Resources
Providing you the latest industry-specific news and insights.
Don’t Drink from That! Gootloader Watering Hole Leads to REvil Attack
REvil, more commonly referred to as Sodinokibi, is one of the most prolific ransomware threat groups currently active in the cyber extortion space. In the past year alone, Arete has responded to countless incidents where REvil has facilitated…
Read more![]()
Darkside Ransomware: Caviar Taste on Your Big-Game Budget
Explore Darkside ransomware, an operation utilizing sophisticated tactics to target high-revenue organizations. Arete's threat intelligence data reveals high ransom demands, extensive business downtime, and universal data exfiltration.
Read moreTop Tips to Improve Cybersecurity Today
By Kevin Baker When I work with clients, I mention a good many things they can do to improve their security. Sometimes I’ll advise on an area I think they need to understand about their company. Sometimes I’ll suggest implementing specific…
Read moreGood Europol Hunting: How Do You Like Them Apples, Emotet?
On January 27, 2021, Europol announced that it had led a coordinated takedown of the Emotet infrastructure in collaboration with law enforcement authorities in the Netherlands, Germany, the United States, the United Kingdom, France, Lithuania,…
Read moreCybersecurity Trends: What We Saw in 2020, What We Expect to See in 2021
Where change seems a constant, perhaps the biggest and most surprising cybersecurity issue of 2020 was a lack of change. But before we get to that, let’s look at some other key cybersecurity trends. A CONTINUED RISE IN RANSOMWARE ATTACKS Kidnapping…
Read more![]()
Egregor: The Ghost of Soviet Bears Past Haunts On
Egregor ransomware, a sophisticated RaaS platform, uses data exfiltration and brazen negotiation tactics to target major sectors like manufacturing and retail and caters to experienced affiliates.
Read more![]()
WastedLocker Ransomware Insights
WastedLocker is a new ransomware variant with encryption capabilities that some researchers believe to be linked to the sanctioned “Evil Corp” group. However, Arete's analysis determined that evidence of the connection is not conclusive.
Read moreThe Road Back: Recovery from a Malware Attack in the Long Term
Arete Incident Response is currently answering the call of duty for about 60 companies per month who have experienced malware intrusions. These are mostly ransomware or business email compromise attacks. Arete’s primary goal is to restore what was…
Read moreRansomware Decryptors for a (varying) fee
Ransomware attacks wreak havoc on business operations. Destroying recovery options, instilling fear and panic, and most often creating high levels of stress for IT staff, owners, and operators. A simple, but often costly fix is to just pay the…
Read moreNo One Is Immune to Cyberattacks
On December 8, 2020, the New York Times reported that FireEye (NASDAQ:FEYE) was hacked. Moments later, almost every major news outlet, security blogger, U.S. government agency, and security company released additional articles and opinions on the…
Read moreAnti-virus or AI driven Endpoint Protection?
Stephen Ramey Arete investigates a lot of ransomware attacks. In fact, 90% of our business is helping organizations big and small, recover from and investigate ransomware attacks. Variants like Maze, Sodinokibi, WastedLocker, Ryuk,…
Read moreSodinokibi Labels Keys with “Black Lives Matter”
OVERVIEW Since January 2020, the Arete IR practice has responded to forty-one (41) Sodinokibi engagements. The industry has seen two big changes with Sodinokibi/REvil from their shift to exfiltrating data as of January 2020, and more, recently with…
Read more
