Blog

Cybersecurity veteran brings 30+ years of cybersecurity experience, building companies and M&A, most recently selling to Google for $5.4B.

Learn how to investigate the CircleCI breach with Mitiga’s technical guide to assist organizational threat hunting efforts.

In this blog, Mitiga Devops Engineer Stav Ochakovski addresses our organizational monorepo shift and why it triggered a CI adjustment, as well.

Read Mitiga research about a new post-exploitation attack method, a new way that enables adversaries to hijack public IP addresses for malicious purposes.

A recent Mitiga Research Team investigation found the well-regarded Amazon Relational Database Service is leaking PII via exposed RDS Snapshots.

On September the 16th, Uber announced they experienced a major breach in their organization in which malicious actor was able to log in and take over multiple services and internal tools used at Uber. What are some of the logs that IR teams should be focusing on in their investigation?

Mitiga spotted a sophisticated, advanced business email compromise (BEC) campaign, directly targeting relevant executives of organizations (mostly CEOs and CFOs) using Office 365.

Mitiga investigated an attempted Business Email Compromise (BEC) attack. While the alertness of the involved parties prevented the fraud, the attack indicated that the attacker had access to sensitive information that could only be obtained by compromising a user in the organization.

Google Workspace is a popular service for document collaboration for organizations and for individual users. Threat actors note that the popularity of this service is increased, and search for ways to exploit vulnerabilities and misconfigurations, so it is important to know how to hunt for threats in Google Workspace.