Services

Access a world-class intelligence capability tailored to your specific needs. Control a multi-million dollar program without the time or expense and solve problems both lasting and acute.

What is Managed Intelligence?

Case Studies

1 min read

Mitigating Advanced Threat Actors: Gaining Access to Closed Groups to Gain Insight into Vulnerability Disclosure and Further Litigation

By Nisos on Oct 1, 2020 7:20:58 AM

The Challenge

A retail client requested our assistance to identify an individual, who was also a paying customer, who wrote a python script that scraped a backend server. The customer had also previously published a WiFi vulnerability present at the company’s offices in the US. The client was aware of closed forums where this customer and other potential threat actors exchanged ideas about denigrating the client’s reputation, and asked Nisos to help understand the nature of the threat.

Continue Reading
1 min read

Mitigating Advanced Threat Actors: Acquiring and Analyzing Malicious Tools to Stop Fraud

By Nisos on Oct 1, 2020 7:13:36 AM

The Challenge

Malicious foreign actors were creating automated tools to abuse an e-commerce client’s platform. Using that automated process the threat actors were able to mass create and bulk manage accounts, run advertisements, and use credit cards. With those credit cards, they were able to make purchases through the client’s site, and the client’s customers and third party service providers.

Continue Reading

Case Study: Preventing Corporate Sabotage by a High-Level Executive

By Nisos on Jun 22, 2020 11:39:36 AM

The CEO of a multinational manufacturer (Client) identified an urgent need to remove a key executive, along with several accomplices, from the operations of the company, based on concerns that these insiders were intent on sabotaging the company. Given the known IT expertise and access of the executive and his associates, the Client needed to prevent these persons of interest (POI) from stealing sensitive data or disrupting the network prior to being fired. The Client also intended to pursue legal action against the POI and needed digital evidence preserved.

Continue Reading

Case Study: Data Driven Executive Protection

By Nisos on Apr 27, 2020 9:41:53 AM

Nisos   was   tasked to   acquire   additional  information on a threat actor making violent threats against a big tech company's executive leadership.

Continue Reading

Case Study: Malicious Insider Leaking Information to the Unauthorized Third Parties

By Nisos on Apr 26, 2020 9:07:19 PM

A technology company’s proprietary information was leaked to unauthorized third parties presumably from an identified disgruntled employee. The Client required assistance in determining with certainty whether such actions could be directly attributed to a specific employee within its organization and whether mitigation controls could be put in place to prevent further leaks.

Continue Reading

Case Study: Using Data for Market Entry of Product and Services Based on Security Incidents

By Nisos on Apr 26, 2020 9:04:45 PM

A global consumer service provider was exploring different foreign cities to launch their new service, using security and safety as a critical metric.

Topics: Cybersecurity
Continue Reading

Case Study: Preventing the Exfiltration of PII from a Malicious Administrator

By Nisos on Apr 26, 2020 9:01:57 PM

A major pharmaceutical company made the decision to terminate an administrator and was concerned about the malicious exfiltration of personally identifiable information (PII) before his termination.

Continue Reading

Case Study: Investigating a Destructive Administrator Following Merger and Acquisition

By Nisos on Apr 26, 2020 8:58:03 PM

A global manufacturing company experienced a corporate-wide outage due to being locked out of their router devices between corporate headquarters and their branch offices across the globe. After internal investigation and significant downtime resulting in major losses in revenue, it was suspected this outage was likely caused by malicious insider activity involving a recent acquisition

Continue Reading

Case Study: Attributing E-Crime Syndicates Adds Critical Context

By Nisos on Apr 17, 2020 3:26:58 PM

Huddled around keyboards half a world away, a shadowy group of technically-savvy criminals devised techniques to hide from system administrators and run internet scams that defrauded a client out of hundreds of thousands of dollars in revenue every month.

Continue Reading

Case Study: Countering Destruction to Save a Business

By Nisos on Apr 16, 2020 3:17:32 PM

A healthcare technology company suffered a wide-scale destructive compromise after an attacker targeted the Client’s backend point of sale technology and deleted all customer data.

Continue Reading

Case Study: DDOS Investigation Leads to Much Greater Network Security Bolstering

By Nisos on Apr 16, 2020 2:56:46 PM

A multinational manufacturer needed assistance investigating a large-scale distributed denial of service (DDOS) attack against several publicly accessible websites and applications. In the course of the attribution investigation, we detected indicators of wide-spread compromise on the Client’s network using external telemetry not available to the Client.

