Halcyon Threat Insights 003: March 2024

### Executive Summary: Halcyon's March 2024 brief reports rising ransomware activity with Information Technology, Education, and Manufacturing most targeted; describes multiple malware families (Monero coin miner, ClipBanker clipboard stealer, SharpHound reconnaissance, various droppers and Python-based trojans), provides behavioral TTPs and an IOC (hXXp://185.172.128.11/zima.php?mine=XMR), and spotlights the Akira ransomware/extortion group — detailing RaaS capabilities, observed exploitation of CVE-2023-20269, Linux variants, credential/VPN targeting, and ransom/exfiltration patterns.