Live Cyber Attack Lab 🎯 Watch our IR team detect & respond to a rogue insider trying to steal data! Choose a Session

X

Threat Research

Articles

Return of the Darkside: Analysis of a Large-Scale Data Theft Campaign

Our team has recently led several high-profile investigations of attacks attributed to an up-and-coming cybercrime group, Darkside. These highly targeted campaigns were conducted in several phases over weeks or months,...

Read More

How to Unpack Malware with x64dbg

In a previous blog post, I explained what x64dbg is and also broke down some of the features of the tool and why they are useful for malware analysis. This...

Read More

Threat Update – Mass Exploitation of On-Prem Exchange Servers

On March 2nd, Microsoft released an urgent software update to patch 4 critical vulnerabilities in Exchange Server 2010, 2013, 2016, and 2019. Our IR and Forensics teams are actively helping organizations patch,...

Read More

February 2021 Malware Trends Report

This report is a monthly round-up from the Varonis Forensics Team documenting activity observed while responding to incidents, performing forensics, and reverse engineering malware samples. This report is intended to...

Read More

Threat Update 23 – Bypassing Endpoint Controls Using Office Macros

So many attacks start with a simple booby-trapped document that runs malicious code. Crafty attackers can even customize the payload to bypass endpoint controls! Don’t believe us? Check out this...

Read More

SolarWinds SUNBURST Backdoor: Inside the Stealthy APT Campaign

Imagine if everyone with an Amazon Echo in their home had to assume it’s been unlocking their doors and letting a thief inside for the past 6 months. How would you...

Read More

November 2020 Malware Trends Report

This Malware Trends Report – November 2020 is a monthly round-up from the Varonis Forensics Team documenting activity observed while responding to incidents, performing forensics, and reverse engineering malware samples....

Read More

Threat Update #12 – Does Zerologon Change the Game?

Cybercriminals are using the Zerologon exploit to fast track lateral movement and privilege escalation. If left unpatched, the exploit lets attackers use the password of the primary domain controller to...

Read More

October 2020 Malware Trends Report

This report is a monthly round-up from the Varonis Forensics Team documenting activity observed while responding to incidents, performing forensics, and reverse engineering malware samples. This report is intended to...

Read More

Threat Update #10

An alert notifies you that something suspicious is going on. Minutes matter, so you call the Varonis Incident Response team to help. Security investigators must act fast, but where do...

Read More
 

Does your cybersecurity start at the heart?

Get a highly customized data risk assessment run by engineers who are obsessed with data security.