In 2020 Toll Group went twice through a ransomware attack, now Sophos which acted as a response and investigation team for the events, announces that the entry point was an account of an employee who died but remained active in the system.
Nefilim Ransomware Attack Used “Ghost” Credentials.
According to the report by Sophos, the Nefilim group responsible for the infidelity attack that was on the company’s network for about a month without the defense systems identifying suspicious activity, the user used by the attack group belonged to a deceased employee but his account was locked/deleted due to being integrated into various services.
Read more about Examples and Numbers of Social Engineering attacks ›
Save Your Company from Social Engineering Attacks Like that
Register and Get your Personalized Free Exposure Report NOW
and See your where your Company is Exposed to Hackers
Recently Published on our Blog
🚨 CISOs: Best Free Incident Response Playbooks to Download Today 🚨
In a breach, every second counts. A well-prepared incident response (IR) playbook turns chaos into coordinated action – saving time, money, and reputation.
Struggling to build or refine your IR plan? These free, expertly crafted playbooks will give you a strong foundation for fast, effective response:
1️⃣ SANS Incident Handler’s Handbook – Classic, practical guidance used globally by responders.
https://www.sans.org/reading-room/whitepapers/incident/incident-handlers-handbook-33901
2️⃣ NIST Computer Security Incident Handling Guide (SP 800-61r2) – Comprehensive framework trusted across industries.
https://csrc.nist.gov/publications/detail/sp/800-61/rev-2/final
3️⃣ CERT Resilience Management Model (CERT-RMM) – Focuses on resilience through repeatable IR processes.
https://resources.sei.cmu.edu/library/asset-view.cfm?assetid=508839
4️⃣ MITRE ATT&CK Playbooks – Attack-focused playbooks mapping response to attacker tactics.
https://attack.mitre.org/resources/playbooks/
5️⃣ CISA Incident Response Playbook – Government-grade recommendations for structured, rapid action.
https://www.cisa.gov/publication/cisa-incident-response-playbook
Download, customize, and train your teams on these playbooks to reduce downtime and contain damage faster.
Ready to enhance your IR with real-world human risk insights? AUMINT.io runs targeted social engineering attack simulations and provides actionable metrics CISOs trust.
📅 Book a free intro call today: Schedule here
💾 Save this post and keep these essential playbooks within reach.
#CISO #IncidentResponse #CyberSecurity #InfoSec #AUMINT
The 127 Percent Spike in Malware Complexity – Why Legacy Defenses Are Now a Liability
🛡️ Malware Complexity Up 127 Percent – Are You Prepared?
🚨 Attackers aren’t just increasing volume – they’re evolving sophistication at record speed.
💥 A 127 percent spike in malware complexity means threats now use AI-driven evasion, polymorphic code, and stealth tactics that make legacy defenses nearly useless.
🏭 Industrial and OT environments are prime targets, with disruptions that can shut down plants or halt critical services.
🕵️ Criminals exploit outdated systems as entry points, blending into trusted channels to bypass detection entirely.
📊 Defending against this wave requires a shift from outdated detection to prevention-first strategies with behavioral analytics, real-time visibility, and advanced threat intelligence.
📢 Legacy tools aren’t just ineffective – they’re dangerous. Book your AUMINT.io consultation today and fortify your organization before the next strike.
#CyberSecurity #Malware #ThreatIntelligence #OTSecurity #CISOs #RiskManagement #ITSecurity #DataProtection
🖥️ CISOs: 10 Free Tools to Improve Your Endpoint Security Posture 🖥️
Endpoints are the gateways attackers target most. Securing them effectively means using the right tools — and you don’t always need a big budget to start.
Here’s a curated list of 10 free tools every CISO should explore to strengthen endpoint security across your environment:
1️⃣ Microsoft Defender for Endpoint (Free Tier) – Basic protection and detection for Windows endpoints.
https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint
2️⃣ OSQuery – Query your endpoints in real time with SQL-like commands for visibility and auditing.
https://osquery.io/
3️⃣ Lynis – Security auditing and hardening tool for Unix/Linux systems.
https://cisofy.com/lynis/
4️⃣ GRR Rapid Response – Remote live forensics and incident response framework.
https://github.com/google/grr
5️⃣ Kaspersky Virus Removal Tool – Free on-demand malware scanner and remover.
https://www.kaspersky.com/downloads/thank-you/free-virus-removal-tool
6️⃣ CrowdStrike Falcon Sensor (Free Trial) – Lightweight endpoint detection and response for testing.
https://www.crowdstrike.com/
7️⃣ Bitdefender Rescue CD – Offline bootable tool for deep malware cleanup.
https://www.bitdefender.com/support/how-to-create-a-bitdefender-rescue-cd-627.html
8️⃣ Wazuh Agent – Endpoint monitoring and log collection integrated with SIEM.
https://documentation.wazuh.com/current/installation-guide/installing-wazuh-agent/index.html
9️⃣ Cisco AMP for Endpoints (Trial) – Malware protection combined with analytics.
https://www.cisco.com/c/en/us/products/security/amp-for-endpoints/index.html
🔟 Traccar – Open-source GPS tracking to monitor mobile endpoint locations and usage.
https://www.traccar.org/
These tools provide a strong foundation to identify, analyze, and respond to threats without upfront licensing costs.
Want to identify hidden human risks that can lead to endpoint breaches? AUMINT.io runs live social engineering attack simulations so you can measure and reduce human vulnerabilities.
📅 Ready to strengthen your endpoint security? Book a free intro call
🛡️ Save this post and empower your security team with these no-cost tools today!
#CISO #EndpointSecurity #EDR #CyberSecurity #ThreatDetection #AUMINT