Data security is an all-encompassing term. It covers processes and technologies for protecting files, databases, applications, user accounts, servers, network logins, and the network itself. But if you drill down a little in your thinking, it’s easy to see that data security is ultimately protecting a file somewhere on your system—whether desktops or servers. While data security is a good umbrella term, we need to get into more details to understand file security. File Security…

Who do Americans trust with their information? In light of massive data breaches, Americans have doubts about the safety of their personal data. Events like the Facebook Cambridge Analytica hack that affected 87 million Facebook profiles and the Marriott data breach that exposed data of up to 500 million guests are enough to get anyone guessing who they can trust with their sensitive information. Consumer mistrust is also prevalent when companies aren’t clear about the…

On January 22, 2019, the United State Department of Homeland Security (DHS) released a warning for a DNS infrastructure hijacking attack against US government agencies. Let’s dig into the specifics of the DHS warning and look at how you can better protect and monitor your DNS services. The Emergency Directive 19-01 calls this attack a DNS Infrastructure Hijacking attack. DHS says that the attackers stole user credentials powerful enough to alter DNS records, and then…

The Domain Name System (DNS) is the internet’s version of the Yellow Pages. Back in the olden times, when you needed to find a business’ address, you looked it up in the Yellow Pages. DNS is just like that, except you don’t actually have to look anything up: your internet connected computer does that for you. It’s how your computer knows how to find Google, or ESPN.com, or Varonis.com. For two computers to communicate on…

Version 7.0 of the Varonis Data Security Platform is here – featuring new cloud support and advanced threat detection and response capabilities: new event sources and enrichment; out-of-the-box threat intelligence applied to Varonis security insights; and playbooks that arm customers with incident response plans right in the web UI so customers can easily follow best-practice responses to security incidents.  Active Directory risk dashboards, GDPR dashboards, and Office 365 dashboards offer at-a-glance visibility into critical exposures and concerns on key data…

Privilege escalation is when an attacker is able to exploit the current rights of an account to gain additional, unexpected access. While this can be caused by zero-day vulnerabilities, state-level actors crafting attacks or cleverly disguised malware most often it’s a result of a simple account misconfiguration. From there, attackers can escalate through a series of small vulnerabilities that when chained together result in a potentially catastrophic data breach. If you’re a security professional it…