16-30 September 2022 Cyber Attacks Timeline

EVENTS

EVENTS/DAY

EVENTS

EVENTS/DAY

Unsurprisingly, the level of cyber activity continued to be quite sustained even during the second half of September. In this timeline I have collected 140 events, corresponding to 9.33 events per day, a number in line with the previous weeks.

At least one indicator seems to be slowing down, and it is the impact of ransomware that in this timeline accounted for 19.3% of events (corresponding to 27 out of 140). A sharp decrease compared to 27.7% of the previous timeline.

The impact of vulnerabilities continues to be stable around 11% (precisely 11.4% corresponding to 16 out of 140 events) in line with the previous timeline when it was 10.9%.

1-15 August 2023 Cyber Attacks Timeline

In the first timeline of August, I collected 169 events (corresponding to 11.27 events per day), a considerable decrease compared to the the second half of July…

One of the trends that are characterizing this year from an infosec perspsective is the resurgence of massive hacks against fintech platform, and this timeline was no exception: unfortunately this time it was the turn of the Wintermute platform, which lost the equivalent of $162.2 million.

The situation in Ukraine continues to characterize the cyber space, despite the impact of the events (at least the ones that were discovered) seems to have taken a decreasing trend: Ukraine continued to be the target of multiple operations driven by hacktivism and cyber espionage (for example UAC-0113, linked to Sandworm) but even the pro-Ukraine hacktivists stroke back, for example allegedly breaching a website belonging to the infamous mercenary Wagner group.

And once again, but this is not a novelty at all, the cyber espionage front continued to be pretty crowded, with multiple operations carried out by well-known threat actors such as APT41, APT37, APT28, TA413, and the Lazarus Group, and new groups, such as the mysterious Metador, Witchetty, and UNC3886.

Even in this fortnight, the list is too long to be summarized in few words (this one in particular), so my suggestion is to enjoy the interactive timeline and the tabular format, and obviously thanks for sharing it, and supporting my work in spreading the risk awareness across the community. As always, don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.

