2:I[6932,["315","static/chunks/e087448e-2f2367f04faea473.js","540","static/chunks/6661209f-4ce31348cb1cca42.js","583","static/chunks/a594442f-578284994623e810.js","828","static/chunks/e507d130-01257d78ed09c0fc.js","812","static/chunks/812-46786ddcee160b75.js","919","static/chunks/919-8103c6c91f8facdc.js","500","static/chunks/500-1193d1955921814f.js","932","static/chunks/932-80b4ddcdfe5a178a.js","295","static/chunks/295-f7f3d8d607bc3e19.js","330","static/chunks/app/customer-stories/%5Bslug%5D/page-0e9a8b9220207755.js"],"default"]
3:I[3500,["315","static/chunks/e087448e-2f2367f04faea473.js","540","static/chunks/6661209f-4ce31348cb1cca42.js","583","static/chunks/a594442f-578284994623e810.js","828","static/chunks/e507d130-01257d78ed09c0fc.js","812","static/chunks/812-46786ddcee160b75.js","919","static/chunks/919-8103c6c91f8facdc.js","500","static/chunks/500-1193d1955921814f.js","932","static/chunks/932-80b4ddcdfe5a178a.js","295","static/chunks/295-f7f3d8d607bc3e19.js","330","static/chunks/app/customer-stories/%5Bslug%5D/page-0e9a8b9220207755.js"],""]
5:I[9812,["315","static/chunks/e087448e-2f2367f04faea473.js","540","static/chunks/6661209f-4ce31348cb1cca42.js","583","static/chunks/a594442f-578284994623e810.js","828","static/chunks/e507d130-01257d78ed09c0fc.js","812","static/chunks/812-46786ddcee160b75.js","919","static/chunks/919-8103c6c91f8facdc.js","500","static/chunks/500-1193d1955921814f.js","932","static/chunks/932-80b4ddcdfe5a178a.js","295","static/chunks/295-f7f3d8d607bc3e19.js","330","static/chunks/app/customer-stories/%5Bslug%5D/page-0e9a8b9220207755.js"],""]
6:I[1160,["315","static/chunks/e087448e-2f2367f04faea473.js","540","static/chunks/6661209f-4ce31348cb1cca42.js","583","static/chunks/a594442f-578284994623e810.js","828","static/chunks/e507d130-01257d78ed09c0fc.js","812","static/chunks/812-46786ddcee160b75.js","919","static/chunks/919-8103c6c91f8facdc.js","500","static/chunks/500-1193d1955921814f.js","932","static/chunks/932-80b4ddcdfe5a178a.js","295","static/chunks/295-f7f3d8d607bc3e19.js","330","static/chunks/app/customer-stories/%5Bslug%5D/page-0e9a8b9220207755.js"],"default"]
7:I[5750,["315","static/chunks/e087448e-2f2367f04faea473.js","540","static/chunks/6661209f-4ce31348cb1cca42.js","583","static/chunks/a594442f-578284994623e810.js","828","static/chunks/e507d130-01257d78ed09c0fc.js","812","static/chunks/812-46786ddcee160b75.js","919","static/chunks/919-8103c6c91f8facdc.js","500","static/chunks/500-1193d1955921814f.js","932","static/chunks/932-80b4ddcdfe5a178a.js","295","static/chunks/295-f7f3d8d607bc3e19.js","330","static/chunks/app/customer-stories/%5Bslug%5D/page-0e9a8b9220207755.js"],"Image"]
8:I[6731,[],""]
a:I[2923,[],""]
c:I[5960,["500","static/chunks/500-1193d1955921814f.js","185","static/chunks/app/layout-aefed4accc7284b3.js"],"ThemeProvider"]
4:T742,[{"@context":"https://schema.org","@type":"Article","headline":"Exposing a multi-actor campaign against HR, payroll, and internal portals","description":"Multiple actor clusters targeted an outsourcing firm’s kiosk, HR, and payroll surfaces simultaneously. Unit6 treated it as one campaign, closing credential abuse and hardening exposed services quickly.","url":"https://unit6tech.com/customer-stories/bpo-campaign","mainEntityOfPage":"https://unit6tech.com/customer-stories/bpo-campaign","image":"https://unit6tech.com/images/unit6-cover.webp","author":{"@type":"Organization","name":"Unit6"},"publisher":{"@type":"Organization","name":"Unit6"},"articleSection":"Outsourcing / workforce management / BPO | EMEA","articleBody":"An outsourcing provider ran several internet-facing portals with limited MFA. Unit6 telemetry flagged unrelated actors converging on the same environment. Unauthenticated kiosk application exposed via a misconfigured IIS server. Valid credentials for internal payroll and employee systems with proof of payslip access. Active password spraying against the HR portal with no throttling or MFA. Access to HR and payroll data, including salaries and personal identifiers. Tampering with payroll records or payment details. Follow-on compromise of VPNs, admin portals, or production systems via HR-linked identities. Regulatory and employee-relations fallout from bulk data exposure."},{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://unit6tech.com/"},{"@type":"ListItem","position":2,"name":"Customer stories","item":"https://unit6tech.com/customer-stories"},{"@type":"ListItem","position":3,"name":"Exposing a multi-actor campaign against HR, payroll, and internal portals","item":"https://unit6tech.com/customer-stories/bpo-campaign"}]}]9:["slug","bpo-campaign","d"]
b:T40e,[{"@context":"https://schema.org","@type":"Organization","@id":"https://unit6tech.com/#organization","name":"Unit6","url":"https://unit6tech.com","logo":{"@type":"ImageObject","url":"https://unit6tech.com/favicon.ico"},"description":"Unit6 turns adversary plans into foresight you can act on — decoding infrastructure, staging boxes, and recon chatter so you can stop attacks before they start.","sameAs":["https://www.linkedin.com/company/unit6tech"]},{"@context":"https://schema.org","@type":"WebSite","@id":"https://unit6tech.com/#website","url":"https://unit6tech.com","name":"Unit6: The Preventive Intelligence Company","description":"Unit6 turns adversary plans into foresight you can act on — decoding infrastructure, staging boxes, and recon chatter so you can stop attacks before they start.","publisher":{"@id":"https://unit6tech.com/#organization"},"inLanguage":"en","potentialAction":{"@type":"SearchAction","target":"https://unit6tech.com/search?q={search_term_string}","query-input":"required name=search_term_string"}}]0:["bunrciYijO3DOgSF60x8R",[[["",{"children":["customer-stories",{"children":[["slug","bpo-campaign","d"],{"children":["__PAGE__?{\"slug\":\"bpo-campaign\"}",{}]}]}]},"$undefined","$undefined",true],["",{"children":["customer-stories",{"children":[["slug","bpo-campaign","d"],{"children":["__PAGE__",{},[["$L1",["$","div",null,{"className":"relative min-h-screen overflow-hidden bg-gradient-to-b from-slate-50 via-white to-sky-50 text-slate-900 dark:from-[#03030c] dark:via-[#05031a] dark:to-[#010108] dark:text-white","children":[["$","div",null,{"className":"pointer-events-none absolute inset-0","children":[["$","div",null,{"className":"absolute -top-20 left-1/2 h-[560px] w-[560px] -translate-x-1/2 rounded-full bg-sky-500/20 blur-[220px]"}],["$","div",null,{"className":"absolute inset-y-0 right-0 h-full w-1/2 bg-gradient-to-l from-indigo-500/10 via-transparent to-transparent blur-[220px]"}],["$","div",null,{"className":"absolute bottom-0 left-0 h-[420px] w-[420px] rounded-full bg-emerald-400/10 blur-[180px]"}]]}],["$","$L2",null,{}],["$","main",null,{"className":"relative z-10 mx-auto flex w-full max-w-5xl flex-col gap-16 px-6 pb-24 pt-32 lg:px-0","children":[["$","$L3",null,{"id":"customer-story-jsonld-bpo-campaign","type":"application/ld+json","strategy":"beforeInteractive","children":"$4"}],["$","section",null,{"className":"space-y-4","children":[["$","p",null,{"className":"text-xs uppercase tracking-[0.3em] text-slate-500 dark:text-slate-400","children":"Customer story"}],["$","div",null,{"className":"flex flex-wrap gap-2 text-[11px] font-semibold uppercase tracking-[0.2em] text-slate-500 dark:text-slate-400","children":[["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Outsourcing / workforce management / BPO"}],["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"EMEA"}],["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Anonymized"}]]}],["$","h1",null,{"className":"text-4xl font-semibold leading-tight text-slate-900 dark:text-white md:text-5xl","children":"Exposing a multi-actor campaign against HR, payroll, and internal portals"}],["$","p",null,{"className":"text-lg font-semibold text-slate-700 dark:text-slate-200","children":"Multiple actor clusters targeted an outsourcing firm’s kiosk, HR, and payroll surfaces simultaneously. Unit6 treated it as one campaign, closing credential abuse and hardening exposed services quickly."