Mimecast, which provides email management systems, updates that the hacker was able to hack into the company’s systems and access customer information.
According to the company, the hacker was able to gain access to a certificate used to identify Mimecast services located on Microsoft’s server.
The company also states that all customers who may have been harmed have been updated and it also asks all customers of the company to replace the existing certificate in their possession with a new certificate issued by the company.
The breach was identified by Microsoft, which updated Mimecast that an unidentified source accessed the company’s servers.
According to DZNet: Mimecast says hackers abused one of its certificates to access Microsoft accounts.
Mimecast, a provider of email management software, said learned of the security incident from Microsoft.
Read more about Examples and Numbers of Social Engineering attacks ›
Save Your Company from Social Engineering Attacks Like that
Register and Get your Personalized Free Exposure Report NOW
and See your where your Company is Exposed to Hackers
Recently Published on our Blog
📊 CISOs: Free Cybersecurity Metrics Dashboards to Track Right Now 📊
As a CISO, you’re judged by how well you measure and communicate risk. But building dashboards from scratch or paying for pricey platforms isn’t always feasible.
Good news: there are powerful free cybersecurity dashboards you can start using or adapting today to track what matters most – from phishing response times to endpoint health and user risk.
Here’s a curated list of must-know dashboards and templates:
1️⃣ Microsoft Security Dashboard (via M365 Defender) – Visibility into threats, secure score, and incidents.
https://security.microsoft.com/securityoperations
2️⃣ Google Chronicle Security Dashboard (Free Tier) – SIEM-like visibility with integrated threat context.
https://cloud.google.com/chronicle
3️⃣ Splunk Security Essentials – Prebuilt dashboards for SOC maturity, MITRE mapping, and detection coverage.
https://splunkbase.splunk.com/app/3435/
4️⃣ Grafana + OSQuery Dashboards – Visualize endpoint queries across your fleet.
https://grafana.com/grafana/dashboards/12633-osquery-monitoring/
5️⃣ MITRE D3FEND Matrix Dashboards – Visual guide to map defense techniques against known threats.
https://d3fend.mitre.org/
6️⃣ Elastic Security Dashboards (via ELK Stack) – Open-source option for visualizing threat and event data.
https://www.elastic.co/security
7️⃣ Wazuh Dashboards (via Kibana) – Security analytics dashboard tailored to endpoint data and compliance events.
https://documentation.wazuh.com/current/user-manual/kibana-app/index.html
These dashboards help CISOs turn raw data into strategic conversations with boards, execs, and security teams.
Want to go beyond metrics and test real-world human risk? AUMINT.io simulates social engineering attacks and gives you trackable, CISO-level metrics on employee behavior.
📅 Ready to see AUMINT’s impact dashboards? Book a free intro call
📌 Save this post and start making metrics work for you, not against you.
#CISO #CyberSecurityMetrics #Dashboards #SecurityAnalytics #AUMINT
🧠 CISOs: Best Free Resources to Understand Ransomware Trends 🧠
Ransomware isn’t slowing down – it’s evolving.
To stay ahead, CISOs need more than just protection tools. You need intelligence: real-time insights, attacker TTPs, and evolving trends – without paying for expensive threat feeds.
Here are the top free resources to track ransomware evolution, tactics, and sector-specific risks:
1️⃣ CISA Ransomware Resources Hub – Government-grade alerts, advisories, and toolkits.
https://www.cisa.gov/stopransomware
2️⃣ ID Ransomware – Upload samples or notes to identify the ransomware variant attacking your org.
https://id-ransomware.malwarehunterteam.com/
3️⃣ The DFIR Report – Ransomware Editions – Deep-dive incident reports from real-world infections.
https://thedfirreport.com/
4️⃣ Ransomware.live – Live tracking of known ransomware groups and active leaks.
https://ransomware.live/
5️⃣ Unit42 Ransomware Threat Intelligence – Palo Alto’s research arm offers constant updates on group behaviors.
https://unit42.paloaltonetworks.com/category/ransomware/
6️⃣ No More Ransom Project – Joint initiative offering decryptors and prevention tools.
https://www.nomoreransom.org/
7️⃣ MITRE ATT&CK Ransomware Map – Understand tactics and techniques behind ransomware campaigns.
https://attack.mitre.org
8️⃣ RedSense (by Recorded Future) – Updated dashboards with ransomware actor profiles and IOCs.
https://www.recordedfuture.com/resources
Want to combine intelligence with simulation? 🧠 AUMINT.io empowers CISOs with recurring, targeted social engineering attack simulations that test human readiness against ransomware vectors.
Book a free intro call today: Schedule here
💾 Save this post – and bookmark these resources to keep your SOC informed, alert, and one step ahead.
#CISO #Ransomware #ThreatIntel #CyberSecurity #InfoSec #AUMINT
DORA Is Now Final – Here’s What CISOs and Boards Must Act On Today
🛡️ DORA Just Became Mandatory – Are You Ready to Prove It?
🧠 Financial entities are waking up to a hard truth:
💥 DORA isn’t just about systems – it’s about people, vendors, and visibility.
⏳ The compliance deadline is January 17, 2025. But most haven’t started addressing the weakest link – the human attack surface.
🚨 DORA now demands you monitor and test every ICT risk – including third parties. That means your social engineering blind spots could now trigger a compliance failure.
🎯 This isn’t theory. It’s operational reality.
✅ Boards are now directly accountable for digital risk governance.
✅ Simulations must go beyond tech – into phishing, impersonation, and insider threats.
✅ Your cyber resilience must now be provable.
🔎 What’s most surprising?
DORA’s final standards expect proactive testing of non-technical risk vectors – and most orgs are still training humans once a year.
That’s a ticking bomb.
👁️🗨️ AUMINT Trident delivers DORA-ready human-layer simulations, exposure analysis, and board-grade insights.
⚡ Don’t get caught flat-footed.
👉 Book your walkthrough
#CyberResilience #CISO #DORA #DigitalRisk #ThirdPartyRisk #HumanFirewall #BoardGovernance #AUMINT