What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2024-05-08 04:03:25 | OT CyberAttacks: l'impact des ransomwares d'Ekans OT Cyber-Attacks: The Impact of EKANS Ransomware (lien direct) |
Découvrez l'impact de l'attaque des ransomwares Ekans contre les opérations mondiales de Honda \\ et l'importance d'une stratégie de sécurité cohésive dans le monde OT.En savoir plus.
Discover the impact of the EKANS ransomware attack on Honda\'s global operations & the importance of a cohesive security strategy in the OT world. Read more. |
Ransomware Industrial | ★★★ | |
|
2023-10-26 13:08:32 | Ransomware one year after WannaCry: attack vectors still commonly exploited by attackers (lien direct) | This article discusses some of the most common infection vectors and how the Darktrace Enterprise Immune System can assist security teams in catching ransomware threats.
This article discusses some of the most common infection vectors and how the Darktrace Enterprise Immune System can assist security teams in catching ransomware threats. |
Ransomware | Wannacry | ★★ |
|
2023-06-05 11:01:52 | Maze Ransomware cible une organisation de soins de santé Maze ransomware targets a healthcare organization (lien direct) |
Les attaquants ciblent des environnements de plus en plus élevés avec des ransomwares.Ce billet de blog explore comment l'IA peut être utilisé pour détecter et neutraliser de manière autonome les attaques à vitesse de machine & # 8211;En regardant en particulier comment Darktrace a capturé le ransomware de Maze ciblant une organisation de soins de santé.
Attackers are targeting increasingly high-stakes environments with ransomware. This blog post explores how AI can be used to detect and autonomously neutralize machine-speed attacks – looking in particular at how Darktrace caught Maze ransomware targeting a healthcare organization. |
Ransomware | ★★ | |
|
2023-06-05 11:01:52 | Darktrace vs Cobalt Strike: comment Antigena a intercepté et retardé une intrusion de frappe de cobalt Darktrace vs Cobalt Strike: How Antigena intercepted and delayed a Cobalt Strike intrusion (lien direct) |
Un attaquant a exploité les vulnérabilités dans LOG4J pour installer Bughatch, Cobalt Strike Beacon et Netsupport sur un serveur VMware Exchange orienté Internet dans le réseau d'un client DarkTrace.En inhibant les tentatives ultérieures de l'attaquant \\ pour communiquer avec le serveur compromis, le réseau Antigena a probablement empêché les ransomwares.
An attacker exploited vulnerabilities in Log4j to install Bughatch, Cobalt Strike Beacon, and NetSupport onto an Internet-facing VMware Exchange server within the network of a Darktrace customer. By inhibiting the attacker\'s subsequent attempts to communicate with the compromised server, Antigena Network likely prevented ransomware from being deployed. |
Ransomware | ★★ | |
|
2023-05-05 16:01:51 | Rester en avance sur le modèle commercial de ransomware de Revil \\ Staying ahead of REvil\\'s Ransomware-as-a-Service business model (lien direct) |
This blog assesses the impact of the recent arrests associated with cyber-criminal group REvil in the wider context of the Ransomware-as-a-Service business model, exploring a real-world REvil ransomware campaign discovered by Darktrace\'s AI.
This blog assesses the impact of the recent arrests associated with cyber-criminal group REvil in the wider context of the Ransomware-as-a-Service business model, exploring a real-world REvil ransomware campaign discovered by Darktrace\'s AI. |
Ransomware | ★★ | |
|
2023-05-05 16:01:51 | Comment l'analyste de DarkTrace \\ a accéléré des incidents à la déclaration du gouvernement fédéral américain How Darktrace\\'s Cyber AI Analyst accelerates reporting incidents to the US federal government (lien direct) |
Ce blog explique comment DarkTrace aide les défenseurs à respecter les lois fédérales américaines sur la déclaration des incidents de cybersécurité, avec un exemple réel d'une attaque de ransomware étudiée par l'analyste de Cyber IA.
