Motivations February H2 2024

No Data Found

Attack Techniques February H2 2024

No Data Found

In the second timeline of February 2024 I collected 100 events (7.14 events/day), once again characterized by a majority of malware attacks in line with the previous timeline (25% vs 25.2% in the first fortnight of the same month). 

Ransomware attacks were stable at number two, once again with a value, 16%, in line with the first half of the month (it was 16.5% in the previous timeline but again, one should consider that in some cases ransomware attacks were generically classified as malware). Vulnerabilities were equally stable at number three up to 14% from 12.9%, and the massive exploitation of the Ivanti vulnerabilities also characterized this timeline.

In terms of mega breaches, AI service Cutout.Pro suffered a data breach exposing the personal information of 20 million members, and the exploitation of a vulnerability in a CRM system of the Los Angeles Airport resulted in the compromise of 2.5 million records of plane owners.

The fintech sector continued to be under pressure: FixedFloat, a decentralized crypto exchange, lost at least $26 million worth of Bitcoin and Ethereum, while Jeff “Jihoz” Zirlin, one of the co-founders of the video game Axie Infinity and the related Ronin Network had nearly $10 million in cryptocurrency stolen from personal accounts.

And in this fortnight the threat actors driven by cyber espionage were equally quite active, with multiple campaigns launched by old acquaintances like the Russian Winter Vivern, COLDRIVER, APT28, and APT29, the North Korean Lazarus, Konni, and Kimsuky, and the Chinese Mustang Panda and Volt Typhoon, and, last but not least, the Iranian Imperial Kitten.

A coordinated effort from Russia was behind several disinformation campaigns: Operation Texonto, Doppelgänger, and “Maidan-3”, in all cases targeting Ukraine and some Eruopean countries such as Germany and France.

Finally some universities in the U.K. were hit by DDoS attacks launched by the pro-Russian hacktivists of the Anonymous Sudan collective.

For the details, feel free to browse the timeline, and obviously share it to support my work in spreading the risk awareness across the community. And don’t forget to follow @paulsparrows on X (formerly Twitter,) or even connect on Linkedin, or Mastodon for the latest updates.

Geo Map February H2 2024

No Data Found



Creating the timelines is a very time-consuming task.

Any little helps!

  • Free cyber security concept background1-15 March 2024 Cyber Attacks Timeline

    In the first timeline of March 2024, I collected 98 events, once again characterized malware and ransomware attacks. State-sponsored threat actor were equally quite active, but the timeline also features some interesting events related to cyberwarfare.

  • network servers on an enclosureCVEs Targeting Remote Access Technologies

    In this first quarter of 2024, threat actors have been particularly busy in exploiting vulnerabilities (0-days but also old unpatched flaws) targeting traditional remote access technologies. In this blog post I summarized the main CVEs exploited so far in 2024.

  • February 2024 Statistics Featured ImageFebruary 2024 Cyber Attacks Statistics

    In February 2024 I collected and analyzed 239 events. Cyber Crime continued to lead the Motivations chart with 68.6%. Operations driven by Cyber Espionage ranked at number two with 16.7%, ahead of Cyber Warfare (4.6%) and Hacktivism (3.3%).

  • 2023 Stats Featrured Image2024 Cyber Attacks Statistics

    In 2023, there was a 35% increase in cyber attacks to 4,128 events, with the MOVEit CVE-2023-34362 vulnerability being heavily exploited. Cybercrime dominated as the main motivation at 79%, while malware led attack techniques with 35.9%. Healthcare remained a top target for ransomware. The data ...

  • The Biggest Data Breaches of 2021

    With this new project I am going to track the biggest data breaches of 2021 extracted from my cyber attack timelines.


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.