Expand for details

Geo Map September H2 2022

ID	Date Reported	Date Occurred	Date Discovered	Author	Target	Description	Attack	Target Class	Attack Class	Country	Link	Tags
1	16/09/2022	-	-	TeaPots	Uber	Uber suffers a cyberattack with an allegedly 18-year-old hacker (likely part of the Lapsus$ gang) downloading HackerOne vulnerability reports and sharing screenshots of the company's internal systems, email dashboard, and Slack server.	Account Takeover	Professional, scientific and technical	CC	US		Uber, Lapsus$, TeaPots
2	16/09/2022	10/09/2022	10/09/2022	?	Revolut	Revolut suffers a cyberattack that gave an unauthorized third party access to personal information of tens of thousands of clients.	Account Takeover	Finance and insurance	CC	UK		Revolut
3	16/09/2022	-	05/07/2022	?	American Airlines	American Airlines notifies customers of a data breach after attackers compromised an undisclosed number of employee email accounts and gained access to sensitive personal information.	Account Takeover	Transportation and storage	CC	US		American Airlines
4	16/09/2022	-	10/09/2022	?	Starbucks Singapore	The Singapore division of Starbucks, the popular American coffeehouse chain, admits that it suffered a data breach incident impacting over 219,000 of its customers.	Unknown	Accommodation and food service	CC	SG		Starbucks
5	16/09/2022	-	-	?	GitHub users	GitHub warns of an ongoing phishing campaign, targeting its users with emails that impersonate the CircleCI continuous integration and delivery platform.	Account Takeover	Multiple Industries	CC	>1		GitHub, CircleCI
6	16/09/2022	Between 17/06/2022 and 30/06/2022	-	?	Tessie Cleveland Community Services	Tessie Cleveland Community Services discloses a breach due to a phishing attack.	Account Takeover	Human health and social work	CC	US		Tessie Cleveland Community Services
7	16/09/2022		08/06/2022	?	Berry, Dunn, McNeil & Parker	Berry, Dunn, McNeil & Parker confirm that the company experienced a data breach after an unauthorized party gained access to sensitive consumer data through a compromised employee email account.	Account Takeover	Administration and support service	CC	US		Berry, Dunn, McNeil & Parker
8	16/09/2022	-	-	?	Country Doctor Community Clinic	Country Doctor Community Clinic files an official notice of a data breach after the company experienced a hacking/IT incident that compromised consumer data.	Unknown	Human health and social work	CC	US		Country Doctor Community Clinic
9	16/09/2022	-	-	LockBit 3.0	Independence	The LockBit 3.0 ransomware gangs claims to have exfiltrated 180 GB of information from Independence, a Colombian firm that provides drilling and maintenance services for oil and gas wells.	Malware	Administration and support service	CC	CO		The LockBit 3.0, Independence, Ransomware
10	16/09/2022	-	-	LockBit 3.0	Quintal	The LockBit 3.0 ransomware gangs claims to have exfiltrated information from Quintal, a Colombian firm that provides manufacturing and distribution of manganese-based chemicals.	Malware	Manufacturing	CC	CO		The LockBit 3.0, Quintal, Ransomware
11	16/09/2022	-	-	LockBit 3.0	Makler	The LockBit 3.0 ransomware gangs claims to have hacked Makler, a Venezuelan insurance brokerage firm.	Malware	Finance and insurance	CC	CO		The LockBit 3.0, Makler, Ransomware
12	16/09/2022	-	16/09/2022	LockBit 3.0	Software Line	Software Line is hit with a Lockbit ransomware attack.	Malware	Professional, scientific and technical	CC	IT		Software Line, Lockbit 3.0, ransomware
13	16/09/2022	-	-	STORMOUS	University Roma Tor Vergata	The STORMOUS cyber criminal gang claims to have hacked the university of Rome Tor Vergata	Account Takeover	Education	CC	IT		STORMOUS, Rome Tor Vergata
14	17/09/2022	Since January 2022	Since August 2022	DEV-0796	Multiple organizations	VMware and Microsoft warn of an ongoing, widespread Chromeloader malware campaign that has evolved into a more dangerous threat, seen dropping malicious browser extensions, node-WebKit malware, and even ransomware in some cases.	Malware	Multiple Industries	CC	>1		VMware, Microsoft, Chromeloader
15	17/09/2022	19/07/2022	19/07/2022	?	NYSARC Columbia County Chapter (COARC)	NYSARC Columbia County Chapter (COARC) discloses a ransomware incident.	Malware	Human health and social work	CC	US		NYSARC Columbia County Chapter, COARC, ransomware
16	18/09/2022	-	-	TeaPots	Rockstar Games	Grand Theft Auto 6 gameplay videos and source code are leaked after a hacker breached Rockstar Game's Slack server and Confluence wiki.	Unknown	Arts entertainment, recreation	CC	US		Grand Theft Auto 6, Rockstar Games, TeaPots
17	19/09/2022	19/09/2022	19/09/2022	Ukraine IT Army	Wagner group	The hacktivist group known as the Ukraine IT Army publishes a screenshot that showed the group hacked into a website allegedly linked to the Wagner group.	Unknown	Administration and support service	H	RU		Ukraine IT Army, Wagner group, Russia
18	19/09/2022	Since August 2022	Since August 2022	UAC-0113 (linked to Sandworm)	Entities in Ukraine	Researchers from Recorded Future reveal that the Russian state-sponsored hacking group known as Sandworm has been observed masquerading as telecommunication providers to target Ukrainian entities with malware.	Malware	Multiple Industries	CE	UA		Sandworm, Recorded Future, UAC-0113, Russia, Ukraine
19	19/09/2022	Since at least mid-2019	During July 2022	?	U.S. government contractors	Researchers from Cofense reveal that an ongoing phishing campaign targeting the Microsoft 365 accounts of U.S. government contractors, spoofing the Department of Transportation and the Department of Commerce, has expanded its operation to push higher-quality lures and better-crafted documents.	Account Takeover	Public admin and defence, social security	CC	US		Cofense, U.S., Department of Transportation, Department of Commerce, Microsoft 365
20	19/09/2022	27/06/2022	27/06/2022	?	Undisclosed Chinese telecommunications service provider	Imperva announces its DDoS mitigation solution has broken a new record, defending against a single attack that sent over 25.3 billion requests to one of its customers.	DDoS	Information and communication	CC	CN		Imperva, China
21	19/09/2022	During September 2022	During September 2022	?	Healthcare providers in the U.S.	The Health Sector Cybersecurity Coordination Center (HC3) warns the healthcare sector of a new monkeypox-themed phishing scheme targeting healthcare providers.	Account Takeover	Human health and social work	CC	US		Health Sector Cybersecurity Coordination Center, HC3, monkeypox
22	19/09/2022	'Recently'	'Recently'	?	Multiple organizations	Researchers from Fortinet discover a campaign distributing a malicious Excel document exploiting CVE-2017-11882 to execute malicious code to deliver and execute malware on a victim’s device.	CVE-2017-11882 Vulnerability	Multiple Industries	CC	>1		Fortinet, Excel, CVE-2017-11882
