Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2024-07-24 16:12:37 |
Exploiter la conformité: tactiques de gangs ransomwares Exploiting Compliance: Ransomware Gang Tactics (lien direct) |
Comprendre les méthodes que les gangs ransomwares utilisent pour exploiter la conformité à la sécurité et comment DarkTrace \'s AI peut atténuer ces menaces.
Understand the methods ransomware gangs use to exploit security compliance and how Darktrace\'s AI can mitigate these threats. |
Threat
Ransomware
|
|
★★★
|
|
2024-06-23 09:43:00 |
MEDUSA RANSOMWARE: Regarder les cyber-menaces dans les yeux avec Darktrace Medusa Ransomware: Looking Cyber Threats in the Eye with Darktrace (lien direct) |
Ce blog examine Medusa Ransomware, une variante Ransomware-as-a-Service (RAAS) qui est connue pour utiliser la vie des techniques terrestres pour infecter les réseaux cibles et se déplacer vers ses objectifs ultimes, le cryptage des données et l'exfiltration.
This blog investigates Medusa ransomware, a Ransomware-as-a-Service (RaaS) variant that is known to use living off the land techniques to infect target networks and move towards its ultimate goals, data encryption and exfiltration. |
Ransomware
|
|
★★
|
|
2024-06-20 09:44:00 |
Élever la sécurité du réseau: confrontant la confiance, les ransomwares et les attaques nouvelles Elevating Network Security: Confronting Trust, Ransomware, & Novel Attacks (lien direct) |
Assurer la confiance, lutter contre les ransomwares et détecter de nouvelles attaques posent des défis critiques dans la sécurité du réseau.Ce blog explore ces défis et montre comment la mise à profit des solutions de sécurité axées sur l'IA aide les équipes de sécurité à rester informées et à protéger efficacement leur réseau.
Ensuring trust, battling ransomware, and detecting novel attacks pose critical challenges in network security. This blog explores these challenges and shows how leveraging AI-driven security solutions helps security teams stay informed and effectively safeguard their network. |
Ransomware
|
|
★★★
|
|
2024-05-30 15:19:33 |
Les dangers des attaques de ransomware à double extorsion The Dangers of Double Extortion Ransomware Attacks (lien direct) |
Renseignez-vous sur la dernière tendance des attaques de ransomwares appelées double extorsion.Découvrez comment DarkTrace peut aider à protéger votre organisation de cette menace.
Learn about the latest trend in ransomware attacks known as double extortion. Discover how Darktrace can help protect your organization from this threat. |
Threat
Ransomware
Prediction
|
|
★★★
|
|
2024-05-20 20:24:45 |
Darktrace Cyber Analyst étudie les ransomwares de sodinokibi Darktrace Cyber Analyst Investigates Sodinokibi Ransomware (lien direct) |
L'analyste de Cyber AI de DarkTrace \\ découvre les détails complexes d'une attaque de ransomware de sodinokibi contre une organisation de vente au détail.Plongez dans cet incident en temps réel.
Darktrace\'s Cyber AI Analyst uncovers the intricate details of a Sodinokibi ransomware attack on a retail organization. Dive into this real-time incident. |
Ransomware
|
|
★★
|
|
2024-05-20 20:22:11 |
Ransomware comme menace de service |Eking cible le gouvernement Ransomware As A Service Threat | Eking Targets Government (lien direct) |
Découvrez comment Eking Ransomware a ciblé une organisation gouvernementale à l'APAC.Découvrez les ransomwares en tant que service et la technologie Cyber IA qui a arrêté la menace.
Discover how Eking ransomware targeted a government organization in APAC. Learn about ransomware as a service & the cyber AI technology that stopped the threat. |
Threat
Ransomware
|
|
★★
|
|
2024-05-20 20:21:07 |
Le ransomware du ransomware du ransomware du radofilé du Corp \\ est l'observation Evil Corp\\'s WastedLocker Ransomware Attacks Observation (lien direct) |
DarkTrace détecte les intrusions du Corp maléfique avec un ransomware de châchisé.Découvrez comment l'IA a repéré l'activité malveillante, de l'intrusion initiale à l'exfiltration des données.
