In 2020 Toll Group went twice through a ransomware attack, now Sophos which acted as a response and investigation team for the events, announces that the entry point was an account of an employee who died but remained active in the system.
Nefilim Ransomware Attack Used “Ghost” Credentials.
According to the report by Sophos, the Nefilim group responsible for the infidelity attack that was on the company’s network for about a month without the defense systems identifying suspicious activity, the user used by the attack group belonged to a deceased employee but his account was locked/deleted due to being integrated into various services.
Read more about Examples and Numbers of Social Engineering attacks ›
Save Your Company from Social Engineering Attacks Like that
Register and Get your Personalized Free Exposure Report NOW
and See your where your Company is Exposed to Hackers
Recently Published on our Blog
The New Face of Fraud: When Search Ads Become Cyber Traps
🔍 Search Ads: The Hidden Threat to Your Organization
💡 Cybercriminals are now leveraging search engine ads to impersonate employee portals, deceiving users into revealing sensitive information.
💼 This tactic targets payroll, unemployment, and health savings accounts, leading to unauthorized access and financial loss.
🔐 Even with multi-factor authentication, attackers use social engineering to bypass security measures, posing as trusted representatives to extract one-time passcodes.
🛡️ AUMINT.io’s Trident platform addresses this by:
Simulating phishing and social engineering attacks.
Training employees to identify and respond to threats.
Providing CISOs with insights into human risk factors.
📈 Empower your team to recognize and thwart these sophisticated attacks.
👉 Schedule your free strategy session with AUMINT.io today and strengthen your organization’s human firewall.
#CyberSecurity #SocialEngineering #EmployeeTraining #CISO #AUMINT
Retail Cyber Siege: What the M&S, Harrods, and Co-op Attacks Reveal About the Next Wave of Threats
🛍️ Marks & Spencer Cyberattack: A Wake-Up Call for Retailers
🔐 The recent cyber incident at M&S disrupted online orders and in-store services, highlighting vulnerabilities in retail cybersecurity.
💳 Customers faced issues with contactless payments and gift card transactions, emphasizing the need for robust digital defenses.
📉 The financial impact is significant, with potential losses from suspended online sales and diminished customer trust.
🛡️ Retailers must prioritize comprehensive cybersecurity strategies that include technological safeguards and employee training.
💡 AUMINT.io’s Trident platform offers:
Advanced threat detection to identify and mitigate risks.
Continuous employee training to recognize and respond to threats.
Incident response planning to ensure business continuity.
📈 Strengthen your organization’s cybersecurity posture.
👉 Schedule your free strategy session with AUMINT.io now and protect your business from cyber threats.
#CyberSecurity #RetailSecurity #M&S #AUMINT #CISO
The Rise of the “Pretend Employee”: How Remote Work Fuels Insider Threats
🕵️ Fake Remote Workers Are Slipping Through the Cracks
💻 They show up to Zoom.
🎯 They hit performance KPIs.
🔒 But they’re not who they say they are.
⚠️ A dangerous new insider threat is spreading – pretend employees using fake identities, stolen credentials, or stand-ins to access sensitive systems and data.
🌍 In a remote-first world, attackers are exploiting hiring gaps and weak ID verification to get in, blend in, and steal from the inside.
💡 AUMINT.io’s Trident helps you detect the undetectable:
– Simulates insider threat scenarios across roles and regions
– Analyzes behavioral patterns beyond login credentials
– Trains teams to question suspicious actions, not just phishing emails
🎯 Book a free strategy call now – before the next insider risk gets hired.
#InsiderThreat #RemoteWorkSecurity #CyberSecurity #CISO #TridentByAUMINT #SecurityAwareness #HumanRisk #SocialEngineering #BehavioralSecurity