The second cyber attacks timeline of November 2021 is finally out (you can find the first one here or in the link below.) In the second half of this month I have collected 96 events, with a daily average slightly decreasing to 6.4 events/day from 6,9 events/day. Ransomware continues to dominate the threat landscape with a percentage of events directly or indirectly characterized similar to the previous timeline (22%)

Even the impact of vulnerabilities is similar to the previous timeline (10.4% vs 12%), and once again threat actors continue to exploit the ProxyShell and Zoho’s ManageEngine ADSelfService Plus vulnerabilities.

The season of the mega breaches continue and multiple organizations suffered multi-million breaches (browse the timeline for details.) The good news is that, at least in this timeline, I did not record any mega hack of a fintech platform (but I have the feeling that this will change in the next timeline).

Threat actors motivated by cyber espionage were quite active in November characterizing a record of 22% of events in this timeline. The list is really too crowded this timeline so I encourage you to browse it and discover the old acquaintances and the new comers that characterized this period.

Expand for details

Enjoy the interactive timeline, and thanks for sharing it, and supporting my work in spreading the risk awareness across the community. Also, don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.



The “Breachometer” compares the current number of events/day with the max and min values recorded in the previous 12 months.

  • Photo by Towfiqu barbhuiya on UnsplashThe Biggest Data Breaches of 2023

    Similarly to what I have done in 2022 and 2021, I am collecting the main mega breaches...

  • September 2023 Cyber Attacks Statistics

    In September 2023, cyber crime continued to lead with 77.1% of total events, but showed a decrease. Cyber Espionage grew to 11.6%, while Hacktivism significantly dropped. Malware remains the leading attack technique and multiple organizations are the top targets.

  • 2022 Cyber Attacks Statistics

    And finally I have aggregated all the data collected in 2022 from the cyber attacks timelines. In the past year I have collected 3074 events...

  • Q1 2023 Cyber Attacks Statistics

    I have aggregated the statistics created from the cyber attacks timelines published in the first three months of 2023. In total...

  • TCP Split Handshake Attack Explained

    Update May 12: TCP Split Handshake: Why Cisco ASA is not susceptible Update May 11: The Never Ending Story Update April 21: Other Considerations on TCP Split Handshake Few days ago, independent security research and testing NSS Labs, issued a comparative report among six network security ...


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.