There's been no security updates of note to point out for a week, so other than the usual perimeter security, you can stand down for the end of year festivities.
About the only thing worth pointing out is that it looks like GSM security has been broken. GSM is cell phone stuff, and is essentially used in any modern mobile phone. When it was introduced 20 years ago, its security was highly touted. Now it looks like a combination of inherent weaknesses in the algorithms as well as Moore's Law have caught up:
At a hacker conference in Berlin that runs through Wednesday, the cryptographers said they've cracked the algorithm that determines the random channel hopping and have devised a practical means to capture entire calls using equipment that costs about $4,000. At the heart of the crack is open-source software for computer-controlled radios that makes the frequency changes at precisely the same time, and in the same order, that the cellphone and base station do.This means that you should realize that your cell phone is essentially a fancy two-way radio. If someone really wants to listen in, they can. Most readers already know this, probably.
"We now know this is possible," said Karsten Nohl, a 28-year-old cryptographer and one of the members of an open-source project out to prove that GSM, the technical standard used by about 80 percent of the mobile market, can't be counted on to keep calls private. The attack "is practical, and there are real vulnerabilities that people are exploiting."
20 years ago, Oracle's Larry Ellison caught quite a lot of flak for his comment "You got no privacy; get over it." Time is showing him to be more right than not.
Not much of a smorgasbord. But remember that when it comes to security, no news is good news.