16-28 February 2023 Cyber Attacks Timeline

Last modified: March 14, 2023

EVENTS

EVENTS/DAY

EVENTS

EVENTS/DAY

Attack Distribution February H2 2023

Attack Techniques February H2 2023

Follow me on Twitter

Connect on Linkedin

Connect on Mastodon

The second cyber attacks timeline of February 2023 is out (first timeline here) and with 10.62 events/day confirms the sustained level of activity that is characterizing this first part of 2023.

Ransomware-driven events are stable at 24.6% (34 out of 138 events), whilst 11 events were characterized by the exploitation of vulnerabilities (corresponding to 8% vs 7.7% of the previous timeline), with the massive exploitation of CVE-2021-21974 targeting VMware ESXi servers continuing also in this fortnight.

16-28 February 2023 Cyber Attacks Timeline

The second cyber attacks timeline of February 2023 is out and with 10.62 events/day confirms…

In the fintech sector, Platypus and Hope Finance suffered two massive hacks netting a total of more $10M worth to the attackers. Hatch Bank was also hit thanks to the exploitation of the Fortra’s GoAnywhere CVE-2023-0669 zero-day, and the users of Coinbase and Trezor were hit by phishing campaigns.

RailYatri is the mega breach of this month, leading to the compromise of 31 million users.

Ukraine is still targeted by state-sponsored threat actor. In this fortnight a campaign by a threat actor named UAC-0056 was unearthed, using a backdoor implanted on multiple government websites since two years. Meanwhile, in a different side of the planet (Asia), two threat groups were discovered targeting the material research sector (Clasiopa) and COVID-19 research (Hydrochasma). But obviously these are not the only ones discovered in this period.

And last but not least, and once again unsurprisingly, the pro-russian hacktivists were quite active with multiple DDoS campaigns against the websites of several German airports and some hospitals in Denmark (Killnet and their affiliates of Anonymous Sudan), and multiple Italian websites (NoName057(16)). And the pro-Ukraine hacktivists fought back with DDoS attacks against All-Russia State Television and Radio Broadcasting Company (VGTRK), multiple Russian websites, and also several Radio stations across Russia, broadcasting fake air raid warnings.

But we are now used to the fact that the list is too long to be summarized in few words, so my suggestion is to enjoy the interactive timeline and the tabular format, and obviously thanks for sharing it, and supporting my work in spreading the risk awareness across the community. As always, don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.

