Motivations March H1 2024

No Data Found

Attack Techniques March H2 2024

No Data Found

In the first timeline of March 2024 I collected 98 events (6.13 events/day), once again characterized by a majority of malware attacks with a value (19.2%) lower than the previous timeline, when it was 25%.

Ransomware attacks were stable at number two, with 15.2%, once again a value slightly lower than the previous timeline when it was 16%. Similarly, the exploitation of vulnerabilities (very often aimed to deliver malware or ransomware) was stable at number three with 14.1%, in practice the same value of the previous timeline when it was 14%, this time “thanks” to the contribution of the Screenconnect and Teamcity vulnerabilities.

In terms of mega breaches, there was just one significant event in France, where France Travail, formerly known as Pôle Emploi, warned that threat actors stole (again) personal details of an estimated 43 million individuals.

In the fintech sector, decentralized finance platform WOOFi experienced an $8.75 million by a threat actor who used flash loans to manipulate the algorithm.

As always, as we are used in this complicated period, state-aligned threat actors from Russia, China and North Korea were quite active, especially APT28 and APT29 (the latter allegedly stole some portions of Microsoft source code), Kimsuky, and Evasive Panda.

But it’s the Cyberwar front, which probably offered the most interesting events: the Main Intelligence Directorate of Ukraine’s Ministry of Defense breached the Russian Ministry of Defense, Russian media outlets published an intercepted conversation via Webex, in which Bundeswehr officials were discussing the country’s support for Ukraine, a new wiper malware, WinDestroyer, was discovered, and an RAF plane carrying U.K. Defence Secretary Grant Shapps had its GPS signal jammed while flying close to Russian territory.

And finally there were some DDoS attacks, in particular the Pro-Russian Anonymous Sudan disrupted some Alabama State Government websites.

For the details, feel free to browse the timeline, and obviously share it to support my work in spreading the risk awareness across the community. And don’t forget to follow @paulsparrows on X (formerly Twitter,) or even connect on Linkedin, or Mastodon for the latest updates.

Geo Map March H1 2024

No Data Found



Creating the timelines is a very time-consuming task.

Any little helps!

  • Free cyber security concept background1-15 March 2024 Cyber Attacks Timeline

    In the first timeline of March 2024, I collected 98 events, once again characterized malware and ransomware attacks. State-sponsored threat actor were equally quite active, but the timeline also features some interesting events related to cyberwarfare.

  • February 2024 Statistics Featured ImageFebruary 2024 Cyber Attacks Statistics

    In February 2024 I collected and analyzed 239 events. Cyber Crime continued to lead the Motivations chart with 68.6%. Operations driven by Cyber Espionage ranked at number two with 16.7%, ahead of Cyber Warfare (4.6%) and Hacktivism (3.3%).

  • network servers on an enclosureCVEs Targeting Remote Access Technologies

    In this first quarter of 2024, threat actors have been particularly busy in exploiting vulnerabilities (0-days but also old unpatched flaws) targeting traditional remote access technologies. In this blog post I summarized the main CVEs exploited so far in 2024.

  • 2023 Stats Featrured Image2024 Cyber Attacks Statistics

    In 2023, there was a 35% increase in cyber attacks to 4,128 events, with the MOVEit CVE-2023-34362 vulnerability being heavily exploited. Cybercrime dominated as the main motivation at 79%, while malware led attack techniques with 35.9%. Healthcare remained a top target for ransomware. The data ...

  • The Biggest Data Breaches of 2021

    With this new project I am going to track the biggest data breaches of 2021 extracted from my cyber attack timelines.


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.