Motivations March H2 2024

No Data Found

Attack Techniques March H2 2024

No Data Found

In the second timeline of March 2024 I collected 104 events (6.5 events/day), as always characterized by a majority of malware attacks with a value (18.3%) slightly lower than the previous timeline, when it was 19.2%.

The exploitation of vulnerabilities jumped at number two with 15.4%, very close to 15.2 of the previous fortnight. Ransomware attacks went slightly down to 12.5% from 14.1%, but one should always consider that in most cases the exploitation of vulnerabilities lead to a ransomware attack.

In terms of mega breaches, this fortnight AT&T was hit hard, confirming a breach carried out simultaneously by two threat actors who put on sale 71 million records allegedly stolen in 2021. Other organizations hit by massive breaches include Giant Tiger (2.8 million), the Pakistan National Database and Registration Authority (Nadra – 2.7 million), and MediaWorks (2.4 million).

The fintech sector continued to be particularly targeted by cyber criminals. The most curious case is the one related to Munchables, a blockchain-based game, which (sort of) lost about $62 million worth of cryptocurrency that were returned few hours later. Unfortunately other platform like Curio ($16M losses) and Prisma Finance ($11M losses) were not so lucky.

And multiple campaigns were also uncovered in the cyber espionage front carried out by threat actors from North Korea (Kimsuky), Russia (APT29, one in particular targeting political parties in Germany), Iran (MuddyWater) and China (UNC5174 and UNC302 very busy in exploiting vulnerabilities at scale, Mustang Panda, and Earth Krahang).

Russian forces were also particularly active in the cyber warfare space: multiple service providers in Ukraine were taken down by threat actors affiliated to Russia, threat actors affiliated to Russia (and in particular, linked to Yevgeniy Prigozhin) were also behind some disinformation campaigns active also the death of the leader of the Wagner, and finally a new wiper malware named AcidPour was discovered.

For the details, feel free to browse the timeline, and obviously share it to support my work in spreading the risk awareness across the community. And don’t forget to follow @paulsparrows on X (formerly Twitter,) or even connect on Linkedin, or Mastodon for the latest updates.

Geo Map March H2 2024

No Data Found



Creating the timelines is a very time-consuming task.

Any little helps!

  • March 2024 MotivationsMarch 2024 Cyber Attacks Statistics

    In March 2024 I collected and analyzed 203 events dominated by malware attacks. Cyber Crime continued to lead the Motivations chart with 72.9%, ahead of Cyber Espionage with 13.3%, Cyber Warfare (5.9%) and Hacktivism (2.5%).

  • Featured Image Q1 2024Q1 2024 Cyber Attacks Statistics

    I aggregated the statistics created from the cyber attacks timelines published in the first quarter of 2024. In this period, I collected a total of 833 events (9.15 events/day) dominated by Cyber Crime with 75.2%...

  • 2023 Stats Featrured Image2024 Cyber Attacks Statistics

    In 2023, there was a 35% increase in cyber attacks to 4,128 events, with the MOVEit CVE-2023-34362 vulnerability being heavily exploited. Cybercrime dominated as the main motivation at 79%, while malware led attack techniques with 35.9%. Healthcare remained a top target for ransomware. The data ...

  • Image by Pete Linforth from Pixabay1-15 May 2023 Cyber Attacks Timeline

    In the first half of May 2023 I collected 173 events (corresponding to 11.53 events/day), a value that confirms the sustained trend characterizing this year from an information security perspective.

  • The Biggest Data Breaches of 2021

    With this new project I am going to track the biggest data breaches of 2021 extracted from my cyber attack timelines.


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.