Case Study: Investigating a Destructive Administrator Following Merger and Acquisition
A global manufacturing company experienced a corporate-wide outage due to being locked out of their router devices between corporate headquarters and their branch offices across the globe. After internal investigation and significant downtime resulting in major losses in revenue, it was suspected this outage was likely caused by malicious insider activity involving a recent acquisition
Case Study: Attributing E-Crime Syndicates Adds Critical Context
Huddled around keyboards half a world away, a shadowy group of technically-savvy criminals devised techniques to hide from system administrators and run internet scams that defrauded a client out of hundreds of thousands of dollars in revenue every month.
Topics:
Cybersecurity
attribution
Continue Reading
Case Study: Countering Destruction to Save a Business
A healthcare technology company suffered a wide-scale destructive compromise after an attacker targeted the Client’s backend point of sale technology and deleted all customer data.
Topics:
Cybersecurity
Advanced Threat Actor
Continue Reading
Case Study: DDOS Investigation Leads to Much Greater Network Security Bolstering
A multinational manufacturer needed assistance investigating a large-scale distributed denial of service (DDOS) attack against several publicly accessible websites and applications. In the course of the attribution investigation, we detected indicators of wide-spread compromise on the Client’s network using external telemetry not available to the Client.
Topics:
Cybersecurity
DDOS
Continue Reading
Case Study: Countering APTs, Ensuring M&A Standards Through Threat Hunting
A global retailer’s peers were attacked with customized ransomware and the retailer’s subsidiaries were being targeted with customized phishing attempts. Out of concern that a subsidiary could be targeted by a similar ransomware attack, Nisos was contacted to assist.
Case Study: Investigating a DDOS Attack
A global consultancy experienced network outages resulting from a large-scale Distributed Denial of Service (DDOS) attack against their Domain Name Service (DNS) servers. Nisos was engaged to leverage access to external telemetry and analytic expertise in order to determine if the consultancy was specifically targeted by the DDOS attack and to perform potential attribution of the threat actors and attack sources.
Topics:
Cybersecurity
gap analysis
Continue Reading
Case Study: Third Party Risk Management, Investigating a Leak of Sensitive Data from a Customer
A global data and infrastructure provider determined a very tightly controlled database was for sale on the dark web. The Client discovered this database was being sold on criminal forums and needed to attribute the seller and the source of the leak.
Case Study: Insider Threat, Preventing Destruction During M&A
A global technology company was in the process of divesting a previous acquisition. Upon learning of the divestiture plan , the key executives at the acquisition company threatened to destroy corporate infrastructure if the company was not sold back to the original founders at a lower price.
Case Study: Threat Intelligence to Remediate Platform Abuse
A publicly traded technology company with thousands of global employees maintains a premier business unit application platform regularly abused by eCrime and cyber espionage actors.
Topics:
Cybersecurity
Continue Reading
