The second cyber attacks timeline of July 2022 confirms the sustained level of activity. In this fortnight I have collected 139 entries, once again the higher number in the last three months.

Ransomware continues to dominate the threat landscape, characterizing 21 out of 139 events (corresponding to 15.1%, a sharp decrease compared to 25.2%, of the previous timeline). 13 out of 139 events were characterized by the exploitation of vulnerabilities (corresponding to 9.35%, more than the double of 4.58% of the previous fortnight).

A trend that is characterizing this 2022, is the growing number of attacks against Decentralized Finance (DeFi) platforms. Unsurprisingly this trend continued also in the second half of July with three organizations (Nirvana Finance, Audius, and Premint NFT) losing a total of nearly $22M worth of cryptocurrency.

Another interesting event of this timeline is the massive breach suffered by Neopets, leading the exposure of 69 million members.

The hybrid warfare in Ukraine continues to characterize the threat landscape, despite with a minor impact than the previous months. Interestingly no operation against Russia was recorded in this fortnight, whereas Ukraine was flooded by multiple operations carried out by known threat actors and newcomers such as: Coldriver, Turla,  Armagedon, UAC-0041, UNC2589, and GhostWriter.

And besides Ukraine, as usual the cyber espionage front is rich of events, for example Belgium revealed to have suffered three attacks from the Chinese threat actors APT27, APT30, APT31, and Gallium. Other interesting campaigns include the one carried out by APT29, exploiting cloud services and targeting a Nato country in Europe, and also the one carried out by APT36 and targeting high-value organizations in the Czech Republic, Poland, and other European countries.

So, in turn, enjoy the interactive timeline and the tabular format, and obviously thanks for sharing it, and supporting my work in spreading the risk awareness across the community. As always, don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.

Expand for details

Geo Map July H2 2022

The “Breachometer” compares the current number of events/day with the max and min values recorded in the previous 12 months.

  • network servers on an enclosureCVEs Targeting Remote Access Technologies

    In this first quarter of 2024, threat actors have been particularly busy in exploiting vulnerabilities (0-days but also old unpatched flaws) targeting traditional remote access technologies. In this blog post I summarized the main CVEs exploited so far in 2024.

  • Free cyber security concept background1-15 March 2024 Cyber Attacks Timeline

    In the first timeline of March 2024, I collected 98 events, once again characterized malware and ransomware attacks. State-sponsored threat actor were equally quite active, but the timeline also features some interesting events related to cyberwarfare.

  • February 2024 Statistics Featured ImageFebruary 2024 Cyber Attacks Statistics

    In February 2024 I collected and analyzed 239 events. Cyber Crime continued to lead the Motivations chart with 68.6%. Operations driven by Cyber Espionage ranked at number two with 16.7%, ahead of Cyber Warfare (4.6%) and Hacktivism (3.3%).

  • The Biggest Data Breaches of 2021

    With this new project I am going to track the biggest data breaches of 2021 extracted from my cyber attack timelines.

  • 2023 Stats Featrured Image2024 Cyber Attacks Statistics

    In 2023, there was a 35% increase in cyber attacks to 4,128 events, with the MOVEit CVE-2023-34362 vulnerability being heavily exploited. Cybercrime dominated as the main motivation at 79%, while malware led attack techniques with 35.9%. Healthcare remained a top target for ransomware. The data ...


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.