This blog highlights how Darktrace / CLOUD leverages self-learning AI to tackle critical cloud security challenges—such as misconfigurations, hybrid environment complexity, securing productivity suites, and agent fatigue—by providing unified visibility, intelligent monitoring, and real-time threat response to empower organizations with proactive protection.

A recent phishing attack compromised an internal email account, but Darktrace’s advanced AI quickly intervened. By identifying unusual activity across email and SaaS environments, Darktrace uncovered the attacker’s use of VPNs to mask their location and shut down the threat.

This blog outlines ten trends we expect to see in AI cybersecurity in 2025, from a rise in multi-agent systems to heightened supply chain risk from LLMs.

This blog explores the impact of AI on the threat landscape, the benefits of AI in cybersecurity, and the role it plays in enhancing security practices and tools.

Darktrace just picked up the title of "Overall Leader" in KuppingerCole's 2024 Leadership Compass for Network Detection and Response (NDR). Why? Our Self-Learning AI and smart automation make tackling threats faster and easier, helping security teams stay ahead of the game.

Since late 2023, Darktrace has tracked BlackSuit ransomware, a sophisticated spinoff of Royal ransomware, targeting various industries. Using double extortion tactics, BlackSuit demands substantial ransoms, causing significant disruption. Darktrace’s proactive measures highlight the need for robust cybersecurity to counteract these evolving threats and protect critical assets.

Spanish-language naming conventions complicate identity mapping for spoofing & especially whale-spoofing detection. Darktrace / EMAIL incorporates parsing logic that allows for faithful spoofing detection in conjunction with anomaly detection.

This blog provides an in-depth overview of NERC CIP-015 compliance requirements, focusing on the importance of internal network security monitoring (INSM) for electric utilities. Learn about the NERC CIP-015 standards adopting internal network security monitoring (INSM) solutions with Darktrace.

This blog explores recent findings from Darktrace's Threat Research team on active exploitation campaigns targeting Fortinet appliances. This analysis focuses on the September 2024 exploitation of FortiManager via CVE-2024-47575, alongside related malicious activity observed in June 2024.

In a recent incident, Darktrace uncovered a M365 account takeover attempt targeting a company in the manufacturing industry. The attacker executed a sophisticated phishing attack, gaining access through the organization’s SaaS platform. This allowed the threat actor to create a new inbox rule, potentially setting the stage for future compromises.

Android-based malware like Triada is increasingly targeting banking and communication apps to steal sensitive data. Triada uses sophisticated methods to evade detection, exfiltrating data to C2 servers via algorithmically generated hostnames. This underscores the need for advanced security measures to protect against these evolving threats and safeguard user data.

More and more security teams are adopting AI-powered cybersecurity solutions, but first-time buyers may not know how to evaluate new vendors and tools. This blog covers questions to consider at each stage of the AI adoption journey to ensure return on investment.

When a remote user fell victim to a vishing attack, allowing a malicious actor to gain access to a customer network, Darktrace swiftly detected the intrusion and responded effectively. This prompt action prevented any data loss and reinforced trust in Darktrace’s robust security measures.

This blog announces the general availability of Microsoft Azure support for Darktrace / CLOUD, enabling real-time cloud detection and response across dynamic multi-cloud environments. Read more to discover how Darktrace is pioneering AI-led real-time cloud detection and response.

Discover how Darktrace identified a sophisticated business email compromise (BEC) attack to successfully acquire a prospective customer in a trial alongside two other email security vendors. This case demonstrates the clear differentiator of true unsupervised machine learning applied to the right use cases, compared to miscellaneous vendor hype around AI.

Generative AI tools have increased the risk of BEC, and traditional cybersecurity defenses struggle to stay ahead of the growing speed, scale, and sophistication of attacks. Only multilayered, defense-in-depth strategies can counter the AI-powered BEC threat.

Discover how thread hijacking led to a SaaS compromise on a Darktrace customer network, revealing the attacker’s tactics to infiltrate trusted conversations and potentially steal sensitive credentials. Learn about Darktrace’s autonomous detection and response actions that blocked and prevented the attack from escalating.

The global cybersecurity skills gap is widening, leaving many organizations vulnerable to increasing cyber threats. This blog explores how CISOs can implement AI strategies to make the most of their existing workforce through automation, consolidation and education.

Soon after CVE-2023-48788 was publicly disclosed in late March 2024, Darktrace began to see compromises in FortiClient EMS devices on customer networks. Read on to find out more about what our Threat Research team uncovered.

This blog gives an overview of the proposed FAA regulations for safeguarding aviation systems and their cyber-physical networks. Read more to discover key points, challenges, and potential solutions for each use case.

In early May 2024, Fog ransomware was first observed in the wild, seemingly targeting US-based educational organizations. Read on to find out about Darktrace’s investigation into this novel ransomware threat.

In May 2024, a Darktrace customer was affected by KOK08, a ransomware strain commonly used by the Matrix ransomware family. Learn more about the tactics used by this ransomware case, including double extortion, and how Darktrace is able to detect and respond to such threats.

As we enter the era of AI, both the way businesses operate and the landscape that they operate within are changing. To continue to support our customers, we’ve refocused our mission to be the essential cybersecurity platform using AI to proactively defend against novel and known threats.

Darktrace observed the rapid exploitation of a critical vulnerability in JetBrains TeamCity (CVE-2024-27198) shortly following its public disclosure. Learn how the need for speedy detection serves to protect against supply chain attacks.

Darktrace prevented a Critical National Infrastructure organization from falling victim to a SharePoint phishing attack originating from one of its trusted suppliers. This blog discusses common perceptions of zero-trust in email security, how AI that uses anomaly-based threat detection embodies core zero-trust principles and the relevance of this approach to securing CNI bodies with complex but interdependent supply chains from Cloud account compromise.