What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-07-27 00:00:00 | PrivateLoader: Network-Based Indicators of Compromise (lien direct) | This blog explores the network-based IOCs for PrivateLoader, a modular downloader which is increasingly being used by pay-per-install (PPI) providers to deliver malicious payloads. | |||
|
2022-07-26 00:00:00 | Rudin Management Keeps Life Moving for Tenants with AI (lien direct) | Discover how Rudin Management manages misconfigurations and ensures the security of its buildings and clients in New York City with Darktrace RESPOND | |||
|
2022-07-01 00:00:00 | Darktrace unveils new brand with McLaren at British Grand Prix (lien direct) | What better way to launch the new Darktrace brand – with its bold logo and design – than in the McLaren Racing commandcenter as the F1 team prepared for the first practice run of the British Grand Prix? | |||
|
2022-06-21 09:00:00 | How cyber criminals are cashing in on crypto (lien direct) | Crypto-mining continues to draw massive profits for cyber attackers, who use malicious botnets like Sysrv to exploit vulnerable organizations. Discover how these botnets work around traditional security tools, and what the upcoming Darktrace Prevent product family can do to harden defenses against them. | |||
|
2022-05-26 09:00:00 | Pulling back the curtain on Grief ransomware (lien direct) | Grief ransomware emerged suddenly last year to cause disruption across a range of industries and municipalities – but the playbook of the gang behind it struck many as familiar. Discover why DoppelPaymer became PayOrGrief, and how Darktrace's AI helped to protect an organization from one of its sophisticated ransomware attacks. | Ransomware | ||
|
2022-05-03 09:00:00 | Zak Brown on innovation and cyber security at McLaren (lien direct) | Two leaders in their fields discuss the importance of cyber security. Discover the cyber risks in Formula 1, and what it is that separates McLaren from the rest of the pack. | Guideline | ||
|
2022-04-26 09:00:00 | How AI lets Priefert Manufacturing stay productive without sacrificing security (lien direct) | The main Darktrace user at a manufacturing organization explains how Autonomous Response reduces cyber risks arising from human error, and allows the security team to adopt a proactive rather than reactive approach to security. | |||
|
2022-04-13 09:00:00 | How Darktraceâs Cyber AI Analyst accelerates reporting incidents to the US federal government (lien direct) | This blog explains how Darktrace helps defenders abide by US federal laws on reporting cyber security incidents, featuring a real-world example of a ransomware attack investigated by Cyber AI Analyst. | Ransomware | ||
|
2022-03-30 09:00:00 | The journey towards business-wide autonomous security (lien direct) | This blog describes why the New Jersey State Bar Association adopted Darktraceâs Autonomous Response technology across the entire business, how it stopped a sophisticated SaaS attack, and why the IT department now refer to it as another member of the team. | |||
|
2022-03-23 09:00:00 | Autonomous Response stops a runaway Trickbot intrusion (lien direct) | Autonomous Response recently stopped a Trickbot attack on a public administration organization, despite being activated only after the threat had taken root. This blog outlines the reasons for Trickbotâs repeated resurrection and explains how Darktraceâs Autonomous Response is able to stop each new iteration. | Threat | ||
|
2022-03-10 09:00:00 | Why Lighthouse Global uses Self-Learning AI to shine a light on spear phishing attacks (lien direct) | Discover why Lighthouse Global, a technology provider for legal firms and large businesses, relies on Darktrace to protect its email and cloud environment as the organization changes and grows. | |||
|
2022-03-03 09:00:00 | Protecting global stadiums and events with Self-Learning AI (lien direct) | This blog breaks down the challenges of securing high-profile events â including the âaccess paradoxâ, increasing IT and OT convergence, and the importance of a fast response â and explains how Self-Learning AI changes the game. | |||
|
2022-02-23 09:00:00 | Adding Cybersprint Attack Surface Management to Darktraceâs expanding product suite (lien direct) | Today Darktrace announced the acquisition of best-in-class Attack Surface Management company Cybersprint. Read this blog to learn why this is hugely exciting for both our companies, our customers and the wider security industry. | |||
