Resources
Providing you the latest industry-specific news and insights.
- article
Microsoft Exchange Server Zero-Day Hack Insight
On March 2, 2021, Microsoft disclosed and provided security updates for four [4] critical vulnerabilities — CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065 — impacting on-premises Microsoft Exchange Servers.
Read more - article
Don’t Drink from That! Gootloader Watering Hole Leads to REvil Attack
By Arete Forensics Team REvil, more commonly referred to as Sodinokibi, is one of the most prolific ransomware threat groups currently active in the cyber extortion space. In the past year alone, Arete has responded to countless incidents where…
Read more - article
Darkside Ransomware: Caviar Taste on Your Big-Game Budget
By Arete Cyber Threat Intelligence Team EXECUTIVE SUMMARY By all appearances, the proprietors of Darkside ransomware mean business. Big business. With their sights set on organizations with US$4M+ in revenue, they’re all about high-value,…
Read more - article
Cybersecurity Trends: What We Saw in 2020, What We Expect to See in 2021
Where change seems a constant, perhaps the biggest and most surprising cybersecurity issue of 2020 was a lack of change. But before we get to that, let’s look at some other key cybersecurity trends. A CONTINUED RISE IN RANSOMWARE ATTACKS Kidnapping…
Read more - article
Egregor: The Ghost of Soviet Bears Past Haunts On
By Adam Brown and Harold Rodriguez, Arete Cyber Threat Intelligence Team Ransomware variants come. Ransomware variants go. And while Egregor may have only recently surfaced, it is by no means a fly-by-night operation. In fact, one could argue that…
Read more - article
The Road Back: Recovery from a Malware Attack in the Long Term
Arete Incident Response is currently answering the call of duty for about 60 companies per month who have experienced malware intrusions. These are mostly ransomware or business email compromise attacks. Arete’s primary goal is to restore what was…
Read more - podcast
Nation State Threats with Jim Jaeger
In this episode, Kevin Smith and Stephen Ramey talk to Arete's chief cyber strategist, Jim Jaeger, about nation state threats, ways to keep your business safe from ransomware, and more!
Read more - article
Conti Ransomware is the New Ryuk?
BACKGROUND Based on analysis of Conti ransomware, which was originally spotted in the wild in February of this year, the Arete Threat Intelligence team believes that this variant is being operated by the same group that conducted Ryuk…
Read more - article
Universal Encryption
Ransomware variants like Ryuk, WastedLocker, and Dopplepaymer are also file level encryption. These groups will gain access to the network and perform reconnaissance to identify the victim, understand their business, identify critical systems, and…
Read more - article
System Specific Encryption
Ransomware variants like Phobos, Dharma or CryLock are file level encryption. The TA gains access to the system, copies specific encryption executables onto the systems then runs the executables to encrypt the files. The results are files with a new…
Read more - article
Maze Ransomware: Is Posting Data Counterproductive?
Ransomware incidents dominated INFOSEC news in 2019. Penetration methods continued to evolve, attacks became more targeted and ransom demands continued to rise. A major shift in attacker tactics happened in early December when the group behind the…
Read more