Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2020-07-30 09:00:00 |
Darktrace email finds: Two WeTransfer impersonation attacks caught by AI (lien direct) |
Darktrace has seen an unprecedented rise in email attacks impersonating SaaS platforms to coax a recipient into divulging their account credentials. Two malicious emails supposedly from WeTransfer were recently recognized by Antigena as spoofing attempts, and stopped in their tracks. |
|
|
|
|
2020-07-28 09:00:00 |
LeChiffre ransomware targets US distributor (lien direct) |
LeChiffre ransomware was recently identified by Darktrace's AI inside the network of a US distributor. As the Cyber AI Analyst launched an automated investigation in real time, this blog looks at every stage of the attack kill chain, and how it could have been stopped with Autonomous Response. |
Ransomware
|
|
|
|
2020-07-24 09:00:00 |
Darktrace email finds: IT impersonation attack (lien direct) |
Antigena Email recently caught a phishing attack that attempted to steal the recipients' credentials by posing as their organization's IT team. The email was detected due to its anomalous link and the impersonation attack was neutralized. |
|
|
|
|
2020-07-23 09:00:00 |
The resurgence of the Ursnif banking trojan (lien direct) |
The Ursnif banking trojan attempts to blend into the network as legitimate Zoom and Webex activity, before trying to capture credentials. Earlier this month, the malware was automatically detected and neutralized by Darktrace's AI. |
Malware
|
|
|
|
2020-07-22 09:00:00 |
Darktrace OT threat finds: Industrial sabotage (lien direct) |
With increasing convergence between the cyber-physical realm and the corporate network, Darktrace has seen a rise in cyber-attacks that start in IT before traversing into industrial systems. This blog details one such threat, that was detected and investigated on by AI. |
Threat
|
|
|
|
2020-07-20 09:00:00 |
Unusual but benign: How Antigena Email deals with unthreatening emails from a new contact (lien direct) |
Effective email security relies not just on catching targeted attacks, but also not interfering with legitimate emails. This blog looks at the case of an 'unusual but benign' email that Antigena let through, allowing business to continue as usual. |
|
|
|
|
2020-07-16 09:00:00 |
Darktrace email finds: Microsoft Teams impersonation (lien direct) |
The number of active daily users on Microsoft Teams has increased exponentially in recent months, and cyber-criminals are taking advantage of this shift in our working habits. Darktrace's AI recently found a malicious email impersonating the collaboration platform to try and steal the recipient's credentials. |
|
|
|
|
2020-07-13 09:00:00 |
Darktrace email finds: Chase fraud alert (lien direct) |
Darktrace's AI email security recently stopped a malicious email attempting to impersonate Chase bank, coaxing the recipient into handing over their credentials. This blog covers why the attack evaded traditional security tools at the gateway, and how Darktrace spotted and neutralized the threat in real time. |
Threat
|
|
|
|
2020-07-09 09:00:00 |
CCPA: Why it\'s important, and how Cyber AI can help (lien direct) |
With the California Consumer Privacy Act (CCPA) coming into force this month, organizations' handling of personal information is under greater scrutiny than ever. This blog explains how Darktrace's Cyber AI Platform can help provide unified and granular real-time monitoring of personal data. |
|
|
|
|
2020-07-08 09:00:00 |
Speed of weaponization: From vulnerability disclosure to crypto-mining campaign in a week (lien direct) |
Darktrace recently detected a series of crypto-mining campaigns in its customers just a week after SaltStack revealed a vulnerability. This blog details the initial infection, payload execution and command and control, describing how AI identified the threat in real time. |
Vulnerability
Threat
|
|
|
|
2020-07-07 09:00:00 |
Darktrace email finds: Impersonation attack of board member targets Gmail account (lien direct) |
Darktrace recently stopped three related email attacks in a Gmail environment of an Antigena Email customer. The attacks attempted to impersonate high-profile executives and bypassed legacy tools, but the anomalous activity was identified and neutralized by AI. |
|
|
|
|
2020-07-03 09:00:00 |
Darktrace email finds: Siemens impersonation costs an academic institution $60,000 (lien direct) |
