Halcyon launches Ransomware Detection and Recovery to combat ransomware around the clock
Dubai, United Arab Emirates – Halcyon, a leading platform designed from day one to defeat ransomware, today announced Halcyon Ransomware Detection and Recovery (RDR), a no-cost integrated service that is now included with every deployment of the Halcyon Anti-Ransomware Platform. Powered by Halcyon's RISE team, an elite group of ransomware experts, Halcyon RDR delivers unmatched ransomware protection to ensure that a ransomware attack does not disrupt business operations.
Most 24/7 threat monitoring and response services are not included with software platform purchases and are instead only offered at a significant additional cost. Halcyon offers 24/7 ransomware protection from a team of experts who investigate and respond to every single alert triggered in the Halcyon platform at no additional cost. Ransomware attacks can and do happen at any time. Halcyon RDR delivers the around-the-clock coverage organizations need to defend themselves from ransomware without further taxing their already overburdened security teams.
'Ransomware operators do not wait until you're ready,' said Jon Miller, CEO and Co-Founder, Halcyon. 'They are financially motivated, and their goal is extortion. They'll strike whenever they have to to get the leverage that they want. Halcyon RDR provides the protection organizations need to win against ransomware. With a platform designed from day one to defeat ransomware, and 24/7 ransomware protection, security teams can eliminate the threat of ransomware and focus on other threats to their environment.'
Halcyon RDR provides the active coverage organizations need to insulate themselves against the threat of ransomware at no charge. The combination of the Halcyon Anti-Ransomware platform and Halcyon RDR delivers a level of ransomware protection previously only available to the most well-funded and resourced security teams. Halcyon delivers this level of expertise to every customer at no additional cost.
Halcyon RDR is powered by Halcyon RISE, an elite team of experts in ransomware TTPs, cryptography, threat intelligence, malware reverse engineering, and ransomware response. Built to enable organizations of any size and skill to incorporate the Halcyon Anti-Ransomware Platform into their security stack without adding more demands for dedicated resources, Halcyon RDR provides an unmatched solution for customers concerned about ransomware attacks.
Key features of Halcyon RDR include:
Detection – The Halcyon RISE team investigates every indicator of ransomware or aberrant behavior discovered by the Halcyon platform's automated detection and protection engines.
Response – If an active attack is detected, the Halcyon RISE team disrupts the attack chain and alerts the customer's security team in real time.
Recovery – If an attacker successfully encrypts customer data, Halcyon will use the encryption key material automatically intercepted by the Halcyon platform to quickly recover impacted data without the need to negotiate with the attacker or restore from backups.
In the event an attack does impact a fully protected Halcyon customer, Halcyon RDR will work with the customer to recover and restore their environment at no additional cost under the Halcyon Ransomware Warranty. To date, zero Halcyon customers have experienced disruptions to their operations due to ransomware, and zero have had to make a claim against the Halcyon Ransomware Warranty. Halcyon remains undefeated by ransomware.
About Halcyon
Halcyon is the only cybersecurity company that eliminates the business impact of ransomware. Modern enterprises rely onHalcyon to prevent ransomware attacks, eradicating cybercriminals' ability to encrypt systems, steal data, and extort companies. Backed by an industry-leading warranty, the Halcyon Anti-Ransomware Platform drastically reduces downtime, enabling organizations to quickly and easily recover from attacks without paying ransoms or relying on backups.
