Resources
Providing you the latest industry-specific news and insights.
Good Europol Hunting: How Do You Like Them Apples, Emotet?
On January 27, 2021, Europol announced that it had led a coordinated takedown of the Emotet infrastructure in collaboration with law enforcement authorities in the Netherlands, Germany, the United States, the United Kingdom, France, Lithuania,…
Read more![]()
Egregor: The Ghost of Soviet Bears Past Haunts On
Egregor ransomware, a sophisticated RaaS platform, uses data exfiltration and brazen negotiation tactics to target major sectors like manufacturing and retail and caters to experienced affiliates.
Read more![]()
WastedLocker Ransomware Insights
WastedLocker is a new ransomware variant with encryption capabilities that some researchers believe to be linked to the sanctioned “Evil Corp” group. However, Arete's analysis determined that evidence of the connection is not conclusive.
Read moreSodinokibi Labels Keys with “Black Lives Matter”
OVERVIEW Since January 2020, the Arete IR practice has responded to forty-one (41) Sodinokibi engagements. The industry has seen two big changes with Sodinokibi/REvil from their shift to exfiltrating data as of January 2020, and more, recently with…
Read more![]()
AKO Ransomware – Analysis
Dive into AKO ransomware's methods and impact, including its unique data encryption and extortion techniques. This analysis provides an in-depth look at AKO’s rise and the challenges it presents for organizations and security professionals.
Read moreUS Government Alerts of Imminent Attacks Against the Healthcare Sector by Trickbot Group
EXECUTIVE SUMMARY Last week, the Cybersecurity and Infrastructure Security Agency (CISA) in collaboration with the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS) released the following alert: AA20-302A…
Read more![]()
Conti Ransomware is the New Ryuk?
Based on forensic analysis, Arete’s Threat Intelligence team observed that Conti ransomware could be a rebrand of Ryuk ransomware, as both variants have similar tactics, including leveraging the TrickBot banking trojan to deploy ransomware.
Read more![]()
Black Basta Leverages New Social Engineering Technique
Black Basta, a ransomware group active since at least April 2022, is deploying a new social engineering tactic using Microsoft Teams in an active campaign.
Read more![]()
Interlock: An Emerging Ransomware Threat
An analysis of the Interlock ransomware group, their tactics, and their impact across various industries.
Read more![]()
Threat Actors Attempting to Sell Data While Extorting Victims
Discover how cyber threat actors like "wonder" and "M0riarty" monetize stolen data through BreachForums and ransomware tactics.
Read more