Geo Map February H1 2023

ID	Date Reported	Date Occurred	Date Discovered	Author	Target	Description	Attack	Target Class	Attack Class	Country	Link	Tags
1	16/02/2023	16/02/2023	16/02/2023	Killnet	Websites of several German airports including: Hannover, Dortmund, Nuremberg, Karlsruhe/Baden-Baden, Dusseldorf, Erfurt-Weimar	The websites of several German airports are hit by a DDoS attack launched by the Killnet pro-Russian group.	DDoS	Transportation and storage	Hacktivism	DE		Killnet
2	16/02/2023	Since at least 08/02/2023	08/02/2023	RansomExx2	Vulnerable ESXi servers	Researchers from Rapid7 reveal that the RansomExx2 ransomware gang is also targeting the VMware CVE-2021-21974 vulnerability.	CVE-2021-21974 Vulnerability	Multiple Industries	Cyber Crime	>1		Rapid7, VMware, CVE-2021-21974
3	16/02/2023	-	-	WIP26	Telecommunication providers in the Middle East	Researchers at Sentinel One discover a new threat cluster tracked as WIP26 targeting telecommunication providers in the Middle East.	Targeted Attack	Information and Communication	Cyber Crime	>1		Sentinel One, WIP26
4	16/02/2023	Since January 2022	During January 2022	Earth Yako	Researchers in the academic sector and think tanks	Researchers at Trend Micro discover a new campaign of the Earth Yako group targeting researchers in the academic sector and think tanks in Japan.	Targeted Attack	Education	Cyber Espionage	JP		Trend Micro, Earth Yako
5	16/02/2023	-	-	?	Multiple organizations in Taiwan	Researchers from Broadcom/Symantec discover an unknown threat actor deploying a new malware named 'Frebniis' on Microsoft's Internet Information Services (IIS) that stealthily executes commands sent via web requests.	Malware	Multiple Industries	N/A	TW		Broadcom, Symantec, Frebniss, Microsoft, Internet Information Services, IIS
6	16/02/2023	-	15/02/2023	SiegedSec	Atlassian	A hacking crew called SiegedSec posts data on what appears to be thousands of employees and floor plans for two of the company's offices. The company admits that the hack was carried out using accounts stolen from Envoy, a third-party.	Account Takeover	Professional, scientific and technical	Cyber Crime	AU		SiegedSec, Atlassian, Envoy
7	16/02/2023	Since at least January 2021	-	Midnight Hedgehog	Multiple organizations	Researchers from Abnormal Security discover Midnight Hedgehog, a group leveraging Google Translate for Business Email Compromise attacks.	Business Email Compromise	Multiple Industries	Cyber Crime	DE DK EE ES IT FR HU NL NO PL SE		Abnormal Security, Midnight Hedgehog, Google Translate
8	16/02/2023	Since at least February 2021	-	Mandarin Capybara	Multiple organizations	Researchers from Abnormal Security discover Mandarin Capybara, a group leveraging Google Translate for Business Email Compromise attacks.	Business Email Compromise	Multiple Industries	Cyber Crime	AU CA FR DE ES IT PL PT SE NL US		Abnormal Security, Mandarin Capybara, Google Translate
9	16/02/2023	Since November 2022	During November 2022	?	Organizations in Armenia	Researchers from Check Point discover Operation Silent Watch, a malicious campaign against entities in Armenia with a new version of a backdoor tracked as OxtaRAT, an AutoIt-based tool for remote access and desktop surveillance.	Targeted Attack	Multiple Industries	Cyber Espionage	AM		Check Point, Operation Silent Watch, OxtaRAT
10	16/02/2023	End of November 2022	End of November 2022	?	Individuals	Researchers from Avanan discover a campaign leveraging the online payments system PayPal to send malicious invoices directly to users through the platform.	Account Takeover	Individual	Cyber Crime	>1		Avanan, PayPal
11	16/02/2023	-	08/02/2023	?	Succession Wealth	British independent advice firm Succession Wealth confirmed a cyberattack	Unknown	Finance and insurance	Cyber Crime	UK		Succession Wealth
12	16/02/2023	-	-	?	Hogwarts Legacy players	Researchers from Malwarebytes discover a campaign distributing fake Hogwarts Legacy cracks dropping adware.	Malware	Arts entertainment, recreation	Cyber Crime	>1		Malwarebytes, Hogwarts Legacy
13	16/02/2023	'Recently'	'Recently'	?	Romanian telecom customers	Researchers from Heimdal discover a massive smishing campaign, targeting Romanian telecom customers.	Account Takeover	Information and communication	Cyber Crime	RO		Heimdal, Romania
14	16/02/2023	Since at least May 2022	Between August 2022 and January 2023	?	Chinese-speaking individuals in Southeast and East Asia	Researchers from ESET discover a campaign targeting Chinese-speaking individuals in Southeast and East Asia via rogue Google Ads that deliver remote access trojans such as FatalRAT to compromised machines.	Malware	Individual	Cyber Crime	CN HK ID JP MY MM PH SG TH TW		ESET, Google Ads, FatalRAT
15	16/02/2023	16/02/2023	16/02/2023	?	Platypus	Decentralized finance protocol Platypus, suffers a fresh loan attack causing $8.5 million drained from the protocol. The suspect is identified shortly after.	Fresh loan	Fintech	Cyber Crime	N/A		Platypus
16	16/02/2023	Since November 2022	Since November 2022	CatB	Multiple organizations	Researchers from Fortinet reveal the details of a new ransomware variant named CatB	Malware	Multiple Industries	Cyber Crime	>1		Fortinet, ransomware, CatB
17	16/02/2023	-	-	?	Over 50 WordPress sites worldwide	Researchers from Malwarebytes discover a malicious campaign targeting WordPress blogs with a fraudulent ad plugin called fuser-master.	Malicious WordPress plugin	Multiple Industries	Cyber Crime	>1		WordPress, fuel-master, Malwarebytes
18	16/02/2023	-	-	SideCopy	Indian government entities	Researchers from ThreatMon discover a spear-phishing campaign carried out by a Pakistani threat actor named SideCopy targeting Indian government entities to deploy an updated version of a backdoor called ReverseRAT.	Targeted Attack	Public admin and defence, social security	Cyber Espionage	IN		ThreatMon, SideCopy, Pakistan, ReverseRAT.
19	16/02/2023	12/02/2023	12/02/2023	?	Sweetwater Union High School District	Sweetwater Union High School District is hit with 'undefined' outage.	Unknown	Education	Cyber Crime	US		Sweetwater Union High School District
20	16/02/2023	During January 2023	During January 2023	?	CIty of Hilliard	The City of Hilliard loses $219,000 to an attacker pretending to be an existing vendor and persuading the finance to change bank-routing information for the vendor.	Business Email Compromise	Public admin and defence, social security	Cyber Crime	US		CIty of Hilliard
21	16/02/2023	-	-	LockBit 3.0	Trudi	The LockBit ransomware gang claims to have hit Trudi, an italian manufacturer of soft toys.	Malware	Manufacturing	Cyber Crime	IT		Trudi, LockBit 3.0, ransomware