For more details, please contact: halcyon@activedmc.com
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Gulf Business
5 days ago
- Gulf Business
AI-driven ransomware tops 2025 cyber threats in META, says Kaspersky
Image: Getty Images Cyber security firm The report shows that Türkiye and Kenya recorded the highest share of users impacted by web-based threats (26.1 per cent and 20.1 per cent respectively), while the UAE, Saudi Arabia, Egypt, and Jordan reported the lowest levels of web-borne attacks in the region. Key threat: Ransomware Ransomware remains one of the most dangerous threats facing businesses in 2025, particularly in digitally advanced markets in the Middle East. The region has seen an increase in ransomware victims due to 'rapid digital transformation, expanding attack surfaces and varying levels of cybersecurity maturity.' Kaspersky highlights the rise of FunkSec, a new ransomware group that 'quickly gained notoriety by surpassing established groups like Cl0p and RansomHub.' FunkSec operates using a ransomware-as-a-service (RaaS) model and adopts 'double extortion tactics combining data encryption with exfiltration,' while relying heavily on 'AI-generated code, complete with flawless comments, likely produced by large language models (LLMs) to enhance development and evade detection.' Unlike most ransomware groups, FunkSec uses a high-volume, low-ransom strategy, making its attacks more accessible and scalable. Emerging trends Kaspersky warns that ransomware actors are becoming more creative and stealthy. 'Ransomware is expected to evolve by exploiting unconventional vulnerabilities,' the report notes, citing the Akira gang, which used a webcam to bypass endpoint detection systems and infiltrate networks. Attackers are now targeting 'overlooked entry points like IoT devices, smart appliances or misconfigured hardware in the workplace,' taking advantage of the broader attack surface created by increasingly interconnected environments. The rise of generative AI and development tools such as RPA and LowCode is also enabling less-skilled threat actors. 'LLMs marketed on the dark web lower the technical barrier to creating malicious code, phishing campaigns and social engineering attacks,' Kaspersky noted. These tools also allow attackers to 'automate ransomware deployment,' making threats both scalable and harder to trace. Kaspersky is monitoring 25 active advanced persistent threat (APT) groups in the META region, including SideWinder, Origami Elephant, and MuddyWater. These groups are showing 'a growing use of creative exploits targeting mobile devices, along with ongoing advancements in techniques designed to evade detection.' Recommendations for organisations In a statement, Sergey Lozhkin , head of META and APAC regions in Kaspersky's global research and analysis team, warned: 'Ransomware is one of the most pressing cybersecurity threats facing organizations today, with attackers targeting businesses of all sizes and across every region, including META.' He added that criminals are 'exploiting overlooked entry points — including IoT devices, smart appliances, and misconfigured or outdated workplace hardware,' and that these 'often go unmonitored, making them prime targets for cybercriminals.' To counter these risks, Kaspersky advises companies to: Always keep software updated on all the devices you use. Focus your defense strategy on detecting lateral movements and data exfiltration. Set up offline backups that intruders cannot tamper with. Provide your SOC team with access to the latest threat intelligence and regularly upskill them. Use Kaspersky Next, a security platform that offers 'real-time protection, threat Read:
Zawya
6 days ago
- Zawya
Middle Eastern enterprises to advance cyber resilience in public cloud with Rubrik and Rackspace Technology
Fully managed Rackspace Cyber Recovery Service, powered by Rubrik, brings DevOps automation, immutable backups and Recovery as Code to complex public cloud environments United Arab Emirates, Dubai – Rubrik (NYSE: RBRK), a leading cyber resilience company, and Rackspace Technology (NASDAQ: RXT), a leading end-to-end hybrid cloud and AI solutions company, have announced Rackspace Cyber Recovery Service – a new managed service for customers operating in public cloud. By combining Rubrik's orchestrated data protection and cyber recovery solutions with Rackspace's DevOps principles and managed services, enterprises can simplify and accelerate recovery from ransomware attacks. Automated workflows deliver clean data and workloads through immutable backups, zero-trust architecture and Infrastructure as Code. With Rackspace Cyber Recovery Service, critical business workloads running in public clouds can be restored in hours, helping enterprises significantly strengthen their cyber resilience. Why does this matter? Recent deals demonstrate that Middle Eastern investment in cloud, AI and data centre projects are ramping up. These local initiatives are in pursuit of regional goals, such as the Saudi 2030 Vision, diversifying the country economically, socially and culturally. Organizations in the Middle East are therefore digitalizing at scale. Businesses that run key workloads in public clouds face growing challenges when responding to cyber attacks – from limited visibility and inconsistent backup policies to slow recovery times and lack of automation to rebuild at scale. At the same time, IT leaders are grappling with increasingly complex and distributed cloud environments, making it difficult to maintain consistency, ensure visibility and execute reliable recovery. Recently, Rubrik Zero Labs revealed that 90% of EMEA IT and security executives reported cyber attacks in the last year. In the event of major disruptions – such as ransomware attacks – many enterprises struggle to restore critical workloads quickly due to fragmented tooling, manual processes, untrusted data and inadequate automation. 'Enterprises can no longer rely on traditional recovery methods in a cloud-first, threat-intensified world,' said DK Sinha, President for Public Cloud at Rackspace Technology. 