Latest articles
Threat Update 38 – The Darkside Strikes Back
May 14, 2021
Ransomware is the scourge of IT and security professionals, and the Darkside group is one of the most notorious players in this space.
Threat Update 37 – Is SSO the new (h)Active Directory?
May 06, 2021
As organizations continue moving to cloud services at a breakneck pace, the adoption of SSO solutions has been a safe and effective way for IT teams to enable and control…
Threat Update 36 – A Supply Chain Attack By Any Other Name
Apr 30, 2021
Kilian and Ryan look at a supply chain attack that silently stole cloud credentials for several months before detection.
Threat Update 34 – Isn't the Internet Supposed to be Bombproof?
Apr 15, 2021
Kilian & Ryan dissect what could happen if a major data center went down, and how organizations leveraging cloud technology or solutions can prepare for business continuity.
Threat Update 33 – S3 Security Suggestions & Cyber Insurance Targets
Apr 08, 2021
Kilian, and Ryan from the Varonis Incident Response Team discuss controls to detect ransomware threats quickly while potentially lowering cyber insurance premiums.
Threat Update 32 - Lemon Duck Floats on Exchange ProxyLogon Vulnerability
Apr 01, 2021
Hear how the Lemon Duck cryptomining botnet targets Exchange servers vulnerable to ProxyLogon.
Threat Update 31 – Now are the Zero Days of our Discontent
Mar 25, 2021
Three new Zero Day vulnerabilities recently discovered in F5 products, and Microsoft Office 365 let attackers skip the password and authentication completely.
ReConnect - Ways Attackers Sidestep Your Endpoints
Mar 22, 2021
One of the age-old questions in cybersecurity is, “Are my endpoint controls enough?” Spoiler alert, unfortunately not! Kilian and Brian discuss scenarios we’ve seen where sophisticated attack groups deliberately leverage...
Threat Update 30 – No trust? No problem! An Overview of Zero Trust
Mar 18, 2021
With the constant barrage of cyberattacks in the news, it would be natural to wonder if there’s a security model to help. Enter Zero Trust! This popular security model has...
Threat Update 29 – Exchange Vulnerability Detection Tips & Tools
Mar 12, 2021
Many organizations are still dealing with the mass exploitation of on-prem Exchange servers from four Zero-Day vulnerabilities. Teams are struggling to identify and patch all of their affected servers, and...
Threat Update 28 – Re-Ryuk’ed & Exchange Zero-Day
Mar 04, 2021
Is it too soon for a 2020 throwback? The Ryuk ransomware gang certainly doesn’t think so! It looks like one of the premiere ransomware-as-a-service groups was not content to rest on their laurels, and it appears they’ve added self-spreading capabilities.
Threat Update 27 – Concentrations of Power
Feb 25, 2021
Why are there certain account types that are often targeted by attackers? Why can it be really difficult to detect certain types of account misuse? What are some of the biggest AD hygiene issues we run into?
Try Varonis free.
Deploys in minutes.