In 2020 Toll Group went twice through a ransomware attack, now Sophos which acted as a response and investigation team for the events, announces that the entry point was an account of an employee who died but remained active in the system.
Nefilim Ransomware Attack Used “Ghost” Credentials.
According to the report by Sophos, the Nefilim group responsible for the infidelity attack that was on the company’s network for about a month without the defense systems identifying suspicious activity, the user used by the attack group belonged to a deceased employee but his account was locked/deleted due to being integrated into various services.
Read more about Examples and Numbers of Social Engineering attacks ›
Save Your Company from Social Engineering Attacks Like that
Register and Get your Personalized Free Exposure Report NOW
and See your where your Company is Exposed to Hackers
Recently Published on our Blog
📑 CISOs: Free Guides to Build Your Board-Level Reporting Toolkit 📑
Your board doesn’t want raw logs – they want clarity, context, and confidence. As a CISO, the way you translate technical risk into strategic language can make or break funding, trust, and influence.
Here’s a list of free, high-value guides to help you craft board-ready cybersecurity reports that actually resonate:
1️⃣ NACD Cyber-Risk Oversight Handbook – A gold-standard framework for aligning security to board priorities.
https://www.nacdonline.org/cyber
2️⃣ CISA Cybersecurity Performance Goals – Benchmark progress with structured, board-friendly metrics.
https://www.cisa.gov/cpg
3️⃣ World Economic Forum – Principles for Board Governance of Cyber Risk – Policy-level insights for shaping narratives.
https://www.weforum.org/reports/principles-for-board-governance-of-cyber-risk
4️⃣ ENISA Cybersecurity Risk Management Framework – EU-focused but globally useful for structured board updates.
https://www.enisa.europa.eu/publications/risk-management
5️⃣ ISACA Board Briefings on Cybersecurity – Concise executive summaries tailored for board consumption.
https://www.isaca.org/resources
6️⃣ Cybersecurity & Infrastructure Security Agency Incident & Vulnerability Reporting Guidance – How to brief decision-makers under pressure.
https://www.cisa.gov/publication
7️⃣ SANS Security Leadership Posters – Visual aids to help communicate complex risk in minutes.
https://www.sans.org/posters
Equip yourself with these, and your next board meeting could shift from “budget defense” to “strategic partnership.”
Want to add measurable, people-focused risk data to your reports? 🧠 AUMINT.io delivers board-ready human risk metrics from targeted social engineering simulations.
📅 See how AUMINT strengthens your reporting: Book a free intro call
📌 Save this post – your board will thank you.
#CISO #BoardReporting #CyberRisk #SecurityLeadership #AUMINT
Inside the Shadows – How Dark Web Monitoring Protects Your Business Before It’s Too Late
💻 Hidden Threats Your Security Tools Can’t See
🕵️♂️ Criminals are selling stolen credentials and corporate secrets in places your firewall will never reach.
⚠️ Every week, millions of new records hit the Dark Web – and most businesses have no idea until the damage is irreversible.
🔍 Dark Web monitoring gives you eyes where attackers hide, scanning secret forums, private chatrooms, and encrypted markets for stolen data tied to your brand.
🤝 The best solutions blend automation and expert human intelligence to detect early warning signs, decode emerging threats, and trigger a rapid response before criminals strike.
📉 Without it, a single exposed database can lead to regulatory fines, revenue loss, and reputational collapse.
🚀 At AUMINT.io, we deliver actionable threat intelligence so you can act before the headlines do.
📅 Book your free Dark Web threat assessment today and uncover what’s out there before your attackers do.
#CyberSecurity #ThreatIntelligence #CISO #FraudPrevention #DataProtection #RiskManagement #DarkWebMonitoring #InfoSec
AI-Powered Cyber Threats Are Here – And They’re Moving Faster Than You Can React
🤖 AI Cyber Threats You’re Not Ready For
⚡ Hackers are now using AI to craft deepfake voices, rewrite malware in real time, and create hyper-personalized phishing that beats every spam filter.
🎯 These aren’t random attacks – AI analyzes your data, habits, and even tone of voice to target you with precision strikes.
💣 By the time you detect the breach, AI has already moved on, hidden its tracks, and exploited new entry points.
🔍 Traditional awareness training won’t cut it – you need simulation-based testing that keeps pace with AI’s speed.
🛡️ AUMINT.io replicates AI-powered social engineering tactics so your teams can experience and counter real-world attacks before they happen.
📈 This isn’t about “if” AI will target you – it’s about whether your people can spot the difference between reality and an AI-crafted deception.
🚀 Want to see how attackers will use AI against your business?
Book your walkthrough today – every day you wait is a day AI gets smarter.
#CyberSecurity #CISO #CTO #CEO #AIThreats #SocialEngineering #IncidentResponse #InfoSec #AIinCybersecurity #DeepfakeDefense #PhishingSimulation #SecurityAwarenessTraining