Threat Landscape

Mitiga Security Advisory: Insufficient Forensic Visibility in GCP Storage

As part of Mitiga’s continuous research into cloud attacks and forensics, we have been examining potential data exfiltration techniques in GCP (Google Cloud Platform) and how to identify and investigate them. During this research, we discovered a significant forensic security deficiency in Google Cloud Storage that enables a threat actor to exfiltrate in a covert manner.

Ransomware Heads-Up: Family Isn’t the Only Holiday Gang In Town

In this blog, Mitiga Vice President of Consulting Services Rob Floodeen provides several recommendations on how cybersecurity teams can make it through the upcoming holiday season with reduced ransomware visitors.

Advisory: Persistent MFA Circumvention in an Advanced BEC Campaign on Microsoft 365 Targets

Mitiga investigated an attempted Business Email Compromise (BEC) attack. While the alertness of the involved parties prevented the fraud, the attack indicated that the attacker had access to sensitive information that could only be obtained by compromising a user in the organization.

Advanced BEC Scam Campaign Targeting Executives on O365

Mitiga spotted a sophisticated, advanced business email compromise (BEC) campaign, directly targeting relevant executives of organizations (mostly CEOs and CFOs) using Office 365.

Lessons Learned from WannaCry: Are We Ready for Another Global Attack?

Five years ago, the WannaCry ransomware cryptoworm targeted computers running Microsoft Windows, encrypting data at organizations around the world. The attackers demanded a ransom of just $300 worth of bitcoins within three days or the files would be permanently deleted. The cryptoworm leveraged the EternalBlue exploit, which the National Security Agency developed to attack older Windows Systems.

10 Recommendations for Your Organization to Increase Readiness Following the Okta Breach

We all woke up recently to a security nightmare. Okta, an industry leader in identity and access management is potentially breached and the impact for the industry may be very high. Here are 10 actionable recommendations you can share, but please let us know if you have more so that we can add them to this list.

Ready or Not: Russian Attack on Ukraine Brings Global Cybersecurity Impacts

The Russian military strategy is often described as a strategy of “active defense.” This means that their strategy includes both the preventative measures taken before a conflict breaks out and the tenets for conducting the war.

Log4Shell - Everything in one place

Security teams all over the world are rushing to deal with the new critical zero-day vulnerability called Log4Shell. This vulnerability in Apache Log4j, a popular open-source Java logging library, has the potential to enable threat actors to compromise systems at scale.

Log4Shell — Forensic Investigation in AWS

In order to mitigate the problems caused by Log4Shell, companies and organizations started patching their systems, but while everyone is busy "locking the doors," the criminals might already be inside. Mitiga is focused on content and research: finding efficient ways to look at artifacts on cloud environments and indicate if there is a reason to believe that the vulnerability has already been used to hack the environment.

Want to see the future of IR for cloud and SaaS? Request a demo of IR2