Arete

In the first half of 2024, Arete observed a significant decrease in organizations choosing to pay a ransom following an attack. Victims in only 26.5% of engagements opted to pay, which is down from 32.5% in H2 2023. This trend reflects increased preparedness and resilience and the impact of law enforcement actions against major ransomware groups. Read the full analysis in our H1 2024 Crimeware Report. https://hubs.ly/Q02Mk_BX0

In this episode of Bytes of Insight, hosts Vinny Sakore, MBA, CIPT and Evgueni Erchov explore the technical side of Fog Ransomware with special guest Harold R., who leads Arete's Threat Research Team. Harold shares his expertise on the latest attack tactics and how this sophisticated ransomware operates under the radar. Don't miss this insightful discussion on Arete’s cutting-edge research and analysis that provide actionable insights on the latest cyber threats. 🎧 Tune in now: https://hubs.ly/Q02McxwY0

The first half of 2024 presented a dynamic and complex threat landscape marked by law enforcement actions against large ransomware operations. Leveraging data collected from Arete’s response to ransomware and extortion attacks, Arete's latest crimeware report provides an in-depth analysis of key trends and insights. Whether you're a security expert, a cyber insurance professional, or just looking to stay informed, our H1 2024 Crimeware Report provides unique data to help you better understand the evolving threat landscape. Download the full report to explore the findings. https://hubs.ly/Q02LYRl00

The notorious FIN7 threat group resumed operations this year, leading to a significant increase in Cl0p ransomware attacks. Despite being declared "an entity no more" in May 2023, FIN7 has not only returned but is more active than ever. Since May 2024, Arete has observed FIN7’s trojan communicating from victim environments two to three months before those victims appear on Cl0p's data leak site. Read our recent blog post to understand FIN7’s tactics and stay ahead of this evolving threat. https://hubs.ly/Q02LYqLL0

Our team is looking forward to seeing you at the NetDiligence® Philadelphia #CyberRiskSummit in September! Join us for engaging discussions, networking, and insights into the latest cyber trends. Find out more: https://hubs.ly/Q02Lygzx0

Since April 2024, Arete's Incident Response team has witnessed a surge in attacks from the Fog ransomware group, with 70% of their victims being education organizations. Engagements from this group made up nearly 20% of our ransomware cases in July. This trend emphasizes the need for educational entities to take proactive steps to secure their systems and protect sensitive information from cyber threats. Our latest Malware Spotlight explores Fog’s tactics, its ransomware executable, and key security recommendations to help educational institutions strengthen their security posture. 🔗 Read the full article and equip your organization today: https://hubs.ly/Q02LBN8w0

In late July, Microsoft researchers reported an authentication bypass vulnerability in VMware ESXi (CVE-2024-37085) that is being exploited by ransomware groups, including Black Basta and Akira. The vulnerability allows attackers to create or rename a group as "ESX Admins" on an Active Directory domain, granting them full administrative access. Organizations with domain-joined ESXi hypervisors should install VMware's security update, protect privileged accounts from unauthorized users, and maintain adequate monitoring, backups, and recovery plans.🛡️ Learn more about the risks and mitigation strategies in our latest blog post: https://hubs.ly/Q02Lm6PS0

Arete is thrilled to announce that our Director of Client Services, Jenna Rooney, is a finalist for the 2024 Relativity Innovation Awards in the categories of Security and Customer Experience.  We would be honored to receive your vote supporting Jenna. Please visit https://hubs.ly/Q02L6PTk0 today to vote!

Preparation is key. Just like a fire escape plan establishes a course of action in case of a fire, a comprehensive incident response plan can enable a consistent and efficient response to potential cyber threats, minimizing downtime, cost, and reputational impact. Arete’s Incident Response Readiness Assessment evaluates the effectiveness of your organization's incident response plan by testing your procedures, policies, and communication channels in a controlled environment. Learn more: https://hubs.ly/Q02KcRnQ0

Ransomware attacks can cause significant financial, operational, and reputational impact. A properly implemented Endpoint Detection and Response (EDR) tool can detect malicious activity and provide necessary visibility to alerts to prevent cyber incidents before they occur. Augmenting tools with security experts, like Arete’s Managed Detection and Response team, can enhance your cyber resilience with 24/7 endpoint monitoring and expanded protection to address multiple vectors of risk. Our MDR solution integrates a custom detections and blocking tool that leverages data from over 8,000 investigations and enhances EDR platforms with hundreds of custom threat detection rules that act autonomously in seconds. To learn more about how Arete’s MDR can protect you from emerging threats, reach out to our team: https://hubs.ly/Q02J-pMS0