In 2020 Toll Group went twice through a ransomware attack, now Sophos which acted as a response and investigation team for the events, announces that the entry point was an account of an employee who died but remained active in the system.
Nefilim Ransomware Attack Used “Ghost” Credentials.
According to the report by Sophos, the Nefilim group responsible for the infidelity attack that was on the company’s network for about a month without the defense systems identifying suspicious activity, the user used by the attack group belonged to a deceased employee but his account was locked/deleted due to being integrated into various services.
Read more about Examples and Numbers of Social Engineering attacks ›
Save Your Company from Social Engineering Attacks Like that
Register and Get your Personalized Free Exposure Report NOW
and See your where your Company is Exposed to Hackers
Recently Published on our Blog
What is Ransomware-as-a-Service (RaaS)?
The number of ransomware attacks have been increasing in recent years, and this is partly linked to the rise of Ransomware-as-a-Service. But what is it and how does it work? What is RaaS? Ransomware-as-a-Service (RaaS) is a subscription-based business model used by...
What the FBI’s take down of Hive means for ransomware attacks
The FBI recently took down prolific ransomware group, Hive, preventing $130m being taken through attacks. How did this happen and what does it mean, if anything, for other ransomware groups? Who is Hive? Hive is a notorious ransomware group that has attacked more than...
Why is diversity important for cybersecurity teams?
When you picture a cybersecurity professional, what do they look like? According to statistics, 62% of computer science professionals (including cybersecurity) are white, and 76% are men. Of course, making sure you have qualified people working for you is important,...