SolarWind’s Data Breach – Update
Some of the information stolen from the various companies after the hack into Solarwinds is now up for sale.
What’s on the shelf:
- Microsoft Information (Partial Source Code) for $ 600k
- Cisco Information (source code for some products) for $ 500k
- SolarWinds information (source code of the entire product) for $ 200k.
- FireEye Information (Red Team Assault Tool) for $ 50k.
Oh, and there is a sale … a package of all the above information for a million dollars.
WIIFM (What’s in it for me)
Beware: the next wave of ransomware and malware will not be recognized by antivirus which means that if you install it, the hackers will have 6 to 9 months of data
WSID2P (What should I do to protect)
Be aware. They are coming for you, and they’ll use any trick in the book for it.
Get informed and Start to protect your company now.
( Source: http://solarleaks.net/)
Save Your Company from Social Engineering Attacks Like that
Register and Get your Personalized Free Exposure Report NOW,
And see where your Company is Exposed to Hackers
Recently Posted on AUMINT.io Blog
🔐 Free API Security Tools Quietly Protecting Enterprises 🔐
APIs are the backbone of modern applications – and they’re a prime target for attackers. The best news? Several free tools help CISOs identify vulnerabilities, monitor traffic, and enforce security without breaking the budget.
Here are the top free API security tools every CISO should know:
1️⃣ OWASP ZAP – Open-source scanner for detecting vulnerabilities in REST and SOAP APIs.
🔗 https://www.zaproxy.org/
2️⃣ Postman (Free Tier) – Test APIs and validate security workflows during development.
🔗 https://www.postman.com/
3️⃣ Tyk Community Edition – Open-source API gateway with authentication, rate-limiting, and security policies.
🔗 https://tyk.io/open-source/
4️⃣ Kong Gateway (OSS) – API management with built-in security features and traffic monitoring.
🔗 https://konghq.com/kong/
5️⃣ WAF-FLE (ModSecurity) – Protects web-facing APIs from OWASP Top 10 attacks.
🔗 https://www.modsecurity.org/
6️⃣ APImetrics Free Plan – Monitor API performance and detect anomalies.
🔗 https://apimetrics.io/
7️⃣ Spectral (Open Source) – Linting tool for OpenAPI specs to catch insecure API definitions.
🔗 https://stoplight.io/open-source/spectral/
⚡ With these tools, CISOs can scan, monitor, and enforce security on APIs while reducing risk exposure across enterprise applications.
At AUMINT.io, we go further – simulating how attackers exploit employees via APIs, social engineering, and phishing, exposing gaps that technical tools alone may miss.
🔗 Curious about your team’s human risk exposure to API attacks? Book a free demo
#APISecurity #CISO #CyberSecurity #ThreatDetection #AUMINT