Attack Distribution February H1 2023

No Data Found

Attack Techniques February H1 2023

No Data Found

The first cyber attacks timeline of February 2023 is out setting a new maximum. In the first half of the month I collected 182 events (12.13 events/day.) This is the new maximum for the last 12 months and corresponds to nearly a 20% increase compared to the previous timeline.

Ransomware-driven events were up to 25.8% (47 out of 182 events), up from 22.8%, whilst 14 events were characterized by the exploitation of vulnerabilities (corresponding to 7.7%),  thanks primarily to the massive exploitation of CVE-2021-21974 targeting VMware ESXi servers.

Malvertising events taking advantage of SEO poisoning continued to play an important role with 5 events characterized by this technique.

Image by noCap XL from Pixabay

16-30 September 2023 Cyber Attacks Timeline

The second cyber attack timeline of September 2023 showed a decrease in events and a continuation of malware attacks. Massive hacks targeted fintech organizations like Mixin Network, and some breaches affected millions of individuals. The timeline also includes activities by various known and new threat actors.

Continue Reading

In the fintech space, Webaverse suffered the theft of $4 million worth of assets, while crypto investors continued to be the targets of multiple campaigns.

And the mega breaches continued to characterize the threat landscape: AT&T, Verizon, and USCellular suffered the leak of customer records, threat actors stole a database with 20 million records from PeopleConnect, the Heritage Provider Network suffered a ransomware attack exposing the data of 3.3 million patients, and finally Weee! suffered a breach exposing the information of 1.1 million customers.

The Cyber Espionage space was quite crowded as usual, with Ukraine being the center of multiple campaigns by Russian threat actors such as: UAC-0050, UAC-0114 and UAC-0056 (AKA Nodaria). Other threat actors particularly active include Seaborgium (AKA Cold River and Calisto), APT29, APT34 (AKA OilRig), APT37, the Lazarus Group and Mustang Panda.

But state-sponsored threat actors continued to back their countries with multiple campaigns in the cyber space with inevitable connections with the Ukrainian situation, such as a campaign targeting Ukrainian refugees abroad, and also fake bomb alerts aimed to destabilize Moldova. Other unearthed operations included an attack launched by the Chernovite group against a dozen of U.S. electric and gas facilities, and Spamouflage, a campaign where Chinese state-aligned actors used AI-generated broadcasters to distribute content that promotes the interests of the Chinese Communist Party.

And last but not least, and once again unsurprisingly, the hacktivist front was always hot, fueled by the campaigns of pro-Russian threat actors such as Killnet.

In this fortnight in particular, the list is really too long to be summarized in few words (this one in particular), so my suggestion is to enjoy the interactive timeline and the tabular format, and obviously thanks for sharing it, and supporting my work in spreading the risk awareness across the community. As always, don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.

Geo Map February H1 2023

No Data Found


No Data Found

The “Breachometer” compares the current number of events/day with the max and min values recorded in the previous 12 months.


No Data Found

  • Photo by Towfiqu barbhuiya on UnsplashThe Biggest Data Breaches of 2023

    Similarly to what I have done in 2022 and 2021, I am collecting the main mega breaches...

  • TCP Split Handshake Attack Explained

    Update May 12: TCP Split Handshake: Why Cisco ASA is not susceptible Update May 11: The Never Ending Story Update April 21: Other Considerations on TCP Split Handshake Few days ago, independent security research and testing NSS Labs, issued a comparative report among six network security ...

  • Q1 2023 Cyber Attacks Statistics

    I have aggregated the statistics created from the cyber attacks timelines published in the first three months of 2023. In total...

  • September 2023 Cyber Attacks Statistics

    In September 2023, cyber crime continued to lead with 77.1% of total events, but showed a decrease. Cyber Espionage grew to 11.6%, while Hacktivism significantly dropped. Malware remains the leading attack technique and multiple organizations are the top targets.

  • 2020 Cyber Attacks Statistics

    As promised, I have pulled together some statistics from the data collected in 2020. The master table is available at the end of the post after the charts.


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.