Articles by
Eric Saraga
Threat Update – Mass Exploitation of On-Prem Exchange Servers
On March 2nd, Microsoft released an urgent software update to patch 4 critical vulnerabilities in Exchange Server 2010, 2013, 2016, and 2019. Our IR and Forensics teams are actively helping organizations patch,...
Azure Skeleton Key: Exploiting Pass-Through Auth to Steal Credentials
EDIT: Security researcher Adam Chester had previously written about Azure AD Connect for Red Teamers, talking about hooking the authentication function. Check out his awesome write-up here. Should an attacker...
Using Malicious Azure Apps to Infiltrate a Microsoft 365 Tenant
Phishing remains one of the most successful ways to infiltrate an organization. We’ve seen a massive amount of malware infections stemming from users opening infected attachments or clicking links that...
Varonis Uncovers New Malware Strains and a Mysterious Web Shell During a Monero Cryptojacking Investigation
The Varonis Security Research team recently investigated an ongoing cryptomining infection that had spread to nearly every device at a mid-size company. Analysis of the collected malware samples revealed a...
Varonis Exposes Global Cyber Campaign: C2 Server Actively Compromising Thousands of Victims
The Varonis Security Research team discovered a global cyber attack campaign leveraging a new strain of the Qbot banking malware. The campaign is actively targeting U.S. corporations but has hit networks...