Motivations September H1 2023

No Data Found

Attack Techniques September H1 2023

No Data Found

The first cyber attack timeline of September 2023 brings with it a new record in terms of events per day (13.93) abruptly inverting the apparent break and the decreasing trend of the past two fortnights (11.40 and 10.69 respectively in the first and second week of August).

Ransomware continues to be a big issue, and as a consequence, malware attacks continue to dominate the threat landscape with 39.7% (83 out of 209 events) up from 34.5% of the previous timeline. The impact of vulnerabilities is equally quite important (17.2% the echoes of the massive MOVEit attack are not over yet), despite the percentage seems to be headed to a decreasing trend (it was 22.6% in the second half of August). Ransomware was directly or indirectly involved in 38.65% of events (80 out of 209),  an important increase compared to 31.6% of the previous timeline.

The fintech continues to be under pressure, most of all because of the continued operations of the North Korean Lazarus Group, who allegedly hit CoinEX ($53 million worth of crypto assets stolen) and (over $40 million in crypto reportedly stolen.) Additionally a cyber attack to the cloud provider Retool cost a lot to Fortress Trust, which lost close to $15 million as a consequence of the hack.

Instead the list of the organizations victims of mega breaches include Freecycle (7 million records), Pizza Hut Australia (more than one million) and Traderie (2.6 million.)

Threat actors driven by cyber espionage were equally quite active in this fortnight with multiple operations carried out by attackers originating from China, Russia, Iran, an North Korea; known threat groups such as APT28, Charming Kitten, Winnti Group, or APT33, but also previously undisclosed state-sponsored groups.

In terms of hacktivism: the pro-Russia hacktivists from Anonymous Sudan and NoName057(16) were particularly active against targets, with the first claiming to have taken down Telegram for in retaliation for the decision of suspending their account.

Of course, my final suggestion is always the same: browse the timeline, and obviously share it to support my work in spreading the risk awareness across the community.

And don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, or Mastodon for the latest updates.

Geo Map September H1 2023

No Data Found



Creating the timelines is a very time-consuming task.

Any little helps!


No Data Found

The “Breachometer” compares the current number of events/day with the max and min values recorded in the previous 12 months.


No Data Found

  • Q3 2023 Cyber Attacks StatisticsQ3 2023 Cyber Attacks Statistics

    The third quarter of 2023 saw a 6.5% increase in cyber attacks with 1,108 events. Cybercrime led the charts with 79.7% of motives, mostly using malware techniques. Exploitation of vulnerabilities ranked second, majorly affecting multiple industries and healthcare and financial sectors.

  • Photo by Towfiqu barbhuiya on UnsplashThe Biggest Data Breaches of 2023

    Similarly to what I have done in 2022 and 2021, I am collecting the main mega breaches...

  • Q4 2022 Cyber Attacks Statistics

    I have aggregated the statistics created from the cyber attacks timelines published during Q4 2022) In total I collected...

  • September 2023 Cyber Attacks Statistics

    In September 2023, cyber crime continued to lead with 77.1% of total events, but showed a decrease. Cyber Espionage grew to 11.6%, while Hacktivism significantly dropped. Malware remains the leading attack technique and multiple organizations are the top targets.

  • 2020 Cyber Attacks Statistics

    As promised, I have pulled together some statistics from the data collected in 2020. The master table is available at the end of the post after the charts.


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.