Live Cyber Attack Lab 🎯 Watch our IR team detect & respond to a rogue insider trying to steal data! Choose a Session

X

Incident Response

Articles

Threat Update 36 – A Supply Chain Attack By Any Other Name

The SolarWinds supply chain attack was seen as a wake-up call for many in business, IT, and security. Both attackers & defenders took notice of the attack’s effectiveness, and created...

Read More

Threat Update 33 – S3 Security Suggestions & Cyber Insurance Targets

Question: What does S3 security, and cyber insurance have in common? Answer: We discuss them in the video today! That was a bit of a trick question, but two very...

Read More

Return of the Darkside: Analysis of a Large-Scale Data Theft Campaign

Our team has recently led several high-profile investigations of attacks attributed to an up-and-coming cybercrime group, Darkside. These highly targeted campaigns were conducted in several phases over weeks or months,...

Read More

Threat Update 29 – Exchange Vulnerability Detection Tips & Tools

Many organizations are still dealing with the mass exploitation of on-prem Exchange servers from four Zero-Day vulnerabilities. Teams are struggling to identify and patch all of their affected servers, and...

Read More

Threat Update 26 – Living with Supply Chain Attacks

For years, security professionals have warned that you have to assume you’re breached, but the Solarwinds supply chain attack really brought this into focus for many organizations. Unfortunately, this is...

Read More

February 2021 Malware Trends Report

This report is a monthly round-up from the Varonis Forensics Team documenting activity observed while responding to incidents, performing forensics, and reverse engineering malware samples. This report is intended to...

Read More

Threat Update #25 – HelloRansomware: A Look at the CD Projekt Red Attack

Love hacking in Cyberpunk? So do we! What about in real life? Not so much! Join Kilian Englert and Ryan O’Boyle from the Varonis Incident Response team as they discuss...

Read More

Threat Update 24 – Trickbot’s New Tricks & Recon Investigations

Who says you can’t teach an old attack new tricks? Apparently, the authors of the Trickbot malware think you can! Join Kilian Englert and Ryan O’Boyle from the Varonis Incident...

Read More

Threat Update 23 – Bypassing Endpoint Controls Using Office Macros

So many attacks start with a simple booby-trapped document that runs malicious code. Crafty attackers can even customize the payload to bypass endpoint controls! Don’t believe us? Check out this...

Read More

Threat Update 22 – SolarWinds and DNS

The fallout from the SolarWinds incident continues to be a top-of-mind concern for many organizations, even for those not running the Orion platform due to the advanced nature of the...

Read More
 

Does your cybersecurity start at the heart?

Get a highly customized data risk assessment run by engineers who are obsessed with data security.