Mitiga in the News

Today marks the fifth anniversary of the notorious WannaCry ransomware attack which hit a number of large organizations around the world and was many people's first encounter with ransomware.

It’s been five years since the WannaCry ransomware attack spread like wildfire, encrypting hundreds of thousands of important and high-profile systems.

It is May 12th, and today marks the 5th year anniversary of the WannaCry ransomware attacks. Five years on, and ransomware attacks continue to proliferate and cause widespread societal disruption and loss. VMblog is sharing insights from a few cybersecurity industry experts.

This week, we have news of a high severity remote code execution (RCE) vulnerability in the F5 BIG-IP security suite. We also feature an article from Curity on API security maturity, an article on hardening Google Cloud Platform implementations, and finally a threat matrix for GraphQL APIs.

A misconfiguration discovered in the Google Cloud Platform could allow threat actors to gain complete control over virtual devices by exploiting legitimate features in the system, researchers at Mitiga, a Cloud Incident Response firm, stated.

Mitiga has uncovered potential hidden dangers in the Cloud Control Plane, with the company saying that there may be significant risk in cloud development caused by not recognising the differences between cloud and traditional definitions of common architecture terms.

The biggest risk in cloud development is not recognizing the differences between cloud and traditional definitions of common architecture terms. For example, imagine a system that is completely “firewalled off”—a firewall prevents any inbound or outbound connections from the machine.

Today, security researchers at cloud incident response provider Mitiga announced in a blog post they had discovered a “dangerous functionality” in Google Cloud Platform (GCP)’s control pane.

Mitiga has uncovered hidden dangers in the Cloud Control Plane, with the company saying that there is significant risk in cloud development caused by not recognising the differences between cloud and traditional definitions of common architecture terms.