Microsoft Entra ID Primary Refresh Tokens (PRTs) are an attractive target for threat actors because they are long-lived, they are broadly scoped and they often don’t have additional multifactor authentication requirements after they are obtained. In this blog, we will discuss what PRTs are, how they are issued and how recently released research gives threat attackers a new way to obtain them. Finally, we will examine how organizations can detect these attacks using CrowdStrike Falcon Next-Gen SIEM.

In today’s digital age, cybersecurity is no longer just an IT concern; it’s a critical component of retail success. As more customers shop online and engage with brands through digital platforms, the risks associated with cyber threats continue to grow. Whether you run a brick-and-mortar store, an e-commerce site, or a hybrid model, safeguarding your business from cyber attacks is essential.

Although 2024 began with a Q1 decline in the frequency of ransomware attacks, the second quarter was underscored by a return to a much more intimidating world of ransomware attacks globally, and the third quarter continues the trend of the second. In Q2 2024, the number of attacks stood at 1,277 cases, but Q3 saw a small decrease of 5.5% with 1209 cases.

While the scale of this data breach is alarming – with 277 gigabytes of data reportedly stolen – it’s important not to panic. Instead, focus on taking concrete steps to protect yourself. Stay informed, be proactive in safeguarding your personal information, and remain vigilant for any signs of suspicious activity.

Cato CTRL security researchers have recently discovered a threat actor, ProKYC, selling a deepfake tool in the cybercriminal underground that helps threat actors beat two-factor authentication (2FA) for conducting account fraud attacks. The tool being sold is customized to target cryptocurrency exchanges—specifically ones that authenticate new users leveraging a government-issued document and by enabling the computer’s camera to perform facial recognition.

Sniper Dz targets social media and online services, Elastic Security Labs releases its 2024 Global Threat Report, and Andariel launches financial attacks against U.S. organizations.

In today’s digitally connected world, any organization with digital assets and internet access is vulnerable to cyberattacks. That reality has become all too pervasive in recent years. While it may not be part of your business plan, protection against cyber attacks must be a high priority. Keeping your business safe from attack should be a shared objective across all areas of the organization.