22	17/02/2023	17/02/2023	17/02/2023	?	U.S. Federal Bureau of Investigation (FBI)	The U.S. Federal Bureau of Investigation (FBI) is reportedly investigating malicious cyber activity on the agency’s network involving an FBI New York Field Office computer system used to investigate child sexual exploitation.	Unknown	Public admin and defence, social security	Cyber Crime	US		U.S. Federal Bureau of Investigation, FBI
23	17/02/2023	Since at least March 2020	-	?	GoDaddy	Web hosting giant GoDaddy says it suffered a breach where unknown attackers have stolen source code and installed malware on its servers after breaching its cPanel shared hosting environment in a multi-year attack.	Malware	Information and communication	Cyber Crime	US		GoDaddy
24	17/02/2023	Since at least December 2021	-	8 individuals from France and Israel)	Multiple organizations in France	Europol dismantles a Franco-Israeli ‘CEO fraud’ group that employed business email compromise (BEC) attacks to divert payments from organizations to bank accounts under the threat actor's control.	Business Email Compromise	Multiple Industries	Cyber Crime	FR		Europol
25	17/02/2023	Since at least the end of 2022	During the end of 2022	Earth Kitsune	Individuals showing an interest in North Korea	Researchers from Trend Micro discover a new backdoor called WhiskerSpy used in a campaign from the advanced threat actor tracked as Earth Kitsune, targeting individuals showing an interest in North Korea.	Targeted Attack	Individual	Cyber Espionage	BR CN JP		Trend Micro, WhiskerSpy, Earth Kitsune, North Korea
26	17/02/2023	-	05/02/2023	?	Coinbase	Coinbase cryptocurrency exchange platform has disclosed that an unknown threat actor stole the login credentials of one of its employees in an attempt to gain remote access to the company's systems.	Account Takeover	Fintech	Cyber Crime	US		Coinbase
27	17/02/2023	-	-	?	Dole Food Company	Dole Food Company, one of the world’s largest producers and distributors of fresh fruit and vegetables, announces that it is dealing with a ransomware attack that impacted its operations.	Malware	Accommodation and food service	Cyber Crime	IE		Dole Food Company, ransomware
28	17/02/2023	'Recently'	17/02/2023	Seize	TELUS	Canada's second-largest telecom, TELUS investigates a potential data breach after a threat actor shares samples online of what appears to be employee data. The threat actor subsequently posts screenshots that apparently show private source code repositories and payroll records held by the company.	Unknown	Information and communication	Cyber Crime	CA		Seize, TELUS
29	17/02/2023	Between 13/02/2023 and 15/02/2023	Between 13/02/2023 and 15/02/2023	?	Disney+ accounts of French customers	Researchers at Bitdefender uncover a phishing campaign targeting Disney+ accounts of French customers.	Account Takeover	Arts entertainment, recreation	Cyber Crime	FR		Bitdefender, Disney+
30	17/02/2023	-	-	?	Individuals in Europe, North America, Asia and Australia	Researchers from BitDefender discover an email scam trying to profit off the Turkey-Syria earthquake.	Scam	Individual	Cyber Crime	>1		Turkey-Syria earthquake, Bitdefender
31	17/02/2023	-	05/11/2022	?	Cleveland Brothers Holdings (CBH)	Cleveland Brothers Holdings (CBH) files a notice of data breach after learning that “unusual activity” on the company’s network resulted in an unauthorized party gaining access to confidential consumer information.	Unknown	Wholesale and retail	Cyber Crime	US		Cleveland Brothers Holdings, CBH
32	17/02/2023	Between 13/05/2022 and 16/05/2022	13/05/2022	?	Rockler Companies	Rockler Companies files a notice of data breach following a data security incident resulting in the personal information of 8,604 consumers being leaked.	Unknown	Manufacturing	Cyber Crime	US		Rockler Companies
33	17/02/2023	Between 19/12/2022 and 21/12/2022	21/12/2022	?	Hutchinson Clinic	Hutchinson Clinic posts notice of a data breach about an incident resulting in an unauthorized party gaining access to consumers’ names, contact information, dates of birth, Social Security numbers, driver’s license numbers, health insurance information, medical record numbers, medical history, diagnoses, and treatment information, and physician names.	Unknown	Human health and social work	Cyber Crime	US		Hutchinson Clinic
34	17/02/2023	During August 2022	During August 2022	?	Tom James Company	Tom James Company files notice of a data breach after experiencing a ransomware attack that compromised the security of information stored on the company’s computer network.	Malware	Manufacturing	Cyber Crime	US		Tom James Company, ransomware
35	17/02/2023	-	-	?	O’Neal Industries	O’Neal Industries files notice of a data breach after learning that confidential consumer information stored on the company’s computer network was accessible to an unauthorized party.	Unknown	Manufacturing	Cyber Crime	US		O’Neal Industries
36	17/02/2023	27/08/2022	-	?	Paul Smith’s College	Paul Smith’s College files notice of a data breach after learning that an unauthorized party gained access to its computer systems where they were able to access confidential information belonging to certain students and employees.	Unknown	Education	Cyber Crime	US		Paul Smith’s College
37	17/02/2023	During February 2023	During February 2023	LockBit 3.0	Grupo Albanesi	Grupo Albanesi, a private company dedicated to the distribution of energy in Argentina, is added to LockBit3.0’s ransomware leak site.	Malware	Electricity, gas steam, air conditioning	Cyber Crime	AR		Grupo Albanesi, LockBit3.0, ransomware
38	18/02/2023	-	-	LockBit 3.0	Aguas do Porto	The LockBit ransomware gang claims to have hacked Aguas do Porto, a Portuguese municipal water utility company, and is threatening to leak the stolen data.	Malware	Water supply, waste mgmt, remediation	Cyber Crime	PT		LockBit, Aguas do Porto
39	20/02/2023	Since at least January 2023	During January 2023	?	Multiple organizations	Researchers from Sekoia discover a new information stealer called Stealc with stealing capabilities and similarities with malware of the same kind like Vidar, Raccoon, Mars, and Redline.	Malware	Multiple Industries	Cyber Crime	>1		Sekoia, Stealc, Vidar, Raccoon, Mars, Redline
40	20/02/2023	Since November 2022	During November 2022	HardBit 2.0	Multiple organizations	Researchers at Varonis reveal the details of a new version of the HardBit ransomware.	Malware	Multiple Industries	Cyber Crime	>1		Varonis, HardBit, ransomware
41	20/02/2023	02/12/2022	04/12/2022	?	Activision	Activision confirms that it suffered a data breach in early December 2022 after hackers gained access to the company's internal systems by tricking an employee with an SMS phishing text. Few days later the threat actors leak some data allegedly stolen from the company.	Account Takeover	Arts entertainment, recreation	Cyber Crime	US		Activision
