In today’s digital age, cybersecurity is no longer just an IT concern; it’s a critical component of retail success. As more customers shop online and engage with brands through digital platforms, the risks associated with cyber threats continue to grow. Whether you run a brick-and-mortar store, an e-commerce site, or a hybrid model, safeguarding your business from cyber attacks is essential.

Although 2024 began with a Q1 decline in the frequency of ransomware attacks, the second quarter was underscored by a return to a much more intimidating world of ransomware attacks globally, and the third quarter continues the trend of the second. In Q2 2024, the number of attacks stood at 1,277 cases, but Q3 saw a small decrease of 5.5% with 1209 cases.

While the scale of this data breach is alarming – with 277 gigabytes of data reportedly stolen – it’s important not to panic. Instead, focus on taking concrete steps to protect yourself. Stay informed, be proactive in safeguarding your personal information, and remain vigilant for any signs of suspicious activity.

Cato CTRL security researchers have recently discovered a threat actor, ProKYC, selling a deepfake tool in the cybercriminal underground that helps threat actors beat two-factor authentication (2FA) for conducting account fraud attacks. The tool being sold is customized to target cryptocurrency exchanges—specifically ones that authenticate new users leveraging a government-issued document and by enabling the computer’s camera to perform facial recognition.

Sniper Dz targets social media and online services, Elastic Security Labs releases its 2024 Global Threat Report, and Andariel launches financial attacks against U.S. organizations.

In the ever-evolving landscape of cybersecurity threats, the DragonForce ransomware group has quickly become a serious menace to organizations worldwide. First discovered in August 2023, DragonForce has made headlines by leveraging two powerful ransomware variants—a fork of the infamous LockBit3.0 and a modified version of ContiV3.

Attackers continue to exploit URL rewriting to hide their phishing links from email security filters, according to researchers at Abnormal Security. URL rewriting is a security technique used by many email security platforms to analyze links in emails to verify their safety before users are allowed to click on them. However, this technique can also be abused to mask the original phishing link.

An employee at a large organization is doing research for a client and clicks on what they believe is a legitimate website. What they don’t realize is, while they’re browsing, malware in the form of a Trojan virus is swiftly downloading onto their endpoint. The Trojan jumps from the endpoint into the organization’s network, and suddenly, their cybersecurity system rings alarms as ransomware takes hold in the environment.