Skip to Main Content

Resources

Providing you the latest industry-specific news and insights.

  • article

    Endpoint Detection and Response: The Closest Thing to a Silver Bullet to Stop Ransomware

    By Paul Caron   In its recent report “Combating Ransomware,” the Ransomware Task Force says there’s no silver bullet to solving the ransomware challenge. Instead, the group touts a multi-pronged approach and provides an extensive list of…

    Read more
  • article

    PYSA: 2020 to Now

    BY ARETE CYBER THREAT INTELLIGENCE TEAM  PYSA is the newest variant of the Mespinoza Ransomware as a Service (RaaS) family, which was first observed infecting victims in the wild in December 2019. PYSA is likely a reference to the open-source web…

    Read more
  • article

    Avaddon Ransomware Hits AXA

    Avaddon ransomware allegedly attacked European insurance provider AXA shortly after the company announced that it will stop paying ransoms for its clients. Our analysis provides an in-depth look at Avaddon’s tactics and recommended mitigations.

    Read more
  • article

    Colonial Pipeline Breached by Darkside Ransomware Group

    On Saturday May 8, US Colonial Pipeline announced that they were victim of a ransomware attack that affected their network on Friday May 7. US Colonial Pipeline is said to be the largest fuel pipeline in the United States and the main source of…

    Read more
  • article

    The Hidden Costs of Cybercrime

    This year, the global cost of cybercrime is expected to hit $6 trillion.[i] Up from $3 trillion in 2015, it’s nothing short of a big, flourishing business whose operators are relentless innovators.

    Read more
  • article

    Black Kingdom Returns to Exploit Zero-Day Vulnerabilities in Unpatched Microsoft Exchange Servers

    Black Kingdom ransomware recently resurfaced to target a zero-day vulnerability in Microsoft Exchange servers.

    Read more
  • article

    Microsoft Exchange Server Zero Day Hack Insight

    On March 2, 2021, Microsoft disclosed and provided security updates for four [4] critical vulnerabilities — CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065 — impacting on-premises Microsoft Exchange Servers.

    Read more
  • article

    Don’t Drink from That! Gootloader Watering Hole Leads to REvil Attack

    REvil, more commonly referred to as Sodinokibi, is one of the most prolific ransomware threat groups currently active in the cyber extortion space. In the past year alone, Arete has responded to countless incidents where REvil has facilitated…

    Read more
  • article

    Egregor: The Ghost of Soviet Bears Past Haunts On

    Egregor ransomware, a sophisticated RaaS platform, uses data exfiltration and brazen negotiation tactics to target major sectors like manufacturing and retail and caters to experienced affiliates.

    Read more
  • article

    Cybersecurity Trends: What We Saw in 2020, What We Expect to See in 2021

    Where change seems a constant, perhaps the biggest and most surprising cybersecurity issue of 2020 was a lack of change. But before we get to that, let’s look at some other key cybersecurity trends. A CONTINUED RISE IN RANSOMWARE ATTACKS Kidnapping…

    Read more
  • article

    The Road Back: Recovery from a Malware Attack in the Long Term

    Arete Incident Response is currently answering the call of duty for about 60 companies per month who have experienced malware intrusions.  These are mostly ransomware or business email compromise attacks.  Arete’s primary goal is to restore what was…

    Read more
  • article

    Universal Encryption

    Ransomware variants like Ryuk, WastedLocker, and Dopplepaymer are also file level encryption. These groups will gain access to the network and perform reconnaissance to identify the victim, understand their business, identify critical sys­tems, and…

    Read more