42	20/02/2023	Since September 2021	-	?	GDS Holdings Ltd	Researchers from Resecurity warn data center organizations about malicious cyber activity targeting them and their customers.	Unknown	Information and communication	Cyber Crime	CN		Resecurity, GDS Holdings Ltd
43	20/02/2023	Since September 2021	-	?	ST Telemedia Global Data Centres	Researchers from Resecurity warn data center organizations about malicious cyber activity targeting them and their customers.	Unknown	Information and communication	Cyber Crime	SG		ST Telemedia Global Data Centres
44	20/02/2023	06/02/2023	06/02/2023	ALPHV AKA BlackCat	Lehigh Valley Health Network (LVHN)	Lehigh Valley Health Network (LVHN) is hit with a BlackCat ransomware attack.	Malware	Human health and social work	Cyber Crime	US		Lehigh Valley Health Network, LVHN, ALPHV, BlackCat, ransomware
45	20/02/2023	27/01/2023	31/01/2023	‘Portugal’ and ‘Brazil’	Multiple organizations	Researchers from Fortinet discover another 0-day attack in the PyPI packages (Python Package Index) by the malware authors ‘Portugal’ and ‘Brazil’ who published the packages ‘xhttpsp’ and ‘httpssp’.	Malware	Multiple Industries	Cyber Crime	>1		Fortinet, PyPI packages, Python Package Index,‘Portugal’, ‘Brazil’, ‘xhttpsp’, ‘httpssp’
46	20/02/2023	During December 2022	20/02/2023	UNIT82	RailYatri	RailYatri, a popular Indian train ticket booking platform, suffers a massive data breach that exposes the personal information of over 31 million (31,062,673) users/travellers.	Unknown	Transportation and storage	Cyber Crime	IN		RailYatri, UNIT82
47	20/02/2023	'Recently'	'Recently'	?	Virgin Media Television	Virgin Media Television, the Irish broadcaster, says that an attempted hack was going to impact its programming in coming days.	Unknown	Information and communication	Cyber Crime	IE		Virgin Media Television
48	20/02/2023	Since Q4 2022	During Q4 2022	?	Multiple organizations	Researchers from Cyble reveal an uptick of campaigns launched via the DarkCloud Stealer malware.	Malware	Multiple Industries	Cyber Crime	>1		Cyble, DarkCloud Stealer
49	20/02/2023	20/02/2023	20/02/2023	?	Crypto investors	A fake website of the popular Ethereum Denver conference is able to steal over $300,000 worth of Ether.	Account Takeover	Fintech	Cyber Crime	US		Denver Conference
50	20/02/2023	During January 2023	During January 2023	0mega	Aviacode	The 0mega ransomware gangs dumps 200 GB of data allegedly stolen from Aviacode.	Malware	Professional, scientific and technical	Cyber Crime	US		0mega, ransomware, Aviacode
51	20/02/2023	19/02/2023	19/02/2023	?	ASL5 La Spezia	The ASL5 La Spezia, the local health service of the city of La Spezia, suffers a serious cyber attack and as a consequence multiple services are disrupted.	Unknown	Human health and social work	Cyber Crime	IT		ASL5 La Spezia
52	21/02/2023	21/02/2023	21/02/2023	IT Army of Ukraine	All-Russia State Television and Radio Broadcasting Company (VGTRK)	A suspected distributed denial of service (DDoS) attack downs several websites broadcasting President Putin’s state on the nation. IT Army of Ukraine claims responsibility for the attack.	DDoS	Information and communication	Hacktivism	RU		All-Russia State Television and Radio Broadcasting Company, VGTRK, Putin, IT Army of Ukraine
53	21/02/2023	-	20/02/2023	?	Multiple organizations	Researchers from Checkmarx discover that threat actors upload over 15,000 spam packages to the npm open-source JavaScript repository.	Account Takeover	Multiple Industries	Cyber Crime	>1		Javascript, npm, Checkmarx
54	21/02/2023	-	-	?	Multiple organizations	Researchers from CloudSEK observe threat actors exploiting CVE-2023-21752, a privilege escalation vulnerability on the Windows Backup and Restore service.	CVE-2023-21752 Vulnerability	Multiple Industries	Cyber Crime	>1		CloudSEK, CVE-2023-21752
55	21/02/2023	Between 07/09/2022 and 14/09/2022	-	?	Emtec	Emtec files notice of a data breach, after determining that confidential consumer information was leaked following a cyberattack.	Unknown	Professional, scientific and technical	Cyber Crime	US		Emtec
56	21/02/2023	-	-	?	Henrico Doctors' Hospital	Henrico Doctors' Hospital notifies 990 patients that some of their protected health information was compromised in a data breach after detecting suspicious activity within its information network.	Unknown	Human health and social work	Cyber Crime	US		Henrico Doctors' Hospital
57	21/02/2023	Since July 2022	Since July 2022	?	Multiple WordPress sites	Researchers from Sucuri discover a new campaign by the Konami Code Backdoor abusing cron jobs to reinfect the compromised WordPress sites.	Malicious WordPress plugin	Multiple Industries	Cyber Crime	>1		Sucuri, Konami Code Backdoor, WordPress
58	21/02/2023	'Recently'	'Recently'	?	Multiple organizations	Researchers from Malwarebytes discover a Magecart skimmer involved in a fingerprinting campaign, and abusing the Cloudflare endpoint API.	Malicious Script injection	Wholesale and retail	Cyber Crime	>1		Malwarebytes, Magecart, Cloudflare
59	21/02/2023	-	-	BlackBasta	KFI Engineers	KFI Engineers pays a $300k ransom, to the Black Basta ransomware gang.	Malware	Professional, scientific and technical	Cyber Crime	US		KFI Engineers, ransomware, BlackBasta, Black Basta
60	21/02/2023	21/02/2023	21/02/2023	?	Hope Finance	Hope Finance loses $2M cryptocurrency worth after falling victim of a smart contract exploit.	Smart contract vulnerability	Fintech	Cyber Crime	N/A		Hope Finance
61	22/02/2023	22/02/2023	22/02/2023	NoName057(16)	Multiple organizations in Italy	The Russian group NoName057(16) targets some Italian institutions and companies following a visit by Italy’s prime minister Giorgia Meloni to Ukraine. Targets include Italy’s Foreign Ministry, Defense Ministry, Interior Ministry, and Telecom Italia	DDoS	Public admin and defence, social security	Hacktivism	IT		NoName057(16), Giorgia Meloni, Russia, Ukraine, Italy’s Foreign Ministry, Defense Ministry, Interior Ministry, Telecom Italia
62	22/02/2023	22/02/2023	22/02/2023	?	Radio stations across multiple Russian cities	Radio stations across multiple Russian cities are hacked and blast fake air raid warnings.	Unknown	Information and communication	Hacktivism	RU		Radio, Russia, Ukraine
63	22/02/2023	22/02/2023	22/02/2023	ALPHV AKA BlackCat	CIty of Lakewood	The BlackCat ransomware gang (ALPHV) lists the City of Lakewood on its data leak site.	Malware	Public admin and defence, social security	Cyber Crime	US		BlackCat, ALPHV, ransomware, City of Lakewood
