Attacks Distribution January H2 2023

No Data Found

Attacks Techniques January H2 2023

No Data Found

The second cyber attacks timeline of January 2023 is out (first timeline here). In the second half of the month I collected 149 events (corresponding to 9.31 events/day), nearly a 10% increase compared to the previous timeline. This 2023 doesn’t look good from an infosec perspective.

After a few timelines stable around 30%, events characterized by ransomware drop to 22.8% (34 out of 149 events), on the other hand, 10 events were characterized by the exploitation of vulnerabilities (corresponding to 6.7%), an important decrease compared to the previous timeline where vulnerabilities were leveraged in 15 events.

However the most important aspect of this timeline is maybe the concerning frequency of attacks carried our via malvertising taking advantage of SEO poisoning: 7 events were characterized by this techinque, and even if this seems a small number, it’s an important novelty per se.

In the fintech space, FTX suffered another blow, with the claimed theft of $415M of cryptocurrency…

And the mega breaches continue to characterize the threat landscape: T-Mobile suffered another breach that led to the compromise of 37 million records due to an API vulnerability, JD Sports suffered the compromise of 10 million customer records, 2.6 million records were stolen from the language learning platorm DuoLingo, and finally a U.S. No Fly list with over 1.5 million records of banned flyers was shared publicly on a hacking forum, probably because of a cloud storage misconfiguration by CommuteAir.

In the Cyber Espionage space, Gamaredon was particularly active against targets in Ukraine, and Latvia, but it was not the only one. The timeline also reports campaigns carried out by APT29, APT15, and APT42.

And Ukraine was also hit by three attacks launched by the Sandworm group and carried out via destructive malware: SwiftSlicer, NikoWiper, and an additional sample against the Ukraine national news agency (Ukrinform). But Ukraine was not the only one… The SideWinder APT launched a cyber attack against the National Power Transmission Company of Pakistan (NTDC) leaving millions of people without power.

And last but not least, the hacktivist front was always hot, fueled by the campaigns of pro-Russian threat actors such as Killnet.

Even in this fortnight, the list is too long to be summarized in few words (this one in particular), so my suggestion is to enjoy the interactive timeline and the tabular format, and obviously thanks for sharing it, and supporting my work in spreading the risk awareness across the community. As always, don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.

Expand for details

Geo Map January H2 2023

No Data Found


No Data Found

The “Breachometer” compares the current number of events/day with the max and min values recorded in the previous 12 months.


No Data Found

  • 2022 Cyber Attacks Statistics

    And finally I have aggregated all the data collected in 2022 from the cyber attacks timelines. In the past year I have collected 3074 events...

  • Leaky Buckets in 2022

    Similarly to what I have done in 2021, I am now collecting the incidents due to cloud misconfigurations and leading to the exposure of data.

  • The Biggest Data Breaches of 2021

    With this new project I am going to track the biggest data breaches of 2021 extracted from my cyber attack timelines.

  • Image by Gerd Altmann from Pixabay16-28 February 2023 Cyber Attacks Timeline

    The second cyber attacks timeline of February 2023 is out and with 10.62 events/day confirms...

  • 2020 Cyber Attacks Statistics

    As promised, I have pulled together some statistics from the data collected in 2020. The master table is available at the end of the post after the charts.


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.