Cybersecurity News
Articles
Explore by topic:
October 2020 Malware Trends Report
This report is a monthly round-up from the Varonis Forensics Team documenting activity observed while responding to incidents, performing forensics, and reverse engineering malware samples. This report is intended to...
Threat Update #11 – Attack Attribution
In cybersecurity, incident response is the big game and analysis is the postgame wrap-up. After the threat is contained, security investigators can dive into what they’ve found to look for...
Polyrize Acquisition
I’m excited to announce today our agreement to acquire Polyrize, a software company whose team and products are a natural fit as part of the Varonis family. This is the...
The Saga of Trickbot
Here is a little story that should have made the evening news. Well, it’s actually kind of a big geopolitical story, but given 2020’s logarithmic growth in geopolitical story significance,...
Threat Update #10
An alert notifies you that something suspicious is going on. Minutes matter, so you call the Varonis Incident Response team to help. Security investigators must act fast, but where do...
Varonis Threat Update #9
When ransomware strikes, minutes matter. But an attack may not always be what it seems. That’s because ransomware can serve as a clever – and effective – smokescreen designed to...
Varonis Threat Update #8
Emotet and Ryuk attacks are coming fast and furious, and they’re highly damaging. We’re seeing a huge surge in ransomware worldwide as criminal groups amp up their efforts to grab...
How Varonis Helps Stop Emotet
Our incident response team is tracking an unprecedented number of Emotet malware infections. The number of active concurrent Emotet investigations is threefold our previous high-water mark. This post will cover...
Exploiting BGInfo to Infiltrate a Corporate Network
Executive Summary There is a remote code execution attack vector within BGInfo. A clever attacker can embed a path to a malicious script within a BGInfo config file (.bgi). If...
Azure Skeleton Key: Exploiting Pass-Through Auth to Steal Credentials
EDIT: Security researcher Adam Chester had previously written about Azure AD Connect for Red Teamers, talking about hooking the authentication function. Check out his awesome write-up here. Should an attacker...