}],["$","div",null,{"className":"flex flex-wrap gap-2 text-[11px] font-semibold uppercase tracking-[0.2em] text-slate-500 dark:text-slate-300","children":[["$","span","T1190",{"className":"rounded-full border border-slate-200 bg-white px-3 py-1 dark:border-white/20 dark:bg-white/10","children":["MITRE ","T1190"]}],["$","span","T1078",{"className":"rounded-full border border-slate-200 bg-white px-3 py-1 dark:border-white/20 dark:bg-white/10","children":["MITRE ","T1078"]}],["$","span","T1110.003",{"className":"rounded-full border border-slate-200 bg-white px-3 py-1 dark:border-white/20 dark:bg-white/10","children":["MITRE ","T1110.003"]}],["$","span","T1556.006",{"className":"rounded-full border border-slate-200 bg-white px-3 py-1 dark:border-white/20 dark:bg-white/10","children":["MITRE ","T1556.006"]}]]}],["$","div",null,{"className":"flex flex-wrap gap-4","children":[["$","$L5",null,{"href":"/book-a-demo","className":"w-full sm:w-auto rounded-full border border-transparent bg-gradient-to-r from-primary via-sky-500 to-pink-500 px-6 py-3 text-sm font-semibold text-white shadow-[0_15px_45px_rgba(14,165,233,0.35)] transition hover:scale-[1.02] hover:shadow-[0_25px_70px_rgba(236,72,153,0.35)]","children":"Book a demo"}],["$","$L5",null,{"href":"/platform","className":"w-full sm:w-auto rounded-full border border-slate-200 bg-white px-6 py-3 text-sm font-semibold text-slate-900 shadow-sm transition hover:border-slate-300 hover:bg-white/90 dark:border-white/20 dark:bg-white/5 dark:text-white dark:hover:border-white/40 dark:hover:bg-white/10","children":"Explore the platform"}]]}]]}],["$","section",null,{"className":"grid gap-6 lg:grid-cols-2","children":[["$","article",null,{"className":"rounded-3xl border border-slate-200 bg-white p-6 shadow-sm dark:border-white/10 dark:bg-white/5","children":[["$","p",null,{"className":"text-xs uppercase tracking-[0.3em] text-slate-500 dark:text-slate-400","children":"The situation"}],["$","p",null,{"className":"mt-3 text-base text-slate-600 dark:text-slate-300","children":"An outsourcing provider ran several internet-facing portals with limited MFA. Unit6 telemetry flagged unrelated actors converging on the same environment."}],["$","div",null,{"className":"mt-4 space-y-3","children":[["$","p",null,{"className":"text-xs uppercase tracking-[0.3em] text-slate-500 dark:text-slate-400","children":"What Unit6 detected"}],["$","ul",null,{"className":"space-y-2 text-sm text-slate-600 dark:text-slate-200","children":[["$","li","Unauthenticated kiosk application exposed via a misconfigured IIS server.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-sky-400"}],["$","span",null,{"children":"Unauthenticated kiosk application exposed via a misconfigured IIS server."}]]}],["$","li","Valid credentials for internal payroll and employee systems with proof of payslip access.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-sky-400"}],["$","span",null,{"children":"Valid credentials for internal payroll and employee systems with proof of payslip access."}]]}],["$","li","Active password spraying against the HR portal with no throttling or MFA.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-sky-400"}],["$","span",null,{"children":"Active password spraying against the HR portal with no throttling or MFA."}]]}]]}]]}]]}],["$","article",null,{"className":"rounded-3xl border border-slate-200 bg-white p-6 shadow-sm dark:border-white/10 dark:bg-black/40","children":[["$","p",null,{"className":"text-xs uppercase tracking-[0.3em] text-slate-500 dark:text-slate-400","children":"Why it mattered"}],["$","ul",null,{"className":"mt-3 space-y-2 text-base text-slate-600 dark:text-slate-200","children":[["$","li","Access to HR and payroll data, including salaries and personal identifiers.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-emerald-400"}],["$","span",null,{"children":"Access to HR and payroll data, including salaries and personal identifiers."}]]}],["$","li","Tampering with payroll records or payment details.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-emerald-400"}],["$","span",null,{"children":"Tampering with payroll records or payment details."}]]}],["$","li","Follow-on compromise of VPNs, admin portals, or production systems via HR-linked identities.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-emerald-400"}],["$","span",null,{"children":"Follow-on compromise of VPNs, admin portals, or production systems via HR-linked identities."}]]}],["$","li","Regulatory and employee-relations fallout from bulk data exposure.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-emerald-400"}],["$","span",null,{"children":"Regulatory and employee-relations fallout from bulk data exposure."}]]}]]}]]}]]}],["$","section",null,{"className":"grid gap-6 lg:grid-cols-[1.15fr_0.85fr]","children":[["$","article",null,{"className":"space-y-4 rounded-[28px] border border-slate-200 bg-white p-7 shadow-sm dark:border-white/10 dark:bg-white/5","children":[["$","p",null,{"className":"text-xs uppercase tracking-[0.3em] text-slate-500 dark:text-slate-400","children":"What Unit6 did"}],["$","div",null,{"className":"space-y-4","children":[["$","div","Rapid credential and access hygiene",{"className":"rounded-2xl border border-slate-200/80 bg-white/70 p-5 shadow-sm dark:border-white/10 dark:bg-black/30","children":[["$","p",null,{"className":"text-sm font-semibold text-slate-900 dark:text-white","children":"Rapid credential and access hygiene"}],["$","ul",null,{"className":"mt-2 space-y-1.5 text-sm text-slate-600 dark:text-slate-200","children":[["$","li","Rotated credentials for confirmed compromised accounts and invalidated active sessions.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-pink-400"}],["$","span",null,{"children":"Rotated credentials for confirmed compromised accounts and invalidated active sessions."}]]}],["$","li","Introduced canary credentials to detect reuse attempts.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-pink-400"}],["$","span",null,{"children":"Introduced canary credentials to detect reuse attempts."