The Challenge A technology company noticed a disturbing increase in malicious activity across their platform. Unknown individuals were selling bots that claimed to automate interactions with their platform and provide those that purchased the app an advantage over...
Trust and Safety
Weaponization for Cyber-Enabled Fraud
In our previous blog, we highlighted how fraudsters conduct reconnaissance for fraud activities. While banking malware, trojans, worms, and botnets such as Zeus Panda, Ramnit and Trickbot have typically been used to infect consumer PCs in order to collect personal...
How Adversaries Conduct Reconnaissance for Fraud Operations
Building on our series on the adversarial mindset, fraudsters will identify a target based on the ease and speed with which they are able to monetize their fraudulent activities. Many of the reconnaissance steps involve a threat actor learning how a company conducts...
Podcast Platitudes
Cybersecurity is an ever-evolving industry tackling some really challenging problems. Here at Nisos we truly feel that it is necessary to learn from the best at every opportunity, and we try to ensure that all of the material we present makes its consumers better at...
Using Threat Intelligence to Counter Platform Abuse
Companies whose products serve as collaboration platforms play a key role in our increasingly cloud native and remote work environment. The technology allows companies to achieve clear business opportunities, but also cause unique security challenges. Not only must...
Threat Intelligence Use Cases for Trust and Safety
Varied threats like disinformation, platform abuse, brand dilution, strategic breach campaigns, extortion, insider threats and nation states stealing intellectual property are more prevalent than ever. More and more of these threats live far outside the traditional...
Two Considerations for Building a Security Program Grounded in Diversity and Inclusion
Corporate security programs for major organizations deal with a variety of threats at a staggering global scale and there are playbooks to deal with many of these issues. Above all else, though, the most important task is building trust with the workforce according to...
Three Considerations for Getting Early Wins from an Insider Threat Program
Building an insider threat program can be a cultural shift for an organization that values transparency and openness with its workforce. Below are some considerations for demonstrating results with limited resources and showing value to executive leadership without...
How to Use Context to Secure Your Platforms
Attribution often gets a bad name in the cybersecurity industry. Attribution can be challenging and may not lead to a direct business outcome is a common refrain. Companies that operate digital platforms have a unique advantage when it comes to attribution, however....
Three Areas of Focus for Your Insider Threat Program During the COVID-19 Crisis
Security teams are settling in to the “new normal” of remote work as the COVID-19 crisis nears its third month here in the U.S. As many teams have discovered, among the myriad of logistical issues of a remote workforce is the increased risk insiders can cause...
Four Priorities for Aligning Your Insider Threat Program
Organizations based in the United States continue to deal with considerable intellectual property theft and largely do not address the issue until there is a problem. The ability to effectively monitor for negligent or malicious insider threat activity is largely...
Insider Threat: Reducing Gaps and Increasing Visibility for a Remote Workforce
While the rapid shift from office to home or remote-based activity has allowed work to continue, the idea that corporate assets are physically leaving the corporate space, and with them access to proprietary or sensitive data, could be a disaster if your security...
Threat Intelligence to Remediate Platform Abuse
The Challenge A publicly traded technology company (the Client) with thousands of global employees maintains a premier business unit application platform regularly abused by eCrime and cyber espionage actors. The Client requested Nisos’ expertise in threat...
Insider Threat Indicators to Help Baseline an Insider Threat Program
Insider Threats aren’t just individual malicious employees. They may be anyone who had or has privileged access to the environment. From the vendor partner to the totally unwitting employee, the impact is the same. Download a list of threat indicators to help you...
Stay up to the minute
Subscribe to our blog to get notified of updates in your inbox.