Threat Research
Dropbox Sign Data Breach: What You Need to Know
May 03, 2024
Dropbox Sign's recent data breach highlights how non-human identities are driving more profound breaches.
Palo Alto Networks PAN-OS Zero-Day Active Exploit: What You Need to Know
Apr 12, 2024
Palo Alto Networks issued a warning on April 12, 2024, that a critical, unpatched vulnerability in their PAN-OS firewall is being actively exploited.
Sisense Data Breach: What You Need to Know
Apr 11, 2024
The U.S. Cybersecurity and Infrastructure Agency (CISA) issued an alert this week warning Sisense customers of a data breach. Here's what you need to know.
Sidestepping SharePoint Security: Two New Techniques to Evade Exfiltration Detection
Apr 09, 2024
Varonis Threat Labs discovered two techniques in SharePoint that allow users to circumvent audit logs and avoid triggering download events while exfiltrating files.
XZ Backdoor: Supply Chain Jump Scare
Apr 05, 2024
While the XZ backdoor is scary, most companies learned from SolarWinds
Increased Threat Activity Targeting Ivanti Vulnerabilities
Mar 20, 2024
A recent surge in activity targeting Ivanti Connect Secure (ICS) involves chaining two vulnerabilities that give threat actors the ability to execute arbitrary commands remotely.
Security Vulnerabilities in Apex Code Could Leak Salesforce Data
Feb 20, 2024
Varonis' threat researchers identified high- and critical-severity vulnerabilities in Apex, a programming language for customizing Salesforce instances.
Outlook Vulnerability Discovery and New Ways to Leak NTLM Hashes
Jan 18, 2024
Varonis Threat Labs discovered a new Outlook exploit and three new ways to access NTLM v2 hashed passwords.
Taking Microsoft Office by "Storm"
Jul 18, 2023
The “Storm-0978” ransomware group is actively exploiting an unpatched Microsoft Office and Windows HTML remote code execution vulnerability.
Imposter Syndrome: UI Bug in Visual Studio Lets Attackers Impersonate Publishers
Jun 07, 2023
Varonis Threat Labs found a bug in Microsoft Visual Studio installer that allows an attacker to impersonate a publisher and issue a malicious extension to compromise a targeted system
Ghost Sites: Stealing Data From Deactivated Salesforce Communities
May 31, 2023
Varonis Threat Labs discovered improperly deactivated Salesforce 'ghost' Sites that are easily found, accessible, and exploitable by attackers.
HardBit 2.0 Ransomware
Feb 20, 2023
HardBit is a ransomware threat that targets organizations to extort cryptocurrency payments for the decryption of their data. Seemingly improving upon their initial release, HardBit version 2.0 was introduced toward the end of November 2022, with samples seen throughout the end of 2022 and into 2023.
Try Varonis free.
Deploys in minutes.