Tag Archive for: Darktrace

Darktrace says Cyber threats shifting towards as-a-service tools

/in


The latest End of Year Threat Report by Darktrace indicates a significant shift in cyber threats and attack methods over the last half of 2023. The report draws attention to an increasing reliance by cybercriminals on as-a-service tools and underscores evolving attacker strategies.

According to the findings, as-a-service attacks continue to be the primary threats, with Malware-as-a-Service (MaaS) and Ransomware-as-a-Service (RaaS) representing the major portion of tools wielded by cybercriminals. These services provide criminals with functionalities such as pre-made malware, payment processing systems, and phishing email templates, thus enabling attackers who lack sophisticated technical expertise to launch attacks.

The most prevalent as-a-service tools recorded by Darktrace from July to December 2023 include malware loaders, accounting for 77% of investigated threats. These are followed by cryptominers (52% of investigated threats) that use infected devices for cryptocurrency mining and botnets (39% of investigated threats) that enrol users in wider networks of compromised devices for large-scale attacks. Information-stealing malware, designed to clandestinely access and gather sensitive data, comprised 36% of examined threats while proxy botnets made up 15%.

The study shed light on the fast-growing threats replacing Hive ransomware, previously identified as one of the major Ransomware-as-a-Service attacks in 2023. When Hive was dismantled by the US government in January 2023, there arose a void which was quickly filled by threats such as ScamClub, known for spreading fake virus alerts to leading news sites and AsyncRAT, lately responsible for attacks on US infrastructure employees.

In the period between 1st September and 31st December 2023, Darktrace detected 10.4 million phishing emails. However, alongside traditional methods such as phishing, cyber criminals are adopting more sophisticated strategies designed to sidestep traditional security parameters. The report cites the rise of Microsoft Teams phishing as an example of these advances. In this method, attackers impersonate co-workers to trick employees into clicking harmful links deployed in the Teams…

Source…

Darktrace Denies Getting Hacked After Ransomware Group Names Company on Leak Site

/in


Cybersecurity company Darktrace issued a statement on Thursday after it was named on the leak website of the LockBit ransomware group.

“Earlier this morning we became aware of tweets from LockBit, the cyber-criminal gang, claiming that they had compromised Darktrace’s internal security systems and had accessed our data. Our security teams have run a full review of our internal systems and can see no evidence of compromise,” Darktrace said.

“None of the LockBit social media posts link to any compromised Darktrace data. We will continue to monitor the situation extremely closely, but based on our current investigations we are confident that our systems remain secure and all customer data is fully protected,” it added.

The statement was issued after a post on LockBit’s leak website seemed to suggest that the ransomware group had targeted Darktrace. The post suggested that data was stolen from Darktrace and that the cybercriminals were asking for a $1 million ransom.

However, it appears that Darktrace was not hacked — or even targeted — by LockBit. Instead, the entry on the LockBit leak website apparently comes in response to a recent Twitter post from Singapore-based threat intelligence firm DarkTracer, which is not related in any way to Darktrace.

“The reliability of the RaaS service operated by LockBit ransomware gang seems to have declined,” DarkTracer said on Wednesday, referring to junk data being posted on the LockBit leak website. 

The fake data on the LockBit site was apparently test data posted by the hackers while doing maintenance. 

The cybercriminals were not happy with DarkTracer’s allegations, but confused it with UK-based Darktrace and published a post suggesting that they had hacked Darktrace. These types of mistakes are not uncommon for ransomware groups. 

It’s worth noting that there is also no evidence that LockBit targeted DarkTracer either. 

LockBit last year claimed to have stolen hundreds of gigabytes of data from cybersecurity firm Entrust. The company confirmed that some systems used for internal operations had been breached and that some files had been stolen, but has still not publicly shared additional information on the…

Source…

Better cybersecurity practices for journalists | Cyber Work Podcast

/in



Will The Darktrace IPO Race Out Of The Blocks?

/in


In a welcome boost for the London IPO market after the Deliveroo flop, UK cyber security company Darktrace has announced its intention to list in London in the coming weeks.

This is great news, and an opportunity for London bankers to showcase it has the expertise to price an IPO correctly, as well as for the company’s management to set expectations around the Darktrace IPO accordingly.

Darktrace IPO coming to London

Darktrace was founded in 2013, and uses Artificial Intelligence (AI) to identify cyber threats within client’s computer systems. The Darktrace IPO offers bankers a chance for redemption to price the listing correctly.

The company has over 4,700 clients and has seen a 45% increase in revenue year to date, with the US its biggest market, though the company’s HQ is in Cambridge.

Formula One fans will know of Darktrace due to its sponsorship of the McLaren team with its name having pride of place on the rear wing of the MCL35M.

Unlike Deliveroo, there are few concerns about the sustainability of its business model, however the company has as yet been unable to turn a profit.

That in itself shouldn’t affect interest in the Darktrace IPO – successful businesses are rarely profitable straight out of the traps. However there is significant growth potential in the cybersecurity market.

Listing could set high value

According to the 12 April filing, from fiscal year 2018 to fiscal year 2020, the company said that group revenue has grown from $79.4m to $199.1m, with adjusted earnings improving from a loss of $27m to a $9m profit.

Client growth over the same period has seen a rise from 1,659 to 3,858.

Expectations are for the company to issue £250m in new and existing shares, with the Darktrace IPO, which could come as soon as the end of this month, set to value the business at around £3bn. 

The shares would also be available for inclusion in the FTSE UK indices.

Potential issues remain

Another potential landmine is the legal problems around former Autonomy CEO Mike Lynch, who also happens to be one of the founders, through his Invoke Capital fund. Lynch is on trial for fraud as part of his involvement in the…

Source…