Skip to Main Content

Our Insights

Providing you the latest industry-specific news and insights.

  • article

    Universal Encryption

    Ransomware variants like Ryuk, WastedLocker, and Dopplepaymer are also file level encryption. These groups will gain access to the network and perform reconnaissance to identify the victim, understand their business, identify critical sys­tems, and…

    Read more
  • article

    System Specific Encryption

    Ransomware variants like Phobos, Dharma or CryLock are file level encryption. The TA gains access to the system, copies specific encryption executables onto the systems then runs the executables to encrypt the files. The results are files with a new…

    Read more
  • article

    Remote Access and IoT Search Engines

    Recently, Arete Incident Response Tiger Teams (“Arete IR”) have responded to an increased volume of ransomware incidents involving the Sodinikibi, Phobos, and Dharma ransomware variants. The threat actors deploying these variants are known to use…

    Read more
  • article

    Monero- Overview & Quick Facts

    OVERVIEW Recently, the threat group behind Sodinokibi ransomware publicly announced the switch from Bitcoin to accepting only Monero payments. The switch was motivated largely by the fact that Monero is inherently more difficult for law…

    Read more
  • article

    Maze Ransomware: Is Posting Data Counterproductive?

    Ransomware incidents dominated INFOSEC news in 2019. Penetration methods continued to evolve, attacks became more targeted and ransom demands continued to rise. A major shift in attacker tactics happened in early December when the group behind the…

    Read more