Search company, investor...
Search
Mitiga company logo

The profile is currenly unclaimed by the seller. All information is provided by CB Insights.

mitiga.io

Founded Year

2019

Stage

Series A - II | Alive

Total Raised

$32M

About Mitiga

Mitiga offers cloud security services, incident readiness & response, and managed services.

Mitiga Headquarters Location

Begin Road 121

Tel Aviv,

Israel

Predict your next investment

The CB Insights tech market intelligence platform analyzes millions of data points on venture capital, startups, patents , partnerships and news mentions to help you see tomorrow's opportunities, today.

Expert Collections containing Mitiga

Expert Collections are analyst-curated lists that highlight the companies you need to know in the most important technology spaces.

Mitiga is included in 1 Expert Collection, including Cybersecurity.

C

Cybersecurity

4,937 items

Latest Mitiga News

Spear-phishing and AiTM Used to Hack MS Office 365 Accounts

Aug 29, 2022

The campaign Researchers from Mitiga have discovered the ongoing BEC campaign during an incident response case and claim that it is widespread now, targeting transactions of several million dollars each. The phishing emails tell the target organization that the corporate bank account they use for sending usual payments is frozen due to a financial audit and further provide new payment instructions. These new payment instructions suggest the target switch to a new bank account of a so-called alleged subsidiary. However, the new bank account is owned by the attackers for stealing payments. To fool the targets, the attacker hijacks email threads and uses typo-squatted domains that swiftly pass as authentic to CCed legal representatives known to victims, involving them in the exchange. The infection chain The attack on corporate executives starts with a phishing email pretending to come from DocuSign, the electronic agreements management platform used widely in corporations. The email doesn't pass DMARC checks, however, it targets the common security misconfigurations often used to limit false positive spam alerts from DocuSign, allowing the email to get inside the target's inbox. When the target clicks on the ‘Review Document’ button to open it, the victim lands at a phishing page on a spoofed domain. At that place, the target is urged to log in to the Windows domain. Using AiTM attacks to bypass MFA The attackers seem to be using a phishing framework, evilginx2 proxy, to perform the AiTM attack. When a target inputs their credentials and solves the MFA question, the proxy sitting in the middle steals the session cookie generated by the Windows domain. The attackers can now load the stolen session cookies into their own browsers to log into the victim's account and bypass MFA automatically, which was verified in the previous login. In one of the observed cases, the attackers added a smartphone as the new authentication device to ensure uninterrupted access to compromised accounts remains available to them. Further, the attackers used this stealthy breach to exclusively access SharePoint and Exchange. On the basis of logs, no activity was spotted in the victim's inbox, maybe they only read emails. Conclusion The recent BEC campaign is very sophisticated and displays the technical capability of attackers behind it. Thus, corporate executives must stay vigilant. If suspected of any incident, Windows admins are suggested to monitor MFA changes on user accounts using Azure AD Audit Logs .

Mitiga Web Traffic

Rank
Page Views per User (PVPU)
Page Views per Million (PVPM)
Reach per Million (RPM)
CBI Logo

Mitiga Rank

  • When was Mitiga founded?

    Mitiga was founded in 2019.

  • Where is Mitiga's headquarters?

    Mitiga's headquarters is located at Begin Road 121, Tel Aviv.

  • What is Mitiga's latest funding round?

    Mitiga's latest funding round is Series A - II.

  • How much did Mitiga raise?

    Mitiga raised a total of $32M.

  • Who are the investors of Mitiga?

    Investors of Mitiga include Blackstone, DNX Ventures, ClearSky, Atlantic Bridge Capital, Glilot Capital Partners and 4 more.

  • Who are Mitiga's competitors?

    Competitors of Mitiga include Anvilogic and 8 more.

You May Also Like

Securonix Logo
Securonix

Securonix provides enterprises with a security analytics platform that uses Hadoop and machine learning technology to consume, enrich and analyze massive volumes of data to detect and prioritize the highest insider threat, cyber threat, cloud, and fraud attacks automatically and accurately. The company was founded in 2017 and is based in Addison, TX.

Exabeam Logo
Exabeam

Exabeam complements existing security information and event management and log management systems with machine-learning technology that focuses on attacker behavior rather than malware and tools to detect modern cyberattacks. Exabeam's user behavior analytics solution leverages existing log data to quickly detect advanced attacks, prioritize incidents and guide effective response. The company's Stateful User Tracking automates the work of security analysts by resolving individual security events and behavioral anomalies into a complete attack chain. The firm primarily serves retail banks, investment banks, academic institutions, retail, and technology firms. It was founded in 2013 and is based in Foster city, California.

Stellar Cyber Logo
Stellar Cyber

Stellar Cyber is a security analytics provider that has created Starlight, a unified security analytics platform designed to be the SOC Command Center for pervasive data collection, breach detection, investigation and response (CDIR). The company's customers are mid-tier and large enterprises and service providers building managed detection and response services for those who don't have in house incident responders.

TINES Logo
TINES

Tines automates many of the repetitive manual tasks faced by security analysts so that they can focus on other high priority work.

Swimlane Logo
Swimlane

Swimlane centralizes an organization's security alerts, automates resolution, and produces metrics-based dashboards and reports. Swimlane automatically responds to alerts, automates the implementation of security controls, and protects the organization from future attacks. The company was founded in 2014 and is based in Louisville, Colorado.

C
Cado Security

Cado Security is a software platform for responding to cyber-security incidents and performing digital forensics.

Discover the right solution for your team

The CB Insights tech market intelligence platform analyzes millions of data points on vendors, products, partnerships, and patents to help your team find their next technology solution.

Request a demo

CBI websites generally use certain cookies to enable better interactions with our sites and services. Use of these cookies, which may be stored on your device, permits us to improve and customize your experience. You can read more about your cookie choices at our privacy policy here. By continuing to use this site you are consenting to these choices.