Skip to Main Content

Our Insights

Providing you the latest industry-specific news and insights.

  • article

    Six Decrees of Kevin Baker: Top Tips to Improve Cybersecurity Today

    When I work with clients, I mention a good many things they can do to improve their security. Sometimes I’ll advise on an area I think they need to understand about their company. Sometimes I’ll suggest implementing specific security controls. Some…

    Read more
  • article

    Good Europol Hunting: How Do You Like Them Apples, Emotet?

    On January 27, 2021, Europol announced that it had led a coordinated takedown of the Emotet infrastructure in collaboration with law enforcement authorities in the Netherlands, Germany, the United States, the United Kingdom, France, Lithuania,…

    Read more
  • article

    Cybersecurity Trends: What We Saw in 2020, What We Expect to See in 2021

    Where change seems a constant, perhaps the biggest and most surprising cybersecurity issue of 2020 was a lack of change. But before we get to that, let’s look at some other key cybersecurity trends. A CONTINUED RISE IN RANSOMWARE ATTACKS Kidnapping…

    Read more
  • article

    Egregor: The Ghost of Soviet Bears Past Haunts On

    By Adam Brown and Harold Rodriguez, Arete Cyber Threat Intelligence Team Ransomware variants come. Ransomware variants go. And while Egregor may have only recently surfaced, it is by no means a fly-by-night operation. In fact, one could argue that…

    Read more
  • article

    Dear Ramey: On Prosecuting Cybercriminals

    ANSWERING BURNING QUESTIONS FROM VICTIMS OF CYBER EVENTS DEAR RAMEY: I’ve read a lot about the recent events in cybersecurity involving supply chain breaches, ransomware attacks, and theft of sensitive information from both large and small…

    Read more
  • article

    WastedLocker Ransomware Insights

    BACKGROUND On the December 5th, 2019 the U.S. Department of Justice announced indictments against 17 individuals including 2 Russian nationals Maksim Yakubets and Igor Turashev that were the primary ring-leaders of the Russian hacking group known as…

    Read more
  • article

    The Road Back: Recovery from a Malware Attack in the Long Term

    Arete Incident Response is currently answering the call of duty for about 60 companies per month who have experienced malware intrusions.  These are mostly ransomware or business email compromise attacks.  Arete’s primary goal is to restore what was…

    Read more
  • article

    Ransomware Decryptors for a (varying) fee

    Ransomware attacks wreak havoc on business operations. Destroying recovery options, instill­ing fear and panic, and most often creating high levels of stress for IT staff, owners, and operators. A simple, but often costly fix is to just pay the…

    Read more
  • article

    No One Is Immune to Cyberattacks

    On December 8, 2020, the New York Times reported that FireEye (NASDAQ:FEYE) was hacked. Moments later, almost every major news outlet, security blogger, U.S. government  agency,  and security company released additional articles and opinions on the…

    Read more
  • article

    Anti-virus or AI driven Endpoint Protection?

    Stephen Ramey Arete investigates a lot of ransomware attacks. In fact, 90% of our business is helping organizations big and small, recover from and investigate ransomware attacks. Variants like Maze, Sodinokibi, WastedLocker, Ryuk,…

    Read more
  • article

    Sodinokibi Labels Keys with “Black Lives Matter”

    OVERVIEW Since January 2020, the Arete IR practice has responded to forty-one (41) Sodinokibi engagements.  The industry has seen two big changes with Sodinokibi/REvil from their shift to exfiltrating data as of January 2020, and more, recently with…

    Read more
  • article

    US Government Alerts of Imminent Attacks Against the Healthcare Sector by Trickbot Group

    EXECUTIVE SUMMARY Last week,  the Cybersecurity and Infrastructure Security Agency (CISA) in collaboration with the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS) released the following alert: AA20-302A…

    Read more