Mimecast, which provides email management systems, updates that the hacker was able to hack into the company’s systems and access customer information.
According to the company, the hacker was able to gain access to a certificate used to identify Mimecast services located on Microsoft’s server.
The company also states that all customers who may have been harmed have been updated and it also asks all customers of the company to replace the existing certificate in their possession with a new certificate issued by the company.
The breach was identified by Microsoft, which updated Mimecast that an unidentified source accessed the company’s servers.
According to DZNet: Mimecast says hackers abused one of its certificates to access Microsoft accounts.
Mimecast, a provider of email management software, said learned of the security incident from Microsoft.
Read more about Examples and Numbers of Social Engineering attacks ›
Save Your Company from Social Engineering Attacks Like that
Register and Get your Personalized Free Exposure Report NOW
and See your where your Company is Exposed to Hackers
Recently Published on our Blog
☁️ Free SaaS Risk Assessment Platforms No One Talks About ☁️
SaaS adoption is skyrocketing, but unchecked apps create hidden security and compliance risks. Luckily, there are free platforms CISOs can leverage to assess SaaS risk without a huge budget.
Here are top free SaaS risk assessment tools:
1️⃣ BitSight Free Insights – Basic SaaS risk scoring and vendor exposure overview.
🔗 https://www.bitsight.com/
2️⃣ Cloud Security Alliance (CSA) STAR Self-Assessment – Framework to evaluate cloud/SaaS provider security posture.
🔗 https://cloudsecurityalliance.org/star/
3️⃣ RiskRecon Free Tier – Provides risk ratings and supplier insights for SaaS applications.
🔗 https://www.riskrecon.com/
4️⃣ AppOmni Free Plan – SaaS security posture assessment for collaboration apps and CRMs.
🔗 https://www.appomni.com/
5️⃣ SaaS Security Alliance (SSA) Tools – Templates and guides for evaluating SaaS risk.
🔗 https://www.saassecurityalliance.org/
6️⃣ OpenPages SaaS Risk Templates – Free templates for mapping SaaS applications to risk categories.
🔗 https://www.ibm.com/products/openpages
7️⃣ CloudSploit Community Edition – Checks misconfigurations and risk in SaaS-integrated cloud services.
🔗 https://github.com/aquasecurity/cloudsploit
⚡ Takeaway: Even free tools provide visibility, scoring, and actionable recommendations that help CISOs reduce shadow IT and prevent SaaS-related breaches.
At AUMINT.io, we complement these assessments by simulating how employees interact with SaaS apps and could be manipulated, exposing hidden human risks that automated tools may miss.
🔗 Want to see where your human layer exposes SaaS risk? Book a free demo
#SaaSSecurity #CISO #CyberSecurity #SupplyChainRisk #AUMINT
HR Departments Are Your Organization’s Hidden Cyber Risk
🚨 HR Departments Could Be Your Weakest Cyber Link
💡 HR teams manage sensitive employee records, payroll data, and confidential legal documents – prime targets for hackers.
⚠️ Social engineering attacks on HR staff are rising, exploiting their frequent communications with candidates and vendors to steal credentials or sensitive info.
🔥 A compromised HR account can open gateways to identity theft, financial fraud, and reputational damage across your organization.
🔍 AUMINT Trident simulates real-world social engineering attacks against HR workflows, measuring employee vulnerability and providing actionable steps to secure your teams before incidents occur.
📅 Strengthen your HR cybersecurity now: https://calendly.com/aumint/aumint-intro
.
#CISO #HRTech #CyberSecurity #SocialEngineering #FraudPrevention #HumanFactor #EmployeeAwareness
🔐 Free API Security Tools Quietly Protecting Enterprises 🔐
APIs are the backbone of modern applications – and they’re a prime target for attackers. The best news? Several free tools help CISOs identify vulnerabilities, monitor traffic, and enforce security without breaking the budget.
Here are the top free API security tools every CISO should know:
1️⃣ OWASP ZAP – Open-source scanner for detecting vulnerabilities in REST and SOAP APIs.
🔗 https://www.zaproxy.org/
2️⃣ Postman (Free Tier) – Test APIs and validate security workflows during development.
🔗 https://www.postman.com/
3️⃣ Tyk Community Edition – Open-source API gateway with authentication, rate-limiting, and security policies.
🔗 https://tyk.io/open-source/
4️⃣ Kong Gateway (OSS) – API management with built-in security features and traffic monitoring.
🔗 https://konghq.com/kong/
5️⃣ WAF-FLE (ModSecurity) – Protects web-facing APIs from OWASP Top 10 attacks.
🔗 https://www.modsecurity.org/
6️⃣ APImetrics Free Plan – Monitor API performance and detect anomalies.
🔗 https://apimetrics.io/
7️⃣ Spectral (Open Source) – Linting tool for OpenAPI specs to catch insecure API definitions.
🔗 https://stoplight.io/open-source/spectral/
⚡ With these tools, CISOs can scan, monitor, and enforce security on APIs while reducing risk exposure across enterprise applications.
At AUMINT.io, we go further – simulating how attackers exploit employees via APIs, social engineering, and phishing, exposing gaps that technical tools alone may miss.
🔗 Curious about your team’s human risk exposure to API attacks? Book a free demo
#APISecurity #CISO #CyberSecurity #ThreatDetection #AUMINT