Attacks Distribution January H2 2023

No Data Found

Attacks Techniques January H2 2023

No Data Found

The second cyber attacks timeline of January 2023 is out (first timeline here). In the second half of the month I collected 149 events (corresponding to 9.31 events/day), nearly a 10% increase compared to the previous timeline. This 2023 doesn’t look good from an infosec perspective.

After a few timelines stable around 30%, events characterized by ransomware drop to 22.8% (34 out of 149 events), on the other hand, 10 events were characterized by the exploitation of vulnerabilities (corresponding to 6.7%), an important decrease compared to the previous timeline where vulnerabilities were leveraged in 15 events.

However the most important aspect of this timeline is maybe the concerning frequency of attacks carried our via malvertising taking advantage of SEO poisoning: 7 events were characterized by this techinque, and even if this seems a small number, it’s an important novelty per se.

In the fintech space, FTX suffered another blow, with the claimed theft of $415M of cryptocurrency…

And the mega breaches continue to characterize the threat landscape: T-Mobile suffered another breach that led to the compromise of 37 million records due to an API vulnerability, JD Sports suffered the compromise of 10 million customer records, 2.6 million records were stolen from the language learning platorm DuoLingo, and finally a U.S. No Fly list with over 1.5 million records of banned flyers was shared publicly on a hacking forum, probably because of a cloud storage misconfiguration by CommuteAir.

In the Cyber Espionage space, Gamaredon was particularly active against targets in Ukraine, and Latvia, but it was not the only one. The timeline also reports campaigns carried out by APT29, APT15, and APT42.

And Ukraine was also hit by three attacks launched by the Sandworm group and carried out via destructive malware: SwiftSlicer, NikoWiper, and an additional sample against the Ukraine national news agency (Ukrinform). But Ukraine was not the only one… The SideWinder APT launched a cyber attack against the National Power Transmission Company of Pakistan (NTDC) leaving millions of people without power.

And last but not least, the hacktivist front was always hot, fueled by the campaigns of pro-Russian threat actors such as Killnet.

Even in this fortnight, the list is too long to be summarized in few words (this one in particular), so my suggestion is to enjoy the interactive timeline and the tabular format, and obviously thanks for sharing it, and supporting my work in spreading the risk awareness across the community. As always, don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.

Expand for details

Geo Map January H2 2023

No Data Found


No Data Found

The “Breachometer” compares the current number of events/day with the max and min values recorded in the previous 12 months.


No Data Found

  • 2020 Cyber Attacks Statistics

    As promised, I have pulled together some statistics from the data collected in 2020. The master table is available at the end of the post after the charts.

  • Image by Cliff Hang from Pixabay1-15 August 2023 Cyber Attacks Timeline

    In the first timeline of August, I collected 169 events (corresponding to 11.27 events per day), a considerable decrease compared to the the second half of July...

  • Photo by Towfiqu barbhuiya on UnsplashThe Biggest Data Breaches of 2023

    Similarly to what I have done in 2022 and 2021, I am collecting the main mega breaches...

  • Q2 2023 Cyber Attacks Statistics

    I have aggregated the statistics created from the cyber attacks timelines published in the second quarter of 2023. In total I have collected 1040 events...

  • 2022 Cyber Attacks Statistics

    And finally I have aggregated all the data collected in 2022 from the cyber attacks timelines. In the past year I have collected 3074 events...


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.