Incident Response

The SolarWinds supply chain attack was seen as a wake-up call for many in business, IT, and security. Both attackers & defenders took notice of the attack’s effectiveness, and created...

Question: What does S3 security, and cyber insurance have in common? Answer: We discuss them in the video today! That was a bit of a trick question, but two very...

Our team has recently led several high-profile investigations of attacks attributed to an up-and-coming cybercrime group, Darkside. These highly targeted campaigns were conducted in several phases over weeks or months,...

Many organizations are still dealing with the mass exploitation of on-prem Exchange servers from four Zero-Day vulnerabilities. Teams are struggling to identify and patch all of their affected servers, and...

For years, security professionals have warned that you have to assume you’re breached, but the Solarwinds supply chain attack really brought this into focus for many organizations. Unfortunately, this is...

This report is a monthly round-up from the Varonis Forensics Team documenting activity observed while responding to incidents, performing forensics, and reverse engineering malware samples. This report is intended to...

Love hacking in Cyberpunk? So do we! What about in real life? Not so much! Join Kilian Englert and Ryan O’Boyle from the Varonis Incident Response team as they discuss...

Who says you can’t teach an old attack new tricks? Apparently, the authors of the Trickbot malware think you can! Join Kilian Englert and Ryan O’Boyle from the Varonis Incident...

So many attacks start with a simple booby-trapped document that runs malicious code. Crafty attackers can even customize the payload to bypass endpoint controls! Don’t believe us? Check out this...

The fallout from the SolarWinds incident continues to be a top-of-mind concern for many organizations, even for those not running the Orion platform due to the advanced nature of the...