Method of infection: Water-holing
OSIRIS used a Social Engineering method called “water holing” to attack German IP addresses.
How does water holing attack work?
- The victim enters the infected website.
- The website checks if the target IP is German.
- If it’s a German IP – few evasion techniques are used to bypass EDR
- And then the virus connects to its command server through the Darknet
Save Your Company from Social Engineering Attacks Like that
Register and Get your Personalized Free Exposure Report NOW,
And see where your Company is Exposed to Hackers
Recently Posted on AUMINT.io Blog
☁️🔍 Free Cloud Misconfiguration Scanners You’ll Wish You Tried Earlier ☁️🔍
Cloud misconfigurations remain the #1 cause of breaches in 2025 – and the worst part is, most could have been avoided with the right tools. Here are some free scanners that every CISO should have in their arsenal:
1️⃣ ScoutSuite – Multi-cloud security auditing tool by NCC Group.
🔗 https://github.com/nccgroup/ScoutSuite
2️⃣ Prowler – AWS, Azure, and GCP security best practices scanner.
🔗 https://github.com/prowler-cloud/prowler
3️⃣ CloudSploit by Aqua – Continuous configuration monitoring for major cloud providers.
🔗 https://github.com/aquasecurity/cloudsploit
4️⃣ Checkov – Policy-as-code scanner for IaC (Terraform, Kubernetes, CloudFormation).
🔗 https://github.com/bridgecrewio/checkov
5️⃣ Cloud Custodian – Rules engine for governance and compliance enforcement.
🔗 https://github.com/cloud-custodian/cloud-custodian
⚡These tools highlight risky IAM roles, exposed buckets, insecure defaults, and weak policies – the same gaps attackers exploit.
At AUMINT.io, we look at the other side of the coin – simulating how attackers exploit the human misconfigurations through phishing, vishing, and social engineering. Because even a perfectly hardened cloud is vulnerable if an employee gives access away.
🔗 Curious how exposed your human layer really is? Book a free demo
#CloudSecurity #CISO #CyberSecurity #ThreatIntelligence #AUMINT