What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-01-13 09:00:00 | The future of cyber security: Software supply chain attacks become a given in 2022 (lien direct) | In the first prediction of our Future of Cyber Security series, Justin Fier explains why IT and communications is now the number one most targeted sector and why he expects the number of cyber-attacks on the software supply chain will only continue to rise in 2022. | |||
|
2022-01-07 09:00:00 | The future of cyber security: 2022 predictions from Darktrace (lien direct) | Darktrace experts were on the front lines throughout 2021 â a historic year of cyber-attacks. In this blog, those experts look ahead, offering their predictions for cyber security in 2022. | |||
|
2021-12-15 09:00:00 | Detecting and responding to Log4Shell in the wild (lien direct) | Darktraceâs AI has detected attackers exploiting the Log4Shell vulnerabilities across multiple customer environments. This blog breaks down two real-world attack scenarios and highlights the autonomous actions taken by AI. | |||
|
2021-12-13 09:00:00 | 9 Days of Ransomware: How AI responds at every stage (lien direct) | This blog breaks down every stage of ransomware, highlighting attackersâ aims at each step, the techniques they adopt to avoid conventional defenses, and the anomalous activity that causes Darktrace AI to initiate a targeted response. | |||
|
2021-12-08 09:00:00 | The double extortion business: Conti Ransomware Gang finds new avenues of negotiation (lien direct) | By constantly shifting tactics, the Conti Ransomware Gang have maintained one of the largest stakes in the increasingly profitable ransomware industry. Discover how Darktrace was able to detect one of their crippling double extortion attacks at its earliest stages. | Ransomware | ||
|
2021-12-02 09:00:00 | Quick off the blocks: Darktrace AI detects Egregor ransomware attack on day one of deployment (lien direct) | A utility services company was one day into its Darktrace deployment when the AI detected the early signs of a ransomware attack. This blog explores the detections. | Ransomware | ||
|
2021-11-17 09:00:00 | The tech driving Arrow McLaren SP to the top (lien direct) | As Arrow McLaren SP looks back on a positive season, the team reflect on their key challenges and successes â and explain how AI and automation is leveraged in every aspect of their work â from driver simulation to cyber security. | |||
|
2021-11-16 09:00:00 | How Self-Learning AI protects McLaren Racing from supply chain attacks (lien direct) | A new part of the McLaren car is created every 15 seconds, with suppliers around the world contributing to the teamâs success. From a security perspective, each of these providers represent a potential chink in McLarenâs defensive armor. Learn why the security team chose Darktraceâs AI to protect the organisation from supply chain attacks. | |||
|
2021-11-11 09:00:00 | Hacking season: Why Cyber Monday presents a cyber security nightmare (lien direct) | As âBring Your Own Deviceâ (BYOD) drives digital convergence of our personal and professional lives, Black Friday scams targeting personal inboxes can easily spill over into corporate environments. This, coupled with an increased incidence of ransomware attacks over public holidays, is giving defenders plenty to think about this holiday season. | Ransomware | ||
|
2021-11-08 09:00:00 | GitLab vulnerability exploit detected by AI (lien direct) | With over 30,000 unpatched GitLab servers remaining unprotected against the vulnerability tracked as CVE-2021-22205, Darktraceâs AI has detected several compromises that have resulted in crypto-currency mining. This blog explores how Cyber AI Analyst connected the dots and revealed the full extent of the intrusion in different organizations. | Vulnerability | ||
|
2021-11-04 09:00:00 | Living off the Land: How hackers blend into your environment (lien direct) | Cyber-criminals are increasingly âLiving off the Landâ, leveraging commonly-used tools to fly under the radar of conventional cyber defenses. Discover why Self-Learning AI is uniquely positioned to identify attacks leveraging this technique. | |||
|
2021-10-21 09:00:00 | Recycling ransomware: The return of Ryuk (lien direct) | The once notorious Ryuk ransomware has returned in new hands. Discover how small-time criminals are getting hold of cyber-crimeâs most malicious tools, and what organizations can do to protect themselves. | Ransomware | ||
