Motivations May H2 2023

No Data Found

Attack Techniques May H2 2023

No Data Found

In the second half of May 2023 I collected 159 events (corresponding to 9.94 events/day), the third decrease in a row after the 176 events in the first timeline of May, and the 184 of the second timeline of April.

There was a slight decrease also in the percentage of events caused by ransomware (23.3%, corresponding to 37 out of 159 events), in comparison to 27.3% (48 out of 176 events) of the previous timeline. The impact of vulnerabilities played a part in 14 out of 159 events, bringing the percentage below 10% (8.8% precisely) compared to 11.4% (20 out of 176 events) of the previous timeline.

In the second half of May there were a couple of additional crypto hacks, in particular Tornado Cash stole the equivalent of $ 1M, but the attacker returned the money a couple of days later, an outcome completely different from the case of Jimbos Protocol, which suffered a flash loan attack resulting in the loss of more than of 4000 ETH tokens, currently valued at over $7,500,000.

In terms of  mega breaches there were several remarkable events in this fortnight apparently: a Luxottica partner (70 million records exposed), Managed Care of North America (MCNA, 9 million records exposed), Enzo Biochem (2.5 million), and Apria Healthcare (1.8 million).

The Cyber Espionage front was always hot, with multiple campaigns unearthed also in the second half of May, and carried out by known threat actors from Iran (Tortoiseshell), North Korea (Lazarus Group and Kimsuky), India (Sidewinder), and China. As usual the list of cyber espionage operations is too long and the involved actors too many to mention in a few words.

And as always, this brief summary is closed by a quick mention to the attacks launched by the pro-Russian hacktivists of NoName057(16) directed against multiple government targets in Italy, and Anonymous Sudan who blackmailed Scandinavian Airlines (SAS)

My suggestion is always the same: browse the timeline, and obviously thanks for sharing it and supporting my work in spreading the risk awareness across the community. As always, don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.

Geo Map May H2 2023

No Data Found


Creating the timelines is a very time-consuming task.

Any little helps!


No Data Found

The “Breachometer” compares the current number of events/day with the max and min values recorded in the previous 12 months.


No Data Found

  • Featured Image Q1 2024Q1 2024 Cyber Attacks Statistics

    I aggregated the statistics created from the cyber attacks timelines published in the first quarter of 2024. In this period, I collected a total of 833 events (9.15 events/day) dominated by Cyber Crime with 75.2%...

  • The Biggest Data Breaches of 2021

    With this new project I am going to track the biggest data breaches of 2021 extracted from my cyber attack timelines.

  • March 2024 MotivationsMarch 2024 Cyber Attacks Statistics

    In March 2024 I collected and analyzed 203 events dominated by malware attacks. Cyber Crime continued to lead the Motivations chart with 72.9%, ahead of Cyber Espionage with 13.3%, Cyber Warfare (5.9%) and Hacktivism (2.5%).

  • Free computer code screen image16-31 March 2024 Cyber Attacks Timeline

    In the second timeline of March 2024 I collected 104 events dominated by malware, exploitation of vulnerabilities and ransomware. The threat landscape was also characterized by several mega breaches, multiple cyber espionage operations and also some remarkable events related to cyber warfare.

  • Image by Pete Linforth from Pixabay1-15 May 2023 Cyber Attacks Timeline

    In the first half of May 2023 I collected 173 events (corresponding to 11.53 events/day), a value that confirms the sustained trend characterizing this year from an information security perspective.


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.