In 2020 Toll Group went twice through a ransomware attack, now Sophos which acted as a response and investigation team for the events, announces that the entry point was an account of an employee who died but remained active in the system.
Nefilim Ransomware Attack Used “Ghost” Credentials.
According to the report by Sophos, the Nefilim group responsible for the infidelity attack that was on the company’s network for about a month without the defense systems identifying suspicious activity, the user used by the attack group belonged to a deceased employee but his account was locked/deleted due to being integrated into various services.
Read more about Examples and Numbers of Social Engineering attacks ›
Save Your Company from Social Engineering Attacks Like that
Register and Get your Personalized Free Exposure Report NOW
and See your where your Company is Exposed to Hackers
Recently Published on our Blog
How email fishing to one of the company’s executives caused the leakage of 3GB of Namesouth sensitive information
Information from Namesouth, a company that supplies spare parts for vehicles, was published online after it refused to pay a ransom. The attacking group NetWalker is the one that attacked the company in November last year and is now releasing 3GB of sensitive...
How to reduce the risk of dealing with ransomware attacks on your business
Assault groups that specialize in ransomware attacks are a business entity for everything. At the same time, it should be remembered that unlike the business world where (usually) there are rules and ethics, with financial motivation fueled by relative anonymity, the...
Is Justpay are the only one to discover that their Card Holders database was leaked in the dark web ?
Cyble, a company that locates information in the dark web, contacted Justpay and informed them that their database was in the dark web, the non-publication of the information to the media was conditioned by Cyble that Justpay would become the company's customer, which...