|
2021-10-11 09:00:00 | How AI uncovered Outlawâs secret crypto-mining operation (lien direct) | For years, the notorious crypto-jacking group Outlaw have been adapting their botnet to make it past traditional security measures. This blog explains how Darktrace was able to see through their disguises and unpack their methods. | |||
|
2021-09-30 09:00:00 | IoT security: The threat before us (lien direct) | The âInternet of Thingsâ is all around us, and yet it presents one of the most overlooked threat vectors in cyber. This blog explores how attackers gain footholds into corporate environments through Internet-connected smart devices, and how Self-Learning AI illuminates threats in this area. | Threat | ||
|
2021-09-23 09:00:00 | Rise of the supply chain (lien direct) | 2021 has been the year of supply chain attacks. But although companies and the media have acted surprised, targeting the supply chain is nothing new. | |||
|
2021-09-20 09:00:00 | AI neutralizes IoT attack that threatened to disrupt the Tokyo Olympics (lien direct) | When a cyber-attack struck a national sporting body one week before the start of the Tokyo Olympics, Darktrace was on hand to autonomously stop the threat. This blog breaks down the attack in detail. | |||
|
2021-09-09 09:00:00 | Sellen Construction âbuilds greatâ with Darktrace and Microsoft (lien direct) | Discover why Sellen Construction rely on Darktrace and Microsoft to protect their dynamic cloud environment, how AI Analyst saves its security team time in threat investigation, and how Darktrace enables self-learning protection across the business. | Threat | ||
|
2021-09-07 09:00:00 | The early signs of ransomware: A blitz game (lien direct) | When it comes to tackling the problem of ransomware, attack is the best form of defense. This blog explores how to spot the early indicators of ransomware, which can prove a pivotal advantage as the game develops. | |||
|
2021-08-26 09:00:00 | Protecting critical infrastructure: Mapping and patching CVEs is not enough for robust defense (lien direct) | Mapping and patching common vulnerabilities and exposure (CVEs) is not enough to achieve truly robust defense. This blog discusses the limits of vulnerability tracking and how self-learning technology can help achieve the goals of Bidenâs National Security Memorandum on Improving Cybersecurity for Critical Infrastructure Control Systems. | Vulnerability Patching | ||
|
2021-08-20 09:00:00 | Six key takeaways from Black Hat USA 2021 (lien direct) | With Black Hat USA 2021 drawing to a close, this blog post breaks down the six key trends that emerged during the conference. | |||
|
2021-08-17 09:00:00 | Remote Desktop Protocol (RDP) attack analysis (lien direct) | Remote Desktop Protocol (RDP) has become one of the most popular methods of intrusion for attackers. This blog analyzes a rapid RDP attack which evolved from initial access to lateral movement in only seven hours. | |||
|
2021-08-12 09:00:00 | How one email took down a logistics company (lien direct) | Complicated by increasing SaaS usage and global supply systems, the supply chain is the most pressing concern facing cyber security. This blog examines how Darktrace detected a phishing email from a trusted third party, which led to a vicious cycle of compromise. | |||
|
2021-08-05 09:00:00 | Detecting Cobalt Strike with AI (lien direct) | Since the Cobalt Strike source code was leaked on the Dark Web last year, Darktrace has observed various ransomware gangs and APTs using the framework to facilitate their attacks. This blog breaks down what Cobalt Strike is, and how AI can help. | Ransomware | ||
|
2021-07-29 09:00:00 | The art of cyber-war (lien direct) | 2000 years on from Sun Tzuâs âThe Art of Warâ, his tactics of deception and espionage are more pertinent than ever. Modern-day warfare is plagued by the problem of attribution. With cyber-attacks appearing to come from different nations and masquerading as different threats, how can you hope you gain the advantage? | |||
|
2021-07-26 09:00:00 | Crypto-botnets moving laterally (lien direct) | This blog explores how one compromised server led to the creation of a botnet, which in turn was deployed for illegal crypto-mining. Darktraceâs Cyber AI Analyst pinpointed the malicious activity and analyzed every stage of the attack. | |||
