Cybersecurity News
Articles
Explore by topic:
Threat Update 34 â Isn’t the Internet Supposed to be Bombproof?
The FBI recently averted a potential attack on the AWS cloud â and in the process raised many questions about the stability and redundancy of âthe cloudâ and the technology...
Threat Update 33 â S3 Security Suggestions & Cyber Insurance Targets
Question: What does S3 security, and cyber insurance have in common? Answer: We discuss them in the video today! That was a bit of a trick question, but two very...
March 2021 Malware Trends Report
This report is a monthly round-up from the Varonis Forensics Team documenting activity observed while responding to incidents, performing forensics, and reverse engineering malware samples. This report is intended to...
The 2021 Healthcare Data Risk Report Reveals 1 Out of Every 5 Files is Open to All Employees
Hospitals, biotech firms and pharma companies are entrusted to protect sensitive informationâfrom personal patient data to valuable proprietary research–from skilled adversaries looking to grab sensitive data to steal, sell, or...
Threat Update 31 â Now are the Zero Days of our Discontent
Have you ever wanted to get into a concert, or movie, but you couldnât get a ticket? Probably not recently, but in this remote age, weâve all experienced something similar...
Return of the Darkside: Analysis of a Large-Scale Data Theft Campaign
Our team has recently led several high-profile investigations of attacks attributed to an up-and-coming cybercrime group, Darkside. These highly targeted campaigns were conducted in several phases over weeks or months,...
How to Unpack Malware with x64dbg
In a previous blog post, I explained what x64dbg is and also broke down some of the features of the tool and why they are useful for malware analysis. This...
Threat Update 28 â Re-Ryukâed & Exchange Zero-Day
Is it too soon for a 2020 throwback? The Ryuk ransomware gang certainly doesnât think so! It looks like one of the premiere ransomware-as-a-service groups was not content to rest...
Threat Update – Mass Exploitation of On-Prem Exchange Servers
On March 2nd, Microsoft released an urgent software update to patch 4 critical vulnerabilities in Exchange Server 2010, 2013, 2016, and 2019. Our IR and Forensics teams are actively helping organizations patch,...
Threat Update 26 – Living with Supply Chain Attacks
For years, security professionals have warned that you have to assume you’re breached, but the Solarwinds supply chain attack really brought this into focus for many organizations. Unfortunately, this is...