Cybersecurity News

This report is a monthly round-up from the Varonis Forensics Team documenting activity observed while responding to incidents, performing forensics, and reverse engineering malware samples. This report is intended to...

In cybersecurity, incident response is the big game and analysis is the postgame wrap-up. After the threat is contained, security investigators can dive into what they’ve found to look for...

I’m excited to announce today our agreement to acquire Polyrize, a software company whose team and products are a natural fit as part of the Varonis family. This is the...

Here is a little story that should have made the evening news. Well, it’s actually kind of a big geopolitical story, but given 2020’s logarithmic growth in geopolitical story significance,...

An alert notifies you that something suspicious is going on. Minutes matter, so you call the Varonis Incident Response team to help. Security investigators must act fast, but where do...

When ransomware strikes, minutes matter. But an attack may not always be what it seems. That’s because ransomware can serve as a clever – and effective – smokescreen designed to...

Emotet and Ryuk attacks are coming fast and furious, and they’re highly damaging. We’re seeing a huge surge in ransomware worldwide as criminal groups amp up their efforts to grab...

Our incident response team is tracking an unprecedented number of Emotet malware infections. The number of active concurrent Emotet investigations is threefold our previous high-water mark. This post will cover...

Executive Summary There is a remote code execution attack vector within BGInfo. A clever attacker can embed a path to a malicious script within a BGInfo config file (.bgi). If...

EDIT: Security researcher Adam Chester had previously written about Azure AD Connect for Red Teamers, talking about hooking the authentication function. Check out his awesome write-up here. Should an attacker...