23	19/09/2022	During August 2022	During August 2022	APT37 (aka: Ricochet Chollima, InkySquid, ScarCruft, Reaper, and Group123)	Government Organization in Russia	Researchers from Fortinet discover a campaign allegedly carried out by APT37, distributing the Konni Remote Access Trojan.	Targeted Attack	Public admin and defence, social security	CE	RU		APT37, Ricochet Chollima, InkySquid, ScarCruft, Reaper, Group123, Fortinet, Konni
24	19/09/2022	-	-	?	Zoom users	Researchers from Cyble discover a campaign targeting Zoom users and distributing the Vidar stealer.	Malware	Multiple Industries	CC	>1		Cyble, Zoom, Vidar
25	19/09/2022	-	-	?	redONE Network Sdn Bhd	DESORDEN claims to have hit redONE Network Sdn Bhd, a Malaysian telco company, and leaks databases and source code.	Unknown	Information and communication	CC	MY		DESORDEN, redONE Network Sdn Bhd
26	20/09/2022	14/03/2020	?	Data	Ask.FM?	A seller called “Data,” lists a database on a forum with the data of 350 million users allegedly obtained from Ask.FM.	Vulnerability	Information and communication	CC	LV		Data, Ask.FM
27	20/09/2022	-	-	?	Wintermute	Digital assets trading firm Wintermute is hacked and loses $162.2 million in DeFi operations.	Vulnerability	Fintech	CC	N/A		Wintermute
28	20/09/2022	20/09/2022	20/09/2022	?	2K	American video game publisher 2K confirms that its help desk platform was hacked and used to target customers with fake support tickets pushing malware via embedded links, after an unauthorized third party illegally accessed the credentials of one of the vendors to the help desk platform.	Account Takeover	Arts entertainment, recreation	CC	US		2K
29	20/09/2022	Over the past two years	Over the past two years	?	e-commerce sites	Researchers from Recorded Future discover that attackers are abusing Google’s Tag Manager (GTM) containers to install malicious e-skimmers that steal payment card data and personally identifiable information of shoppers on e-commerce sites.	Malicious Script Injection	Wholesale and retail	CC	>1		Recorded Future, Google’s Tag Manager, GTM
30	20/09/2022	20/09/2022	20/09/2022	Anonymous	Several websites in Iran, including for the central bank and the national government portal and state-owned media sites	Hacktivists from the Anonymous collective claim to be behind attacks on several websites affiliated with the Iranian government amid protests following the death of 22-year-old Mahsa Amini.	DDoS	Public admin and defence, social security	H	IR		Anonymous, Iran, Mahsa Amini
31	20/09/2022	-	-	Everest	Government of Brazil	The Everest ransom group adds the Government of Brazil to their leak site, claiming they got their hands on the access of gov.br network, a government services website, and stole 3TB of sensitive data.	Malware	Public admin and defence, social security	CC	BR		Everest, Brazil, ransomware
32	20/09/2022	Between 14/07/2022 and 08/08/2022	25/08/2022	?	Tift Regional Medical Center	Tift Regional Medical Center is the victim of a Hive ransomware attack.	Malware	Human health and social work	CC	US		Tift Regional Medical Center, Hive, Ransomware
33	20/09/2022	-	-	?	Individuals in the UK	Individuals in the UK are warned to look out for fake emails and texts claiming to offer discounts on energy bills, after the government has announced that a £400 energy bill discount will be available to all households.	Account Takeover	Individual	CC	UK		UK
34	20/09/2022	17/09/2022	17/09/2022	?	Office 365 users	Researchers from Perception Point discover a campaign that attempts to trick users into playing a malicious video from the Powtoon platform, serving up a spoofed Microsoft page to steal credentials.	Account Takeover	Multiple Industries	CC	>1		Perception Point, Powtoon, Microsoft
35	20/09/2022	-	12/09/2022	Hive and Spy	Sigmund Software	Sigmund Software is hit by two ransomware attacks by Hive and Spy.	Malware	Professional, scientific and technical	CC	US		Sigmund Software, ransomware, Hive, Spy
36	20/09/2022	-	-	?	South Redford School District	The South Redford School District postes a notice saying that school is closed because of a cyberattack.	Unknown	Education	CC	US		South Redford School District
37	20/09/2022	Mid September 2022	-	?	Scholars’ Education Trust	The Scholars’ Education Trust suffers a breach and many of its internal systems remain offline. The trust runs six schools: Buntingford First School, Harpenden Academy, Priory Academy, Robert Barclay Academy, Samuel Ryder Academy and Sir John Lawes School.	Unknown	Education	CC	UK		Scholars’ Education Trust, Buntingford First School, Harpenden Academy, Priory Academy, Robert Barclay Academy, Samuel Ryder Academy and Sir John Lawes School
38	20/09/2022	-	-	BlackCat AKA ALPHV	Deutscher Caritasverband	The Deutscher Caritasverband (German branch of the Caritas catholic association, is hit with a BlackCat ransomware attack.	Malware	Human health and social work	CC	DE		Deutscher Caritasverband, Caritas, BlackCat, ransomware, ALPHV
39	21/09/2022	During August 2022	During August 2022	?	Undisclosed target in the Insurance and Finance sector	Researchers from Cofense reveal that phishing actors are abusing LinkedIn’s Smart Link feature to bypass email security products and successfully redirect targeted users to phishing pages that steal payment information.	Account Takeover	Finance and insurance	CC	SK		Cofense, Linkedin
40	21/09/2022	-	-	FIN11 (aka Cl0p)	Multiple organizations worldwide	Researchers from Cyfirma reveal that the threat actors known as FIN11 (and Cl0p) may have impersonated web download pages of the Zoom Application to conduct phishing campaigns against targets worldwide.	Malware	Multiple Industries	CC	>1		FIN11, Cl0p, Cyfirma, Zoom
41	21/09/2022	15/07/2022	-	?	Anesthesia Associates	Anesthesia Associates provides notice of a data security incident impacting its Management Company that may have resulted in the compromise of protected health information for the Provider’s patients.	Unknown	Human health and social work	CC	US		Anesthesia Associates
42	21/09/2022	Since July 2022	During July 2022	?	Multiple organizations	Researchers from Trend Micro warn of an ongoing crypto mining campaign targeting Atlassian Confluence servers affected by the CVE-2022-26134 vulnerability.	CVE-2022-26134 Vulnerability	Multiple Industries	CC	>1		Trend Micro, Atlassian Confluence, CVE-2022-26134
43	21/09/2022	-	-	?	OLAF (European Anti-Fraud Office)	The OLAF (European Anti-Fraud Office) warns of a campaign of emails, letters and scam phone calls purporting to be from OLAF.	Account Takeover	Multiple Industries	CC	>1		OLAF
44	21/09/2022	-	-	?	Customers of Indian banks	Researchers from Microsoft discover an SMS-based phishing campaign targeting customers of Indian banks with information-stealing malware that masquerades as a rewards application.	Account Takeover	Finance and insurance	CC	IN		Microsoft, India
