In 2020 Toll Group went twice through a ransomware attack, now Sophos which acted as a response and investigation team for the events, announces that the entry point was an account of an employee who died but remained active in the system.
Nefilim Ransomware Attack Used “Ghost” Credentials.
According to the report by Sophos, the Nefilim group responsible for the infidelity attack that was on the company’s network for about a month without the defense systems identifying suspicious activity, the user used by the attack group belonged to a deceased employee but his account was locked/deleted due to being integrated into various services.
Read more about Examples and Numbers of Social Engineering attacks ›
Save Your Company from Social Engineering Attacks Like that
Register and Get your Personalized Free Exposure Report NOW
and See your where your Company is Exposed to Hackers
Recently Published on our Blog
📚 CISOs: Free Incident Response Guides Every Leader Should Download 📚
When an incident strikes, preparation is everything. A well-structured guide can mean the difference between chaos and a coordinated response.
Here’s a list of essential free incident response guides every CISO should have in their toolkit:
1️⃣ SANS Incident Handler’s Handbook – Classic, actionable guidance used worldwide.
https://www.sans.org/reading-room/whitepapers/incident/incident-handlers-handbook-33901
2️⃣ NIST SP 800-61r2 – Comprehensive Computer Security Incident Handling Guide.
https://csrc.nist.gov/publications/detail/sp/800-61/rev-2/final
3️⃣ CERT Resilience Management Model (CERT-RMM) – Focus on resilience through repeatable IR processes.
https://resources.sei.cmu.edu/library/asset-view.cfm?assetid=508839
4️⃣ MITRE ATT&CK Playbooks – Align responses to attacker tactics and techniques.
https://attack.mitre.org/resources/playbooks/
5️⃣ CISA Incident Response Playbook – Structured approach recommended by the US government.
https://www.cisa.gov/publication/cisa-incident-response-playbook
6️⃣ FIRST CSIRT Services Framework – Best practices for coordination, analysis, and communication.
https://www.first.org/standards/framework
7️⃣ ENISA Good Practice Guide for Incident Management – EU-focused guidance for managing incidents effectively.
https://www.enisa.europa.eu/publications/guidelines-incident-management
Using these guides allows CISOs to train teams, standardize processes, and respond faster to contain threats.
Want to go beyond technical response and measure human risk? 🧠 AUMINT.io simulates social engineering attacks to provide actionable insights into employee vulnerabilities.
📅 Book a free intro call today: Schedule here
💾 Save this post and keep these guides at your fingertips!
#CISO #IncidentResponse #CyberSecurity #SOC #AUMINT
Legal Language in AI Is Becoming a New Cyber Threat
⚠️ Legal Language Could Trick Your AI Systems
Generative AI is under attack in ways most organizations aren’t prepared for.
Cybercriminals are exploiting AI’s understanding of legal phrasing to manipulate automated decisions, bypassing traditional security measures.
Deceptive instructions embedded in contracts, policies, or communications may seem legitimate to humans but can trigger unauthorized actions in AI systems.
The risks are clear: financial loss, operational disruption, and reputational damage are just a single clever instruction away.
AUMINT.io offers real-time monitoring and anomaly detection for AI workflows, giving enterprises the insight needed to prevent manipulation before damage occurs.
Stay ahead of AI-targeted attacks: https://calendly.com/aumint/aumint-intro
#CyberSecurity #AIThreats #FraudPrevention #SocialEngineering #CISO #AUMINT #EnterpriseSecurity
🛠️ CISOs: 10 Free Open-Source Security Tools You Need 🛠️
Managing cybersecurity doesn’t have to come with a huge price tag. Open-source tools provide powerful protection, detection, and monitoring without the licensing costs.
Here’s a curated list of 10 free open-source security tools every CISO should know:
1️⃣ Wazuh – SIEM and endpoint monitoring platform for threat detection and compliance.
https://wazuh.com/
2️⃣ OSQuery – Query endpoints with SQL-like commands for visibility and auditing.
https://osquery.io/
3️⃣ MISP (Malware Information Sharing Platform) – Share, store, and consume threat intelligence.
https://www.misp-project.org/
4️⃣ TheHive Project – Collaborative incident response and case management platform.
https://thehive-project.org/
5️⃣ Cortex – Analysis engine to automate threat investigation workflows.
https://www.theforeman.org/plugins/cortex/
6️⃣ GRR Rapid Response – Remote live forensics and incident response framework.
https://github.com/google/grr
7️⃣ Security Onion – Linux distro packed with monitoring, detection, and threat hunting tools.
https://securityonionsolutions.com/
8️⃣ Nikto2 – Web server scanner to detect dangerous files and outdated software.
https://github.com/sullo/nikto
9️⃣ Trivy – Container and Kubernetes vulnerability scanner.
https://aquasecurity.github.io/trivy/
🔟 MITRE ATT&CK Navigator – Visualize attacker tactics and techniques for improved defense.
https://attack.mitre.org/
Combine these tools to build a strong security foundation, enhance visibility, and respond to threats faster.
Want to identify human risk vulnerabilities that tech can’t catch? 🧠 AUMINT.io simulates social engineering attacks and provides actionable insights for CISOs.
📅 Book a free intro call: Schedule here
💾 Save this post and strengthen your security posture today!
#CISO #OpenSourceSecurity #CyberTools #ThreatDetection #AUMINT