In 2020 Toll Group went twice through a ransomware attack, now Sophos which acted as a response and investigation team for the events, announces that the entry point was an account of an employee who died but remained active in the system.
Nefilim Ransomware Attack Used “Ghost” Credentials.
According to the report by Sophos, the Nefilim group responsible for the infidelity attack that was on the company’s network for about a month without the defense systems identifying suspicious activity, the user used by the attack group belonged to a deceased employee but his account was locked/deleted due to being integrated into various services.
Read more about Examples and Numbers of Social Engineering attacks ›
Save Your Company from Social Engineering Attacks Like that
Register and Get your Personalized Free Exposure Report NOW
and See your where your Company is Exposed to Hackers
Recently Published on our Blog
Mid-Market Firms Under Siege: The Alarming Surge in Social Engineering Attacks
🔒 Mid-Market Firms: Vendor Risks You Can’t Ignore
Nearly 90% of mid-market firms have faced cyberattacks originating from vendor networks in the past year. Hackers are increasingly exploiting third-party vulnerabilities to access internal systems.
Common tactics include phishing, malware injections, and business email compromise, often leveraging trusted vendor credentials. Attackers exploit these relationships to bypass traditional security measures and infiltrate operations.
The consequences are severe – data breaches, ransomware, and financial fraud have disrupted operations and caused significant losses. Many mid-market firms rely on legacy defenses that are no longer sufficient against modern attack vectors.
Proactive vendor risk management and social engineering simulations significantly reduce breach likelihood. Firms that invest in these strategies are better equipped to detect weaknesses before attackers do.
AUMINT.io provides tailored monitoring and actionable insights, helping mid-market firms strengthen defenses across all vendor relationships.
Secure your firm before an attack happens. Learn more: https://calendly.com/aumint/aumint-intro
#Cybersecurity #MidMarketFirms #SocialEngineering #FraudPrevention #VendorRisk #AUMINT
🔒 CISOs: Must-Have Free Cybersecurity Tools in 2025 🔒
The cybersecurity landscape keeps evolving, and so should your toolkit. But high-quality tools don’t have to drain your budget.
Here’s a handpicked list of must-have free tools every CISO should explore in 2025 to protect, monitor, and respond effectively:
1️⃣ Wazuh – Open-source SIEM, log analysis, and endpoint monitoring.
https://wazuh.com/
2️⃣ OSQuery – SQL-like queries to monitor endpoint security in real time.
https://osquery.io/
3️⃣ Nmap – Network discovery and vulnerability scanning made simple.
https://nmap.org/
4️⃣ Nikto2 – Web server scanning for dangerous files and outdated software.
https://github.com/sullo/nikto
5️⃣ TheHive Project – Collaborative incident response platform for fast investigations.
https://thehive-project.org/
6️⃣ MISP (Malware Information Sharing Platform) – Collect, store, and share threat intelligence.
https://www.misp-project.org/
7️⃣ GRR Rapid Response – Remote live forensics framework for endpoints.
https://github.com/google/grr
8️⃣ Security Onion – Linux distro packed with monitoring, detection, and threat hunting tools.
https://securityonionsolutions.com/
9️⃣ Trivy – Free container vulnerability scanner for Docker and Kubernetes.
https://aquasecurity.github.io/trivy/
🔟 MITRE ATT&CK Navigator – Visualize attacker tactics and techniques to improve defense strategy.
https://attack.mitre.org/
These tools provide a strong foundation for building a robust cybersecurity posture while staying cost-efficient.
Want to uncover human risks that tech can’t see? AUMINT.io runs real-world social engineering simulations to reveal hidden vulnerabilities in your workforce.
📅 Explore with a free intro call: Schedule here
💾 Save this post and start upgrading your 2025 cybersecurity toolkit today!
#CISO #CyberSecurityTools #OpenSourceSecurity #ThreatDetection #AUMINT
🛡️ CISOs: Top 7 Open-Source Threat Intelligence Platforms to Explore 🛡️
Threat intelligence is key to staying ahead of attackers — but commercial platforms can be costly. Open-source solutions offer powerful alternatives for gathering, analyzing, and sharing intel without breaking the bank.
Here are the top 7 open-source threat intelligence platforms CISOs should consider:
1️⃣ MISP (Malware Information Sharing Platform) – Widely used for collaborative threat sharing and analysis.
https://www.misp-project.org/
2️⃣ OpenCTI – Modern platform designed to centralize, analyze, and visualize threat intelligence.
https://www.opencti.io/
3️⃣ Yeti – Enables collection, storage, and sharing of cyber threat indicators.
https://yeti-platform.github.io/
4️⃣ Cortex – Analysis engine that integrates with MISP for automated investigations.
https://www.theforeman.org/plugins/cortex/
5️⃣ CRITIFENCE – Threat intelligence and detection platform with open components.
https://critifence.com/
6️⃣ IntelMQ – Automated pipeline for collecting and processing threat data feeds.
https://www.intelmq.org/
7️⃣ ThreatFox – Community-driven platform focused on IoCs and threat actor tracking.
https://threatfox.abuse.ch/
Open-source platforms empower security teams to customize workflows, reduce vendor lock-in, and share vital intel in near real-time.
Want to complement your intel with human risk detection? AUMINT.io simulates social engineering attacks and delivers actionable insights to protect your greatest asset – your people.
📅 Schedule a free intro call here: Book now
💡 Save this post and elevate your threat intelligence game today!
#CISO #ThreatIntel #OpenSourceSecurity #CyberSecurity #AUMINT