Brute Force Attacks Surge in Q1

Author

Taylor Hawes
April 15, 2026

Audience Survey

We’re running a short 5-question survey to better understand who reads Comparitech.

Your answers help us shape our editorial coverage and we’ll share an aggregate snapshot of the results back to the community later this quarter. No personal data collected.

We are also running a raffle for anyone that fills it out to be entered to win a $100 Amazon voucher.

From the Editor’s Desk

Security teams are starting to face a new pattern. Attacks are not only increasing in volume but also becoming easier to launch with automation and AI. The real question now is simple: are defenses scaling at the same speed as threats, or just reacting after the damage is done?

🔎 Deep Brief

Brute Force Attacks Surge in Q1

Brute force cyberattacks saw a sharp rise in Q1, with a large share traced back to activity originating in the Middle East. These attacks focus on repeated login attempts to break into systems using weak or reused credentials. What stands out is not just the volume, but the scale at which automation is being used. Attackers are deploying tools that can test thousands of credentials in minutes, targeting cloud services, VPNs, and enterprise applications.

Organizations with poor password hygiene or limited multi-factor authentication remain the most exposed. The data also shows that many attacks are not highly sophisticated, yet still succeed due to basic security gaps. This reinforces a long-standing issue: simple attack methods continue to work because foundational defenses are not consistently applied.

Takeaway

Basic controls such as strong authentication and access management still offer the highest return in reducing risk.

🧠 Strategy in Action

Goldman Sachs Strengthens Cyber Defenses Amid AI Threat Concerns

Goldman Sachs has increased its investment in cybersecurity following warnings about AI-driven threats. The firm is focusing on strengthening detection systems, improving internal monitoring, and preparing for attacks that use AI to mimic human behavior. This includes phishing attempts that appear more realistic and automated intrusion methods that adapt quickly.

Takeaways: 

The initiative reflects a broader shift in financial services, where firms are preparing for threats that are harder to detect using traditional tools. By upgrading its defenses early, the organization aims to reduce exposure before such attacks become widespread. The approach shows how large institutions are moving from reactive security to forward planning.

🕵️ Threat Actor Spotlight

Anubis

Anubis is a banking trojan that primarily targets Android devices. It is designed to steal financial data, including login credentials, banking details, and personal information. The malware often spreads through malicious apps or phishing campaigns, tricking users into granting permissions.

Once installed, it can record keystrokes, capture screenshots, and even bypass two-factor authentication by intercepting messages. Over time, Anubis has evolved with added features such as ransomware capabilities, making it more dangerous. Its ability to combine data theft with device control makes it a persistent threat, especially in mobile-first environments.

🛠️ Tool Check

Server Monitoring Tools That Keep Infrastructure in Control

Server monitoring tools help organizations track performance, detect failures, and maintain uptime across IT environments.

Some key tools are:

  • NinjaOne – Best for centralized endpoint and server management across distributed IT environments.

  • Paessler PRTG Network Monitor – Best for unified monitoring of server hardware health and network performance metrics.

  • Atera – Best for all-in-one remote monitoring and management with integrated automation.

  • ManageEngine OpManager – Best for real-time server performance tracking with customizable threshold alerts.

  • Site24x7 – Best for cloud-based monitoring across hybrid and containerized server environments.

  • ManageEngine Applications Manager – Best for deep application and server performance analysis with live metrics.

🗣️ Community Signal

Most people think cybersecurity is only for experts. It’s not. As I’ve been working through IT labs and studying for certifications like CompTIA A+, I’ve realized something simple: You don’t get compromised because you lack intelligence, but you get compromised because you lack awareness. Myles Walker.

📚 Don’t Miss This

Advertise with Comparitech
Does your business offer services or products in cybersecurity? Get your product seen by IT leaders and professionals.

Advertise with us →

Until Friday’s edition - Let’s keep that zero-day count at zero!