}]]}]]}]]}],["$","div","Segmentation and hardening of exposed services",{"className":"rounded-2xl border border-slate-200/80 bg-white/70 p-5 shadow-sm dark:border-white/10 dark:bg-black/30","children":[["$","p",null,{"className":"text-sm font-semibold text-slate-900 dark:text-white","children":"Segmentation and hardening of exposed services"}],["$","ul",null,{"className":"mt-2 space-y-1.5 text-sm text-slate-600 dark:text-slate-200","children":[["$","li","Restricted kiosk exposure through firewall controls and IP allowlisting.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-pink-400"}],["$","span",null,{"children":"Restricted kiosk exposure through firewall controls and IP allowlisting."}]]}],["$","li","Drove a configuration and patch review for the IIS server.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-pink-400"}],["$","span",null,{"children":"Drove a configuration and patch review for the IIS server."}]]}]]}]]}],["$","div","Strengthened HR and payroll authentication",{"className":"rounded-2xl border border-slate-200/80 bg-white/70 p-5 shadow-sm dark:border-white/10 dark:bg-black/30","children":[["$","p",null,{"className":"text-sm font-semibold text-slate-900 dark:text-white","children":"Strengthened HR and payroll authentication"}],["$","ul",null,{"className":"mt-2 space-y-1.5 text-sm text-slate-600 dark:text-slate-200","children":[["$","li","Implemented MFA across HR and payroll systems.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-pink-400"}],["$","span",null,{"children":"Implemented MFA across HR and payroll systems."}]]}],["$","li","Added login throttling, geo-fencing, and abnormal login alerts.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-pink-400"}],["$","span",null,{"children":"Added login throttling, geo-fencing, and abnormal login alerts."}]]}]]}]]}],["$","div","Campaign-level threat hunting",{"className":"rounded-2xl border border-slate-200/80 bg-white/70 p-5 shadow-sm dark:border-white/10 dark:bg-black/30","children":[["$","p",null,{"className":"text-sm font-semibold text-slate-900 dark:text-white","children":"Campaign-level threat hunting"}],["$","ul",null,{"className":"mt-2 space-y-1.5 text-sm text-slate-600 dark:text-slate-200","children":[["$","li","Correlated timestamps across HR, payroll, and kiosk logs to separate noise from targeted abuse.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-pink-400"}],["$","span",null,{"children":"Correlated timestamps across HR, payroll, and kiosk logs to separate noise from targeted abuse."}]]}],["$","li","Distinguished opportunistic scanning from credential-driven intrusion.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-pink-400"}],["$","span",null,{"children":"Distinguished opportunistic scanning from credential-driven intrusion."}]]}]]}]]}]]}]]}],["$","div",null,{"className":"grid gap-4 md:grid-cols-2 lg:grid-cols-1","children":[["$","article",null,{"className":"rounded-2xl border border-slate-200 bg-white p-5 shadow-sm dark:border-white/10 dark:bg-black/40","children":[["$","p",null,{"className":"text-xs uppercase tracking-[0.3em] text-slate-500 dark:text-slate-400","children":"Outcome"}],["$","ul",null,{"className":"mt-3 space-y-2 text-sm text-slate-600 dark:text-slate-200","children":[["$","li","Active compromises contained and exposed attack surface reduced within weeks.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-emerald-400"}],["$","span",null,{"children":"Active compromises contained and exposed attack surface reduced within weeks."}]]}],["$","li","HR and payroll shifted from soft targets to hardened, monitored assets.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-emerald-400"}],["$","span",null,{"children":"HR and payroll shifted from soft targets to hardened, monitored assets."}]]}],["$","li","Security leaders gained a campaign-level view that unified previously siloed alerts.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-emerald-400"}],["$","span",null,{"children":"Security leaders gained a campaign-level view that unified previously siloed alerts."}]]}]]}]]}],["$","article",null,{"className":"rounded-2xl border border-slate-200 bg-gradient-to-br from-slate-900 via-slate-800 to-slate-900 p-5 text-white shadow-[0_18px_70px_rgba(2,6,23,0.35)] dark:border-white/10 dark:from-[#070b20] dark:via-[#050317] dark:to-[#070b20]","children":[["$","p",null,{"className":"text-xs uppercase tracking-[0.3em] text-white/60","children":"Unit6 edge"}],["$","ul",null,{"className":"mt-3 space-y-2 text-sm text-white/80","children":[["$","li","Actor-centric view that identified multiple groups converging on one organization.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-cyan-300"}],["$","span",null,{"children":"Actor-centric view that identified multiple groups converging on one organization."}]]}],["$","li","Correlation of exposed apps, credentials, and live attack traffic into one narrative for executives.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-cyan-300"}],["$","span",null,{"children":"Correlation of exposed apps, credentials, and live attack traffic into one narrative for executives."}]]}],["$","li","Practical guidance to make legacy HR/payroll systems security-aware without breaking operations.",{"className":"flex gap-2","children":[["$","span",null,{"className":"mt-1 h-1.5 w-1.5 rounded-full bg-cyan-300"}],["$","span",null,{"children":"Practical guidance to make legacy HR/payroll systems security-aware without breaking operations."}]]}]]}]]}]]}]]}],["$","section",null,{"className":"rounded-[32px] border border-slate-200 bg-white p-8 shadow-sm shadow-slate-200 dark:border-white/10 dark:bg-white/5","children":[["$","div",null,{"className":"flex flex-col gap-4 md:flex-row md:items-center md:justify-between","children":[["$","div",null,{"children":[["$","p",null,{"className":"text-xs uppercase tracking-[0.3em] text-slate-500 dark:text-slate-400","children":"Browse other stories"}],["$","h2",null,{"className":"mt-2 text-2xl font-semibold text-slate-900 dark:text-white","children":"See more anonymized wins"}]]}],["$","$L5",null,{"href":"/customer-stories","className":"inline-flex items-center justify-center rounded-full border border-slate-200 px-6 py-3 text-sm font-semibold text-slate-900 shadow-sm transition hover:border-slate-300 hover:bg-white dark:border-white/20 dark:text-white dark:hover:border-white/30 dark:hover:bg-white/10","children":"Back to all stories"}]]}],["$","div",null,{"className":"mt-6 grid gap-4 md:grid-cols-2","children":[["$","$L5","industrial-ot-saas",{"href":"/customer-stories/industrial-ot-saas","className":"rounded-2xl border border-slate-200 bg-white p-5 text-sm font-semibold text-slate-900 shadow-sm transition hover:-translate-y-1 hover:shadow-md dark:border-white/10 dark:bg-black/30 dark:text-white dark:hover:border-white/30 dark:hover:bg-black/40","children":[["$","div",null,{"className":"flex flex-wrap gap-2 text-[11px] font-semibold uppercase tracking-[0.2em] text-slate-500 dark:text-slate-400","children":[["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Specialty chemicals / industrial manufacturing"}],["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"North America & Europe"}]]}],["$","p",null,{"className":"mt-2 text-base text-slate-900 dark:text-white","children":"Stopping a nation-state from reaching industrial OT via a SaaS monitoring platform"}],["$","p",null,{"className":"mt-2 text-sm text-slate-600 dark:text-slate-200","children":"An East Asia-aligned actor used stolen credentials to access an OT monitoring SaaS. Unit6 cut the access path and rebuilt controls before the adversary could reach production lines."