|
2022-02-14 09:00:00 | Staying ahead of REvilâs Ransomware-as-a-Service business model (lien direct) | This blog assesses the impact of the recent arrests associated with cyber-criminal group REvil in the wider context of the Ransomware-as-a-Service business model, exploring a real-world REvil ransomware campaign discovered by Darktraceâs AI. | Ransomware | ||
|
2022-02-10 09:00:00 | How Conti ransomware took down Operational Technology (lien direct) | This blog demonstrates how ransomware can spread throughout converged IT/OT environments, and how Self-Learning AI empowers organizations to contain these threats. | Ransomware | ||
|
2022-02-07 09:00:00 | The future of cyber security: Ransomware groups aim for maximum disruption (lien direct) | This second prediction in our Future of Cyber Security series asserts that 2022 may become one of ransomwareâs most profitable years yet. Marcus Fowler explains new ransomware attacker tradecraft and what organizations need to do to keep up. | Ransomware | ||
|
2022-02-03 09:00:00 | Keep the car running: Why AAA Washington turned to Autonomous Response (lien direct) | This blog explains why AAA Washingtonâs security team chose Darktraceâs Self-Learning AI over a traditional SOC, and how they expanded its coverage to endpoints and the cloud. | |||
|
2022-01-13 09:00:00 | The future of cyber security: Software supply chain attacks become a given in 2022 (lien direct) | In the first prediction of our Future of Cyber Security series, Justin Fier explains why IT and communications is now the number one most targeted sector and why he expects the number of cyber-attacks on the software supply chain will only continue to rise in 2022. | |||
|
2022-01-07 09:00:00 | The future of cyber security: 2022 predictions from Darktrace (lien direct) | Darktrace experts were on the front lines throughout 2021 â a historic year of cyber-attacks. In this blog, those experts look ahead, offering their predictions for cyber security in 2022. | |||
|
2021-12-15 09:00:00 | Detecting and responding to Log4Shell in the wild (lien direct) | Darktraceâs AI has detected attackers exploiting the Log4Shell vulnerabilities across multiple customer environments. This blog breaks down two real-world attack scenarios and highlights the autonomous actions taken by AI. | |||
|
2021-12-13 09:00:00 | 9 Days of Ransomware: How AI responds at every stage (lien direct) | This blog breaks down every stage of ransomware, highlighting attackersâ aims at each step, the techniques they adopt to avoid conventional defenses, and the anomalous activity that causes Darktrace AI to initiate a targeted response. | |||
|
2021-12-08 09:00:00 | The double extortion business: Conti Ransomware Gang finds new avenues of negotiation (lien direct) | By constantly shifting tactics, the Conti Ransomware Gang have maintained one of the largest stakes in the increasingly profitable ransomware industry. Discover how Darktrace was able to detect one of their crippling double extortion attacks at its earliest stages. | Ransomware | ||
|
2021-12-02 09:00:00 | Quick off the blocks: Darktrace AI detects Egregor ransomware attack on day one of deployment (lien direct) | A utility services company was one day into its Darktrace deployment when the AI detected the early signs of a ransomware attack. This blog explores the detections. | Ransomware | ||
|
2021-11-17 09:00:00 | The tech driving Arrow McLaren SP to the top (lien direct) | As Arrow McLaren SP looks back on a positive season, the team reflect on their key challenges and successes â and explain how AI and automation is leveraged in every aspect of their work â from driver simulation to cyber security. | |||
|
2021-11-16 09:00:00 | How Self-Learning AI protects McLaren Racing from supply chain attacks (lien direct) | A new part of the McLaren car is created every 15 seconds, with suppliers around the world contributing to the teamâs success. From a security perspective, each of these providers represent a potential chink in McLarenâs defensive armor. Learn why the security team chose Darktraceâs AI to protect the organisation from supply chain attacks. | |||
|
