In 2020 Toll Group went twice through a ransomware attack, now Sophos which acted as a response and investigation team for the events, announces that the entry point was an account of an employee who died but remained active in the system.
Nefilim Ransomware Attack Used “Ghost” Credentials.
According to the report by Sophos, the Nefilim group responsible for the infidelity attack that was on the company’s network for about a month without the defense systems identifying suspicious activity, the user used by the attack group belonged to a deceased employee but his account was locked/deleted due to being integrated into various services.
Read more about Examples and Numbers of Social Engineering attacks ›
Save Your Company from Social Engineering Attacks Like that
Register and Get your Personalized Free Exposure Report NOW
and See your where your Company is Exposed to Hackers
Recently Published on our Blog
🕵️♂️ 5 Free Zero-Day Trackers Every CISO Needs Handy 🕵️♂️
Zero-days remain one of the biggest blind spots for security teams. Staying ahead means knowing where to track active vulnerabilities before they hit mainstream feeds. Here are 5 free resources every CISO should keep in their toolkit:
1️⃣ CISA Known Exploited Vulnerabilities (KEV) Catalog – Actively exploited vulnerabilities updated continuously.
https://www.cisa.gov/known-exploited-vulnerabilities-catalog
2️⃣ MITRE CVE Database – The definitive catalog of vulnerabilities, including emerging zero-days.
https://cve.mitre.org/
3️⃣ Google Project Zero – Research group uncovering and publishing zero-day findings.
https://googleprojectzero.blogspot.com/
4️⃣ ZDI (Zero Day Initiative) – Public advisories on discovered and responsibly disclosed zero-days.
https://www.zerodayinitiative.com/advisories/published/
5️⃣ Exploit Database (OffSec) – Community-driven database tracking zero-day exploits and proof-of-concepts.
https://www.exploit-db.com/
⚡ These trackers won’t stop attacks alone, but they give CISOs the visibility to patch fast, prioritize risks, and brief leadership with confidence.
At AUMINT.io, we go a step further – simulating how attackers exploit the human factor with phishing, vishing, and deepfake social engineering before a zero-day even gets weaponized.
🔗 Want to see how your employees would react under a zero-day-themed phishing test? Book a demo
#ZeroDay #CISO #CyberSecurity #VulnerabilityManagement #AUMINT
Humans Remain the Weakest Link – Why Social Engineering Dominates Cyber Threats in 2025
🚨 Humans Are Still the #1 Cybersecurity Risk
📊 Over 80% of organizations now rank social engineering as their greatest threat.
💡 Here’s the twist: it is not just about phishing emails anymore. Attackers are using deepfakes, urgent voice calls, and even video manipulation to outsmart people in ways firewalls cannot stop.
😱 The shock is not in the tools they use – it is in how easily human behavior is exploited. One click, one reply, one rushed decision can unlock the doors no hacker could force open.
🔍 The data tells us most training programs are outdated. Annual awareness sessions fail because attackers test every single day. The result – mid-market firms are losing millions while attackers refine their playbook.
🔥 What works instead? Recurring simulations that mirror real-world social engineering attacks, combined with dashboards that show CISOs and boards exactly where their human vulnerabilities are hiding.
👥 In 2025, the true security perimeter is people – and it is under constant siege.
📅 Want to see how to transform employees into a resilient defense system? Book your session here: https://calendly.com/aumint/aumint-intro
.
#CISO #CyberSecurity #FraudPrevention #BoardDirectors #RiskManagement #HumanFactor #AwarenessTraining #CyberResilience
🗺 7 Free Threat Maps CISOs Should Bookmark Today 🗺
Seeing cyber attacks unfold in real time changes how you think about defense. Threat maps give CISOs a powerful visual overview of attack activity worldwide – helping teams stay alert, informed, and prepared. Best part? These tools are free.
Here are 7 threat maps worth bookmarking:
1️⃣ Kaspersky Cyberthreat Real-Time Map – Global visualization of malware and phishing.
https://cybermap.kaspersky.com/
2️⃣ FireEye (Trellix) Threat Map – Tracks malicious traffic across regions.
https://threatmap.trellix.com/
3️⃣ Check Point Threat Map – Attack origins and targets updated live.
https://threatmap.checkpoint.com/
4️⃣ Fortinet Threat Map – High-volume global attack telemetry.
https://threatmap.fortiguard.com/
5️⃣ DDoS Attack Map by NETSCOUT – Real-time global DDoS tracking.
https://www.netscout.com/ddos-attack-map
6️⃣ Bitdefender Threat Map – Malware, phishing, and spam attack data.
https://threatmap.bitdefender.com/
7️⃣ Threatbutt Map (satirical yet insightful) – A different take on visualizing attacks.
https://threatbutt.com/map/
🌍 These maps won’t replace intel platforms, but they’re powerful for awareness, briefings, and stakeholder communication.
At AUMINT.io, we help CISOs go beyond watching attacks – by simulating how attackers target employees directly with phishing, vishing, and deepfake tactics.
🔗 Curious how your org would look on a threat map of human factor attacks? Let’s build one together: Book a demo
#ThreatIntelligence #CISO #CyberSecurity #IncidentResponse #AUMINT