Mitiga in the News

A critical token validation failure in Microsoft Entra ID (previously Azure Active Directory) could have allowed attackers to impersonate any user, including Global Administrators, across any tenant.

Though patched, the flaw underscores systemic risks in cloud identity systems where legacy APIs and invisible delegation mechanisms can be exploited without detection, prompting calls for stronger governance and telemetry.

Today: Nvidia makes a big deal with Intel to cement its interconnect technology in the data center, Microsoft dodges a scary security incident, and the latest enterprise moves.

For years, zero trust has been heralded as the cure-all for cybersecurity woes. Every vendor slapped the label onto their product, from firewalls to identity management systems to cloud access brokers. Magazines ran glowing features promising that once organizations embraced “Never trust, always verify,” ransomware would vanish and insiders would be neutralized. Chief information security officers (CISOs) eagerly inserted it into PowerPoints.

From leaked credentials to ransomware plans, the dark web is full of early warning signs — if you know where and how to look. Here’s how security leaders can monitor these hidden spaces and act before an attack hits.

In a revelation that should concern every security leader, the U.S. Justice Department (DOJ) recently disclosed that over 300 companies, including tech giants and at least one defense contractor, unknowingly hired North Korean operatives posing as remote IT workers.

As the US Department of Homeland Security (DHS) warns of retaliatory cyberattacks against the US after bombing Iran’s nuclear infrastructure this weekend, a former Colonel of the IDF’s 8200 Cyber Unit talks cyberwarfare, Iranian hacker groups, and what the US can anticipate as the Israel-Iran conflict continues to evolve.

These collectives carry out not just traditional espionage activities, but also sabotage and disinformation operations targeting the U.S., Israel, and their allies in sectors such as finance, healthcare, energy, and water.

Cloud incident response company Mitiga Security Inc. today launched Helios AI, an artificial intelligence-powered security operations center assistant that helps security operations teams with triage, augmented investigation and accelerated threat remediation across multicloud environments.