Discover how Darktrace detected and responded to cyberattacks using Living-off-the-Land (LOTL) tactics to exploit trusted services and tools on customer networks.

This blog explores key technical factors that define state-of-the-art cybersecurity. Drawing on expertise from our business, academia, and national security standards, outlining five essential criteria.

AI hype is everywhere, but not many vendors are getting specific. Darktrace’s multi-layered AI combines various machine learning techniques for behavioral analytics, real-time threat detection, investigation, and autonomous response.

Discover how RansomHub is rising in the ransomware landscape, using tools like Atera and Splashtop, reconnaissance tactics, and double extortion techniques.

Reimagining your SOC Part 3/3: This blog explores the challenges security professionals face in managing cyber risk, evaluates current market solutions, and outlines strategies for building a proactive security posture.

This blog dives into the strengths and limitations of CNAPP, explaining how a CDR solution can enhance cloud security to identify and mitigate cross-domain threats.

Reimagining your SOC Part 2/3: This blog explores how the challenges facing the modern SOC can be addressed by transforming the investigation process, unlocking efficiency and scalability in SOC operations with AI.

Insider threats pose significant risks due to access to internal systems. Darktrace detected a former employee attempting to steal data from the customer’s Google Workspace platform. Learn about this threat here.

Between September and October 2024, Darktrace investigated several customer networks compromised by RansomHub attacks. Further analysis revealed a connection to the ShadowSyndicate threat group. Read on to discover how these entities are linked and the tactics, techniques, and procedures employed in these attacks.

Hear the cybersecurity transformation story of this leading money transmitter, who facilitates more than $9 billion in remittances via thousands of agent locations across the US serving more than two million active customers.

Reimagining your SOC Part 1/3: This blog shows how security teams can move to autonomous detection and investigation of novel threats, reducing alert fatigue, and enabling tailored, real-time threat response.

Threat actors often use advanced phishing toolkits and Adversary-in-the-Middle (AitM) attacks in Business Email Compromise (BEC) campaigns, Discover how Darktrace detected and mitigated a sophisticated attack leveraging Dropbox, highlighting the importance of robust cybersecurity measures.

Cloud security solutions can be deployed with agentless or agent-based approaches or use a combination of methods. Organizations must weigh which method applies best to the assets and data the tool will protect.

Darktrace is proud to announce we’ve been recognized as a Challenger in our first appearance in the Gartner® Magic Quadrant™ for Email Security. In the report you’ll get key insights into the evolving email threat landscape, the requirements of a modern email security platform and the role of AI in advanced threat detection.

File transfer applications are prime targets for ransomware groups due to their critical role in business operations. Recent vulnerabilities in Cleo's MFT software, namely CVE-2024-50623 and CVE-2024-55956, highlight ongoing risks. Read more about the Darktrace Threat Research team’s investigation into these vulnerabilities.

Explore how nation-state supply chain attacks like 3CX, NotPetya, and SolarWinds exploited trusted providers to cause global disruption, highlighting the urgent need for robust security measures.

This blog explores how Darktrace shut down a major third-party cyber-attack, preventing the deployment of ransomware. Read more to discover how the security team now spends 80-90% of their time working on more strategic projects vs. manual, low-level tasks.

Darktrace’s Threat Research team investigated a major campaign exploiting vulnerabilities in Palo Alto firewall devices (CVE 2024-0012 and 2024-9474). Learn about the spike in post-exploitation activities and understand the need for anomaly-based detection to stay ahead of evolving threats.

Darktrace is recognized as a Leader in the IDC MarketScape. Read this blog to find out more about Darktrace's leadership in the market and our pioneering leadership in AI over the past decade, alongside a variety of other unique differentiators and innovations in the NDR industry.

In the coming years, cloud security will not only need to adapt to increasingly complex environments as ecosystems become more distributed, but also to rapidly evolving threats like supply chain attacks, advanced misconfiguration exploits, and credential theft. AI-powered cloud security tools can help security teams keep up.

Phishing-as-a-Service (PhaaS) platforms have lowered entry barriers for cybercriminals, leading to sophisticated AiTM phishing attacks. Darktrace's AI-driven solutions, including Darktrace / EMAIL, effectively counter these threats by identifying and neutralizing phishing attempts. Recently, Darktrace investigated a notable example involving MFA. Read about the Threat Research team’s findings here.

Black Friday and Cyber Monday are prime targets for cyber-attacks, as consumer spending rises and threat actors flock to take advantage. Darktrace analysis reveals a surge in retail cyber scams at the opening of the peak 2024 shopping period, and the top brands that scammers love to impersonate. Plus, don’t forget to check out our top tips for holiday-proofing your SOC before you clock off for the festive season.

This blog highlights how Darktrace / CLOUD leverages self-learning AI to tackle critical cloud security challenges—such as misconfigurations, hybrid environment complexity, securing productivity suites, and agent fatigue—by providing unified visibility, intelligent monitoring, and real-time threat response to empower organizations with proactive protection.

A recent phishing attack compromised an internal email account, but Darktrace’s advanced AI quickly intervened. By identifying unusual activity across email and SaaS environments, Darktrace uncovered the attacker’s use of VPNs to mask their location and shut down the threat.

This blog outlines ten trends we expect to see in AI cybersecurity in 2025, from a rise in multi-agent systems to heightened supply chain risk from LLMs.