Darktrace detects Evil Corp intrusions with WastedLocker ransomware. Learn how AI spotted malicious activity, from initial intrusion to data exfiltration. |
Ransomware
|
|
★★
|
|
2024-05-08 04:03:25 |
OT CyberAttacks: l'impact des ransomwares d'Ekans OT Cyber-Attacks: The Impact of EKANS Ransomware (lien direct) |
Découvrez l'impact de l'attaque des ransomwares Ekans contre les opérations mondiales de Honda \\ et l'importance d'une stratégie de sécurité cohésive dans le monde OT.En savoir plus.
Discover the impact of the EKANS ransomware attack on Honda\'s global operations & the importance of a cohesive security strategy in the OT world. Read more. |
Ransomware
Industrial
|
|
★★★
|
|
2023-10-26 13:08:32 |
Ransomware one year after WannaCry: attack vectors still commonly exploited by attackers (lien direct) |
This article discusses some of the most common infection vectors and how the Darktrace Enterprise Immune System can assist security teams in catching ransomware threats.
This article discusses some of the most common infection vectors and how the Darktrace Enterprise Immune System can assist security teams in catching ransomware threats. |
Ransomware
|
Wannacry
|
★★
|
|
2023-06-05 11:01:52 |
Darktrace vs Cobalt Strike: comment Antigena a intercepté et retardé une intrusion de frappe de cobalt Darktrace vs Cobalt Strike: How Antigena intercepted and delayed a Cobalt Strike intrusion (lien direct) |
Un attaquant a exploité les vulnérabilités dans LOG4J pour installer Bughatch, Cobalt Strike Beacon et Netsupport sur un serveur VMware Exchange orienté Internet dans le réseau d'un client DarkTrace.En inhibant les tentatives ultérieures de l'attaquant \\ pour communiquer avec le serveur compromis, le réseau Antigena a probablement empêché les ransomwares.
An attacker exploited vulnerabilities in Log4j to install Bughatch, Cobalt Strike Beacon, and NetSupport onto an Internet-facing VMware Exchange server within the network of a Darktrace customer. By inhibiting the attacker\'s subsequent attempts to communicate with the compromised server, Antigena Network likely prevented ransomware from being deployed. |
Ransomware
|
|
★★
|
|
2023-06-05 11:01:52 |
Maze Ransomware cible une organisation de soins de santé Maze ransomware targets a healthcare organization (lien direct) |
Les attaquants ciblent des environnements de plus en plus élevés avec des ransomwares.Ce billet de blog explore comment l'IA peut être utilisé pour détecter et neutraliser de manière autonome les attaques à vitesse de machine & # 8211;En regardant en particulier comment Darktrace a capturé le ransomware de Maze ciblant une organisation de soins de santé.
Attackers are targeting increasingly high-stakes environments with ransomware. This blog post explores how AI can be used to detect and autonomously neutralize machine-speed attacks – looking in particular at how Darktrace caught Maze ransomware targeting a healthcare organization. |
Ransomware
|
|
★★
|
|
2023-05-05 16:01:51 |
Comment l'analyste de DarkTrace \\ a accéléré des incidents à la déclaration du gouvernement fédéral américain How Darktrace\\'s Cyber AI Analyst accelerates reporting incidents to the US federal government (lien direct) |
Ce blog explique comment DarkTrace aide les défenseurs à respecter les lois fédérales américaines sur la déclaration des incidents de cybersécurité, avec un exemple réel d'une attaque de ransomware étudiée par l'analyste de Cyber IA.
This blog explains how Darktrace helps defenders abide by US federal laws on reporting cyber security incidents, featuring a real-world example of a ransomware attack investigated by Cyber AI Analyst. |
Ransomware
|
|
★★
|
|
2023-05-05 16:01:51 |
Rester en avance sur le modèle commercial de ransomware de Revil \\ Staying ahead of REvil\\'s Ransomware-as-a-Service business model (lien direct) |
This blog assesses the impact of the recent arrests associated with cyber-criminal group REvil in the wider context of the Ransomware-as-a-Service business model, exploring a real-world REvil ransomware campaign discovered by Darktrace\'s AI.
