Our Blog
Check back for weekly updates
Securing Linux Against Negligent or Malicious Administrators
Linux monitoring is deceptively difficult. The most common tools for performing monitoring - the Linux audit system, log journals and syslog sources - are all, at best, standardized by Linux distribution, and at worst, unique per host in an enterprise environment....
Risk and Reward – The Importance of Knowing the Network
The CISO’s role continues to evolve with the variables that change around them - ranging from the threat landscape, to the board of directors. These directly impact who targets you, who/what those attackers target to get access, and the resources you get to protect...
Disinformation in the Time of Pandemics
So here we are, caught in the middle of a pandemic stemming from some failed chiroptera cuisine and aside from all of the normal daily activities, ones which a month and a half ago would have pulled me physically in several different directions and locations, I...
Insider Threat: Reducing Gaps and Increasing Visibility for a Remote Workforce
While the rapid shift from office to home or remote-based activity has allowed work to continue, the idea that corporate assets are physically leaving the corporate space, and with them access to proprietary or sensitive data, could be a disaster if your security...
Cybersecurity Diligence is Financial Diligence
Healthy deal flow that enables investment at a price point in line with an exit strategy is the foundation of the private equity business model. It is a given investors will conduct detailed diligence around a target’s financials, market, structure, and many other...
Insider Threat Indicators to Help Baseline an Insider Threat Program
Insider Threats aren’t just individual malicious employees. They may be anyone who had or has privileged access to the environment. From the vendor partner to the totally unwitting employee, the impact is the same. Download a list of threat indicators to help you...
Cybersecurity Diligence Doesn’t Need to be a Heavy Lift
Corporations large and small have always used acquisitions as a staple of their strategies to enter new markets, gain a competitive edge, and grow faster than they could organically. Similarly, private equity and venture capital firms have a prominent role in our...
Deep Fakes
This paper examines the illicit ecosystem for deep fakes.Their technology evolution and migration paths from surface web to deep and dark sites, and uncover some of the actors creating and disseminating these videos. Nisos undertook research into deep fake technology...
Compromise Assessments: For Remote Workforce
Many information technology and security professionals are starting to adjust to the “new normal” of administering a remote workforce and subsequently monitoring for malicious activity of the increased attack surface.
Know Your Adversary: Iran
While researching advanced persistent threats (APTs), the common analytic angle has always been to identify malware and infrastructure techniques, tactics, and procedures (TTPs), and to develop detections. While this is effective for big player APTs such as Russia and...
M&A Should Stand for “Mitigate, Not Avoid”
We’ve all read the horror stories over the past several years - the revelation of prior data breach in a target organization led to a massive decrease in the sale price, the unknown/unmitigated compromise led to a subsequent breach in the acquiring organization and...
Cyber Hygiene for a Remote Workforce
With coronavirus gaining strength worldwide, a lot of companies are faced with something that they may have been avoiding: the prospect of a completely remote workforce. As is usually the case when situations are thrust upon a company, old mistakes come to light, new...
Fake News Websites and a US-Macedonia Partnership
Fake News Websites and a US-Macedonia Partnership: A Fake News Case Study examines the fake news industry and specific attempts from bad actors to influence opinions. In brief, the study uses a recent case in the political arena, involving fake Macedonian news sites...
When Disinformation Targets Companies: The Case of #BoycottOliveGarden
False information can spread faster than the truth on social media, and more and more, companies are feeling the impact of that reality. In early August, a handful of Twitter accounts began tweeting lists of companies it claimed supported President Trump’s re-election...
Stay up to the minute
Subscribe to our blog to get notified of updates in your inbox.