Continue Reading

Case Study: Attributing Short Sellers to Increase Confidence in Corporate Governance

By Nisos on Apr 16, 2020 2:41:02 PM

A pharmaceutical company was facing a sophisticated “short and distort” stock market manipulation campaign, costing the company billions in market cap.   A variety of virtual anonymous personas were publishing false information on the company’s leadership on social media and investing platforms - apparently in a coordinated fashion. These activities negatively influenced public perception about the company’s overall corporate governance and  damaged the stock price thereby allowing those holding short positions to profit.

Continue Reading

Case Study: Online Indicators and Warning Enables Business

By Nisos on Apr 16, 2020 2:29:34 PM

A multinational energy company operating in a volatile nation had recently faced serious threats to its personnel and infrastructure as threat actors had begun resorting to violence. The company needed in-depth social media sentiment analysis and timely indications and warnings across social media and closed online forums in order to achieve a more stable risk posture and protect its people and assets.

Continue Reading

Case Study: Countering APTs, Ensuring M&A Standards Through Threat Hunting

By Nisos on Apr 9, 2020 8:27:49 PM

A global retailer’s peers were attacked with customized ransomware and the retailer’s subsidiaries were being targeted with customized phishing attempts. Out of concern that a subsidiary could be targeted by a similar ransomware attack, Nisos was contacted to assist. 

 

Continue Reading

Case Study: Investigating a DDOS Attack

By Nisos on Apr 9, 2020 7:30:00 PM

A global consultancy experienced network outages resulting from a large-scale Distributed Denial of Service (DDOS) attack against their Domain Name Service (DNS) servers. Nisos was engaged to leverage access to external telemetry and analytic expertise in order to determine if the consultancy was specifically targeted by the DDOS attack and to perform potential attribution of the threat actors and attack sources.

Continue Reading

Case Study: Third Party Risk Management, Investigating a Leak of Sensitive Data from a Customer

By Nisos on Apr 8, 2020 4:55:59 PM

A global data and infrastructure provider determined a very tightly controlled database was for sale on the dark web. The Client discovered this database was being sold on criminal forums and needed to attribute the seller and the source of the leak.

Continue Reading

Case Study: Insider Threat, Preventing Destruction During M&A

By Nisos on Apr 8, 2020 4:45:12 PM

A global technology company was in the process of divesting a previous acquisition. Upon learning of the divestiture plan , the key executives at the acquisition company threatened to destroy corporate infrastructure if the company was not sold back to the original founders at a lower price.

Continue Reading

Case Study: Threat Intelligence to Remediate Platform Abuse

By Nisos on Apr 8, 2020 3:48:21 PM

A publicly traded technology company with thousands of global employees maintains a premier business unit application platform regularly abused by eCrime and cyber espionage actors.

Topics: Cybersecurity
Continue Reading

Case Study: Actively Countering Advanced Persistent Threats with External Telemetry

By Nisos on Apr 7, 2020 9:48:40 PM

A technology company with thousands of employees across the globe was under attack by a nation-state level adversary. They requested Nisos’ assistance to provide critical intelligence to detect indicators and respond to the attack.

Continue Reading

Case Study: Cyber Diligence, Critical for M&A

By Nisos on Apr 7, 2020 9:09:36 PM

A private equity company focusing on mid-size businesses acquired an e-commerce platform, and during the post-acquisition period learned of a breach affecting the company’s public-facing application server.

Continue Reading

Case Study: Eight Hours to Attribution

By Nisos on Apr 2, 2020 9:16:57 AM

A multinational manufacturer (The Client) came to Nisos for help responding to an unusual incident. An unauthorized user opened a trouble ticket in the Client’s internal IT ticketing system. In the ticket, the actor demonstrated access to sensitive client resources and associated the ticket with a senior IT security executive.

Topics: Case Study
Continue Reading

Case Study: Mergers, Acquisitions & Hidden Threats

By Nisos on Dec 3, 2019 9:08:00 PM

Executing a successful merger or acquisition is a major undertaking. There are countless details to be managed by a multitude of stakeholders against fast-approaching deadlines. Strategic issues including financials, employment, tax, and technology must all be considered within the scope of regulatory and integration considerations to ensure the smooth unification of distinct entities. 

Topics: Case Study
Continue Reading

Featured