45	21/09/2022	Since 2012	-	APT41	Healthcare sector in the U.S.	A new Department of Health and Human Services Cybersecurity Coordination Center alert warns the healthcare sector is continuing to be targeted by APT41, a Chinese state-sponsored threat actor group.	Targeted Attack	Human health and social work	CE	US		Department of Health and Human Services Cybersecurity Coordination Center, APT41, China
46	21/09/2022		-	-	?	The Hampton Public Library is hacked, redirecting people to an adult retail store website.	Unknown	Public admin and defence, social security	CC	US		Hampton Public Library
47	22/09/2022	-	-	?	Multiple organizations	Researchers from Sansec observe a surge in hacking attempts targeting CVE-2022-24086, a critical Magento 2 vulnerability allowing unauthenticated attackers to execute code on unpatched sites.	CVE-2022-24086 vulnerability	Wholesale and retail	CC	>1		Sansec, CVE-2022-24086, Magento 2
48	22/09/2022	'Recently'	'Recently'	?	Multiple organizations	Microsoft says a threat actor gained access to cloud tenants hosting Microsoft Exchange servers in credential stuffing attacks, with the end goal of deploying malicious OAuth applications and sending phishing emails.	Credential Stuffing	Multiple Industries	CC	>1		Microsoft, Microsoft Exchange, OAuth
49	22/09/2022	-	-	Multiple threat actors	Organizations in the U.S.	The Cybersecurity and Infrastructure Security Agency (CISA) adds a critical severity Java deserialization vulnerability (CVE-2022-35405 vulnerability) affecting multiple Zoho ManageEngine products to its catalog of bugs exploited in the wild.	CVE-2022-35405 vulnerability	Multiple Industries	N/A	US		Cybersecurity and Infrastructure Security Agency, CISA, CVE-2022-35405, Zoho ManageEngine
50	22/09/2022	Since December 2021	-	Metador	Telecommunications, internet service providers, and universities in several countries in the Middle East and Africa.	Researchers from SentinelOne reveal the details of Metador, a previously unknown threat actor breaching telecommunications, internet services providers (ISPs), and universities for about two years.	Targeted Attack	Information and communication	CE	>1		SentinelOne, Metador
51	22/09/2022	-	-	optusdata	Optus	Australia telecoms giant Optus says current and former 11 million customer data was accessed following a cyberattack on its systems.	Misconfiguration	Information and communication	CC	AU		Optus, optusdata
52	22/09/2022	'In recent months'	'In recent months'	Coreid (aka FIN7, Carbon Spider)	Multiple organizations	Researchers from Symantec/Broadcom reveal the details of the latest campaigns by the Coreid group, behind the Noberus (aka BlackCat, ALPHV) ransomware, using new versions of the Exmatter data exfiltration tool, and Eamfo malware.	Malware	Multiple Industries	CC	>1		Symantec, Broadcom, Coreid, Noberus, BlackCat, ALPHV, ransomware, Exmatter, Eamfo
53	22/09/2022	During 2022	During 2022	Void Balaur	Multiple organizations, often with particular business or political interests tied to Russia.	Researchers from SentinelOne reveal the details of the latest campaigns of the mercenary group Void Balaur.	Account Takeover	Multiple Industries	CC	RU		SentinelOne, Void Balaur
54	22/09/2022	-	`	TA413 (AKA LuckyCat)	Uyghurs minority in China	Researchers from Recorded Future discover a China-linked cyberespionage group, tracked as TA413 (aka LuckyCat), exploiting recently disclosed flaws in Sophos Firewall (CVE-2022-1040) and Microsoft Office (CVE-2022-30190) to deploy a never-before-detected backdoor called LOWZERO in attacks aimed at Tibetan entities.	CVE-2022-1040) and CVE-2022-30190 vulnerabilities	Individual	CE	CN		Recorded Future, China, TA413, LuckyCat, Sophos Firewall, CVE-2022-1040, Microsoft Office, CVE-2022-30190, LOWZERO, Tibet, Uyghurs
55	22/09/2022	-	-	?	Capital One customers	Researchers from Vade discover a new campaign impersonating American bank holding Capital One to steal identities.	Account Takeover	Finance and insurance	CC	US		Vade, Capital One
56	22/09/2022	Since 2020	-	Harly	Android users	Researchers from Kaspersky reveal the details of Harly, similar to the Joker Trojan, targeting Android users.	Malware	Individual	CC	>1		Kaspersky, Android, Harly
57	22/09/2022	Since at least 12/07/2022	12/07/2022	Mysterious Team Bangladesh	Government Organizations in India	Researchers from CloudSEK discover a new campaign by a group of Bangladeshi hacktivists targeting multiple government organizations in India.	DDoS	Public admin and defence, social security	H	IN		CloudSEK, Mysterious Team Bangladesh
58	22/09/2022	Late August 2022	Late August 2022	?	Multiple organizations	Researchers from Deepwatch discover a SEO poisoning campaign using the GootLoader downloader to target employees from multiple industries and government sectors when they search for specific terms that are relevant to their work.	Malware	Multiple Industries	CC	>1		Deepwatch, SEO poisoning, GootLoader
59	22/09/2022	-	-	DESORDEN	PT CARE TECHNOLOGIES	DESORDEN takes responsibility for the hack and data breach of PT CARE TECHNOLOGIES, an insurance software and IT vendor, stealing 2.2 GB of databases from their network.	Unknown	Professional, scientific and technical	CC	ID		DESORDEN, PT CARE TECHNOLOGIES
60	22/09/2022	-	20/09/2022	Everest	Argentina’s Ministry of Economy	The Everest group claims to have hacked the Argentina’s Ministry of Economy and puts on sale the access to its network.	Unknown	Public admin and defence, social security	CC	AR		Everest, Ransomware, Argentina, Ministry of Economy.
61	22/09/2022	29/08/2022	-	?	City of Wheat Ridge	The City of Wheat Ridge is hit with a ransomware attack.	Malware	Public admin and defence, social security	CC	US		City of Wheat Ridge, ransomware
62	22/09/2022	-	-	LockBit 3.0	Your Private Italy	Your Private Italy, an Italian luxury travel agency, is hit by the LockBit 3.0 ransomware.	Malware	Arts entertainment, recreation	CC	IT		Your Private Italy, Ransomware, LockBit 3.0
63	22/09/2022	-	15/07/2022 and 09/08/2022	?	Berkshire Farm Center & Services for Youth	Berkshire Farm Center & Services for Youth confirms that an unauthorized third party gained access to certain servers and potentially viewed or obtained files containing protected health information	Account Takeover	Human health and social work	CC	US		Berkshire Farm Center & Services for Youth
64	23/09/2022	-	23/09/2022	Anonymous	Russian Ministry of Defense	Hacktivist collective Anonymous claims to have leaked the personal data of over 300,000 individuals from the Russian Ministry of Defense likely to be mobilized by the Russian government to fight in Ukraine.	Unknown	Public admin and defence, social security	H	RU		Anonymous, Russia, Ukraine, Russian Ministry of Defense
