Coveware, which provides response services to ransomware attacks, has released a report for the fourth quarter of 2020.
The 4 most interesting data from the report
1. The average ransom payment stands at $ 154,108
It is a decrease of 34% from the third quarter.
2. Organisations decline to pay
The significant decrease in the average payment is due to the fact that more and more organizations are deciding not to pay the ransom.
3. 70% of ransomware attacks also include theft of information from the victim and double extortion
It is an increase of 43% from the third quarter.
4. Social Engineering is the main attack type
In the current quarter the main attack channel was social engineering attacks.
_________________
( Source: Coverware Ransomeware Report)
Save Your Company from Social Engineering Attacks Like that
Register and Get your Personalized Free Exposure Report NOW,
And see where your Company is Exposed to Hackers
Recently Posted on AUMINT.io Blog
🛡️ CISOs: 12 Must-Have Free Tools for Vulnerability Management 🛡️
Vulnerability management isn’t just scanning and patching – it’s about having the right tools to prioritize, respond, and reduce real-world risk.
But with so many tools out there, where do you begin – especially with zero budget?
Here’s a handpicked list of 12 free tools every CISO should know for end-to-end vulnerability management:
1️⃣ OpenVAS – A powerful open-source scanner for identifying security issues.
https://www.greenbone.net/en/vulnerability-management/
2️⃣ Nessus Essentials – A trusted vulnerability assessment tool for small environments.
https://www.tenable.com/products/nessus/nessus-essentials
3️⃣ Nmap – Not just for port scanning – it’s great for discovering exposed services.
https://nmap.org/
4️⃣ Nikto2 – Web server scanning for dangerous files, configurations, and outdated software.
https://github.com/sullo/nikto
5️⃣ OSQuery – Query your infrastructure like a database for quick risk visibility.
https://osquery.io/
6️⃣ Lynis – A Unix security auditing tool for vulnerability and compliance checks.
https://cisofy.com/lynis/
7️⃣ Vulners – Vulnerability search engine that integrates with many scanners.
https://vulners.com/
8️⃣ Wapiti – Web app vulnerability scanner with crawler-style testing.
https://sourceforge.net/projects/wapiti/
9️⃣ Trivy – Container vulnerability scanner for Docker and Kubernetes setups.
https://aquasecurity.github.io/trivy/
🔟 Metasploit Framework – Pen-test toolkit to validate and exploit discovered vulnerabilities.
https://www.metasploit.com/
1️⃣1️⃣ Patch My PC – Keeps Windows endpoints updated automatically.
https://patchmypc.com/home-updater
1️⃣2️⃣ CVE Search – A simple tool to find, correlate, and filter known CVEs.
https://github.com/cve-search/cve-search
These tools let you spot what matters, validate risks, and act – fast.
Want to supercharge your vulnerability playbook with recurring employee-targeted attack simulations? 🧠 See how AUMINT.io helps CISOs uncover blind spots in real time: Schedule here
🔐 Save this post to upgrade your VM toolkit without spending a dime!
#CISO #VulnerabilityManagement #CyberSecurity #InfoSec #RiskReduction #AUMINT