is based on a widely respected encryption protocol, Signal. However, as in all things security, it is the totality of the application that determines its security. WhatsApp simplified the Signal system when dealing with users who need to move their account to a new device. At issue is whether or not the servers could be tricked into going through the key change protocol without the user's knowledge. If so, a man-in-the-middle attack might be feasible. However, neither WhatsApp nor Signal developers think that the trick is possible; other layers of security prevent it.

Summary:
Proving that nothing beneath the attention of cyberattackers, hackers apparently targeted the online box office site for the Sundance Film Festival, a major event for independent films held annually in Utah. No screenings were affected and a team went to work to alleviate the damage from the attack.