Halcyon

Webinar: Education Deserves Advanced Grade Protection from Ransomware Mar 26, 2025 9:00am PDT / 12:00pm EDT: https://bit.ly/4kHo1t7 - Understand the latest ransomware trends and tactics targeting educational institutions. - Discover practical steps to fortify your defenses, even with limited SOC resources. - Gain insights into establishing resilience to minimize the risk from successful attacks. #infosec #security #cybersecurity #cyberattack #ransomware #education

Halcyon is a proud sponsor of the Fifth Annual South Florida Cybersecurity Summit - come see our Chief Security and Trust Officer Ben Carr drop some wisdom on the state of the ransomware ecosystem. Use code CSS25-Halcyon for a FREE PASS: https://lnkd.in/gAfX9rPP #SouthFloridaCyberSummit #infosec #security #cybersecurity

Startups aren't failing at cybersecurity because they lack investments. They're failing at security because they're focusing on the wrong things. A company proudly told Nils Puhlmann they were about to buy a SIEM. Their entire security strategy? One tool. “Who’s monitoring it?” “Who’s feeding it data?” “What’s the plan beyond that?” They didn’t have answers. They just trusted the vendor’s promise: “Buy this, and your problems are solved.” This is exactly how organizations burn money without improving security. Throwing cash at tools without a strategy is like building a fireproof front door while leaving the back door wide open. Security is about where you focus. Not how much you spend. In our recent conversation, Nils Puhlmann breaks down why so many companies miscalculate their security posture and how to actually build a foundation that works. Watch the full episode here: https://lnkd.in/gypGCURJ

Webinar: Halcyon Threat Insights - March 2025 March 19th, 2025 at 9:00am PDT / 12:00pm EDT: https://bit.ly/4imK9HG Key insights and intelligence from the Halcyon RISE Team (Research, Intelligence, Services, Engineering) - get the latest on the top #ransomware threats, trends and news every month. #cybersecurity #infosec #security #cyberattack #webinar

Babuk2 Ransomware: Extortion Attempts Based on False Claims Recent investigations by the Halcyon RISE Team have revealed that the #Babuk2 ransomware group is issuing extortion demands based on false attack claims: https://lnkd.in/gNmysRgz - False Claims & Recycled Data: Babuk2, also known as Babuk-Bjorka, appears to be reusing data from earlier breaches to back up its extortion claims. Many of the victims listed in their announcements were already targeted by other ransomware groups such as RansomHub, FunkSec, LockBit, and even the original Babuk team. - No Confirmed New Attacks: Despite the group’s claims of having conducted multiple attacks in early 2025, our analysis indicates there is no evidence of new, live ransomware encryption or fresh network intrusions. Instead, the data appears to be recycled from past incidents. - Key Figures & Origins: Babuk2 emerged in January 2025 and is not a direct continuation of the original Babuk ransomware, which was active in 2021. The new operation seems to use the Babuk name for credibility. Its administrator, known as Bjorka, has been active on various forums and Telegram, and has previously been associated with other data breaches and extortion attempts. At present, Babuk2’s claims of successful ransomware attacks appear to be unsubstantiated. The group seems to be leveraging previously leaked data as a tactic to boost its credibility and drive ransom payments. Organizations facing such claims should conduct thorough, independent investigations of any reported breaches. A proactive approach—verifying network integrity and checking for signs of genuine, new attacks—will help prevent unnecessary panic and financial loss. #cybersecurity #infosec #security #cyberattack #ransomware #Babuk

Last Year in Ransomware: Overview, Developments and Vulnerabilities Ransomware attacks inflict substantial, long-term damage on organizations, extending far beyond initial financial impacts. Organizations suffer significant reputational harm, leading to customer attrition and heightened regulatory oversight. This analysis examines the key developments that shaped the #ransomware ecosystem throughout 2024, from emerging attack vectors to novel malware variants... https://lnkd.in/gTAZzpgh #cybersecurity #infosec #security #cyberattack

FBI and CISA Warn Against #Ghost #Ransomware in Latest Advisory Given the rise in disruptive ransomware attacks, #CISA emphasizes the urgent need for organizations to enhance their #cybersecurity measures and has released detailed guidelines. Ghost first emerged in early 2021 and has steadily escalated its operations, targeting businesses and critical infrastructure across more than 70 countries. Known for its adaptive tactics and relentless focus on exploiting vulnerabilities in outdated systems, the group has become one of the more dangerous ransomware threats. https://lnkd.in/gQh2pw2y #cyberattack #infosec #security #FBI

Straight-up data extortion... Get the report: https://lnkd.in/gp2YxPeY #infosec #security #cybersecurity #cyberattack #ransomware

BlackBasta Ransomware Group's Internal Chat Logs Leaked The leak has shed light on the inner workings of BlackBasta, revealing their tactics, targets as well as personal dynamics and discord within the group. #BlackBasta has reportedly collected over $100 million in ransom payments from more than 90 victims, including several high-profile attacks. Despite their success, BlackBasta has recently experienced a decline in activity... https://lnkd.in/gWyhj_NH cybersecurity, infosec, security, cyberattack, ransomware

Patch Now: Ransomware Operators Exploiting Two Fortinet Vulnerabilities Researchers observed that between late January and March 2025, intrusions exploiting two #vulnerabilities led to the deployment of a new #ransomware strain. This strain closely resembles #LockBit 3.0 but features modifications such as a customized ransom note and a unique data #exfiltration tool. Despite Fortinet's release of patches addressing these vulnerabilities, some organizations remain unpatched, leaving them susceptible to attacks. https://lnkd.in/gjRQdyS8 #cybersecurity #infosec #security #cyberattack, #vulnerability, #exploit #patching