In 2020 Toll Group went twice through a ransomware attack, now Sophos which acted as a response and investigation team for the events, announces that the entry point was an account of an employee who died but remained active in the system.
Nefilim Ransomware Attack Used “Ghost” Credentials.
According to the report by Sophos, the Nefilim group responsible for the infidelity attack that was on the company’s network for about a month without the defense systems identifying suspicious activity, the user used by the attack group belonged to a deceased employee but his account was locked/deleted due to being integrated into various services.
Save Your Company from Social Engineering Attacks Like that
Register and Get your Personalized Free Exposure Report NOW
and See your where your Company is Exposed to Hackers
Recently Published on our Blog
Method of infection: Water-holing OSIRIS used a Social Engineering method called "water holing" to attack German IP addresses. How does water holing attack work? The victim enters the infected website. The website checks if the target IP is...
Coveware, which provides response services to ransomware attacks, has released a report for the fourth quarter of 2020. The 4 most interesting data from the report 1. The average ransom payment stands at $ 154,108 It is a decrease of 34% from the...
United States Reported Less Data Breaches in 2020 but with much more Expensive Successful Hacker Attacks According to the annual report of the Identity Theft Resource Center (ITRC), 1,108 cyber incidents were reported in 2020 and the number casualties from...