This blog explains how Darktrace helps defenders abide by US federal laws on reporting cyber security incidents, featuring a real-world example of a ransomware attack investigated by Cyber AI Analyst. |
Ransomware | ★★ | |
|
2023-05-04 18:33:00 | Royal Ransomware: Comment Darktrace contenait l'une des souches de ransomware les plus prolifiques Royal Ransomware: How Darktrace Contained One of the Most Prolific Ransomware Strains (lien direct) |
L'une des souches de ransomware les plus prolifiques, Royal Ransomware, a été détectée sur le réseau d'un client DarkTrace au début de 2023. Ce blog explore les origines de Royal et explore comment DarkTrace a pu détecter et contenir ce ransomware rapide.
One of the most prolific ransomware strains, Royal ransomware, was detected on the network of a Darktrace customer in early 2023. This blog explores the origins of Royal and explores how Darktrace was able to detect and contain this fast-moving ransomware. |
Ransomware | ★★★ | |
|
2022-11-07 00:00:00 | Inside the Yanluowang Leak: Organization, Members, and Tactics (lien direct) | YanLuoWang ransomware was first used to attack a handful of US corporations in August 2021. Since then, the group have successfully ransomed organizations across the world, with global software giant Cisco among its victims. This blog post reveals Darktrace analysts' research into the organization's structure and tactics. | Ransomware | ||
|
2022-10-27 00:00:00 | When speedy attacks aren\'t enough: Prolonging Quantum Ransomware (lien direct) | Whilst Quantum Ransomware has been characterized by speedy and efficient attacks, Darktrace recently detected a surprising incident where the group used a long dwell time to achieve their goals. This blog explores the effect of this group's change in strategy and DETECT/Network's coverage over the event. | Ransomware | ||
|
2022-08-25 00:00:00 | Detecting the Unknown: Revealing Uncategorized Ransomware Using Darktrace (lien direct) | At the top of every CISO's mind sits the fear of the unknown threat. As security tools continue to improve, so do attackers. This blog explores a BlackByte ransomware incident detected by Darktrace SOC in the Summer of 2021. At the point of discovery this ransom had yet to be categorized on popular OSINT. | Ransomware | ||
|
2022-05-26 09:00:00 | Pulling back the curtain on Grief ransomware (lien direct) | Grief ransomware emerged suddenly last year to cause disruption across a range of industries and municipalities – but the playbook of the gang behind it struck many as familiar. Discover why DoppelPaymer became PayOrGrief, and how Darktrace's AI helped to protect an organization from one of its sophisticated ransomware attacks. | Ransomware | ||
|
2022-04-13 09:00:00 | How Darktraceâs Cyber AI Analyst accelerates reporting incidents to the US federal government (lien direct) | This blog explains how Darktrace helps defenders abide by US federal laws on reporting cyber security incidents, featuring a real-world example of a ransomware attack investigated by Cyber AI Analyst. | Ransomware | ||
|
2022-02-14 09:00:00 | Staying ahead of REvilâs Ransomware-as-a-Service business model (lien direct) | This blog assesses the impact of the recent arrests associated with cyber-criminal group REvil in the wider context of the Ransomware-as-a-Service business model, exploring a real-world REvil ransomware campaign discovered by Darktraceâs AI. | Ransomware | ||
|
2022-02-10 09:00:00 | How Conti ransomware took down Operational Technology (lien direct) | This blog demonstrates how ransomware can spread throughout converged IT/OT environments, and how Self-Learning AI empowers organizations to contain these threats. | Ransomware | ||
|
2022-02-07 09:00:00 | The future of cyber security: Ransomware groups aim for maximum disruption (lien direct) | This second prediction in our Future of Cyber Security series asserts that 2022 may become one of ransomwareâs most profitable years yet. Marcus Fowler explains new ransomware attacker tradecraft and what organizations need to do to keep up. | Ransomware | ||
|
2021-12-08 09:00:00 | The double extortion business: Conti Ransomware Gang finds new avenues of negotiation (lien direct) | By constantly shifting tactics, the Conti Ransomware Gang have maintained one of the largest stakes in the increasingly profitable ransomware industry. Discover how Darktrace was able to detect one of their crippling double extortion attacks at its earliest stages. | Ransomware | ||
