Skip to Main Content

Resources

Providing you the latest industry-specific news and insights.

  • article

    FIN7 Return Drives Increase in Cl0p Ransomware Attacks

    FIN7 resumed operations in April 2024, fueling a rise in Cl0p ransomware attacks. Their partnership poses a heightened threat, using malvertising and trojans to target victims.

    Read more
  • article

    Malware Spotlight: Fog Ransomware

    The Fog ransomware group is one of the few threat actors targeting one industry: education. This spotlight explores the group’s observed behavior, background information on the threat actor, and a technical analysis of Fog’s ransomware executable.

    Read more
  • article

    Threat Actors Exploiting New ESXi Vulnerability

    Explore the critical need to secure your network from VMware ESXi vulnerabilities, such as CVE-2024-37085, exploited by ransomware groups. Learn best practices to protect your virtual environment and prevent unauthorized access.

    Read more
  • article

    Ransomware and Cloud Security

    Cloud infrastructures, seen as more secure than on-premise, face risks like cryptominers, DoS attacks, and extortion. Mr. Anazon, a threat actor, exploits these vulnerabilities, highlighting ongoing cloud security challenges.

    Read more
  • article

    Largest Data Breach of All Time (So Far)

    On July 4th, 2024, a threat actor posted nearly ten billion unique passwords to a dark web forum. This was the second large dump of passwords from the threat actor calling themselves ObamaCare on the forum.

    Read more
  • article

    Threat Actor Spotlight: BlackSuit Ransomware

    First observed by Arete in May 2023, BlackSuit ransomware is an emerging cyber threat targeting organizations across several sectors. This spotlight explores the ransomware behavior observed, incident response data, and technical analysis.

    Read more
  • article

    LockBit Claims to Have U.S. Federal Reserve Data 

    On June 25, LockBit claimed to have stolen 33 terabytes of data from the U.S. Federal Reserve. They posted 21 links with data from Evolve Bank & Trust, which was recently penalized for compliance issues.

    Read more
  • article

    Q1 2024 Crimeware Report

    Q1 2024 Crimeware Report uses data from Arete’s ransomware and extortion responses. It covers ransomware variant trends, ransom demands, impacts on infrastructure, and Q2 forecasts.

    Read more
  • article

    Scattered Spider Adapts to Evolving Threat Landscaped

    Delve into the dynamic threat landscape of cybersecurity with a comprehensive analysis of RansomHub and Scattered Spider's evolving tactics in ransomware and data theft. Learn how these groups adapt and pivot in response to disruptions.

    Read more
  • article

    RansomHub: An Emerging Ransomware-as-a-Service

    RansomHub has attacked over 75 victims, believed to be a rebrand of Knight ransomware. Exploiting Windows ZeroLogon, they target high-profile entities like Frontier, Christie's, and Change Healthcare. RansomHub aggressively monetizes its attacks.

    Read more
  • article

    Windows Native Ransomware – Encrypting with Bitlocker

    Bitlocker, a Windows app for full-volume encryption, is exploited by threat actors to encrypt files and demand ransom. Despite more advanced options, new actors like "Shrinklocker" still prefer Bitlocker for encryption.

    Read more
  • article

    Ransomware Realities: Additional Risks During the Crisis

    After a ransomware attack, restoring data and minimizing business disruption is crucial. It's also vital to address post-incident factors to ensure full recovery and prevent further security issues. Discover key strategies to mitigate threats.

    Read more