Resources
Providing you the latest industry-specific news and insights.
![]()
ALPHV/BlackCat Seemingly Returns to Business as Usual
Despite law enforcement’s disruption to ALPHV/BlackCat’s infrastructure in December 2023, the group has since resumed operations.
Read more![]()
What To Do When A Hacker Encrypts Your Data
What should your first step be when a hacker cracks your system? Evgueni Erchov, Arete's head of security research & strategy shares insight with Risk & Insrance's Autumn Demberger.
Read more![]()
Cybersecurity in the Age of Ransomware. It’s More Than Simply Having Insurance.
In many ways, cybersecurity insurance is not so different from car or home insurance.
Read more
Surtr Ransomware Pays Tribute to REvil
Executive Summary In February 2022, Arete investigated a Surtr ransomware incident where the ransomware author(s) paid tribute to the now defunct REvil (aka Sodinokibi) group by making a registry key change to the infected host. REvil was…
Read more![]()
Fool Us Once … BlackMatter Initial Access Tactics Point to a Possible REvil Association
Arete observed an overlap between a recent BlackMatter case and a Q1 2021 REvil case.
Read morePYSA: 2020 to Now
BY ARETE CYBER THREAT INTELLIGENCE TEAM PYSA is the newest variant of the Mespinoza Ransomware as a Service (RaaS) family, which was first observed infecting victims in the wild in December 2019. PYSA is likely a reference to the open-source web…
Read moreEndpoint Detection and Response: The Closest Thing to a Silver Bullet to Stop Ransomware
By Paul Caron In its recent report “Combating Ransomware,” the Ransomware Task Force says there’s no silver bullet to solving the ransomware challenge. Instead, the group touts a multi-pronged approach and provides an extensive list of…
Read moreAvaddon Ransomware Hits AXA
BY ARETE CYBER THREAT INTELLIGENCE TEAM EXECUTIVE SUMMARY From September 2020 to May 2021, the Arete Incident Response (IR) practice responded to nine Avaddon ransomware engagements across varying industry sectors, including the professional…
Read moreColonial Pipeline Breached by Darkside Ransomware Group
On Saturday May 8, US Colonial Pipeline announced that they were victim of a ransomware attack that affected their network on Friday May 7. US Colonial Pipeline is said to be the largest fuel pipeline in the United States and the main source of…
Read more![]()
The Hidden Costs of Cybercrime
This year, the global cost of cybercrime is expected to hit $6 trillion.[i] Up from $3 trillion in 2015, it’s nothing short of a big, flourishing business whose operators are relentless innovators.
Read more![]()
DasH into the Future of Cybercrime
We are seeing a trend where threat actors, who historically would have gained unauthorized access to a firms’ network to propagate ransomware, have shifted to DasH.
Read moreBlack Kingdom Returns to Exploit Zero-Day Vulnerabilities in Unpatched Microsoft Exchange Servers
By Steve Ramey You know what’s fun about zero-day exploits? Nothing, especially when ransomware is involved. Earlier this month, Microsoft released a statement notifying the public of a zero-day exploit that affected its on-premises Exchange…
Read more
