EVENTS
0
EVENTS/DAY
0
EVENTS
0
EVENTS/DAY

Here we go! The second timeline of August 2021 is out (first one here) covering the main cyber attacks occurred in the second fortnight of the same month. And it looks like that the end of Summer led to a decrease in the number of attacks with 78 events, corresponding to the minimum value of the last 12 months. Ransomware continues to dominate the threat landscape, but its percentage dropped to 24.4% (19 out of 78 events) in contrast with 39.6% of the previous fortnight. More ransomware operations have shut down in this period (such as Ragnarok), schools were closed (and the public activity slowed down) in many regions, and maybe the crooks have decided to take a break for the Summer.

A sector that is particularly under attack in this period, is the one of the crypto assets: new multi-million attacks have been recorded targeting Fetch.ai ($2.6 million worth gone with the wind), Liquid ($90 million worth), and Cream Finance ($29 million worth).

Vulnerabilities continue to plague organizations throughout the world, and cyber criminals continue to exploit them: ProxyShell (CVE-2021-34473, CVE-2021-34523, CVE-2021-3120) continues to be among the top targets, but new ones have joined the party such as ProxyToken (CVE-2021-33766), and a new vulnerability targeting Confluence servers (CVE-2021-26084) are just few examples.

Even the cyber espionage front is unusually calm with a number of recorded events considerably lower than what we have been used to during the previous months. APT37 appears to be quite active. This timeline also contains campaigns carried out by Confucius, Siamesekitten, and SparklingGoblin.

Last but not least Iran and Belarus saw the only two attacks motivated by hacktivism, quite resounding in reality: in Iran a hacktivist group dubbed Adalat Ali (Ali’s Justice) breached the internal CCTV system of the Evin prison complex, where in Belarus the Cyber Partisans started to leak documents exposing the government.

Expand for details

Enjoy the interactive timeline, and thanks for sharing it, and supporting my work in spreading the risk awareness across the community. Also, don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.

BREACHOMETER

The “Breachometer” compares the current number of events/day with the max and min values recorded in the previous 12 months.

12 MONTHS TREND
POPULAR POSTS
FOLLOW ME ON TWITTER

The Perfect Storm

I have decided to create a new timeline tracking the high-impact vulnerabilities targeting both remote access and on-premise technologies exploited…

Continue Reading

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.