Halcyon

Welcome to Halcyon's hub for the latest in anti-ransomware, threat intel content, from webinars to white papers, and more.

Well, turns out Bandcai Namco got popped by BlackCat, patients trying to pay for their health procedures had their PII leaked, and June was a better month for ransomware defenders. Spoiler alert: It is still pretty gross out there.

Jul 22, 2022

Halcyon Research

Ransomware Roundup: 07.22.22

Well, turns out Bandcai Namco got popped by BlackCat, patients trying to pay for their health procedures had their PII leaked, and June was a better month for ransomware defenders. Spoiler alert: It is still pretty gross out there.

Ransomware Roundup: 07.15.22

Ransomware Roundup: 07.08.22

AstraLocker author is probably, possibly, maybe leaving ransomware for cryptojacking. Feds warn of Maui … from North Korea. The new version of Hive is 100% Rustier.

Ransomware Roundup: 07.01.22

A conviction in the fight against ransomware, LockBit announces a bug bounty program (seriously) and ransomware is named the greatest cybersecurity threat - surprising no one.

Ransomware Roundup: 06.24.22

The cost of ransomware on schools, ransomware is the new ninja smoke and the ghost of Colonial Pipeline haunts in recently signed legislation.

Ransomware Roundup: 06.17.22

Vice Society takes credit for the Palermo disruption, ransomware attackers choose BlackCat and the no good, very bad vuln in Confluence Server/Datacenter (and yes, surprise surprise, ransomware is involved). Get it all, in this week's Ransomware Round up.

Ransomware Roundup: 06.10.22

As per usual, the RSA Conference 2022 brought a heap of news – some good, some bad. Deadbolt Ransomware ups the ante on NAS attacks. Lockbit claims to ransom Mandiant, Mandiant: Not so much. U.S. Sanctions are taking their toll, forcing gangs to adapt, and well, cybersecurity worries surround the U.S. mid-term elections.

Ransomware Roundup: 06.03.22

Costa Rica’s ransomware nightmare did not really end, it just switched villains. Also, REvil’s prosecution gives up on a conviction because … America?

Ransomware Roundup: 05.27.22

Is Conti gone or just going offline for a rebrand? The curious case of an unlikely threat actor plus a RaaS group gets more than they bargained for in this week's ransomware roundup. Check it all out here...

Ransomware Roundup: 05.20.22

Ransomware Roundup: 05.13.22

Ransomware causes a national emergency in Costa Rica, a 150-year-old college is forced to shutter due partially to getting ransomed, the United States Fed takes action and the unhappy Anniversary of WannaCry.

Ransomware Roundup: 05.07.22

You can't keep a good RaaS group down as REvil returns, AvosLocker figures out how bypass EPP (pro-tip: it's easier to unhook an agent than bypass detection engines) and BlackCat/ALPHV ups the ransomware game by offering Linux and VMware ESXi versions. Check it out in our latest weekly ransomware roundup. #ransomware

Ransomware Roundup: 03.25.22

The Fastest Ransomware in the West, Lapsus$ Kids Hit Okta and Microsoft Energy Sector Targeted According to CISA - Another week, another breach. Is this the last time we'll see the Lapsus$ group? #ransomware

Ransomware Roundup: 03.11.22

FBI Alerts on RagnarLocker, Conti Extorts $180M, Senate Passes Cyber Bill: Hot off the presses, it's our weekly ransomware roundup. The Conti leaks are the gift that keeps giving and we're very interested in the latest US cyber bill, this one looks substantial.

Ransomware Roundup: 02.25.22

HermeticWiper with a twist, Conti gang vows to attack Ukraine allies, White House warns businesses of ransomware threat - It's going to be a long weekend for SOC teams.

Ransomware Roundup: 02.18.22

BlackByte RaaS gang hits SF 49ers, Yet another attack on US critical infrastructure, Ransomware grows 105% YoY - Another busy week in the world of ransomware with a range of highly visible attacks on a storied football franchise, US critical infrastructure sectors, and a Swiss car dealer network. Ransomware is clearly vertical agnostic.

Ransomware Roundup: 02.11.22

Attacks disrupt energy transport at European ports, CIS 2021 trend report, The rise of BlackCat (ALPHV) - 2022 has already started off with a bang if you're a criminal ransomware group. Grab a cup of coffee and catch up on some of the high-level ransomware incidents that happened over the last few days.

Jon Miller and Ryan Smith

Standing On The Shoulders of Giants, with Failure in Mind.

No one likes ransomware – aside from the criminal organizations profiting from these attacks. Everyone else? We're just sick and tired of seeing ransomware trivially bypass modern cyber products. That's why we've built Halcyon with a new, multi-layered approach to defeating ransomware. Consider this our "Hello World."