SolarWind’s Data Breach – Update
Some of the information stolen from the various companies after the hack into Solarwinds is now up for sale.
What’s on the shelf:
- Microsoft Information (Partial Source Code) for $ 600k
- Cisco Information (source code for some products) for $ 500k
- SolarWinds information (source code of the entire product) for $ 200k.
- FireEye Information (Red Team Assault Tool) for $ 50k.
Oh, and there is a sale … a package of all the above information for a million dollars.
WIIFM (What’s in it for me)
Beware: the next wave of ransomware and malware will not be recognized by antivirus which means that if you install it, the hackers will have 6 to 9 months of data
WSID2P (What should I do to protect)
Be aware. They are coming for you, and they’ll use any trick in the book for it.
Get informed and Start to protect your company now.
( Source: http://solarleaks.net/)
Save Your Company from Social Engineering Attacks Like that
Register and Get your Personalized Free Exposure Report NOW,
And see where your Company is Exposed to Hackers
Recently Posted on AUMINT.io Blog
☁️🔍 Free Cloud Misconfiguration Scanners You’ll Wish You Tried Earlier ☁️🔍
Cloud misconfigurations remain the #1 cause of breaches in 2025 – and the worst part is, most could have been avoided with the right tools. Here are some free scanners that every CISO should have in their arsenal:
1️⃣ ScoutSuite – Multi-cloud security auditing tool by NCC Group.
🔗 https://github.com/nccgroup/ScoutSuite
2️⃣ Prowler – AWS, Azure, and GCP security best practices scanner.
🔗 https://github.com/prowler-cloud/prowler
3️⃣ CloudSploit by Aqua – Continuous configuration monitoring for major cloud providers.
🔗 https://github.com/aquasecurity/cloudsploit
4️⃣ Checkov – Policy-as-code scanner for IaC (Terraform, Kubernetes, CloudFormation).
🔗 https://github.com/bridgecrewio/checkov
5️⃣ Cloud Custodian – Rules engine for governance and compliance enforcement.
🔗 https://github.com/cloud-custodian/cloud-custodian
⚡These tools highlight risky IAM roles, exposed buckets, insecure defaults, and weak policies – the same gaps attackers exploit.
At AUMINT.io, we look at the other side of the coin – simulating how attackers exploit the human misconfigurations through phishing, vishing, and social engineering. Because even a perfectly hardened cloud is vulnerable if an employee gives access away.
🔗 Curious how exposed your human layer really is? Book a free demo
#CloudSecurity #CISO #CyberSecurity #ThreatIntelligence #AUMINT