Blog

What does “Outside the Firewall” Mean to Nisos

What does “Outside the Firewall” Mean to Nisos

You have heard us say that Nisos is an expert at identifying risk and disrupting adversaries “outside the firewall.” Since we say it regularly, it’s probably worthwhile to make sure you know what “outside the firewall” means to Nisos, our partners, our clients, and...

read more
What is Nisos® Managed Intelligence™

What is Nisos® Managed Intelligence™

Nisos® is the Managed Intelligence™ company. People often ask us what we mean when we say “Managed Intelligence™.” This blog will answer that question.What is Managed Intelligence™? Not all intelligence is created equal. Most cyber industry experts are familiar with...

read more
In Democracy We Trust

In Democracy We Trust

In July 2020, enterprising PhD candidates and a Johns Hopkins professor began aggregating predictions of unrest in the United States into a site unsubtly titled “anewcivilwar.com”. At the time, it could have been easy to dismiss the effort as a cherry-picked exercise...

read more
Weaponization for Disinformation

Weaponization for Disinformation

Continuing our series on the adversarial mindset, we focus on how actors weaponize narratives for disinformation operations. In a previous blog post, we wrote about the reconnaissance steps that disinformation actors take prior to launching their operations, including...

read more
What is Coordinated Inauthentic Behavior?

What is Coordinated Inauthentic Behavior?

Coordinated Inauthentic Behavior (CIB) is a common phrase heard in the news regarding disinformation, misinformation, and influence operations; but what exactly does it mean?First, let’s define our terms: inauthentic behavior, and coordinated. Inauthentic behavior in...

read more
Weaponization for Cyber-Enabled Fraud

Weaponization for Cyber-Enabled Fraud

In our previous blog, we highlighted how fraudsters conduct reconnaissance for fraud activities. While banking malware, trojans, worms, and botnets such as Zeus Panda, Ramnit and Trickbot have typically been used to infect consumer PCs in order to collect personal...

read more
Weaponizing Tools for Computer Network Operations

Weaponizing Tools for Computer Network Operations

Continuing in our series on the adversarial mindset, we focus on weaponization for computer network operations. Following the reconnaissance phase and identifying a target, an actor needs to gain a foothold in a network before determining how to monetize the access or...

read more
An Introduction to Honeypots

An Introduction to Honeypots

In our latest blog series, we discuss how threat intelligence can be applied smarter for medium sized organizations with limited resources. We discuss ways to proactively detect threats beyond subscribing to information feeds that require a lot of resources to...

read more
Using Selectors For Open Source Intelligence

Using Selectors For Open Source Intelligence

A “selector” is not a generally defined term in enterprise security, but selectors are important for understanding open source intelligence and investigations in the digital realm. Building on our previous technical blog defining a selector, we will be diving deeper...

read more
How Adversaries Conduct Reconnaissance for Fraud Operations

How Adversaries Conduct Reconnaissance for Fraud Operations

Building on our series on the adversarial mindset, fraudsters will identify a target based on the ease and speed with which they are able to monetize their fraudulent activities. Many of the reconnaissance steps involve a threat actor learning how a company conducts...

read more
The Myth of Complex Passwords

The Myth of Complex Passwords

Password reuse is one of the most pervasive security concerns for information security teams in enterprise. It’s an easy way for an adversary to gain initial access if two factor authentication is not properly implemented and more importantly, provides the ability to...

read more
What is a Selector in the World of Digital Crime?

What is a Selector in the World of Digital Crime?

Every hour of every day, criminals, nation states, and fraudsters around the world commit attacks using phone numbers, email addresses, and social media handles. We call these “selectors,” i.e. the technical attributes of an online entity. On the other side of the...

read more
Avoiding Ransomware

Avoiding Ransomware

Many maturing security operations centers within medium and large enterprises will indicate that ransomware is often the biggest “threat” that keeps them up at night. Ransomware is not a threat; it is a capability criminals use with an intent of monetizing illegal...

read more
Podcast Platitudes

Podcast Platitudes

Cybersecurity is an ever-evolving industry tackling some really challenging problems. Here at Nisos we truly feel that it is necessary to learn from the best at every opportunity, and we try to ensure that all of the material we present makes its consumers better at...

read more
What Is Digital Identity Reduction and Why Does It Matter?

What Is Digital Identity Reduction and Why Does It Matter?

The amount of information openly available on the internet about any given individual is staggering.More and more, privacy and online security are brought into the limelight and people are becoming more protective of their online presence. We urge our family, friends,...

read more
Four Future Trends of Disinformation Campaigns

Four Future Trends of Disinformation Campaigns

While disinformation has played a powerful role in the geopolitical world over the last four years, enterprise is increasingly needing to be prepared to address numerous types of disinformation as well. Much of the discourse on ‘fake news’ these days conflates three...

read more

Stay up to the minute

Subscribe to our blog to get notified of updates in your inbox.

Adversary Insights℠ RFI Subscription
Timely response to client-specific requests for finished intelligence on cyber and physical risks
OSINT Monitoring & Analysis
Client-specific curation and analysis of dark web, open source, and social media data
External Attack Surface Monitoring & Analysis
Defense against attacks to your digital perimeter and internal environment
Executive Shield
Discovery of threats to key personnel with attribution and PII takedown
Threat Landscape Assessment
Analysis of external threats to assess level of risk and identify methods of mitigation
Zero Touch Diligence®
Discovery and analysis to assess risk for investments, IPO, M&A, and third parties
Event-Driven Intel Investigation
Multidimensional security fact-finding in response to adversary behavior