Darktrace Blog Posts
Archive
Tous les blogs
Merci ! Votre soumission a été reçue !
Oups ! Un problème est survenu lors de la soumission du formulaire.
This blog explores Darktrace’s detection of Balada Injector, a malware known to exploit vulnerabilities in WordPress to gain unauthorized access to networks. Darktrace was able to define numerous use-cases within customer environments which followed previously identified patterns of activity spikes across multiple weeks.
2024
Apr 8, 2024
Aucun élément trouvé.
Announcing the new Darktrace ActiveAI Security Platform designed to transform security operations. This approach gives security teams unprecedented visibility across any area where Darktrace is deployed, including cloud, email, network, endpoints, and operational technology (OT).
2024
Apr 9, 2024
Aucun élément trouvé.
In 2024, email security challenges have evolved far beyond inbound attacks, as cyber attackers increasingly leverage AI and employ multi-vector techniques that penetrate every facet of organizational communication. Read how the largest ever update to Darktrace/Email introduces new innovations designed to address the nature of modern email threats.
2024
Apr 9, 2024
Email
This blog discusses the Darktrace Threat Research team’s investigation into Raspberry Robin, an evasive worm that is primarily distributed through infected USB drives. Once it has gained access to a target network, Raspberry Robin is able to infect devices with additional malware variants.
2024
Apr 2, 2024
Aucun élément trouvé.
This blog analyzes the Socks5Systemz botnet observed targeting multiple customers across the Darktrace customer base in 2023. Darktrace’s anomaly-based approach to threat detection enabled it to identify malicious activity associated with the botnet before any threat intelligence had been published.
2024
Mar 22, 2024
Aucun élément trouvé.
This blog details Darktrace’s investigation into the Pikabot loader malware, observed across multiple customers in 2023. In an October 2023 incident, Darktrace identified Pikabot employing new tactics that may have bypassed traditional security measures. With Darktrace’s support, the customer was able to contain the attack and prevent it from escalating into a ransomware infection.
2024
Mar 19, 2024
Aucun élément trouvé.
Cloud Migration is a gateway to a new era of efficiency, scalability, and opportunity. This is not just a technological shift but a revolution in how businesses operate, innovate, and scale in the digital landscape. This blog will cover strategies, types, and risks associated with cloud migration.
2024
Mar 12, 2024
Cloud
This blog discusses an example of a malicious actor utilizing the cloud storage service Dropbox in order to carry out a phishing attack against a Darktrace customer. Thanks to Darktrace/Email and Apps, this compromise was promptly brought to the attention of the customer and shut down.
2024
Mar 8, 2024
Apps
Email
In October 2023, the network of a Darktrace customer was targeted with ALPHV, or BlackCat, ransomware. An investigation into the attack revealed the usage of methods associated with the Nitrogen campaign, such as ‘malvertising’ and the distribution of malicious Python packages.
2024
Feb 29, 2024
Aucun élément trouvé.
Quasar is a legitimate remote administration tool that has become popular among threat actors due to its range of capabilities and availability in open source. This blog details how Darktrace detected this tool without using signatures and how Darktrace RESPOND can be configured to block its malicious usage.
2024
Feb 23, 2024
Aucun élément trouvé.
This blog explores a series of CoinLoader compromises observed by Darktrace in late 2023. CoinLoader is a loader malware known to carry out cryptocurrency mining on infected devices. Darktrace’s autonomous detection and response capabilities allowed it to identify and shut down compromises in the first instance.
2024
Feb 8, 2024
Aucun élément trouvé.