Resources
Providing you the latest industry-specific news and insights.
![]()
Threat Actor Spotlight: BlackSuit Ransomware
First observed by Arete in May 2023, BlackSuit ransomware is an emerging cyber threat targeting organizations across several sectors. This spotlight explores the ransomware behavior observed, incident response data, and technical analysis.
Read more![]()
LockBit Claims to Have U.S. Federal Reserve Data
On June 25, LockBit claimed to have stolen 33 terabytes of data from the U.S. Federal Reserve. They posted 21 links with data from Evolve Bank & Trust, which was recently penalized for compliance issues.
Read more![]()
Q1 2024 Crimeware Report
Q1 2024 Crimeware Report uses data from Arete’s ransomware and extortion responses. It covers ransomware variant trends, ransom demands, impacts on infrastructure, and Q2 forecasts.
Read more![]()
Scattered Spider Adapts to Evolving Threat Landscaped
Delve into the dynamic threat landscape of cybersecurity with a comprehensive analysis of RansomHub and Scattered Spider's evolving tactics in ransomware and data theft. Learn how these groups adapt and pivot in response to disruptions.
Read more![]()
RansomHub: An Emerging Ransomware-as-a-Service
RansomHub has attacked over 75 victims, believed to be a rebrand of Knight ransomware. Exploiting Windows ZeroLogon, they target high-profile entities like Frontier, Christie's, and Change Healthcare. RansomHub aggressively monetizes its attacks.
Read more![]()
Windows Native Ransomware – Encrypting with Bitlocker
Bitlocker, a Windows app for full-volume encryption, is exploited by threat actors to encrypt files and demand ransom. Despite more advanced options, new actors like "Shrinklocker" still prefer Bitlocker for encryption.
Read more![]()
Ransomware Realities: Additional Risks During the Crisis
After a ransomware attack, restoring data and minimizing business disruption is crucial. It's also vital to address post-incident factors to ensure full recovery and prevent further security issues. Discover key strategies to mitigate threats.
Read more![]()
2023 Annual Crimeware Report
Leveraging data collected during incident response engagements, this report follows the rise and fall of ransomware variants, notable trends in ransom demands and payments, industries targeted by ransomware attacks, and what may be coming next.
Read more![]()
ALPHV/BlackCat Disruption: Operations Resume
Despite law enforcement’s disruption to ALPHV/BlackCat’s infrastructure in December 2023, the group has since resumed operations.
Read more
Law Enforcement Actions Leave ALPHV/BlackCat Scrambling to Salvage Operations
Through a coordinated law enforcement effort spearheaded by the FBI, ALPHV/BlackCat infrastructure was disrupted on December 7, 2023, in an operation publicly announced on December 19, 2023.
Read more![]()
Cybersecurity is a Moving Target
Experts discuss how the state of cybersecurity has changed since they spoke on the first episode of the season, the latest news including the Kaseya attacks, the power of the cloud, and the future of cryptocurrency.
Read more![]()
Crimeware Report: Trends and Highlights from Q3 2023
This report covers trends observed during Arete’s response to ransomware and extortion attacks from July 1 through September 30, 2023. The volume of attacks in Q3 was consistent with that observed in the first half of 2023.
Read more
