Skip to Main Content

Our Insights

Providing you the latest industry-specific news and insights.

  • article

    Dear Ramey: Company Boards Bring Security to the Forefront

    ANSWERING BURNING QUESTIONS FROM VICTIMS OF CYBER EVENTS. DEAR RAMEY: Our board’s top priority is cybersecurity. We have a large information security organization led by a chief information security officer (CISO) and we’ve also sponsored…

    Read more
  • article

    SIEM vs. XDR: Advances in Security Monitoring and Cyber Defense

    BY RAE JEWELL The cybersecurity industry is chockfull of jargon, abbreviations, and acronyms. So much so that it can often be difficult to decide which tools may provide the best protection for your company. To help, we’d like to clarify some terms…

    Read more
  • article

    Dear Ramey: Watering Hole Attacks Explained

    ANSWERING BURNING QUESTIONS FROM VICTIMS OF CYBER EVENTS. DEAR RAMEY:  I heard this phrase “watering hole attack.” I understand the concept of a phishing email but how is a watering hole attack different? – Safari Sam DEAR SAFARI SAM: Even…

    Read more
  • article

    Fool Us Once … BlackMatter Initial Access Tactics Point to a Possible REvil Association

    BY CYBER THREAT INTELLIGENCE TEAM Arete observed an overlap between a recent BlackMatter case and a Q1 2021 REvil case. In both instances, the actors leveraged the NodeJS-based Gootloader to deliver a CobaltStrike payload. In a March 2021 insight,…

    Read more
  • article

    PYSA: 2020 to Now

    BY ARETE CYBER THREAT INTELLIGENCE TEAM  PYSA is the newest variant of the Mespinoza Ransomware as a Service (RaaS) family, which was first observed infecting victims in the wild in December 2019. PYSA is likely a reference to the open-source web…

    Read more
  • article

    Dear Ramey: Tips to Improve the Security of Data Sharing

    ANSWERING BURNING QUESTIONS FROM VICTIMS OF CYBER EVENTS.  DEAR RAMEY: The more I read in the news about cyberattacks, the more I worry about all the information that could wind up in the wrong hands. Social media sites, law firms, and…

    Read more
  • report

    Q2 2021 Crimeware Report: Crime and No Punishment

    Like legitimate businesspeople, threat actors are always looking for ways to optimize operations and boost profits. With time and impunity on their side, some started to get more creative in Q2 2021.

    Read more
  • podcast

    Cybersecurity is a Moving Target with Marc Bleicher

    Steve and Marc Bleicher discuss how the state of cybersecurity has changed since they spoke on the first episode of the season, the latest news including the Kaseya attacks, the power of the cloud, and the future of cryptocurrency.

    Read more
  • article

    Dear Ramey: What Can We Do to Minimize the Target on Our Back?

    ANSWERING BURNING QUESTIONS FROM VICTIMS OF CYBER EVENTS. DEAR RAMEY: We haven’t experienced a breach or unauthorized access — at least not that we know of — but recent news headlines have my company concerned and wondering how we can minimize our…

    Read more
  • podcast

    Beyond the Breach: Data Privacy and Legal Expertise

    Stephen Ramey discusses data privacy and cyber security law, the evolution of business email compromises, and the importance of data mining with Mullen Coughlin Partner, Greg Bautista.

    Read more
  • report

    Engineering Consulting Firm Improves Security with a Formalized, Top-down Risk Management Program

    Engineering consulting firm improves security with a formalized, top-down risk management program.

    Read more
  • podcast

    Beyond the Breach: Data Exfil & Data Mining with Will Hartz

    Stephen Ramey invites Arete Director of Data Breach Analysis Will Hartz onto the podcast to discuss what happens beyond the breach and how Arete helps clients identify and report on sensitive data.

    Read more