Mitiga's Research Team

Mitiga's Research Team

Elastic IP Hijacking — A New Attack Vector in AWS

Mitiga Researchers found a new post-exploitation attack method, a novel way in AWS that may enable adversaries to hijack static public IP addresses for malicious purposes.

Advanced BEC Scam Campaign Targeting Executives on O365

Mitiga spotted a sophisticated, advanced business email compromise (BEC) campaign, directly targeting relevant executives of organizations (mostly CEOs and CFOs) using Office 365.

Advisory: Persistent MFA Circumvention in an Advanced BEC Campaign on Microsoft 365 Targets

Mitiga investigated an attempted Business Email Compromise (BEC) attack. While the alertness of the involved parties prevented the fraud, the attack indicated that the attacker had access to sensitive information that could only be obtained by compromising a user in the organization.