EVENTS
EVENTS/DAY
0
EVENTS
0
EVENTS/DAY
0

Attack Distribution March H2 2023

No Data Found

Attack Techniques March H2 2023

No Data Found

The sustained trend of cyber attacks continued in the second half of March, where I collected 177 events (corresponding to 11.19 events/day).

This high number is mainly due to the wave of attacks against high-profile targets worldwide, carried out by the Clop (AKA Cl0p) ransomware gang, carried out exploiting the CVE-2023-0669 Fortra GoAnywhere MFT Vulnerability. This aspect obviously led to a sharp increase in the number of ransomware attack: 54 out of 179 events (corresponding to 30.1%) were characterized by this attack vector, in contrast with 21.7% of the previous timeline. In terms of ransomware, even the LockBit gang was particularly active, but this is not a surprise any longer.

Also due to the exploitation at scale of this vulnerability, the software flaws played a part in 42 out of 177 events or, in other terms, in 23.7%, more than twice than 12.5% of the previous fortnight.

Free computer code screen image

16-31 March 2024 Cyber Attacks Timeline

In the second timeline of March 2024 I collected 104 events dominated by malware, exploitation of vulnerabilities and ransomware. The threat landscape was also characterized by several mega breaches, multiple cyber espionage operations and also some remarkable events related to cyber warfare.

Continue Reading

Multi-million losses continued to plague the fintech sector, with SafeMoon suffering a hack leading to the theft of $8.9 million worth in multiple digital assets. Other fintech organizations were targeted in the same period but in at least two cases the attackers were unsuccessful.

And the season of  mega breaches continued: victims in this fortnight included: Latitude Financial Services (14 million records affected), TMX Finance (nearly 5 million affected), and Blauw (1.5 million individuals affected).

The Cyber Espionage front was always hot, with multiple campaigns unearthed also in the second half of March, and carried out by known threat actors such as: the North Korean Lazarus Group (author of a massive supply-chain attack against 3CX), APT37, APT43, Winnti, Kimsuky, SideCopy, Bitter, Mustang Panda, and also less-known groups such as Winter Vivern and Bad Magic, a threat actor targeting organizations located in the Donetsk, Lugansk, and Crimea regions.

And as always, this brief summary is closed by a quick mention to the DDos attacks launched by the pro-Russian hacktivists of NoName057(16) that were directed against several government websites in Italy and France

My suggestion is always the same: browse the timeline, and obviously thanks for sharing it and supporting my work in spreading the risk awareness across the community. As always, don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.

Geo Map March H2 2023

No Data Found

SUPPORT MY WORK!
BREACHOMETER

No Data Found

The “Breachometer” compares the current number of events/day with the max and min values recorded in the previous 12 months.

12 MONTHS TREND

No Data Found

POPULAR POSTS
  • Free computer code screen image16-31 March 2024 Cyber Attacks Timeline

    In the second timeline of March 2024 I collected 104 events dominated by malware, exploitation of vulnerabilities and ransomware. The threat landscape was also characterized by several mega breaches, multiple cyber espionage operations and also some remarkable events related to cyber warfare.

  • 2023 Stats Featrured Image2024 Cyber Attacks Statistics

    In 2023, there was a 35% increase in cyber attacks to 4,128 events, with the MOVEit CVE-2023-34362 vulnerability being heavily exploited. Cybercrime dominated as the main motivation at 79%, while malware led attack techniques with 35.9%. Healthcare remained a top target for ransomware. The data ...

  • Free cyber security concept background1-15 March 2024 Cyber Attacks Timeline

    In the first timeline of March 2024, I collected 98 events, once again characterized malware and ransomware attacks. State-sponsored threat actor were equally quite active, but the timeline also features some interesting events related to cyberwarfare.

  • blue and red galaxy artwork16-29 February 2024 Cyber Attacks Timeline

    In the second timeline of February 2024 I collected 100 events characterized by a majority of malware and ransomware attacks and by a plethora of cyber espionage and cyber warfare campaigns.

  • TCP Split Handshake Attack Explained

    Update May 12: TCP Split Handshake: Why Cisco ASA is not susceptible Update May 11: The Never Ending Story Update April 21: Other Considerations on TCP Split Handshake Few days ago, independent security research and testing NSS Labs, issued a comparative report among six network security ...

FOLLOW ME ON TWITTER

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.