Delve into the complexities of the Royal and Blacksuit ransomware strains and their implications for cybersecurity in today’s digital landscape.

Spanish-language naming conventions complicate identity mapping for spoofing & especially whale-spoofing detection. Darktrace / EMAIL incorporates parsing logic that allows for faithful spoofing detection in conjunction with anomaly detection.

Discover the role of AI in shaping cybersecurity predictions for 2025 and how organizations can prepare for emerging threats.

Learn about NERC CIP-015 and its internal network security monitoring requirements. Discover how to ensure compliance and enhance your security posture.

This blog explores recent findings from Darktrace's Threat Research team on active exploitation campaigns targeting Fortinet appliances. This analysis focuses on the September 2024 exploitation of FortiManager via CVE-2024-47575, alongside related malicious activity observed in June 2024.

In a recent incident, Darktrace uncovered a M365 account takeover attempt targeting a company in the manufacturing industry. The attacker executed a sophisticated phishing attack, gaining access through the organization’s SaaS platform. This allowed the threat actor to create a new inbox rule, potentially setting the stage for future compromises.

More and more security teams are adopting AI-powered cybersecurity solutions, but first-time buyers may not know how to evaluate new vendors and tools. This blog covers questions to consider at each stage of the AI adoption journey to ensure return on investment.

Explore the intricacies of the Triada Trojan and its targeting of communication and banking apps. Learn how to safeguard against this threat.

When a remote user fell victim to a vishing attack, allowing a malicious actor to gain access to a customer network, Darktrace swiftly detected the intrusion and responded effectively. This prompt action prevented any data loss and reinforced trust in Darktrace’s robust security measures.

This blog announces the general availability of Microsoft Azure support for Darktrace / CLOUD, enabling real-time cloud detection and response across dynamic multi-cloud environments. Read more to discover how Darktrace is pioneering AI-led real-time cloud detection and response.

Discover how Darktrace identified a sophisticated business email compromise (BEC) attack to successfully acquire a prospective customer in a trial alongside two other email security vendors. This case demonstrates the clear differentiator of true unsupervised machine learning applied to the right use cases, compared to miscellaneous vendor hype around AI.

Generative AI tools have increased the risk of BEC, and traditional cybersecurity defenses struggle to stay ahead of the growing speed, scale, and sophistication of attacks. Only multilayered, defense-in-depth strategies can counter the AI-powered BEC threat.

Read about thread hijacking and how attackers exploit trusted conversations, compromising network security and user data. Stay informed.

The global cybersecurity skills gap is widening, leaving many organizations vulnerable to increasing cyber threats. This blog explores how CISOs can implement AI strategies to make the most of their existing workforce through automation, consolidation and education.

Read about the methods used to exploit FortiClient EMS and the critical post-exploitation tactics that affect cybersecurity defenses.

This blog gives an overview of the proposed FAA regulations for safeguarding aviation systems and their cyber-physical networks. Read more to discover key points, challenges, and potential solutions for each use case.

In May 2024, a Darktrace customer was affected by KOK08, a ransomware strain commonly used by the Matrix ransomware family. Learn more about the tactics used by this ransomware case, including double extortion, and how Darktrace is able to detect and respond to such threats.

As we enter the era of AI, both the way businesses operate and the landscape that they operate within are changing. To continue to support our customers, we’ve refocused our mission to be the essential cybersecurity platform using AI to proactively defend against novel and known threats.

Darktrace observed the rapid exploitation of a critical vulnerability in JetBrains TeamCity (CVE-2024-27198) shortly following its public disclosure. Learn how the need for speedy detection serves to protect against supply chain attacks.

Darktrace prevented a Critical National Infrastructure organization from falling victim to a SharePoint phishing attack originating from one of its trusted suppliers. This blog discusses common perceptions of zero-trust in email security, how AI that uses anomaly-based threat detection embodies core zero-trust principles and the relevance of this approach to securing CNI bodies with complex but interdependent supply chains from Cloud account compromise.