Latest from the Labs

On September the 16th, Uber announced they experienced a major breach in their organization in which malicious actor was able to log in and take over multiple services and internal tools used at Uber. What are some of the logs that IR teams should be focusing on in their investigation?

Mitiga investigated an attempted Business Email Compromise (BEC) attack. While the alertness of the involved parties prevented the fraud, the attack indicated that the attacker had access to sensitive information that could only be obtained by compromising a user in the organization.

Google Workspace is a popular service for document collaboration for organizations and for individual users. Threat actors note that the popularity of this service is increased, and search for ways to exploit vulnerabilities and misconfigurations, so it is important to know how to hunt for threats in Google Workspace.

In this blog, we will focus on the security and forensic aspects of Transit Gateway VPC flow logs and expand the way they can be used by organizations to respond to cloud incidents.

UserData script manipulation by threat actors is a technique that has been known in the wild for several years and has been observed being exploited by many attack groups, but monitoring and detecting malicious manipulation of user data script is not trivial with standard AWS Cloudtrail logging.

The cloud control plane can be difficult to understand. In this article we examine attack scenarios and how to harden your GCP environment. Learn more.

Understand your Okta system logs with this comprehensive guide, helping you enhance security, monitor activity, and respond effectively to incidents.

In order to mitigate the problems caused by Log4Shell, companies and organizations started patching their systems, but while everyone is busy "locking the doors," the criminals might already be inside. Mitiga is focused on content and research: finding efficient ways to look at artifacts on cloud environments and indicate if there is a reason to believe that the vulnerability has already been used to hack the environment.

Mitiga launches Helios AI, an intelligent cloud security solution that automates threat detection and response. Its first feature, AI Insights, cuts through noise, speeds up analysis, and boosts SecOps efficiency.