The second timeline of September 2021 is here and is confirming us the growing trend that is characterizing the last period. In this timeline I have collected 108 events, up from the 98 of the previous timeline (I must confess I have added some more events that were not previously included). The levels of ransomware attacks remain stable (26.8% vs. 25.8% in August) and continue to characterize the threat landscape) and to add new high-profile victims to the unwelcome list of the targets.

Similarly, the exploitation of high-profile vulnerabilities continues to characterize this period either. Some of them are old acquaintances, such as Confluence (CVE-2021-26084), the Microsoft MSHTML rendering engine (CVE-2021-40444) or even Zoho (CVE-2021-40539). Other ones are new and confirm the dangerous trend of the last couple of years. I am talking about CVE-2021-22005 (VMWare) and also the ones affecting Apple (CVE-2021-30869) and Google Chrome (CVE-2021-37973, CVE-2021-37975 and CVE-2021-37976).

Organizations working in the DeFi (Decentralized Finance) also continue to be under pressure. During this fortnight two entities suffered severe hacks leading to the theft of the equivalent in crypto value of $12 million (pNetwork) and $3 million (SushiSwap). 

Even the cyber espionage front is quite packed with multiple state-sponsored actors busy to exfiltrate data from organizations worldwide. Well-known actors include APT29 (AKA Nobelium) which continues to be active, but in the records there are also campaigns from Turla (featuring a new backdoor called TinyTurla), APT27 (AKA Emissary Panda), APT36, TAG-28, Calypso APT and Red Foxtrot. The scene is also taken by new actors such as FamousSparrow and ChamelGeang. Particularly interesting is also the case of Roshan, an Afghan telco provider targeted by four different Chinese Groups. Last but not least the European Union has officially bamed Russia for the hacking operation known as Ghostwriter that targeted high-profile EU officials, journalists, and the general public.

Expand for details

Enjoy the interactive timeline, and thanks for sharing it, and supporting my work in spreading the risk awareness across the community. Also, don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.



The “Breachometer” compares the current number of events/day with the max and min values recorded in the previous 12 months.

  • October 2021 Cyber Attacks Statistics

    During October 2021, I have collected 197 events that I am finally aggregating into statistics. Despite the rise in October...

  • Credits to TheDigitalArtist from Pixabay16-31 October 2021 Cyber Attacks Timeline

    The second cyber attacks timeline of October 2021 is out and brings us a sharp increase in the number of events (111) after the apparent break in the first half of October when I collected 86 events. And let me say that...

  • The Biggest Data Breaches of 2021

    With this new project I am going to track the biggest data breaches of 2021 extracted from my cyber attack timelines.

  • Q3 2021 Cyber Attacks Statistics

    Similarly to the previous quarters, I have aggregated the statistics created from the cyber attacks timelines...

  • 2020 Cyber Attacks Statistics

    As promised, I have pulled together some statistics from the data collected in 2020. The master table is available at the end of the post after the charts.


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.