In the second timeline of November, I have collected 141 events (corresponding to 9.4 events per day), a value slightly higher than the previous timeline but in line with the last months. The level of activity continues to be quite sustained, and as a consequence the breachometer turns to the red.

The impact of Ransomware is back at the highs of 2022, exceeding 30% (32.6% corresponding to 41 out of 141 events), while the 5.7% (8 out of 141 events) have been characterized by the exploitation of vulnerabilities.

At least during the second fortnight of November no massive hacks against Decentralized Finance platforms were reported, despite crypto investors continue to be targets of multiple campaign, predominantly phishing, but also a deepfake of Sam Bankman-Fried, the former CEO of the bankrupted platform FTX.

But if the massive hacks against crypto platforms had an apparent break, the same can’t be said for mega breaches. in this timeline, two events are related to two apparent massive breaches targeting Twitter and WhatsApp users.

In comparison to the previous timelines, only 5% of events (7 out of 141) were characterized by cyber espionage. The main characters of the cyber espionage front include old acquaintances such as Mustang Panda and the cyber mercenaries from Bahamut, but also new threat actors such as UNC4191. Additionally the exploitation of commercial spyware continues with the discovery of a new operation tied to a Spanish vendor named Variston.

Instead, apparently, the impact of cyber campaigns related to Ukraine continues to fade, and except a new operation by the Sandworm threat actor carried out via the RansomBoggs ransomware, the only visible events are those related to the DDoS attacks carried out by the Pro-Russian Killnet collective.

As usual the list is too long to be summarized in few words, so my usual suggestion is to enjoy the interactive timeline and the table with a praise to share them and spread the awareness.

Thanks for supporting my work and don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.

Expand for details

Geo Map November H2 2022

The “Breachometer” compares the current number of events/day with the max and min values recorded in the previous 12 months.

  • 2019 Cyber Attacks Statistics

    As I promised few days ago, I have aggregated and analyzed the events collected in the cyber attacks timelines for the whole 2019, producing some (hopefully) interesting stats. At the end the total sample is composed of 1802 events, which is a sharp increase in ...

  • 2020 Cyber Attacks Statistics

    As promised, I have pulled together some statistics from the data collected in 2020. The master table is available at the end of the post after the charts.

  • Cyber Security16-30 April 2023 Cyber Attacks Timeline

    In the second half of April 2023 I collected 180 events (corresponding to 12 events/day), a sharp increase compared to...

  • 2022 Cyber Attacks Statistics

    And finally I have aggregated all the data collected in 2022 from the cyber attacks timelines. In the past year I have collected 3074 events...

  • March 2023 Cyber Attacks Statistics

    After the cyber attacks timelines (part I and part II), it’s time to publish the statistics of March 2023 where I have collected and analyzed 334 events, which...


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.