Resources
Providing you the latest industry-specific news and insights.
![]()
Q1 2024 Crimeware Report
Q1 2024 Crimeware Report uses data from Arete’s ransomware and extortion responses. It covers ransomware variant trends, ransom demands, impacts on infrastructure, and Q2 forecasts.
Read more![]()
Threat Actor Spotlight: BlackSuit Ransomware
First observed by Arete in May 2023, BlackSuit ransomware is an emerging cyber threat targeting organizations across several sectors. This spotlight explores the ransomware behavior observed, incident response data, and technical analysis.
Read more![]()
Scattered Spider Adapts to Evolving Threat Landscaped
Delve into the dynamic threat landscape of cybersecurity with a comprehensive analysis of RansomHub and Scattered Spider's evolving tactics in ransomware and data theft. Learn how these groups adapt and pivot in response to disruptions.
Read more![]()
Windows Native Ransomware – Encrypting with Bitlocker
Bitlocker, a Windows app for full-volume encryption, is exploited by threat actors to encrypt files and demand ransom. Despite more advanced options, new actors like "Shrinklocker" still prefer Bitlocker for encryption.
Read more![]()
Ransomware Realities: Additional Risks During the Crisis
After a ransomware attack, restoring data and minimizing business disruption is crucial. It's also vital to address post-incident factors to ensure full recovery and prevent further security issues. Discover key strategies to mitigate threats.
Read more
The Role of Space Systems in the U.S. Cybersecurity Strategy
The rising frequency and sophistication of cyber threats from state and non-state actors presents significant risk to U.S. national security and commerce.
Read more![]()
Avaddon Ransomware Hits AXA
Avaddon ransomware allegedly attacked European insurance provider AXA shortly after the company announced that it will stop paying ransoms for its clients. Our analysis provides an in-depth look at Avaddon’s tactics and recommended mitigations.
Read moreColonial Pipeline Breached by Darkside Ransomware Group
On Saturday May 8, US Colonial Pipeline announced that they were victim of a ransomware attack that affected their network on Friday May 7. US Colonial Pipeline is said to be the largest fuel pipeline in the United States and the main source of…
Read moreCodecov Bash Uploader Supply Chain Attack
By Arete Cyber Threat Intelligence Team EXECUTIVE SUMMARY On April 15, Codecov announced a compromise to its Bash Uploader (a software application used in some of its products), whereby a threat actor was able to send sensitive information from…
Read more![]()
Black Kingdom Returns to Exploit Zero-Day Vulnerabilities in Unpatched Microsoft Exchange Servers
Black Kingdom ransomware recently resurfaced to target a zero-day vulnerability in Microsoft Exchange servers.
Read moreDon’t Drink from That! Gootloader Watering Hole Leads to REvil Attack
REvil, more commonly referred to as Sodinokibi, is one of the most prolific ransomware threat groups currently active in the cyber extortion space. In the past year alone, Arete has responded to countless incidents where REvil has facilitated…
Read more![]()
Darkside Ransomware: Caviar Taste on Your Big-Game Budget
Explore Darkside ransomware, an operation utilizing sophisticated tactics to target high-revenue organizations. Arete's threat intelligence data reveals high ransom demands, extensive business downtime, and universal data exfiltration.
Read more
