Skip to Main Content

Our Insights

Providing you the latest industry-specific news and insights.

  • article

    What To Do When A Hacker Encrypts Your Data

    What should your first step be when a hacker cracks your system? Evgueni Erchov, Arete's head of security research & strategy shares insight with Risk & Insrance's Autumn Demberger.

    Read more
  • webinar

    What Really Happens When You Negotiate with a Hacker: An Insider’s View

    What Really Happens When You Negotiate with a Hacker: An Insider's View Thursday, June 09, 2022 at 09:00 AM EDT

    Read more
  • report

    Mitigating Ransomware’s Impact – Investigative Cybercrime Series: Vol 1

    If you have any stake at all in reducing risk posed by ransomware, you’re probably getting excited about hard data from the frontlines. Spoiler alert: there’s some good news ahead. What are we waiting for?!

    Read more
  • article

    Surtr Ransomware Pays Tribute to REvil

    Executive Summary In February 2022, Arete investigated a Surtr ransomware incident where the ransomware author(s) paid tribute to the now defunct REvil (aka Sodinokibi) group by making a registry key change to the infected host. REvil was…

    Read more
  • report

    2021 Annual Crimeware Report: From Tailwinds to Headwinds

    Community and government action helps shift the course of ransomware.

    Read more
  • article

    Cybersecurity in the Age of Ransomware. It’s More Than Simply Having Insurance.

    BY KEVIN BAKER  In many ways, cybersecurity insurance is not so different from car or home insurance. In short, it’s a way to transfer risk. If a cyber incident occurs, insurance can help organizations gain a level of mitigating control and…

    Read more
  • report

    Q3 2021 Crimeware Report: For Every Action, There Is an Equal and Opposite Reaction

    Cybercrime is in a constant state of evolution and revolution, and threat actors are reacting to the actions of their targets as governments and law enforcement agencies seek to protect those targets.

    Read more
  • article

    Fool Us Once … BlackMatter Initial Access Tactics Point to a Possible REvil Association

    BY CYBER THREAT INTELLIGENCE TEAM Arete observed an overlap between a recent BlackMatter case and a Q1 2021 REvil case. In both instances, the actors leveraged the NodeJS-based Gootloader to deliver a CobaltStrike payload. In a March 2021 insight,…

    Read more
  • article

    PYSA: 2020 to Now

    BY ARETE CYBER THREAT INTELLIGENCE TEAM  PYSA is the newest variant of the Mespinoza Ransomware as a Service (RaaS) family, which was first observed infecting victims in the wild in December 2019. PYSA is likely a reference to the open-source web…

    Read more
  • report

    Q2 2021 Crimeware Report: Crime and No Punishment

    Like legitimate businesspeople, threat actors are always looking for ways to optimize operations and boost profits. With time and impunity on their side, some started to get more creative in Q2 2021.

    Read more
  • article

    Endpoint Detection and Response: The Closest Thing to a Silver Bullet to Stop Ransomware

    By Paul Caron   In its recent report “Combating Ransomware,” the Ransomware Task Force says there’s no silver bullet to solving the ransomware challenge. Instead, the group touts a multi-pronged approach and provides an extensive list of…

    Read more
  • article

    Avaddon Ransomware Hits AXA

    BY ARETE CYBER THREAT INTELLIGENCE TEAM  EXECUTIVE SUMMARY From September 2020 to May 2021, the Arete Incident Response (IR) practice responded to nine Avaddon ransomware engagements across varying industry sectors, including the professional…

    Read more