Mimecast, which provides email management systems, updates that the hacker was able to hack into the company’s systems and access customer information.
According to the company, the hacker was able to gain access to a certificate used to identify Mimecast services located on Microsoft’s server.
The company also states that all customers who may have been harmed have been updated and it also asks all customers of the company to replace the existing certificate in their possession with a new certificate issued by the company.
The breach was identified by Microsoft, which updated Mimecast that an unidentified source accessed the company’s servers.
According to DZNet: Mimecast says hackers abused one of its certificates to access Microsoft accounts.
Mimecast, a provider of email management software, said learned of the security incident from Microsoft.
Read more about Examples and Numbers of Social Engineering attacks ›
Save Your Company from Social Engineering Attacks Like that
Register and Get your Personalized Free Exposure Report NOW
and See your where your Company is Exposed to Hackers
Recently Published on our Blog
⚡ Top Free Threat Intelligence Resources Every CISO Needs ⚡
Staying ahead of attackers means knowing their next move – but high-quality threat intelligence doesn’t have to come with a high price tag.
Here’s a curated list of free threat intelligence resources every CISO should use to monitor, analyze, and respond to emerging cyber threats:
1️⃣ MISP (Malware Information Sharing Platform) – Community-driven platform to share and consume threat intelligence.
https://www.misp-project.org/
2️⃣ CIRCL CTI Feeds – Open-source indicators and threat intelligence feeds for proactive defense.
https://www.circl.lu/services/cts/
3️⃣ AlienVault Open Threat Exchange (OTX) – Free access to crowd-sourced threat data and IOCs.
https://otx.alienvault.com/
4️⃣ MITRE ATT&CK Framework – Map attacker tactics and techniques to improve detection and response.
https://attack.mitre.org/
5️⃣ Abuse.ch Threat Feeds – Real-time feeds on malware, ransomware, and botnet activity.
https://abuse.ch/
6️⃣ VirusTotal Intelligence – Free malware scanning and IOC search to enhance threat awareness.
https://www.virustotal.com/gui/intelligence
7️⃣ Spamhaus DBL & DROP Lists – Blocklists for domains and IPs linked to malicious activity.
https://www.spamhaus.org/
8️⃣ Recorded Future Free Intelligence – Limited free dashboards and alerts on emerging threats.
https://www.recordedfuture.com/free-threat-intelligence/
These resources empower CISOs to make informed decisions, enhance SOC visibility, and strengthen defensive strategies – without any licensing costs.
Want to see how your team’s human behavior aligns with threat intelligence? 🧠 AUMINT.io delivers actionable insights through social engineering simulations to uncover unseen risks.
📅 Book a free intro call today: Schedule here
💾 Save this post and level up your threat intelligence in 2025!
#CISO #ThreatIntelligence #OpenSourceSecurity #SOC #CyberSecurity #AUMINT
Mid-Market Firms Under Siege: The Alarming Surge in Social Engineering Attacks
🔒 Mid-Market Firms: Vendor Risks You Can’t Ignore
Nearly 90% of mid-market firms have faced cyberattacks originating from vendor networks in the past year. Hackers are increasingly exploiting third-party vulnerabilities to access internal systems.
Common tactics include phishing, malware injections, and business email compromise, often leveraging trusted vendor credentials. Attackers exploit these relationships to bypass traditional security measures and infiltrate operations.
The consequences are severe – data breaches, ransomware, and financial fraud have disrupted operations and caused significant losses. Many mid-market firms rely on legacy defenses that are no longer sufficient against modern attack vectors.
Proactive vendor risk management and social engineering simulations significantly reduce breach likelihood. Firms that invest in these strategies are better equipped to detect weaknesses before attackers do.
AUMINT.io provides tailored monitoring and actionable insights, helping mid-market firms strengthen defenses across all vendor relationships.
Secure your firm before an attack happens. Learn more: https://calendly.com/aumint/aumint-intro
#Cybersecurity #MidMarketFirms #SocialEngineering #FraudPrevention #VendorRisk #AUMINT
🔒 CISOs: Must-Have Free Cybersecurity Tools in 2025 🔒
The cybersecurity landscape keeps evolving, and so should your toolkit. But high-quality tools don’t have to drain your budget.
Here’s a handpicked list of must-have free tools every CISO should explore in 2025 to protect, monitor, and respond effectively:
1️⃣ Wazuh – Open-source SIEM, log analysis, and endpoint monitoring.
https://wazuh.com/
2️⃣ OSQuery – SQL-like queries to monitor endpoint security in real time.
https://osquery.io/
3️⃣ Nmap – Network discovery and vulnerability scanning made simple.
https://nmap.org/
4️⃣ Nikto2 – Web server scanning for dangerous files and outdated software.
https://github.com/sullo/nikto
5️⃣ TheHive Project – Collaborative incident response platform for fast investigations.
https://thehive-project.org/
6️⃣ MISP (Malware Information Sharing Platform) – Collect, store, and share threat intelligence.
https://www.misp-project.org/
7️⃣ GRR Rapid Response – Remote live forensics framework for endpoints.
https://github.com/google/grr
8️⃣ Security Onion – Linux distro packed with monitoring, detection, and threat hunting tools.
https://securityonionsolutions.com/
9️⃣ Trivy – Free container vulnerability scanner for Docker and Kubernetes.
https://aquasecurity.github.io/trivy/
🔟 MITRE ATT&CK Navigator – Visualize attacker tactics and techniques to improve defense strategy.
https://attack.mitre.org/
These tools provide a strong foundation for building a robust cybersecurity posture while staying cost-efficient.
Want to uncover human risks that tech can’t see? AUMINT.io runs real-world social engineering simulations to reveal hidden vulnerabilities in your workforce.
📅 Explore with a free intro call: Schedule here
💾 Save this post and start upgrading your 2025 cybersecurity toolkit today!
#CISO #CyberSecurityTools #OpenSourceSecurity #ThreatDetection #AUMINT