64	22/02/2023	Since at least October 2022	During October 2022	Hydrochasma	Shipping and medical laboratories involved in COVID-19 vaccine development and treatments in Asia	Researchers from Broadcom/Symantec discover a previously unknown threat actor named Hydrochasma targeting shipping and medical laboratories involved in COVID-19 vaccine development and treatments.	Targeted Attack	Professional, scientific and technical	Cyber Espionage	>1		Broadcom, Symantec, Hydrochasma, COVID-19
65	22/02/2023	Between July and December 2022	-	S1deload Stealer	YouTube and Facebook users	Researchers from BitDefender discover an ongoing malware campaign targeting YouTube and Facebook users with a new information stealer dubbed S1deload Stealer able to hijack their social media accounts and use their devices to mine for cryptocurrency.	Malware	Individual	Cyber Crime	>1		BitDefender, YouTube, Facebook, S1deload Stealer
66	22/02/2023	Since 22/02/2023	22/02/2023	Multiple threat actors	Multiple organizations	Threat actors are targeting Internet-exposed Fortinet appliances with exploits targeting CVE-2022-39952, an unauthenticated file path manipulation vulnerability in the FortiNAC webserver that can be abused for remote command execution.	CVE-2022-39952 Vulnerability	Multiple Industries	Cyber Crime	>1		Fortinet, CVE-2022-39952, FortiNAC
67	22/02/2023	Since at least 12/02/2023	12/02/2023	Multiple threat actors	Individuals	Threat actors are exploiting the popularity of OpenAI's ChatGPT chatbot to distribute malware for Windows and Android, or direct unsuspecting victims to phishing pages.	Malware	Individual	Cyber Crime	>1		OpenAI, ChatGPT, Windows, Android
68	22/02/2023	-	-	Multiple threat actors	Organizations the U.S.	The US Cybersecurity and Infrastructure Security Agency (CISA) warns organizations that two vulnerabilities affecting the Mitel MiVoice Connect business communications platform have been exploited in the wild.	CVE-2022-41223 and CVE-2022-40765 vulnerabilities	Multiple Industries	Cyber Crime	US		CVE-2022-41223, CVE-2022-40765, US Cybersecurity and Infrastructure Security Agency, CISA, Mitel MiVoice Connect
69	22/02/2023	-	-	Multiple threat actors	Organizations the U.S.	The US Cybersecurity and Infrastructure Security Agency (CISA) warns organizations that the vulnerability CVE-2022-47986 affecting IBM Aspera Faspex has also been exploited in the wild.	CVE-2022-47986 vulnerability	Multiple Industries	Cyber Crime	US		CVE-2022-47986, US Cybersecurity and Infrastructure Security Agency, CISA, IBM Aspera Faspex
70	22/02/2023	-	-	?	Multiple organizations	Researchers from ReversingLabs discover 41 malicious packages on Python Package Index that mimic popular libraries	Malware	Multiple Industries	Cyber Crime	>1		ReversingLabs, Python Package Index, PyPI
71	22/02/2023	'Recently'	'Recently'	?	Crum & Forster (C&F)	Crum & Forster (C&F) files notice of a data breach after confirming that an unauthorized party was able to access confidential consumer data as a result of a successful cyberattack.	Unknown	Finance and insurance	Cyber Crime	US		Crum & Forster, C&F
72	22/02/2023	28/02/2023	28/02/2023	Hive	Alvaria	Alvaria files notice of a data breach after confirming that a recent cybersecurity event was a Hive ransomware attack resulting in confidential employee information being leaked.	Malware	Professional, scientific and technical	Cyber Crime	US		Alvaria, Hive, Ransomware
73	22/02/2023	17/02/2023	17/02/2023	?	Chile’s National Health Fund (FONASA)	Chile’s National Health Fund (FONASA) reveals that it suffered a malware attack causing some minor interruptions and delays at its branches.	Malware	Human health and social work	Cyber Crime	CL		Chile’s National Health Fund, FONASA
74	22/02/2023	27/01/2023	27/01/2023	Ragnar Locker	Associação de Advogados de São Paulo (AASP)	The Ragnar Locker ransomware gang leaks 200 GB of files from the Associação de Advogados de São Paulo (AASP) plus numerous screenshots with personal information after the association denies it was hacked.	Malware	Administration and support service	Cyber Crime	BR		Ragnar Locker, ransomware gang, Associação de Advogados de São Paulo, AASP
75	23/02/2023	Since February 2022	During February 2023	Russia	Youtube users worldwide	According to watchdog Newsguard, Russia is successfully continuing its online disinformation campaigns, with hundreds of professionally-produced videos making their way on to YouTube.	Coordinated inauthentic Behavior	Individual	Cyber Warfare	>1		Russia, YouTube
76	23/02/2023	25/02/2023	25/02/2023	CH01	At least 32 Russian websites	A group of pro-Ukraine hacktivists that goes online with the moniker CH01 deface at least 32 Russian websites to mark a protest over the one-year anniversary of the Russian invasion.	Defacement	Multiple Industries	Hacktivism	RU		CH01, Russia, Ukraine
77	23/02/2023	Since at least February 2022	End of February 2023	UAC-0056 AKA DEV-0586, UNC2589, Nodaria, or Lorec53	Multiple organizations in Ukraine	The Computer Emergency Response Team of Ukraine (CERT-UA) reveals that Russian state-sponsored threat actors have breached multiple government websites this week using backdoors planted as far back as December 2021.	Targeted Attack	Multiple Industries	Cyber Espionage	UA		UAC-0056, DEV-0586, UNC2589, Nodaria, Lorec53, Computer Emergency Response Team of Ukraine, CERT-UA, Russia
78	23/02/2023	-	-	Clasiopa	Companies in the materials research sector in Asia	Researchers from Symantec/Broadcom discover a threat group, named Clasiopa, targeting companies in the materials research sector with a unique toolset that includes a custom remote access trojan (RAT) called Atharvan.	Targeted Attack	Professional, scientific and technical	Cyber Espionage	N/A		Symantec, Broadcom, Clasiopa, Atharvan
79	23/02/2023	Over the past few months	-	wtfisthat34698409672	macOS users	Researchers from Jamf discover a cryptomining operation targeting macOS with a malicious version of Final Cut Pro that remains largely undetected by antivirus engines.	Malware	Individual	Cyber Espionage	>1		Jamf, macOS, Final Cut Pro, wtfisthat34698409672
80	23/02/2023	Since at least March 2021	Since at least March 2021	Three Dutch individuals	Multiple organizations	The Amsterdam cybercrime police team arrests three men for ransomware activity that generated €2.5 million from extorting small and large organizations in multiple countries.	Malware	Multiple Industries	Cyber Crime	N/A		Amsterdam, Ransomware
81	23/02/2023	-	-	?	Government entities	Researchers from Menlo Security uncover an unknown threat actor leveraging an evasive threat campaign distributed via Discord that features the PureCrypter downloader and targeting government entities.	Malware	Public admin and defence, social security	Cyber Crime	N/A		Menlo Security, Discord, PureCrypter
