The first timeline of June 2022 is out. In the first half of the month I collected 109 events, corresponding to an average of 7.27 events/day, in line with the sustained level of activity that is characterizing the latest months.

And if, on one hand, the number of events related to the Russian invasion of Ukraine seems to be apparently decreasing (but the Anonymous collective and their affiliates are continuing their digital skirmish against Russian targets) on the other hand, the ransomware groups are back on the spotlight: in this timeline the percentage of events directly or indirectly characterized by ransomware soared to 26.8% from 18.3%. Similarly, vulnerabilities characterized 20.3% of events, as much as twice the percentage of the previous timeline (10%). A jump fueled primarily by the exploitation of the Microsoft ‘Follina’ vulnerability (CVE-2022-30190).

Unsurprisingly, attacks against Decentralized Finance platforms confirmed their impact on this 2022. In this timeline, the amount of funds stolen exceeded the equivalent of $130M. NFT collectors are equally an intriguing prey for threat actors, and this timeline was no exception.

In terms of cyber espionage, as always the landscape is quite rich of events: the Russian Sandworm APT targeted Ukraine with a new campaign, but this wasn’t obviously the only event. The timeline contains also campaigns carried out by old acquaintances such as SideWinder, Lyceum, Gallium, and APT35 AKA Phosphorous, or Charming Kitten). Additional campaigns unearthed in this fortnight were carried out by new groups such as Aoqin Dragon.

After this short summary, you can enjoy the interactive timeline. Thanks for sharing it, and supporting my work in spreading the risk awareness across the community. Also, don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.

Expand for details

Geo Map June H1 2022

The “Breachometer” compares the current number of events/day with the max and min values recorded in the previous 12 months.

  • network servers on an enclosureCVEs Targeting Remote Access Technologies

    In this first quarter of 2024, threat actors have been particularly busy in exploiting vulnerabilities (0-days but also old unpatched flaws) targeting traditional remote access technologies. In this blog post I summarized the main CVEs exploited so far in 2024.

  • 2023 Stats Featrured Image2024 Cyber Attacks Statistics

    In 2023, there was a 35% increase in cyber attacks to 4,128 events, with the MOVEit CVE-2023-34362 vulnerability being heavily exploited. Cybercrime dominated as the main motivation at 79%, while malware led attack techniques with 35.9%. Healthcare remained a top target for ransomware. The data ...

  • close up view of system hacking16-31 January 2024 Cyber Attacks Timeline

    In the second timeline of January 2024 I collected 168 events (10.50 events/day), dominated by ransomware, ahead of malware and the exploitation of vulnerabilities. There were also several mega breaches, multiple operations against fintech organizations, and the usual wave of attacks motivated by cyber espionage.

  • Q4 2023 Featured ImageQ4 2023 Cyber Attacks Statistics

    In Q4 2023, cyber attack events decreased by 7.1% to 1029 compared to the previous quarter. Cybercrime remains the primary motive, although slightly reduced, while malware tops attack techniques, increasing from the last quarter. Multiple industries and healthcare are the most targeted sectors. These statistics ...

  • December 2023 Statistics Featured ImageDecember 2023 Cyber Attacks Timeline

    December 2023 saw a decline in cyber events to 260 from November's 390, with Cyber Crime still leading at 75.4%. Cyber Espionage rose to 10.4%, Hacktivism to 7.3%, and Cyber Warfare doubled to 4.2%. Malware attacks led at 38.5%, while Account Takeovers and Targeted Attacks ...


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.