}]]}],["$","$L5","healthcare-mfa-bypass",{"href":"/customer-stories/healthcare-mfa-bypass","className":"rounded-2xl border border-slate-200 bg-white p-5 text-sm font-semibold text-slate-900 shadow-sm transition hover:-translate-y-1 hover:shadow-md dark:border-white/10 dark:bg-black/30 dark:text-white dark:hover:border-white/30 dark:hover:bg-black/40","children":[["$","div",null,{"className":"flex flex-wrap gap-2 text-[11px] font-semibold uppercase tracking-[0.2em] text-slate-500 dark:text-slate-400","children":[["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Healthcare / hospital system"}],["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"North America"}]]}],["$","p",null,{"className":"mt-2 text-base text-slate-900 dark:text-white","children":"Preventing ransomware by catching an MFA bypass against a healthcare claims portal"}],["$","p",null,{"className":"mt-2 text-sm text-slate-600 dark:text-slate-200","children":"A ransomware-linked actor marketed access to a children’s hospital claims portal, including the MFA secret. Unit6 shut down the identity and drove phishing-resistant controls before patient data was touched."}]]}],["$","$L5","helpdesk-bruteforce",{"href":"/customer-stories/helpdesk-bruteforce","className":"rounded-2xl border border-slate-200 bg-white p-5 text-sm font-semibold text-slate-900 shadow-sm transition hover:-translate-y-1 hover:shadow-md dark:border-white/10 dark:bg-black/30 dark:text-white dark:hover:border-white/30 dark:hover:bg-black/40","children":[["$","div",null,{"className":"flex flex-wrap gap-2 text-[11px] font-semibold uppercase tracking-[0.2em] text-slate-500 dark:text-slate-400","children":[["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"IT services / systems integrator"}],["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Middle East"}]]}],["$","p",null,{"className":"mt-2 text-base text-slate-900 dark:text-white","children":"Catching a helpdesk brute-force compromise before it became a company-wide breach"}],["$","p",null,{"className":"mt-2 text-sm text-slate-600 dark:text-slate-200","children":"A regional IT services provider exposed its ServiceDesk login without rate limits. Unit6 spotted the shift from brute-force to successful use, shut it down, and rebuilt access controls."}]]}],["$","$L5","satcom-bruteforce",{"href":"/customer-stories/satcom-bruteforce","className":"rounded-2xl border border-slate-200 bg-white p-5 text-sm font-semibold text-slate-900 shadow-sm transition hover:-translate-y-1 hover:shadow-md dark:border-white/10 dark:bg-black/30 dark:text-white dark:hover:border-white/30 dark:hover:bg-black/40","children":[["$","div",null,{"className":"flex flex-wrap gap-2 text-[11px] font-semibold uppercase tracking-[0.2em] text-slate-500 dark:text-slate-400","children":[["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Satellite communications"}],["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Global"}]]}],["$","p",null,{"className":"mt-2 text-base text-slate-900 dark:text-white","children":"Catching a nation-state’s brute-force campaign against a global satellite operator"}],["$","p",null,{"className":"mt-2 text-sm text-slate-600 dark:text-slate-200","children":"A Chinese-directed cluster brute-forced internal support portals for a satellite operator and took over accounts. Unit6 surfaced the compromise and rebuilt authentication before operations were touched."}]]}],["$","$L5","fintech-ai-bruteforce",{"href":"/customer-stories/fintech-ai-bruteforce","className":"rounded-2xl border border-slate-200 bg-white p-5 text-sm font-semibold text-slate-900 shadow-sm transition hover:-translate-y-1 hover:shadow-md dark:border-white/10 dark:bg-black/30 dark:text-white dark:hover:border-white/30 dark:hover:bg-black/40","children":[["$","div",null,{"className":"flex flex-wrap gap-2 text-[11px] font-semibold uppercase tracking-[0.2em] text-slate-500 dark:text-slate-400","children":[["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Fintech / payments processing"}],["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Global"}]]}],["$","p",null,{"className":"mt-2 text-base text-slate-900 dark:text-white","children":"Detecting AI-powered brute forcing against a fintech customer portal"}],["$","p",null,{"className":"mt-2 text-sm text-slate-600 dark:text-slate-200","children":"AI-augmented actors brute-forced and sprayed a payments portal, taking over customer accounts. Unit6 cut off access, drove mandatory MFA, and hardened defenses against adaptive attacks."}]]}],["$","$L5","aviation-iab-warning",{"href":"/customer-stories/aviation-iab-warning","className":"rounded-2xl border border-slate-200 bg-white p-5 text-sm font-semibold text-slate-900 shadow-sm transition hover:-translate-y-1 hover:shadow-md dark:border-white/10 dark:bg-black/30 dark:text-white dark:hover:border-white/30 dark:hover:bg-black/40","children":[["$","div",null,{"className":"flex flex-wrap gap-2 text-[11px] font-semibold uppercase tracking-[0.2em] text-slate-500 dark:text-slate-400","children":[["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Aerospace & aviation communications"}],["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Global"}]]}],["$","p",null,{"className":"mt-2 text-base text-slate-900 dark:text-white","children":"Early warning on initial access broker claims against aviation messaging systems"}],["$","p",null,{"className":"mt-2 text-sm text-slate-600 dark:text-slate-200","children":"Unit6 spotted a broker selling access to an aviation messaging platform before abuse began. Accounts and endpoints were hardened and a rapid-response plan put in place."}]]}],["$","$L5","precision-manufacturing-recon",{"href":"/customer-stories/precision-manufacturing-recon","className":"rounded-2xl border border-slate-200 bg-white p-5 text-sm font-semibold text-slate-900 shadow-sm transition hover:-translate-y-1 hover:shadow-md dark:border-white/10 dark:bg-black/30 dark:text-white dark:hover:border-white/30 dark:hover:bg-black/40","children":[["$","div",null,{"className":"flex flex-wrap gap-2 text-[11px] font-semibold uppercase tracking-[0.2em] text-slate-500 dark:text-slate-400","children":[["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"High-precision manufacturing / medtech & optics"}],["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Europe & Global"}]]}],["$","p",null,{"className":"mt-2 text-base text-slate-900 dark:text-white","children":"Disrupting state-sponsored recon and credential exposure against a high-precision manufacturer"}],["$","p",null,{"className":"mt-2 text-sm text-slate-600 dark:text-slate-200","children":"State-linked actors targeted engineers and admin portals at a medtech/optics manufacturer. Unit6 neutralized exposed credentials and hardened privileged access before exploitation."