Information security now!
Cyber weather in May was mainly calm. However, the past month also brought with it some storm clouds as several Western countries reported being targeted by attacks linked to state-sponsored cyber threat actors.
Phishing and fraud incidents reflected seasonal patterns, with familiar themes for this time of year. The beginning of the summer season has activated malicious actors, particularly in campaigns themed around banking, postal services, taxation and vehicles. Toward the end of May, there was also a rise in AiTM (adversary-in-the-middle) phishing attacks that are capable of bypassing two-factor authentication.
A major positive development was the long-awaited launch of the European Union Vulnerability Database (EUVD) in mid-May. The EUVD provides an alternative to the US-based CVE database, reducing Europe's dependency on external services.