Resources
Providing you the latest industry-specific news and insights.
![]()
Malware Spotlight: Akira Ransomware
Arete has responded to over one hundred incidents attributed to the Akira ransomware group. This spotlight explores Akira’s observed behavior, statistics from Incident Response engagements, and a technical analysis of Akira’s ransomware executable.
Read more![]()
Recent Sanctions Reveal LockBit and Evil Corp Links
The US Department of the Treasury’s Office of Foreign Assets Control sanctioned seven individuals for their association with the Evil Corp cybercriminal group.
Read more![]()
Cracking Down on Cybercrime: Law Enforcement Actions and Evolving Methods
In this episode of Bytes of Insight, hosts Vinny Sakore and Evgueni Erchov explore recent law enforcement actions against cybercriminals, the evolution of methods used to pressure cybercriminals, and the value of collaboration with cybersecurity organizations. The discussion highlights key trends Arete has observed across the threat landscape, with insights drawn from our H1 2024 Crimeware Report.
Read more![]()
Automotive Industry Faces Increased Cyberattacks
Recent ransomware attacks have severely impacted the automotive industry, disrupting car and parts availability, dealership operations, and global economies.
Read more![]()
Unmasking Fog: Ransomware Threats in K-12 Education, Part 2
Welcome to Bytes of Insight by Arete. Today, Harold Rodriguez from Arete's Threat Research Team dives into the education sector and FOG ransomware, sharing insights on reverse engineering malware and innovative defenses against ransomware attacks.
Read more![]()
FIN7 Return Drives Increase in Cl0p Ransomware Attacks
FIN7 resumed operations in April 2024, fueling a rise in Cl0p ransomware attacks. Their partnership poses a heightened threat, using malvertising and trojans to target victims.
Read more![]()
Malware Spotlight: Fog Ransomware
The Fog ransomware group is one of the few threat actors targeting one industry: education. This spotlight explores the group’s observed behavior, background information on the threat actor, and a technical analysis of Fog’s ransomware executable.
Read more![]()
Threat Actors Exploiting New ESXi Vulnerability
Explore the critical need to secure your network from VMware ESXi vulnerabilities, such as CVE-2024-37085, exploited by ransomware groups. Learn best practices to protect your virtual environment and prevent unauthorized access.
Read more![]()
RansomHub: An Emerging Ransomware-as-a-Service
RansomHub has attacked over 75 victims, believed to be a rebrand of Knight ransomware. Exploiting Windows ZeroLogon, they target high-profile entities like Frontier, Christie's, and Change Healthcare. RansomHub aggressively monetizes its attacks.
Read more![]()
2023 Annual Crimeware Report
Leveraging data collected during incident response engagements, this report follows the rise and fall of ransomware variants, notable trends in ransom demands and payments, industries targeted by ransomware attacks, and what may be coming next.
Read more![]()
ALPHV/BlackCat Disruption: Operations Resume
Despite law enforcement’s disruption to ALPHV/BlackCat’s infrastructure in December 2023, the group has since resumed operations.
Read more
Law Enforcement Actions Leave ALPHV/BlackCat Scrambling to Salvage Operations
Through a coordinated law enforcement effort spearheaded by the FBI, ALPHV/BlackCat infrastructure was disrupted on December 7, 2023, in an operation publicly announced on December 19, 2023.
Read more
