EVENTS
EVENTS/DAY
0
EVENTS
0
EVENTS/DAY
0

Here we go! The second timeline of August 2021 is out (first one here) covering the main cyber attacks occurred in the second fortnight of the same month. And it looks like that the end of Summer led to a decrease in the number of attacks with 78 events, corresponding to the minimum value of the last 12 months. Ransomware continues to dominate the threat landscape, but its percentage dropped to 24.4% (19 out of 78 events) in contrast with 39.6% of the previous fortnight. More ransomware operations have shut down in this period (such as Ragnarok), schools were closed (and the public activity slowed down) in many regions, and maybe the crooks have decided to take a break for the Summer.

A sector that is particularly under attack in this period, is the one of the crypto assets: new multi-million attacks have been recorded targeting Fetch.ai ($2.6 million worth gone with the wind), Liquid ($90 million worth), and Cream Finance ($29 million worth).

Vulnerabilities continue to plague organizations throughout the world, and cyber criminals continue to exploit them: ProxyShell (CVE-2021-34473, CVE-2021-34523, CVE-2021-3120) continues to be among the top targets, but new ones have joined the party such as ProxyToken (CVE-2021-33766), and a new vulnerability targeting Confluence servers (CVE-2021-26084) are just few examples.

Even the cyber espionage front is unusually calm with a number of recorded events considerably lower than what we have been used to during the previous months. APT37 appears to be quite active. This timeline also contains campaigns carried out by Confucius, Siamesekitten, and SparklingGoblin.

Last but not least Iran and Belarus saw the only two attacks motivated by hacktivism, quite resounding in reality: in Iran a hacktivist group dubbed Adalat Ali (Ali’s Justice) breached the internal CCTV system of the Evin prison complex, where in Belarus the Cyber Partisans started to leak documents exposing the government.

Expand for details

Enjoy the interactive timeline, and thanks for sharing it, and supporting my work in spreading the risk awareness across the community. Also, don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.

BREACHOMETER

The “Breachometer” compares the current number of events/day with the max and min values recorded in the previous 12 months.

12 MONTHS TREND
POPULAR POSTS
  • network servers on an enclosureCVEs Targeting Remote Access Technologies

    In this first quarter of 2024, threat actors have been particularly busy in exploiting vulnerabilities (0-days but also old unpatched flaws) targeting traditional remote access technologies. In this blog post I summarized the main CVEs exploited so far in 2024.

  • Free cyber security concept background1-15 March 2024 Cyber Attacks Timeline

    In the first timeline of March 2024, I collected 98 events, once again characterized malware and ransomware attacks. State-sponsored threat actor were equally quite active, but the timeline also features some interesting events related to cyberwarfare.

  • 2023 Stats Featrured Image2024 Cyber Attacks Statistics

    In 2023, there was a 35% increase in cyber attacks to 4,128 events, with the MOVEit CVE-2023-34362 vulnerability being heavily exploited. Cybercrime dominated as the main motivation at 79%, while malware led attack techniques with 35.9%. Healthcare remained a top target for ransomware. The data ...

  • blue and red galaxy artwork16-29 February 2024 Cyber Attacks Timeline

    In the second timeline of February 2024 I collected 100 events characterized by a majority of malware and ransomware attacks and by a plethora of cyber espionage and cyber warfare campaigns.

  • Q4 2022 Cyber Attacks Statistics

    I have aggregated the statistics created from the cyber attacks timelines published during Q4 2022) In total I collected...

FOLLOW ME ON TWITTER

The Perfect Storm

I have decided to create a new timeline tracking the high-impact vulnerabilities targeting both remote access and on-premise technologies exploited…

Continue Reading

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.