2014
The year retrospective. 2014 has been the year that under-appreciated infrastructure has been demonstrated as fragile at multiple layers — Heartbleed in OpenSSL, goto fail in Apple TLS, Shellshock in bash, POODLE in SSLv3.
Sony Pictures
Two weeks after the Sony Pictures employees came in to find Guardians of Peace skeletons on their screens. The incident is the largest single corporate data dump I have seen and the third major destructive-malware attack against a private-sector target in three years.
LulzSec
Fifty days after the Fox.com leak, LulzSec announced their disbanding via Twitter. Writing the campaign down now while it is still fresh — the operational tempo, the targets, and what it does to the cost-of-breach calculus.