Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Cloudflare One, our secure access service edge (SASE) platform, is introducing a new integration with Okta, the identity and access management (IAM) vendor, to share risk indicators in real-time and simplify how organizations can dynamically manage their security posture in response to changes across their environments.

It all started when I began receiving multiple notifications on my Mac asking me to approve an authentication request. I ignored them at first, thinking it was a system error. But they kept popping up again and again, until they started interfering with my work. I was busy so I didn't stop to investigate. Then I received a phone call from a person claiming to be from my company's IT support team.

New legislation is on the horizon in Australia that is set to change the way businesses deal with ransomware attacks. This law, not unlike the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) in the US, aims to improve transparency when it comes to paying ransoms. There's no question that cybercrime is on the rise in the country.

Microsoft Entra ID Primary Refresh Tokens (PRTs) are an attractive target for threat actors because they are long-lived, they are broadly scoped and they often don’t have additional multifactor authentication requirements after they are obtained. In this blog, we will discuss what PRTs are, how they are issued and how recently released research gives threat attackers a new way to obtain them. Finally, we will examine how organizations can detect these attacks using CrowdStrike Falcon Next-Gen SIEM.

In today’s digital age, cybersecurity is no longer just an IT concern; it’s a critical component of retail success. As more customers shop online and engage with brands through digital platforms, the risks associated with cyber threats continue to grow. Whether you run a brick-and-mortar store, an e-commerce site, or a hybrid model, safeguarding your business from cyber attacks is essential.

Although 2024 began with a Q1 decline in the frequency of ransomware attacks, the second quarter was underscored by a return to a much more intimidating world of ransomware attacks globally, and the third quarter continues the trend of the second. In Q2 2024, the number of attacks stood at 1,277 cases, but Q3 saw a small decrease of 5.5% with 1209 cases.

While the scale of this data breach is alarming – with 277 gigabytes of data reportedly stolen – it’s important not to panic. Instead, focus on taking concrete steps to protect yourself. Stay informed, be proactive in safeguarding your personal information, and remain vigilant for any signs of suspicious activity.

Cato CTRL security researchers have recently discovered a threat actor, ProKYC, selling a deepfake tool in the cybercriminal underground that helps threat actors beat two-factor authentication (2FA) for conducting account fraud attacks. The tool being sold is customized to target cryptocurrency exchanges—specifically ones that authenticate new users leveraging a government-issued document and by enabling the computer’s camera to perform facial recognition.