The story of an academic institution that turned to Darktrace after an email attack slipped through their existing security stack and cost them over $60,000. |
|
|
|
|
2020-06-30 09:00:00 |
Mirai malware infects CCTV camera (lien direct) |
With cyber-attacks on the IoT devices becoming increasingly prevalent, this blog post details how Darktrace's AI identified the Mirai malware in an Internet-connected CCTV camera, breaking down each stage of the attack life cycle. |
Malware
|
|
|
|
2020-06-25 09:00:00 |
What the EKANS ransomware attack reveals about the future of OT cyber-attacks (lien direct) |
The EKANS ransomware attack that disrupted Honda's operations across the globe this month has opened old wounds in the OT security world – and highlighted the importance of a unified security strategy across the entire digital estate. |
Ransomware
|
|
|
|
2020-06-24 09:00:00 |
Darktrace email finds: QuickBooks impersonation phishing attack (lien direct) |
With email spoofing attacks on the rise, Mariana Pereira analyzes a phishing campaign targeting a technology company that impersonated the QuickBooks accounting software. |
|
|
|
|
2020-06-11 09:00:00 |
The advanced email spoofing attacks of hackers-for-hire group Dark Basin (lien direct) |
An overview of the techniques used by hackers-for-hire group Dark Basin, and how AI is well-placed to respond to email impersonation attacks that other tools miss. |
|
|
|
|
2020-06-08 09:00:00 |
How Darktrace\'s AI caught two Microsoft 365 account takeovers (lien direct) |
This blog outlines two cases of Microsoft 365 account takeover, detailing how Darktrace's ability to correlate insights across SaaS applications and email activity enabled it to neutralize the threats. |
|
|
|
|
2020-05-22 09:00:00 |
Illuminating AWS cloud environments with Darktrace Cyber AI (lien direct) |
This blog post explains how enterprise-wide and real-time analysis enables self-learning AI to uniquely detect and investigate threats in AWS environments at an early stage. |
|
|
|
|
2020-05-20 09:00:00 |
The anatomy of a SaaS attack: Two threats caught and investigated by AI (lien direct) |
By learning employee's normal patterns of behavior across cloud and SaaS environments, the Cyber AI Platform recently detected and investigated two incidents of SaaS account takeover in real time. |
|
|
|
|
2020-05-06 09:00:00 |
Old but still dangerous – Dharma ransomware via RDP intrusion (lien direct) |
Max Heinemeyer explains how Cyber AI detected a fast-acting, targeted Dharma ransomware attack, highlighting the anomalous behavior involved in every stage of the attack lifecycle. |
Ransomware
|
|
|
|
2020-04-30 09:00:00 |
The Domain Game: How email attackers are buying their way into inboxes (lien direct) |
Dan Fein explores how mass domain purchasing allows cyber-criminals to stay ahead of legacy email tools - and how cyber AI stops the threats that slip through. |
|
|
|
|
2020-04-27 09:00:00 |
Leveling up: Augmenting the adversary with AI (lien direct) |
AI is being used by cyber-criminals to augment their attacks at every stage in the kill-chain, ensuring their campaigns are fast, numerous and stealthy. |
|
|
|
|
2020-04-23 09:00:00 |
Bunim/Murray fights back against phishing attempts with Antigena Email (lien direct) |
Customer perspective: Gabe Cortina, CTO at Bunim/Murray Productions, explains how Antigena Email protects the organization from increasingly targeted and topical spear phishing emails. |
|
|
|
|
2020-04-15 09:00:00 |
How changing online habits have opened the door to a new wave of email attacks (lien direct) |
Recent trends in email behavior, including increased digital subscriptions and remote presentations, are being exploited by attackers to gain a foothold. |
|
|
|
|
2020-04-08 09:00:00 |
Four ways cyber-criminals fly under the radar (lien direct) |
As adversaries adopt a collection of techniques to escape detection, the challenge of reliably attributing cyber-threats intensifies. |
|
|
|
|
2020-04-02 09:00:00 |
Catching APT41 exploiting a zero-day vulnerability (lien direct) |
This blog looks at how the cyber-criminal group APT41 exploited a zero-day vulnerability, and examines how Darktrace's AI detected and investigated the threat at machine speed. |
Vulnerability
Threat
Guideline
|
APT 41
|
|
|
2020-03-25 09:00:00 |
Securing OT in remote working conditions (lien direct) |
