Doron Karmi

In a cybersecurity landscape that seems ever volatile, the Midnight Blizzard attack against Microsoft stands out for its simplicity, strategic execution, and the implications it holds for global cybersecurity.

There’s been a recent surge in cloud ransomware attacks. Examples of such attacks were observed by Sophos X-Ops, which detected the ransomware group BlackCat/ALPHV using a new Sphinx encryptor variant to encrypt Azure storage accounts by employing stolen Azure Storage account keys. The BlackCat/ALPHV ransomware group is the same entity that claimed responsibility for infiltrating MGM’s infrastructure and encrypting more than 100 ESXi hypervisors.

Mitiga's research team uncovered a data risk to Okta users due to passwords that can be present in logs. This article outlines the risk and attack method.

In response to the recent CircleCI security incident, the Mitiga Research Team shares this technical guide to assist organizational threat hunting efforts.

UserData script manipulation by threat actors is a technique that has been known in the wild for several years and has been observed being exploited by many attack groups, but monitoring and detecting malicious manipulation of user data script is not trivial with standard AWS Cloudtrail logging.