Black Cell is proud to close the 2024 fiscal year on a high note, reporting solid growth in revenue, profitability, and organizational scale, building on the already promising results in the year’s first half. The past year was not only about financial achievement but also about laying the groundwork for future strategic moves: from entering new international markets to expanding our team and unleashing new, internally developed products along expanding our service reach. More to these initatives in the coming months!

Financial highlights

Financially, 2024 marked a step forward on multiple fronts. Hungarian sales totaled 1.69 billion HUF, up from 1.59 billion the previous year, reflecting a 6.7% year-over-year increase. While intra-EU export revenue saw a modest decline, falling to 97 million HUF, our extra-EU exports grew significantly, reaching 267 million HUF, marking a 214% increase over 2023. This shift highlights the success of our efforts to diversify our geographic footprint and scale beyond traditional markets. Altogether, Black Cell’s net revenue for the year reached 2.06 billion HUF, representing nearly 15% growth.

What stands out is the near doubling of our net income, which rose from 37 million HUF to 72 million HUF. This 97% increase underscores our successful transition from value-added reselling toward a more service-focused business model, driven by cloud security projects, managed detection and response capabilities, and compliance advisory; along with successful cost optimization and productivity improvements. Supporting this growth, our team expanded from an average of 32 to over 39 employees: a 22% year-over-year increase that ensures we continue to meet the growing international demand for our expertise. At the year’s end, we welcomed our 45^th employee – on a steady course to the 50-strong mark.

Important milestones

In August, Black Cell earned the Information Protection and Governance advanced specialization, demonstrating our deep knowledge, extensive experience, and proven track record in deploying Microsoft Purview and monitoring our customers’ compliance posture.

In September, we proudly moved into our new headquarters at the BEM Center. Situated in the heart of Budapest’s scenic 2^nd district, the new office provides more space to collaborate and innovate, a canteen serving hearty meals, and an upscale neighborhood to enjoy after work. Reflecting our commitment to sustainability, the building has been awarded LEED Gold certification.

By November, we had earned four industry specific badges from Splunk in Manufacturing, Retail, Financial Services and Energy & Utilities. These badges reflect our successful project deliveries and proven expertise across these sectors.

We concluded the year on a high note: Black Cell successfully completed the ISO/IEC 27001:2022 certification audit and was awarded the certificate.

Our Security Operations Center, or SOC, also remained a core pillar of our service delivery, operating around the clock and enabling proactive threat detection, investigation, and response.

During 2024, Black Cell’s SOC: 

• Processed and triaged over 105,000 security alerts, ensuring timely identification and response to potential threats.

• Escalated and thoroughly investigated more than 3,000 true positive incidents in close collaboration with our clients, ensuring comprehensive analysis and resolution.

• Successfully thwarted over 130 mass phishing campaigns, including 9 critical incidents that impacted over two-thirds of the client organization, thereby protecting multiple potential victims from becoming compromised.

• Identified and neutralized over 7 APT campaigns before critical systems could be accessed, underscoring our capacity to counter highly skilled adversaries.

Additionally, our Fusion Center recognized the following top 5 MITRE ATT&CK techniques prevalent in cyber-attacks during the first half of this year:

• T1566 – Phishing: Phishing continues to be the top attack vector, with a significant increase in campaigns designed to bypass multi-factor authentication (MFA). Attackers are leveraging more advanced and targeted phishing techniques to trick users and evade security controls.
• T1528 – Steal Application Access Token: This technique rose to the second most observed in 2024, driven by the widespread use of toolkits like Evilginx that enable adversaries to bypass MFA during credential theft. Organizations are advised to implement phishing-resistant MFA solutions to counter this evolving threat.

• T1078 – Valid Accounts: Account takeover (ATO) via credential leakage remains the most common method. We’ve observed a resurgence of attacks using credentials from earlier stealer malware campaigns and historic data breaches, fueling a new wave of account-targeted activity.

• T1595 – Active Scanning: Unwanted vulnerability scans and enumeration of public-facing web applications remain a consistent presence in the top threat landscape. Some of this scanning activity may also originate from AI data crawlers, further complicating detection and attribution.

• T1218 – System Binary Proxy Execution: Massive worldwide Lumma Stealer campaigns targeted organizations across all sectors, consistently leveraging Living-off-the-Land Binary techniques for evasion. Endpoint Detection and Response (EDR) tools struggled to keep pace with the rapidly evolving variants, allowing threat actors to execute payloads before response actions can be taken.

Our Enterprise Security Monitoring (ESM) team gained the Elastic Certified Engineer certification, demonstrating advanced proficiency in deploying, managing, and troubleshooting Elasticsearch clusters in real-world environments.

Furthermore, we developed a Detection-as-Code (DaC) solution designed for broad compatibility, enabling seamless integration with virtually any major SIEM platform. This flexible, scalable approach pioneers a new standard in detection engineering. Key benefits include:

• Platform-agnostic: Works across different SIEM systems without major rewrites.
• Version-controlled: Detection logic is managed like code, improving auditability and collaboration.
• Automated deployment: Streamlines rule updates and reduces manual errors.
• Faster iteration: Enables rapid testing and refinement of detection logic.
• Improved consistency: Enforces standardized detection patterns across environments.

As we look to 2025, we are entering a phase of accelerated opportunity – backed by a stronger foundation, a growing international presence, and a committed, skilled team. The progress made in 2024 is a direct result of the trust our clients place in us and the hard work of every colleague at Black Cell.

Black Cell Management