EVENTS
0
EVENTS/DAY
0
EVENTS
0
EVENTS/DAY

Motivations July H2 2023

No Data Found

Attack Techniques July H2 2023

No Data Found

New victims of attacks carried out by the Clop (AKA Cl0p) ransomware gang exploiting the CVE-2023-34362 MOVEit vulnerability emerged even during the second half of July 2023 (the first timeline is here). For this reason the number of collected events soared to 217 (corresponding to 13.56 events/day). A value never seen before that sets a new record.

Once again, the obvious consequence is that the attacks exploiting vulnerabilities were still on top of the attack techniques with the new record (yes each fortnight we set a new record) of 45.6% (99 out of 217 events). Nearly ten points higher than the previous one (35.9%) of the first half of July. And once again, the other obvious consequence was the increase of the percentage of events directly or indirectly characterized by ransomware, soaring to 45.16%, slightly lower than 45.5% of the previous fortnight.

The fintech sector continued to be under pressure with multiple companies suffering the theft of crypto assets for millions of U.S. Dollars worth, and in particular two suffered a loss higher than 60million: Alphapo (and in this case the fingers are pointed to the North Korean threat actor Lazarus Group), and Curve Finance.

In terms of mega breaches, Tampa General Hospital disclosed that the sensitive data of 1.2 million was stolen in a failed ransomware attack, a threat actor claimed to be in possession of two million data records stolen from the Egyptian Ministry of Health and Population, and the U.S. government contractor Maximus confirmed that the Clop Ransomware gang, accessed the protected health information of as many as 11 million individuals exploiting the vulnerability in MOVEit Transfer.

The Cyber Espionage front was quite crowded even in this fortnight, with multiple high-profile campaigns unearthed and carried out by known threat actors such as APT29 and Turla (against organization with connections to Ukraine), the Chinese APT31, APT41, the Iranian APT 34, and the Indian Bahamut (but there are many more).

In terms of hacktivism: NATO confirmed an investigations on the claims about an alleged data-theft hack on the Communities of Interest (COI) Cooperation Portal by the hacking group known as SiegedSec, Anonymous Sudan took down the Kenya’s eCitizen Portal, and an Iranian group dubbed Cyber Avengers took down Israel’s largest oil refinery operator, BAZAN Group.

My suggestion is always the same: browse the timeline, and obviously thanks for sharing it and supporting my work in spreading the risk awareness across the community. As always, don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.

Geo Map July H2 2023

No Data Found

BE NOTIFIED OF NEW POSTS

SUPPORT MY WORK!
MAKE A DONATION

Creating the timelines is a very time-consuming task.

Any little helps!

BREACHOMETER

No Data Found

The “Breachometer” compares the current number of events/day with the max and min values recorded in the previous 12 months.

12 MONTHS TREND

No Data Found

POPULAR POSTS
  • Image by Pete Linforth from Pixabay1-15 May 2023 Cyber Attacks Timeline

    In the first half of May 2023 I collected 173 events (corresponding to 11.53 events/day), a value that confirms the sustained trend characterizing this year from an information security perspective.

  • November 2023 MotivationsNovember 2023 Cyber Attacks Statistics

    November 2023 saw a rise to 39 events, with Cyber Crime remaining dominant at 78.7%. Cyber Espionage increased to 9.7%, while Hacktivism fell to 5.4%. Malware was the leading attack technique at 42.1%, and Multiple Organizations were the most targeted at 17.7%.

  • Photo by Towfiqu barbhuiya on UnsplashThe Biggest Data Breaches of 2023

    Similarly to what I have done in 2022 and 2021, I am collecting the main mega breaches...

  • Image by wastedgeneration from Pixabay1-15 December 2023 Cyber Attacks Timeline

    In early December 2023, event recordings decreased significantly to 135, with ransomware dominating 35.5% of incidents. The period saw a notable data breach at ESO Solutions, affecting 2.7 million patients, and a $2.7 million crypto theft at OKX. Geopolitical tensions spurred active cyber espionage, with ...

  • The Biggest Data Breaches of 2021

    With this new project I am going to track the biggest data breaches of 2021 extracted from my cyber attack timelines.

TWITTER

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.