82	23/02/2023	-	-	?	Multiple organizations	Researchers at Ahnlab reveal that the operators of the ChromeLoader browser hijacking and adware campaign are now using VHD files named after popular games. Previously, such campaigns relied on ISO-based distribution.	Malware	Multiple Industries	Cyber Crime	>1		Ahnlab, ChromeLoader, VHD, ISO
83	23/02/2023	During August 2021	-	?	My Rewards	Data belonging to customers of The Good Guys are compromised in a security breach involving the Australian retailer's former third-party supplier, My Rewards.	Unknown	Administration and support service	Cyber Crime	AU		The Good Guys, My Rewards
84	23/02/2023	Since 20/01/2023	During January 2023	Multiple threat actors	Multiple organizations	Researchers from Bitdefender report that multiple threat actors are actively exploiting the Zoho ManageEngine CVE-2022-47966 vulnerability in attacks in the wild.	CVE-2022-47966 vulnerability	Multiple Industries	Cyber Crime	>1		Bitdefender, Zoho ManageEngine, CVE-2022-47966
85	23/02/2023	Since at least 23/02/2023	Since at least 23/02/2023	Multiple threat actors	Individuals	Security researchers warn about a wave of questionable authenticator apps flooding the Apple App Store and Google Play after Twitter’s recent shift from SMS-based 2FA.	Malware	Individual	Cyber Crime	>1		Apple App Store, Google Play, Twitter, Authenticator
86	23/02/2023	Between 22/11/2023 and 29/11/2023	28/11/2022	?	Texas Orthopaedics & Sports Medicine (TOSM)	Texas Orthopaedics & Sports Medicine notifies 537 individuals of breach involving some patient information.	Unknown	Human health and social work	Cyber Crime	US		Texas Orthopaedics & Sports Medicine, TOSM
87	23/02/2023	During February 2023	During February 2023	Nevada	American and Hungarian universities and Italian shipping and construction firms	A new massive ransomware operation by the Nevada group compromises over 5,000 victims in Europe and the U.S.	Malware	Multiple Industries	Cyber Crime	HU IT US		Nevada, ransomware
88	23/02/2023	-	-	?	Hospital Joaquín Paz Borrero	The Hospital Joaquín Paz Borrero is hit with a ransomware attack.	Malware	Human health and social work	Cyber Crime	CO		Hospital Joaquín Paz Borrero, ransomware
89	23/02/2023	04/02/2023	-	RansomHouse	AESCULAPIUS Farmaceutici	AESCULAPIUS Farmaceutici, an Italian producer of pharmaceutical products, is hit with a RansomHouse ransomware attack and has some data leaked.	Malware	Professional, scientific and technical	Cyber Crime	IT		AESCULAPIUS Farmaceutici, RansomHouse, ransomware
90	24/02/2023	-	-	PlugX	Multiple organizations	Researchers from Trend Micro uncover a new wave of attacks aimed at distributing the PlugX remote access trojan masqueraded as an open-source Windows debugger tool called x32dbg. The legitimate tool allows to examine kernel-mode and user-mode code, crash dumps, or CPU registers.	Malware	Multiple Industries	Cyber Crime	>1		Trend Micro, PlugX, x32dbg
91	24/02/2023	08/07/2022	-	?	Aloha Nursing Rehab Centre (Aloha)	Aloha Nursing Rehab Centre (Aloha) files notice of a data breach after learning that an unauthorized party accessed electronic files containing confidential patient information from the company’s computer network.	Unknown	Human health and social work	Cyber Crime	US		Aloha Nursing Rehab Centre, Aloha
92	24/02/2023	During November 2022	-	?	Crystal Bay Casino	Crystal Bay Casino files notice of a data breach after learning that an unauthorized party accessed files on the company’s computer network containing confidential consumer information.	Unknown	Arts entertainment, recreation	Cyber Crime	US		Crystal Bay Casino
93	24/02/2023	27/12/2022	16/12/2022	?	Advanced Health Media (AHM)	Advanced Health Media (AHM) files a notice of data breach after learning that an unauthorized party was able to access certain company servers that stored confidential consumer data.	Unknown	Professional, scientific and technical	Cyber Crime	US		Advanced Health Media, AHM
94	24/02/2023	Since 2019	-	MedusaLocker	Healthcare organizations in the U.S.	The Health Sector Cybersecurity Coordination Center (HC3) warns organizations in the healthcare about the MedusaLocker ransomware.	Malware	Human health and social work	Cyber Crime	US		Health Sector Cybersecurity Coordination Center, HC3, MedusaLocker, ransomware
95	24/02/2023	Mid-February 2022	Mid-February 2022	ALPHV AKA BlackCat	Encino Energy	Encino Energy, one of the largest private natural gas and oil producers in the U.S., said it has investigated and remediated a recent cyberattack allegedly carried out by the BlackCat ransomware gang.	Malware	Electricity, gas steam, air conditioning	Cyber Crime	US		Encino Energy, BlackCat, ALPHV, ransomware
96	24/02/2023	20/02/2023	20/02/2023	?	Minneapolis Public Schools	Minneapolis Public Schools reveals to be experiencing technical difficulties due to an encryption event due to a ransomware attack.	Malware	Education	Cyber Crime	US		Minneapolis Public Schools, ransomware
97	24/02/2023	Over the last few days	Over the last few days	?	Individuals	Researchers from Malwarebytes discover a campaign sending out phishing mails that disguise bogus URLs with something called Slinks—shortened Linkedin URLs.	Account Takeover	Individual	Cyber Crime	>1		Malwarebytes, Slinks, shortened Linkedin URLs
98	24/02/2023	Since early February 2023	During February 2023	WhiteSnake	Multiple organizations	Researchers from Cyble discover a new malware strain called “WhiteSnake” Stealer designed to extract sensitive information from the victim’s computer.	Malware	Multiple Industries	Cyber Crime	>1		Cyble, WhiteSnake
99	24/02/2023	-	-	ALPHV AKA BlackCat	Empresa Distribuidora Del Este (EdeEste)	The Empresa Distribuidora Del Este (EdeEste), an electricity distribution firm, is named on BlackCat’s ransomware leak site. The group claims to have 420 GB of information from the company.	Malware	Electricity, gas steam, air conditioning	Cyber Crime	DO		ALPHV, BlackCat, Empresa Distribuidora Del Este, EdeEste
100	24/02/2023	-	-	Royal	Âncora Sistemas de Fixação	Âncora Sistemas de Fixação, a company specializing in the manufacture and marketing of fasteners for civil construction, is added to the Royal gang’s leak site with 88 GB uploaded to the site at the same time.	Malware	Manufacturing	Cyber Crime	BR		Âncora Sistemas de Fixação, Royal, ransomware
101	24/02/2023	-	-	LocKBit 3.0	La Segunda Seguros	La Segunda Seguros insurance company is named by LockBit on its leaks site with some samples as proof of claims.	Malware	Finance and insurance	Cyber Crime	AR		La Segunda Seguros, LockBit, ransomware
102	24/02/2023	-	-	Stormous	Zurcal	The Zurcal group, which belongs to the energy saving and efficiency sector, is named by the Stormous ransomware group in its Telegram channel.	Malware	Electricity, gas steam, air conditioning	Cyber Crime	ES		Zurcal, Stormous, ransomware,Telegram
