On September 12, 2023, the world woke up to the news of another significant cyber-attack, this time on MGM Resorts International, a renowned name in the hotel and casino industry. The incident affected their operations across various locations, including iconic Las Vegas.

Cloud environments offer tremendous advantages in agility, scalability, and cost efficiency.

Five years ago, the WannaCry ransomware cryptoworm targeted computers running Microsoft Windows, encrypting data at organizations around the world. The attackers demanded a ransom of just $300 worth of bitcoins within three days or the files would be permanently deleted. The cryptoworm leveraged the EternalBlue exploit, which the National Security Agency developed to attack older Windows Systems.

Cyber resilience is the ability of an organization or entity to continue to deliver services or solutions even in the face of adverse cyber events, such as cyberattacks. Cyber resilience combines elements of information security, business continuity, and organizational resilience.

The Russian military strategy is often described as a strategy of “active defense.” This means that their strategy includes both the preventative measures taken before a conflict breaks out and the tenets for conducting the war.

Over the last few months, everyone has been busy patching — seeking to close the loophole most learned about when the a patch was released for Log4j 2.15.0 for Java 8 users to address the remote code execution vulnerability CVE-2021-44228, a previously undisclosed zero-day vulnerability.

Because zero-day vulnerabilities are announced before security researchers and software developers have a patch available, zero-day vulnerabilities pose a critical risk to organizations as criminals race to exploit them. Similarly, vulnerable systems are exposed until a patch is issued and applied.

Organizations have widely adopted the Crown Jewels concept in their efforts to build cost-effective cybersecurity strategies and plans in the ever-growing world of risks and challenges. However, the Crown Jewels concept could undermine the chances of effectively detecting, reacting to and recovering from a cyber-attack. It is time for the adoption of new concepts and new methodologies.

If you are using either vCenter Server or Cloud Foundation, you must declare an emergency and treat it like you have already been compromised. These critical vulnerability disclosures do not offer a quick and easy patch, and patching alone is not enough.

Ransomware keeps hitting the news these days, filling headlines with stories about organizations struggling with disabled IT systems, inaccessible patient data, unavailable Wi-Fi, and general confusion. Today, organizations are facing an evolving threat, modern ransomware, also called double extortion ransomware.

A few weeks ago, one of Mitiga’s employees received an email phishing for credentials. Instead of just laughing it off, our team decided to use their lunch breaks to analyze it. What we found indicates a sophisticated phishing platform that uses AWS and Oracle infrastructure to phish Office 365 email accounts.

In an ever-changing cyber landscape, the recent exploit by China-based threat actor, Storm-0558, highlights the need for constant vigilance. The threat actor exploited a compromised encryption key (MSA key) to target Microsoft Exchange Online, forge access tokens, manipulate the token verification process, and extract unclassified data from victim mailboxes.

The Securities and Exchange Commission (SEC) of the United States has adopted new regulations that require public companies to disclose material cybersecurity incidents within four days. To the positive, this initiative seeks to increase transparency and safeguard investors against potential cybersecurity risks.