Nicolle Neulist

Intelligence Analyst

Nicolle Neulist is an intelligence analyst within Optiv’s Global Threat Intelligence Center (gTIC). The Global Threat Intelligence Center is comprised of cyber threat intelligence specialists within Optiv’s managed security services that specialize in providing our clients with proactive intelligence support around current and emerging threats.

 

Threat Advisory – Single Sign-On Phishing

· By Nicolle Neulist ·

Recently, Optiv’s Global Threat Intelligence Center (gTIC) identified an active phishing campaign against the education sector, in which attackers are stealing credentials and using them to redirect direct deposit paychecks to attacker-controlled accounts. Users are being tricked into entering their single sign-on (SSO) information into a portal that is made to look like the real one, but is controlled by the attacker.

Continue reading

Ransomware Part 2: Technical Analysis

· By Nicolle Neulist ·

The concept behind ransomware simple: an attacker finds a way to run file encryption software on a machine, and then demands payment in return for a decryption key. Though the implementation of ransomware varies, it follows similar infection vectors as other types of malware. These include malicious email attachments, malicious links and web browser exploits. In this respect implementation does not vary all that much from what we are used to seeing.

Continue reading

Tax Season Attacks – Part 4, Dumpster Diving

· By Tallal Ibad, Nicolle Neulist ·

Dumpster diving is the practice of combing through commercial or residential waste to find items that have been discarded by their owners. During tax time, people throw away documents with sensitive and potentially lucrative information left over upon completion of tax filing. These papers can include extra copies of W-2s, drafts of IRS forms and worksheets, and copies of financial records from bank accounts and investments.

Continue reading

Tax Season Attacks – Part 3, Shoulder Surfing

· By Tallal Ibad, Nicolle Neulist ·

Shoulder surfing certainly is not the most technical form of identity theft, but it has been an effective means to commit fraud. Shoulder surfing is the practice of looking over someone’s shoulder to get information. A casual glance from behind, or a quick look at paperwork on a desk, can be enough for an attacker to obtain passwords, credit card data, PINs, and other personal and financial data. It is low-tech, but it works.

Continue reading

Tax Season Attacks – Part 2, Phishing

· By Tallal Ibad, Nicolle Neulist ·

Tax season is officially upon us, and with it brings out a host of scams against taxpayers. In this blog series we explore three specific attacks: phishing, shoulder surfing and dumpster diving. Read part one for a high level synopsis of each type of attack. In this post we examine phishing scams featuring attackers trying to impersonate the Internal Revenue Service (IRS).

Continue reading

Tax Season Attacks – Part 1

· By Tallal Ibad, Nicolle Neulist ·

It’s the same routine every year during tax season, employers send out important tax information such as W-2s to their employees, television and radio stations constantly air tax preparation advertisements, and individuals rush to file their tax returns. This brings out a host of scams against taxpayers.

Continue reading
(6 Results)