The 2016 IBM X-Force Threat Intelligence Report is now available! Read the complete report today.

When we look back in history to review and understand the past year, you can be assured it will be remembered as a year of significant change. From exploitation of critical vulnerabilities in widely used Internet-facing open-source libraries, to international privacy concerns, to a deluge of highly publicized data breaches, few would argue that 2014 had the makings of a perfect storm of security incidents.

The latest quarterly report from the IBM X-Force research and development team provides a roundup of 2014’s most significant security incidents and delineates the overarching themes that emerged in our year-end analysis.

Among the report’s highlights are these facts and findings:

  • About 1 billion records of PII were leaked in 2014. The nature of breaches, in addition to making the tally challenging, expanded to include not just financial gain but also terrorist threats and personal embarrassment.
  • Designer vulnerabilities, like Heartbleed and Shellshock, revealed cracks in the foundation of underlying libraries that handle cryptographic functionality on nearly every common web platform as well as common content management systems (CMS).
  • The Citadel malware, initially introduced in a Russian underground forum, offers cybercriminals an advanced tool with “classic” Zeus capabilities as well as new features added based on crowd-sourcing feedback. These new variants are being used to attack industries beyond financial and banking industries.
  • App designer apathy can negatively impact security on mobile devices as app designers may not roll out properly patched versions in a timely fashion. Despite warnings, 10 of the 17 (59%) of banking applications using Apache Cordova we tracked are still vulnerable 3 months later.

Read all the latest research from IBM X-Force

More from Advanced Threats

Black Hat 2022 Sneak Peek: How to Build a Threat Hunting Program

You may recall my previous blog post about how our X-Force veteran threat hunter Neil Wyler (a.k.a “Grifter”) discovered nation-state attackers exfiltrating unencrypted, personally identifiable information (PII) from a company’s network, unbeknownst to the security team. The post highlighted why threat hunting should be a baseline activity in any environment. Before you can embark on a threat hunting exercise, however, it’s important to understand how to build, implement and mature a repeatable, internal threat hunting program. What are the components…

Top-Ranking Banking Trojan Ramnit Out to Steal Payment Card Data

Shopping online is an increasingly popular endeavor, and it has accelerated since the COVID-19 pandemic. Online sales during the 2021 holiday season rose nearly 9% to a record $204.5 billion. Mastercard says that shopping jumped 8.5% this year compared to 2020 and 61.4% compared to pre-pandemic levels. Cyber criminals are not missing this trend. The Ramnit Trojan, in particular, is out for a shopping spree that’s designed to take over people’s online accounts and steal their payment card data. IBM…

Detections That Can Help You Identify Ransomware

One of the benefits of being part of a global research-driven incident response firm like X-Force Incidence Response (IR) is that the team has the ability to take a step back and analyze incidents, identifying trends and commonalities that span geographies, industries and affiliations. Leveraging that access and knowledge against the ransomware threat has revealed tools, techniques and procedures that can often be detected through the default Windows event logs (WELs). In particular, the X-Force IR team has identified several…

How to Report Scam Calls and Phishing Attacks

With incidents such as the Colonial Pipeline infection and the Kaseya supply chain attack making so many headlines these days, it can be easy to forget that malicious actors are still preying on individual users. They're not using ransomware to do that so much anymore, though. Not since the rise of big game hunting, anyway. This term marks ransomware actors' shift away from attacks against individual users and towards operations targeting large enterprises, noted CNBC. But attacks like phishing and…

Your browser doesn't support HTML5 audio
Press play to continue listening
00:00 00:00