This blog explores how Darktrace aims to improve user reporting from the ground up, reducing the 90% falsely reported phishing and decreasing the load on security teams.

This blog explores how Darktrace’s combined AI approach enabled it to identify and connect an attack that took place over three critical areas of a customer’s digital environment, namely email, SaaS and network.

Using data from Darktrace's End of Year Threat Report 2023 this blog details how cyber attackers are increasingly using cloud-based services including Dropbox and Microsoft 365 to stealthily bypass detection by traditional email security solutions.

This blog examines CACTUS, a relatively new strain of ransomware that first appeared in the threat landscape in March 2023. In November 2023, Darktrace detected CACTUS ransomware on a US customer network and was able to provide full visibility over the attack and its kill chain.

Part 2: This blog discusses the impact of AI on the cyber threat landscape based on data from Darktrace’s State of AI Cybersecurity Report. Get the latest insights into the evolving challenges faced by organizations, the growing demand for skilled professionals, and the need for integrated security solutions.

This blog discusses Sliver, a legitimate C2 framework that has recently been utilized by malicious actors as an alternative to Cobalt Strike. Darktrace was able to detect multiple cases of attackers using Sliver C2 in 2023 and 2024.

This blog explores Darktrace’s detection of Balada Injector, a malware known to exploit vulnerabilities in WordPress to gain unauthorized access to networks. Darktrace was able to define numerous use-cases within customer environments which followed previously identified patterns of activity spikes across multiple weeks.

Part 1: This blog outlines Darktrace’s State of AI Cybersecurity research report, showing key findings from our global survey, covering the impacts AI has on the cyber threat landscape, cyber security solutions, and perceptions and priorities for security practitioners.

Announcing the new Darktrace ActiveAI Security Platform designed to transform security operations. This approach gives security teams unprecedented visibility across any area where Darktrace is deployed, including cloud, email, network, endpoints, and operational technology (OT).

Announcing the launch of our new innovation to Darktrace/OT. This industry leading innovation for Darktrace/OT moves beyond CVE scores to redefine vulnerability management for critical infrastructure, tackling the full breadth of risks not limited by traditional controls.

In 2024, email security challenges have evolved far beyond inbound attacks, as cyber attackers increasingly leverage AI and employ multi-vector techniques that penetrate every facet of organizational communication. Read how the largest ever update to Darktrace/Email introduces new innovations designed to address the nature of modern email threats.

The Darktrace Threat Research team investigates Raspberry Robin, an evasive worm in USB drives. Learn how to protect yourself from this malicious variant.

This blog describes cloud migration, what it is, security challenges, best practices, and how Darktrace takes a unique approach to helping organizations improve visibility and prioritize risk in the cloud.

Learn how Darktrace detected and implemented defense protocols against Socks5Systemz botnet before any threat to intelligence had been published.

This blog details Darktrace’s investigation into the Pikabot loader malware, observed across multiple customers in 2023. In an October 2023 incident, Darktrace identified Pikabot employing new tactics that may have bypassed traditional security measures. With Darktrace’s support, the customer was able to contain the attack and prevent it from escalating into a ransomware infection.

Using data from Darktrace's End of Year Threat Report this blog describes how advanced phishing attacks pose significant cyber risk to signature based threat detection tools and shows how AI can be leveraged by security solutions to defend against these threats.

This blog explores how Darktrace is able to differentiate simulated malware from genuine threats, offering advanced anomaly detection and autonomous response in the ever-evolving cyber security landscape.

Cloud Migration is a gateway to a new era of efficiency, scalability, and opportunity. This is not just a technological shift but a revolution in how businesses operate, innovate, and scale in the digital landscape. This blog will cover strategies, types, and risks associated with cloud migration.

This blog outlines new research and data points on the evolving threat landscape -- including the impact of generative AI applied by attackers – and why a shift to proactive cyber readiness is essential.

This blog discusses an example of a malicious actor utilizing the cloud storage service Dropbox in order to carry out a phishing attack against a Darktrace customer. Thanks to Darktrace/Email and Apps, this compromise was promptly brought to the attention of the customer and shut down.

This blog, written by Jamie Woodland, Head of Technology at Community Housing Limited, describes their experience adding Darktrace’s AI-assisted incident response and AI cyber-attack simulation to enhance incident response efforts for their security team.

In October 2023, the network of a Darktrace customer was targeted with ALPHV, or BlackCat, ransomware. An investigation into the attack revealed the usage of methods associated with the Nitrogen campaign, such as ‘malvertising’ and the distribution of malicious Python packages.

This blog explores the benefits, implementation, challenges, and future trends associated with Domain-based Message Authentication (DMARC).

Quasar Remote Access Tools are versatile open source administration tools, but the wrong hands can use them for malicious purposes. Darktrace explains why.

VIP Impersonation occurs when a cyber-threat actor impersonates a prominent employee to obtain sensitive data. Learn all about VIP impersonation here.