There were quite a few<\/a>: In late 2013, Target Corporation disclosed a massive leak of payment data, which was followed by similar announcements from retailers throughout 2014, especially in the US.<\/p>\n Year 2014 in #security: looking back over one\u2019s shoulder<\/p>Tweet<\/a><\/blockquote>\n Neiman Marcus, Michaels Stores, UPS, and The Home Depot \u2013 all fell victim to the various strains of PoS malware<\/a>. For more details read \u201c2014: the year of retailers getting hacked over and over again.\u201d<\/p>\n Then there was the Sony Pictures Entertainment hack<\/a>. The criminals seem to \u201clove\u201d Sony: Back in 2011, hackers hit the Sony PlayStation Network, stealing massive amounts of various data \u2013 mostly due to lax security. The same thing happened with the SPE hack and the damage was, again, massive.<\/p>\n Windows XP \u2013 gone to stay<\/strong><\/p>\n On April 8th<\/sup>, Microsoft finally dropped Windows XP support<\/a>. This was long overdue as the venerable XP was 14 years old and had lots of bugs. Immediately after, Microsoft decided to release an urgent patch for Windows products family<\/a>, and included Windows XP due to the severity of the problem.<\/p>\n As a matter of fact, Windows XP is still pretty much alive<\/a>. It has a considerable user base<\/a>, and its embedded variants, such as Windows Embedded POSReady 2009, are used in PoS terminals. It is still entrenched in ATMs as well.<\/p>\n And the bugs are still being found.<\/p>\n Big Bugs<\/strong><\/p>\n This will be a peculiar chapter in the aforementioned \u201chistory books\u201d. Most likely for the first time, major flaws discovered in widely used software began receiving their own nicknames, the same as malware and APTs. Probably a good thing<\/a>, since this brings extra attention from the general public. Just compare the impression of \u201ca critical flaw in bash\u201d and \u201cShellshock bug\u201d.<\/p>\n Over the year we heard about Heartbleed<\/a>, then Shellshock<\/a>, and by the end of the year WinShock, a less prominent \u2013 but also serious \u2013 19-year-old bug in Windows arrived<\/a>.<\/p>\n APTs and banking malware<\/strong><\/p>\n A lot of APTs have been publicized this year, even if they were discovered earlier. See the list below:<\/p>\n Their numbers were published back in December, a couple of weeks after Kaspersky Lab launched its new interactive map dedicated to the targeted threats<\/a>.<\/p>\n Banking malware, in turn, hit headlines regularly throughout 2014 \u2013 money-stealing Trojans become a threat that cost businesses and banks millions. Various ZeuS Trojan derivatives formed large botnets, and it took a formidable joint effort between law enforcement agencies and security vendors to bring down just one of them \u2013 Gameover ZeuS<\/a>. Although it was immediately clear that it was just a matter of time before another ZeuS-based botnet would emerge.<\/p>\n By the end of the year a new, modular ZeuS derivative \u2013 Chthonic<\/a> \u2013 drew a lot of attention.<\/p>\n Year 2014: heavy with incidents and gloomy discoveries #security<\/p>Tweet<\/a><\/blockquote>\n Ransomware<\/strong><\/p>\n Various encrypting and non-encrypting ransomware<\/a> cost businesses dearly, with Cryptolocker becoming the most prominent threat \u2013 and probably the most profitable malware of its kind. At least some of our readers ran into it, hopefully without a lot of damage inflicted upon them.<\/p>\n![\"2014_wide\"](\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/92\/2015\/01\/06020237\/2014_wide-1.jpg\")
<\/a><\/p>\n\n