Ariel Parnes

Ariel Parnes

Co-Founder and Chief Operating Officer

Ariel is a retired Colonel of IDF’s 8200 Cyber Unit, where he served 20+ years in a wide range of roles in the areas of Intelligence, Information Technology, Offensive & Defensive Cyber Operations and Cyber Warfare. He was awarded the prestigious Israel Defense Prize for technological breakthroughs in the cyber field.

Deciphering Shadows: Insights and Observations from the MGM Breach

On September 12, 2023, the world woke up to the news of another significant cyber-attack, this time on MGM Resorts International, a renowned name in the hotel and casino industry. The incident affected their operations across various locations, including iconic Las Vegas.

A Mindset Shift for Cloud Security Resilience: Assume Breach

Cloud environments offer tremendous advantages in agility, scalability, and cost efficiency.

Lessons Learned from WannaCry: Are We Ready for Another Global Attack?

Five years ago, the WannaCry ransomware cryptoworm targeted computers running Microsoft Windows, encrypting data at organizations around the world. The attackers demanded a ransom of just $300 worth of bitcoins within three days or the files would be permanently deleted. The cryptoworm leveraged the EternalBlue exploit, which the National Security Agency developed to attack older Windows Systems.

Cyber Resilience - Why & How to Start Building It In Your Organization

Cyber resilience is the ability of an organization or entity to continue to deliver services or solutions even in the face of adverse cyber events, such as cyberattacks. Cyber resilience combines elements of information security, business continuity, and organizational resilience.

Ready or Not: Russian Attack on Ukraine Brings Global Cybersecurity Impacts

The Russian military strategy is often described as a strategy of “active defense.” This means that their strategy includes both the preventative measures taken before a conflict breaks out and the tenets for conducting the war.

The ultimate cybercriminal gift list: undisclosed zero-day vulnerabilities

Over the last few months, everyone has been busy patching — seeking to close the loophole most learned about when the a patch was released for Log4j 2.15.0 for Java 8 users to address the remote code execution vulnerability CVE-2021-44228, a previously undisclosed zero-day vulnerability.

Rethinking zero-day vulnerabilities vs. one-days to increase readiness

Because zero-day vulnerabilities are announced before security researchers and software developers have a patch available, zero-day vulnerabilities pose a critical risk to organizations as criminals race to exploit them. Similarly, vulnerable systems are exposed until a patch is issued and applied.

Crown Jewels Analysis — A Risk Of Bias

Organizations have widely adopted the Crown Jewels concept in their efforts to build cost-effective cybersecurity strategies and plans in the ever-growing world of risks and challenges. However, the Crown Jewels concept could undermine the chances of effectively detecting, reacting to and recovering from a cyber-attack. It is time for the adoption of new concepts and new methodologies.

Patches are not enough for VMWare vCenter Server and Cloud Foundation vulns

If you are using either vCenter Server or Cloud Foundation, you must declare an emergency and treat it like you have already been compromised. These critical vulnerability disclosures do not offer a quick and easy patch, and patching alone is not enough.

Learn how ransomware attacks have changed - and how response needs to, too

Ransomware keeps hitting the news these days, filling headlines with stories about organizations struggling with disabled IT systems, inaccessible patient data, unavailable Wi-Fi, and general confusion. Today, organizations are facing an evolving threat, modern ransomware, also called double extortion ransomware.

Step 1: Phish Mitiga. Step 2: Get Your Phishing-as-a-Platform Dissected by Mitiga

A few weeks ago, one of Mitiga’s employees received an email phishing for credentials. Instead of just laughing it off, our team decided to use their lunch breaks to analyze it. What we found indicates a sophisticated phishing platform that uses AWS and Oracle infrastructure to phish Office 365 email accounts.

Microsoft Storm-0558 SaaS Breach: Hunting for Stealth Espionage Attacks

In an ever-changing cyber landscape, the recent exploit by China-based threat actor, Storm-0558, highlights the need for constant vigilance. The threat actor exploited a compromised encryption key (MSA key) to target Microsoft Exchange Online, forge access tokens, manipulate the token verification process, and extract unclassified data from victim mailboxes.

Ready, Set, Respond: Ensuring Compliance with the SEC Reporting Regulations

The Securities and Exchange Commission (SEC) of the United States has adopted new regulations that require public companies to disclose material cybersecurity incidents within four days. To the positive, this initiative seeks to increase transparency and safeguard investors against potential cybersecurity risks.