- Post author:Paolo Passeri
- Post published:September 8, 2022
- Post category:Cyber Attacks Timelines / Security
- Post comments:0 Comments
- Reading time:5 mins read
Views: 41,600
EVENTS
EVENTS/DAY
EVENTS
EVENTS/DAY
If you expected a Summer break in the attack trend you will be disappointed. In the first half of August 2022 I have recorded the second highest number of events, and the higher in absolute if we consider the events per day.
In reality the Summer also brought a new wave of ransomware attacks. 41 out of 149 events (27.5%) were characterized by this attack vector, meaning that we are back at values similar to the first timeline of July (25.2%.) On the other hand, 14 out of 149 events were characterized by the exploitation of vulnerabilities in line with the previous timeline.
16-31 July 2023 Cyber Attacks Timeline
New victims of attacks carried out by the Clop (AKA Cl0p) ransomware gang exploiting the CVE-2023-34362 MOVEit vulnerability emerged even during…
Continue Reading
The massive hacks against crypto platform continued also during the fist half of August, with a new record achieved by Nomad, which lost nearly $200M worth of cryptovalues after a vulnerability in a recent update was discovered and replicated by dozens of attackers. A number that overshadowed the losses suffered by Solana and Curved Finance (respectively roughly $5M and $800K).
And the Summer did not even stop mega breaches: millions of new records have been added to the pile of compromised accounts: a COVID-19 health app in China (48.5M records), an unknown credit agency (23M records), and the University of Kashmir (1M records) are the most notable examples.
The hybrid warfare in Ukraine confirmed the decreasing trend. This timeline saw multiple DDoS attacks carried out by the pro-Russian collective Killnet and their affiliates. Maybe the operations against Ukraine flew under the radar. The only ones deserved to be mentioned are the massive bot farm (1M bots) taken down by the Ukrainian cyber police (SSU) and a new campaign by the infamous Gamaredon group. Indirectly related to Ukraine is also the operation linked to a Russian threat actor tracked as SEABORGIUM targeting people and organizations in NATO countries.
But the cyber espionage front is always rich of events, the timeline reports new campaigns by the usual suspects such as: Charming Kitten, Bitter APT, APT36, APT-C-35, APT27, and many other threat actors, some of which emerged for the first time, such as the Chinese group that created the Manjusaka exploitation framework, or the actor tracked as TAC-040, very busy in exploiting the Atlassian Confluence flaw CVE-2022-26134.
As usual the list is too long to be summarized in few words (this one in particular), so my suggestion is to enjoy the interactive timeline and the tabular format, and obviously thanks for sharing it, and supporting my work in spreading the risk awareness across the community. As always, don’t forget to follow @paulsparrows on Twitter, or even connect on Linkedin, for the latest updates.
Expand for details
SUPPORT MY WORK!
BREACHOMETER
The “Breachometer” compares the current number of events/day with the max and min values recorded in the previous 12 months.
12 MONTHS TREND
POPULAR POSTS
- 2024 Cyber Attacks Statistics
In 2023, there was a 35% increase in cyber attacks to 4,128 events, with the MOVEit CVE-2023-34362 vulnerability being heavily exploited. Cybercrime dominated as the main motivation at 79%, while malware led attack techniques with 35.9%. Healthcare remained a top target for ransomware. The data ...
- 1-15 March 2024 Cyber Attacks Timeline
In the first timeline of March 2024, I collected 98 events, once again characterized malware and ransomware attacks. State-sponsored threat actor were equally quite active, but the timeline also features some interesting events related to cyberwarfare.
- The Biggest Data Breaches of 2021
With this new project I am going to track the biggest data breaches of 2021 extracted from my cyber attack timelines.
- 16-31 January 2024 Cyber Attacks Timeline
In the second timeline of January 2024 I collected 168 events (10.50 events/day), dominated by ransomware, ahead of malware and the exploitation of vulnerabilities. There were also several mega breaches, multiple operations against fintech organizations, and the usual wave of attacks motivated by cyber espionage.
- Leaky Buckets in 2022
Similarly to what I have done in 2021, I am now collecting the incidents due to cloud misconfigurations and leading to the exposure of data.
Previous slide
Next slide
FOLLOW ME ON TWITTER
Related Posts
- 16-31 July 2022 Cyber Attacks Timeline
- 1-15 July 2022 Cyber Attacks Timeline
- 16-30 June 2022 Cyber Attacks Timeline
- 1-15 June 2022 Cyber Attacks Timeline
- 16-31 May 2022 Cyber Attacks Timeline
- 1-15 May 2022 Cyber Attacks Timeline
Tags: 2022, APT-C-35, APT36, Atalssian Confluence, August, Bitter APT, Charming Kitten, COVID-19, CVE-2022-26134, Cyber Attacks, Cyber Crime, Cyber Espionage, Cyber Warfare, Gamaredon, Hacktivism, Manjusaka, Nomad, Ransomware, Russia, SEABORGIUM, SSU, TAC-040, Timeline, University of Kashmir, Vulnerabilities
Leave a Reply
This site uses Akismet to reduce spam. Learn how your comment data is processed.
