Our Insights
Providing you the latest industry-specific news and insights.
![]()
What To Do When A Hacker Encrypts Your Data
What should your first step be when a hacker cracks your system? Evgueni Erchov, Arete's head of security research & strategy shares insight with Risk & Insrance's Autumn Demberger.
Read more
Surtr Ransomware Pays Tribute to REvil
Executive Summary In February 2022, Arete investigated a Surtr ransomware incident where the ransomware author(s) paid tribute to the now defunct REvil (aka Sodinokibi) group by making a registry key change to the infected host. REvil was…
Read moreDear Ramey: Missteps During an Incident Response Investigation Can Further Complicate Recovery
DEAR RAMEY: MISSTEPS DURING AN INCIDENT RESPONSE INVESTIGATION CAN FURTHER COMPLICATE RECOVERY Answering burning questions from victims of cyber events DEAR RAMEY: What can go wrong during an incident investigation? – Murphy L DEAR…
Read moreDear Ramey: Five Ways to Maximize Your Security Budget in 2022
ANSWERING BURNING QUESTIONS FROM VICTIMS OF CYBER EVENTS DEAR RAMEY: Happy New Year! Our organization made it through the holiday season without a security event. While we were probably one of the few, we’d like to build up our defenses and carry…
Read moreCybersecurity in the Age of Ransomware. It’s More Than Simply Having Insurance.
BY KEVIN BAKER In many ways, cybersecurity insurance is not so different from car or home insurance. In short, it’s a way to transfer risk. If a cyber incident occurs, insurance can help organizations gain a level of mitigating control and…
Read moreNo Deal Is Worth Identity Theft: Ways to Prepare for Secure Holiday Shopping
By Kevin Baker The holidays are upon us and with them often comes a mad rush to “Act now!” to score the best online deals “before it’s too late!” Unfortunately, competitive, hurried Black Friday-type shopping can translate to distracted shopping,…
Read moreDear Ramey: Security Awareness Must Be Continual Awareness
ANSWERING BURNING QUESTIONS FROM VICTIMS OF CYBER EVENTS. DEAR RAMEY: Last year during the holidays, I remember seeing a lot of articles about breaches. As we move towards this holiday season, should we expect the same? What can we do to protect…
Read moreDear Ramey: Company Boards Bring Security to the Forefront
ANSWERING BURNING QUESTIONS FROM VICTIMS OF CYBER EVENTS. DEAR RAMEY: Our board’s top priority is cybersecurity. We have a large information security organization led by a chief information security officer (CISO) and we’ve also sponsored…
Read moreSIEM vs. XDR: Advances in Security Monitoring and Cyber Defense
BY RAE JEWELL The cybersecurity industry is chockfull of jargon, abbreviations, and acronyms. So much so that it can often be difficult to decide which tools may provide the best protection for your company. To help, we’d like to clarify some terms…
Read moreDear Ramey: Watering Hole Attacks Explained
ANSWERING BURNING QUESTIONS FROM VICTIMS OF CYBER EVENTS. DEAR RAMEY: I heard this phrase “watering hole attack.” I understand the concept of a phishing email but how is a watering hole attack different? – Safari Sam DEAR SAFARI SAM: Even…
Read moreFool Us Once … BlackMatter Initial Access Tactics Point to a Possible REvil Association
BY CYBER THREAT INTELLIGENCE TEAM Arete observed an overlap between a recent BlackMatter case and a Q1 2021 REvil case. In both instances, the actors leveraged the NodeJS-based Gootloader to deliver a CobaltStrike payload. In a March 2021 insight,…
Read morePYSA: 2020 to Now
BY ARETE CYBER THREAT INTELLIGENCE TEAM PYSA is the newest variant of the Mespinoza Ransomware as a Service (RaaS) family, which was first observed infecting victims in the wild in December 2019. PYSA is likely a reference to the open-source web…
Read more
