The second timeline of September 2021 is here and is confirming us the growing trend that is characterizing the last period. In this timeline I have collected 108 events, up from the 98 of the previous timeline (I must confess I have added some more events that were not previously included). The levels of ransomware attacks remain stable (26.8% vs. 25.8% in August) and continue to characterize the threat landscape) and to add new high-profile victims to the unwelcome list of the targets.

Similarly, the exploitation of high-profile vulnerabilities continues to characterize this period either. Some of them are old acquaintances, such as Confluence (CVE-2021-26084), the Microsoft MSHTML rendering engine (CVE-2021-40444) or even Zoho (CVE-2021-40539). Other ones are new and confirm the dangerous trend of the last couple of years. I am talking about CVE-2021-22005 (VMWare) and also the ones affecting Apple (CVE-2021-30869) and Google Chrome (CVE-2021-37973, CVE-2021-37975 and CVE-2021-37976).

Organizations working in the DeFi (Decentralized Finance) also continue to be under pressure. During this fortnight two entities suffered severe hacks leading to the theft of the equivalent in crypto value of $12 million (pNetwork) and $3 million (SushiSwap). 

Even the cyber espionage front is quite packed with multiple state-sponsored actors busy to exfiltrate data from organizations worldwide. Well-known actors include APT29 (AKA Nobelium) which continues to be active, but in the records there are also campaigns from Turla (featuring a new backdoor called TinyTurla), APT27 (AKA Emissary Panda), APT36, TAG-28, Calypso APT and Red Foxtrot. The scene is also taken by new actors such as FamousSparrow and ChamelGeang. Particularly interesting is also the case of Roshan, an Afghan telco provider targeted by four different Chinese Groups. Last but not least the European Union has officially bamed Russia for the hacking operation known as Ghostwriter that targeted high-profile EU officials, journalists, and the general public.

Expand for details

Enjoy the interactive timeline, and thanks for sharing it, and supporting my work in spreading the risk awareness across the community. Also, don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.



The “Breachometer” compares the current number of events/day with the max and min values recorded in the previous 12 months.

  • Q3 2023 Cyber Attacks StatisticsQ3 2023 Cyber Attacks Statistics

    The third quarter of 2023 saw a 6.5% increase in cyber attacks with 1,108 events. Cybercrime led the charts with 79.7% of motives, mostly using malware techniques. Exploitation of vulnerabilities ranked second, majorly affecting multiple industries and healthcare and financial sectors.

  • Q1 2023 Cyber Attacks Statistics

    I have aggregated the statistics created from the cyber attacks timelines published in the first three months of 2023. In total...

  • Photo by Towfiqu barbhuiya on UnsplashThe Biggest Data Breaches of 2023

    Similarly to what I have done in 2022 and 2021, I am collecting the main mega breaches...

  • September 2023 Cyber Attacks Statistics

    In September 2023, cyber crime continued to lead with 77.1% of total events, but showed a decrease. Cyber Espionage grew to 11.6%, while Hacktivism significantly dropped. Malware remains the leading attack technique and multiple organizations are the top targets.

  • 2022 Cyber Attacks Statistics

    And finally I have aggregated all the data collected in 2022 from the cyber attacks timelines. In the past year I have collected 3074 events...


The Perfect Storm

I have decided to create a new timeline tracking the high-impact vulnerabilities targeting both remote access and on-premise technologies exploited…

Continue Reading

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.