EVENTS
0
EVENTS/DAY
0
EVENTS
0
EVENTS/DAY

The second cyber attacks timeline of October 2021 is out and brings us a sharp increase in the number of events (111) after the apparent break in the first half of October when I collected 86 events. Unsurprisingly, ransomware continues to dominate the threat landscape, characterizing, directly or indirectly, 30.6% of the events (34 out of 111), in comparison with 28.6% of the previous timeline.

And rather unsurprisingly, vulnerabilities continue to characterize the threat landscape, being one of the preferred initial access vectors for attackers for opportunistic and state-sponsored attackers: the annus horribilis for the Google Chrome platform continues, and even this fortnight has seen a trove of new vulnerabilities exploited in the wild: CVE-2021-21224, CVE-2021-31956, CVE-2021-38000, and CVE-2021-38003.

The season of the mega breaches is not over yet: this time it has been the turn of 50 million Moscow drivers, who had their data sold on an underground forum for only $800.

And if you think that the weaponization of deepfakes is going to get worse, you won’t be disappointed: a group of fraudsters made off with $35 million after using forged email messages and deepfake audio to convince an employee of a United Arab Emirates company that a director requested the money as part of an acquisition of another organization.

Even he cyber espionage front is particularly rich of events this fortnight, but this isn’t a surprise. The infamous Nobelium group, the one behind the massive Solarwinds supply-chain attack is back with a new widespread campaign targeting 140 managed service providers and cloud service providers attacked and at least 14 breached since May 2021. The North Korean Lazarus Group is back from the shadow with a new campaign targeting a South Korean think tank and a company developing asset monitoring solutions in Latvia. But also new actors emerge such as the Harvester and LightBasin.. And the list does not end up here…

Expand for details

Enjoy the interactive timeline, and thanks for sharing it, and supporting my work in spreading the risk awareness across the community. Also, don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.

SUPPORT MY WORK!

BREACHOMETER

The “Breachometer” compares the current number of events/day with the max and min values recorded in the previous 12 months.

12 MONTHS TREND
POPULAR POSTS
  • Q3 2023 Cyber Attacks StatisticsQ3 2023 Cyber Attacks Statistics

    The third quarter of 2023 saw a 6.5% increase in cyber attacks with 1,108 events. Cybercrime led the charts with 79.7% of motives, mostly using malware techniques. Exploitation of vulnerabilities ranked second, majorly affecting multiple industries and healthcare and financial sectors.

  • Q1 2023 Cyber Attacks Statistics

    I have aggregated the statistics created from the cyber attacks timelines published in the first three months of 2023. In total...

  • Photo by Towfiqu barbhuiya on UnsplashThe Biggest Data Breaches of 2023

    Similarly to what I have done in 2022 and 2021, I am collecting the main mega breaches...

  • September 2023 Cyber Attacks Statistics

    In September 2023, cyber crime continued to lead with 77.1% of total events, but showed a decrease. Cyber Espionage grew to 11.6%, while Hacktivism significantly dropped. Malware remains the leading attack technique and multiple organizations are the top targets.

  • Image by noCap XL from Pixabay16-30 September 2023 Cyber Attacks Timeline

    The second cyber attack timeline of September 2023 showed a decrease in events and a continuation of malware attacks. Massive hacks targeted fintech organizations like Mixin Network, and some breaches affected millions of individuals. The timeline also includes activities by various known and new threat ...

FOLLOW ME ON TWITTER

The Perfect Storm

I have decided to create a new timeline tracking the high-impact vulnerabilities targeting both remote access and on-premise technologies exploited…

Continue Reading

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.