}]]}],["$","$L5","dual-nation-state-sft-intrusion",{"href":"/customer-stories/dual-nation-state-sft-intrusion","className":"rounded-2xl border border-slate-200 bg-white p-5 text-sm font-semibold text-slate-900 shadow-sm transition hover:-translate-y-1 hover:shadow-md dark:border-white/10 dark:bg-black/30 dark:text-white dark:hover:border-white/30 dark:hover:bg-black/40","children":[["$","div",null,{"className":"flex flex-wrap gap-2 text-[11px] font-semibold uppercase tracking-[0.2em] text-slate-500 dark:text-slate-400","children":[["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Enterprise software / communications"}],["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Global"}]]}],["$","p",null,{"className":"mt-2 text-base text-slate-900 dark:text-white","children":"Dual nation-state intrusion into a critical file transfer system — detected before impact"}],["$","p",null,{"className":"mt-2 text-sm text-slate-600 dark:text-slate-200","children":"Two unrelated nation-state actors exploited the same secure file transfer stack simultaneously. Unit6 surfaced both compromises and stopped large-scale exfiltration before internal teams saw anomalies."}]]}],["$","$L5","supply-chain-ransomware-saas-admin",{"href":"/customer-stories/supply-chain-ransomware-saas-admin","className":"rounded-2xl border border-slate-200 bg-white p-5 text-sm font-semibold text-slate-900 shadow-sm transition hover:-translate-y-1 hover:shadow-md dark:border-white/10 dark:bg-black/30 dark:text-white dark:hover:border-white/30 dark:hover:bg-black/40","children":[["$","div",null,{"className":"flex flex-wrap gap-2 text-[11px] font-semibold uppercase tracking-[0.2em] text-slate-500 dark:text-slate-400","children":[["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"SaaS / business intelligence platform"}],["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Global"}]]}],["$","p",null,{"className":"mt-2 text-base text-slate-900 dark:text-white","children":"Supply-chain ransomware campaign leveraging a compromised SaaS administrator — multi-tenant threat stopped early"}],["$","p",null,{"className":"mt-2 text-sm text-slate-600 dark:text-slate-200","children":"A ransomware group weaponized trusted admin pathways inside a business intelligence SaaS. Unit6 saw the compromise, coordinated fast revocation, and blocked cross-customer propagation."}]]}],["$","$L5","supply-chain-intrusion-pharmaceuticals",{"href":"/customer-stories/supply-chain-intrusion-pharmaceuticals","className":"rounded-2xl border border-slate-200 bg-white p-5 text-sm font-semibold text-slate-900 shadow-sm transition hover:-translate-y-1 hover:shadow-md dark:border-white/10 dark:bg-black/30 dark:text-white dark:hover:border-white/30 dark:hover:bg-black/40","children":[["$","div",null,{"className":"flex flex-wrap gap-2 text-[11px] font-semibold uppercase tracking-[0.2em] text-slate-500 dark:text-slate-400","children":[["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Pharmaceuticals / healthcare"}],["$","span",null,{"className":"rounded-full border border-slate-200 px-3 py-1 dark:border-white/20","children":"Global"}]]}],["$","p",null,{"className":"mt-2 text-base text-slate-900 dark:text-white","children":"Supply-chain intrusion into a global pharmaceutical enterprise — pre-ransomware phase blocked"}],["$","p",null,{"className":"mt-2 text-sm text-slate-600 dark:text-slate-200","children":"A Sophisticated Threat Actor attempted to pivot from a compromised SaaS provider into a pharmaceutical company via trusted admin links. Unit6 severed trust and stopped the intrusion in the staging phase."}]]}]]}]]}]]}],["$","footer",null,{"className":"relative isolate overflow-hidden bg-gradient-to-br from-slate-50 via-white to-sky-50 text-slate-900 dark:from-slate-950 dark:via-[#080a1a] dark:to-[#02030a] dark:text-slate-100","children":[["$","div",null,{"className":"pointer-events-none absolute inset-0","children":[["$","div",null,{"className":"absolute inset-0 bg-[radial-gradient(circle_at_top,_rgba(56,189,248,0.18),_transparent_55%)] opacity-60 dark:opacity-80"}],["$","div",null,{"className":"absolute inset-0 bg-[linear-gradient(120deg,_rgba(15,23,42,0.08)_1px,_transparent_1px)] bg-[length:220px_220px] opacity-30 dark:opacity-40"}]]}],["$","div",null,{"className":"container relative z-10 mx-auto px-6 py-16 lg:py-20","children":[["$","$L6",null,{"className":"mx-auto w-full max-w-5xl","layout":"stacked","source":"site-footer","title":"Stay ahead with the Unit6 newsletters","description":"Pick from company releases, the Weekly Cyber Threat Briefing, or Preventive Intelligence Weekly and only hear about what matters to you."}],["$","div",null,{"className":"mt-12 grid gap-10 lg:grid-cols-[minmax(0,2fr)_repeat(3,minmax(0,1fr))]","children":[["$","div",null,{"className":"space-y-6","children":[["$","$L7",null,{"src":"/images/icons/unit6-icon.svg","alt":"Unit6 logo","width":140,"height":48,"priority":true}],["$","p",null,{"className":"text-sm text-slate-600 dark:text-slate-300","children":"The Preventive Intelligence Company"}]]}],[["$","div","Product",{"children":[["$","p",null,{"className":"text-sm font-semibold uppercase tracking-[0.3em] text-slate-500 dark:text-slate-300","children":"Product"}],["$","ul",null,{"className":"mt-4 space-y-3 text-sm text-slate-500 dark:text-slate-300","children":[["$","li","Platform overview",{"children":["$","$L5",null,{"href":"/platform","className":"group inline-flex items-center gap-2 transition-all duration-300 hover:text-slate-900 focus-visible:text-slate-900 dark:hover:text-white dark:focus-visible:text-white","children":[["$","span",null,{"className":"h-px w-4 origin-left scale-x-0 bg-gradient-to-r from-emerald-400 to-sky-500 transition-transform duration-300 group-hover:scale-x-100 group-focus-visible:scale-x-100"}],["$","span",null,{"className":"relative","children":[["$","span",null,{"className":"transition-transform duration-300 group-hover:-translate-y-0.5 group-focus-visible:-translate-y-0.5","children":"Platform overview"}],["$","span",null,{"className":"absolute inset-0 translate-y-2 text-slate-900/40 opacity-0 transition duration-300 group-hover:translate-y-0 group-hover:opacity-100 group-focus-visible:translate-y-0 group-focus-visible:opacity-100 dark:text-white/50","children":"Platform overview"}]]}]]}]}],["$","li","Use cases",{"children":["$","$L5",null,{"href":"/use-cases","className":"group inline-flex items-center gap-2 transition-all duration-300 hover:text-slate-900 focus-visible:text-slate-900 dark:hover:text-white dark:focus-visible:text-white","children":[["$","span",null,{"className":"h-px