Motivations November H1 2023

No Data Found

Attack Techniques November H1 2023

No Data Found

In the first half of November 2023, I collected 173 events (11.53 events per day), while confirming the high level of activity that characterized the end of 2023. this number revealed a slight decrease compared to the 188 events (11.75 events per day) of the previous timeline.

Ransomware continued to characterize the threat landscape (45 events were directly or indirectly related to this kind of attack, corresponding to 26%) and consequently malware attacks led the chart of the attack techniques with 38.2% (66 events,) considerably up from 34.4% of the second half of October. On the other hand, the exploitation of vulnerabilities characterized 15.6%, substantially in line with 15.3% of the previous two weeks.

In the fintech sector, Poloniex suffered a massive hack leading to the theft of $100 million worth of crypto assets. Onyx was also the victim of a hack, but in this case the bounty stolen by the attackers was “only” $2.1 million worth. Other interesting events included a new campaign by the North Korean Lazarus Group targeting blockchain engineers of a cryptocurrency exchange platform through a new malware strain named KandyKorn, and a new operation leading to the theft of $60 milion worth of cryptocurrency from 99,000 people in six months.

In terms of mega breaches, the aftermaths of the widespread exploitation of the MOVEit CVE-2023-34362 vulnerability continued, continued, and the State of Maine announced that its systems were breached exploiting the above flaw, allowing the threat actors to access personal information of about 1.3 million individuals, close to the state’s entire population.

And once again, confirming a trend that characerized 2023, threat actors driven by cyber espionage were quite busy in exploiting the numerous vulnerabilities disclosed in this period (and not only.) For example several groups including Winter Vivern exploited the CVE-2023-37580 Zimbra vulnerability, whilst APT29 continued to rely on the WinRAR CVE-2023-38831 vulnerability for their campaigns. Other threat actors busy in the same period involved the Iranian groups APT34 (a.k.a. OilRig) and Imperial Kitten, the North Korean APT38 (a.k.a. BlueNoroff,) and the pro-Palestine TA402 (a.ka. Molerats and Gaza Cybergang.)

And the war in Middle East continued to motivate multiple operations against organizations in Israel carried out by the Abnaa AlSaada and Soldiers of Solomon threat actors, but also a destructive attack by the threat actor Agonizing Serpens carried out via a wiper dubbed BiBi Wiper.

Of course, my suggestion is always the same: browse the timeline, and obviously share it to support my work in spreading the risk awareness across the community. And don’t forget to follow @paulsparrows on X (formerly Twitter,) or even connect on Linkedin, or Mastodon for the latest updates.

Geo Map November H1 2023

No Data Found



Creating the timelines is a very time-consuming task.

Any little helps!


No Data Found

The “Breachometer” compares the current number of events/day with the max and min values recorded in the previous 12 months.


No Data Found

  • 2023 Stats Featrured Image2024 Cyber Attacks Statistics

    In 2023, there was a 35% increase in cyber attacks to 4,128 events, with the MOVEit CVE-2023-34362 vulnerability being heavily exploited. Cybercrime dominated as the main motivation at 79%, while malware led attack techniques with 35.9%. Healthcare remained a top target for ransomware. The data ...

  • computer program language text1-15 February 2024 Cyber Attacks Timeline

    In the cyber attacks timeline of February H1 2024, I collected 139 events dominated by malware attacks. Ransomware and vulnerabilities also played an important role in the threat landscape.

  • January 2024 Cyber Attacks Statistics

    In January 2024 I collected 288 events, with Cyber Crime continuing to lead the motivations, and ransomware leading the known attack techniques, ahead of Malware.

  • Image by izhar ahamed from Pixabay16-31 December 2023 Cyber Attacks Timeline

    The last cyber attacks timeline of 2023 revealed a decrease in events (120 events down from 140 of the previous timeline), and this trend extended to lower ransomware and malware rates. There were a few mega breaches, and some events in the cryptocurrency sector. Cyber ...

  • Q4 2023 Featured ImageQ4 2023 Cyber Attacks Statistics

    In Q4 2023, cyber attack events decreased by 7.1% to 1029 compared to the previous quarter. Cybercrime remains the primary motive, although slightly reduced, while malware tops attack techniques, increasing from the last quarter. Multiple industries and healthcare are the most targeted sectors. These statistics ...


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.