Latest articles
Sidestepping SharePoint Security: Two New Techniques to Evade Exfiltration Detection
Apr 09, 2024
Varonis Threat Labs discovered two techniques in SharePoint that allow users to circumvent audit logs and avoid triggering download events while exfiltrating files.
Is this SID taken? Varonis Threat Labs Discovers Synthetic SID Injection Attack
Mar 11, 2022
A technique where threat actors with existing high privileges can inject synthetic SIDs into an ACL creating backdoors and hidden permission grants.
Using Power Automate for Covert Data Exfiltration in Microsoft 365
Feb 02, 2022
How threat actors can use Microsoft Power Automate to automate data exfiltration, C2 communication, lateral movement, and evade DLP solutions.
Using Malicious Azure Apps to Infiltrate a Microsoft 365 Tenant
Aug 20, 2020
Phishing remains one of the most successful ways to infiltrate an organization. We’ve seen a massive amount of malware infections stemming from users opening infected attachments or clicking links that...
Azure Skeleton Key: Exploiting Pass-Through Auth to Steal Credentials
Apr 22, 2020
EDIT: Security researcher Adam Chester had previously written about Azure AD Connect for Red Teamers, talking about hooking the authentication function. Check out his awesome write-up here. Should an attacker...
Try Varonis free.
Deploys in minutes.