In 2020 Toll Group went twice through a ransomware attack, now Sophos which acted as a response and investigation team for the events, announces that the entry point was an account of an employee who died but remained active in the system.
Nefilim Ransomware Attack Used “Ghost” Credentials.
According to the report by Sophos, the Nefilim group responsible for the infidelity attack that was on the company’s network for about a month without the defense systems identifying suspicious activity, the user used by the attack group belonged to a deceased employee but his account was locked/deleted due to being integrated into various services.
Read more about Examples and Numbers of Social Engineering attacks ›
Save Your Company from Social Engineering Attacks Like that
Register and Get your Personalized Free Exposure Report NOW
and See your where your Company is Exposed to Hackers
Recently Published on our Blog
Financial Scams Are Exploiting Human Trust – Protect Your Wealth Now
💰 Financial Scams Are Exploiting Human Trust
⚠️ Social engineering attacks are targeting wealth management clients, executives, and finance teams, manipulating trust to bypass traditional cybersecurity measures.
📞 Emails, phone calls, and social media interactions are weaponized to impersonate advisors or pressure targets into transferring funds.
💡 A single compromised communication can trigger massive financial loss, making human behavior the weak link in modern wealth protection.
🔍 AUMINT Trident simulates real-world social engineering attacks on finance teams, revealing vulnerabilities and guiding actionable security improvements before incidents occur.
📅 Protect your organization and clients today: https://calendly.com/aumint/aumint-intro
.
#CISO #FinanceSecurity #WealthManagement #SocialEngineering #FraudPrevention #ExecutiveProtection #HumanFactor
☁️ Free SaaS Risk Assessment Platforms No One Talks About ☁️
SaaS adoption is skyrocketing, but unchecked apps create hidden security and compliance risks. Luckily, there are free platforms CISOs can leverage to assess SaaS risk without a huge budget.
Here are top free SaaS risk assessment tools:
1️⃣ BitSight Free Insights – Basic SaaS risk scoring and vendor exposure overview.
🔗 https://www.bitsight.com/
2️⃣ Cloud Security Alliance (CSA) STAR Self-Assessment – Framework to evaluate cloud/SaaS provider security posture.
🔗 https://cloudsecurityalliance.org/star/
3️⃣ RiskRecon Free Tier – Provides risk ratings and supplier insights for SaaS applications.
🔗 https://www.riskrecon.com/
4️⃣ AppOmni Free Plan – SaaS security posture assessment for collaboration apps and CRMs.
🔗 https://www.appomni.com/
5️⃣ SaaS Security Alliance (SSA) Tools – Templates and guides for evaluating SaaS risk.
🔗 https://www.saassecurityalliance.org/
6️⃣ OpenPages SaaS Risk Templates – Free templates for mapping SaaS applications to risk categories.
🔗 https://www.ibm.com/products/openpages
7️⃣ CloudSploit Community Edition – Checks misconfigurations and risk in SaaS-integrated cloud services.
🔗 https://github.com/aquasecurity/cloudsploit
⚡ Takeaway: Even free tools provide visibility, scoring, and actionable recommendations that help CISOs reduce shadow IT and prevent SaaS-related breaches.
At AUMINT.io, we complement these assessments by simulating how employees interact with SaaS apps and could be manipulated, exposing hidden human risks that automated tools may miss.
🔗 Want to see where your human layer exposes SaaS risk? Book a free demo
#SaaSSecurity #CISO #CyberSecurity #SupplyChainRisk #AUMINT
HR Departments Are Your Organization’s Hidden Cyber Risk
🚨 HR Departments Could Be Your Weakest Cyber Link
💡 HR teams manage sensitive employee records, payroll data, and confidential legal documents – prime targets for hackers.
⚠️ Social engineering attacks on HR staff are rising, exploiting their frequent communications with candidates and vendors to steal credentials or sensitive info.
🔥 A compromised HR account can open gateways to identity theft, financial fraud, and reputational damage across your organization.
🔍 AUMINT Trident simulates real-world social engineering attacks against HR workflows, measuring employee vulnerability and providing actionable steps to secure your teams before incidents occur.
📅 Strengthen your HR cybersecurity now: https://calendly.com/aumint/aumint-intro
.
#CISO #HRTech #CyberSecurity #SocialEngineering #FraudPrevention #HumanFactor #EmployeeAwareness