65	23/09/2022	Since early 2022	-	XakNet Team	Organizations in Ukraine	Researchers from Mandiant discover XakNet Team, a group of pro-Russian hacktivists targeting organizations in Ukraine.	DDoS	Multiple Industries	H	UA		Mandiant, XakNet Team, Russia, Ukraine
66	23/09/2022	Since early 2022	-	Infoccentr	Organizations in Ukraine	Researchers from Mandiant discover Infoccentr, a group of pro-Russian hacktivists targeting organizations in Ukraine.	DDoS	Multiple Industries	H	UA		Mandiant, Infoccentr, Russia, Ukraine
67	23/09/2022	Since early 2022	-	Infoccentr	Organizations in Ukraine	Researchers from Mandiant discover CyberArmyofRussia_Reborn, a group of pro-Russian hacktivists targeting organizations in Ukraine.	DDoS	Multiple Industries	H	UA		Mandiant, CyberArmyofRussia_Reborn, Russia, Ukraine
68	23/09/2022	Since 2019	-	Russian threat actors	Individuals	Researchers from ReasonLabs expose a massive operation that has reportedly siphoned millions of USD from credit cards, considered responsible for losses for tens of thousands of victims.	Account Takeover	Individual	CC	>1		ReasonLabs
69	23/09/2022	-	-	Pro-Russian attackers	Individuals in Ukraine and the European Union	The cyber department of Ukraine's Security Service (SSU) takes down a group of Pro-Russian hackers that stole accounts of about 30 million individuals and sold them on the dark web.	Malware	Individual	CC	UA		Cyber department of Ukraine's Security Service, SSU
70	23/09/2022	Since 14/09/2022	-	?	Multiple organizations	Multiple npm packages published by the crypto exchange, dYdX, and used by at least 44 cryptocurrency projects appear to have been compromised.	Malware	Multiple Industries	CC	>1		npm, dYdX
71	23/09/2022	-	-	?	Multiple organizations primarily in the South Asia region	Sophos warns that a critical code injection security vulnerability in the company's Firewall product is being exploited in the wild.	CVE-2022-3236 Vulnerability	Multiple Industries	N/A	>1		Sophos, CVE-2022-3236
72	23/09/2022	Between 17/05/2022 and 31/05/2022	29/05/2022	?	City of Tucson	The City of Tucson discloses a data breach affecting the personal information of more than 123,000 individuals.	Unknown	Public admin and defence, social security	CC	US		City of Tucson
73	23/09/2022	Between January and February 2022	During Q3 2022	APT28 AKA Fancy Bear	The Organisation for Economic Co-operation and Development (OECD)	Researchers from Cluster25 reveal that APT28 have started using a new code execution technique that relies on mouse movement in Microsoft PowerPoint presentations to trigger a malicious PowerShell script, exploiting the CVE-2021-40444 vulnerability.	Targeted Attack	Extraterritorial orgs and bodies	CE	N/A		Cluster25, APT28, Fancy Bear. CVE-2021-40444
74	23/09/2022	-	-	Multiple threat actors	Vulnerable BitBucket servers	The Cybersecurity and Infrastructure Security Agency (CISA) adds a critical BitBucket Server RCE zero-day (CVE-2022-36804) to the list of exploited vulnerabilities.	CVE-2022-36804 Vulnerability	Unknown	N/A	N/A		Cybersecurity and Infrastructure Security Agency, CISA, BitBucket, RCE, CVE-2022-36804
75	23/09/2022	Since 2016	'Recently'	Scarlet Mimic	Uyghurs minority in China	Researchers from Check Point discover a long running mobile surveillance campaign, targeting the largest minority in China, the Uyghurs.	Targeted Attack	Individual	CE	CN		Check Point, Scarlet Mimic, China, Uyghurs
76	23/09/2022	Between 10/07/2022 and 14/08/2022	24/07/2022	?	Dyersburg Family Walk-In Clinic	Family Walk-In Clinic discloses to have suffered a data security incident that resulted in information being taken from its systems.	Unknown	Human health and social work	CC	US		Family Walk-In Clinic, Reelfoot Family Walk-In Clinic
77	23/09/2022	05/04/2022	26/07/2022	?	Physician’s Business Office (PBO)	Physician’s Business Office (PBO) reveals to have suffered a data breach that impacted 196,573 individuals.	Unknown	Administration and support service	CC	US		Physician’s Business Office, PBO
78	23/09/2022	'Recently'	'Recently'	?	Northern California Fertility Medical Center (NCFMC)	Northern California Fertility Medical Center (NCFMC) files an official notice of a data breach after an unauthorized party accessed the company’s network and attempted to encrypt certain files.	Malware	Human health and social work	CC	US		Northern California Fertility Medical Center, NCFMC, ransomware
79	23/09/2022	-	-	?	Resource Anesthesia of California	Resource Anesthesia of California reports a data breach following a Network IT / Hacking incident that compromised sensitive information patients entrusted to the practice.	Unknown	Human health and social work	CC	US		Resource Anesthesia of California
80	23/09/2022	-	26/07/2022	?	FMC Services (Family Medical Center Services)	FMC Services confirms that the company experienced a data breach after an unauthorized party gained access to sensitive consumer data contained on its network.	Unknown	Human health and social work	CC	US		FMC Services, Family Medical Center Services
81	23/09/2022	-	-	?	Diodes Incorporated	Diodes Incorporated confirms that the company experienced a data breach after consumer data entrusted to the company was accessible to an unauthorized party.	Unknown	Manufacturing	CC	US		Diodes Incorporated
82	23/09/2022	-	-	?	Apex Capital Corp.	Apex Capital Corp. confirms that the company experienced a data breach after an unauthorized party gained access to sensitive consumer data that had been entrusted to the company.	Unknown	Transportation and storage	CC	US		Apex Capital Corp.
83	23/09/2022	-	-	?	Multiple organizations	Researchers from ReversingLabs discover a malicious NPM package masquerading as the legitimate software library for Material Tailwind, distributing malicious code in open source software repositories.	Malware	Multiple Industries	CC	>1		ReversingLabs, NPM, Material Tailwind
84	23/09/2022	-	-	?	Multiple organizations	Researchers from Kaspersky discover a new campaign distributing the Agent Tesla malware.	Malware	Multiple Industries	CC	>1		Kaspersky, Agent Tesla
85	23/09/2022	'Recently'	'Recently'	Sparta Blog	Sercom Informatica SL	Sparta Blog lists Sercom Informatica SL on their leak site. They also provided samples of files exfiltrated from Sercom customers, including the Hospital Puigcerda.	Unknown	Professional, scientific and technical	CC	ES		Sparta Blog, Sercom Informatica SL, Hospital Puigcerda
86	23/09/2022	-	-	?	Reidville Fire Department	Attackers allegedly steal over $8,000 in paychecks following an email hack from the Reidville Fire Department.	Unknown	Public admin and defence, social security	CC	US		Reidville Fire Department.
87	23/09/2022	-	-	?	RP Consulting SpA	An archive of 7.3 Gb of data and 13,000 files belonging to RP Consulting SpA is leaked on Breach Forums.	Unknown	Administration and support service	CC	IT		RP Consulting SpA, Breach Forums.
