Constellation Cyber


Boutique Threat Intelligence

The world is awash in data and threats. We help clients identify, prioritize, and mitigate these challenges.


RANSOMWARE

Ransomware operators release troves of data from victim organizations. This data contains sensitive information not only from the victim organization but also from:

  • Employees

  • Clients

  • Contractors

  • Suppliers

  • Affiliates

  • Industry partners

  • And many other entities

The data includes information such as:

  • PII (Personally Identifiable Information)

  • PHI (Personal Health Information)

  • IP (Intellectual property)

  • Financial Data

  • Contracts

  • Electronic Communications

  • Scans and images

  • Evacuation and Resiliency Plans and Procedures

Constellation Cyber continuously monitors the ransomware leak sites of over 40 ransomware groups and can:

  • Identify whether an organization’s data has already been leaked on any of the ransomware leak sites sites

  • Monitor for any future mentions of the organization or related data on any of the sites

  • Help download data relevant to an organization from the sites


LEAKED CREDENTIALS

Many of the biggest compromises are not a result of a sophisticated hacking operation but rather a result of threat actors obtaining leaked credentials for an employee and simply logging in. Credentials for relatively low-ranking employees, such as interns, can often be used to move laterally and help threat actors escalate their access.

Constellation Cyber monitors sources of leaked credentials, such as the dark web, Telegram channels, and credential shops, for the leaked credentials of our clients. When possible, we assist our clients in credential takedowns to help prevent breaches.

We also monitor sources for financial data such as bank accounts, cryptocurrency addresses, and payment and credit cards to help financial institutions identify their clients’ compromised financial data, and can perform takedowns when requested by the client.


DARK WEB INVESTIGATIONS

Many breeches, threats, and TTPs (Tactics, Tools, and Procedures) used by threat actors are discussed in closed communities. Being aware of when an organization or a sector is discussed in these communities can help an organization prepare for possible attacks. Constellation Cyber helps our clients stay aware but also cut through the noise generated by these communities.

We can also engage with threat actors using covert means to help identify potential threats or to perform takedown services whenever possible and when requested by clients.

If needed, we also prepare reports and presentations such as industry threat landscapes, lunch and learns, and executive briefings on particular threats.


DISINFORMATION

As more and more data is available, and as malicious actors gain access to more and more sophisticated tools, particularly artificial intelligence, disinformation is becoming pervasive, convincing, and dangerous. It spans the gamut from fraud and scams to harassment and politically motivated attacks. 

Moreover, disinformation can often be seen as a precursor or motivator for real-world, kinetic actions with severe consequences.

We help clients identify when their organizations, executives, or associated entities have been mentioned in disinformation on social media or communication platforms to stay ahead of potential or emerging threats. 


THREAT LEAD PENETRATION TESTING REPORTS

As more and more organizations come to understand how important it is to conduct regular pen testing exercises, whether internally or with the help of external organizations, Constellation Cyber can assist in making sure that these exercises are as effective as possible by creating customized reports for organizations to help lead the pen testing process.


CONTACT: info@constellationcyber.net