EVENTS
EVENTS/DAY
0
EVENTS
0
EVENTS/DAY
0

Motivations June H1 2023

No Data Found

Attack Techniques June H1 2023

No Data Found

In the first half of June 2023, I collected 172 events (corresponding to 11.47 events/day), a value that shows a light increase compared to the 161 events in the second timeline of May.

This timeline was characterized by the massive exploitation of the CVE-2023-34362 MOVEit vulnerability by the Clop (AKA Cl0p) ransomware syndicate, leading to a spike on the percentage of attacks carried out exploiting vulnerabilities, with the unprecedented value of 25% (43 out of 172 events), a sharp increase compared to 10% of the second timeline of May. The other obvious consequence was the increase of the percentage of events directly or indirectly characterized by ransomware, soaring to 34.3% (59 out of 172 events), from 23.3% of the previous timeline.

The fintech sector continued to be under attack, with the North Korean threat actors from Lazarus Group stealing the equivalent of $35 million from Atomic Wallet. Other fintech organizations hit by attackers included: Floating Point Group (between $15 million and $20 million worth of crypto assets stolen),  Sturdy Finance ($800,000), and Hashflow ($600,000). Another remarkable campaign relating to the fintech sector was the one carried out by a threat actor dubbed ‘Pink Drainer’, who compromised the Discord and Twitter accounts of 1,932 victims to steal roughly $3 M worth of digital assets

Even the list of  mega breaches is quite reach in this timeline. The unwelcome scepter goes to e-Devlet, a Turkish government portal, from where 85 million accounts were allegedly stolen and published. But a couple of mega breaches also stemmed from the exploitation of the CVE-2023-34362 MOVEit vulnerability, in particular the ones affecting the Louisiana (6 million records) and Oregon (3.5 million) Offices of Motor Vehicles.

The Cyber Espionage front was always hot, with multiple campaigns unearthed and carried out by known threat actors such as Kimsuky and Gamaredon. Particularly interesting is also the so-called ‘Operation Triangulation’: according to Kaspersky the U.S. spied for years on the company (and other Russian organizations) exploiting an iMessage 0-day vulnerability.

And as always, this brief summary is closed by a quick mention to the attacks launched by hacktivists: the pro-Russian threat actors of NoName057(16) targeted several government websites in Switzerland, but the ones from Anonymous Sudan took probably the scene taking down briefly several cloud services from Microsoft. On the other side of the front, pro-Ukrainian hacktivists from Cyber.Anarchy.Squad took down the Russian telecom provider Infotel JSC, and another unknown actor managed to compromise radio and TV broadcasts in several Russian regions, transmitting a fake message from President Vladimir Putin announcing martial law due to a supposedly massive Ukraine incursion.

My suggestion is always the same: browse the timeline, and obviously thanks for sharing it and supporting my work in spreading the risk awareness across the community. As always, don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.

Geo Map June H1 2023

No Data Found

SUPPORT MY WORK!
MAKE A DONATION

Creating the timelines is a very time-consuming task.

Any little helps!

BREACHOMETER

No Data Found

The “Breachometer” compares the current number of events/day with the max and min values recorded in the previous 12 months.

12 MONTHS TREND

No Data Found

POPULAR POSTS
  • 2023 Stats Featrured Image2024 Cyber Attacks Statistics

    In 2023, there was a 35% increase in cyber attacks to 4,128 events, with the MOVEit CVE-2023-34362 vulnerability being heavily exploited. Cybercrime dominated as the main motivation at 79%, while malware led attack techniques with 35.9%. Healthcare remained a top target for ransomware. The data ...

  • computer program language text1-15 February 2024 Cyber Attacks Timeline

    In the cyber attacks timeline of February H1 2024, I collected 139 events dominated by malware attacks. Ransomware and vulnerabilities also played an important role in the threat landscape.

  • Q4 2023 Featured ImageQ4 2023 Cyber Attacks Statistics

    In Q4 2023, cyber attack events decreased by 7.1% to 1029 compared to the previous quarter. Cybercrime remains the primary motive, although slightly reduced, while malware tops attack techniques, increasing from the last quarter. Multiple industries and healthcare are the most targeted sectors. These statistics ...

  • network servers on an enclosureCVEs Targeting Remote Access Technologies

    In this first quarter of 2024, threat actors have been particularly busy in exploiting vulnerabilities (0-days but also old unpatched flaws) targeting traditional remote access technologies. In this blog post I summarized the main CVEs exploited so far in 2024.

  • January 2024 Cyber Attacks Statistics

    In January 2024 I collected 288 events, with Cyber Crime continuing to lead the motivations, and ransomware leading the known attack techniques, ahead of Malware.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.