w-4 origin-left scale-x-0 bg-gradient-to-r from-emerald-400 to-sky-500 transition-transform duration-300 group-hover:scale-x-100 group-focus-visible:scale-x-100"}],["$","span",null,{"className":"relative","children":[["$","span",null,{"className":"transition-transform duration-300 group-hover:-translate-y-0.5 group-focus-visible:-translate-y-0.5","children":"Use cases"}],["$","span",null,{"className":"absolute inset-0 translate-y-2 text-slate-900/40 opacity-0 transition duration-300 group-hover:translate-y-0 group-hover:opacity-100 group-focus-visible:translate-y-0 group-focus-visible:opacity-100 dark:text-white/50","children":"Use cases"}]]}]]}]}],["$","li","Integrations",{"children":["$","$L5",null,{"href":"/integrations","className":"group inline-flex items-center gap-2 transition-all duration-300 hover:text-slate-900 focus-visible:text-slate-900 dark:hover:text-white dark:focus-visible:text-white","children":[["$","span",null,{"className":"h-px w-4 origin-left scale-x-0 bg-gradient-to-r from-emerald-400 to-sky-500 transition-transform duration-300 group-hover:scale-x-100 group-focus-visible:scale-x-100"}],["$","span",null,{"className":"relative","children":[["$","span",null,{"className":"transition-transform duration-300 group-hover:-translate-y-0.5 group-focus-visible:-translate-y-0.5","children":"Integrations"}],["$","span",null,{"className":"absolute inset-0 translate-y-2 text-slate-900/40 opacity-0 transition duration-300 group-hover:translate-y-0 group-hover:opacity-100 group-focus-visible:translate-y-0 group-focus-visible:opacity-100 dark:text-white/50","children":"Integrations"}]]}]]}]}],["$","li","Comparison",{"children":["$","$L5",null,{"href":"/comparison","className":"group inline-flex items-center gap-2 transition-all duration-300 hover:text-slate-900 focus-visible:text-slate-900 dark:hover:text-white dark:focus-visible:text-white","children":[["$","span",null,{"className":"h-px w-4 origin-left scale-x-0 bg-gradient-to-r from-emerald-400 to-sky-500 transition-transform duration-300 group-hover:scale-x-100 group-focus-visible:scale-x-100"}],["$","span",null,{"className":"relative","children":[["$","span",null,{"className":"transition-transform duration-300 group-hover:-translate-y-0.5 group-focus-visible:-translate-y-0.5","children":"Comparison"}],["$","span",null,{"className":"absolute inset-0 translate-y-2 text-slate-900/40 opacity-0 transition duration-300 group-hover:translate-y-0 group-hover:opacity-100 group-focus-visible:translate-y-0 group-focus-visible:opacity-100 dark:text-white/50","children":"Comparison"}]]}]]}]}]]}]]}],["$","div","Resources",{"children":[["$","p",null,{"className":"text-sm font-semibold uppercase tracking-[0.3em] text-slate-500 dark:text-slate-300","children":"Resources"}],["$","ul",null,{"className":"mt-4 space-y-3 text-sm text-slate-500 dark:text-slate-300","children":[["$","li","Gaming lab",{"children":["$","$L5",null,{"href":"/resources/gaming","className":"group inline-flex items-center gap-2 transition-all duration-300 hover:text-slate-900 focus-visible:text-slate-900 dark:hover:text-white dark:focus-visible:text-white","children":[["$","span",null,{"className":"h-px w-4 origin-left scale-x-0 bg-gradient-to-r from-emerald-400 to-sky-500 transition-transform duration-300 group-hover:scale-x-100 group-focus-visible:scale-x-100"}],["$","span",null,{"className":"relative","children":[["$","span",null,{"className":"transition-transform duration-300 group-hover:-translate-y-0.5 group-focus-visible:-translate-y-0.5","children":"Gaming lab"}],["$","span",null,{"className":"absolute inset-0 translate-y-2 text-slate-900/40 opacity-0 transition duration-300 group-hover:translate-y-0 group-hover:opacity-100 group-focus-visible:translate-y-0 group-focus-visible:opacity-100 dark:text-white/50","children":"Gaming lab"}]]}]]}]}],["$","li","Customers",{"children":["$","$L5",null,{"href":"/customer-stories","className":"group inline-flex items-center gap-2 transition-all duration-300 hover:text-slate-900 focus-visible:text-slate-900 dark:hover:text-white dark:focus-visible:text-white","children":[["$","span",null,{"className":"h-px w-4 origin-left scale-x-0 bg-gradient-to-r from-emerald-400 to-sky-500 transition-transform duration-300 group-hover:scale-x-100 group-focus-visible:scale-x-100"}],["$","span",null,{"className":"relative","children":[["$","span",null,{"className":"transition-transform duration-300 group-hover:-translate-y-0.5 group-focus-visible:-translate-y-0.5","children":"Customers"}],["$","span",null,{"className":"absolute inset-0 translate-y-2 text-slate-900/40 opacity-0 transition duration-300 group-hover:translate-y-0 group-hover:opacity-100 group-focus-visible:translate-y-0 group-focus-visible:opacity-100 dark:text-white/50","children":"Customers"}]]}]]}]}],["$","li","Blog",{"children":["$","$L5",null,{"href":"/blog","className":"group inline-flex items-center gap-2 transition-all duration-300 hover:text-slate-900 focus-visible:text-slate-900 dark:hover:text-white dark:focus-visible:text-white","children":[["$","span",null,{"className":"h-px w-4 origin-left scale-x-0 bg-gradient-to-r from-emerald-400 to-sky-500 transition-transform duration-300 group-hover:scale-x-100 group-focus-visible:scale-x-100"}],["$","span",null,{"className":"relative","children":[["$","span",null,{"className":"transition-transform duration-300 group-hover:-translate-y-0.5 group-focus-visible:-translate-y-0.5","children":"Blog"}],["$","span",null,{"className":"absolute inset-0 translate-y-2 text-slate-900/40 opacity-0 transition duration-300 group-hover:translate-y-0 group-hover:opacity-100 group-focus-visible:translate-y-0 group-focus-visible:opacity-100 dark:text-white/50","children":"Blog"}]]}]]}]}],["$","li","Security",{"children":["$","$L5",null,{"href":"/security","className":"group inline-flex items-center gap-2 transition-all duration-300 hover:text-slate-900 focus-visible:text-slate-900 dark:hover:text-white dark:focus-visible:text-white","children":[["$","span",null,{"className":"h-px w-4 origin-left scale-x-0 bg-gradient-to-r from-emerald-400 to-sky-500 transition-transform duration-300 group-hover:scale-x-100 group-focus-visible:scale-x-100"}],["$","span",null,{"className":"relative","children":[["$","span",null,{"className":"transition-transform duration-300 group-hover:-translate-y-0.5 group-focus-visible:-translate-y-0.5","children":"Security"}],["$","span",null,{"className":"absolute inset-0 translate-y-2 text-slate-900/40 opacity-0 transition duration-300 group-hover:translate-y-0 group-hover:opacity-100 group-focus-visible:translate-y-0 group-focus-visible:opacity-100 dark:text-white/50","children":"Security"}]]}]]}]}],["$","li","Privacy",{"children":["$","$L5",null,{"href":"/privacy","className":"group inline-flex items-center gap-2 transition-all duration-300 hover:text-slate-900 focus-visible:text-slate-900 dark:hover:text-white dark:focus-visible:text-white","children":[["$","span",null,{"className":"h-px w-4 origin-left scale-x-0 bg-gradient-to-r