Blog

Learn about the Log4j vulnerability, including resources, updates, and mitigation steps to protect your systems.

Cloud-based systems should be thoroughly searched for the new Log4j vulnerability (CVE-2021-44228). But this is a daunting task, since you need to search each and every compute instance, from the biggest EC2 instance to the smallest Lambda function. This is where Mitiga can help.

In order to mitigate the problems caused by Log4Shell, companies and organizations started patching their systems, but while everyone is busy "locking the doors," the criminals might already be inside. Mitiga is focused on content and research: finding efficient ways to look at artifacts on cloud environments and indicate if there is a reason to believe that the vulnerability has already been used to hack the environment.

Ransomware is out of control. So, what can organizations actually do to deal with this tidal wave of attacks? It’s time for organizations to ask themselves the question, “Are we ransomware ready?” And then think about what ransomware readiness really looks like.

What risk does this Zoho password manager vulnerability present, and could this on-prem vulnerability impact cloud environments as well?

What seems clear now is that Twitch simply wasn’t ready for an attack. Twitch claims that this latest incident was “a result of a server configuration change that allowed improper access by an unauthorized third party.”

New vulnerabilities emerge and get published frequently, and merely applying patches is insufficient. Learn how to safeguard your data beyond just patching.

Ransomware keeps hitting the news these days, filling headlines with stories about organizations struggling with disabled IT systems, inaccessible patient data, unavailable Wi-Fi, and general confusion. Today, organizations are facing an evolving threat, modern ransomware, also called double extortion ransomware.

But today, in the midst of a pandemic outbreak of Coronavirus (COVID-19) and while governments and global organizations work to contain and eradicate the virus, we’re hearing of a new wormable vulnerability in Microsoft’s SMBv3 protocol.How can we learn from these unfortunate events to provide us with a different context and an opportunity to rethink our level of readiness for unexpected, viral cyber events?