SolarWind’s Data Breach – Update
Some of the information stolen from the various companies after the hack into Solarwinds is now up for sale.
What’s on the shelf:
- Microsoft Information (Partial Source Code) for $ 600k
- Cisco Information (source code for some products) for $ 500k
- SolarWinds information (source code of the entire product) for $ 200k.
- FireEye Information (Red Team Assault Tool) for $ 50k.
Oh, and there is a sale … a package of all the above information for a million dollars.
WIIFM (What’s in it for me)
Beware: the next wave of ransomware and malware will not be recognized by antivirus which means that if you install it, the hackers will have 6 to 9 months of data
WSID2P (What should I do to protect)
Be aware. They are coming for you, and they’ll use any trick in the book for it.
Get informed and Start to protect your company now.
( Source: http://solarleaks.net/)
Save Your Company from Social Engineering Attacks Like that
Register and Get your Personalized Free Exposure Report NOW,
And see where your Company is Exposed to Hackers
Recently Posted on AUMINT.io Blog
Vendor Email Compromise: The Silent $300M Threat CISOs Can’t Ignore
📧 Vendor Email Compromise Is a $300M Silent Threat
Vendor Email Compromise (VEC) is skyrocketing, with 72% of employees at large enterprises engaging with fraudulent vendor emails by replying or forwarding—even when no links or attachments are present.
This behavior has fueled attempted thefts over $300 million worldwide last year.
VEC attacks now see engagement rates 90% higher than traditional Business Email Compromise (BEC).
The EMEA region is a hotbed for these attacks, yet employees there report only 0.27% of incidents—the lowest global reporting rate.
Telecom leads in vulnerability, with 71.3% employee engagement, followed by energy and utilities at 56.25%.
VEC’s danger lies in hijacking trusted vendor email threads and leveraging social engineering that exploits human trust, bypassing technical defenses like multi-factor authentication.
To fight back, organizations must adopt AI-powered email analytics, enforce vendor verification protocols, and continuously train employees to detect social engineering tactics.
At AUMINT.io, we deliver comprehensive cybersecurity solutions blending advanced threat detection and human-focused training to shield your organization.
Don’t wait for an attack to expose your vulnerabilities.
Book a Consultation with AUMINT.io
#Cybersecurity #VendorEmailCompromise #EmailSecurity #ThreatDetection #AUMINT