EVENTS
EVENTS/DAY
0
EVENTS
0
EVENTS/DAY
0

Motivations August H2 2023

No Data Found

Attack Techniques August H2 2023

No Data Found

This post ends my infosec Summer (apologies for the delay in updating the timelines, I promise I’ll try to catch up!) Anyway, in the second timeline of August, I collected 165 events (corresponding to 11.27 events per day), a result almost in line with the first half of the same month (171 events, that is 11.40 events per day) and again above the average level of the pre-MOVEit age. The trail of disclosures related to the Cl0p breaches confirmed its decreasing trend, despite there were new organizations that continued to join the list of the victims.

Attacks carried out via malware confirmed the leadership in the motivations chart with 35.2% (58 out of 165 events) one point lower than 36.3% (58 out of 171 events), whereas vulnerabilities, despite confirmed a value very close to the previous timeline (22.6% vs. 22.4%). Ransomware was directly or indirectly involved in 31.5% of events in contrast with 36.1% of the previous timeline.

The fintech sector continued to be under pressure even in this fortnight with several entities suffering the theft of crypto assets for millions of dollars worth. The list of the victims includes the  Exactly Protocol ($7.3 million worth,) Harbor Protocol, Tetra Protocol, Balancer, Cypher, and even a campaign targeting individuals operating in the crypto space exploiting CVE-2023-38831, a zero-day vulnerability in the popular file archiving utility WinRAR.

The multiple attacks carried out exploiting the MOVEit breach continued to affect also the mega breaches landscape. For example the French government agency Pôle Emploi was hit in the hacking spree with the possible compromise of 11 million records. On a different side, the University of Minnesota confirmed to be investigating a data breach after hackers claimed to have obtained over seven million Social Security numbers from the school’s computer network. Last but not least, a database with 14GB of files with facial photos and 5.1 million records with El Salvadorans personal information was listed for sale on a popular hacking forum.

In terms of Cyber Espionage, a particular mention is deserved by the North Korean groups such as Kimsuky, the Lazarus Group and their affiliates, particularly active in this fortnight. Ukraine was also targeted (but this is not a novelty) by the Gamaredon group and threat actors linked to the main directorate of the General Staff of the Armed Forces of the Russian Federation (GRU). The timeline also includes other consolidated groups such as Bronze Starlight, some unnamed or unidentified groups, but also other newcomers such as: GroundPeony, Carderbee, Flax Typhoon, GREF, and Earth Estries.

In terms of hacktivism: the pro-Russia hacktivists from Killnet and NoName057(16) were particularly active against targets in Lithuania, Ukraine and Poland.

Of course, my final suggestion is always the same: browse the timeline, and obviously share it to support my work in spreading the risk awareness across the community.

And don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, or Mastodon for the latest updates.

Geo Map August H2 2023

No Data Found

BE NOTIFIED OF NEW POSTS

SUPPORT MY WORK!
MAKE A DONATION

Creating the timelines is a very time-consuming task.

Any little helps!

BREACHOMETER

No Data Found

The “Breachometer” compares the current number of events/day with the max and min values recorded in the previous 12 months.

12 MONTHS TREND

No Data Found

POPULAR POSTS
  • 2023 Stats Featrured Image2024 Cyber Attacks Statistics

    In 2023, there was a 35% increase in cyber attacks to 4,128 events, with the MOVEit CVE-2023-34362 vulnerability being heavily exploited. Cybercrime dominated as the main motivation at 79%, while malware led attack techniques with 35.9%. Healthcare remained a top target for ransomware. The data ...

  • Q4 2023 Featured ImageQ4 2023 Cyber Attacks Statistics

    In Q4 2023, cyber attack events decreased by 7.1% to 1029 compared to the previous quarter. Cybercrime remains the primary motive, although slightly reduced, while malware tops attack techniques, increasing from the last quarter. Multiple industries and healthcare are the most targeted sectors. These statistics ...

  • computer program language text1-15 February 2024 Cyber Attacks Timeline

    In the cyber attacks timeline of February H1 2024, I collected 139 events dominated by malware attacks. Ransomware and vulnerabilities also played an important role in the threat landscape.

  • The Biggest Data Breaches of 2021

    With this new project I am going to track the biggest data breaches of 2021 extracted from my cyber attack timelines.

  • December 2023 Statistics Featured ImageDecember 2023 Cyber Attacks Timeline

    December 2023 saw a decline in cyber events to 260 from November's 390, with Cyber Crime still leading at 75.4%. Cyber Espionage rose to 10.4%, Hacktivism to 7.3%, and Cyber Warfare doubled to 4.2%. Malware attacks led at 38.5%, while Account Takeovers and Targeted Attacks ...

TWITTER

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.