Mitiga in the News

This year at RSA, the industry’s top cybersecurity conference. Ofer Maor of Mitiga with his talk of It's Getting Real & Hitting the Fan! Real World Cloud Attacks, and Sounil Yu of JupiterOne with his session on Cyber Defense Matrix: Revolutions, led the top-rated sessions roster, which were selected by conference attendees. Both sessions are packed with insights and valuable lessons from a practitioner’s point of view.

While cloud breaches are going to happen, that doesn't mean we can't do anything about them. By better understanding cloud attacks, organizations can better prepare for them.

According IT Pro, a new business email compromise (BEC) campaign has been targeting Microsoft 365 organizations in a bid to hack corporate executives’ accounts and maliciously divert business payments.

Mitiga finds the Microsoft 365 accounts of business executives under attack by malicious attackers who use a combined strategy of spear phishing and man-in-the-middle methods.

Researchers discovered the complicated attack that involved phishing, a flaw in Office 365 and adversary-in-the-middle exploits.

'Widespread' campaign hunts for multimillion-dollar transactions: A business email compromise scheme targeting CEOs and CFOs using Microsoft Office 365 combines phishing with a man-in-the-middle attack to defeat multi-factor authentication.

During an incident response investigation, Mitiga discovered attackers were able to create a second authenticator with no multifactor authentication requirements.

Over the last two years, digital transformation projects have accelerated and cloud-based collaboration platforms, such as Office 365 and Slack, have been adopted even more rapidly (no doubt accelerated by the pandemic and increased accessibility via smart phones and reliable internet access).

Cybersecurity experts are warning of a new, widespread business email compromise (BEC) campaign, which seeks to reroute large money transactions to bank accounts belonging to the attackers.