Gavriel Fried

Gavriel Fried

Senior Cloud Security Researcher

Gavriel Fried is a Senior Cloud Security Researcher at Mitiga. Prior to working at Mitiga, Gavriel's history in the cyber security field includes various research positions such as UEBA, Deception, Network and DPI, Red Teaming, Digital Forensics and some Malware Analysis. Gavriel researches potential attacks and abuses on cloud services and SaaS

Who Touched My GCP Project? Understanding the Principal Part in Cloud Audit Logs – Part 1

Google Cloud Platform (GCP) continues to expand its offerings and remains a top-tier cloud infrastructure service provider. It offers a wide range of services, including Compute Engine (VMs), Google Kubernetes Engine (GKE), BigQuery, Cloud Storage, and Cloud AI Platform. However, in recent years, several vulnerabilities have been reported in some of GCP's services, such as privilege escalation in GKE and CloudSQL.

Understanding GitLab's Security Threats and Strengthening Your Preparedness

GitLab, a cloud-based, open-source Git repository used by over 38,000 companies around the globe, plays a pivotal role in modern software development. For the organizations that rely on it, it’s a vital collaboration tool and innovation enabler, allowing developers to swiftly test, monitor, and deploy code and housing the full CI/CD pipeline.

Ransomware Strikes Azure Storage: Are You Ready?

There’s been a recent surge in cloud ransomware attacks. Examples of such attacks were observed by Sophos X-Ops, which detected the ransomware group BlackCat/ALPHV using a new Sphinx encryptor variant to encrypt Azure storage accounts by employing stolen Azure Storage account keys. The BlackCat/ALPHV ransomware group is the same entity that claimed responsibility for infiltrating MGM’s infrastructure and encrypting more than 100 ESXi hypervisors.