Resources
Providing you the latest industry-specific news and insights.
- article
The Role of Space Systems in the U.S. Cybersecurity Strategy
The rising frequency and sophistication of cyber threats from state and non-state actors presents significant risk to U.S. national security and commerce.
Read more - article
Avaddon Ransomware Hits AXA
BY ARETE CYBER THREAT INTELLIGENCE TEAM EXECUTIVE SUMMARY From September 2020 to May 2021, the Arete Incident Response (IR) practice responded to nine Avaddon ransomware engagements across varying industry sectors, including the professional…
Read more - article
Colonial Pipeline Breached by Darkside Ransomware Group
On Saturday May 8, US Colonial Pipeline announced that they were victim of a ransomware attack that affected their network on Friday May 7. US Colonial Pipeline is said to be the largest fuel pipeline in the United States and the main source of…
Read more - article
Codecov Bash Uploader Supply Chain Attack
By Arete Cyber Threat Intelligence Team EXECUTIVE SUMMARY On April 15, Codecov announced a compromise to its Bash Uploader (a software application used in some of its products), whereby a threat actor was able to send sensitive information from…
Read more - article
Don’t Drink from That! Gootloader Watering Hole Leads to REvil Attack
By Arete Forensics Team REvil, more commonly referred to as Sodinokibi, is one of the most prolific ransomware threat groups currently active in the cyber extortion space. In the past year alone, Arete has responded to countless incidents where…
Read more - article
Darkside Ransomware: Caviar Taste on Your Big-Game Budget
By Arete Cyber Threat Intelligence Team EXECUTIVE SUMMARY By all appearances, the proprietors of Darkside ransomware mean business. Big business. With their sights set on organizations with US$4M+ in revenue, they’re all about high-value,…
Read more - article
Good Europol Hunting: How Do You Like Them Apples, Emotet?
On January 27, 2021, Europol announced that it had led a coordinated takedown of the Emotet infrastructure in collaboration with law enforcement authorities in the Netherlands, Germany, the United States, the United Kingdom, France, Lithuania,…
Read more - article
Egregor: The Ghost of Soviet Bears Past Haunts On
By Adam Brown and Harold Rodriguez, Arete Cyber Threat Intelligence Team Ransomware variants come. Ransomware variants go. And while Egregor may have only recently surfaced, it is by no means a fly-by-night operation. In fact, one could argue that…
Read more - article
Sodinokibi Labels Keys with “Black Lives Matter”
OVERVIEW Since January 2020, the Arete IR practice has responded to forty-one (41) Sodinokibi engagements. The industry has seen two big changes with Sodinokibi/REvil from their shift to exfiltrating data as of January 2020, and more, recently with…
Read more - article
AKO Ransomware – Analysis
EXECUTIVE SUMMARY Since January 2020, Arete’s incident response (IR) team has responded to various AKO ransomware engagements. Recently, we have encountered these specific attacks against the Finance, Healthcare, and Manufacturing sectors. This…
Read more - article
US Government Alerts of Imminent Attacks Against the Healthcare Sector by Trickbot Group
EXECUTIVE SUMMARY Last week, the Cybersecurity and Infrastructure Security Agency (CISA) in collaboration with the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS) released the following alert: AA20-302A…
Read more - article
DasH into the Future of Cybercrime
We are seeing a trend where threat actors, who historically would have gained unauthorized access to a firms’ network to propagate ransomware, have shifted to DasH.
Read more