In 2020 Toll Group went twice through a ransomware attack, now Sophos which acted as a response and investigation team for the events, announces that the entry point was an account of an employee who died but remained active in the system.
Nefilim Ransomware Attack Used “Ghost” Credentials.
According to the report by Sophos, the Nefilim group responsible for the infidelity attack that was on the company’s network for about a month without the defense systems identifying suspicious activity, the user used by the attack group belonged to a deceased employee but his account was locked/deleted due to being integrated into various services.
Read more about Examples and Numbers of Social Engineering attacks ›
Save Your Company from Social Engineering Attacks Like that
Register and Get your Personalized Free Exposure Report NOW
and See your where your Company is Exposed to Hackers
Recently Published on our Blog
🧠 CISOs: Best Free Resources to Understand Ransomware Trends 🧠
Ransomware isn’t slowing down – it’s evolving.
To stay ahead, CISOs need more than just protection tools. You need intelligence: real-time insights, attacker TTPs, and evolving trends – without paying for expensive threat feeds.
Here are the top free resources to track ransomware evolution, tactics, and sector-specific risks:
1️⃣ CISA Ransomware Resources Hub – Government-grade alerts, advisories, and toolkits.
https://www.cisa.gov/stopransomware
2️⃣ ID Ransomware – Upload samples or notes to identify the ransomware variant attacking your org.
https://id-ransomware.malwarehunterteam.com/
3️⃣ The DFIR Report – Ransomware Editions – Deep-dive incident reports from real-world infections.
https://thedfirreport.com/
4️⃣ Ransomware.live – Live tracking of known ransomware groups and active leaks.
https://ransomware.live/
5️⃣ Unit42 Ransomware Threat Intelligence – Palo Alto’s research arm offers constant updates on group behaviors.
https://unit42.paloaltonetworks.com/category/ransomware/
6️⃣ No More Ransom Project – Joint initiative offering decryptors and prevention tools.
https://www.nomoreransom.org/
7️⃣ MITRE ATT&CK Ransomware Map – Understand tactics and techniques behind ransomware campaigns.
https://attack.mitre.org
8️⃣ RedSense (by Recorded Future) – Updated dashboards with ransomware actor profiles and IOCs.
https://www.recordedfuture.com/resources
Want to combine intelligence with simulation? 🧠 AUMINT.io empowers CISOs with recurring, targeted social engineering attack simulations that test human readiness against ransomware vectors.
Book a free intro call today: Schedule here
💾 Save this post – and bookmark these resources to keep your SOC informed, alert, and one step ahead.
#CISO #Ransomware #ThreatIntel #CyberSecurity #InfoSec #AUMINT
DORA Is Now Final – Here’s What CISOs and Boards Must Act On Today
🛡️ DORA Just Became Mandatory – Are You Ready to Prove It?
🧠 Financial entities are waking up to a hard truth:
💥 DORA isn’t just about systems – it’s about people, vendors, and visibility.
⏳ The compliance deadline is January 17, 2025. But most haven’t started addressing the weakest link – the human attack surface.
🚨 DORA now demands you monitor and test every ICT risk – including third parties. That means your social engineering blind spots could now trigger a compliance failure.
🎯 This isn’t theory. It’s operational reality.
✅ Boards are now directly accountable for digital risk governance.
✅ Simulations must go beyond tech – into phishing, impersonation, and insider threats.
✅ Your cyber resilience must now be provable.
🔎 What’s most surprising?
DORA’s final standards expect proactive testing of non-technical risk vectors – and most orgs are still training humans once a year.
That’s a ticking bomb.
👁️🗨️ AUMINT Trident delivers DORA-ready human-layer simulations, exposure analysis, and board-grade insights.
⚡ Don’t get caught flat-footed.
👉 Book your walkthrough
#CyberResilience #CISO #DORA #DigitalRisk #ThirdPartyRisk #HumanFirewall #BoardGovernance #AUMINT
🤖 Imagine a world where AI can slip past the “I’m Not a Robot” CAPTCHA like it’s child’s play.
🚨 Well, that world is here. A ChatGPT agent has just successfully bypassed CAPTCHA defenses designed to stop bots in their tracks.
🛡️ Traditional bot defenses are being challenged like never before. What once was a reliable gatekeeper is now vulnerable to advanced AI-driven attacks.
👨💻 For cybersecurity teams, this is a wake-up call. Attackers are evolving, and so must your defense strategies.
🔍 At AUMINT.io, we understand the risks AI brings to your security perimeter. That’s why our Trident platform simulates cutting-edge attacks to reveal how your employees and systems respond under pressure.
💡 Don’t wait for a breach to find out your defenses are weak.
⚡ Ready to upgrade your security approach and stay one step ahead of AI-driven threats?
👉 Schedule your exclusive demo now and discover how to fortify your human firewall today.
#CyberSecurity #BotDefense #CAPTCHA #AIThreats #CISO #SocialEngineering #FraudPrevention #InfoSec #SecurityTraining #AUMINT