Resources
Providing you the latest industry-specific news and insights.
![]()
ALPHV/BlackCat Disruption: Operations Resume
Despite law enforcement’s disruption to ALPHV/BlackCat’s infrastructure in December 2023, the group has since resumed operations.
Read more
Law Enforcement Actions Leave ALPHV/BlackCat Scrambling to Salvage Operations
Through a coordinated law enforcement effort spearheaded by the FBI, ALPHV/BlackCat infrastructure was disrupted on December 7, 2023, in an operation publicly announced on December 19, 2023.
Read more![]()
ALPHV/BlackCat Ransomware Group Claims Responsibility for MGM Resorts Attack
Global hotel and entertainment company MGM Resorts recently experienced a cyberattack that caused computer outages at locations nationwide and interrupted the operation of slot machines, ATMs, hotel room keys, and payment systems.
Read more![]()
Fool Us Once … BlackMatter Initial Access Tactics Point to a Possible REvil Association
Arete observed an overlap between a recent BlackMatter case and a Q1 2021 REvil case.
Read more![]()
The Hidden Costs of Cybercrime
This year, the global cost of cybercrime is expected to hit $6 trillion.[i] Up from $3 trillion in 2015, it’s nothing short of a big, flourishing business whose operators are relentless innovators.
Read moreGood Europol Hunting: How Do You Like Them Apples, Emotet?
On January 27, 2021, Europol announced that it had led a coordinated takedown of the Emotet infrastructure in collaboration with law enforcement authorities in the Netherlands, Germany, the United States, the United Kingdom, France, Lithuania,…
Read more![]()
Egregor: The Ghost of Soviet Bears Past Haunts On
Egregor ransomware, a sophisticated RaaS platform, uses data exfiltration and brazen negotiation tactics to target major sectors like manufacturing and retail and caters to experienced affiliates.
Read moreSodinokibi Labels Keys with “Black Lives Matter”
OVERVIEW Since January 2020, the Arete IR practice has responded to forty-one (41) Sodinokibi engagements. The industry has seen two big changes with Sodinokibi/REvil from their shift to exfiltrating data as of January 2020, and more, recently with…
Read moreUS Government Alerts of Imminent Attacks Against the Healthcare Sector by Trickbot Group
EXECUTIVE SUMMARY Last week, the Cybersecurity and Infrastructure Security Agency (CISA) in collaboration with the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS) released the following alert: AA20-302A…
Read moreMonero- Overview & Quick Facts
OVERVIEW Recently, the threat group behind Sodinokibi ransomware publicly announced the switch from Bitcoin to accepting only Monero payments. The switch was motivated largely by the fact that Monero is inherently more difficult for law…
Read more![]()
Recent Sanctions Reveal LockBit and Evil Corp Links
The US Department of the Treasury’s Office of Foreign Assets Control sanctioned seven individuals for their association with the Evil Corp cybercriminal group.
Read more![]()
Red Team Tool Used to Disrupt Endpoint Security Solutions
Researchers observed criminals using the red-team tool EDRSilencer in cyberattacks. This open-source tool, designed for penetration testing, can detect EDR processes and monitor, modify, or block their outbound network communications.
Read more