88	23/09/2022	-	-	?		Delta Dental of Washington announces that the protected health information of 6,361 members of its dental benefits plans has potentially been compromised in a cyberattack on its mail and printing vendor, Kaye-Smith	Malware	Human health and social work	CC	US		Delta Dental of Washington, ransomware, Kaye-Smith
89	24/09/2022	Since August 2022	Since August 2022	?	FARGO AKA TargetCompany	Researchers from AhnLab Security Emergency Response Center (ASEC) reveal that Vulnerable Microsoft SQL servers are being targeted in a new wave of attacks with FARGO ransomware.	Malware	Multiple Industries	CC	>1		AhnLab Security Emergency Response Center, ASEC, Microsoft SQL, FARGO, TargetCompany, ransomware
90	24/09/2022	-	-	?	BankingLab	A threat actor claims to have breached the BankingLab banking platform exploiting the CVE-2022-35405 vulnerability affecting multiple Zoho ManageEngine products.	CVE-2022-35405 vulnerability	Fintech	CC	LT		BankingLab, CVE-2022-35405, Zoho, ManageEngine
91	26/09/2022	-	-	RaHDIt	Ukrainian foreign intelligence service	The Russian hacker group RaHDIt posts the data of 1,500 employees of the Ukrainian foreign intelligence service.	Unknown	Public admin and defence, social security	CW	UA		RaHDIt, Ukrainian foreign intelligence service, Russia
92	26/09/2022	-	-	Scylla	Android and iOS users	Researchers from HUMAN reveal the details of Scylla, an operation consisting of 75 applications on Google Play and another ten on Apple’s App Store engaged in ad fraud with 13 million installations.	Malware	Individual	CC	>1		HUMAN, Scylla, Google Play, Apple, App Store, Android, iOS
93	26/09/2022	'Recently'	'Recently'	Lazarus Group	Developers and artists in the crypto space	Researchers at Sentinel One discover Operation In(ter)ception, a new campaign by the North Korean Lazarus hacking group, using fake 'Crypto.com' job offers to hack developers and artists in the crypto space, likely with a long-term goal of stealing digital assets and cryptocurrency.	Malware	Fintech	CC	>1		Sentinel One, Operation In(ter)ception, Lazarus Group, Crypto.com
94	26/09/2022	-	-	NullMixer	Multiple organizations	Researchers from Kaspersky discover NullMixer, a new malware dropper infecting Windows devices with a dozen different malware families simultaneously through fake software cracks promoted on malicious sites in Google Search results.	Malware	Multiple Industries	CC	BR DE EG FR IN IT RU US TR		Kaspersky, NullMixer, Google Search
95	26/09/2022	-	-	Bl00dy	Undisclosed victim in Ukraine	The Bl00dy ransomware, built from the LockBit 3.0 Builder, hits an undisclosed victim in Ukraine.	Malware	Unknown	CC	UA		Bl00dy, LockBit 3.0, ransomware
96	26/09/2022	-	Late August 2022	?	Auth0	Authentication service provider Auth0 discloses what it calls a "security event" involving some of its code repositories (from 2020 and earlier) obtained by unknown means from its environment.	Unknown	Professional, scientific and technical	CC	US		Auth0
97	26/09/2022	'Recently'	'Recently'	?	Multiple organizations	Researchers from Proofpoint reveal that threat actors have recently conducted phishing campaigns using Microsoft Sway and used the platform to distribute malware within organizations.	Malware	Multiple Industries	CC	>1		Proofpoint, Microsoft Sway
98	26/09/2022	-	08/07/2022	?	CSI Laboratories	CSI Laboratories discloses to have been hit by a phishing attack.	Account Takeover	Human health and social work	CC	US		CSI Laboratories
99	26/09/2022	Between 21/08/2022 and 27/08/2022	-	?	Netflix users	Researchers from INKY detect Netflix being impersonated in a PII data harvesting campaign utilizing malicious HTML attachments compressed in zip files.	Account Takeover	Arts entertainment, recreation	CC	>1		Netflix, INKY
100	26/09/2022	-	-	?	Watchfinder	Luxury pre-owned watch website Watchfinder warns its user base that their personal data has been accessed after an employee’s account was broken into and a customer list accessed.	Account Takeover	Arts entertainment, recreation	CC	UK		Watchfinder
101	26/09/2022	-	-	?	Poder Judicial de Chile	The Poder Judicial de Chile issues an alert about a computer virus.	Malware	Public admin and defence, social security	CC	CL		Poder Judicial de Chile, ransomware
102	27/09/2022	Since May 2022	-	Russia	Germany, France, Italy, Ukraine and the United Kingdom.	Researchers from Meta take down a large network (1,633 accounts, 703 Pages, one Group on Facebook and 29 accounts on Instagram) that originated in Russia, centered around a sprawling network of over 60 websites carefully impersonating legitimate news organizations in Europe.	Coordinated Inauthentic Behavior	Individual	CW	DE FR IT UA UK		Meta, Facebook, Instagram, Russia
103	27/09/2022	Since July 2022	Late August 2022	Threat actor from Russia	Individuals in Germany	Researchers from DisinfoLab discover Doppelgänger, a series of websites that had cloned the look-and-feel of several major news sites mainly in Germany, but also the UK, France and Italy.	Coordinated Inauthentic Behavior	Individual	CW	DE		Doppelgänger, Russia, Germany
104	27/09/2022	Since September 2021	-	China	United States, Czech Republic and Chinese- and French-speaking audiences around the world.	Researchers from Meta take down a small network that originated in China and targeted the United States, the Czech Republic and, to a lesser extent, Chinese- and French-speaking audiences around the world.	Coordinated Inauthentic Behavior	Individual	CW	US CZ		Mata, Facebook, Instagram, China
105	27/09/2022	-	-	?	Multiple organizations	Researchers from Zscaler observe a campaign delivering Agent Tesla, a .NET based keylogger and remote access trojan, using a builder named “Quantum Builder” sold on the dark web.	Malware	Multiple Industries	CC	>1		Zscaler, Agent Tesla, Quantum Builder
106	27/09/2022	-	-	?	Multiple organizations	Researchers from Sucuri discover a new variant of the campaign exploiting compromised WordPress sites to display fake Cloudflare DDoS protection pages to distribute malware.	Malware	Multiple Industries	CC	>1		Sucuri, WordPress, Cloudflare, DDoS
107	27/09/2022	Early August 2022	Early August 2022	?	Multiple organizations	Researchers from Palo Alto Networks discover a new campaign using a polyglot Microsoft Compiled HTML Help (CHM) to distribute the information stealer IcedID.	Malware	Multiple Industries	CC	>1		Palo Alto Networks, Microsoft Compiled HTML Help, CHM, IcedID
108	27/09/2022	27/09/2022	27/09/2022	?	Ethereum arbitrage trading bot	An Ethereum arbitrage trading bot is able to earn 800 ETH and loses 1100 ETH (around $1.41 million) one hour later when an unknown attacker exploits a vulnerability.	Vulnerability	Fintech	CC	N/A		Ethereum
