In 2020 Toll Group went twice through a ransomware attack, now Sophos which acted as a response and investigation team for the events, announces that the entry point was an account of an employee who died but remained active in the system.
Nefilim Ransomware Attack Used “Ghost” Credentials.
According to the report by Sophos, the Nefilim group responsible for the infidelity attack that was on the company’s network for about a month without the defense systems identifying suspicious activity, the user used by the attack group belonged to a deceased employee but his account was locked/deleted due to being integrated into various services.
Read more about Examples and Numbers of Social Engineering attacks ›
Save Your Company from Social Engineering Attacks Like that
Register and Get your Personalized Free Exposure Report NOW
and See your where your Company is Exposed to Hackers
Recently Published on our Blog
When Likes Become Liability – Hidden Cyber Risks at Work
📱 Social Posts Could Trigger Your Next Breach
🔐 A simple “Like” or share on a work device can expose your entire network.
👥 Employees using WhatsApp, LinkedIn or Facebook at work are unwittingly feeding attackers entry points – platform design and social trust make it worse.
🔗 One misplaced click on a fraudulent ad or link can unleash malware or phishing across your organisation.
💸 The average breach cost in South Africa hit R53 million in 2024 – human error is the price tag.
🛡️ At AUMINT.io we simulate real-world social media use and messaging staffing-paths to surface your human risk surface and harden your defences.
🚀 Want to see where your weakest exposure is? Schedule your demo
#CyberSecurity #HumanFactor #SOC #CISO #SocialEngineering #AUMINT
Job Seekers Under Fire – How Attackers Use Fake Recruitment to Deploy Advanced Malware
🕵️♂️ Job-Seekers Are the New Frontline for Cyber Attacks
🔍 A threat group called BatShadow is targeting job-seekers and marketers with fake recruitment emails delivering a Go-based backdoor called Vampire Bot.
📧 The lure arrives as a ZIP file claiming to be a job description. Inside: a decoy PDF and a disguised “.pdf.exe” file that launches an infection chain.
💻 The malware profiles the host, captures screenshots, steals credentials, and connects to a remote attacker server – blending into normal traffic and staying hidden.
⚠️ Why it matters: your candidate pipeline may be your weakest human link. One compromised applicant or contractor can expose your network before formal onboarding begins.
📊 Use AUMINT.io to simulate recruitment-style attacks, train your team – and test your human firewalls.
🚀 Ready to find your weakest link before hackers do? Schedule your demo
#CyberSecurity #HumanFactor #SocialEngineering #RecruitmentRisk #CISO #AUMINT
Professional Services Firms Are Facing a Cyber Threat Surge
🔐 Cyber Attacks Targeting Firms Skyrocket
🚨 Professional services firms are now prime targets for sophisticated cybercrime.
🕵️♂️ Attackers exploit human trust, impersonate vendors, and manipulate helpdesks to steal sensitive client data.
💰 Double extortion is skyrocketing – attackers steal data first, then demand multi-million-dollar ransoms. Mid-sized firms are most vulnerable.
⚠️ Standard IT controls are no longer enough. Employee awareness, strict MFA, and continuous monitoring are critical defenses.
📊 AUMINT.io simulations expose hidden vulnerabilities and train employees to act as a human firewall.
🚀 Protect your firm proactively and see your cyber resilience grow – Schedule your demo
#CyberSecurity #ProfessionalServices #CISO #LawFirmSecurity #AccountingSecurity #ConsultingSecurity