SolarWind’s Data Breach – Update
Some of the information stolen from the various companies after the hack into Solarwinds is now up for sale.
What’s on the shelf:
- Microsoft Information (Partial Source Code) for $ 600k
- Cisco Information (source code for some products) for $ 500k
- SolarWinds information (source code of the entire product) for $ 200k.
- FireEye Information (Red Team Assault Tool) for $ 50k.
Oh, and there is a sale … a package of all the above information for a million dollars.
WIIFM (What’s in it for me)
Beware: the next wave of ransomware and malware will not be recognized by antivirus which means that if you install it, the hackers will have 6 to 9 months of data
WSID2P (What should I do to protect)
Be aware. They are coming for you, and they’ll use any trick in the book for it.
Get informed and Start to protect your company now.
( Source: http://solarleaks.net/)
Save Your Company from Social Engineering Attacks Like that
Register and Get your Personalized Free Exposure Report NOW,
And see where your Company is Exposed to Hackers
Recently Posted on AUMINT.io Blog
🚀 CISOs: Best Free Tools for Vulnerability Scanning 🚀
Vulnerability scanning is essential to uncover weaknesses before attackers do. You don’t need expensive software to get started — there are robust free tools that every CISO should know.
Here’s a curated list of top free vulnerability scanning tools:
1️⃣ Nmap – Network discovery and security auditing tool.
https://nmap.org/
2️⃣ OpenVAS (Greenbone Vulnerability Manager) – Full-featured vulnerability scanning and management platform.
https://www.greenbone.net/en/community-edition/
3️⃣ Nikto2 – Web server scanner that identifies outdated software and dangerous files.
https://github.com/sullo/nikto
4️⃣ Trivy – Vulnerability scanner for containers, Kubernetes, and cloud-native apps.
https://aquasecurity.github.io/trivy/
5️⃣ OWASP ZAP – Open-source web application security scanner.
https://www.zaproxy.org/
6️⃣ Lynis – Security auditing tool for Unix/Linux systems.
https://cisofy.com/lynis/
7️⃣ Clair – Static analysis for vulnerabilities in Docker and OCI images.
https://github.com/quay/clair
8️⃣ Wapiti – Web application vulnerability scanner for automated testing.
http://wapiti.sourceforge.net/
9️⃣ Vuls – Agentless vulnerability scanner for Linux and FreeBSD systems.
https://vuls.io/
🔟 Metasploit Community Edition – Penetration testing framework with vulnerability scanning capabilities.
https://www.metasploit.com/
Integrating these tools helps CISOs identify risks, prioritize remediation, and strengthen organizational security posture.
Want to see how human risk can compound vulnerabilities? 🧠 AUMINT.io simulates social engineering attacks to uncover employee behaviors that attackers exploit.
📅 Book a free intro call: Schedule here
💾 Save this post and start scanning smarter today!
#CISO #VulnerabilityManagement #CyberSecurity #ThreatDetection #AUMINT