March 6, 2023

Experts Reveal Google Cloud Platform's Blind Spot for Data Exfiltration Attacks

Malicious actors can take advantage of "insufficient" forensic visibility into Google Cloud Platform (GCP) to exfiltrate sensitive data, a new research has found.

March 3, 2023

What Happened in That Cyberattack? With Some Cloud Services, You May Never Know

More cyberattackers are targeting organizations' cloud environments, but some cloud services, such as Google Cloud Platform's storage, fail to create adequate logs for forensics.

February 1, 2023

Stages of a Ransomware Attack: How to Weather the Storm and Emerge Stronger than Before

The best strategy to defend against ransomware attacks is a proactive one. So, the more you understand the stages of an attack, the more capable you will be at preventing them.

January 31, 2023

From Multiple Startup Exits To Saving Companies After Cyberattacks With Tal Mozes

In this Entrepreneur's Handbook episode, CEO and Co-Founder Tal Mozes talks with Amardeep Parmar, describing how Mitiga helps customers recover over 90% faster from cloud and SaaS breaches, proactive Threat Hunts, and much more.

January 23, 2023

Use CircleCI? Here Are 3 Steps You Need to Take

This Dark Reading Tech Tip outlines the steps enterprise defenders should take as they protect their data in cloud environments in response to the security incident with the CI/CD platform, referencing Mitiga's CircleCI Cybersecurity Incident Hunting Guide.

January 18, 2023

CircleCI hackers grabbed customer tokens and keys, CTO admits, amid warning on SaaS secrets

As researchers from security firm Mitiga emphasized, “rotating” any and all secrets stored in CircleCI is not enough. Users will have to hunt for malicious actions in all of your integrated SaaS and cloud platforms to ensure you haven’t been breached on these other platforms, as well.

January 17, 2023

Researchers claim CircleCI breach may affect other cloud, third-party applications

Following the CircleCI security breach, Mitiga published a technical blog highlighting the potential impact and offering further guidance on how organizations can detect malicious activities comprehensively across third-party applications.

January 3, 2023

Monorepo and dynamically configured CI — Part I

Devops Engineer Stav Ochakovski published a blog on Medium that focuses on how Mitiga recently shifted to a single monorepo — one source of truth for all of our code.

December 27, 2022

Mitiga researchers disclose AWS Elastic IP hijacking vulnerability

Mitiga has said a new AWS feature has led to a vulnerability that could allow hackers to access and steal Elastic IP addresses and gain control over AWS accounts. Mitiga notified the AWS security team about its findings before publishing and incorporated the feedback it got as part of its post.