Halcyon Threat Insights 014: March 2025 Ransomware Report

Halcyon's February 2025 ransomware intelligence briefing summarizes blocked ransomware activity and precursors across industries (notably Manufacturing, Retail and Hospitality), catalogs detected hack tools (e.g., Mimikatz, JuicyPotato, Chisel), trojans and ransomware families (LockBit, Locky, Avaddon, Phobos/Crysis), and spotlights active threat actors such as Sarcoma and the Medusa incidents, emphasizing RaaS operations, credential theft, privilege escalation, double-extortion tactics, and impacts to critical sectors.