CyberHappenings logo
☰
🏠 Home πŸ“‚ Browse ℹ️ About

Tidal Cyber Secures $10M for Threat-Informed Defense Platform

First reported
Last updated
πŸ“° 1 unique sources, 1 articles

Summary

Hide β–²

Tidal Cyber, a cybersecurity provider, has secured $10 million in Series A funding. The company, founded by former MITRE experts, offers a threat-informed defense platform that automates detection and response. The platform operationalizes the MITRE ATT&CK framework to provide proactive cyber defenses. The funding will be used to accelerate product innovation and drive growth. Tidal Cyber's platform maps adversary tactics, techniques, and procedures (TTPs) to the MITRE ATT&CK framework. It includes a Procedures library that captures adversary actions in real-world environments. The platform also calculates residual risks and the effectiveness of an organization’s security stack against real-world attack behavior. The investment round was led by Bright Pixel Capital, with additional support from previous investors including Capital One, Squadra, Task Force X, Ultratech, USAA, and Veteran Ventures.

Timeline

  1. 04.09.2025 04:55 πŸ“° 1 articles

    Tidal Cyber Raises $10M for Threat-Informed Defense Platform

    Tidal Cyber, a cybersecurity provider founded by former MITRE experts, has secured $10 million in Series A funding. The company's platform automates detection and response using the MITRE ATT&CK framework. The funding will be used to accelerate product innovation and drive growth. The investment round was led by Bright Pixel Capital, with support from several previous investors.

    Show sources
    Open in new tab

Information Snippets

Similar Happenings

Axios Abuse and Salty 2FA Kits in Microsoft 365 Phishing Campaigns

Threat actors are leveraging HTTP client tools like Axios and Microsoft's Direct Send feature to execute advanced phishing campaigns targeting Microsoft 365 environments. These campaigns have demonstrated a 70% success rate, bypassing traditional security defenses and exploiting authentication workflows. The attacks began in July 2025 and have targeted executives and managers in various sectors, including finance, healthcare, and manufacturing. The phishing campaigns use compensation-themed lures to trick recipients into opening malicious PDFs containing QR codes that direct users to fake login pages. Additionally, a phishing-as-a-service (PhaaS) offering called Salty 2FA is being used to steal Microsoft login credentials and bypass multi-factor authentication (MFA). The Salty2FA kit includes advanced features such as subdomain rotation, dynamic corporate branding, and sophisticated evasion tactics to enhance its effectiveness and evade detection. Salty2FA activity began gaining momentum in June 2025, with early traces possibly dating back to March–April 2025. The campaigns have been active since late July 2025 and continue to this day, generating dozens of fresh analysis sessions daily. Salty2FA targets industries including finance, energy, telecom, healthcare, government, logistics, IT consulting, education, construction, chemicals, industrial manufacturing, real estate, consulting, metallurgy, and more.

Open in new tab