This blog assesses the impact of the recent arrests associated with cyber-criminal group REvil in the wider context of the Ransomware-as-a-Service business model, exploring a real-world REvil ransomware campaign discovered by Darktrace\'s AI. |
Ransomware
|
|
★★
|
|
2023-05-04 18:33:00 |
Royal Ransomware: Comment Darktrace contenait l'une des souches de ransomware les plus prolifiques Royal Ransomware: How Darktrace Contained One of the Most Prolific Ransomware Strains (lien direct) |
L'une des souches de ransomware les plus prolifiques, Royal Ransomware, a été détectée sur le réseau d'un client DarkTrace au début de 2023. Ce blog explore les origines de Royal et explore comment DarkTrace a pu détecter et contenir ce ransomware rapide.
One of the most prolific ransomware strains, Royal ransomware, was detected on the network of a Darktrace customer in early 2023. This blog explores the origins of Royal and explores how Darktrace was able to detect and contain this fast-moving ransomware. |
Ransomware
|
|
★★★
|
|
2022-11-07 00:00:00 |
Inside the Yanluowang Leak: Organization, Members, and Tactics (lien direct) |
YanLuoWang ransomware was first used to attack a handful of US corporations in August 2021. Since then, the group have successfully ransomed organizations across the world, with global software giant Cisco among its victims. This blog post reveals Darktrace analysts' research into the organization's structure and tactics. |
Ransomware
|
|
|
|
2022-10-27 00:00:00 |
When speedy attacks aren\'t enough: Prolonging Quantum Ransomware (lien direct) |
Whilst Quantum Ransomware has been characterized by speedy and efficient attacks, Darktrace recently detected a surprising incident where the group used a long dwell time to achieve their goals. This blog explores the effect of this group's change in strategy and DETECT/Network's coverage over the event. |
Ransomware
|
|
|
|
2022-08-25 00:00:00 |
Detecting the Unknown: Revealing Uncategorized Ransomware Using Darktrace (lien direct) |
At the top of every CISO's mind sits the fear of the unknown threat. As security tools continue to improve, so do attackers. This blog explores a BlackByte ransomware incident detected by Darktrace SOC in the Summer of 2021. At the point of discovery this ransom had yet to be categorized on popular OSINT. |
Ransomware
|
|
|
|
2022-05-26 09:00:00 |
Pulling back the curtain on Grief ransomware (lien direct) |
Grief ransomware emerged suddenly last year to cause disruption across a range of industries and municipalities – but the playbook of the gang behind it struck many as familiar. Discover why DoppelPaymer became PayOrGrief, and how Darktrace's AI helped to protect an organization from one of its sophisticated ransomware attacks. |
Ransomware
|
|
|
|
2022-04-13 09:00:00 |
How Darktraceâs Cyber AI Analyst accelerates reporting incidents to the US federal government (lien direct) |
This blog explains how Darktrace helps defenders abide by US federal laws on reporting cyber security incidents, featuring a real-world example of a ransomware attack investigated by Cyber AI Analyst. |
Ransomware
|
|
|
|
2022-02-14 09:00:00 |
Staying ahead of REvilâs Ransomware-as-a-Service business model (lien direct) |
This blog assesses the impact of the recent arrests associated with cyber-criminal group REvil in the wider context of the Ransomware-as-a-Service business model, exploring a real-world REvil ransomware campaign discovered by Darktraceâs AI. |
Ransomware
|
|
|
|
2022-02-10 09:00:00 |
How Conti ransomware took down Operational Technology (lien direct) |
This blog demonstrates how ransomware can spread throughout converged IT/OT environments, and how Self-Learning AI empowers organizations to contain these threats. |
Ransomware
|
|
|
|
2022-02-07 09:00:00 |
The future of cyber security: Ransomware groups aim for maximum disruption (lien direct) |
This second prediction in our Future of Cyber Security series asserts that 2022 may become one of ransomwareâs most profitable years yet. Marcus Fowler explains new ransomware attacker tradecraft and what organizations need to do to keep up. |
Ransomware
|
|
|
|
2021-12-08 09:00:00 |
The double extortion business: Conti Ransomware Gang finds new avenues of negotiation (lien direct) |
By constantly shifting tactics, the Conti Ransomware Gang have maintained one of the largest stakes in the increasingly profitable ransomware industry. Discover how Darktrace was able to detect one of their crippling double extortion attacks at its earliest stages. |
