In 2020 Toll Group went twice through a ransomware attack, now Sophos which acted as a response and investigation team for the events, announces that the entry point was an account of an employee who died but remained active in the system.
Nefilim Ransomware Attack Used “Ghost” Credentials.
According to the report by Sophos, the Nefilim group responsible for the infidelity attack that was on the company’s network for about a month without the defense systems identifying suspicious activity, the user used by the attack group belonged to a deceased employee but his account was locked/deleted due to being integrated into various services.
Read more about Examples and Numbers of Social Engineering attacks ›
Save Your Company from Social Engineering Attacks Like that
Register and Get your Personalized Free Exposure Report NOW
and See your where your Company is Exposed to Hackers
Recently Published on our Blog
Are your employees your biggest security threat?
Social media is now a part of everyday life. It’s impossible to avoid it these days. However, whilst posting about work successes or life events seems innocuous enough, this information can be used by hackers. In fact, social media data breaches accounted for 56% of...
Leaking-focused RaaS: a new type of threat?
Ransomware-as-a-Service (RaaS) has been growing in popularity with hackers as it makes extortion more accessible. Criminals don’t need to develop the ransomware themselves, instead, they can purchase it from certain ransomware groups who create it to sell via a...
Cryptomalware: What is it and is it on your computer?
Cryptomalware - also known as cryptojacking - is when attackers install undetectable malware on a victim’s computer in order to use their computing resources to mine cryptocurrency. With the popularity of all kinds of cryptocurrency surging, this type of attack is...