SolarWind’s Data Breach – Update
Some of the information stolen from the various companies after the hack into Solarwinds is now up for sale.
What’s on the shelf:
- Microsoft Information (Partial Source Code) for $ 600k
- Cisco Information (source code for some products) for $ 500k
- SolarWinds information (source code of the entire product) for $ 200k.
- FireEye Information (Red Team Assault Tool) for $ 50k.
Oh, and there is a sale … a package of all the above information for a million dollars.
WIIFM (What’s in it for me)
Beware: the next wave of ransomware and malware will not be recognized by antivirus which means that if you install it, the hackers will have 6 to 9 months of data
WSID2P (What should I do to protect)
Be aware. They are coming for you, and they’ll use any trick in the book for it.
Get informed and Start to protect your company now.
( Source: http://solarleaks.net/)
Save Your Company from Social Engineering Attacks Like that
Register and Get your Personalized Free Exposure Report NOW,
And see where your Company is Exposed to Hackers
Recently Posted on AUMINT.io Blog
🛡️ CISOs: 12 Must-Have Free Tools for Vulnerability Management 🛡️
Vulnerability management isn’t just scanning and patching – it’s about having the right tools to prioritize, respond, and reduce real-world risk.
But with so many tools out there, where do you begin – especially with zero budget?
Here’s a handpicked list of 12 free tools every CISO should know for end-to-end vulnerability management:
1️⃣ OpenVAS – A powerful open-source scanner for identifying security issues.
https://www.greenbone.net/en/vulnerability-management/
2️⃣ Nessus Essentials – A trusted vulnerability assessment tool for small environments.
https://www.tenable.com/products/nessus/nessus-essentials
3️⃣ Nmap – Not just for port scanning – it’s great for discovering exposed services.
https://nmap.org/
4️⃣ Nikto2 – Web server scanning for dangerous files, configurations, and outdated software.
https://github.com/sullo/nikto
5️⃣ OSQuery – Query your infrastructure like a database for quick risk visibility.
https://osquery.io/
6️⃣ Lynis – A Unix security auditing tool for vulnerability and compliance checks.
https://cisofy.com/lynis/
7️⃣ Vulners – Vulnerability search engine that integrates with many scanners.
https://vulners.com/
8️⃣ Wapiti – Web app vulnerability scanner with crawler-style testing.
https://sourceforge.net/projects/wapiti/
9️⃣ Trivy – Container vulnerability scanner for Docker and Kubernetes setups.
https://aquasecurity.github.io/trivy/
🔟 Metasploit Framework – Pen-test toolkit to validate and exploit discovered vulnerabilities.
https://www.metasploit.com/
1️⃣1️⃣ Patch My PC – Keeps Windows endpoints updated automatically.
https://patchmypc.com/home-updater
1️⃣2️⃣ CVE Search – A simple tool to find, correlate, and filter known CVEs.
https://github.com/cve-search/cve-search
These tools let you spot what matters, validate risks, and act – fast.
Want to supercharge your vulnerability playbook with recurring employee-targeted attack simulations? 🧠 See how AUMINT.io helps CISOs uncover blind spots in real time: Schedule here
🔐 Save this post to upgrade your VM toolkit without spending a dime!
#CISO #VulnerabilityManagement #CyberSecurity #InfoSec #RiskReduction #AUMINT