EVENTS
0
EVENTS/DAY
0
EVENTS
0
EVENTS/DAY

Attacks Distribution January H2 2023

No Data Found

Attacks Techniques January H2 2023

No Data Found

The second cyber attacks timeline of January 2023 is out (first timeline here). In the second half of the month I collected 149 events (corresponding to 9.31 events/day), nearly a 10% increase compared to the previous timeline. This 2023 doesn’t look good from an infosec perspective.

After a few timelines stable around 30%, events characterized by ransomware drop to 22.8% (34 out of 149 events), on the other hand, 10 events were characterized by the exploitation of vulnerabilities (corresponding to 6.7%), an important decrease compared to the previous timeline where vulnerabilities were leveraged in 15 events.

However the most important aspect of this timeline is maybe the concerning frequency of attacks carried our via malvertising taking advantage of SEO poisoning: 7 events were characterized by this techinque, and even if this seems a small number, it’s an important novelty per se.

In the fintech space, FTX suffered another blow, with the claimed theft of $415M of cryptocurrency…

And the mega breaches continue to characterize the threat landscape: T-Mobile suffered another breach that led to the compromise of 37 million records due to an API vulnerability, JD Sports suffered the compromise of 10 million customer records, 2.6 million records were stolen from the language learning platorm DuoLingo, and finally a U.S. No Fly list with over 1.5 million records of banned flyers was shared publicly on a hacking forum, probably because of a cloud storage misconfiguration by CommuteAir.

In the Cyber Espionage space, Gamaredon was particularly active against targets in Ukraine, and Latvia, but it was not the only one. The timeline also reports campaigns carried out by APT29, APT15, and APT42.

And Ukraine was also hit by three attacks launched by the Sandworm group and carried out via destructive malware: SwiftSlicer, NikoWiper, and an additional sample against the Ukraine national news agency (Ukrinform). But Ukraine was not the only one… The SideWinder APT launched a cyber attack against the National Power Transmission Company of Pakistan (NTDC) leaving millions of people without power.

And last but not least, the hacktivist front was always hot, fueled by the campaigns of pro-Russian threat actors such as Killnet.

Even in this fortnight, the list is too long to be summarized in few words (this one in particular), so my suggestion is to enjoy the interactive timeline and the tabular format, and obviously thanks for sharing it, and supporting my work in spreading the risk awareness across the community. As always, don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.

Expand for details

Geo Map January H2 2023

No Data Found

SUPPORT MY WORK!
BREACHOMETER

No Data Found

The “Breachometer” compares the current number of events/day with the max and min values recorded in the previous 12 months.

12 MONTHS TREND

No Data Found

POPULAR POSTS
  • January 2016 Cyber Attacks Statistics

    It's time to publish the statistics derived from the Cyber Attacks Timelines of January 2016 (Part I and Part II). As usual let's start from the Country Distribution Chart, which is led by the United States for the categories of Cyber Crime and Hacktivism. United ...

  • January 2022 Cyber Attacks Statistics

    After the cyber attacks timelines of January 2022, I can finally publish the corresponding statistics. In the two timelines...

  • February 2017 Cyber Attacks Statistics

    It's time to publish and comment the cyber attacks statistics for February, derived from the corresponding cyber attacks timelines (Part I and Part II). The level of activity has been stronger in the first half of the month, according to Daily Trend of Attacks chart ...

  • 2022 Cyber Attacks Statistics

    And finally I have aggregated all the data collected in 2022 from the cyber attacks timelines. In the past year I have collected 3074 events...

  • TCP Split Handshake Attack Explained

    Update May 12: TCP Split Handshake: Why Cisco ASA is not susceptible Update May 11: The Never Ending Story Update April 21: Other Considerations on TCP Split Handshake Few days ago, independent security research and testing NSS Labs, issued a comparative report among six network security ...

FOLLOW ME ON TWITTER

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.