In 2020 Toll Group went twice through a ransomware attack, now Sophos which acted as a response and investigation team for the events, announces that the entry point was an account of an employee who died but remained active in the system.
Nefilim Ransomware Attack Used “Ghost” Credentials.
According to the report by Sophos, the Nefilim group responsible for the infidelity attack that was on the company’s network for about a month without the defense systems identifying suspicious activity, the user used by the attack group belonged to a deceased employee but his account was locked/deleted due to being integrated into various services.
Read more about Examples and Numbers of Social Engineering attacks ›
Save Your Company from Social Engineering Attacks Like that
Register and Get your Personalized Free Exposure Report NOW
and See your where your Company is Exposed to Hackers
Recently Published on our Blog
International operation downs Qakbot malware infrastructure
A major digital sting operation, involving seven countries, resulted in the downing of a malware infrastructure that criminals have used to steal millions of dollars from their victims. The malware, Qakbot (also known as Qbot or Pinkslipbot) had been active since 2007...
Do demographic factors influence social engineering success?
Social engineering is one of the most successful tactics that cyber criminals can use to get access to confidential information or infiltrate company systems and networks. Its success depends on gaining trust. This is often done by using information that can be...
4 ways ransomware is evolving
Ransomware remains a real threat for organisations, with more than 493m attacks in 2022 alone, down from 2021 but far above the amount in the preceding years. And one of the reasons that it remains a threat is because of the ability of ransomware gangs to evolve their...