Skip to Main Content

Resources

Providing you the latest industry-specific news and insights.

  • article

    RansomHub: An Emerging Ransomware-as-a-Service

    RansomHub has attacked over 75 victims, believed to be a rebrand of Knight ransomware. Exploiting Windows ZeroLogon, they target high-profile entities like Frontier, Christie's, and Change Healthcare. RansomHub aggressively monetizes its attacks.

    Read more
  • article

    Windows Native Ransomware – Encrypting with Bitlocker

    Bitlocker, a Windows app for full-volume encryption, is exploited by threat actors to encrypt files and demand ransom. Despite more advanced options, new actors like "Shrinklocker" still prefer Bitlocker for encryption.

    Read more
  • article

    ALPHV/BlackCat Disruption: Operations Resume

    Despite law enforcement’s disruption to ALPHV/BlackCat’s infrastructure in December 2023, the group has since resumed operations.

    Read more
  • article

    Law Enforcement Actions Leave ALPHV/BlackCat Scrambling to Salvage Operations

    Through a coordinated law enforcement effort spearheaded by the FBI, ALPHV/BlackCat infrastructure was disrupted on December 7, 2023, in an operation publicly announced on December 19, 2023.

    Read more
  • report

    Crimeware Report: Trends and Highlights from Q3 2023

    This report covers trends observed during Arete’s response to ransomware and extortion attacks from July 1 through September 30, 2023. The volume of attacks in Q3 was consistent with that observed in the first half of 2023.

    Read more
  • article

    ALPHV/BlackCat Ransomware Group Claims Responsibility for MGM Resorts Attack

    MGM Resorts, an S&P 500® global hotel and entertainment company, recently experienced a cyberattack.

    Read more
  • report

    Turning Tides – Navigating the Evolving World of Cybercrime

    This report highlights the trends and shifts in the cyber threat landscape observed by Arete in the first half of 2023.

    Read more
  • report

    Observations on Progress Software’s MOVEit Transfer Solution Vulnerability

    Arete has observed multiple instances of clients being affected by the high severity vulnerability in Progress Software’s MOVEit Transfer solution. Discover attack details, indicators of compromise, and recommended steps for remediation.

    Read more
  • report

    Observations on Midnight Group’s Fraud Campaign Resurgence

    Arete’s research recently discovered a fraud campaign by a re-emerging actor dubbed “Midnight Group" specifically targeting organizations who previously fell victim to ransomware attacks.

    Read more
  • report

    Observations on New Trigona Ransomware

    Arete research reveals new information about the emerging threat of Trigona ransomware.

    Read more
  • article

    Fool Us Once … BlackMatter Initial Access Tactics Point to a Possible REvil Association

    Arete observed an overlap between a recent BlackMatter case and a Q1 2021 REvil case.

    Read more
  • report

    Engineering Consulting Firm Improves Security with a Formalized, Top-down Risk Management Program

    Engineering consulting firm improves security with a formalized, top-down risk management program.

    Read more