Mimecast, which provides email management systems, updates that the hacker was able to hack into the company’s systems and access customer information.
According to the company, the hacker was able to gain access to a certificate used to identify Mimecast services located on Microsoft’s server.
The company also states that all customers who may have been harmed have been updated and it also asks all customers of the company to replace the existing certificate in their possession with a new certificate issued by the company.
The breach was identified by Microsoft, which updated Mimecast that an unidentified source accessed the company’s servers.
According to DZNet: Mimecast says hackers abused one of its certificates to access Microsoft accounts.
Mimecast, a provider of email management software, said learned of the security incident from Microsoft.
Read more about Examples and Numbers of Social Engineering attacks ›
Save Your Company from Social Engineering Attacks Like that
Register and Get your Personalized Free Exposure Report NOW
and See your where your Company is Exposed to Hackers
Recently Published on our Blog
🎓 CISOs: Free Security Awareness Training Platforms to Recommend 🎓
Training your workforce is your best defense against phishing, social engineering, and insider threats. Yet, budgets are tight and training fatigue is real.
Here’s a list of free security awareness training platforms that deliver quality content and engagement without costing a dime:
1️⃣ Cybrary – Offers foundational security courses and phishing awareness modules.
https://www.cybrary.it/
2️⃣ Infosec Skills Free Tier – Access select awareness courses and phishing simulations at no cost.
https://www.infosecinstitute.com/skills/
3️⃣ KnowBe4 Free Phishing Security Test – Quick assessment tool to benchmark your team’s phishing susceptibility.
https://www.knowbe4.com/phishing-security-test
4️⃣ Google Phishing Quiz – Interactive quiz for users to spot phishing attacks.
https://phishingquiz.withgoogle.com/
5️⃣ Sans Security Awareness Free Resources – Videos, posters, and tips to complement training efforts.
https://www.sans.org/security-awareness-training/resources/free-resources
6️⃣ Open Security Awareness – Open-source, customizable awareness training modules for teams.
https://opensecurityawareness.org/
7️⃣ MetaPhish Free Plan – Basic phishing simulation and training platform for small teams.
https://metaphish.com/free-phishing-simulation
Empowering your employees with the right knowledge builds your strongest defense layer.
Want to amplify your training with real-world social engineering attack simulations that reveal hidden risks?
📅 Book a free AUMINT.io intro call: Schedule here
💡 Save this post and recommend these platforms to your security champions!
#CISO #SecurityAwareness #PhishingTraining #HumanRisk #AUMINT
The Hidden Insider Threat You’re Probably Ignoring – Ex-Employee Password Access
🔑 Ex-Employees Still Have Your Passwords – And They’re Using Them
🚨 Many workers admit they’ve logged in to former employers’ accounts after leaving – and sometimes months later.
💥 It’s a silent insider threat that bypasses firewalls and phishing filters entirely.
🕵️ The real danger? Credentials that stay active long after offboarding, often with access to sensitive systems, customer data, or financial platforms.
⚠️ In some cases, ex-staff under strained exits can exploit this for sabotage or even sell access on the dark web.
📊 Even “friendly” departures can lead to accidental leaks if accounts aren’t properly closed.
🔍 The fix? Immediate credential deactivation, MFA, and ongoing account audits to spot dormant access before it’s abused.
📢 Your next security breach could come from someone who already knows your systems. Book your AUMINT.io consultation today.
#CyberSecurity #InsiderThreats #AccessControl #FraudPrevention #RiskManagement #CISOs #ITSecurity #DataProtection
📢 CISOs: Best Free Resources to Manage Security Awareness Campaigns 📢
Security awareness campaigns are your frontline defense against social engineering attacks. But managing them effectively without a budget can be tough.
Here’s a carefully curated list of free resources every CISO can use to plan, run, and measure impactful security awareness programs:
1️⃣ SANS Security Awareness Planning Toolkit – Ready-made templates, calendars, and communication guides.
https://www.sans.org/security-awareness-training/resources/planning-toolkit
2️⃣ CISA Security Awareness Materials – Posters, videos, and tip sheets designed for wide audiences.
https://www.cisa.gov/security-awareness-resources
3️⃣ NIST Security Awareness and Training Guide (SP 800-50) – Framework for building and improving awareness programs.
https://csrc.nist.gov/publications/detail/sp/800-50/final
4️⃣ Infosec IQ Free Awareness Campaign Templates – Email and social media content to engage employees.
https://www.infosecinstitute.com/skills/awareness-free-resources/
5️⃣ Cyber Aware UK – Free resources and monthly campaign toolkits from the UK government.
https://www.ncsc.gov.uk/cyberaware/home
6️⃣ Phishing Quiz by KnowBe4 – Interactive tool to educate employees on phishing red flags.
https://www.knowbe4.com/phishing-security-test
7️⃣ Awareness Campaign Scorecard (by Gartner) – Measure campaign effectiveness and engagement.
https://www.gartner.com/en/documents/
Security awareness is not just about info – it’s about culture change.
Want to see how AUMINT.io’s targeted social engineering simulations can boost your campaign results and give you actionable insights?
📅 Book your free intro call now: Schedule here
💾 Save this post and transform your awareness campaigns today!
#CISO #SecurityAwareness #PhishingPrevention #HumanRisk #AUMINT