Threat Research

Salesforce is the lifeblood of many organizations. The amount of critical, and sensitive information stored within is astronomical – however, there are parts of the solution designed to be accessed...

A misconfigured Salesforce Community may lead to sensitive Salesforce data being exposed to anyone on the internet. Anonymous users can query objects that contain sensitive information such as customer lists,...

On July 3rd, at 10:00 AM EST, a malicious hotfix was released and pushed by Kaseya VSA servers that propagated to servers managed by Kaseya, resulting in the compromise and...

This report is a monthly round-up from the Varonis Forensics Team documenting activity observed while responding to incidents, performing forensics, and reverse engineering malware samples. This report is intended to...

Our team has recently led several high-profile investigations of attacks attributed to an up-and-coming cybercrime group, Darkside. These highly targeted campaigns were conducted in several phases over weeks or months,...

In a previous blog post, I explained what x64dbg is and also broke down some of the features of the tool and why they are useful for malware analysis. This...

On March 2nd, Microsoft released an urgent software update to patch 4 critical vulnerabilities in Exchange Server 2010, 2013, 2016, and 2019. Our IR and Forensics teams are actively helping organizations patch,...

This report is a monthly round-up from the Varonis Forensics Team documenting activity observed while responding to incidents, performing forensics, and reverse engineering malware samples. This report is intended to...

So many attacks start with a simple booby-trapped document that runs malicious code. Crafty attackers can even customize the payload to bypass endpoint controls! Don’t believe us? Check out this...

Imagine if everyone with an Amazon Echo in their home had to assume it’s been unlocking their doors and letting a thief inside for the past 6 months. How would you...