Recent Posts
Case Study: Malicious Insider Leaking Information to the Unauthorized Third Parties
Case Study: Using Data for Market Entry of Product and Services Based on Security Incidents
A global consumer service provider was exploring different foreign cities to launch their new service, using security and safety as a critical metric.
Topics:
Cybersecurity
Continue Reading
Case Study: Preventing the Exfiltration of PII from a Malicious Administrator
A major pharmaceutical company made the decision to terminate an administrator and was concerned about the malicious exfiltration of personally identifiable information (PII) before his termination.
Case Study: Investigating a Destructive Administrator Following Merger and Acquisition
A global manufacturing company experienced a corporate-wide outage due to being locked out of their router devices between corporate headquarters and their branch offices across the globe. After internal investigation and significant downtime resulting in major losses in revenue, it was suspected this outage was likely caused by malicious insider activity involving a recent acquisition
Case Study: Attributing E-Crime Syndicates Adds Critical Context
Huddled around keyboards half a world away, a shadowy group of technically-savvy criminals devised techniques to hide from system administrators and run internet scams that defrauded a client out of hundreds of thousands of dollars in revenue every month.
Topics:
Cybersecurity
attribution
Continue Reading
Case Study: Countering Destruction to Save a Business
A healthcare technology company suffered a wide-scale destructive compromise after an attacker targeted the Client’s backend point of sale technology and deleted all customer data.
Topics:
Cybersecurity
Advanced Threat Actor
Continue Reading
Case Study: DDOS Investigation Leads to Much Greater Network Security Bolstering
A multinational manufacturer needed assistance investigating a large-scale distributed denial of service (DDOS) attack against several publicly accessible websites and applications. In the course of the attribution investigation, we detected indicators of wide-spread compromise on the Client’s network using external telemetry not available to the Client.
Topics:
Cybersecurity
DDOS
Continue Reading
Case Study: Attributing Short Sellers to Increase Confidence in Corporate Governance
A pharmaceutical company was facing a sophisticated “short and distort” stock market manipulation campaign, costing the company billions in market cap. A variety of virtual anonymous personas were publishing false information on the company’s leadership on social media and investing platforms - apparently in a coordinated fashion. These activities negatively influenced public perception about the company’s overall corporate governance and damaged the stock price thereby allowing those holding short positions to profit.
Topics:
shortseller
attribution
Continue Reading
Case Study: Online Indicators and Warning Enables Business
A multinational energy company operating in a volatile nation had recently faced serious threats to its personnel and infrastructure as threat actors had begun resorting to violence. The company needed in-depth social media sentiment analysis and timely indications and warnings across social media and closed online forums in order to achieve a more stable risk posture and protect its people and assets.
Case Study: Countering APTs, Ensuring M&A Standards Through Threat Hunting
A global retailer’s peers were attacked with customized ransomware and the retailer’s subsidiaries were being targeted with customized phishing attempts. Out of concern that a subsidiary could be targeted by a similar ransomware attack, Nisos was contacted to assist.
