In the first timeline of December, I have collected 147 events (corresponding to 9.8 events/day), a result slightly higher, but substantially in line with the previous timeline, which confirms the sustained level of activity that is characterizing this end of 2022.

Ransomware continues to characterize the threat landscape, but its percentage slides back under 30% (25.8% vs. 32.6% of the second timeline of November, corresponding to 38 out of 147 events). Quite the opposite of the exploitation of vulnerabilities that characterized 10.2% of events (corresponding to 15 out of 147 events), nearly the double of the second timeline of November.

Image by wastedgeneration from Pixabay

1-15 December 2023 Cyber Attacks Timeline

In early December 2023, event recordings decreased significantly to 135, with ransomware dominating 35.5% of incidents. The period saw a notable data breach at ESO Solutions, affecting 2.7 million patients, and a $2.7 million crypto theft at OKX. Geopolitical tensions spurred active cyber espionage, with APT28 exploiting critical vulnerabilities. The author encourages timeline review and community risk awareness support.

Continue Reading

Another Decentralized Finance platform has joined the list of the ones suffering massive hacks: this time it was the turn of Ankr, which suffered a loss of $5M worth.

What is reallty crowded this month, is the cyber espionage front, with an (un)usual number of campaigns by well-known threat actors from the likes of China, Iran, and North Korea, such as: APT37, APT42 (AKA Charming Kitten), Cloud Atlas, Cobalt Mirage, Evilnum, MuddyWater and Mustang Panda. And of course even Ukraine was hit by a campaign by a threat actor named UNC4166, and by multiple wipers launched by the Belorussian threat actor Sandworm (but in this case we are crossing the boundaries of cyber warfare). By the way even Russian mayor’s offices and courts were hit by a wiper dubbed CryWiper. Of course the situation in Ukraine also affected the hacktivism, with several DDoS against targets in Italy launched by the Pro-Russian NoName057(16) group (but a DDoS attack launched by the IT Army of Ukraine hit the Russian VTB Bank.)

Even in this fortnight, the list is too long to be summarized in few words (this one in particular), so my suggestion is to enjoy the interactive timeline and the tabular format, and obviously thanks for sharing it, and supporting my work in spreading the risk awareness across the community. As always, don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.

Expand for details

Geo Map December H1 2022

The “Breachometer” compares the current number of events/day with the max and min values recorded in the previous 12 months.

  • 2020 Cyber Attacks Statistics

    As promised, I have pulled together some statistics from the data collected in 2020. The master table is available at the end of the post after the charts.

  • 2021 Cyber Attacks Statistics

    And finally I have aggregated all the data collected in 2021 from the cyber attacks timelines. In the past year I have collected 2539 events, meaning...

  • November 2023 MotivationsNovember 2023 Cyber Attacks Statistics

    November 2023 saw a rise to 39 events, with Cyber Crime remaining dominant at 78.7%. Cyber Espionage increased to 9.7%, while Hacktivism fell to 5.4%. Malware was the leading attack technique at 42.1%, and Multiple Organizations were the most targeted at 17.7%.

  • Leaky Buckets: a List of Cloud Misconfigurations

    Cloud services are playing a crucial role to guarantee business continuity during this complicated period...

  • Leaky Buckets in 2023

    Similarly to what I have done in 2022 and 2021, I am collecting the incidents due to cloud misconfigurations and leading to...


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.