Darktrace now integrates with Amazon Security Lake to augment the value security teams get from both products, streamlining analyst workflows and improving their ability to detect and respond to the full spectrum of known and unknown cyber-threats.

This blog investigates a new strain of ransomware, Hive, a ransomware-as-a-service. Darktrace was able to provide full visibility over the attacks.

This blog discusses Darktrace’s detection of a large-scale SaaS compromise and the subsequent phishing attack propagating through a learning institution.

Air-gapped security measures are not enough for resilience against cyber attacks. Read about how to gain visibility & reduce your cyber vulnerabilities.

Integrated Cloud Email Security (ICES) can be an effective email security solution, but Darktrace/Email's self-learning AI should be your solution of choice.

Banking trojans, designed to steal confidential information, are constantly adapting to avoid detection from security tools. Gozi-ISFB is one of these banking trojans that has caused a recent concern, read more about how Darktrace's Self-Learning AI was able to spot these attacks.

In a crowded market for ICES vendors, those who can offer flexible deployment will remain ahead of the game. This blog explores how vendors can leverage APIs, journaling, cloud and on-premise deployment to provide bespoke in-depth defense for every organization.

While 94% of all cyber-attacks come through the inbox, their destination is almost never email. Attacks often traverse to other areas, like cloud apps and infrastructure, endpoints, or networks. As a result, although security teams must establish a strong cornerstone of email security, they should also consider how those solutions fit into the wider security posture.

This blog demonstrates the relationship between Microsoft Defender and Darktrace security solutions. It takes a deep dive into the relationship between Darktrace DETECT, RESPOND, and Microsoft Defender, providing real examples as to how the two are able to integrate with each other and support security teams.

As the practical users of email, employees should be considered when designing email security. This employee-conscious lens to security can strengthen defenses, improve productivity, and prevent data loss.

Discover how two different phishing attempts from some known and unknown senders used a payroll diversion and credential sealing box link to harm users.

At the end of January 2023, threat actors began to abuse OneNote email attachments to deliver Qakbot onto users' devices. Widespread adoption of this novel delivery method resulted in a surge in Qakbot infections across Darktrace's customer base between the end of January 2023 and the end of February 2023. In this blog, we will provide details of these so-called 'QakNote' infections, along with details of Darktrace's coverage of the steps involved in them.

This blog outlines the challenges faced by security teams in protecting organizations from email-based attacks. It explores how a modern, AI-based security solution can tackle these pain points with targeted autonomous action, frictionless UIs, optimized workflows and full visibility of account users.

Discover how generative AI is impacting email attacks and what companies can do to prepare for more sophisticated and targeted attacker campaigns.

As online attackers change to targeted and sophisticated attacks, Darktrace stresses the importance of protection and utilizing steady verification codes.

Amadey Info-stealer malware was detected across over 30 customers between August and December 2022, spanning various regions and industry verticals. This blog highlights the resurgence of Malware as a Service (MaaS) and the leveraging of existing N-Day vulnerabilities in SmokeLoader campaigns to launch Amadey on customers’ networks. This investigation was part of Darktrace’s continuous Threat Research work in efforts to identify and contextualize threats across the Darktrace fleet, building off of AI insights through collaborative human analysis.

Multi-Factor Authentication (MFA) is a widely used security measure, but it's not bulletproof. See how threat actors can exploit MFA to access your information.

Between June 2021 and June 2022, crypto-currency platforms around the world lost an estimated 44 billion USD to cyber criminals, whose modus operandi range from stealing passwords and account recovery phrases, to cryptojacking and directly targeting crypto-currency transactions.

Compliance breaches can significantly damage a company’s finances and reputation if not properly addressed by security teams. Learn how Darktrace can help!

This blog explains the benefits of thinking like an attacker and modeling attack paths in order to understand where you need to invest your defenses.

As the prevalence of Software-as-a-Service (SaaS) and multi-factor authentication (MFA) as a primary vector of attack continues across a variety of organizations and of every size in multiple industries, it is more important now than ever for organizations to utilize every tool at their disposal to mitigate account compromise at the earliest possible stage.

In the latter half of 2022, Darktrace observed a rise in Vidar Stealer infections across its client base. These infections consisted in a predictable series of network behaviors, including usage of certain social media platforms for the retrieval of Command and Control (C2) information and usage of certain URI patterns in C2 communications. In the blog post, we will provide details of the pattern of network activity observed in these Vidar Stealer infections, along with details of Darktrace’s coverage of the activity.

Despite the market value of cryptocurrency itself decreasing in the final quarter of 2022, the number of known cryptocurrency mining software variants had more than trebled compared to the previous year. The intensive resource demands of mining cryptocurrency has exacerbated the trend of malicious hijacking third-party computers causing slower processing speeds and higher energy bills for many companies.

A recent IDC report found that only 34% of companies feel like pentesting and red teaming exercises provide them with actionable insights on where and how to harden their defenses. This blog summarizes the report and explains how Darktrace PREVENT can help organizations proactively harden defenses.

Financial institutions must follow specific IT security compliance standards, which regularly change. One credit union turned to Darktrace to align with its approach to compliance and risk, benefitting from email protection and proactive attack surface management.