In the second timeline of November, I have collected 141 events (corresponding to 9.4 events per day), a value slightly higher than the previous timeline but in line with the last months. The level of activity continues to be quite sustained, and as a consequence the breachometer turns to the red.

The impact of Ransomware is back at the highs of 2022, exceeding 30% (32.6% corresponding to 41 out of 141 events), while the 5.7% (8 out of 141 events) have been characterized by the exploitation of vulnerabilities.

Free computer code screen image

16-31 March 2024 Cyber Attacks Timeline

In the second timeline of March 2024 I collected 104 events dominated by malware, exploitation of vulnerabilities and ransomware. The threat landscape was also characterized by several mega breaches, multiple cyber espionage operations and also some remarkable events related to cyber warfare.

Continue Reading

At least during the second fortnight of November no massive hacks against Decentralized Finance platforms were reported, despite crypto investors continue to be targets of multiple campaign, predominantly phishing, but also a deepfake of Sam Bankman-Fried, the former CEO of the bankrupted platform FTX.

But if the massive hacks against crypto platforms had an apparent break, the same can’t be said for mega breaches. in this timeline, two events are related to two apparent massive breaches targeting Twitter and WhatsApp users.

In comparison to the previous timelines, only 5% of events (7 out of 141) were characterized by cyber espionage. The main characters of the cyber espionage front include old acquaintances such as Mustang Panda and the cyber mercenaries from Bahamut, but also new threat actors such as UNC4191. Additionally the exploitation of commercial spyware continues with the discovery of a new operation tied to a Spanish vendor named Variston.

Instead, apparently, the impact of cyber campaigns related to Ukraine continues to fade, and except a new operation by the Sandworm threat actor carried out via the RansomBoggs ransomware, the only visible events are those related to the DDoS attacks carried out by the Pro-Russian Killnet collective.

As usual the list is too long to be summarized in few words, so my usual suggestion is to enjoy the interactive timeline and the table with a praise to share them and spread the awareness.

Thanks for supporting my work and don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.

Expand for details

Geo Map November H2 2022

The “Breachometer” compares the current number of events/day with the max and min values recorded in the previous 12 months.

  • March 2024 MotivationsMarch 2024 Cyber Attacks Statistics

    In March 2024 I collected and analyzed 203 events dominated by malware attacks. Cyber Crime continued to lead the Motivations chart with 72.9%, ahead of Cyber Espionage with 13.3%, Cyber Warfare (5.9%) and Hacktivism (2.5%).

  • Featured Image Q1 2024Q1 2024 Cyber Attacks Statistics

    I aggregated the statistics created from the cyber attacks timelines published in the first quarter of 2024. In this period, I collected a total of 833 events (9.15 events/day) dominated by Cyber Crime with 75.2%...

  • 2023 Stats Featrured Image2024 Cyber Attacks Statistics

    In 2023, there was a 35% increase in cyber attacks to 4,128 events, with the MOVEit CVE-2023-34362 vulnerability being heavily exploited. Cybercrime dominated as the main motivation at 79%, while malware led attack techniques with 35.9%. Healthcare remained a top target for ransomware. The data ...

  • Image by Pete Linforth from Pixabay1-15 May 2023 Cyber Attacks Timeline

    In the first half of May 2023 I collected 173 events (corresponding to 11.53 events/day), a value that confirms the sustained trend characterizing this year from an information security perspective.

  • The Biggest Data Breaches of 2021

    With this new project I am going to track the biggest data breaches of 2021 extracted from my cyber attack timelines.


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.