When you call Black Tower Cyber, you are talking directly to the security engineer who will contain your incident, investigate the breach, and deliver your report.
Black Tower Cyber was founded by Eric Noga. Eric is a security engineer with a career built on hands-on incident response, threat hunting, and Microsoft 365 security hardening.
When you call Black Tower Cyber, you are talking directly to the security engineer who will contain your incident, investigate the breach, and deliver your report. Not a sales rep. Not a junior analyst reading from a script.
Every case study on this site is a real engagement Eric led personally. You get an operator, not an organization.
Based in Connecticut. Supporting firms across New England and nationwide.
Already have an IT team or MSP? We work alongside your existing IT provider, not against them. We handle the cybersecurity side so your IT team can focus on what they do best. No turf wars, no overlap. Just the security expertise most IT teams do not have in-house.
Incident Response, Threat Hunting, Microsoft 365 & Entra ID Security, Identity Threat Detection, Managed Detection & Response, Google Workspace Security, AWS Security Hardening
Huntress MDR, Identity Threat Detection & Remediation, Phishing Simulations, SIEM/Log Aggregation, Purple Knight AD Assessments for On-Prem Active Directory and Azure Cloud
GCFA, SentinelOne Security Admin/IR/Forensics, CCSK, CCZT, TCM Security (PNPT, PJPT, PSAP, PSAA), CIGE, CIAM, CIMP, CAMS, CJIS
Huntress-powered MDR with direct oversight from the same engineer handling your case. No ticket queues. No handoffs. Every alert, every incident, reviewed personally.
Your clients trust you with their most sensitive data. We make sure that trust stays intact.
Wire fraud, trust account attacks, and email impersonation. One BEC incident at closing can cost millions in a single transaction.
Tax season makes you a target. Attackers know you hold W-2s, bank details, and direct access to client finances.
PII, health records, claims data. Regulatory requirements demand real security, not checkbox compliance.
Attackers sit inside inboxes for weeks waiting for closing day. Wire fraud at closing is one of the fastest-growing cybercrimes.
These are real engagements. Client details anonymized to protect their businesses.
A Connecticut law firm had a threat actor operating inside their Microsoft 365 environment for 23 days. The attacker created hidden inbox rules, registered a lookalike domain, and initiated a $7 million wire transfer attempt. We were engaged and contained the entire incident the same day.
A Connecticut law firm's email was compromised via phishing. The attacker operated inside the mailbox for nearly two weeks, creating silent forwarding rules and registering a typo-squat domain to continue impersonating the employee even after lockout.
An employee clicked a phishing email. Within hours, the attacker created 7 inbox rules to suppress communications, used global VPN/proxy IPs from multiple countries, and initiated a fraudulent $12,500 wire transfer.
A manufacturing company's M365 tenant was compromised after a provider migration left dormant admin accounts exposed. Threat actors gained Global Admin privileges and impersonated the accounting department to send a fraudulent ACH invoice.
A finance department employee received a spoofed email impersonating a trusted internal colleague. After clicking a phishing link, the attacker redirected approximately $55,000 in funds to a fraudulent vendor.