Motivations September H2 2023

No Data Found

Attack Techniques September H2 2023

No Data Found

Despite the overall level of activity remains quite high, the second cyber attack timeline of September 2023 shows a considerable decrease in terms of events compared to the first half of the same month. In the second half of September I collected 165 events, corresponding to 11 events/day, down from 215 of the first fortnight (14.33 events/day) and close to the values of August.

Ransomware continues to characterize the threat landscape, and consequently malware attacks lead the chart of the attack techniques with 35.2% (58 out of 165 events,) an important number that is however lower than 39.7% (83 out of 209 events) of the previous timeline. Instead the impact of vulnerabilities is in line with the previous period (17.57%, corresponding to 29 out of 165 events, vs 17.2% of the previous fortnight). And yes, there are still impacts of the massive MOVEit attack with new organizations disclosing breaches stemmed by the CVE-2023-34362 Vulnerability.

And even in this timeline we found several massive hacks against organizations operating in the fintech space, for example Mixin Network lost the equivalent of $200 million, making it the largest hack suffered in 2023 (so far). Other “minor” incidents include the loss of $7.9 million worth from crypto exchange HTX, and the loss of “only” $238,000 worth from Balancer.

And the list of mega breaches continued to grow also in the second half of September: McLaren HealthCare suffered an ALPHV/BlackCat ransomware attack compromising the information of 2.5 million individuals, and more than 2 million Pakistani citizens had their data compromised when attackers got access to a private company-made database used by hundreds of restaurants.

Threat actors driven by cyber espionage were quite active in this fortnight with multiple operations carried out by known attackers such as APT29, APT34, APT36, the Lazarus group, but also new mysterious threat actors such as Sandman, targeting telecommunication service providers in the Middle East, Western Europe, and South Asia. But this month the list is really too long to be summarized in a few words.

In terms of hacktivism: the pro-Russia hacktivists from NoName057(16) were particularly active against organizations in two countries in particular: Canada and Italy.

Of course, my suggestion is always the same: browse the timeline, and obviously share it to support my work in spreading the risk awareness across the community. And don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, or Mastodon for the latest updates.

Geo Map September H2 2023

No Data Found



Creating the timelines is a very time-consuming task.

Any little helps!


No Data Found

The “Breachometer” compares the current number of events/day with the max and min values recorded in the previous 12 months.


No Data Found

  • Free cyber security concept background1-15 March 2024 Cyber Attacks Timeline

    In the first timeline of March 2024, I collected 98 events, once again characterized malware and ransomware attacks. State-sponsored threat actor were equally quite active, but the timeline also features some interesting events related to cyberwarfare.

  • 2023 Stats Featrured Image2024 Cyber Attacks Statistics

    In 2023, there was a 35% increase in cyber attacks to 4,128 events, with the MOVEit CVE-2023-34362 vulnerability being heavily exploited. Cybercrime dominated as the main motivation at 79%, while malware led attack techniques with 35.9%. Healthcare remained a top target for ransomware. The data ...

  • Photo by Towfiqu barbhuiya on UnsplashThe Biggest Data Breaches of 2023

    Similarly to what I have done in 2022 and 2021, I am collecting the main mega breaches...

  • December 2014 Cyber Attacks Statistics

    The new year has just begun, and here we are with the last blog post for the 2014 just gone related to the Cyber Attacks statistics derived from the timelines of December (Part I and Part II). As usual, the US dominate the Country Distribution Chart ...

  • The Biggest Data Breaches of 2021

    With this new project I am going to track the biggest data breaches of 2021 extracted from my cyber attack timelines.


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.