2021-11-11 09:00:00 | Hacking season: Why Cyber Monday presents a cyber security nightmare (lien direct) | As âBring Your Own Deviceâ (BYOD) drives digital convergence of our personal and professional lives, Black Friday scams targeting personal inboxes can easily spill over into corporate environments. This, coupled with an increased incidence of ransomware attacks over public holidays, is giving defenders plenty to think about this holiday season. | Ransomware | ||
|
2021-11-08 09:00:00 | GitLab vulnerability exploit detected by AI (lien direct) | With over 30,000 unpatched GitLab servers remaining unprotected against the vulnerability tracked as CVE-2021-22205, Darktraceâs AI has detected several compromises that have resulted in crypto-currency mining. This blog explores how Cyber AI Analyst connected the dots and revealed the full extent of the intrusion in different organizations. | Vulnerability | ||
|
2021-11-04 09:00:00 | Living off the Land: How hackers blend into your environment (lien direct) | Cyber-criminals are increasingly âLiving off the Landâ, leveraging commonly-used tools to fly under the radar of conventional cyber defenses. Discover why Self-Learning AI is uniquely positioned to identify attacks leveraging this technique. | |||
|
2021-10-21 09:00:00 | Recycling ransomware: The return of Ryuk (lien direct) | The once notorious Ryuk ransomware has returned in new hands. Discover how small-time criminals are getting hold of cyber-crimeâs most malicious tools, and what organizations can do to protect themselves. | Ransomware | ||
|
2021-10-11 09:00:00 | How AI uncovered Outlawâs secret crypto-mining operation (lien direct) | For years, the notorious crypto-jacking group Outlaw have been adapting their botnet to make it past traditional security measures. This blog explains how Darktrace was able to see through their disguises and unpack their methods. | |||
|
2021-09-30 09:00:00 | IoT security: The threat before us (lien direct) | The âInternet of Thingsâ is all around us, and yet it presents one of the most overlooked threat vectors in cyber. This blog explores how attackers gain footholds into corporate environments through Internet-connected smart devices, and how Self-Learning AI illuminates threats in this area. | Threat | ||
|
2021-09-23 09:00:00 | Rise of the supply chain (lien direct) | 2021 has been the year of supply chain attacks. But although companies and the media have acted surprised, targeting the supply chain is nothing new. | |||
|
2021-09-20 09:00:00 | AI neutralizes IoT attack that threatened to disrupt the Tokyo Olympics (lien direct) | When a cyber-attack struck a national sporting body one week before the start of the Tokyo Olympics, Darktrace was on hand to autonomously stop the threat. This blog breaks down the attack in detail. | |||
|
2021-09-09 09:00:00 | Sellen Construction âbuilds greatâ with Darktrace and Microsoft (lien direct) | Discover why Sellen Construction rely on Darktrace and Microsoft to protect their dynamic cloud environment, how AI Analyst saves its security team time in threat investigation, and how Darktrace enables self-learning protection across the business. | Threat | ||
|
2021-09-07 09:00:00 | The early signs of ransomware: A blitz game (lien direct) | When it comes to tackling the problem of ransomware, attack is the best form of defense. This blog explores how to spot the early indicators of ransomware, which can prove a pivotal advantage as the game develops. | |||
|
2021-08-26 09:00:00 | Protecting critical infrastructure: Mapping and patching CVEs is not enough for robust defense (lien direct) | Mapping and patching common vulnerabilities and exposure (CVEs) is not enough to achieve truly robust defense. This blog discusses the limits of vulnerability tracking and how self-learning technology can help achieve the goals of Bidenâs National Security Memorandum on Improving Cybersecurity for Critical Infrastructure Control Systems. | Vulnerability Patching | ||
|
2021-08-20 09:00:00 | Six key takeaways from Black Hat USA 2021 (lien direct) | With Black Hat USA 2021 drawing to a close, this blog post breaks down the six key trends that emerged during the conference. | |||
|
