Skip to Main Content

Resources

Providing you the latest industry-specific news and insights.

  • article

    Scattered Spider Adapts to Evolving Threat Landscaped

    Delve into the dynamic threat landscape of cybersecurity with a comprehensive analysis of RansomHub and Scattered Spider's evolving tactics in ransomware and data theft. Learn how these groups adapt and pivot in response to disruptions.

    Read more
  • article

    Windows Native Ransomware – Encrypting with Bitlocker

    Bitlocker, a Windows app for full-volume encryption, is exploited by threat actors to encrypt files and demand ransom. Despite more advanced options, new actors like "Shrinklocker" still prefer Bitlocker for encryption.

    Read more
  • article

    Ransomware Realities: Additional Risks During the Crisis

    After a ransomware attack, restoring data and minimizing business disruption is crucial. It's also vital to address post-incident factors to ensure full recovery and prevent further security issues. Discover key strategies to mitigate threats.

    Read more
  • article

    The Role of Space Systems in the U.S. Cybersecurity Strategy

    The rising frequency and sophistication of cyber threats from state and non-state actors presents significant risk to U.S. national security and commerce.

    Read more
  • report

    Observations on New Trigona Ransomware

    Arete research reveals new information about the emerging threat of Trigona ransomware.

    Read more
  • report

    Financial Services Sector Ransomware Highlights

    In this report, we will dive deeper into the financial services sector, which represents 4.7% of all events in our observation period—from May 2019 through May 2022.

    Read more
  • article

    Avaddon Ransomware Hits AXA

    BY ARETE CYBER THREAT INTELLIGENCE TEAM  EXECUTIVE SUMMARY From September 2020 to May 2021, the Arete Incident Response (IR) practice responded to nine Avaddon ransomware engagements across varying industry sectors, including the professional…

    Read more
  • article

    Colonial Pipeline Breached by Darkside Ransomware Group

    On Saturday May 8, US Colonial Pipeline announced that they were victim of a ransomware attack that affected their network on Friday May 7. US Colonial Pipeline is said to be the largest fuel pipeline in the United States and the main source of…

    Read more
  • report

    Healthcare Company Takes Proactive Measures to Improve Security Maturity

    A CIO saw a cyber incident as an opportunity to measure and get a baseline of the company's cyber hygiene and devise a plan for hardening infrastructure and reaching a higher level of security maturity.

    Read more
  • article

    Codecov Bash Uploader Supply Chain Attack

    By Arete Cyber Threat Intelligence Team EXECUTIVE SUMMARY  On April 15, Codecov announced a compromise to its Bash Uploader (a software application used in some of its products), whereby a threat actor was able to send sensitive information from…

    Read more
  • article

    Black Kingdom Returns to Exploit Zero-Day Vulnerabilities in Unpatched Microsoft Exchange Servers

    By Steve Ramey You know what’s fun about zero-day exploits? Nothing, especially when ransomware is involved. Earlier this month, Microsoft released a statement notifying the public of a zero-day exploit that affected its on-premises Exchange…

    Read more
  • article

    Don’t Drink from That! Gootloader Watering Hole Leads to REvil Attack

    REvil, more commonly referred to as Sodinokibi, is one of the most prolific ransomware threat groups currently active in the cyber extortion space. In the past year alone, Arete has responded to countless incidents where REvil has facilitated…

    Read more