Resources
Providing you the latest industry-specific news and insights.
![]()
Largest Data Breach of All Time (So Far)
On July 4th, 2024, a threat actor posted nearly ten billion unique passwords to a dark web forum. This was the second large dump of passwords from the threat actor calling themselves ObamaCare on the forum.
Read more![]()
Unmasking Fog: Ransomware Threats in K-12 Education
In today's episode, we explore a new threat actor targeting K-12 schools. Our hosts discuss the factors behind its success, why schools are at risk, and share actionable steps to boost cyber resilience and defend against these attacks.
Read more![]()
Threat Actor Spotlight: BlackSuit Ransomware
First observed by Arete in May 2023, BlackSuit ransomware is an emerging cyber threat targeting organizations across several sectors. This spotlight explores the ransomware behavior observed, incident response data, and technical analysis.
Read more![]()
RansomHub: An Emerging Ransomware-as-a-Service
RansomHub has attacked over 75 victims, believed to be a rebrand of Knight ransomware. Exploiting Windows ZeroLogon, they target high-profile entities like Frontier, Christie's, and Change Healthcare. RansomHub aggressively monetizes its attacks.
Read more![]()
Windows Native Ransomware – Encrypting with Bitlocker
Bitlocker, a Windows app for full-volume encryption, is exploited by threat actors to encrypt files and demand ransom. Despite more advanced options, new actors like "Shrinklocker" still prefer Bitlocker for encryption.
Read more![]()
ALPHV/BlackCat Disruption: Operations Resume
Despite law enforcement’s disruption to ALPHV/BlackCat’s infrastructure in December 2023, the group has since resumed operations.
Read more
Law Enforcement Actions Leave ALPHV/BlackCat Scrambling to Salvage Operations
Through a coordinated law enforcement effort spearheaded by the FBI, ALPHV/BlackCat infrastructure was disrupted on December 7, 2023, in an operation publicly announced on December 19, 2023.
Read more![]()
Crimeware Report: Trends and Highlights from Q3 2023
This report covers trends observed during Arete’s response to ransomware and extortion attacks from July 1 through September 30, 2023. The volume of attacks in Q3 was consistent with that observed in the first half of 2023.
Read more![]()
ALPHV/BlackCat Ransomware Group Claims Responsibility for MGM Resorts Attack
Global hotel and entertainment company MGM Resorts recently experienced a cyberattack that caused computer outages at locations nationwide and interrupted the operation of slot machines, ATMs, hotel room keys, and payment systems.
Read more![]()
Turning Tides – Navigating the Evolving World of Cybercrime
This report highlights the trends and shifts in the cyber threat landscape observed by Arete in the first half of 2023.
Read moreObservations on Progress Software’s MOVEit Transfer Solution Vulnerability
Arete has observed multiple instances of clients being affected by the high severity vulnerability in Progress Software’s MOVEit Transfer solution. Discover attack details, indicators of compromise, and recommended steps for remediation.
Read moreObservations on Midnight Group’s Fraud Campaign Resurgence
Arete’s research recently discovered a fraud campaign by a re-emerging actor dubbed “Midnight Group" specifically targeting organizations who previously fell victim to ransomware attacks.
Read more