2021-08-17 09:00:00 | Remote Desktop Protocol (RDP) attack analysis (lien direct) | Remote Desktop Protocol (RDP) has become one of the most popular methods of intrusion for attackers. This blog analyzes a rapid RDP attack which evolved from initial access to lateral movement in only seven hours. | |||
|
2021-08-12 09:00:00 | How one email took down a logistics company (lien direct) | Complicated by increasing SaaS usage and global supply systems, the supply chain is the most pressing concern facing cyber security. This blog examines how Darktrace detected a phishing email from a trusted third party, which led to a vicious cycle of compromise. | |||
|
2021-08-05 09:00:00 | Detecting Cobalt Strike with AI (lien direct) | Since the Cobalt Strike source code was leaked on the Dark Web last year, Darktrace has observed various ransomware gangs and APTs using the framework to facilitate their attacks. This blog breaks down what Cobalt Strike is, and how AI can help. | Ransomware | ||
|
2021-07-29 09:00:00 | The art of cyber-war (lien direct) | 2000 years on from Sun Tzuâs âThe Art of Warâ, his tactics of deception and espionage are more pertinent than ever. Modern-day warfare is plagued by the problem of attribution. With cyber-attacks appearing to come from different nations and masquerading as different threats, how can you hope you gain the advantage? | |||
|
2021-07-26 09:00:00 | Crypto-botnets moving laterally (lien direct) | This blog explores how one compromised server led to the creation of a botnet, which in turn was deployed for illegal crypto-mining. Darktraceâs Cyber AI Analyst pinpointed the malicious activity and analyzed every stage of the attack. | |||
|
2021-07-20 09:00:00 | Data exfiltration in Latin America (lien direct) | Latin America has been one of hardest hit regions for cyber-crime this last year. This blog unpacks an intrusion at a pharmaceutical organization based in LATAM, and how Self-Learning AI detected the data exfiltration attack at every stage. | |||
|
2021-07-15 09:00:00 | Egregor ransomware: Gone but not forgotten (lien direct) | Ransomware groups are popping up every week, returning with new names and new variants. Learn how Darktrace detected Egregor ransomware in a customer environment, without the use of any signatures. | Ransomware | ||
|
2021-07-09 09:00:00 | Minimizing the REvil impact delivered via Kaseya servers (lien direct) | REvil have exploited IT management software provider Kaseya in one of the most far-reaching ransomware attacks of the year. This blog unpacks a real-world intrusion of REvil ransomware, and demonstrates how Autonomous Response protected customer data from encryption. | Ransomware | ||
|
2021-07-08 09:00:00 | How cyber-attacks take down critical infrastructure (lien direct) | Operational technology does not need to be directly targeted to be shut down by an attack. This blog discusses how cyber-attacks can disrupt the continuity of operations by creating safety concerns, as well as the limits of securing IT and OT in isolation on todayâs threat landscape. | Threat | ||
|
2021-07-01 09:00:00 | The elevation of cyber-crime to terrorism threat status (lien direct) | The US administration have announced that ransomware will now be treated as a terrorism-level threat. This blog discusses what this means for the cyber-criminal world and private organizations, as all levels of society adapt to the new classification. | Ransomware Threat | ★★★ | |
|
2021-06-28 09:00:00 | Post-mortem of a SQL server exploit (lien direct) | Deep dive into how an attacker leveraged compromised credentials to infect multiple servers and spread laterally through the organization. This detailed threat find is an excellent use case for Autonomous Response and the importance of patching vulnerabilities. | Threat Patching | ||
|
2021-06-22 09:00:00 | Crypto-mining on a DNS server (lien direct) | Open ports are an effective vector of attack for cyber-criminals. This blog analyzes how attackers hacked into an exposed Internet-facing server and exploited it to mine cryptocurrency. | |||
|
2021-06-17 09:00:00 | Stopping phishing attacks in ⹠enter language ⺠(lien direct) | With globalized companies and supply chains, organizations need one solution which works for all emails no matter the time zone, no matter the language. This blog analyses how Antigena Email stopped a series of multi-language phishing attacks, including an Emotet campaign in Japanese. |
To see everything:
Our RSS (filtrered)
