Our Blog
Check back for weekly updates
Know Your Adversary™: The Criminal Underworld in Nigeria
Having examined the underpinnings of Iranian culture and the nexus with its corresponding Advanced Persistent Threat (APT), we turn our eyes towards Africa. Often overlooked as an APT, elements of postcolonial realities in Nigeria have contributed to an advanced...
Managed Intelligence™: Transitioning Cyber Threat Information to Actionable Threat Intelligence Provides Critical Context
Major organizations with significant intellectual property and brand name reputation face a constant onslaught of targeted cyber attacks and information operations campaigns, but often lack the capability to attain context-based attribution - the ability to define the...
Securing Linux Against Negligent or Malicious Administrators
Linux monitoring is deceptively difficult. The most common tools for performing monitoring - the Linux audit system, log journals and syslog sources - are all, at best, standardized by Linux distribution, and at worst, unique per host in an enterprise environment....
Risk and Reward – The Importance of Knowing the Network
The CISO’s role continues to evolve with the variables that change around them - ranging from the threat landscape, to the board of directors. These directly impact who targets you, who/what those attackers target to get access, and the resources you get to protect...
Disinformation in the Time of Pandemics
So here we are, caught in the middle of a pandemic stemming from some failed chiroptera cuisine and aside from all of the normal daily activities, ones which a month and a half ago would have pulled me physically in several different directions and locations, I...
Insider Threat: Reducing Gaps and Increasing Visibility for a Remote Workforce
While the rapid shift from office to home or remote-based activity has allowed work to continue, the idea that corporate assets are physically leaving the corporate space, and with them access to proprietary or sensitive data, could be a disaster if your security...
Cybersecurity Diligence is Financial Diligence
Healthy deal flow that enables investment at a price point in line with an exit strategy is the foundation of the private equity business model. It is a given investors will conduct detailed diligence around a target’s financials, market, structure, and many other...
Insider Threat Indicators to Help Baseline an Insider Threat Program
Insider Threats aren’t just individual malicious employees. They may be anyone who had or has privileged access to the environment. From the vendor partner to the totally unwitting employee, the impact is the same. Download a list of threat indicators to help you...
Cybersecurity Diligence Doesn’t Need to be a Heavy Lift
Corporations large and small have always used acquisitions as a staple of their strategies to enter new markets, gain a competitive edge, and grow faster than they could organically. Similarly, private equity and venture capital firms have a prominent role in our...
Deep Fakes
This paper examines the illicit ecosystem for deep fakes.Their technology evolution and migration paths from surface web to deep and dark sites, and uncover some of the actors creating and disseminating these videos. Nisos® undertook research into deep fake...
Compromise Assessments: For Remote Workforce
Many information technology and security professionals are starting to adjust to the “new normal” of administering a remote workforce and subsequently monitoring for malicious activity of the increased attack surface.
Know Your Adversary™: Iran
While researching advanced persistent threats (APTs), the common analytic angle has always been to identify malware and infrastructure techniques, tactics, and procedures (TTPs), and to develop detections. While this is effective for big player APTs such as Russia and...
M&A Should Stand for “Mitigate, Not Avoid”
We’ve all read the horror stories over the past several years - the revelation of prior data breach in a target organization led to a massive decrease in the sale price, the unknown/unmitigated compromise led to a subsequent breach in the acquiring organization and...
Cyber Hygiene for a Remote Workforce
With coronavirus gaining strength worldwide, a lot of companies are faced with something that they may have been avoiding: the prospect of a completely remote workforce. As is usually the case when situations are thrust upon a company, old mistakes come to light, new...
Fake News Websites and a US-Macedonia Partnership
Fake News Websites and a US-Macedonia Partnership: A Fake News Case Study examines the fake news industry and specific attempts from bad actors to influence opinions. In brief, the study uses a recent case in the political arena, involving fake Macedonian news sites...
Stay up to the minute
Subscribe to our blog to get notified of updates in your inbox.