Motivations November H2 2023

No Data Found

Attack Techniques November H2 2023

No Data Found

In the second half of November 2023, I collected 207 events (13.8 events per day), the second higher value during 2023, and definitely an important increase compared to the 183 events (12.2 events) of the previous timeline.

Unsurprisingly, ransomware continued to characterize the threat landscape (72 events were directly or indirectly related to this kind of attack, corresponding to 34.78% of the occurrences, one of the higher percentages observed so far,) and consequently malware attacks ramped up the attack techniques chart with nearly one of out two events (45.9%,) an important increase from 38.2% of the first half of November. 

The exploitation of vulnerabilities played a part in 9.2% of events, despite the number remains important, this number confirms a decreasing trend characterizing the end of 2023.

Organizations operating in the fintech sector remained under attack with $167 million worth of crypto assets stolen in three hacks affecting HTX ($87 million,) KyberSwap ($54 million,) and Kronos Research ($26 million.) Additionally crypto investors were targeted by multiple account takeover and scam campaigns aimed to steal their funds.

The threat landscape was also characterized by several mega breaches, targeting in particular an unknown organizations in Turkey (nearly 2 million citizen records compromised,) Taj Hotels (1.5 million records at risk,) and ZeroedIn Technologies (even in this case nearly 2 million records compromised.)

Last but not least, the complex geopolitical situation had inevitably an impact in the cyber espionage landscape, with multiple operations carried out by threat actors supporting Palestine (Molerats, a.k.a. Gaza Cybergang,) but also the “usual suspects” from North Korea (Andariel, Kimsuki, Konni, and Lazarus,) China (Chimera and Mustang Panda,) Russia (Gamaredon.) The chronicles reported also a previously unknown threat actor named AeroBlade, targeting organizations in the United States aerospace sector.

And of course the geopolitical situation had an impact also in terms of hacktivism with multiple operations against Israel (and not only) by pro-Palestine threat actors.

This timeline is particularly long, so my suggestion is always the same: browse the timeline, and obviously share it to support my work in spreading the risk awareness across the community. And don’t forget to follow @paulsparrows on X (formerly Twitter,) or even connect on Linkedin, or Mastodon for the latest updates.

Geo Map November H2 2023

No Data Found



Creating the timelines is a very time-consuming task.

Any little helps!


No Data Found

The “Breachometer” compares the current number of events/day with the max and min values recorded in the previous 12 months.


No Data Found

  • 2023 Stats Featrured Image2024 Cyber Attacks Statistics

    In 2023, there was a 35% increase in cyber attacks to 4,128 events, with the MOVEit CVE-2023-34362 vulnerability being heavily exploited. Cybercrime dominated as the main motivation at 79%, while malware led attack techniques with 35.9%. Healthcare remained a top target for ransomware. The data ...

  • network servers on an enclosureCVEs Targeting Remote Access Technologies

    In this first quarter of 2024, threat actors have been particularly busy in exploiting vulnerabilities (0-days but also old unpatched flaws) targeting traditional remote access technologies. In this blog post I summarized the main CVEs exploited so far in 2024.

  • Free cyber security concept background1-15 March 2024 Cyber Attacks Timeline

    In the first timeline of March 2024, I collected 98 events, once again characterized malware and ransomware attacks. State-sponsored threat actor were equally quite active, but the timeline also features some interesting events related to cyberwarfare.

  • February 2024 Statistics Featured ImageFebruary 2024 Cyber Attacks Statistics

    In February 2024 I collected and analyzed 239 events. Cyber Crime continued to lead the Motivations chart with 68.6%. Operations driven by Cyber Espionage ranked at number two with 16.7%, ahead of Cyber Warfare (4.6%) and Hacktivism (3.3%).

  • The Biggest Data Breaches of 2021

    With this new project I am going to track the biggest data breaches of 2021 extracted from my cyber attack timelines.


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.