Motivations May H1 2023

No Data Found

Attack Techniques May H1 2023

No Data Found

In the first half of May 2023 I collected 173 events (corresponding to 11.53 events/day), a value that, despite slightly lower than the second timeline of April (182 events collected) confirms the sustained trend that is characterizing this year from an information security perspective.

The percentage of events caused by ransomware attacks is stable at 26.5% (46 out of 173 events), very close to 26.9% of the second timeline of April. The impact of vulnerabilities played a part in 20 out of 173 events corresponding to 11.6%, again slightly lower than 14.4% of the previous timeline.

The crypto hacks continued, despite apparently at slower pace than the previous month. The only noteworthy to mention affected Level Finance, which suffered the loss of $1.1M worth of crypto assets, following the exploitation of a smart contract vulnerability.

In terms of  mega breaches there were two remarkable events: software maker Brightly confirmed that hackers stole close to 3 million accounts from its platform SchoolDude, and PharMerica, one of the largest pharmacy service providers in the United States had the personal data of almost six million patients exfiltrated by the Money Message ransomware gang.

The Cyber Espionage front was always hot, with multiple campaigns unearthed also in the first half of April, and carried out by known threat actors from China, North Korea, Iran, India and Pakistan; such as ScarCruft (aka APT37) and Kimsuky (both from North Korea), APT35 and Muddywater (Iran), Patchwork (India) and Sidecopy (Pakistan).  But the list of cyber espionage operations is too long and the involved actors too many to mention in a few words.

And as always, this brief summary is closed by a quick mention to the attacks launched by the pro-Russian hacktivists of NoName057(16) directed against multiple government targets in France and Italy in retaliation for the support to Ukraine.

My suggestion is always the same: browse the timeline, and obviously thanks for sharing it and supporting my work in spreading the risk awareness across the community. As always, don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.

Geo Map May H1 2023

No Data Found


Creating the timelines is a very time-consuming task.

Any little helps!


No Data Found

The “Breachometer” compares the current number of events/day with the max and min values recorded in the previous 12 months.


No Data Found

  • Leaky Buckets in 2023

    Similarly to what I have done in 2022 and 2021, I am collecting the incidents due to cloud misconfigurations and leading to...

  • November 2023 MotivationsNovember 2023 Cyber Attacks Statistics

    November 2023 saw a rise to 39 events, with Cyber Crime remaining dominant at 78.7%. Cyber Espionage increased to 9.7%, while Hacktivism fell to 5.4%. Malware was the leading attack technique at 42.1%, and Multiple Organizations were the most targeted at 17.7%.

  • Image by wastedgeneration from Pixabay1-15 December 2023 Cyber Attacks Timeline

    In early December 2023, event recordings decreased significantly to 135, with ransomware dominating 35.5% of incidents. The period saw a notable data breach at ESO Solutions, affecting 2.7 million patients, and a $2.7 million crypto theft at OKX. Geopolitical tensions spurred active cyber espionage, with ...

  • Photo by Towfiqu barbhuiya on UnsplashThe Biggest Data Breaches of 2023

    Similarly to what I have done in 2022 and 2021, I am collecting the main mega breaches...

  • 2021 Cyber Attacks Statistics

    And finally I have aggregated all the data collected in 2021 from the cyber attacks timelines. In the past year I have collected 2539 events, meaning...


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.