Resources
Providing you the latest industry-specific news and insights.
![]()
Conti Ransomware is the New Ryuk?
Based on forensic analysis, Arete’s Threat Intelligence team observed that Conti ransomware could be a rebrand of Ryuk ransomware, as both variants have similar tactics, including leveraging the TrickBot banking trojan to deploy ransomware.
Read more![]()
Remote Working Cyber Risks
Tune in to this week's episode as we sit down with Arete’s Director of Incident Response to delve into the cyber risks associated with remote work.
Read more
Universal Encryption
Ransomware variants like Ryuk, WastedLocker, and Dopplepaymer are also file level encryption. These groups will gain access to the network and perform reconnaissance to identify the victim, understand their business, identify critical systems, and…
Read moreSystem Specific Encryption
Ransomware variants like Phobos, Dharma or CryLock are file level encryption. The TA gains access to the system, copies specific encryption executables onto the systems then runs the executables to encrypt the files. The results are files with a new…
Read moreRemote Access and IoT Search Engines
Recently, Arete Incident Response Tiger Teams (“Arete IR”) have responded to an increased volume of ransomware incidents involving the Sodinikibi, Phobos, and Dharma ransomware variants. The threat actors deploying these variants are known to use…
Read moreMonero- Overview & Quick Facts
OVERVIEW Recently, the threat group behind Sodinokibi ransomware publicly announced the switch from Bitcoin to accepting only Monero payments. The switch was motivated largely by the fact that Monero is inherently more difficult for law…
Read more![]()
Maze Ransomware: Is Posting Data Counterproductive?
In 2020, Maze Ransomware began utilizing both encryption and data exfiltration in an attempt to maximize ransom payments, but these tactics may backfire by adding additional incident response costs for victims.
Read more