109	27/09/2022	23/09/2022	23/09/2022	?	Cox Communications	Cox Communications reveals that an internet outage that affected the city of Tucson over the weekend was due to a cyber attack.	Unknown	Information and communication	CC	US		Cox Communications, Tucson
110	27/09/2022	-	-	Vice Society	Jaime Câmara Group (JCG)	Brazilian media conglomerate Jaime Câmara Group (JCG) is the victim of a ransomware attack.	Malware	Information and communication	CC	BR		Jaime Câmara Group, JCG, ransomware, Vice Society
111	28/09/2022	Since mid-June	24/12/2021	Chaos	Multiple organizations	Researchers from Black Lotus Labs expose a quickly expanding botnet called Chaos, a Go-based malware targeting and infecting Windows and Linux devices to use them for cryptomining and launching DDoS attacks.	Malware	Multiple Industries	CC	>1		Black Lotus Labs, Chaos, Windows, Linux, Go
112	28/09/2022	'Recently'	'Recently'	?	Multiple military contractors involved in weapon manufacturing	Researchers from Securonix reveal the details of STEEP#MAVERICK, a campaign targeting military contractors.	Targeted Attack	Manufacturing	CE	>1		Securonix, STEEP#MAVERICK
113	28/09/2022	During 2022	During 2022	?	Taxpayers in the U.S:	The Internal Revenue Service (IRS) warns Americans of an exponential rise in IRS-themed text message phishing attacks trying to steal their financial and personal information in the last few weeks.	Account Takeover	Individual	CC	US		Internal Revenue Service, IRS
114	28/09/2022	25/09/2022	25/09/2022	Thrax	Fast Company	Fast Company takes its website offline after it was hacked to display stories and push out Apple News notifications containing obscene and racist comments.	Account Takeover	Information and communication	CC	US		Fast Company, Thrax
115	28/09/2022	During 2022	During 2022	Prilex	Multiple organizations in Brazil	Researchers from Kaspersky discover three new versions of Prilex PoS-targeting malware during 2022, indicating that its authors and operators are back in action.	Malware	Multiple Industries	CC	BR		Kaspersky, Prilex, PoS
116	28/09/2022	During August 2022	During August 2022	?	US and New Zealand job seekers	Researchers from Cisco Talos discover a new phishing campaign targets US and New Zealand job seekers with malicious documents installing Cobalt Strike beacons for remote access to victims' devices.	Malware	Individual	CC	US NZ		Cisco Talos, Cobalt Strike, Amadey, RedLine
117	28/09/2022	-	02/08/2022	?	focusIT	focusIT files an official notice of a data breach after the company learned that an unauthorized party gained access to sensitive consumer information in its possession.	Unknown	Administration and support service	CC	US		focusIT
118	28/09/2022	21/03/2022	Between 21/03/2022 and 27/03/2022	?	Johnson Memorial Hospital	Johnson Memorial Hospital announces that the personal and protected health information of some of its patients has been exposed as a result of a malware infection at the law firm, Reid and Riege.	Malware	Human health and social work	CC	US		Johnson Memorial Hospital, Reid and Riege.
119	28/09/2022	-	-	PT_Moisha	Aoyuan Healthy Life Group	The Aoyuan Healthy Life Group is allegedly hit by the PT_Moisha ransomware group.	Malware	Human health and social work	CC	CN		Aoyuan Healthy Life Group, PT_Moisha, Ransomware
120	28/09/2022	-	-	Kelvin Security	GenialMoney	Kelvin Security leaks 68 Gb of data with 23,000 files from GenialMoney.	Unknown	Finance and insurance	CC	IT		Kelvin Security, GenialMoney
121	28/09/2022	-	-	?	Individuals in India	India's Home Ministry asks state governments to crack down on illegal lending apps it says have led to "multiple suicides by citizens owing to harassment, blackmail, and harsh recovery methods."	Malware	Individual	CC	IN		India
122	29/09/2022	Earlier in 2022	Earlier in 2022	UNC3886 (Threat actor suspected to have ties with China)	VMware ESXi, Linux vCenter servers, and Windows virtual machines	Researchers from Mandiant discover that UNC3886, an actor suspected to have ties with China used malicious vSphere Installation Bundles (VIBs) to deliver the VirtualPita, VirtualPie, and VirtualGate malware.	Malware	Unknown	CE	N/A		Mandiant, China, vSphere Installation Bundles, VIB, VirtualPita, VirtualPie, VirtualGate, UNC3886
123	29/09/2022	Since mid-September 2022	During mid-September 2022	Royal	Multiple organizations	A ransomware operation named Royal is quickly ramping up, targeting corporations with ransom demands ranging from $250,000 to over $2 million.	Malware	Multiple Industries	CC	>1		Royal, ransomware
124	29/09/2022	In recent months	In recent months	Lazarus Group (AKA Zinc)	Multiple organizations	Researchers from Microsoft reveal that the North Korean-sponsored Lazarus threat group is trojanizing legitimate open-source software (such as PuTTY, KiTTY, TightVNC, Sumatra PDF Reader, and the muPDF/Subliminal Recording software installer. and using it to backdoor organizations in many industry sectors, such as technology, defense, and media entertainment using the BLINDINGCAN (aka ZetaNile) backdoor.	Targeted Attack	Multiple Industries	CE	>1		Microsoft, Lazarus, ZINC, PuTTY, KiTTY, TightVNC, Sumatra PDF Reader, muPDF/Subliminal Recording, BLINDINGCAN, ZetaNile
125	29/09/2022	Between February and September 2022,	Between February and September 2022,	Witchetty (AKA LookingFrog)	Two governments in the Middle East and a stock exchange in Africa	Researchers from Broadcom/Symantec discover a malicious campaign by the 'Witchetty' hacking group, which uses steganography to hide a backdoor malware in a Windows logo.	Targeted Attack	Public admin and defence, social security	CE	>1		Broadcom, Symantec, Witchetty, LookingFrog, Windows
126	29/09/2022	-	-	Chinese threat actors	Fewer than 10 organizations globally	Researchers at Vietnamese cybersecurity company GTSC reveal that threat actors from China are exploiting yet-to-be-disclosed Microsoft Exchange zero-day bugs allowing for remote code execution, to deploy the Chinese Chopper web shells. Few days later Microsoft confirms the two vulnerabilities CVE-2022-41040 and CVE-2022-41082.	CVE-2022-41040 and CVE-2022-41082 vulnerabilities	Unknown	CE	N/A		GTSC, China, Microsoft Exchange, Chinese Chopper, CVE-2022-41040, CVE-2022-41082
127	29/09/2022	Between 03/10/2020 and 29/03/2021	-	Three individuals in Germany	Banking users in Germany	The Germany's Bundeskriminalamt (BKA), the country's federal criminal police, carries out raids on the homes of three individuals suspected of orchestrating large-scale phishing campaigns that defrauded internet users of €4,000,000.	Account Takeover	Finance and insurance	CC	DE		Germany, Bundeskriminalamt, BKA
128	29/09/2022	-	-	LeakBase	Swachhata Platform (swachhata.city)	A threat actor claims to have breached the Swachhata Platform and stolen 16 million records.	Unknown	Public admin and defence, social security	CC	IN		Swachhata Platform, swachhata.city, Leakbase
