Live Cyber Attack Lab 🎯 Watch our IR team detect & respond to a rogue insider trying to steal data! Choose a Session


Cybersecurity News


Threat Update 67 – Jira Permission Leaks

Jira can be an interesting attack target for recon, lateral movement, and exfiltration – but it is made all the more dangerous by a simple permissions misconfiguration at the heart...

Read More

Bypassing Box’s Time-based One-Time Password MFA

Executive Summary The Varonis research team discovered a way to bypass multi-factor authentication for Box accounts that use authenticator apps such as Google Authenticator. Using the technique demonstrated below, an...

Read More

No Time to REST: Check Your Jira Permissions for Leaks

Varonis researchers enumerated a list of 812 subdomains and found 689 accessible Jira instances. We found 3,774 public dashboards, 244 projects, and 75,629 issues containing email addresses, URLs, and IP...

Read More

Einstein’s Wormhole: Capturing Outlook & Google Calendars via Salesforce Guest User Bug

If your organization uses Salesforce Communities and Einstein Activity Capture, you might have unknowingly exposed your administrator’s Outlook or Google calendar events to the internet due to a bug called...

Read More

BlackMatter Ransomware: In-Depth Analysis & Recommendations

CISA has issued a security bulletin regarding the BlackMatter ‘big game hunter’ ransomware group following a sharp increase in cases targeting U.S. businesses. To mitigate these attacks, it is recommended...

Read More

Good for Evil: DeepBlueMagic Ransomware Group Abuses Legit Encryption Tools

A group known as “DeepBlueMagic” is suspected of launching a ransomware attack against Hillel Yaffe Medical Center in Israel, violating a loose “code of conduct” that many ransomware groups operate...

Read More

Lessons from the Twitch Data Leak

What happened? Increasingly covered by the mainstream press throughout Wednesday, October 6, 2021, the impact of the recent Twitch leak will undoubtedly grow as bad actors take advantage of the...

Read More

Threat Update 53 – ProxyShell and PetitPotam and Ransomware… Oh My!

Technology grows, evolves, and changes over time, but most organizations often need to support legacy systems. In the Microsoft world, this typically means keeping legacy authentication protocols like NTLM authentication...

Read More

Threat Update 52 – 2021 SaaS Risk Report

Cloud solutions have changed the way we do business, allowing organizations to leverage the scale and flexibility of SaaS, and IaaS platforms, and support an increasingly mobile “work from anywhere...

Read More

Threat Update 50 – Critical Salesforce Misconfiguration

Salesforce is the lifeblood of many organizations. The amount of critical, and sensitive information stored within is astronomical – however, there are parts of the solution designed to be accessed...

Read More

Does your cybersecurity start at the heart?

Get a highly customized data risk assessment run by engineers who are obsessed with data security.