Varonis debuts trailblazing features for securing Salesforce. Learn More

Varonis announces strategic partnership with Microsoft to acclerate the secure adoption of Copilot.

Learn more
Tal Peleg

Latest articles

Varonis Threat Labs Discovers SQLi and Access Flaws in Zendesk

Tal Peleg

Tal Peleg

Varonis Threat Labs found a SQL injection vulnerability and a logical access flaw in Zendesk Explore, the reporting and analytics service in the popular customer service solution, Zendesk.

Spoofing SaaS Vanity URLs for Social Engineering Attacks

Tal Peleg

Tal Peleg

SaaS vanity URLs can be spoofed and used for phishing campaigns and other attacks. In this article, we’ll showcase two Box link types, two Zoom link types, and two Google Docs link type that we were able to spoof.

Mixed Messages: Busting Box’s MFA Methods

Tal Peleg

Tal Peleg

Varonis Threat Labs discovered a way to bypass multi-factor authentication (MFA) for Box accounts that use an SMS code for login verification.

Bypassing Box's Time-based One-Time Password MFA

Tal Peleg

Tal Peleg

The Varonis research team discovered a way to bypass Box's Time-based One-Time Password MFA for Box accounts that use authenticator applications.

We're Varonis.
Our mission is to deliver meaningful security outcomes on autopilot.
No overhead. Just outcomes.