Darktrace’s teams have observed a surge in malicious activities targeting Ivanti Connect Secure (CS) and Ivanti Policy Secure (PS) appliances. Learn more!

Cado Security Labs uncovered a new campaign targeting vulnerable Docker services. Attackers deploy XMRig miners and the 9hits viewer application to generate credits. This campaign highlights attackers' evolving monetization strategies and the ongoing vulnerability of exposed Docker hosts.

Discover how Darktrace DETECT and the SOC team responded to a network compromise via a trusted partner relationship with this case study.

Explore the three challenges facing industries that manage OT and ICS Systems, the benefits of adopting AI technology, and Darktrace / OT’s unique role!

Examine the growing threat of cyber cartels in Latin America and learn how to safeguard against their attacks.

"Commando Cat" is a novel cryptojacking campaign exploiting exposed Docker API endpoints. This campaign demonstrates the continued determination attackers have to exploit the service and achieve a variety of objectives.

Discover how Darktrace thwarted DarkGate malware in Microsoft Teams. Stay informed on the latest cybersecurity measures and protect your business.

Stay informed about the latest trends in cyber threats with Darktrace experts, including how attacks are evolving and becoming more personalized.

Darktrace has provided full visibility over the MyKings botnet kill chain from the beginning of its infections to the eventual cryptocurrency mining activity.

The PurpleFox rootkit poses significant risks. Discover how Darktrace leveraged advanced techniques to combat this persistent cyber threat.

Discover how the Bipartisan Infrastructure Law and its $250M Rural and Municipal Utility Cybersecurity Program empower electric cooperatives and municipalities to strengthen cybersecurity. Learn how innovative tools like anomaly detection, IT/OT integration, and AI-driven solutions enhance resilience against modern threats.

Understand the risks posed by the Sectop remote access Trojan and how Darktrace implements strategies to enhance cybersecurity defenses.

OracleIV is a DDoS botnet exploiting misconfigured Docker Engine APIs. It delivers a malicious Python ELF executable within a Docker container ("oracleiv_latest") to perform various DoS attacks. The botnet communicates with a C2 server for commands, demonstrating attackers' continued use of exposed Docker instances.

Read about effective threat hunting techniques with Darktrace, focusing on identifying vulnerabilities and improving your security measures.

Discover how Darktrace effectively detected and thwarted the PlugX remote access trojan in 2023 despite its highly evasive and adaptive nature.

Darktrace's autonomous response successfully thwarted a Trickbot intrusion. See how AI played a crucial role in this defense.

Learn how malicious actors exploit errors in generative AI tools to launch packet attacks. Read how Darktrace products detect and prevent these threats!

Qubitstrike is an emerging cryptojacking campaign primarily targeting exposed Jupyter Notebooks that exfiltrates cloud credentials, mines XMRig, and employs persistence mechanisms. The malware utilizes Discord for C2, displaying compromised host information and enabling command execution, file transfer, and process hiding via the Diamorphine rootkit.

Discover how Darktrace DETECT thwarted a banking trojan targeting Brazilian organizations, preventing data theft and informing the customer.

Read about the ViperSoftX threat and how Darktrace's innovative detection methods exposed this cyber intrusion and its potential impacts.