MN A.I CyberSecurity Scoring
MN
Company Information
Website:http://www.moffattnichol.com
Employees number:1,218
Number of followers:32,820
NAICS:237
Industry Type:Civil Engineering
Homepage:moffattnichol.com
MN Risk Score (AI oriented)
Between 700 and 749
MNCivil Engineering
Updated:
02/04/2026
02/04/2026
746/1000
Moderate
Ba
MN Global Score (TPRM)
xxxx
MNCivil Engineering
Score locked

MNModerate
Current Score
746Ba (MODERATE)
01000
1 incidents
-19 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
747
JUNE 2026
747
MAY 2026
746
APRIL 2026
746
MARCH 2026
745
FEBRUARY 2026
745
JANUARY 2026
745
DECEMBER 2025
744
NOVEMBER 2025
744
OCTOBER 2025
743
SEPTEMBER 2025
761
Cyber Attack
01 Sep 2025 • MN
U.S.-based civil engineering firm (involved in Ukraine-related projects)
Russian-Linked Threat Actors Use Fake Browser Updates to Deploy SocGholish Malware in Targeted Espionage Campaign
742
CRITICAL-19
MOF59100659112625
A U.S.-based civil engineering firm specializing in Ukraine-related infrastructure projects fell victim to a highly targeted cyberattack orchestrated by Russian GRU Unit 29155 in September 2025. The threat actors exploited fake browser update pop-ups to deploy SocGholish malware, which then delivered the RomCom Mythic Agent loader within minutes of initial infection. The attack leveraged compromised legitimate websites to inject malicious JavaScript, tricking employees into downloading a fake 'msedge.dll' payload disguised as a browser update.The payload executed only when the victim’s system matched a predefined domain, indicating precision targeting. Once activated, it established a connection to Mythic C2 servers, granting attackers remote access for potential espionage or data exfiltration. While Arctic Wolf’s Aurora Endpoint Defense detected and quarantined the payload before full compromise, the incident highlights the evolving threat landscape where malware-as-a-service (SocGholish)—previously associated with ransomware—is now repurposed for state-sponsored cyber operations. The attack’s link to GRU-affiliated groups suggests motives beyond financial gain, likely aiming to disrupt pro-Ukrainian entities or gather intelligence on critical infrastructure projects. The use of bulletproof hosting and advanced obfuscation techniques further complicates attribution and mitigation.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
AUGUST 2025
761
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for MN ??
What was MN's A.I Rankiteo Cyber Score in June 2026 ??
What was MN's A.I Rankiteo Cyber Score in May 2026 ??
What was MN's A.I Rankiteo Cyber Score in April 2026 ??
What was MN's A.I Rankiteo Cyber Score in March 2026 ??
What was MN's A.I Rankiteo Cyber Score in February 2026 ??
What was MN's A.I Rankiteo Cyber Score in January 2026 ??
What was MN's A.I Rankiteo Cyber Score in December 2025 ??
What was MN's A.I Rankiteo Cyber Score in November 2025 ??
What was MN's A.I Rankiteo Cyber Score in October 2025 ??
What was MN's A.I Rankiteo Cyber Score in September 2025 ??
What was MN's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on MN's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with MN ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view MN's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?