Webinar: Halcyon Threat Insights - March 2025 March 19th, 2025 at 9:00am PDT / 12:00pm EDT: https://bit.ly/4imK9HG Key insights and intelligence from the Halcyon RISE Team (Research, Intelligence, Services, Engineering) - get the latest on the top #ransomware threats, trends and news every month. #cybersecurity #infosec #security #cyberattack #webinar
Halcyon
Computer and Network Security
San Diego, ca 13,464 followers
Our Mission: Defeat Ransomware
About us
Halcyon is a cybersecurity company building products that stop ransomware from impacting enterprise customers. The Halcyon Anti-Ransomware and Cyber Resilience Platform offers layered ransomware protection that combines pre-execution detection, behavioral modeling, deception techniques and, if all else fails, resiliency, recovery and isolation of impacted nodes. To learn more and get a demo, contact us today.
- Website
-
http://www.halcyon.ai
External link for Halcyon
- Industry
- Computer and Network Security
- Company size
- 51-200 employees
- Headquarters
- San Diego, ca
- Type
- Privately Held
- Founded
- 2021
- Specialties
- cybersecurity, software, and anti-ransomware
Products
Halcyon Anti-Ransomware & Cyber Resilience Platform
Antivirus Software
The Halcyon Anti-Ransomware Platform is an endpoint augmentation solution built to stop ransomware from impacting your business. With multiple levels of prevention, and a resiliency engine failsafe to recover you in minutes, the Halcyon platform provides gap coverage between EPP and EDR/XDR products, full encryption key capture during a ransomware attack, automated endpoint decryption and enhanced armoring of existing security tools. The Halcyon Anti-Ransomware Platform is an agent-based endpoint product managed by web console or API. Our solution is built for Windows Server 2012 R2 - current, Windows 10 & 11 with additional operating systems in development. Interested in becoming a technology partner with Halcyon or offering our product as an MSSP/VAR/MDR? We have a complete partner program with attractive discounts!
Locations
-
Primary
San Diego, ca 92101, US
-
Austin, Texas 73301, US
Employees at Halcyon
Updates
-
Babuk2 Ransomware: Extortion Attempts Based on False Claims Recent investigations by the Halcyon RISE Team have revealed that the #Babuk2 ransomware group is issuing extortion demands based on false attack claims: https://lnkd.in/gNmysRgz - False Claims & Recycled Data: Babuk2, also known as Babuk-Bjorka, appears to be reusing data from earlier breaches to back up its extortion claims. Many of the victims listed in their announcements were already targeted by other ransomware groups such as RansomHub, FunkSec, LockBit, and even the original Babuk team. - No Confirmed New Attacks: Despite the group’s claims of having conducted multiple attacks in early 2025, our analysis indicates there is no evidence of new, live ransomware encryption or fresh network intrusions. Instead, the data appears to be recycled from past incidents. - Key Figures & Origins: Babuk2 emerged in January 2025 and is not a direct continuation of the original Babuk ransomware, which was active in 2021. The new operation seems to use the Babuk name for credibility. Its administrator, known as Bjorka, has been active on various forums and Telegram, and has previously been associated with other data breaches and extortion attempts. At present, Babuk2’s claims of successful ransomware attacks appear to be unsubstantiated. The group seems to be leveraging previously leaked data as a tactic to boost its credibility and drive ransom payments. Organizations facing such claims should conduct thorough, independent investigations of any reported breaches. A proactive approach—verifying network integrity and checking for signs of genuine, new attacks—will help prevent unnecessary panic and financial loss. #cybersecurity #infosec #security #cyberattack #ransomware #Babuk
-
-
Last Year in Ransomware: Overview, Developments and Vulnerabilities Ransomware attacks inflict substantial, long-term damage on organizations, extending far beyond initial financial impacts. Organizations suffer significant reputational harm, leading to customer attrition and heightened regulatory oversight. This analysis examines the key developments that shaped the #ransomware ecosystem throughout 2024, from emerging attack vectors to novel malware variants... https://lnkd.in/gTAZzpgh #cybersecurity #infosec #security #cyberattack
-
-
FBI and CISA Warn Against #Ghost #Ransomware in Latest Advisory Given the rise in disruptive ransomware attacks, #CISA emphasizes the urgent need for organizations to enhance their #cybersecurity measures and has released detailed guidelines. Ghost first emerged in early 2021 and has steadily escalated its operations, targeting businesses and critical infrastructure across more than 70 countries. Known for its adaptive tactics and relentless focus on exploiting vulnerabilities in outdated systems, the group has become one of the more dangerous ransomware threats. https://lnkd.in/gQh2pw2y #cyberattack #infosec #security #FBI
-
-
Straight-up data extortion... Get the report: https://lnkd.in/gp2YxPeY #infosec #security #cybersecurity #cyberattack #ransomware
-
-
BlackBasta Ransomware Group's Internal Chat Logs Leaked The leak has shed light on the inner workings of BlackBasta, revealing their tactics, targets as well as personal dynamics and discord within the group. #BlackBasta has reportedly collected over $100 million in ransom payments from more than 90 victims, including several high-profile attacks. Despite their success, BlackBasta has recently experienced a decline in activity... https://lnkd.in/gWyhj_NH cybersecurity, infosec, security, cyberattack, ransomware
-
-
Patch Now: Ransomware Operators Exploiting Two Fortinet Vulnerabilities Researchers observed that between late January and March 2025, intrusions exploiting two #vulnerabilities led to the deployment of a new #ransomware strain. This strain closely resembles #LockBit 3.0 but features modifications such as a customized ransom note and a unique data #exfiltration tool. Despite Fortinet's release of patches addressing these vulnerabilities, some organizations remain unpatched, leaving them susceptible to attacks. https://lnkd.in/gjRQdyS8 #cybersecurity #infosec #security #cyberattack, #vulnerability, #exploit #patching
-
-
RansomHub Targets Patchable Bugs in Microsoft Active Directory and Netlogon #RansomHub has been #exploiting patchable #vulnerabilities in #Microsoft Active Directory and #Netlogon to escalate privileges and gain access to domain controllers. These vulnerabilities, identified as CVE-2021-42278 (#noPac) and CVE-2020-1472 (#ZeroLogon), allow attackers to impersonate domain controllers and achieve full privileged access, facilitating lateral movement across compromised networks. https://lnkd.in/gZcsYUTa #cybersecurity #infosec #security #cyberattack #ransomware #patching
-
-
via Forbes... FBI Warning—Gmail, Outlook And VPN Users Need To Act Now: “Ransomware operators like #Medusa focus on gaining leverage to extort organizations, making critical infrastructure entities prime targets due to their heightened motivation to maintain uninterrupted services..." Jon Miller, CEO and co-founder of Halcyon.
Lunch felicitations my fellow young and attractive hackers. By me at Forbes: FBI advises 2FA for webmail and VPNs now as Medusa ransomware actors strike. But what they don't recommend is getting Roger Grimes hot under the collar. #infosec https://lnkd.in/eAUWHB4S
-
Last Month in Security 010: Richard Stiennon on the EO and Cyberwarfare In this edition of the Last Month in Security #podcast, we are joined by Richard Stiennon, Chief Research Analyst at IT-Harvest, to discuss Presidential EOs, #cyberwarfare and more. https://lnkd.in/gy8nAJ7k Throughout his career, Stiennon has held significant positions, including VP of Research at Gartner, CMO at Fortinet, VP of Threat Research at Webroot Software, Chief Strategy Officer at Blancco Technology Group, and more. #cybersecurity #infosec #security #cybersecurity #cyberattack #ransomware
-