Mitiga at RSAC 2025: Visit our booth, attend our speaking sessions, and schedule a meeting with us!

Customers
Why Mitiga
Request a DemoEmergency Assistance

Mitiga Secures Strategic Investment from Cisco Investments as Demand for CIRA Soars

The new financing will help support rapid customer adoption of Mitiga’s IR2 platform, at the forefront of a new wave in cloud investigation and response capabilities.

Ransomware Strikes Azure Storage: Are You Ready?

There’s been a recent surge in cloud ransomware attacks. Examples of such attacks were observed by Sophos X-Ops, which detected the ransomware group BlackCat/ALPHV using a new Sphinx encryptor variant to encrypt Azure storage accounts by employing stolen Azure Storage account keys. The BlackCat/ALPHV ransomware group is the same entity that claimed responsibility for infiltrating MGM’s infrastructure and encrypting more than 100 ESXi hypervisors.

Deciphering Shadows: Insights and Observations from the MGM Breach

On September 12, 2023, the world woke up to the news ofanother significant cyber-attack, this time on MGM Resorts International, arenowned name in the hotel and casino industry. The incident affected theiroperations across various locations, including iconic Las Vegas.

A Mindset Shift for Cloud Security Resilience: Assume Breach

Cloud environments offer tremendous advantages in agility, scalability, and cost efficiency. However, their dynamic nature also introduces new security challenges compared to traditional on-premises IT. To build true resilience for the inevitability of breaches in the cloud, organizations need to shift their mindset and priorities—starting with accepting the assumption that breaches will occur.

Mitiga Security Advisory: Abusing the SSM Agent as a Remote Access Trojan

Mitiga's research discovered a significant new post-exploitation security concept: involving the use of Systems Manager (SSM) agent as a Remote Access Trojan (RAT) on Linux and Windows machines, controlling them using another AWS account. We shared our research with the AWS security team and included some of their feedback to this advisory.

More on Abusing the Amazon Web Services SSM Agent as a Remote Access Trojan

Imagine that you’re a SOC (Security Operations Center) analyst receiving an alert about suspicious behavior from a binary on an EC2 instance. After checking the binary on VirusTotal, you find it was an AWS-developed software signed by Amazon. Further investigation reveals that it communicated only with Amazon-owned IP addresses.

Ensuring Compliance with SEC Cyber Disclosure Rules

The SEC now requires public companies to disclose material cybersecurity incidents within 4 days. Stay informed by reading this article.

Why the Implementation of CIRA is so Important for Incident Response

Read our article on why Gartner’s CIRA security announcement is pivotal for incident response, driving innovation and improving cloud security strategies.

Mitiga Security Advisory: Lack of Forensic Visibility with the Basic License in Google Drive

After gaining initial access to any platform, data theft (exfiltration) is one of the most common attack vectors used by threat actors.

By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.
DenyGot it!