Ransomware
|
|
|
|
2021-12-02 09:00:00 |
Quick off the blocks: Darktrace AI detects Egregor ransomware attack on day one of deployment (lien direct) |
A utility services company was one day into its Darktrace deployment when the AI detected the early signs of a ransomware attack. This blog explores the detections. |
Ransomware
|
|
|
|
2021-11-11 09:00:00 |
Hacking season: Why Cyber Monday presents a cyber security nightmare (lien direct) |
As âBring Your Own Deviceâ (BYOD) drives digital convergence of our personal and professional lives, Black Friday scams targeting personal inboxes can easily spill over into corporate environments. This, coupled with an increased incidence of ransomware attacks over public holidays, is giving defenders plenty to think about this holiday season. |
Ransomware
|
|
|
|
2021-10-21 09:00:00 |
Recycling ransomware: The return of Ryuk (lien direct) |
The once notorious Ryuk ransomware has returned in new hands. Discover how small-time criminals are getting hold of cyber-crimeâs most malicious tools, and what organizations can do to protect themselves. |
Ransomware
|
|
|
|
2021-08-05 09:00:00 |
Detecting Cobalt Strike with AI (lien direct) |
Since the Cobalt Strike source code was leaked on the Dark Web last year, Darktrace has observed various ransomware gangs and APTs using the framework to facilitate their attacks. This blog breaks down what Cobalt Strike is, and how AI can help. |
Ransomware
|
|
|
|
2021-07-15 09:00:00 |
Egregor ransomware: Gone but not forgotten (lien direct) |
Ransomware groups are popping up every week, returning with new names and new variants. Learn how Darktrace detected Egregor ransomware in a customer environment, without the use of any signatures. |
Ransomware
|
|
|
|
2021-07-09 09:00:00 |
Minimizing the REvil impact delivered via Kaseya servers (lien direct) |
REvil have exploited IT management software provider Kaseya in one of the most far-reaching ransomware attacks of the year. This blog unpacks a real-world intrusion of REvil ransomware, and demonstrates how Autonomous Response protected customer data from encryption. |
Ransomware
|
|
|
|
2021-07-01 09:00:00 |
The elevation of cyber-crime to terrorism threat status (lien direct) |
The US administration have announced that ransomware will now be treated as a terrorism-level threat. This blog discusses what this means for the cyber-criminal world and private organizations, as all levels of society adapt to the new classification. |
Threat
Ransomware
|
|
★★★
|
|
2021-06-01 09:00:00 |
How ransomware gangs leverage security compliance (lien direct) |
This blog discusses the consequences and challenges associated with compliance, and how Darktraceâs AI not only defends against double extortion ransomware, but also builds internal mechanisms that help enforce compliance across the workforce. |
Ransomware
|
|
|
|
2021-05-19 09:00:00 |
Double extortion ransomware (lien direct) |
With ransomware attacks against AXA ASIA, Colonial Pipeline, and Irelandâs Health Service last week, this blog explores how cyber-criminal groups are exfiltrating data to coerce victims into paying, in what is known as âdouble extortionâ ransomware. |
Ransomware
|
|
|
|
2021-05-13 09:00:00 |
How AI defends critical infrastructure from ransomware (lien direct) |
In the wake of the Colonial Pipeline cyber-attack, this blog discusses the many threats facing critical infrastructure, and how Cyber AI disrupted a similar âdouble extortionâ ransomware attack against an electrical utilities supplier. |
Ransomware
|
|
|
|
2021-04-01 09:00:00 |
âIâm sorry, weâre closedâ: Why most ransomware attacks happen out of hours (lien direct) |
When employees have logged off, and security teams are away from their desks, thatâs prime time for attackers to strike. This blog discusses how cyber-criminals time their attacks to fall during weekends or holiday periods, and how defensive AI can stay awake and fight back. |
Ransomware
|
|
|
|
2021-02-25 09:00:00 |
LockBit ransomware analysis: Rapid detonation using a single compromised credential (lien direct) |
Machine-speed attacks need a machine-speed response. This blog explores the rise of worm-like ransomware, and how Darktrace detected a LockBit ransomware attack where the attack stages all happened simultaneously, in the space of only four hours. |
Ransomware
|
|
|
|
2020-12-22 09:00:00 |
How AI stopped a WastedLocker intrusion before ransomware deployed (lien direct) |
