I have decided to create a new timeline tracking the high-impact vulnerabilities targeting both remote access technologies and internet-facing servers, and exploited by cyber criminals to implant ransomware or, even worse, to accumulate compromised credentials to sell in the flourishing market of the initial access brokers.

I called it the perfect storm, since there might have been no worse period for these vulnerabilities to be exploited since, after the pandemic, remote access technologies such as VPN concentrators, are playing a fundamental role to let the distributed workforce access the internal resources, in many cases not conceived to be exposed directly in the internet.

Expand for details

Enjoy the interactive timeline, and thanks for sharing it, and supporting my work in spreading the risk awareness across the community. Also, don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.

BREACHES
POPULAR POSTS
  • Free cyber security concept background1-15 March 2024 Cyber Attacks Timeline

    In the first timeline of March 2024, I collected 98 events, once again characterized malware and ransomware attacks. State-sponsored threat actor were equally quite active, but the timeline also features some interesting events related to cyberwarfare.

  • 2023 Stats Featrured Image2024 Cyber Attacks Statistics

    In 2023, there was a 35% increase in cyber attacks to 4,128 events, with the MOVEit CVE-2023-34362 vulnerability being heavily exploited. Cybercrime dominated as the main motivation at 79%, while malware led attack techniques with 35.9%. Healthcare remained a top target for ransomware. The data ...

  • December 2014 Cyber Attacks Statistics

    The new year has just begun, and here we are with the last blog post for the 2014 just gone related to the Cyber Attacks statistics derived from the timelines of December (Part I and Part II). As usual, the US dominate the Country Distribution Chart ...

  • The Biggest Data Breaches of 2021

    With this new project I am going to track the biggest data breaches of 2021 extracted from my cyber attack timelines.

  • network servers on an enclosureCVEs Targeting Remote Access Technologies

    In this first quarter of 2024, threat actors have been particularly busy in exploiting vulnerabilities (0-days but also old unpatched flaws) targeting traditional remote access technologies. In this blog post I summarized the main CVEs exploited so far in 2024.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.