This blog explores how Darktrace was able to identify and contain cases of the SmokeLoader malware on the network of affected customers in the summer of 2023.

Darktrace’s teams have observed a surge in malicious activities targeting Ivanti Connect Secure (CS) and Ivanti Policy Secure (PS) appliances. Learn more!

This blog details how Darktrace DETECT and the Darktrace SOC team were able to help a customer whose network had been compromised via the exploitation of a trusted relationship with one of their partners.

Explore the three challenges facing industries that manage OT and ICS Systems, the benefits of adopting AI technology, and Darktrace/OT’s unique role!

This blog explores Darktrace’s investigation into a series of CyberCartel compromises that were detected across its customer base throughout 2023. CyberCartel is known to target government agencies and taxpaying individuals throughout Latin America.

In late August 2023, Darktrace observed malicious actors exploiting vulnerabilities on Ivanti Sentry servers within customer networks. Following these successful exploits, a variety of cryptomining and reconnaissance tools were delivered. In this blog, we will provide details of these chains of activity, along with details of Darktrace/Network’s coverage of the steps involved in them.

This blog discusses how Darktrace was able to detect and respond to malicious attempts to use Microsoft Teams and Sharepoint to deliver the DarkGate malware onto a customer network in September 2023.

Generative AI and other open-source tools are allowing threat actors to launch targeted 'one-on-one' attacks at scale. Security tools that apply AI in the wrong way won't see new and targeted attacks coming - but Self-Learning AI that trains itself on your data can. This blog compares cyber security AI approaches and methods.

This blog investigates the persistent MyKings botnet which has been observed across the Darktrace customer base since 2022, and highlights how Darktrace was able to provide full visibility over its kill chain from the beginning of the infections to the eventual cryptocurrency mining activity.

Explore the key aspects of the NIS2 Directive, the latest EU cyber security legislation effective from 2023. Learn how it impacts AI and security teams.

This blog discusses how Darktrace was able to identify the PurpleFox malware campaign, detecting its new tactics designed to avoid signature-based detection by leveraging mismatched filetypes, Powershell, and service control requests.

This blog discusses the US Department of Energy’s (DOE) announcement of funding for electric cooperatives, small investor-owned, and municipalities to be allocated to their cyber security posture.

This blog discusses how Darktrace was able to successfully detect and respond to several incidents of SectopRAT compromise across its customer base.

This blog post explains how Darktrace can be used throughout the entire threat hunting lifecycle - from data collection through to threat identification, response, and documentation.

This blog details how Darktrace was able to detect and respond to the remote access trojan, PlugX, across its customer base in early 2023. Despite its highly evasive and adaptive nature, Darktrace’s was able to successfully identify PlugX compromises and prevent them from escalating.

This blog discusses the plausible threat of malicious actors taking advantage of errors in generative AI tools, or AI “hallucinations”, to launch malicious packet attacks and how Darktrace’s suite of products might detect these attempts.

Many cloud security vendors purport to offer 'response' - but what do they really mean? What does meaningful response to cloud-related cyber-threats look like, and how is this achieved? This blog reveals all.

This blog details how Darktrace DETECT identified a banking trojan known to target organizations in Brazil before it was able to steal any sensitive customer data. Following the initial detection, Darktrace’s global SOC were able to investigate the incident and inform the customer for swift mitigation.

This blog explores Darktrace’s detection of and response to ViperSoftX malware across its customer fleet, despite its use of sophisticated techniques to evade detection.

This blog discusses how Darktrace was able to identify an ongoing case of SaaS account takeover which led to a subsequent phishing campaign, within days of being deployed on a prospective customer’s network.

This blog discusses the emergence of Black Basta, a relatively new ransomware group that was first observed in early 2022. In April 2023, Darktrace detected a case of Black Basta on the customer network and was able to track the ransomware at every stage of the cyber kill chain.

Humans find it hard to function logically during a crisis, particularly in cyber security where the variables are fast-moving. This blog looks at how AI can help human security teams overcome cognitive biases and manage cyber incidents more effectively.

This blog investigates the novel Akira ransomware strain, that was first observed in the wild in March 2023, and explores how Darktrace is uniquely placed to identify and contain such ransomware attacks.

Darktrace's first comprehensive report on the threats faced by businesses examines the trends our threat team saw in the first half of 2023.

This blog explores how Darktrace/OT aligns with FERC Order 887 requirements. Darktrace employs anomaly-based detection to uncover insider threats and supply chain attacks within CIP networked environments, all without relying on external connectivity.