from-emerald-400 to-sky-500 transition-transform duration-300 group-hover:scale-x-100 group-focus-visible:scale-x-100"}],["$","span",null,{"className":"relative","children":[["$","span",null,{"className":"transition-transform duration-300 group-hover:-translate-y-0.5 group-focus-visible:-translate-y-0.5","children":"Privacy"}],["$","span",null,{"className":"absolute inset-0 translate-y-2 text-slate-900/40 opacity-0 transition duration-300 group-hover:translate-y-0 group-hover:opacity-100 group-focus-visible:translate-y-0 group-focus-visible:opacity-100 dark:text-white/50","children":"Privacy"}]]}]]}]}]]}]]}],["$","div","Get started",{"children":[["$","p",null,{"className":"text-sm font-semibold uppercase tracking-[0.3em] text-slate-500 dark:text-slate-300","children":"Get started"}],["$","ul",null,{"className":"mt-4 space-y-3 text-sm text-slate-500 dark:text-slate-300","children":[["$","li","Book a demo",{"children":["$","$L5",null,{"href":"/book-a-demo","className":"group inline-flex items-center gap-2 transition-all duration-300 hover:text-slate-900 focus-visible:text-slate-900 dark:hover:text-white dark:focus-visible:text-white","children":[["$","span",null,{"className":"h-px w-4 origin-left scale-x-0 bg-gradient-to-r from-emerald-400 to-sky-500 transition-transform duration-300 group-hover:scale-x-100 group-focus-visible:scale-x-100"}],["$","span",null,{"className":"relative","children":[["$","span",null,{"className":"transition-transform duration-300 group-hover:-translate-y-0.5 group-focus-visible:-translate-y-0.5","children":"Book a demo"}],["$","span",null,{"className":"absolute inset-0 translate-y-2 text-slate-900/40 opacity-0 transition duration-300 group-hover:translate-y-0 group-hover:opacity-100 group-focus-visible:translate-y-0 group-focus-visible:opacity-100 dark:text-white/50","children":"Book a demo"}]]}]]}]}],["$","li","Custom quote",{"children":["$","$L5",null,{"href":"/get-a-custom-quote","className":"group inline-flex items-center gap-2 transition-all duration-300 hover:text-slate-900 focus-visible:text-slate-900 dark:hover:text-white dark:focus-visible:text-white","children":[["$","span",null,{"className":"h-px w-4 origin-left scale-x-0 bg-gradient-to-r from-emerald-400 to-sky-500 transition-transform duration-300 group-hover:scale-x-100 group-focus-visible:scale-x-100"}],["$","span",null,{"className":"relative","children":[["$","span",null,{"className":"transition-transform duration-300 group-hover:-translate-y-0.5 group-focus-visible:-translate-y-0.5","children":"Custom quote"}],["$","span",null,{"className":"absolute inset-0 translate-y-2 text-slate-900/40 opacity-0 transition duration-300 group-hover:translate-y-0 group-hover:opacity-100 group-focus-visible:translate-y-0 group-focus-visible:opacity-100 dark:text-white/50","children":"Custom quote"}]]}]]}]}],["$","li","Talk to sales",{"children":["$","$L5",null,{"href":"mailto:sales@unit6tech.com","className":"group inline-flex items-center gap-2 transition-all duration-300 hover:text-slate-900 focus-visible:text-slate-900 dark:hover:text-white dark:focus-visible:text-white","children":[["$","span",null,{"className":"h-px w-4 origin-left scale-x-0 bg-gradient-to-r from-emerald-400 to-sky-500 transition-transform duration-300 group-hover:scale-x-100 group-focus-visible:scale-x-100"}],["$","span",null,{"className":"relative","children":[["$","span",null,{"className":"transition-transform duration-300 group-hover:-translate-y-0.5 group-focus-visible:-translate-y-0.5","children":"Talk to sales"}],["$","span",null,{"className":"absolute inset-0 translate-y-2 text-slate-900/40 opacity-0 transition duration-300 group-hover:translate-y-0 group-hover:opacity-100 group-focus-visible:translate-y-0 group-focus-visible:opacity-100 dark:text-white/50","children":"Talk to sales"}]]}]]}]}]]}]]}]]]}],["$","div",null,{"className":"mt-12 flex flex-col gap-6 border-t border-slate-200 pt-8 dark:border-white/10 md:flex-row md:items-center md:justify-between","children":[["$","div",null,{"className":"flex flex-wrap items-center gap-x-6 gap-y-3 text-sm text-slate-500 dark:text-slate-300","children":[["$","span",null,{"children":["© ",2025," Unit6 Inc. All rights reserved."]}],["$","$L5",null,{"href":"/terms","className":"transition-colors duration-300 hover:text-slate-900 dark:hover:text-white","children":"Terms"}],["$","$L5",null,{"href":"/privacy","className":"transition-colors duration-300 hover:text-slate-900 dark:hover:text-white","children":"Privacy"}]]}],["$","div",null,{"className":"flex gap-3","children":[["$","$L5","LinkedIn",{"href":"https://www.linkedin.com/company/unit6tech","target":"_blank","rel":"noopener noreferrer","aria-label":"LinkedIn","className":"group relative flex h-11 w-11 items-center justify-center overflow-hidden rounded-full border border-slate-200/70 bg-white text-slate-900 transition-all duration-300 hover:-translate-y-1 hover:border-slate-400 focus:outline-none focus-visible:ring-2 focus-visible:ring-sky-200/80 dark:border-white/15 dark:bg-white/10 dark:text-white dark:hover:border-white/60","children":[["$","span",null,{"className":"absolute inset-0 rounded-full bg-gradient-to-br from-sky-400/40 via-emerald-300/30 to-pink-300/30 opacity-0 transition duration-300 group-hover:opacity-100"}],["$","svg",null,{"stroke":"currentColor","fill":"currentColor","strokeWidth":"0","viewBox":"0 0 448 512","className":"relative text-lg transition duration-300 group-hover:scale-110","children":["$undefined",[["$","path","0",{"d":"M416 32H31.9C14.3 32 0 46.5 0 64.3v383.4C0 465.5 14.3 480 31.9 480H416c17.6 0 32-14.5 32-32.3V64.3c0-17.8-14.4-32.3-32-32.3zM135.4 416H69V202.2h66.5V416zm-33.2-243c-21.3 0-38.5-17.3-38.5-38.5S80.9 96 102.2 96c21.2 0 38.5 17.3 38.5 38.5 0 21.3-17.2 38.5-38.5 38.5zm282.1 243h-66.4V312c0-24.8-.5-56.7-34.5-56.7-34.6 0-39.9 27-39.9 54.9V416h-66.4V202.2h63.7v29.2h.9c8.9-16.8 30.6-34.5 62.9-34.5 67.2 0 79.7 44.3 79.7 101.9V416z","children":[]}]]],"style":{"color":"$undefined"},"height":"1em","width":"1em","xmlns":"http://www.w3.org/2000/svg"}]]}],["$","$L5","X (Twitter)",{"href":"https://twitter.com/unit6tech","target":"_blank","rel":"noopener noreferrer","aria-label":"X (Twitter)","className":"group relative flex h-11 w-11 items-center justify-center overflow-hidden rounded-full border border-slate-200/70 bg-white text-slate-900 transition-all duration-300 hover:-translate-y-1 hover:border-slate-400 focus:outline-none focus-visible:ring-2 focus-visible:ring-sky-200/80 dark:border-white/15 dark:bg-white/10 dark:text-white dark:hover:border-white/60","children":[["$","span",null,{"className":"absolute inset-0 rounded-full bg-gradient-to-br from-sky-400/40 via-emerald-300/30 to-pink-300/30 opacity-0 transition duration-300 group-hover:opacity-100"}],["$","svg",null,{"stroke":"currentColor","fill":"currentColor","strokeWidth":"0","viewBox":"0 0 512 512","className":"relative text-lg transition duration-300 group-hover:scale-110","children":["$undefined",[["$","path","0",{"d":"M389.2 48h70.6L305.6 224.2 