Attack Distribution March H1 2023

No Data Found

Attack Techniques March H1 2023

No Data Found

In the first cyber attacks timeline of March 2023 I collected 152 events (10.13 events/day), a number that, unsurprisingly, confirms the high level of activity that is accompanying us over the course of this 2023.

Ransomware-driven events slide at 21.7% from 24.6% (33 out of 152 events), whilst 19 events were characterized by the exploitation of vulnerabilities (corresponding to 12.5% vs 8% of the previous timeline), an increase mainly due to the ongoing exploitation of the CVE-2023-0669 Fortra GoAnywhere MFT Vulnerability.

Image by wastedgeneration from Pixabay

1-15 December 2023 Cyber Attacks Timeline

In early December 2023, event recordings decreased significantly to 135, with ransomware dominating 35.5% of incidents. The period saw a notable data breach at ESO Solutions, affecting 2.7 million patients, and a $2.7 million crypto theft at OKX. Geopolitical tensions spurred active cyber espionage, with APT28 exploiting critical vulnerabilities. The author encourages timeline review and community risk awareness support.

Continue Reading

Multi-million losses continued to affect the fintech sector, with Euler Finance suffering a flash loan attack leading to the theft of $197 million worth in multiple digital assets. Other fintech organizations targeted in the same period included Algodex and Poolz Finance.

And the season of the mega breaches has just begun apparently: victims in this fortnight included: HDB Financial Services (72 million records affected), an undisclosed marketing vendor working for AT&T and other organizations (9 million records affected), Independent Living Systems (around 4 million records), and Zoll Medical (one million). Other high-profile victims included ACER that suffered the leak of 160 Gb.

The Cyber Espionage front is always hot, with multiple campaigns unearthed in the first half of March, and carried out by known threat actors such as: APT27, APT28, APT29, Mustang Panda, Sharp Panda, the Tick, and Transparent Tribe, but also new players, such as UNC2970, UNC4540, and Yoro Trooper. The Iranian group Cobalt Illusion also launched a campaign against female human rights activists.

And as always, this brief summary is closed by a quick mention to the DDos attacks launched by the pro-Russian hacktivists of NoName057(16) that were directed against several government websites in Poland and Italy.

My suggestion is always the same: browse the timeline, and obviously thanks for sharing it and supporting my work in spreading the risk awareness across the community. As always, don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.

Geo Map March H2 2023

No Data Found


No Data Found

The “Breachometer” compares the current number of events/day with the max and min values recorded in the previous 12 months.


No Data Found

  • Photo by Towfiqu barbhuiya on UnsplashThe Biggest Data Breaches of 2023

    Similarly to what I have done in 2022 and 2021, I am collecting the main mega breaches...

  • Leaky Buckets in 2023

    Similarly to what I have done in 2022 and 2021, I am collecting the incidents due to cloud misconfigurations and leading to...

  • Image by Pete Linforth from Pixabay1-15 May 2023 Cyber Attacks Timeline

    In the first half of May 2023 I collected 173 events (corresponding to 11.53 events/day), a value that confirms the sustained trend characterizing this year from an information security perspective.

  • November 2023 MotivationsNovember 2023 Cyber Attacks Statistics

    November 2023 saw a rise to 39 events, with Cyber Crime remaining dominant at 78.7%. Cyber Espionage increased to 9.7%, while Hacktivism fell to 5.4%. Malware was the leading attack technique at 42.1%, and Multiple Organizations were the most targeted at 17.7%.

  • 2022 Cyber Attacks Statistics

    And finally I have aggregated all the data collected in 2022 from the cyber attacks timelines. In the past year I have collected 3074 events...


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.