Skip to Main Content

Our Insights

Providing you the latest industry-specific news and insights.

  • article

    Colonial Pipeline Breached by Darkside Ransomware Group

    On Saturday May 8, US Colonial Pipeline announced that they were victim of a ransomware attack that affected their network on Friday May 7. US Colonial Pipeline is said to be the largest fuel pipeline in the United States and the main source of…

    Read more
  • report

    Q1 2021 Crimeware Report: Post-Mortem Analysis of a Dumpster Fire

    Unique insight into the state of ransomware based on data from more than 1,500 incident response and forensics cases.

    Read more
  • article

    Black Kingdom Returns to Exploit Zero-Day Vulnerabilities in Unpatched Microsoft Exchange Servers

    By Steve Ramey You know what’s fun about zero-day exploits? Nothing, especially when ransomware is involved. Earlier this month, Microsoft released a statement notifying the public of a zero-day exploit that affected its on-premises Exchange…

    Read more
  • article

    Don’t Drink from That! Gootloader Watering Hole Leads to REvil Attack

    By Arete Forensics Team REvil, more commonly referred to as Sodinokibi, is one of the most prolific ransomware threat groups currently active in the cyber extortion space. In the past year alone, Arete has responded to countless incidents where…

    Read more
  • article

    Dear Ramey: Will I Be Hacked Again?

    ANSWERING BURNING QUESTIONS FROM VICTIMS OF CYBER EVENTS DEAR RAMEY: My organization was hacked, and ransomware encrypted our files. We have no interest in paying the ransom because we don’t want to encourage malicious activity. Do we have any…

    Read more
  • article

    Darkside Ransomware: Caviar Taste on Your Big-Game Budget

    By Arete Cyber Threat Intelligence Team EXECUTIVE SUMMARY By all appearances, the proprietors of Darkside ransomware mean business. Big business. With their sights set on organizations with US$4M+ in revenue, they’re all about high-value,…

    Read more
  • article

    Cybersecurity Trends: What We Saw in 2020, What We Expect to See in 2021

    Where change seems a constant, perhaps the biggest and most surprising cybersecurity issue of 2020 was a lack of change. But before we get to that, let’s look at some other key cybersecurity trends. A CONTINUED RISE IN RANSOMWARE ATTACKS Kidnapping…

    Read more
  • article

    Egregor: The Ghost of Soviet Bears Past Haunts On

    By Adam Brown and Harold Rodriguez, Arete Cyber Threat Intelligence Team Ransomware variants come. Ransomware variants go. And while Egregor may have only recently surfaced, it is by no means a fly-by-night operation. In fact, one could argue that…

    Read more
  • article

    The Road Back: Recovery from a Malware Attack in the Long Term

    Arete Incident Response is currently answering the call of duty for about 60 companies per month who have experienced malware intrusions.  These are mostly ransomware or business email compromise attacks.  Arete’s primary goal is to restore what was…

    Read more
  • podcast

    Nation State Threats with Jim Jaeger

    In this episode, Kevin Smith and Stephen Ramey talk to Arete's chief cyber strategist, Jim Jaeger, about nation state threats, ways to keep your business safe from ransomware, and more!

    Read more
  • article

    Conti Ransomware is the New Ryuk?

    BACKGROUND Based on analysis of Conti ransomware, which was originally spotted in the wild in February of this year, the Arete Threat Intelligence team believes that this variant is being operated by the same group that conducted Ryuk…

    Read more
  • article

    Universal Encryption

    Ransomware variants like Ryuk, WastedLocker, and Dopplepaymer are also file level encryption. These groups will gain access to the network and perform reconnaissance to identify the victim, understand their business, identify critical sys­tems, and…

    Read more