In late 2024, Darktrace detected unusual activity linked to Cyberhaven's Chrome browser extension. Read more about Darktrace’s investigation here.

To strengthen its distributed and complex operations, this global technology leader implemented Darktrace / EMAIL to monitor, detect, and mitigate potential email threats. Read the blog to discover their results.

In 2024, Darktrace identified a cluster of intrusions involving the state-linked malware, ShadowPad. This blog will detail ShadowPad and the associated activities detected by Darktrace.

This blog explores an exploitation capability observed by Darktrace in another email security vendor’s link rewriting and the steps Darktrace took to inform and resolve the issue.

Lynx ransomware, emerging in 2024, targets finance, architecture, and manufacturing sectors with phishing and double extortion. Read on for Darktrace's findings.

Account takeovers are rising with SaaS adoption. Learn how Darktrace detects deviations in user behavior and autonomously stops threats before they escalate.

Explore Darktrace's Annual Threat Report 2024 for insights on the latest cyber threats and trends observed throughout the year.

Discover how AI-led investigations unify IT and OT security, reducing alert fatigue and accelerating alert investigation in industrial environments.

APTs are sophisticated threat actors with the resources to coordinate and achieve long-term objectives. Amidst the skyrocketing numbers of BEC attacks, every organization should be worried about the ability of intruders to infiltrate and exploit. This blog will look at several recent examples of complex email attacks and how Darktrace / EMAIL successfully disarmed and prevented intrusion.

This blog explores key technical factors that define state-of-the-art cybersecurity. Drawing on expertise from our business, academia, and national security standards, outlining five essential criteria.

Discover how Darktrace detected and responded to cyberattacks using Living-off-the-Land (LOTL) tactics to exploit trusted services and tools on customer networks.

AI hype is everywhere, but not many vendors are getting specific. Darktrace’s multi-layered AI combines various machine learning techniques for behavioral analytics, real-time threat detection, investigation, and autonomous response.

Discover how RansomHub is rising in the ransomware landscape, using tools like Atera and Splashtop, reconnaissance tactics, and double extortion techniques.

Reimagining your SOC Part 3/3: This blog explores the challenges security professionals face in managing cyber risk, evaluates current market solutions, and outlines strategies for building a proactive security posture.

This blog dives into the strengths and limitations of CNAPP, explaining how a CDR solution can enhance cloud security to identify and mitigate cross-domain threats.

Reimagining your SOC Part 2/3: This blog explores how the challenges facing the modern SOC can be addressed by transforming the investigation process, unlocking efficiency and scalability in SOC operations with AI.

Insider threats pose significant risks due to access to internal systems. Darktrace detected a former employee attempting to steal data from the customer’s Google Workspace platform. Learn about this threat here.

Reimagining your SOC Part 1/3: This blog shows how security teams can move to autonomous detection and investigation of novel threats, reducing alert fatigue, and enabling tailored, real-time threat response.

Between September and October 2024, Darktrace investigated several customer networks compromised by RansomHub attacks. Further analysis revealed a connection to the ShadowSyndicate threat group. Read on to discover how these entities are linked and the tactics, techniques, and procedures employed in these attacks.

Hear the cybersecurity transformation story of this leading money transmitter, who facilitates more than $9 billion in remittances via thousands of agent locations across the US serving more than two million active customers.