Security professionals defending critical infrastructure are facing a broad set of challenges under evolving and dynamic business conditions. |
|
|
|
|
2020-03-19 09:00:00 |
Five security risks companies face as workers go remote (lien direct) |
Companies need to leverage technology that can allow them to continue to operate amidst uncertainty without choking productivity at this critical time. |
|
|
|
|
2020-03-12 09:00:00 |
How Antigena Email caught a fearware attack that bypassed the gateway (lien direct) |
Darktrace's AI recently neutralized an email attack exploiting a sense of urgency that evaded the organization's gateway security tools. |
|
|
|
|
2020-02-26 09:00:00 |
Bridging the cyber skills gap: Cyber AI Analyst for OT (lien direct) |
Groundbreaking technology combines the skill of human expertise with the speed and scale of AI, filling in gaps in domain knowledge. |
|
|
|
|
2020-02-21 09:00:00 |
Post-mortem of a targeted Sodinokibi ransomware attack (lien direct) |
The power of Darktrace's self-learning AI comes into play when threat-actors use off-the-shelf tooling, making detection more difficult. |
Ransomware
|
|
|
|
2020-01-27 09:00:00 |
Using AI to detect a bitcoin mining campaign leveraging Citrix Netscaler vulnerabilities (lien direct) |
Recently discovered Citrix vulnerability strengthens the case for Autonomous Response and its proven ability to prevent novel attacks. |
Vulnerability
|
|
|
|
2020-01-15 09:00:00 |
Stopped in its tracks: How Antigena neutralizes zero-day ransomware (lien direct) |
Cyber AI is taking back the advantage over an ever-evolving adversary, saving time, money, resources, and – perhaps most critically – reputation. |
Ransomware
|
|
|
|
2020-01-08 09:00:00 |
RE:Thinking Email Security (lien direct) |
Criminals are increasingly turning to more subtle forms of attacks that easily bypass legacy security tools. |
|
|
|
|
2019-12-18 09:00:00 |
Doorbuster or doppelganger: How Darktrace detects attacks that deceive via discount (lien direct) |
By learning the online behavior of each unique user and device that it protects, Cyber AI can distinguish between “naughty” and “nice” domains in real time. |
|
|
|
|
2019-12-03 09:00:00 |
Stop the clock: How Autonomous Response contains cyber-threats in seconds (lien direct) |
Darktrace Antigena's surgical intervention affords security teams the time they needed to investigate malicious behaviour. |
|
|
|
|
2019-11-18 09:00:00 |
The best signature move: Detecting ransomware without any signatures at all (lien direct) |
Addressing the ransomware epidemic once and for all requires unsupervised machine learning. |
Ransomware
|
|
|
|
2019-10-31 09:00:00 |
Leakproof by law: Previewing the 2020 data protection landscape (lien direct) |
To achieve compliance in 2020, human teams need artificial intelligence to make sense of their dynamic digital estates. |
|
|
|
|
2019-10-02 09:00:00 |
Big game hunting: How Ryuk ransomware takes down its imposing targets (lien direct) |
Catching sophisticated, long-haul attacks requires AI-powered tools that learn what's normal for each unique user and device. |
Ransomware
|
|
|
|
2019-09-06 09:00:00 |
Off the hook: How AI catches phishing emails even if we take the bait (lien direct) |
By uniting email security with enterprise security, we can autonomously fight back against phishing attacks - even those we fall for hook, line, and sinker. |
|
|
|
|
2019-08-13 09:00:00 |
Securing the cities of tomorrow: Three takeaways from Black Hat 2019 (lien direct) |
Black Hat demonstrated why, to safeguard the cities of tomorrow, we must go beyond looking for yesterday's threats. |
|
|
|
|
2019-08-05 09:00:00 |
Back to square one: The Capital One breach proved we must rethink cloud security (lien direct) |
The path forward is to use artificial intelligence to understand how users behave within a company's perimeter walls. |
|
|
|
|
2019-07-31 09:00:00 |
Digitizing the Dark: Cyber-attacks against power grids threaten modernity itself (lien direct) |
State-sponsored cyber-criminals are increasingly targeting energy grids, with the intention of causing outages that could bring victimized regions to a screeching halt. |
|
|
|
|
2019-07-10 09:00:00 |
Shining a light on Shamoon 3: What cyber AI revealed about the data-wiping malware (lien direct) |
During an extended trial in the network of a global company, Darktrace observed a Shamoon-powered cyber-attack. |
Malware
|
|
|