Blog Posts

Research, Updates, Trends, Analysis
4 Common Challenges Enterprises Face As They Move to the Cloud

Enterprises moving to the cloud from legacy data centers face many security challenges in making that transition, most notably the following four challenges.

Mitiga Advisory on Virus Total

A malicious .docx file was uploaded to Virus Total that uses several of Mitiga’s publicly available branding elements including logo, fonts, and colors, to lend credibility to the document. Mitiga was not breached, though the file was created by a threat actor, most likely for use as part of phishing or malware spreading campaigns.

Mitiga Featured by The Startup Pill as Best Cloud Security Startup 2020, Cyber Security Startups to Watch 2021

The Startup Pill recently recognized Mitiga in two articles highlighting exceptional startups in the cyber security industry.The publication put together a list of the 89 Best Cloud Security Startups Of 2020, and Mitiga is number nine on the list!

Step 1: Phish Mitiga. Step 2: Get Your Phishing-as-a-Platform Dissected by Mitiga

A few weeks ago, one of Mitiga’s employees received an email phishing for credentials. Instead of just laughing it off, our team decided to use their lunch breaks to analyze it. What we found indicates a sophisticated phishing platform that uses AWS and Oracle infrastructure to phish Office 365 email accounts.

Mitiga is Cooperating with Law Enforcement on a Global Business Email Compromise (BEC) Campaign that Has Netted Over $15M

Mitiga uncovered a widespread and well-executed Business Email Compromise (BEC) campaign in which cybercriminals are impersonating senior executives using Office 365’s email services in order to intercept sensitive communications and then alter wire transfer details and redirect funds to rogue bank accounts.

Security Advisory: Mitiga Recommends All AWS Customers Running Community AMIs to Verify Them for Malicious Code

Based on recent research and analysis, Mitiga issued a global advisory, warning AWS customers running EC2 instances based on Community AMIs (Amazon Machine Instances), from potentially embedded malicious code. We strongly advise verifying their security before continuing using these instances.

Viral Outbreaks: Thinking of Microsoft’s New Wormable Vulnerability in a Coronavirus Context

But today, in the midst of a pandemic outbreak of Coronavirus (COVID-19) and while governments and global organizations work to contain and eradicate the virus, we’re hearing of a new wormable vulnerability in Microsoft’s SMBv3 protocol.How can we learn from these unfortunate events to provide us with a different context and an opportunity to rethink our level of readiness for unexpected, viral cyber events?

Crown Jewels Analysis — A Risk Of Bias

Organizations have widely adopted the Crown Jewels concept in their efforts to build cost-effective cybersecurity strategies and plans in the ever-growing world of risks and challenges. However, the Crown Jewels concept could undermine the chances of effectively detecting, reacting to and recovering from a cyber-attack. It is time for the adoption of new concepts and new methodologies.

Cloud Incident Readiness plus No Additional Cost Cloud Incident Response equals Cloud Incident Responsibility