It’s time to publish the statistics derived from the Cyber Attacks Timelines of April (part I and part II). In April I have collected 240 significant events, 36 less than the record of March. Ransomware attacks, and the massive exploitation of vulnerabilities continu to the numbers to new highs..
As always, cyber crime leads the Motivations chart with 88.3% (it was 84.1% in March.) Malware accounts for nearly 50% of attacks (48.3%, but the real value could be even higher since some malware-based attacks are filed as “Unknown” since the victims do not disclose enough information) and hence continues to lead the Attack Techniques chart (it was 34.1% in March.) Attacks carried out via the exploitation of vulnerabilities rank at number two among the known techniques, and continue to also make an impact, despite the value (10.8%) is down from March (when it was 18.1%).
And finally multiple industries retain the leadership of the Target Distribution chart with 18.8%, a value similar to the 19.9% recorded in March, ahead of single individuals (mainly due to phishing campaigns), governments, and technical activities.
The statistics are also available as an infographic.

Cloud-Native Threats in 2023
Similarly to what I have done in 2022, 2021, and 2020, I am listing those cyber attacks…

The Biggest Data Breaches of 2023
Similarly to what I have done in 2022 and 2021, I am collecting the main mega breaches…

16-31 December 2022 Cyber Attack Timeline
Welcome to the last cyber attacks timeline of 2022! A timeline that marks a sharp decline in the number of recorded events after four consecutive increases…

1-15 December 2022 Cyber Attack Timeline
In the first timeline of December, I have collected 147 events (corresponding to 9.8 events/day), a result slightly…

Cloud-Native Threats in 2022
This blog post lists the main cloud-native threats, that is those cyber events exploiting the cloud in one or more stage of the kill chain. I have collected…

The Biggest Data Breaches of 2022
Similarly to what I have done in 2021, I am collecting all the mega breaches (with more than 1 million records leaked). The information is derived from the cyber attacks timelines…

March 2021 Cyber Attacks Statistics
It’s time to publish the statistics derived from the Cyber Attacks Timelines of March, where I have collected 276 events, a new record that proofs, if needed…
As always bear in mind that the sample refers exclusively to the attacks included in my timelines, available from public sources such as blogs and news sites. Obviously the sample cannot be complete, but only aims to provide an high level overview of the threat landscape.
Finally, please support my work, sharing the content, and of course follow @paulsparrows on Twitter for the latest updates.

Cloud-Native Threats in 2023
Similarly to what I have done in 2022, 2021, and 2020, I am listing those cyber attacks…

The Biggest Data Breaches of 2023
Similarly to what I have done in 2022 and 2021, I am collecting the main mega breaches…

16-31 December 2022 Cyber Attack Timeline
Welcome to the last cyber attacks timeline of 2022! A timeline that marks a sharp decline in the number of recorded events after four consecutive increases…

1-15 December 2022 Cyber Attack Timeline
In the first timeline of December, I have collected 147 events (corresponding to 9.8 events/day), a result slightly…

Cloud-Native Threats in 2022
This blog post lists the main cloud-native threats, that is those cyber events exploiting the cloud in one or more stage of the kill chain. I have collected…

The Biggest Data Breaches of 2022
Similarly to what I have done in 2021, I am collecting all the mega breaches (with more than 1 million records leaked). The information is derived from the cyber attacks timelines…

16-30 April 2021 Cyber Attacks Timeline
The second timeline of April is finally out! In this timeline I have collected 123 events, with an average rate of 8 events per day. A daily value slightly higher than the previous timeline…

Cloud-Native Threats in 2023
Similarly to what I have done in 2022, 2021, and 2020, I am listing those cyber attacks…

The Biggest Data Breaches of 2023
Similarly to what I have done in 2022 and 2021, I am collecting the main mega breaches…

16-31 December 2022 Cyber Attack Timeline
Welcome to the last cyber attacks timeline of 2022! A timeline that marks a sharp decline in the number of recorded events after four consecutive increases…

1-15 December 2022 Cyber Attack Timeline
In the first timeline of December, I have collected 147 events (corresponding to 9.8 events/day), a result slightly…

Cloud-Native Threats in 2022
This blog post lists the main cloud-native threats, that is those cyber events exploiting the cloud in one or more stage of the kill chain. I have collected…

The Biggest Data Breaches of 2022
Similarly to what I have done in 2021, I am collecting all the mega breaches (with more than 1 million records leaked). The information is derived from the cyber attacks timelines…

1-15 April 2021 Cyber Attacks Timeline
The first timeline of April is finally out! In this timeline I have collected 117 events, with an average rate of 7.7 events per day. A daily value…
July 2023 Cyber Attacks Statistics
After the cyber attacks timelines, it’s time to publish the statistics of June 2023 where I have collected and analyzed 384 events, yet another record number driven...
The Biggest Data Breaches of 2023
Similarly to what I have done in 2022 and 2021, I am collecting the main mega breaches...
Leaky Buckets in 2023
Similarly to what I have done in 2022 and 2021, I am collecting the incidents due to cloud misconfigurations and leading to...
Q2 2023 Cyber Attacks Statistics
I have aggregated the statistics created from the cyber attacks timelines published in the second quarter of 2023. In total I have collected 1040 events...
16-31 July 2023 Cyber Attacks Timeline
New victims of attacks carried out by the Clop (AKA Cl0p) ransomware gang exploiting the CVE-2023-34362 MOVEit vulnerability emerged even during...