EVENTS
0
EVENTS/DAY
0
EVENTS
0
EVENTS/DAY

The second timeline of September 2021 is here and is confirming us the growing trend that is characterizing the last period. In this timeline I have collected 108 events, up from the 98 of the previous timeline (I must confess I have added some more events that were not previously included). The levels of ransomware attacks remain stable (26.8% vs. 25.8% in August) and continue to characterize the threat landscape) and to add new high-profile victims to the unwelcome list of the targets.

Similarly, the exploitation of high-profile vulnerabilities continues to characterize this period either. Some of them are old acquaintances, such as Confluence (CVE-2021-26084), the Microsoft MSHTML rendering engine (CVE-2021-40444) or even Zoho (CVE-2021-40539). Other ones are new and confirm the dangerous trend of the last couple of years. I am talking about CVE-2021-22005 (VMWare) and also the ones affecting Apple (CVE-2021-30869) and Google Chrome (CVE-2021-37973, CVE-2021-37975 and CVE-2021-37976).

Organizations working in the DeFi (Decentralized Finance) also continue to be under pressure. During this fortnight two entities suffered severe hacks leading to the theft of the equivalent in crypto value of $12 million (pNetwork) and $3 million (SushiSwap). 

Even the cyber espionage front is quite packed with multiple state-sponsored actors busy to exfiltrate data from organizations worldwide. Well-known actors include APT29 (AKA Nobelium) which continues to be active, but in the records there are also campaigns from Turla (featuring a new backdoor called TinyTurla), APT27 (AKA Emissary Panda), APT36, TAG-28, Calypso APT and Red Foxtrot. The scene is also taken by new actors such as FamousSparrow and ChamelGeang. Particularly interesting is also the case of Roshan, an Afghan telco provider targeted by four different Chinese Groups. Last but not least the European Union has officially bamed Russia for the hacking operation known as Ghostwriter that targeted high-profile EU officials, journalists, and the general public.

Expand for details

Enjoy the interactive timeline, and thanks for sharing it, and supporting my work in spreading the risk awareness across the community. Also, don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.

SUPPORT MY WORK!

BREACHOMETER

The “Breachometer” compares the current number of events/day with the max and min values recorded in the previous 12 months.

12 MONTHS TREND
POPULAR POSTS
  • August 2022 Statistics Featured ImageAugust 2022 Cyber Attacks Statistics

    After the corresponding cyber attacks timelines, it’s time to publish the statistics of August 2022 where I have collected and analyzed...

  • Photo by Adi Goldstein on Unsplash1-15 June 2022 Cyber Attacks Timeline

    The first timeline of June 2022 is out. In the first half of the month I collected 109 events, corresponding to an average of 7.27 events/day, in line with the sustained level of activity that is characterizing the latest months. And if...

  • Q2 2022 Cyber Attack Statistics Featured ImageQ2 2022 Cyber Attacks Statistics

    I have aggregated the statistics created from the cyber attacks timelines published in the second quarter of 2022. In total I collected...

  • The Biggest Data Breaches of 2021

    With this new project I am going to track the biggest data breaches of 2021 extracted from my cyber attack timelines.

  • Photo by Markus Spiske on Unsplash16-31 August 2022 Cyber Attacks Timeline

    The growing trend of attacks continued also in the second half of August, where I collected...

FOLLOW ME ON TWITTER
Photo by Adi Goldstein on Unsplash

1-15 June 2022 Cyber Attacks Timeline

The first timeline of June 2022 is out. In the first half of the month I collected 109 events, corresponding to an average of 7.27 events/day, in line with the sustained level of activity that is characterizing the latest months. And if…

Continue Reading

The Perfect Storm

I have decided to create a new timeline tracking the high-impact vulnerabilities targeting both remote access and on-premise technologies exploited…

Continue Reading
Photo by Adi Goldstein on Unsplash

1-15 June 2022 Cyber Attacks Timeline

The first timeline of June 2022 is out. In the first half of the month I collected 109 events, corresponding to an average of 7.27 events/day, in line with the sustained level of activity that is characterizing the latest months. And if…

Continue Reading

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.