In 2020 Toll Group went twice through a ransomware attack, now Sophos which acted as a response and investigation team for the events, announces that the entry point was an account of an employee who died but remained active in the system.
Nefilim Ransomware Attack Used “Ghost” Credentials.
According to the report by Sophos, the Nefilim group responsible for the infidelity attack that was on the company’s network for about a month without the defense systems identifying suspicious activity, the user used by the attack group belonged to a deceased employee but his account was locked/deleted due to being integrated into various services.
Read more about Examples and Numbers of Social Engineering attacks ›
Save Your Company from Social Engineering Attacks Like that
Register and Get your Personalized Free Exposure Report NOW
and See your where your Company is Exposed to Hackers
Recently Published on our Blog
The Raccoon Infostealer Takedown – A Win That Hides a Bigger Threat
🔥 Raccoon Infostealer Shut Down – But The Threat Isn’t Gone
⚡ Microsoft and Cloudflare dismantled the infrastructure behind the Raccoon infostealer, one of the most widely used malware families in recent years.
🔍 Raccoon thrived because it was sold as Malware-as-a-Service – allowing even low-skilled criminals to launch data theft campaigns in hours.
📈 The shutdown looks like a win, but history shows attackers quickly migrate to new tools, often more dangerous than the last.
💡 The real risk isn’t just the malware itself – it’s the human response to the social engineering tactics that deliver it.
✅ At AUMINT.io, our Trident platform helps companies prepare employees to resist these evolving attacks through recurring, real-world simulations.
📌 Want to ensure your workforce is ready for whatever replaces Raccoon? Book your AUMINT intro call
today.
#CISO #CIO #CEO #CyberSecurity #FraudPrevention #RiskManagement #BoardDirectors
The Fake CAPTCHA Trap – How Cybercriminals Are Turning Trust into Exploitation
🛑 Fake CAPTCHAs Are the New Corporate Backdoor
⚡ What looks like a harmless “I’m not a robot” box can now trigger hidden scripts that install malware on corporate devices.
🔍 Attackers are disguising malicious payloads inside fake CAPTCHAs, tricking employees into clicking without hesitation.
📈 The danger? These traps exploit routine trust – employees solve CAPTCHAs daily and rarely question them.
💡 Once inside, attackers can escalate privileges, move laterally, and compromise sensitive data. And because the entry point feels “normal,” many breaches go undetected until too late.
✅ At AUMINT.io, our Trident platform prepares teams for these exact scenarios. Through recurring, AI-informed simulations, it builds instincts that help employees spot and resist manipulative tactics before they cause real damage.
📌 Want to see how fake CAPTCHA simulations can uncover blind spots in your workforce? Book your AUMINT intro call
today.
#CISO #CIO #CEO #CyberSecurity #FraudPrevention #RiskManagement #BoardDirectors
AI-Powered Penetration Testing Is Changing the Cybersecurity Game – Are You Ready?
🤖 AI Is Transforming Penetration Testing – Are You Keeping Up?
⚡ Traditional pen tests happen once or twice a year, but attackers using AI probe your systems every single day.
🔍 AI-driven penetration testing doesn’t just follow checklists – it adapts, evolves, and mimics real adversaries, finding weaknesses that humans might miss.
📈 The catch? Hackers are already doing this. They’re using AI to automate attacks, identify soft targets, and exploit gaps faster than security teams can patch them.
💡 That means relying only on traditional testing or static awareness programs leaves companies dangerously behind.
✅ At AUMINT.io, our Trident platform focuses on the human layer – where most breaches begin. Through recurring, AI-informed simulations, it measures employee response under real-world pressure and strengthens resilience where it matters most.
📌 Want to see how AI-driven simulations can uncover blind spots in your workforce and fortify your defenses? Book your AUMINT intro call
today.
#CISO #CIO #CEO #CyberSecurity #FraudPrevention #RiskManagement #BoardDirectors