129	29/09/2022	-	-	?	Multiple organizations	Researchers from eSentire discover a new campaign where Xtreme RAT and Cryptominer have been delivered through pirated copies of the Windows operating system software.	Malware	Multiple Industries	CC	>1		eSentire, Xtreme RAT, Cryptominer, Windows
130	29/09/2022	-	-	BlackCat AKA ALPHV	NJVC	The ALPHV/BlackCat ransomware gang claims to have breached the IT firm NJVC, which supports the federal government and the United States Department of Defense.	Malware	Public admin and defence, social security	CC	US		ALPHV, BlackCat, ransomware, NJVC
131	29/09/2022	During the past three months	During the past three months	SolarMarker	Multiple organizations	Researchers from eSentire discover s new campaign by the infamous SolarMarker threat actor group, leveraging fake Chrome browser updates as part of watering hole attacks to distribute an info-stealing malware with the same name.	Malware	Multiple Industries	CC	>1		eSentire, SolarMarker, Chrome, Watering Hole
132	29/09/2022	-	-	?	Prefetura de Mimoso do Sul	The Prefetura de Mimoso do Sul reports a cyber attack.	Unknown	Public admin and defence, social security	CC	BR		Prefetura de Mimoso do Sul
133	29/09/2022	-	-	Avos Locker	DLS Motors Paraguay	Avos Locker adds DLS Motors Paraguay to its leak site, and claims to have 50 GB of information.	Malware	Wholesale and retail	CC	PY		Avos Locker, DLS Motors Paraguay, ransomware
134	29/09/2022	-	-	VSOP	Ministry of Foreign Affairs of Guatemala	Threat actors calling themselves VSOP add the Ministry of Foreign Affairs of Guatemala to their leak site.	Unknown	Public admin and defence, social security	CC	GT		VSOP, Ministry of Foreign Affairs of Guatemala, ransomware
135	29/09/2022	-	21/09/2022	LockBit 3.0	Universidad Internacional Del Ecuador (UIDE)	Lockbit adds the Universidad Internacional Del Ecuador (UIDE) to its leaks site	Malware	Education	CC	EC		Universidad Internacional Del Ecuador, UIDE, Ransomware, LockBit 3.0
136	29/09/2022	-	-	Hive	Alia Servizi Ambientali	Alia Servizi Ambientali is hit with a Hive ransomware attack.	Malware	Water supply, waste mgmt, remediation	CC	IT		Alia Servizi Ambientali, Hive, Ransomware
137	30/09/2022	During the autumn of 2021	-	Lazarus Group	Aerospace company in the Netherlands, and a political journalist in Belgium	Researchers from ESET unveil a new campaign by the North Korean threat actor Lazarus, exploiting the CVE‑2021‑21551 vulnerability affecting the Dell DBUtil drivers.	Targeted Attack	Multiple Industries	CE	BE NL		ESET, North Korea, Lazarus, CVE‑2021‑21551, Dell, DBUtil
138	30/09/2022	-	-	Guacamaya	Multiple governments in South America including Mexico, Chile, El Salvador, Peru and Colombia	In name of Operation Repressive Forces, hacktivists from the Guacamaya group leak 10 terabytes including data from military and police agencies across several Latin American countries.	Unknown	Public admin and defence, social security	>1	CL CO MX PE SV		Guacamaya, Repressive Forces
139	30/09/2022	From at least 26/09/2022 until 29/09/2022	Since at least 29/09/2022	Threat actor linked to China	Undisclosed organization	Researchers from Crowdstrike reveal that the official installer for the Comm100 Live Chat application, was trojanized as part of a new supply-chain attack.	Targeted Attack	Unknown	CE	N/A		Crowdstrike, Comm100 Live Chat, China
140	30/09/2022	between May and July 2022	-	?	Shangri-La	The Shangri-La hotel group says a database containing the personal information of customers at eight of its Asian properties has been hacked.	Unknown	Accommodation and food service	CC	HK SG TH CN JP		Shangri-La
141	30/09/2022	Between 02/04/2021 and 13/07/2021	21/07/2021	?	Chemonics International	Chemonics International files an official notice of a data breach with the various state attorney general offices after the company was the victim of a sophisticated cyberattack that compromised several email accounts of its employees.	Account Takeover	Administration and support service	CC	US		Chemonics International
142	30/09/2022	Between 07/062022 and 12/07/2022	26/07/2022	?	Coeur Group	The Coeur Group notifies 2,020 patients that some of their protected health information has potentially been accessed by an unauthorized individual who gained access to an employee’s email account.	Account Takeover	Human health and social work	CC	US		Coeur Group
143	30/09/2022	Late May 2022	Late May 2022	?	Geisinger Health System	Geisinger Health System discloses a ransomware attack affecting its email vendor Kaye-Smith.	Malware	Human health and social work	CC	US		Geisinger Health System, ransomware, Kaye-Smith.
144	30/09/2022	Late May 2022	Late May 2022	?	Seattle Children’s Hospital	Seattle Children’s Hospital discloses a ransomware attack affecting its email vendor Kaye-Smith.	Malware	Human health and social work	CC	US		Seattle Children’s Hospital, ransomware, Kaye-Smith.
145	30/09/2022	-	03/08/2022	?	Riverside Medical Group	Riverside Medical Group reveals that hackers gained access to a legacy server at its clinic in West Orange and may have viewed or obtained files containing patient data.	Unknown	Human health and social work	CC	US		Riverside Medical Group
146	30/09/2022	Between 01/11/2021 and 04/11/2021	04/11/2021	?	City of Fulton	The city of Fulton reveals to have suffered a breach that compromised the personal data of 28,282 people.	Unknown	Public admin and defence, social security	CC	US		City of Fulton
ID	Date Reported	Date Occurred	Date Discovered	Author	Target	Description	Attack	Target Class	Attack Class	Country	Link	Tags

The “Breachometer” compares the current number of events/day with the max and min values recorded in the previous 12 months.

July 2023 Cyber Attacks Statistics
After the cyber attacks timelines, it’s time to publish the statistics of June 2023 where I have collected and analyzed 384 events, yet another record number driven...
The Biggest Data Breaches of 2023
Similarly to what I have done in 2022 and 2021, I am collecting the main mega breaches...
1-15 August 2023 Cyber Attacks Timeline
In the first timeline of August, I collected 169 events (corresponding to 11.27 events per day), a considerable decrease compared to the the second half of July...
Q2 2023 Cyber Attacks Statistics
I have aggregated the statistics created from the cyber attacks timelines published in the second quarter of 2023. In total I have collected 1040 events...
August 2016 Cyber Attacks Statistics
It's time to publish the statistics derived from the cyber attacks timelines of August (Part I and Part II), a month particularly active from an Information Security perspective, despite the Summer time. As always, let’s start from the Daily Trend Chart, which shows obviously an ...