|
2021-12-02 09:00:00 | Quick off the blocks: Darktrace AI detects Egregor ransomware attack on day one of deployment (lien direct) | A utility services company was one day into its Darktrace deployment when the AI detected the early signs of a ransomware attack. This blog explores the detections. | Ransomware | ||
|
2021-11-11 09:00:00 | Hacking season: Why Cyber Monday presents a cyber security nightmare (lien direct) | As âBring Your Own Deviceâ (BYOD) drives digital convergence of our personal and professional lives, Black Friday scams targeting personal inboxes can easily spill over into corporate environments. This, coupled with an increased incidence of ransomware attacks over public holidays, is giving defenders plenty to think about this holiday season. | Ransomware | ||
|
2021-10-21 09:00:00 | Recycling ransomware: The return of Ryuk (lien direct) | The once notorious Ryuk ransomware has returned in new hands. Discover how small-time criminals are getting hold of cyber-crimeâs most malicious tools, and what organizations can do to protect themselves. | Ransomware | ||
|
2021-08-05 09:00:00 | Detecting Cobalt Strike with AI (lien direct) | Since the Cobalt Strike source code was leaked on the Dark Web last year, Darktrace has observed various ransomware gangs and APTs using the framework to facilitate their attacks. This blog breaks down what Cobalt Strike is, and how AI can help. | Ransomware | ||
|
2021-07-15 09:00:00 | Egregor ransomware: Gone but not forgotten (lien direct) | Ransomware groups are popping up every week, returning with new names and new variants. Learn how Darktrace detected Egregor ransomware in a customer environment, without the use of any signatures. | Ransomware | ||
|
2021-07-09 09:00:00 | Minimizing the REvil impact delivered via Kaseya servers (lien direct) | REvil have exploited IT management software provider Kaseya in one of the most far-reaching ransomware attacks of the year. This blog unpacks a real-world intrusion of REvil ransomware, and demonstrates how Autonomous Response protected customer data from encryption. | Ransomware | ||
|
2021-07-01 09:00:00 | The elevation of cyber-crime to terrorism threat status (lien direct) | The US administration have announced that ransomware will now be treated as a terrorism-level threat. This blog discusses what this means for the cyber-criminal world and private organizations, as all levels of society adapt to the new classification. | Ransomware Threat | ★★★ | |
|
2021-06-01 09:00:00 | How ransomware gangs leverage security compliance (lien direct) | This blog discusses the consequences and challenges associated with compliance, and how Darktraceâs AI not only defends against double extortion ransomware, but also builds internal mechanisms that help enforce compliance across the workforce. | Ransomware | ||
|
2021-05-19 09:00:00 | Double extortion ransomware (lien direct) | With ransomware attacks against AXA ASIA, Colonial Pipeline, and Irelandâs Health Service last week, this blog explores how cyber-criminal groups are exfiltrating data to coerce victims into paying, in what is known as âdouble extortionâ ransomware. | Ransomware | ||
|
2021-05-13 09:00:00 | How AI defends critical infrastructure from ransomware (lien direct) | In the wake of the Colonial Pipeline cyber-attack, this blog discusses the many threats facing critical infrastructure, and how Cyber AI disrupted a similar âdouble extortionâ ransomware attack against an electrical utilities supplier. | Ransomware | ||
|
2021-04-01 09:00:00 | âIâm sorry, weâre closedâ: Why most ransomware attacks happen out of hours (lien direct) | When employees have logged off, and security teams are away from their desks, thatâs prime time for attackers to strike. This blog discusses how cyber-criminals time their attacks to fall during weekends or holiday periods, and how defensive AI can stay awake and fight back. | Ransomware | ||
|
2021-02-25 09:00:00 | LockBit ransomware analysis: Rapid detonation using a single compromised credential (lien direct) | Machine-speed attacks need a machine-speed response. This blog explores the rise of worm-like ransomware, and how Darktrace detected a LockBit ransomware attack where the attack stages all happened simultaneously, in the space of only four hours. | Ransomware | ||
|
