According to security researchers at SonicWall, global threat actors have been ramping up attacks on government targets, with a triple-digit annual increase in malware-driven attempts to compromise victims in the first three months of the year.  Alongside the 236% year-on-year (YoY) increase in Q1 2024, the researchers recorded a 27% annual increase in government attacks in the month leading up to the US election.  The researchers claimed that recorded DDoS attacks are on track to surpass last year’s figure by 32%.

By grigby1

By grigby1 

Researchers have revealed a new browser attack called "CrossBarking" that exploits "private" Application Programming Interfaces (APIs) in Opera to gain control over victims' browsers. CrossBarking involves running malicious code in the context of websites that have access to private APIs. This can be done through a Cross-Site Scripting (XSS) vulnerability or malicious browser extension. This article continues to discuss the CrossBarking browser attack.

Microsoft warns of a large-scale spear-phishing campaign attributed to the Russian state-sponsored threat actor "Midnight Blizzard." According to Microsoft, the campaign has targeted thousands of users in over 100 organizations across government, defense, academia, and other sectors, mainly in the US and Europe. This article continues to discuss the new spear-phishing campaign by Russia's Midnight Blizzard.

The North Korean state-sponsored hacking group "Andariel" has been attributed to a "Play" ransomware operation. According to Palo Alto Networks' Unit 42, Andariel may be a Play affiliate or an Initial Access Broker (IAB) facilitating the malware launch on a network they breached months earlier. Andariel is a state-sponsored Advanced Persistent Threat (APT) group linked to North Korea's Reconnaissance General Bureau, a military intelligence agency. This article continues to discuss the connection between Andariel and Play ransomware.

The threat actor "Chenlun" has been linked to a sophisticated phishing campaign impersonating trusted brands such as Amazon through text messages. Researchers at DomainTools attributed this activity to Chenlun, who exploited USPS delivery alerts last year to steal sensitive information. A new wave of phishing messages warns users about suspicious account activity and encourages them to verify accounts via malicious links. This article continues to discuss the evolution of Chenlun's tactics and the importance of collaborating to combat phishing attacks.

The US Cybersecurity and Infrastructure Security Agency (CISA) released its first International Strategic Plan for 2025-2026. It supports the CISA's first comprehensive strategic plan and aligns with the National Security Memorandum on Critical Infrastructure Security and Resilience. The International Strategic Plan outlines how CISA will actively work with international partners to bolster critical infrastructure security and resiliency. This article continues to discuss CISA's 2025-2026 International Strategic Plan.

Security researchers at CheckPoint have discovered that a new version of the FakeCall malware for Android hijacks outgoing calls from a user to their bank, redirecting them to the attacker's phone number instead.  The goal of the latest version remains to steal people's sensitive information and money from their bank accounts.  The researchers noted that FakeCall (or FakeCalls) is a banking trojan with a focus on voice phishing, in which victims are deceived through fraudulent calls impersonating banks, asking them to convey sensitive information.