Let’s analyze the events occurred in the first half of August 2021, a Summer characterized by ransomware that, in this timeline, accounts for 36 events out of 91 (39.6%), a sharp increase, driven by the exploitation en masse of vulnerabilities targeting remote access technologies, compared with 25% of August and fueled by the high-profile attacks carried out by the RansomEXX and LockBit 2.0 gangs (Italy was particularly targeted in this period). Another reason of this value resides in the fact that many operation carried out by the PYSA gang during the previous month were disclosed only in this month. Healthcare organizations and local government continue to be the preferred targets for ransomware gangs.

Beside ransomware, but this is not surprising any longer, other remarkable events of this fortnight include the breach suffered by a well-known mobile operator, and the largest crypto hack recorded so far, leading to the theft of $600M worth of cryptocurrencies, but with a surprising happy ending with the alleged author returning the stolen fund and being hired by the targeted company as a security advisor.

A look at the cyber espionage landscape confirms quite an active sector with multiple operations carried out by well-known actors such as Soft Cell, Naikon APT and Emissary Panda (targeting major telecommunications companies in Asia in a long lasting operation), APT29, APT31 (very active lately, even in Russia), and Charming Kitten. In this complicated moment, grabbing the secrets of other countries has a special value…

Expand for details

Enjoy the interactive timeline, and thanks for sharing it, and supporting my work in spreading the risk awareness across the community. Also, don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.


The “Breachometer” compares the current number of events/day with the max and min values recorded in the previous 12 months.

  • 2023 Stats Featrured Image2024 Cyber Attacks Statistics

    In 2023, there was a 35% increase in cyber attacks to 4,128 events, with the MOVEit CVE-2023-34362 vulnerability being heavily exploited. Cybercrime dominated as the main motivation at 79%, while malware led attack techniques with 35.9%. Healthcare remained a top target for ransomware. The data ...

  • computer program language text1-15 February 2024 Cyber Attacks Timeline

    In the cyber attacks timeline of February H1 2024, I collected 139 events dominated by malware attacks. Ransomware and vulnerabilities also played an important role in the threat landscape.

  • January 2024 Cyber Attacks Statistics

    In January 2024 I collected 288 events, with Cyber Crime continuing to lead the motivations, and ransomware leading the known attack techniques, ahead of Malware.

  • Q4 2023 Featured ImageQ4 2023 Cyber Attacks Statistics

    In Q4 2023, cyber attack events decreased by 7.1% to 1029 compared to the previous quarter. Cybercrime remains the primary motive, although slightly reduced, while malware tops attack techniques, increasing from the last quarter. Multiple industries and healthcare are the most targeted sectors. These statistics ...

  • network servers on an enclosureCVEs Targeting Remote Access Technologies

    In this first quarter of 2024, threat actors have been particularly busy in exploiting vulnerabilities (0-days but also old unpatched flaws) targeting traditional remote access technologies. In this blog post I summarized the main CVEs exploited so far in 2024.


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.