2020-12-22 09:00:00 | How AI stopped a WastedLocker intrusion before ransomware deployed (lien direct) | Darktrace recently detected and investigated a WastedLocker attack. This blog explores how this high-speed, high-stakes ransomware uses 'living off the land' techniques to bypass traditional security tools, and how Darktrace Antigena can autonomously stop this threat in its earliest stages, before encryption has begun. | Ransomware Threat | ||
|
2020-11-30 09:00:00 | Darktrace\'s Cyber AI Analyst investigates Sodinokibi (REvil) ransomware (lien direct) | Darktrace recently detected Sodinokibi, the most lucrative strain of ransomware in 2020, in a retail organization in the US. Cyber AI Analyst launched several automatic, real-time investigations into the incident simultaneously, producing concise and digestible summaries shown in this blog. | Ransomware | ||
|
2020-10-22 09:00:00 | AI catches Maze ransomware targeting a healthcare organization (lien direct) | Attackers are targeting increasingly high-stakes environments with ransomware. This blog post explores how AI can be used to detect and autonomously neutralize machine-speed attacks – looking in particular at how Darktrace caught Maze ransomware targeting a healthcare organization. | Ransomware | ||
|
2020-09-07 09:00:00 | Ransomware-as-a-Service: Eking targets government organization (lien direct) | Darktrace recently caught Eking ransomware targeting a government organization in APAC. This blog post details the anomalous behavior detected by Cyber AI, and evaluates the incident report surfaced by Darktrace's automated investigation technology, the Cyber AI Analyst. | Ransomware | ||
|
2020-08-19 09:00:00 | (Déjà vu) Evil Corp intrusions: WastedLocker ransomware detected by Darktrace (lien direct) | Darktrace has recently observed multiple intrusions associated with renowned threat actor Evil Corp. This blog details how Darktrace's AI detected the malicious activity throughout the attack life cycle – from the initial intrusion and the C2 traffic to the encryption or exfiltration of sensitive files. | Ransomware Threat | ||
|
2020-08-17 09:00:00 | Darktrace threat finds: Abusing TeamViewer to deploy ransomware (lien direct) | The increased use of off-the-shelf tools is lowering the barrier to entry for cyber-criminals. This blog explores an incident in which a low-skilled threat actor was able to successfully deploy ransomware in a retail organization by connecting to the domain controller via TeamViewer. | Ransomware Threat | ||
|
2020-07-28 09:00:00 | LeChiffre ransomware targets US distributor (lien direct) | LeChiffre ransomware was recently identified by Darktrace's AI inside the network of a US distributor. As the Cyber AI Analyst launched an automated investigation in real time, this blog looks at every stage of the attack kill chain, and how it could have been stopped with Autonomous Response. | Ransomware | ||
|
2020-06-25 09:00:00 | What the EKANS ransomware attack reveals about the future of OT cyber-attacks (lien direct) | The EKANS ransomware attack that disrupted Honda's operations across the globe this month has opened old wounds in the OT security world – and highlighted the importance of a unified security strategy across the entire digital estate. | Ransomware | ||
|
2020-05-06 09:00:00 | Old but still dangerous – Dharma ransomware via RDP intrusion (lien direct) | Max Heinemeyer explains how Cyber AI detected a fast-acting, targeted Dharma ransomware attack, highlighting the anomalous behavior involved in every stage of the attack lifecycle. | Ransomware | ||
|
2020-02-21 09:00:00 | Post-mortem of a targeted Sodinokibi ransomware attack (lien direct) | The power of Darktrace's self-learning AI comes into play when threat-actors use off-the-shelf tooling, making detection more difficult. | Ransomware | ||
|
2020-01-15 09:00:00 | Stopped in its tracks: How Antigena neutralizes zero-day ransomware (lien direct) | Cyber AI is taking back the advantage over an ever-evolving adversary, saving time, money, resources, and – perhaps most critically – reputation. | Ransomware | ||
|
2019-11-18 09:00:00 | The best signature move: Detecting ransomware without any signatures at all (lien direct) | Addressing the ransomware epidemic once and for all requires unsupervised machine learning. | Ransomware | ||
|
2019-10-02 09:00:00 | Big game hunting: How Ryuk ransomware takes down its imposing targets (lien direct) | Catching sophisticated, long-haul attacks requires AI-powered tools that learn what's normal for each unique user and device. | Ransomware |
1
We have: 41 articles.
We have: 41 articles.
To see everything:
Our RSS (filtrered)
