Mitiga in the News

Persistent social engineering--pestering, really, that softened employees up for a bogus call from "IT"--appears to have gained a hacker "deep access" to Uber's systems.

News broke overnight that Uber has been hacked and its internal systems breached. A hacker gained access to its vulnerability reports and shared screenshots of the company's internal systems, email dashboard and Slack server.

Information security products, services, and professionals have never been in higher demand, making for a world of opportunities for cybersecurity startups. Investors recognize the potential too, as funding for cybersecurity ventures more than doubled from previous years to almost $22 billion in 2021.

As we have witnessed, more attacks have moved onto the cloud, so it was only a matter of time before ransomware attacks did, too. Let's look at two scenarios where attackers leveraged ransomware to gain profits, and how unique cloud capabilities helped victims avoid paying the ransom.

This year at RSA, the industry’s top cybersecurity conference. Ofer Maor of Mitiga with his talk of It's Getting Real & Hitting the Fan! Real World Cloud Attacks, and Sounil Yu of JupiterOne with his session on Cyber Defense Matrix: Revolutions, led the top-rated sessions roster, which were selected by conference attendees. Both sessions are packed with insights and valuable lessons from a practitioner’s point of view.

While cloud breaches are going to happen, that doesn't mean we can't do anything about them. By better understanding cloud attacks, organizations can better prepare for them.

According IT Pro, a new business email compromise (BEC) campaign has been targeting Microsoft 365 organizations in a bid to hack corporate executives’ accounts and maliciously divert business payments.

Mitiga finds the Microsoft 365 accounts of business executives under attack by malicious attackers who use a combined strategy of spear phishing and man-in-the-middle methods.

Researchers discovered the complicated attack that involved phishing, a flaw in Office 365 and adversary-in-the-middle exploits.