Skip to Main Content

Our Insights

Providing you the latest industry-specific news and insights.

  • article

    Surtr Ransomware Pays Tribute to REvil

    Executive Summary In February 2022, Arete investigated a Surtr ransomware incident where the ransomware author(s) paid tribute to the now defunct REvil (aka Sodinokibi) group by making a registry key change to the infected host. REvil was…

    Read more
  • report

    2021 Annual Crimeware Report: From Tailwinds to Headwinds

    Community and government action helps shift the course of ransomware.

    Read more
  • article

    Dear Ramey: Missteps During an Incident Response Investigation Can Further Complicate Recovery

    DEAR RAMEY: MISSTEPS DURING AN INCIDENT RESPONSE INVESTIGATION CAN FURTHER COMPLICATE RECOVERY Answering burning questions from victims of cyber events DEAR RAMEY: What can go wrong during an incident investigation?         – Murphy L DEAR…

    Read more
  • article

    Dear Ramey: Five Ways to Maximize Your Security Budget in 2022

    ANSWERING BURNING QUESTIONS FROM VICTIMS OF CYBER EVENTS DEAR RAMEY: Happy New Year! Our organization made it through the holiday season without a security event. While we were probably one of the few, we’d like to build up our defenses and carry…

    Read more
  • article

    Cybersecurity in the Age of Ransomware. It’s More Than Simply Having Insurance.

    BY KEVIN BAKER    In many ways, cybersecurity insurance is not so different from car or home insurance. In short, it’s a way to transfer risk. If a cyber incident occurs, insurance can help organizations gain a level of mitigating control and…

    Read more
  • article

    No Deal Is Worth Identity Theft: Ways to Prepare for Secure Holiday Shopping

    By Kevin Baker The holidays are upon us and with them often comes a mad rush to “Act now!” to score the best online deals “before it’s too late!” Unfortunately, competitive, hurried Black Friday-type shopping can translate to distracted shopping,…

    Read more
  • article

    Dear Ramey: Security Awareness Must Be Continual Awareness

    ANSWERING BURNING QUESTIONS FROM VICTIMS OF CYBER EVENTS. DEAR RAMEY: Last year during the holidays, I remember seeing a lot of articles about breaches. As we move towards this holiday season, should we expect the same? What can we do to protect…

    Read more
  • report

    Q3 2021 Crimeware Report: For Every Action, There Is an Equal and Opposite Reaction

    Cybercrime is in a constant state of evolution and revolution, and threat actors are reacting to the actions of their targets as governments and law enforcement agencies seek to protect those targets.

    Read more
  • article

    Dear Ramey: Company Boards Bring Security to the Forefront

    ANSWERING BURNING QUESTIONS FROM VICTIMS OF CYBER EVENTS. DEAR RAMEY: Our board’s top priority is cybersecurity. We have a large information security organization led by a chief information security officer (CISO) and we’ve also sponsored…

    Read more
  • article

    SIEM vs. XDR: Advances in Security Monitoring and Cyber Defense

    BY RAE JEWELL The cybersecurity industry is chockfull of jargon, abbreviations, and acronyms. So much so that it can often be difficult to decide which tools may provide the best protection for your company. To help, we’d like to clarify some terms…

    Read more
  • article

    Dear Ramey: Watering Hole Attacks Explained

    ANSWERING BURNING QUESTIONS FROM VICTIMS OF CYBER EVENTS. DEAR RAMEY:  I heard this phrase “watering hole attack.” I understand the concept of a phishing email but how is a watering hole attack different? – Safari Sam DEAR SAFARI SAM: Even…

    Read more
  • article

    Fool Us Once … BlackMatter Initial Access Tactics Point to a Possible REvil Association

    BY CYBER THREAT INTELLIGENCE TEAM Arete observed an overlap between a recent BlackMatter case and a Q1 2021 REvil case. In both instances, the actors leveraged the NodeJS-based Gootloader to deliver a CobaltStrike payload. In a March 2021 insight,…

    Read more