In 2020 Toll Group went twice through a ransomware attack, now Sophos which acted as a response and investigation team for the events, announces that the entry point was an account of an employee who died but remained active in the system.
Nefilim Ransomware Attack Used “Ghost” Credentials.
According to the report by Sophos, the Nefilim group responsible for the infidelity attack that was on the company’s network for about a month without the defense systems identifying suspicious activity, the user used by the attack group belonged to a deceased employee but his account was locked/deleted due to being integrated into various services.
Read more about Examples and Numbers of Social Engineering attacks ›
Save Your Company from Social Engineering Attacks Like that
Register and Get your Personalized Free Exposure Report NOW
and See your where your Company is Exposed to Hackers
Recently Published on our Blog
📊 CISOs: Free Cybersecurity Metrics Dashboards to Track Right Now 📊
As a CISO, you’re judged by how well you measure and communicate risk. But building dashboards from scratch or paying for pricey platforms isn’t always feasible.
Good news: there are powerful free cybersecurity dashboards you can start using or adapting today to track what matters most – from phishing response times to endpoint health and user risk.
Here’s a curated list of must-know dashboards and templates:
1️⃣ Microsoft Security Dashboard (via M365 Defender) – Visibility into threats, secure score, and incidents.
https://security.microsoft.com/securityoperations
2️⃣ Google Chronicle Security Dashboard (Free Tier) – SIEM-like visibility with integrated threat context.
https://cloud.google.com/chronicle
3️⃣ Splunk Security Essentials – Prebuilt dashboards for SOC maturity, MITRE mapping, and detection coverage.
https://splunkbase.splunk.com/app/3435/
4️⃣ Grafana + OSQuery Dashboards – Visualize endpoint queries across your fleet.
https://grafana.com/grafana/dashboards/12633-osquery-monitoring/
5️⃣ MITRE D3FEND Matrix Dashboards – Visual guide to map defense techniques against known threats.
https://d3fend.mitre.org/
6️⃣ Elastic Security Dashboards (via ELK Stack) – Open-source option for visualizing threat and event data.
https://www.elastic.co/security
7️⃣ Wazuh Dashboards (via Kibana) – Security analytics dashboard tailored to endpoint data and compliance events.
https://documentation.wazuh.com/current/user-manual/kibana-app/index.html
These dashboards help CISOs turn raw data into strategic conversations with boards, execs, and security teams.
Want to go beyond metrics and test real-world human risk? AUMINT.io simulates social engineering attacks and gives you trackable, CISO-level metrics on employee behavior.
📅 Ready to see AUMINT’s impact dashboards? Book a free intro call
📌 Save this post and start making metrics work for you, not against you.
#CISO #CyberSecurityMetrics #Dashboards #SecurityAnalytics #AUMINT
🧠 CISOs: Best Free Resources to Understand Ransomware Trends 🧠
Ransomware isn’t slowing down – it’s evolving.
To stay ahead, CISOs need more than just protection tools. You need intelligence: real-time insights, attacker TTPs, and evolving trends – without paying for expensive threat feeds.
Here are the top free resources to track ransomware evolution, tactics, and sector-specific risks:
1️⃣ CISA Ransomware Resources Hub – Government-grade alerts, advisories, and toolkits.
https://www.cisa.gov/stopransomware
2️⃣ ID Ransomware – Upload samples or notes to identify the ransomware variant attacking your org.
https://id-ransomware.malwarehunterteam.com/
3️⃣ The DFIR Report – Ransomware Editions – Deep-dive incident reports from real-world infections.
https://thedfirreport.com/
4️⃣ Ransomware.live – Live tracking of known ransomware groups and active leaks.
https://ransomware.live/
5️⃣ Unit42 Ransomware Threat Intelligence – Palo Alto’s research arm offers constant updates on group behaviors.
https://unit42.paloaltonetworks.com/category/ransomware/
6️⃣ No More Ransom Project – Joint initiative offering decryptors and prevention tools.
https://www.nomoreransom.org/
7️⃣ MITRE ATT&CK Ransomware Map – Understand tactics and techniques behind ransomware campaigns.
https://attack.mitre.org
8️⃣ RedSense (by Recorded Future) – Updated dashboards with ransomware actor profiles and IOCs.
https://www.recordedfuture.com/resources
Want to combine intelligence with simulation? 🧠 AUMINT.io empowers CISOs with recurring, targeted social engineering attack simulations that test human readiness against ransomware vectors.
Book a free intro call today: Schedule here
💾 Save this post – and bookmark these resources to keep your SOC informed, alert, and one step ahead.
#CISO #Ransomware #ThreatIntel #CyberSecurity #InfoSec #AUMINT
DORA Is Now Final – Here’s What CISOs and Boards Must Act On Today
🛡️ DORA Just Became Mandatory – Are You Ready to Prove It?
🧠 Financial entities are waking up to a hard truth:
💥 DORA isn’t just about systems – it’s about people, vendors, and visibility.
⏳ The compliance deadline is January 17, 2025. But most haven’t started addressing the weakest link – the human attack surface.
🚨 DORA now demands you monitor and test every ICT risk – including third parties. That means your social engineering blind spots could now trigger a compliance failure.
🎯 This isn’t theory. It’s operational reality.
✅ Boards are now directly accountable for digital risk governance.
✅ Simulations must go beyond tech – into phishing, impersonation, and insider threats.
✅ Your cyber resilience must now be provable.
🔎 What’s most surprising?
DORA’s final standards expect proactive testing of non-technical risk vectors – and most orgs are still training humans once a year.
That’s a ticking bomb.
👁️🗨️ AUMINT Trident delivers DORA-ready human-layer simulations, exposure analysis, and board-grade insights.
⚡ Don’t get caught flat-footed.
👉 Book your walkthrough
#CyberResilience #CISO #DORA #DigitalRisk #ThirdPartyRisk #HumanFirewall #BoardGovernance #AUMINT