103	24/02/2023	17/02/2023	17/02/2023	?	City of Rosarito	The City of Rosarito discloses to have been hit by a cyber attack.	Unknown	Public admin and defence, social security	Cyber Crime	MX		City of Rosarito
104	24/02/2023	In recent weeks	In recent weeks	?	Iowa Legislative Hearings	Iowa Legislative Hearings are disrupted by offensive or graphic images or videos while the hearings were taking place.	Zoom bombing	Public admin and defence, social security	Cyber Crime	US		Iowa Legislative Hearings, Zoom
105	25/02/2023	23/02/2023	23/02/2023	Black Basta?	Dish Network	American TV giant and satellite broadcast provider, Dish Network confirms that a ransomware attack was the cause of a multi-day network and service outage.	Malware	Information and communication	Cyber Crime	US		Dish Network, Black Basta
106	25/02/2023	23/02/2023	23/02/2023	BianLian	Southeastern Louisiana University (SLU)	Southeastern Louisiana University (SLU) posts notice of a potential data breach after certain SLU systems were down in response to what the school characterized as a “Temporary Network and System Disruption." The BianLian ransomware gang claims responsibility for the attack.	Unknown	Education	Cyber Crime	US		Southeastern Louisiana University, SLU, BianLian, ransomware
107	26/02/2023	26/02/2023	26/02/2023	Anonymous Sudan (affiliated to Killnet)	Nine Danish hospitals	A series of distributed-denial-of-service (DDoS) attacks shut down nine Danish hospitals' websites for a few hours, but did not have any life-threatening impact on the medical centers' operations or digital infrastructure.	DDoS	Human health and social work	Hacktivism	DK		Anonymous Sudan, Killnet
108	26/02/2023	26/02/2023	26/02/2023	?	Tennessee State University (TSU)	Tennessee State University (TSU) posts a “Notice of Suspicious Network Activity” after the institution experienced what it believes to have been a ransomware attack.	Malware	Education	Cyber Crime	US		Tennessee State University, TSU, ransomware
109	26/02/2023	Since November 2022	Since November 2022	TA569	Multiple organizations	Researchers from Proofpoint reveal the details of a new campaign by TA569 delivering the SocGholish payload via Javascript injections in compromised websites.	Malware	Multiple Industries	Cyber Crime	>1		Proofpoint, TA569, SocGholish, Javascript
110	26/02/2023	25/02/2023	25/02/2023	?	Multiple organizations	Researchers from Sonatype discover an open source malware campaign in which a threat actor is infiltrating the PyPI software registry with thousands of malicious packages.	Malware	Multiple Industries	Cyber Crime	>1		Sonatype, PyPI
111	27/02/2023	-	-	?	Multiple organizations	Researchers at Prodaft reveal that the RIG Exploit Kit currently targets 207 countries, launching an average of 2,000 attacks per day and having a current success rate of 30%.	CVE-2021-26411, CVE-2016-0189, CVE-2019-0752, CVE-2019-8174, CVE-2019-0674, CVE-2019-6332 vulnerabilities	Multiple Industries	Cyber Crime	>1		Prodaft, RIG Exploit Kit, CVE-2021-26411, CVE-2016-0189, CVE-2019-0752, CVE-2019-8174, CVE-2019-0674, CVE-2019-6332
112	27/02/2023	-	-	?	Multiple organizations	Researchers from Patchstack reveal that threat actors are actively exploiting two critical-severity vulnerabilities in the Houzez theme and plugin for WordPress, two premium add-ons used primarily in real estate websites.	CVE-2023-26540 and CVE-2023-26009 vulnerabilities	Multiple Industries	Cyber Crime	>1		CVE-2023-26540, CVE-2023-26009, Patchstack, Houzez, WordPress
113	27/02/2023	Since 27/11/2022	27/11/2022	Exfiltrator-22	Multiple organizations	Researchers at CYFIRMA discover a new 'Exfiltrator-22' post-exploitation framework, allegedly created by former Lockbit 3.0 affiliates, and designed to spread ransomware in corporate networks while evading detection.	Malware	Multiple Industries	Cyber Crime	>1		CYFIRMA, Exfiltrator-22, Lockbit 3.0
114	27/02/2023	Between 12/08/2022 and 26/10/2022	-	?	LastPass	LastPass discloses more information on a "coordinated second attack," where a threat actor accessed and stole data from the Amazon AWS cloud storage servers for over two months.	Account Takeover	Professional, scientific and technical	Cyber Crime	US		LastPass, AWS
115	27/02/2023	17/02/2023	17/02/2023	?	U.S. Marshals Service (USMS)	The U.S. Marshals Service (USMS) is investigating the theft of sensitive law enforcement information following a ransomware attack that has impacted what it describes as "a stand-alone USMS system."	Malware	Public admin and defence, social security	Cyber Crime	US		U.S. Marshals Service, USMS, ransomware
116	27/02/2023	-	-	Multiple threat actors	Organizations in the U.S.	The U.S. Cybersecurity & Infrastructure Security Agency (CISA) adds CVE-2022-36537 impacting the ZK Framework, to its "Known Exploited Vulnerabilities Catalog" after threat actors began actively exploiting the remote code execution (RCE) flaw in attacks.	CVE-2022-36537 Vulnerabilities	Multiple Industries	N/A	US		U.S. Cybersecurity & Infrastructure Security Agency, CISA, CVE-2022-36537, ZK Framework
117	27/02/2023	-	07/02/2023	?	Pipefitters Local 537	A cyberattack on Pipefitters Local 537, a Boston-based labor union’s health fund, results in the loss of $6.4 million.	Account Takeover	Human health and social work	Cyber Crime	US		Pipefitters Local 537
118	27/02/2023	Since Q4 2021	-	DIgital Smoke	Internet users from multiple countries	Researchers from Resecurity identify Digital Smoke, one of the largest investment fraud networks by size and volume of operations created to defraud Internet users from Australia, Canada, China, Colombia, the European Union, India, Singapore, Malaysia, United Arab Emirates, Saudi Arabia, Mexico, the U.S. and other regions.	Scam	Individual	Cyber Crime	>1		Resecurity, Digital Smoke
119	27/02/2023	20/02/2023	20/02/2023	APT-C-36 AKA Blind Eagle	Key industries in Colombia and Ecuador, including health, financial, law enforcement, immigration, and an agency in charge of peace negotiation in the country.	Researchers from Blackberry discover a new campaign by APT-C-36, where the threat actor impersonated a Colombian government tax agency to target key industries in Colombia.	Targeted Attack	Multiple Industries	Cyber Espionage	CO EC		APT-C-36, Blind Eagle, Blackberry
120	27/02/2023	14/02/2023	14/02/2023	LockBit 3.0	Pierce Transit	Pierce Transit discloses to have been hit with a LockBit 3.0 ransomware attack.	Malware	Transportation and storage	Cyber Crime	US		Pierce Transit, LockBit 3.0, ransomware
