Resources
Providing you the latest industry-specific news and insights.
![]()
Darkside Ransomware: Caviar Taste on Your Big-Game Budget
Explore Darkside ransomware, an operation utilizing sophisticated tactics to target high-revenue organizations. Arete's threat intelligence data reveals high ransom demands, extensive business downtime, and universal data exfiltration.
Read more
Good Europol Hunting: How Do You Like Them Apples, Emotet?
On January 27, 2021, Europol announced that it had led a coordinated takedown of the Emotet infrastructure in collaboration with law enforcement authorities in the Netherlands, Germany, the United States, the United Kingdom, France, Lithuania,…
Read more![]()
Egregor: The Ghost of Soviet Bears Past Haunts On
Egregor ransomware, a sophisticated RaaS platform, uses data exfiltration and brazen negotiation tactics to target major sectors like manufacturing and retail and caters to experienced affiliates.
Read more![]()
WastedLocker Ransomware Insights
WastedLocker is a new ransomware variant with encryption capabilities that some researchers believe to be linked to the sanctioned “Evil Corp” group. However, Arete's analysis determined that evidence of the connection is not conclusive.
Read moreSodinokibi Labels Keys with “Black Lives Matter”
OVERVIEW Since January 2020, the Arete IR practice has responded to forty-one (41) Sodinokibi engagements. The industry has seen two big changes with Sodinokibi/REvil from their shift to exfiltrating data as of January 2020, and more, recently with…
Read more![]()
AKO Ransomware – Analysis
Dive into AKO ransomware's methods and impact, including its unique data encryption and extortion techniques. This analysis provides an in-depth look at AKO’s rise and the challenges it presents for organizations and security professionals.
Read moreUS Government Alerts of Imminent Attacks Against the Healthcare Sector by Trickbot Group
EXECUTIVE SUMMARY Last week, the Cybersecurity and Infrastructure Security Agency (CISA) in collaboration with the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS) released the following alert: AA20-302A…
Read more![]()
Conti Ransomware is the New Ryuk?
Based on forensic analysis, Arete’s Threat Intelligence team observed that Conti ransomware could be a rebrand of Ryuk ransomware, as both variants have similar tactics, including leveraging the TrickBot banking trojan to deploy ransomware.
Read more![]()
AI Deep Dive Part 3: Understanding Biases & How Threat Actors Use AI
Protect your data from AI risks. Learn how to safeguard sensitive information, manage AI inputs, and store data securely.
Read more![]()
RansomHub Leverages New “Betruger” Backdoor
Betruger is a custom backdoor used in RansomHub ransomware attacks. It streamlines hacking with built-in tools for keylogging, C2 uploads, and privilege escalation.
Read more![]()
Browser Threats Evolve to Distribute Malware Through OneDrive and Microsoft Teams
Threat actors use a new browser cache smuggling technique to inject malware via OneDrive and Teams, bypassing EDR with DLL proxying and social engineering.
Read more
