Motivations December H1 2023

No Data Found

Attack Techniques December H1 2023

No Data Found

After several months of sustained activity, the first half of December 2023 saw an important decrease in the in the number of recorded events. In particular I collected 135 events that represent a sharp drop if compared to 207 of the previous timeline.

But even in a scenario with a lower number of events, ransomware continued to characterize the threat landscape (48 out of 135 events were directly or indirectly related to this kind of attack), corresponding to 35.5% of cases (it was 34.78% in the previous timeline, definitely a very value that continues to be quite high) a number that also reflect the high percentage of malware attacks (46.7%), slightly up from 45.9% of the second half of November. 

The exploitation of vulnerabilities played a part in 18 events, corresponding to 13.3% of events, up from 9.2% of the previous timeline, and in counter-tendency with the trend of the latest months.

There were several mega breaches, but some of them (such as Norton Healthcare) were already reported in previous timelines. The only one that was never disclosed before hit ESO Solutions, a provider of software products for healthcare organizations and fire departments, which had the data belonging to 2.7 million patients compromised as a result of a ransomware attack.

In the fintech sector, the only mega theft of crypto asset hit the decentralized exchange OKX, which fell victim after a private key belonging to the proxy admin owner was leaked, leading to total losses equivalent to approximately $2.7 million.

And unsurprisingly, another leitmotif, of the last few months, the complex geopolitical situation continued to affect the cyber espionage landscape, with threat actors from Russia (APT28, APT29, Callisto), North Korea (Lazarus and Andariel), and China, particularly active. The APT28 threat group especially, was busy in carrying out multiple global operations exploiting the CVE-2023-23397 Microsoft Outlook vulnerability and CVE-2023-38831 WinRAR vulnerability. There was also an unconfirmed news of an alleged cyber attack against the Sellafield nuclear waste and decommissioning site in the UK, from threat actors linked to Russia and China.

Last but not least, security researchers discovered also a new campaign by the pro-Hamas threat actor known as Gaza Cybergang, targeting Palestinian entities (and this was not the only event related to the war between Israel and Hamas).

This timeline is particularly long, so my suggestion is always the same: browse the timeline, and obviously share it to support my work in spreading the risk awareness across the community. And don’t forget to follow @paulsparrows on X (formerly Twitter,) or even connect on Linkedin, or Mastodon for the latest updates.

Geo Map December H1 2023

No Data Found



Creating the timelines is a very time-consuming task.

Any little helps!


No Data Found

The “Breachometer” compares the current number of events/day with the max and min values recorded in the previous 12 months.


No Data Found

  • Photo by Towfiqu barbhuiya on UnsplashThe Biggest Data Breaches of 2023

    Similarly to what I have done in 2022 and 2021, I am collecting the main mega breaches...

  • Image by wastedgeneration from Pixabay1-15 December 2023 Cyber Attacks Timeline

    In early December 2023, event recordings decreased significantly to 135, with ransomware dominating 35.5% of incidents. The period saw a notable data breach at ESO Solutions, affecting 2.7 million patients, and a $2.7 million crypto theft at OKX. Geopolitical tensions spurred active cyber espionage, with ...

  • November 2023 MotivationsNovember 2023 Cyber Attacks Statistics

    November 2023 saw a rise to 39 events, with Cyber Crime remaining dominant at 78.7%. Cyber Espionage increased to 9.7%, while Hacktivism fell to 5.4%. Malware was the leading attack technique at 42.1%, and Multiple Organizations were the most targeted at 17.7%.

  • Q1 2023 Cyber Attacks Statistics

    I have aggregated the statistics created from the cyber attacks timelines published in the first three months of 2023. In total...

  • The Biggest Data Breaches of 2021

    With this new project I am going to track the biggest data breaches of 2021 extracted from my cyber attack timelines.


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.