121	27/02/2023	During December 2022	During December 2022	?	At least 3,000 Texans with Asian surnames	An organized crime group obtains thousands of replacement Texas driver licenses and sends the replacement licenses to Chinese nationals in the country illegally.	Account Takeover	Individual	Cyber Crime	US		Texas
122	27/02/2023	27/02/2023	27/02/2023	?	Italian Taxpayers	A new campaign targets the Italian taxpayer with fake notifications from the italian Institute for Social Security (INPS)	Account Takeover	Individual	Cyber Crime	IT		Italian Institute for Social Security, INPS
123	28/02/2023	Between 30/01/2023 and 31/01/2023	07/02/2023	?	Hatch Bank	Hatch Bank, a digital-first bank that provides infrastructure for fintech companies offering their own brand credit cards, confirms that attackers exploited the Fortra’s GoAnywhere CVE-2023-0669 zero-day vulnerability in the company’s internal file transfer software that allowed access to thousands of customer Social Security numbers.	CVE-2023-0669 Vulnerability	Fintech	Cyber Crime	US		Hatch Bank, Fortra, GoAnywhere, CVE-2023-0669
124	28/02/2023	-	-	Snatch	Ingenico	The Russian ransomware gang Snatch claims to have stolen data from Ingenico, a merchant services technology company based in France.	Malware	Professional, scientific and technical	Cyber Crime	FR		Ingenico, ransomware, Snatch
125	28/02/2023	Between late 2022 and early 2023	'Recently'	Winnti, AKA APT41, Barium, Blackfly, Bronze Atlas, Double Dragon, Wicked Panda, and Wicked Spider	Two subsidiaries of an Asian conglomerate in the materials and composites sector	Researchers from Symantec/Broadcom discover a new campaign by the Chinese Winnti group targeting two subsidiaries of an Asian conglomerate in the materials and composites sector.	Targeted Attack	Professional, scientific and technical	Cyber Espionage	N/A		Symantec, Broadcom, Winnti, APT41, Barium, Blackfly, Bronze Atlas, Double Dragon, Wicked Panda, Wicked Spider
126	28/02/2023	'Recently'	'Recently'	SCARLETEEL	Undisclosed organization	Researchers from Sysdig discover an advanced hacking operation dubbed 'SCARLETEEL' targeting public-facing web apps running in containers to infiltrate cloud services and steal sensitive data.	Misconfiguration	Unknown	Cyber Crime	N/A		Sysdig, SCARLETEEL
127	28/02/2023	27/02/2023	27/02/2023	?	Users of the Trezor hardware cryptocurrency wallet	An ongoing phishing campaign is pretending to be Trezor data breach notifications attempting to steal a target's cryptocurrency wallet and its assets.	Account Takeover	Fintech	Cyber Crime	>1		Trezor
128	28/02/2023	Between January and February of 2023	Between January and February of 2023	?	Several law firms	Researchers from eSentire discover a malicious campaign targeting law firms with the GootLoader malware.	Malware	Professional, scientific and technical	Cyber Espionage	N/A		eSentire, GootLoader
129	28/02/2023	Between January and February of 2023	Between January and February of 2023	?	Several law firms	Researchers from eSentire discover a malicious campaign targeting law firms with the SocGholish malware.	Malware	Professional, scientific and technical	Cyber Espionage	N/A		eSentire, SocGholish
130	28/02/2023	'Recently'	'Recently'	Parallax	Multiple organizations	Researchers at Uptycs detect active samples of the Parallax remote access Trojan (RAT) targeting cryptocurrency organizations.	Malware	Fintech	Cyber Crime	>1		Uptycs, Parallax
131	28/02/2023	-	-	?	Veris Residential	Veris Residential files a notice of data breach following a cybersecurity incident that leaked confidential consumer information.	Unknown	Real estate	Cyber Crime	US		Veris Residential
132	28/02/2023	-	13/12/2022	?	Compass Behavioral Health	Compass Behavioral Health discloses a data security incident that involved the protected health information (PHI) of 1,064 patients.	Account Takeover	Human health and social work	Cyber Crime	US		Compass Behavioral Health
133	28/02/2023	Since January 2023	Since January 2023	?	Job seekers	Researchers from Trellix reveal that threat actors are exploiting the ongoing economic downturn by using job-themed phishing and malware campaigns to target job seekers and employers to steal sensitive information and hack company recruiters.	Malware	Individual	Cyber Crime	>1		Trellix, Job seekers
134	28/02/2023	31/10/2022	31/10/2022	Sour Grapes	Individuals	Researchers from Sophos uncover a scam ring run by Chinese criminals named 'Sour Grapes'	Scam	Individual	Cyber Crime	>1		Sophos, pig-butchering, Sour Grapes
135	28/02/2023	Since 13/01/2023	-	r3nin	Multiple e-commerce sites	Researchers from Cyble discover R3NIN Sniffer, a ready-to-use toolkit and panel for stealing payment card data from compromised e-commerce websites on sale in a notorious Russian-language cybercrime forum.	Malicious Script injection	Wholesale and retail	Cyber Crime	>1		Cyble, R3NIN Sniffer
136	28/02/2023	-	27/02/2023	LockBit 3.0	White Settlement Independent School District	LockBit adds White Settlement Independent School District in Texas to their leak site, with a proof pack that suggests that the threat actors were able to access and may have exfiltrated a lot of files.	Malware	Education	Cyber Crime	US		LockBit 3.0, White Settlement Independent School District, ransomware
137	28/02/2023	-	-	?	Federación de Aseguradores Colombianos (Fasecolda)	The Federación de Aseguradores Colombianos (Fasecolda), an association for Colombian insurers, suffers a cyber attack.	Unknown	Administration and support service	Cyber Crime	CO		Federación de Aseguradores Colombianos, Fasecolda
138	28/02/2023	06/02/2023	06/02/2023	?	Oregon City	Oregon City discloses to have been hit by a sophisticated ransomware attack.	Malware	Public admin and defence, social security	Cyber Crime	US		Oregon City, ransomware
ID	Date Reported	Date Occurred	Date Discovered	Author	Target	Description	Attack	Target Class	Attack Class	Country	Link	Tags

The “Breachometer” compares the current number of events/day with the max and min values recorded in the previous 12 months.

2022 Cyber Attacks Statistics
And finally I have aggregated all the data collected in 2022 from the cyber attacks timelines. In the past year I have collected 3074 events...
Leaky Buckets in 2022
Similarly to what I have done in 2021, I am now collecting the incidents due to cloud misconfigurations and leading to the exposure of data.
The Biggest Data Breaches of 2021
With this new project I am going to track the biggest data breaches of 2021 extracted from my cyber attack timelines.
16-28 February 2023 Cyber Attacks Timeline
The second cyber attacks timeline of February 2023 is out and with 10.62 events/day confirms...
2020 Cyber Attacks Statistics
As promised, I have pulled together some statistics from the data collected in 2020. The master table is available at the end of the post after the charts.