In 2020 Toll Group went twice through a ransomware attack, now Sophos which acted as a response and investigation team for the events, announces that the entry point was an account of an employee who died but remained active in the system.
Nefilim Ransomware Attack Used “Ghost” Credentials.
According to the report by Sophos, the Nefilim group responsible for the infidelity attack that was on the company’s network for about a month without the defense systems identifying suspicious activity, the user used by the attack group belonged to a deceased employee but his account was locked/deleted due to being integrated into various services.
Read more about Examples and Numbers of Social Engineering attacks ›
Save Your Company from Social Engineering Attacks Like that
Register and Get your Personalized Free Exposure Report NOW
and See your where your Company is Exposed to Hackers
Recently Published on our Blog
⚠️ One Exposure Can Cost Millions – Don’t Risk It
Ransomware, data leaks, phishing – they start small.
Hidden misconfigurations and oversights become attack gateways.
For €1,500, AUMINT’s report finds these gaps before attackers do.
Take control. Protect your assets.
🛡️ Book your assessment now: https://calendly.com/aumint/aumint-intro
#RiskManagement #CyberSecurity #InfoSec #CISO #SOC #AttackSurface #AUMINT
Vendor Email Compromise: The Silent $300M Threat CISOs Can’t Ignore
📧 Vendor Email Compromise Is a $300M Silent Threat
Vendor Email Compromise (VEC) is skyrocketing, with 72% of employees at large enterprises engaging with fraudulent vendor emails by replying or forwarding—even when no links or attachments are present.
This behavior has fueled attempted thefts over $300 million worldwide last year.
VEC attacks now see engagement rates 90% higher than traditional Business Email Compromise (BEC).
The EMEA region is a hotbed for these attacks, yet employees there report only 0.27% of incidents—the lowest global reporting rate.
Telecom leads in vulnerability, with 71.3% employee engagement, followed by energy and utilities at 56.25%.
VEC’s danger lies in hijacking trusted vendor email threads and leveraging social engineering that exploits human trust, bypassing technical defenses like multi-factor authentication.
To fight back, organizations must adopt AI-powered email analytics, enforce vendor verification protocols, and continuously train employees to detect social engineering tactics.
At AUMINT.io, we deliver comprehensive cybersecurity solutions blending advanced threat detection and human-focused training to shield your organization.
Don’t wait for an attack to expose your vulnerabilities.
Book a Consultation with AUMINT.io
#Cybersecurity #VendorEmailCompromise #EmailSecurity #ThreatDetection #AUMINT
Why CFOs Are the New Prime Targets in Cyberattacks
📧 CFOs Face Rising Spear-Phishing Threats
Spear-phishing attacks targeting CFOs and senior financial executives are escalating fast. Attackers use a deceptive recruiter email to trick victims into downloading tools like NetBird and OpenSSH, granting hackers remote access without raising alarms.
This method allows persistent, covert control of critical financial systems.
CFOs are high-value targets because of their ability to authorize large transactions and access sensitive data.
To defend against these threats, organizations need advanced detection systems that spot unusual activity early, plus focused executive training to recognize spear-phishing tactics.
At AUMINT.io, we provide tailored cybersecurity solutions combining cutting-edge threat detection and ongoing awareness programs to protect your top executives and critical assets.
Don’t wait for an attack to disrupt your business.
Book a Consultation with AUMINT.io
#Cybersecurity #CFO #SpearPhishing #EmailSecurity #ThreatDetection #AUMINT