Top 2018 Security and Privacy Stories | Threatpost | The first stop for security news

The top cybersecurity and privacy trends that biggest impact in 2018.

It was only three days into 2018 when one of the year’s biggest security stories broke about the Meltdown and Spectre flaws in modern microprocessors. From there, the calendar filled quickly with both privacy and security SNAFUs. While some of year’s privacy and security missteps were just a passing dark cloud, others left an indelible mark on the security landscape. Need some hints on what those events were? Just ask Mark Zuckerberg for starters.
Here is a look back at some of 2018’s most important privacy and security stories.

Cryptocurrency Mining Malware


It’s been a wild ride with the cryptocurrency

DDoS Attacks


Compared to 2017, DDoS attacks grew five-fold. Not only did they become more popular, they also became

Breach Fatigue


The year kicked off with the Department of Homeland Security announcing a breach that exposed the data of 240,000 employees. But, things were just getting started. In March, Under Armour reported a breach

Meltdown and Spectre


Chip-makers were sent scrambling in January when teams of researchers revealed two major vulnerabilities hiding in microprocessors. Called Meltdown and Spectre, the flaws impacted Intel microprocessors and other modern CPUs. Both vulnerabilities impact how microprocessors isolate sensitive data in memory. It opened the door for an attacker to gain access to data such as passwords, encryption keys or potentially even data from adjacent virtual systems co-located on the same server.

Facebook Privacy Fiasco


The story broke about

End-to-End Encryption


The 2018 debate over the government’s authority to access private encrypted data on digital devices was kicked off in January when the FBO Director Christopher Wray called unbreakable encryption an “

Advanced Persistent Threats


In 2018, activity among the usual Advanced Persistent Threat (APT) suspects has been a little quieter than usual, say researchers. That’s not to say that some – Sofacy, Turla and CozyBear, notably – didn’t make waves this year. According to a year-end analysis by

Destructive Malware


Soon after the start of the Winter Olympics in Pyeongchang, there were reports of malware attacks on infrastructure related to the Games. What became known as Olympic Destroyer shut down display monitors used by Olympic organizers, zapped Wi-Fi networks and prevented visitors from printing tickets by crippling the official Olympics website. The activity was an attribution confusion bomb, so researchers simply call the APT behind it “Hades.” And, we also saw destructive malware in 2018 in the form of the SamSam ransomware which is tied to crippling attacks on the city of Atlanta and Newark, N.J. Data-wiping malware

GDPR Arrives


In late May, the European Union’s General Data Protection Regulation (GDPR) was signed into law. GDPR is considered the most comprehensive regulation on the protection of personal data in the world. It introduces a

Router Attacks


As criminals focused on stealing data and growing bot armies, routers became an attractive target for doing both. In May, Talos researchers