In 2020 Toll Group went twice through a ransomware attack, now Sophos which acted as a response and investigation team for the events, announces that the entry point was an account of an employee who died but remained active in the system.
Nefilim Ransomware Attack Used “Ghost” Credentials.
According to the report by Sophos, the Nefilim group responsible for the infidelity attack that was on the company’s network for about a month without the defense systems identifying suspicious activity, the user used by the attack group belonged to a deceased employee but his account was locked/deleted due to being integrated into various services.
Read more about Examples and Numbers of Social Engineering attacks ›
Save Your Company from Social Engineering Attacks Like that
Register and Get your Personalized Free Exposure Report NOW
and See your where your Company is Exposed to Hackers
Recently Published on our Blog
📋 Free NIST Compliance Tools That Simplify Audits 📋
Meeting NIST standards can feel overwhelming, but several free tools help CISOs streamline audits and maintain compliance without expensive software.
Here are the top free NIST compliance tools:
1️⃣ NIST Cybersecurity Framework (CSF) Online Tool – Interactive tool to map controls and track maturity.
🔗 https://www.nist.gov/cyberframework
2️⃣ CSET (Cyber Security Evaluation Tool) – NIST-based assessment tool to evaluate security posture.
🔗 https://cset.nist.gov/
3️⃣ SP 800-53 Security Control Templates – Free Excel/Word templates for documentation and audit tracking.
🔗 https://csrc.nist.gov/publications/sp800
4️⃣ OpenControl – Open-source framework to manage NIST and other compliance frameworks.
🔗 https://www.opencontrol.org/
5️⃣ Vanta Free Resources – Guides and checklists for NIST CSF and audit prep.
🔗 https://www.vanta.com/resources
6️⃣ ComplianceForge NIST Guides – Free guides and sample documentation for NIST 800-53 and CSF.
🔗 https://www.complianceforge.com/free-resources
7️⃣ NIST 800-171 Assessment Templates – Helps organizations prepare for controlled unclassified information (CUI) compliance.
🔗 https://csrc.nist.gov/publications/sp800
⚡ Takeaway: These tools help CISOs map controls, track gaps, and prepare for audits efficiently, saving hours of manual work.
At AUMINT.io, we pair technical compliance with human risk simulations, showing how employee behavior can affect NIST control effectiveness and overall security posture.
🔗 Want to see how your human layer impacts compliance readiness? Book a free demo
#NISTCompliance #CISO #CyberSecurity #AuditTools #AUMINT
Digital Doppelgangers: How Impersonation Threats Are Reshaping Enterprise Security
🚨 Digital Impersonation Is the New Enterprise Threat
😱 Attackers are no longer just hacking systems – they are pretending to be your trusted colleagues.
📧 From cloned emails to fake profiles on collaboration tools, digital impersonation exploits human trust, bypassing traditional security defenses.
⚡ Employees may unknowingly share sensitive data, approve fraudulent transactions, or introduce malware, leaving minimal digital traces.
🔑 Technical controls aren’t enough – awareness, simulation, and real-world social engineering exposure are critical.
💡 AUMINT.io’s Trident platform simulates sophisticated impersonation attacks, training teams to detect and respond before real damage occurs.
📅 Book your intro session here
and strengthen your human firewall today.
#CISO #CTO #CyberSecurity #FraudPrevention #AwarenessTraining #EnterpriseSecurity
🌐 Free Botnet Tracker Sites Revealing Global Attack Trends 🌐
Botnets continue to power a huge percentage of cyberattacks worldwide, from DDoS campaigns to malware distribution. For CISOs, tracking them early is crucial – and several free resources make this possible.
Here are the top free botnet tracker sites:
1️⃣ Abuse.ch – Feodo, Zeus Tracker – Tracks active banking malware and botnets.
🔗 https://abuse.ch
2️⃣ Shadowserver Foundation – Provides free daily reports on botnet infections globally.
🔗 https://www.shadowserver.org/
3️⃣ Spamhaus Botnet Threat Feeds – Lists IPs and domains associated with botnet activity.
🔗 https://www.spamhaus.org/
4️⃣ Zeus Tracker (via Abuse.ch) – Specific tracking for Zeus botnet variants.
🔗 https://zeustracker.abuse.ch/
5️⃣ Botvrij.eu – Real-time botnet detection and reporting for European networks.
🔗 https://botvrij.eu/
6️⃣ Malwaredomainlist.com – Monitors botnet command-and-control servers and malicious domains.
🔗 https://www.malwaredomainlist.com/
7️⃣ Emerging Threats (ET Open) – Network threat intelligence including botnet activity feeds.
🔗 https://rules.emergingthreats.net/
⚡ Using these free trackers, CISOs can spot emerging threats, update defenses, and strengthen SOC responses before attacks escalate.
At AUMINT.io, we complement technical monitoring with simulations of social engineering attacks that exploit human weaknesses, revealing the full picture of organizational exposure.
🔗 Want to see how your employees respond to botnet-driven phishing or social attacks? Book a free demo
#BotnetTracking #CISO #CyberSecurity #ThreatIntelligence #AUMINT