Resources
Providing you the latest industry-specific news and insights.
![]()
XWorm RAT Builder Targets Script Kiddies
A trojanized XWorm RAT builder targets new hackers, infecting over 18,000 devices worldwide and stealing credentials via Telegram, YouTube, and GitHub.
Read more![]()
AWS Falls Victim to Ransomware
Emerging ransomware Codefinger encrypts AWS S3 buckets via SSE-C, targeting cloud data for ransom. Learn about the impact and potential risks of this tactic.
Read more![]()
Malware Spotlight: RansomHub Ransomware
Arete has responded to dozens of incidents attributed to the RansomHub threat actor group. This spotlight explores RansomHub’s observed behavior, statistics from Incident Response engagements, and a technical analysis of RansomHub’s ransomware execut
Read more![]()
Over 390,000 Credentials Stolen via Malicious GitHub Repository
Year-long trojanized supply chain attack targets pros and thieves, stealing credentials and installing cryptominers.
Read more![]()
Chinese Threat Actor Activity Drives US Government Recommendation for Encrypted Communications
FBI and CISA urge encrypted mobile use after Salt Typhoon cyberattacks target U.S. telecom providers for espionage.
Read more![]()
Managed Detection and Response: A Cornerstone of a Multi-Pronged Approach to Security
The barrier of entry into cybercrime has become significantly lower in recent years, with artificial intelligence, leaked source code, and Cybercrime-as-a-Service tools enabling even less experienced threat actors to execute damaging attacks.
Read more![]()
Threat Actors Attempting to Sell Data While Extorting Victims
Discover how cyber threat actors like "wonder" and "M0riarty" monetize stolen data through BreachForums and ransomware tactics.
Read more![]()
Interlock: An Emerging Ransomware Threat
An analysis of the Interlock ransomware group, their tactics, and their impact across various industries.
Read more![]()
Malware Spotlight: Akira Ransomware
Arete has responded to over one hundred incidents attributed to the Akira ransomware group. This spotlight explores Akira’s observed behavior, statistics from Incident Response engagements, and a technical analysis of Akira’s ransomware executable.
Read more![]()
Black Basta Leverages New Social Engineering Technique
Black Basta, a ransomware group active since at least April 2022, is deploying a new social engineering tactic using Microsoft Teams in an active campaign.
Read more![]()
The Return of Bumblebee Loader
After its disruption in May 2024, Bumblebee is back in the cyber ecosystem, using a new infection chain with LNK, PowerShell, and MSI files to drop additional malware.
Read more![]()
Red Team Tool Used to Disrupt Endpoint Security Solutions
Researchers observed criminals using the red-team tool EDRSilencer in cyberattacks. This open-source tool, designed for penetration testing, can detect EDR processes and monitor, modify, or block their outbound network communications.
Read more