|
2021-07-20 09:00:00 | Data exfiltration in Latin America (lien direct) | Latin America has been one of hardest hit regions for cyber-crime this last year. This blog unpacks an intrusion at a pharmaceutical organization based in LATAM, and how Self-Learning AI detected the data exfiltration attack at every stage. | |||
|
2021-07-15 09:00:00 | Egregor ransomware: Gone but not forgotten (lien direct) | Ransomware groups are popping up every week, returning with new names and new variants. Learn how Darktrace detected Egregor ransomware in a customer environment, without the use of any signatures. | Ransomware | ||
|
2021-07-09 09:00:00 | Minimizing the REvil impact delivered via Kaseya servers (lien direct) | REvil have exploited IT management software provider Kaseya in one of the most far-reaching ransomware attacks of the year. This blog unpacks a real-world intrusion of REvil ransomware, and demonstrates how Autonomous Response protected customer data from encryption. | Ransomware | ||
|
2021-07-08 09:00:00 | How cyber-attacks take down critical infrastructure (lien direct) | Operational technology does not need to be directly targeted to be shut down by an attack. This blog discusses how cyber-attacks can disrupt the continuity of operations by creating safety concerns, as well as the limits of securing IT and OT in isolation on todayâs threat landscape. | Threat | ||
|
2021-07-01 09:00:00 | The elevation of cyber-crime to terrorism threat status (lien direct) | The US administration have announced that ransomware will now be treated as a terrorism-level threat. This blog discusses what this means for the cyber-criminal world and private organizations, as all levels of society adapt to the new classification. | Ransomware Threat | ★★★ | |
|
2021-06-28 09:00:00 | Post-mortem of a SQL server exploit (lien direct) | Deep dive into how an attacker leveraged compromised credentials to infect multiple servers and spread laterally through the organization. This detailed threat find is an excellent use case for Autonomous Response and the importance of patching vulnerabilities. | Threat Patching | ||
|
2021-06-22 09:00:00 | Crypto-mining on a DNS server (lien direct) | Open ports are an effective vector of attack for cyber-criminals. This blog analyzes how attackers hacked into an exposed Internet-facing server and exploited it to mine cryptocurrency. | |||
|
2021-06-17 09:00:00 | Stopping phishing attacks in ⹠enter language ⺠(lien direct) | With globalized companies and supply chains, organizations need one solution which works for all emails no matter the time zone, no matter the language. This blog analyses how Antigena Email stopped a series of multi-language phishing attacks, including an Emotet campaign in Japanese. | |||
|
2021-06-14 09:00:00 | How a SOC team neutralized the QakBot banking trojan (lien direct) | Proactive Threat Notifications and Ask The Expert provide around-the-clock support. In a recent case, Darktrace SOC analysts helped a customer handle the QakBot banking trojan before it spread to other devices. | Threat | ★★★★ | |
|
2021-06-10 09:00:00 | SaaS security risks: Detecting a multi-account hijack with AI (lien direct) | This blog analyzes a sophisticated SaaS-based attack which leveraged several Microsoft 365 accounts to launch the offensive and maintain persistence. | |||
|
2021-06-08 09:00:00 | Unintended consequences: When cyber-attacks go wild (lien direct) | Cyber-attacks are becoming more unpredictable by the day. DarkSide was the latest example, but cyber miscalculations have occurred since the early days of the Internet. This blog discusses the dangers of unintended consequences and how we can guard against them. | |||
|
2021-06-01 09:00:00 | How ransomware gangs leverage security compliance (lien direct) | This blog discusses the consequences and challenges associated with compliance, and how Darktraceâs AI not only defends against double extortion ransomware, but also builds internal mechanisms that help enforce compliance across the workforce. | Ransomware | ||
|
2021-05-26 09:00:00 | How autonomous Cyber AI scaled to protect Arrow McLaren SP (lien direct) | McLaren is unique in competing in both Formula 1 and the NTT INDYCAR Series. Darktraceâs AI has seamlessly scaled and extended to protect both teams from machine-speed cyber-attacks like ransomware, working across different time zones to provide around-the-clock protection with Autonomous Response. | |||
