In 2020 Toll Group went twice through a ransomware attack, now Sophos which acted as a response and investigation team for the events, announces that the entry point was an account of an employee who died but remained active in the system.
Nefilim Ransomware Attack Used “Ghost” Credentials.
According to the report by Sophos, the Nefilim group responsible for the infidelity attack that was on the company’s network for about a month without the defense systems identifying suspicious activity, the user used by the attack group belonged to a deceased employee but his account was locked/deleted due to being integrated into various services.
Read more about Examples and Numbers of Social Engineering attacks ›
Save Your Company from Social Engineering Attacks Like that
Register and Get your Personalized Free Exposure Report NOW
and See your where your Company is Exposed to Hackers
Recently Published on our Blog
Deepfakes: The New Frontier of Cyber Deception
🔍 The Deepfake Dilemma: Are You Prepared?
Deepfakes have elevated cyber deception to unprecedented levels. A notable incident in Hong Kong saw a finance employee transfer $25 million after interacting with what appeared to be their CFO and six colleagueד – each one a convincing deepfake.
These weren’t pre-recorded videos; attackers responded in real time, showcasing the sophistication of modern scams.
As deepfake technology advances, organizations must adapt their cybersecurity strategies to address this emerging threat. By staying informed and proactive, businesses can safeguard their operations and maintain stakeholder trust.
Explore how AUMINT.io can enhance your organization’s defenses against deepfake threats.
#CyberSecurity #Deepfakes #AIThreats #FraudPrevention #DigitalTrust #AUMINT
@CISO @CybersecurityProfessionals @ITManagers @RiskManagement @ComplianceOfficers
Insider Risks Are Costing Millions – Why Budgets Don’t Stop Data Leaks
🔒 Insider Mistakes Are Costing Millions
💥 77% of organizations experienced insider data loss in the past 18 months.
⚠️ Almost half were simple human errors – wrong recipients, copied rows, accidental shares.
📊 Budgets are up – 72% increased spending on DLP and insider risk programs.
⏱️ Reality check: 41% still lost millions per event, 9% up to $10M for a single mistake.
☁️ Traditional DLPs fail in SaaS and cloud contexts – alerts flood teams, insights remain invisible.
🔍 Actionable security now means understanding behavior, detecting anomalies, and connecting events into a risk picture.
🚀 AUMINT.io turns alerts into real visibility so teams can stop leaks before they escalate. Book your demo
#CyberSecurity #CISO #ITSecurity #InsiderRisk #AUMINT #DataProtection
DDoS Readiness Is Broken – Why Your Defenses Fail When It Matters Most
📉 DDoS Confidence Is a Dangerous Illusion
🔎 Organizations report heavy investment in DDoS tools yet test protections rarely – 86% test once a year or less.
⚠️ Most teams still run fewer than 200 DDoS simulations per year – that leaves thousands of dormant misconfigurations waiting for real load.
⏱️ Mean detection and manual mitigation time is 23 minutes – enough time for outages and for DDoS to mask a deeper intrusion.
🔧 While 63% claim automated defenses, 99% rely on manual checks – and 60% of vulnerabilities were found where protections supposedly existed.
📊 On average, organizations saw 3.85 damaging DDoS incidents last year – confidence is not the same as capability.
🛠️ The fix is continuous validation – non-disruptive DDoS simulations, automated runbooks that trigger mitigations in seconds, and measurable audit trails.
📈 AUMINT.io simulates attack scenarios and measures both human and tooling responses so you can fix real gaps before they hit production.
🚀 Want a prioritized DDoS readiness checklist and a guided walkthrough? Schedule your demo
#CyberSecurity #CISO #SOC #DDoS #IncidentResponse #AUMINT