Let’s start the new infosec year with the first cyber attacks timeline of December 2021. In this timeline I have collected 123 events, with a daily average number of 8.2 events, a sharp increase compared to the 100 events collected in the previous timeline (corresponding to a daily average number of 6.67 events/day). Ransomware continues to dominate the threat landscape with a percentage of events directly or indirectly characterized by this attack vector corresponding to 23.6% (29 out of 123 events), very close to the value of the previous timeline (22%).

Another constant trend is the impact of vulnerabilities which characterized 14 out of 123 events (corresponding to 11.4% of events and again very close to 10.4% of the previous timeline). December 2021 will be remembered in the annals of cybersecurity for the severe log4shell vulnerability (CVE-2021-44228) targeting Apache log4j servers, additionally threat actors are continuing to exploit vulnerabilities in the Zoho’s products.

The first half of December has also seen a new rise in the number of attacks targeting fintech startups: four entities have been severely hit with a total loss of nearly $380 million worth.

Threat actors motivated by cyber espionage continue to be particularly active, especially Nobelium the threat actor behind the Solarwinds massive supply-chain attack, still pretty active against cloud service providers, and also author of a new campaign against French organizations. Other state-sponsored actors active in this period include: Charming Kitten, APT27, and StrongPity. New threat actors were also discovered using innovative attack techniques such as RTF Injection. At least a threat actor, Nickel, suffered a strong blow when its infrastructure was taken down by security researchers.

Last but not least, another interesting element of this timeline is the discovery of several opeations using fake social media account to manipulate the public opinion (coordinated inauthentic behavior).

Expand for details

Enjoy the interactive timeline, and thanks for sharing it, and supporting my work in spreading the risk awareness across the community. Also, don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.



The “Breachometer” compares the current number of events/day with the max and min values recorded in the previous 12 months.

  • photo of turned on laptop computer1-15 April 2024 Cyber Attacks Timeline

    In the first timeline of April 2024 I collected 107 events (7.13 events/day), as always characterized by a majority of malware attacks.

  • Featured Image Q1 2024Q1 2024 Cyber Attacks Statistics

    I aggregated the statistics created from the cyber attacks timelines published in the first quarter of 2024. In this period, I collected a total of 833 events (9.15 events/day) dominated by Cyber Crime with 75.2%...

  • 2023 Stats Featrured Image2024 Cyber Attacks Statistics

    In 2023, there was a 35% increase in cyber attacks to 4,128 events, with the MOVEit CVE-2023-34362 vulnerability being heavily exploited. Cybercrime dominated as the main motivation at 79%, while malware led attack techniques with 35.9%. Healthcare remained a top target for ransomware. The data ...

  • Image by Panumas Nikhomkhai from Pixabay1-15 June 2023 Cyber Attacks Timeline

    In the first half of June 2023, I collected 172 events (corresponding to 11.47 events/day), a value that shows...

  • 2020 Cyber Attacks Statistics

    As promised, I have pulled together some statistics from the data collected in 2020. The master table is available at the end of the post after the charts.


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.