|
2021-05-19 09:00:00 | Double extortion ransomware (lien direct) | With ransomware attacks against AXA ASIA, Colonial Pipeline, and Irelandâs Health Service last week, this blog explores how cyber-criminal groups are exfiltrating data to coerce victims into paying, in what is known as âdouble extortionâ ransomware. | Ransomware | ||
|
2021-05-13 09:00:00 | How AI defends critical infrastructure from ransomware (lien direct) | In the wake of the Colonial Pipeline cyber-attack, this blog discusses the many threats facing critical infrastructure, and how Cyber AI disrupted a similar âdouble extortionâ ransomware attack against an electrical utilities supplier. | Ransomware | ||
|
2021-05-10 09:00:00 | Protecting organizations in a post-SolarWinds world (lien direct) | Every organization is vulnerable to cyber-attacks, from schools and start-ups to whole cities. In this blog, the City of Tylerâs CIO describes how Cyber AI protects several Texan municipalities from attack, providing layered AI protection against tomorrow's threats. | |||
|
2021-05-04 09:00:00 | Insider threats, supply chains, and IoT: Breaking down a modern-day cyber-attack (lien direct) | The threat landscape is not what it was. Sprawling IoT ecosystems and globalized supply chains offer many opportunities for threat actors. Darktrace detects these vectors on a daily basis, sometimes in the very same attack. | Threat | ||
|
2021-04-29 09:00:00 | How AI email security reduces the burden on human defenders (lien direct) | Traditional email security tools weigh down the teams they were designed to help, with lengthy configuration processes and false positives which keep human operators in the weeds. This blog explains how autonomous AI frees up IT teams, enabling them to focus on what matters. | |||
|
2021-04-23 09:00:00 | APT35 âCharming Kitten\' discovered in a pre-infected environment (lien direct) | This blog discusses how Darktrace discovered a stealthy pre-existing APT35 infection in a customer environment. | Conference | APT 35 | |
|
2021-04-16 09:00:00 | Hafnium cyber-attack neutralized by AI in December 2020 (lien direct) | Darktrace AI appears to have detected a Hafnium attack against vulnerable Exchange servers in December 2020, three months before the zero-day was identified. This blog provides an in-depth analysis of the attack, which suggests that Hafniumâs campaign began far earlier than previously thought. | |||
|
2021-04-08 09:00:00 | Crypto-mining malware: Uncovering a cryptocurrency farm in a warehouse (lien direct) | Cyber AI discovered an extensive crypto-mining campaign in cardboard boxes in a disused warehouse. This blog discusses the rise in cryptocurrency farms and what this signals for the international cyber-threat landscape. | |||
|
2021-04-01 09:00:00 | âIâm sorry, weâre closedâ: Why most ransomware attacks happen out of hours (lien direct) | When employees have logged off, and security teams are away from their desks, thatâs prime time for attackers to strike. This blog discusses how cyber-criminals time their attacks to fall during weekends or holiday periods, and how defensive AI can stay awake and fight back. | Ransomware | ||
|
2021-03-26 09:00:00 | SANS ICS Security Summit 2021 recap: Industry on the move (lien direct) | This blog provides a concise overview of the key points from SANS Summit 2021. Knowing âselfâ both defends against the growing tide of external threats and allows organizations to gain visibility into new vulnerable areas as ICS evolves. | |||
|
2021-03-25 09:00:00 | Supply chain fraud: Darktrace detects Vendor Email Compromise (lien direct) | Malicious emails sent from trusted third parties bypass defenses all too often. This blog examines how Antigena Email stopped a recent supply chain attack by identifying a behavioral shift in the emails even though they came from a trusted source, while still allowing legitimate traffic from the same account to pass through. | |||
|
2021-03-18 09:00:00 | Hafnium-inspired cyber-attacks neutralized by AI (lien direct) | As a result of the wide-reaching Hafnium attacks, various threat actors have begun exploiting ProxyLogon. This blog post shows a real-life example of how Darktrace detected this campaign against vulnerable Exchange servers, before public attribution. | Threat |
To see everything:
Our RSS (filtrered)