Darktrace recently detected and investigated a WastedLocker attack. This blog explores how this high-speed, high-stakes ransomware uses 'living off the land' techniques to bypass traditional security tools, and how Darktrace Antigena can autonomously stop this threat in its earliest stages, before encryption has begun. |
Threat
Ransomware
|
|
|
|
2020-11-30 09:00:00 |
Darktrace\'s Cyber AI Analyst investigates Sodinokibi (REvil) ransomware (lien direct) |
Darktrace recently detected Sodinokibi, the most lucrative strain of ransomware in 2020, in a retail organization in the US. Cyber AI Analyst launched several automatic, real-time investigations into the incident simultaneously, producing concise and digestible summaries shown in this blog. |
Ransomware
|
|
|
|
2020-10-22 09:00:00 |
AI catches Maze ransomware targeting a healthcare organization (lien direct) |
Attackers are targeting increasingly high-stakes environments with ransomware. This blog post explores how AI can be used to detect and autonomously neutralize machine-speed attacks – looking in particular at how Darktrace caught Maze ransomware targeting a healthcare organization. |
Ransomware
|
|
|
|
2020-09-07 09:00:00 |
Ransomware-as-a-Service: Eking targets government organization (lien direct) |
Darktrace recently caught Eking ransomware targeting a government organization in APAC. This blog post details the anomalous behavior detected by Cyber AI, and evaluates the incident report surfaced by Darktrace's automated investigation technology, the Cyber AI Analyst. |
Ransomware
|
|
|
|
2020-08-19 09:00:00 |
(Déjà vu) Evil Corp intrusions: WastedLocker ransomware detected by Darktrace (lien direct) |
Darktrace has recently observed multiple intrusions associated with renowned threat actor Evil Corp. This blog details how Darktrace's AI detected the malicious activity throughout the attack life cycle – from the initial intrusion and the C2 traffic to the encryption or exfiltration of sensitive files. |
Threat
Ransomware
|
|
|
|
2020-08-17 09:00:00 |
Darktrace threat finds: Abusing TeamViewer to deploy ransomware (lien direct) |
The increased use of off-the-shelf tools is lowering the barrier to entry for cyber-criminals. This blog explores an incident in which a low-skilled threat actor was able to successfully deploy ransomware in a retail organization by connecting to the domain controller via TeamViewer. |
Threat
Ransomware
|
|
|
|
2020-07-28 09:00:00 |
LeChiffre ransomware targets US distributor (lien direct) |
LeChiffre ransomware was recently identified by Darktrace's AI inside the network of a US distributor. As the Cyber AI Analyst launched an automated investigation in real time, this blog looks at every stage of the attack kill chain, and how it could have been stopped with Autonomous Response. |
Ransomware
|
|
|
|
2020-06-25 09:00:00 |
What the EKANS ransomware attack reveals about the future of OT cyber-attacks (lien direct) |
The EKANS ransomware attack that disrupted Honda's operations across the globe this month has opened old wounds in the OT security world – and highlighted the importance of a unified security strategy across the entire digital estate. |
Ransomware
|
|
|
|
2020-05-06 09:00:00 |
Old but still dangerous – Dharma ransomware via RDP intrusion (lien direct) |
Max Heinemeyer explains how Cyber AI detected a fast-acting, targeted Dharma ransomware attack, highlighting the anomalous behavior involved in every stage of the attack lifecycle. |
Ransomware
|
|
|
|
2020-02-21 09:00:00 |
Post-mortem of a targeted Sodinokibi ransomware attack (lien direct) |
The power of Darktrace's self-learning AI comes into play when threat-actors use off-the-shelf tooling, making detection more difficult. |
Ransomware
|
|
|
|
2020-01-15 09:00:00 |
Stopped in its tracks: How Antigena neutralizes zero-day ransomware (lien direct) |
Cyber AI is taking back the advantage over an ever-evolving adversary, saving time, money, resources, and – perhaps most critically – reputation. |
Ransomware
|
|
|
|
2019-11-18 09:00:00 |
The best signature move: Detecting ransomware without any signatures at all (lien direct) |
Addressing the ransomware epidemic once and for all requires unsupervised machine learning. |
Ransomware
|
|
|
|
2019-10-02 09:00:00 |
Big game hunting: How Ryuk ransomware takes down its imposing targets (lien direct) |
Catching sophisticated, long-haul attacks requires AI-powered tools that learn what's normal for each unique user and device. |
Ransomware
|
|
|