Resources
Providing you the latest industry-specific news and insights.
H1 2024 Crimeware Report
Arete’s H1 2024 ransomware response data reveals shifts in the threat landscape, analyzing variant trends, ransom demands, targeted industries, and future projections.
Read more![]()
Black Basta Leverages New Social Engineering Technique
Black Basta, a ransomware group active since at least April 2022, is deploying a new social engineering tactic using Microsoft Teams in an active campaign.
Read more![]()
The Return of Bumblebee Loader
After its disruption in May 2024, Bumblebee is back in the cyber ecosystem, using a new infection chain with LNK, PowerShell, and MSI files to drop additional malware.
Read more![]()
Red Team Tool Used to Disrupt Endpoint Security Solutions
Researchers observed criminals using the red-team tool EDRSilencer in cyberattacks. This open-source tool, designed for penetration testing, can detect EDR processes and monitor, modify, or block their outbound network communications.
Read more![]()
Recent Sanctions Reveal LockBit and Evil Corp Links
The US Department of the Treasury’s Office of Foreign Assets Control sanctioned seven individuals for their association with the Evil Corp cybercriminal group.
Read more![]()
Cracking Down on Cybercrime: Law Enforcement Actions and Evolving Methods
In this episode of Bytes of Insight, hosts Vinny Sakore and Evgueni Erchov explore recent law enforcement actions against cybercriminals, the evolution of methods used to pressure cybercriminals, and the value of collaboration with cybersecurity organizations. The discussion highlights key trends Arete has observed across the threat landscape, with insights drawn from our H1 2024 Crimeware Report.
Read more![]()
Telegram Changes Privacy Policy
Telegram – the instant messaging platform popular with ransomware groups and cybercriminals because of its user privacy features – recently updated its privacy policy in an effort to discourage criminals from abusing the platform.
Read more![]()
Rhysida Using Oyster Backdoor in Attacks
The Rhysida ransomware group has been using the Oyster backdoor in attacks, leveraging fake websites to trick users into downloading malicious software.
Read more![]()
Cyber Campfire – August Stats
Cyber Campfire delivers the latest monthly insights from Arete’s Threat Intelligence Team. In this month's episode, our TI team reviews August's cyber threat statistics, highlights key trends, and discusses emerging threat actors.
Read more![]()
New Group Emerges with Similarities to ALPHV/BlackCat
Cicada3301, a new RaaS group, emerged in June 2024. Using double extortion, they target Windows and Linux/VMware ESXi systems, posting victims on their dark website. Their methods show strong similarities to ALPHV/BlackCat ransomware.
Read more![]()
Iranian Hackers Working with Ransomware Groups
An Iranian threat group linked to the GOI collaborates with ransomware affiliates, aiding network access and extortion for a ransom share.
Read more![]()
Automotive Industry Faces Increased Cyberattacks
Recent ransomware attacks have severely impacted the automotive industry, disrupting car and parts availability, dealership operations, and global economies.
Read more![]()
Unmasking Fog: Ransomware Threats in K-12 Education, Part 2
Welcome to Bytes of Insight by Arete. Today, Harold Rodriguez from Arete's Threat Research Team dives into the education sector and FOG ransomware, sharing insights on reverse engineering malware and innovative defenses against ransomware attacks.
Read more
