Skip to Main Content

Resources

Providing you the latest industry-specific news and insights.

  • article

    Threat Actors Attempting to Sell Data While Extorting Victims

    Discover how cyber threat actors like "wonder" and "M0riarty" monetize stolen data through BreachForums and ransomware tactics.

    Read more
  • article

    Interlock: An Emerging Ransomware Threat

    An analysis of the Interlock ransomware group, their tactics, and their impact across various industries.

    Read more
  • article

    Malware Spotlight: Akira Ransomware

    Arete has responded to over one hundred incidents attributed to the Akira ransomware group. This spotlight explores Akira’s observed behavior, statistics from Incident Response engagements, and a technical analysis of Akira’s ransomware executable.

    Read more
  • article

    Black Basta Leverages New Social Engineering Technique

    Black Basta, a ransomware group active since at least April 2022, is deploying a new social engineering tactic using Microsoft Teams in an active campaign.

    Read more
  • article

    The Return of Bumblebee Loader

    After its disruption in May 2024, Bumblebee is back in the cyber ecosystem, using a new infection chain with LNK, PowerShell, and MSI files to drop additional malware.

    Read more
  • article

    Red Team Tool Used to Disrupt Endpoint Security Solutions

    Researchers observed criminals using the red-team tool EDRSilencer in cyberattacks. This open-source tool, designed for penetration testing, can detect EDR processes and monitor, modify, or block their outbound network communications.

    Read more
  • article

    Recent Sanctions Reveal LockBit and Evil Corp Links

    The US Department of the Treasury’s Office of Foreign Assets Control sanctioned seven individuals for their association with the Evil Corp cybercriminal group.

    Read more
  • article

    Telegram Changes Privacy Policy

    Telegram – the instant messaging platform popular with ransomware groups and cybercriminals because of its user privacy features – recently updated its privacy policy in an effort to discourage criminals from abusing the platform.

    Read more
  • article

    Rhysida Using Oyster Backdoor in Attacks

    The Rhysida ransomware group has been using the Oyster backdoor in attacks, leveraging fake websites to trick users into downloading malicious software.

    Read more
  • article

    New Group Emerges with Similarities to ALPHV/BlackCat

    Cicada3301, a new RaaS group, emerged in June 2024. Using double extortion, they target Windows and Linux/VMware ESXi systems, posting victims on their dark website. Their methods show strong similarities to ALPHV/BlackCat ransomware.

    Read more
  • article

    Iranian Hackers Working with Ransomware Groups

    An Iranian threat group linked to the GOI collaborates with ransomware affiliates, aiding network access and extortion for a ransom share.

    Read more
  • article

    Automotive Industry Faces Increased Cyberattacks 

    Recent ransomware attacks have severely impacted the automotive industry, disrupting car and parts availability, dealership operations, and global economies.

    Read more