'To ensure recoverability in the public cloud, they must adopt a new approach that leverages cloud native tools, modern DevOps methodologies and trusted expertise. Through our partnership with Rubrik, Rackspace Cyber Recovery Service sets a new standard for cyber resilience of public cloud workloads.' Rackspace Cyber Recovery Service Extends Fast and Confident Cyber Resilience to Public Cloud Rackspace Cyber Recovery Service applies Infrastructure as Code and platform engineering principles to cyber recovery, enabling restoration of critical workloads across multi-cloud environments. The journey begins with a professional services-led transformation, where Rackspace experts modernize recovery architectures and codify resilient workflows tailored to each environment. These capabilities are then transitioned into a 'Day 2' fully managed service, ensuring continuous validation, optimization and operational readiness. By orchestrating Recovery as Code, the solution delivers rapid, repeatable and auditable workflows aligned with modern DevOps practices. Paired with Rubrik's immutable architecture and AI-driven threat detection and containment, it ensures clean data recovery into secure landing zones with minimal operational disruption. 'Amidst the evolving complexities of multiple cloud environments, proactive cyber resilience is not a luxury but a necessity. Together, Rackspace and Rubrik offer a differentiated, engineering-led approach to cyber resilience,' said Ghazal Asif, Vice President of Global Channels and Alliances at Rubrik. 'Specifically designed for complex, distributed cloud environments, our companies are at the forefront of safeguarding organizations against the rising tide of ransomware attacks in the realm of cloud and SaaS platforms.' Rackspace Cyber Recovery Service provides enterprises running public cloud workloads with: Proactive Protection: Continuous anomaly detection and threat monitoring to identify and resolve potential issues before they impact backups or recovery capabilities Expert Management: Optimal backup configuration, policy and lifecycle management Cloud Management: Infrastructure management services to ensure your applications are managed efficiently in the cloud while infrastructure and data restoration procedures are tested for recovery during incidents or disasters Improved Compliance: The ability to support data retention policies and regulatory requirements with consistent management and detailed reporting Advisory & Professional Services: Strategic guidance and implementation of Rubrik-powered cyber recovery solutions – including RTO/RPO planning, regulatory alignment and deployment of automated Infrastructure as Code workflows into secure landing zones On April 30, 2025 Rubrik and Rackspace announced a collaboration to deliver a fully managed isolated recovery solution – Enterprises to Redefine Cyber Resilience with Rackspace and Rubrik] About Rackspace Technology Rackspace Technology is a leading end-to-end, hybrid, and AI solutions company. We can design, build, and operate our customers' cloud environments across all major technology platforms, irrespective of technology stack or deployment model. We partner with our customers at every stage of their cloud journey, enabling them to modernize applications, build new products, and adopt innovative technologies. About Rubrik Rubrik (NYSE: RBRK) is on a mission to secure the world's data. With Zero Trust Data Security™, we help organizations achieve business resilience against cyberattacks, malicious insiders, and operational disruptions. Rubrik Security Cloud, powered by machine learning, secures data across enterprise, cloud, and SaaS applications. We help organizations uphold data integrity, deliver data availability that withstands adverse conditions, continuously monitor data risks and threats, and restore businesses with their data when infrastructure is attacked.
The National
27-05-2025
- The National
Robbinhood ransomware: Iranian man pleads guilty to cyber crime that cost US government millions
An Iranian man who used Robbinhood ransomware to extort millions from governments and organisations in the US pleaded guilty on Tuesday in a North Carolina court. According to the US Department of Justice, Sina Gholinejad, 37, pleaded guilty to one count of computer fraud and abuse, and one count of conspiracy to commit wire fraud. Ransomware is a type of malware that is designed to deny users, businesses or organisations access to their data stored on computers or servers. In a ransomware attack, data is often encrypted and criminals demand payment for the decryption key. Gholinejad could face as much as 30 years in prison, although that does not seem likely. 'Gholinejad and his co-conspirators — all of whom were overseas — caused tens of millions of dollars in losses and disrupted essential public services by deploying the Robbinhood ransomware against US cities, healthcare organisations and businesses,' said Matthew Galeotti, head of the US Justice Department's criminal division. Prosecutors added that after Gholinejad and his co-conspirators would lock access to victims' files and hardware, they would often extort payments in the Bitcoin and then launder that money through cryptocurrency mixing services. The Justice Department said in 2019 that the government of Maryland's capital Baltimore was left reeling for months due to ransomware used by Gholinejad. It ultimately lost more than $19 million from the damage to the city's computer networks 'and the resulting disruption to several essential city services, including online services for processing property taxes, water bills, parking citations and other revenue-generating functions'. The indictment said that Gholinejad's ransomware attacks began and 2019, and lasted until early 2025. Although many of the court documents surrounding the investigation of his crimes remain sealed, several that have been opened show that an arrest warrant was issued for Gholinejad in 2024, and that he was apprehended in North Carolina this year. Gholinejad is scheduled to be sentenced in August. According to a new data breach report from Verizon, there has been a significant growth in threats from ransomware in recent years. There is a silver lining, however: the median amount paid to ransomware groups decreased to about $115,000, compared to $150,000 in the year before. Another bright spot, according to the report, was that 64 per cent of ransomware victims did not pay the ransom. Forty-four per cent of ransomware victims, according to Verizon, were local US governments, but similar bodies and municipalities in Europe, the Middle East and Africa have been affected.