487 464H345L233.7 318.6 106.5 464H35.8L200.7 275.5 26.8 48H172.4L272.9 180.9 389.2 48zM364.4 421.8h39.1L151.1 88h-42L364.4 421.8z","children":[]}]]],"style":{"color":"$undefined"},"height":"1em","width":"1em","xmlns":"http://www.w3.org/2000/svg"}]]}]]}]]}]]}]]}]]}]],null],null]},["$","$L8",null,{"parallelRouterKey":"children","segmentPath":["children","customer-stories","children","$9","children"],"error":"$undefined","errorStyles":"$undefined","errorScripts":"$undefined","template":["$","$La",null,{}],"templateStyles":"$undefined","templateScripts":"$undefined","notFound":"$undefined","notFoundStyles":"$undefined","styles":null}],null]},["$","$L8",null,{"parallelRouterKey":"children","segmentPath":["children","customer-stories","children"],"error":"$undefined","errorStyles":"$undefined","errorScripts":"$undefined","template":["$","$La",null,{}],"templateStyles":"$undefined","templateScripts":"$undefined","notFound":"$undefined","notFoundStyles":"$undefined","styles":null}],null]},[["$","html",null,{"className":"antialiased __variable_41251a","lang":"en","suppressHydrationWarning":true,"children":[["$","head",null,{"children":[["$","$L3",null,{"id":"gtm-base","strategy":"lazyOnload","children":"\n            (function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':\n            new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0],\n            j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src=\n            'https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f);\n            })(window,document,'script','dataLayer','GTM-KMD6X5T8');\n          "}],["$","$L3",null,{"id":"structured-data","type":"application/ld+json","strategy":"beforeInteractive","children":"$b"}],null]}],["$","body",null,{"className":"__className_f367f3","children":[["$","noscript",null,{"children":["$","iframe",null,{"src":"https://www.googletagmanager.com/ns.html?id=GTM-KMD6X5T8","height":"0","width":"0","style":{"display":"none","visibility":"hidden"}}]}],["$","$L3",null,{"id":"theme-init","strategy":"beforeInteractive","children":"\n            try {\n              const storedTheme = localStorage.getItem('theme');\n              const prefersDark = window.matchMedia('(prefers-color-scheme: dark)').matches;\n              const theme = storedTheme === 'light' || storedTheme === 'dark' ? storedTheme : (prefersDark ? 'dark' : 'light');\n              const root = document.documentElement;\n              root.classList.remove('light', 'dark');\n              root.classList.add(theme);\n              root.dataset.theme = storedTheme ?? 'system';\n            } catch (_error) {}\n          "}],["$","$Lc",null,{"children":["$","$L8",null,{"parallelRouterKey":"children","segmentPath":["children"],"error":"$undefined","errorStyles":"$undefined","errorScripts":"$undefined","template":["$","$La",null,{}],"templateStyles":"$undefined","templateScripts":"$undefined","notFound":["$","main",null,{"className":"flex min-h-screen flex-col items-center justify-center bg-gradient-to-b from-slate-50 via-white to-sky-50 px-6 text-center text-slate-900 dark:from-slate-950 dark:via-slate-900 dark:to-slate-950 dark:text-white","children":[["$","p",null,{"className":"text-xs uppercase tracking-[0.35em] text-slate-500 dark:text-slate-400","children":"Page not found"}],["$","h1",null,{"className":"mt-4 text-4xl font-semibold sm:text-5xl","children":"Looks like that trail went cold."}],["$","p",null,{"className":"mt-4 max-w-xl text-base text-slate-600 dark:text-slate-300","children":"The page you are looking for has moved or no longer exists. Head back to the main site or explore our latest resources."}],["$","div",null,{"className":"mt-8 flex flex-col gap-3 sm:flex-row","children":[["$","$L5",null,{"href":"/","className":"rounded-full bg-slate-900 px-5 py-3 text-sm font-semibold text-white shadow-sm transition hover:bg-slate-800 focus-visible:outline focus-visible:outline-2 focus-visible:outline-offset-2 focus-visible:outline-slate-500 dark:bg-white dark:text-slate-900 dark:hover:bg-slate-100","children":"Back to homepage"}],["$","$L5",null,{"href":"/resources/gaming","className":"rounded-full border border-slate-200 px-5 py-3 text-sm font-semibold text-slate-700 transition hover:border-slate-300 dark:border-white/20 dark:text-white dark:hover:border-white/30","children":"View resources"}]]}]]}],"notFoundStyles":[],"styles":null}]}]]}]]}],null],null],[[["$","link","0",{"rel":"stylesheet","href":"/_next/static/css/2a2d44bd966c4d53.css","precedence":"next","crossOrigin":"$undefined"}],["$","link","1",{"rel":"stylesheet","href":"/_next/static/css/582d575b359aac35.css","precedence":"next","crossOrigin":"$undefined"}]],[null,"$Ld"]]]]]
d:[["$","meta","0",{"name":"viewport","content":"width=device-width, initial-scale=1"}],["$","meta","1",{"charSet":"utf-8"}],["$","title","2",{"children":"Exposing a multi-actor campaign against HR, payroll, and internal portals | Unit6 customer story | Unit6"}],["$","meta","3",{"name":"description","content":"Multiple actor clusters targeted an outsourcing firm’s kiosk, HR, and payroll surfaces simultaneously. Unit6 treated it as one campaign, closing credential abuse and hardening exposed services quickly."}],["$","meta","4",{"name":"keywords","content":"preventive intelligence,adversary infrastructure,attack staging,threat reconnaissance,early warning security platform"}],["$","meta","5",{"name":"robots","content":"index, follow"}],["$","link","6",{"rel":"canonical","href":"https://unit6tech.com/customer-stories/bpo-campaign"}],["$","meta","7",{"property":"og:title","content":"Exposing a multi-actor campaign against HR, payroll, and internal portals"}],["$","meta","8",{"property":"og:description","content":"Multiple actor clusters targeted an outsourcing firm’s kiosk, HR, and payroll surfaces simultaneously. Unit6 treated it as one campaign, closing credential abuse and hardening exposed services quickly."}],["$","meta","9",{"property":"og:url","content":"https://unit6tech.com/customer-stories/bpo-campaign"}],["$","meta","10",{"property":"og:site_name","content":"Unit6"}],["$","meta","11",{"property":"og:image","content":"https://unit6tech.com/images/unit6-cover.webp"}],["$","meta","12",{"property":"og:type","content":"article"}],["$","meta","13",{"name":"twitter:card","content":"summary_large_image"}],["$","meta","14",{"name":"twitter:creator","content":"@unit6tech"}],["$","meta","15",{"name":"twitter:title","content":"Exposing a multi-actor campaign against HR, payroll, and internal portals"}],["$","meta","16",{"name":"twitter:description","content":"Multiple actor clusters targeted an outsourcing firm’s kiosk, HR, and payroll surfaces simultaneously. Unit6 treated it as one campaign, closing credential abuse and hardening exposed services quickly."}],["$","meta","17",{"name":"twitter:image","content":"https://unit6tech.com/images/unit6-cover.webp"}],["$","link","18",{"rel":"icon","href":"/favicon.ico","type":"image/x-icon","sizes":"20x32"}],["$","meta","19",{"name":"next-size-adjust"}]]
1:null