Varonis announces strategic partnership with Microsoft to accelerate the secure adoption of Copilot.

Learn more
Eric Saraga

Latest articles

hand tries accessing SharePoint files

Sidestepping SharePoint Security: Two New Techniques to Evade Exfiltration Detection

Eric Saraga

Eric Saraga

Varonis Threat Labs discovered two techniques in SharePoint that allow users to circumvent audit logs and avoid triggering download events while exfiltrating files.

SID injection attack

Is this SID taken? Varonis Threat Labs Discovers Synthetic SID Injection Attack

Eric Saraga

Eric Saraga

A technique where threat actors with existing high privileges can inject synthetic SIDs into an ACL creating backdoors and hidden permission grants.

Using Power Automate for Covert Data Exfiltration in Microsoft 365

Eric Saraga

Eric Saraga

How threat actors can use Microsoft Power Automate to automate data exfiltration, C2 communication, lateral movement, and evade DLP solutions.

Using Malicious Azure Apps to Infiltrate a Microsoft 365 Tenant

Eric Saraga

Eric Saraga

Phishing remains one of the most successful ways to infiltrate an organization. We’ve seen a massive amount of malware infections stemming from users opening infected attachments or clicking links that...

Azure Skeleton Key: Exploiting Pass-Through Auth to Steal Credentials

Eric Saraga

Eric Saraga

EDIT: Security researcher Adam Chester had previously written about Azure AD Connect for Red Teamers, talking about hooking the authentication function. Check out his awesome write-up here. Should an attacker...

Try Varonis free.

Get a detailed data risk report based on your company’s data.
Deploys in minutes.