Motivations May H1 2023

No Data Found

Attack Techniques May H1 2023

No Data Found

In the first half of May 2023 I collected 173 events (corresponding to 11.53 events/day), a value that, despite slightly lower than the second timeline of April (182 events collected) confirms the sustained trend that is characterizing this year from an information security perspective.

The percentage of events caused by ransomware attacks is stable at 26.5% (46 out of 173 events), very close to 26.9% of the second timeline of April. The impact of vulnerabilities played a part in 20 out of 173 events corresponding to 11.6%, again slightly lower than 14.4% of the previous timeline.

The crypto hacks continued, despite apparently at slower pace than the previous month. The only noteworthy to mention affected Level Finance, which suffered the loss of $1.1M worth of crypto assets, following the exploitation of a smart contract vulnerability.

In terms of  mega breaches there were two remarkable events: software maker Brightly confirmed that hackers stole close to 3 million accounts from its platform SchoolDude, and PharMerica, one of the largest pharmacy service providers in the United States had the personal data of almost six million patients exfiltrated by the Money Message ransomware gang.

The Cyber Espionage front was always hot, with multiple campaigns unearthed also in the first half of April, and carried out by known threat actors from China, North Korea, Iran, India and Pakistan; such as ScarCruft (aka APT37) and Kimsuky (both from North Korea), APT35 and Muddywater (Iran), Patchwork (India) and Sidecopy (Pakistan).  But the list of cyber espionage operations is too long and the involved actors too many to mention in a few words.

And as always, this brief summary is closed by a quick mention to the attacks launched by the pro-Russian hacktivists of NoName057(16) directed against multiple government targets in France and Italy in retaliation for the support to Ukraine.

My suggestion is always the same: browse the timeline, and obviously thanks for sharing it and supporting my work in spreading the risk awareness across the community. As always, don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.

Geo Map May H1 2023

No Data Found


Creating the timelines is a very time-consuming task.

Any little helps!


No Data Found

The “Breachometer” compares the current number of events/day with the max and min values recorded in the previous 12 months.


No Data Found

  • photo of turned on laptop computer1-15 April 2024 Cyber Attacks Timeline

    In the first timeline of April 2024 I collected 107 events (7.13 events/day), as always characterized by a majority of malware attacks.

  • Featured Image Q1 2024Q1 2024 Cyber Attacks Statistics

    I aggregated the statistics created from the cyber attacks timelines published in the first quarter of 2024. In this period, I collected a total of 833 events (9.15 events/day) dominated by Cyber Crime with 75.2%...

  • 2023 Stats Featrured Image2024 Cyber Attacks Statistics

    In 2023, there was a 35% increase in cyber attacks to 4,128 events, with the MOVEit CVE-2023-34362 vulnerability being heavily exploited. Cybercrime dominated as the main motivation at 79%, while malware led attack techniques with 35.9%. Healthcare remained a top target for ransomware. The data ...

  • network servers on an enclosureCVEs Targeting Remote Access Technologies

    In this first quarter of 2024, threat actors have been particularly busy in exploiting vulnerabilities (0-days but also old unpatched flaws) targeting traditional remote access technologies. In this blog post I summarized the main CVEs exploited so far in 2024.

  • 2020 Cyber Attacks Statistics

    As promised, I have pulled together some statistics from the data collected in 2020. The master table is available at the end of the post after the charts.


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.