In 2020 Toll Group went twice through a ransomware attack, now Sophos which acted as a response and investigation team for the events, announces that the entry point was an account of an employee who died but remained active in the system.
Nefilim Ransomware Attack Used “Ghost” Credentials.
According to the report by Sophos, the Nefilim group responsible for the infidelity attack that was on the company’s network for about a month without the defense systems identifying suspicious activity, the user used by the attack group belonged to a deceased employee but his account was locked/deleted due to being integrated into various services.
Read more about Examples and Numbers of Social Engineering attacks ›
Save Your Company from Social Engineering Attacks Like that
Register and Get your Personalized Free Exposure Report NOW
and See your where your Company is Exposed to Hackers
Recently Published on our Blog
SquidLoader Malware Strikes: What Every CISO Should Know About This Emerging Threat
🔒 Malware You’ll Never See Coming Is Already Here
🧠 AI-level obfuscation.
🐙 Modular payloads.
💼 Targets finance and ops teams.
Meet SquidLoader – a malware threat so stealthy, even advanced SOC teams struggle to spot it.
👀 Attackers are dropping SquidLoader via legitimate-looking documents. One click, and you’re compromised.
💣 Once inside, it adapts – loading payloads, evading detection, and exploiting users who were never trained for this level of sophistication.
📉 Here’s the twist: most awareness programs train employees for outdated scams.
📈 SquidLoader-style attacks mimic real-world business scenarios with layered deception.
🧪 At AUMINT.io, we simulate advanced threats like these with Trident – our platform that turns employee behavior into predictive defense.
📊 You can now benchmark your team’s response against modern threat vectors like SquidLoader.
⏳ The window for passive awareness training is closing. Fast.
💡 Curious how your team would respond to this attack?
Book a free simulation consult
#CyberSecurity #InfoSec #CISOs #SOCteams #FraudPrevention #SocialEngineering #MalwareThreats #AUMINT
When Labor Disputes Turn Risky: How British Airways’ Lockout Reveals Hidden Cybersecurity Vulnerabilities
⚠️ British Airways Lockout Exposes Hidden Insider Risks
Labor disputes don’t just disrupt operations – they increase your organization’s cybersecurity vulnerabilities.
🔍 Disgruntled or sidelined employees can be targeted or manipulated through social engineering, escalating insider threats.
🧠 Cybersecurity must factor in human dynamics, especially during tense workplace situations.
❗ Technology alone isn’t enough; behavioral insights and social engineering training are critical defenses.
🛡️ AUMINT Trident simulates real-world insider threat scenarios and identifies workforce vulnerabilities in real time.
Protect your organization from risks emerging within.
Book your AUMINT demo now
#CyberSecurity #InsiderThreat #SocialEngineering #HumanRisk #AUMINT #CISO #SecurityAwareness
Hackers Are Now Hiding JavaScript in SVGs – Here’s Why That’s a Big Deal
🖼️ Attackers Are Now Hiding Code in Images
⚠️ SVG files – once harmless – are now the perfect weapon for hackers.
💣 They’re using them to smuggle JavaScript directly into your browser.
🧠 The code is obfuscated, undetected by filters, and triggered automatically when the SVG loads.
🔒 Antivirus? Email filters? Many won’t even blink – it looks like an image.
🔥 But it’s a trap – and your users won’t know until it’s too late.
🔁 Redirects, credential theft, and deeper payloads are now just a click away – disguised as a logo, button, or banner.
📉 The biggest danger? Most security teams aren’t testing for this.
That’s why AUMINT Trident now includes real-world SVG lures in our simulated phishing and awareness platform – so your team doesn’t learn the hard way.
🎯 We’re not just teaching theory – we’re replicating the exact tactics attackers use.
Want to see it live?
👉 Book Your Private AUMINT Demo
#CyberSecurity #CISOs #CTOs #EmailSecurity #SOC #CyberAwareness #SVGExploits #SocialEngineering #SecurityAwareness #CyberThreats2025 #InfoSec