Live Cyber Attack Lab 🎯 Watch our IR team detect & respond to a rogue insider trying to steal data! Choose a Session

X

Incident Response

Articles

Threat Update 60 – Abusing Public Salesforce APIs for Fun & Profit

APIs are designed to facilitate programmatic access for application integrations and data sharing, but simple access misconfigurations in critical solutions like Salesforce can allow attackers to inappropriately access sensitive contacts,...

Read More

Threat Update 58 – The Hidden Risks of Slack

Slack is an extremely popular communication platform – but it can be used for so much more, often without organizations realizing it. Kilian Englert and Ryan O’Boyle from the Varonis...

Read More

Threat Update 57 – Zoom-ing In On Non-Traditional Data Stores

Many people know it’s not safe to send sensitive information in emails, but how many people think about what is said on video conferencing platforms? Kilian Englert and Ryan O’Boyle...

Read More

Threat Update 56 – SSO Imposter: Targeting Box

In the final part of the series, Kilian Englert and Ryan O’Boyle from the Varonis Cloud Architecture team walk through how attackers could target Box. They investigate how an attacker...

Read More

Threat Update 55 – SSO Imposter: Targeting Google

In part two of this three-part series, Kilian Englert and Ryan O’Boyle from the Varonis Cloud Architecture team investigate how an attacker who compromised a single sign-on admin account can...

Read More

Threat Update 54 – SSO Imposter: Intrusion

Virtually every organization leveraging more than a few cloud offerings has a single sign-on solution to simplify the management of their various cloud apps. With a little careful planning, attackers...

Read More

Threat Update 53 – ProxyShell and PetitPotam and Ransomware… Oh My!

Technology grows, evolves, and changes over time, but most organizations often need to support legacy systems. In the Microsoft world, this typically means keeping legacy authentication protocols like NTLM authentication...

Read More

Threat Update 49 – SeriousSAM & Black Hat 2021

Cybersecurity folks find themselves in a “Zero-Daze” as they get hit with another new 0-day attack, called SeriousSAM, that allows attackers to get access to the Windows Security Account Manager...

Read More

Memory Forensics for Incident Response

When responding to a cybersecurity incident I’ve always found memory forensics to be a great skill to have. By capturing the memory of a compromised device you can quickly perform...

Read More

Threat Update 47 – Ransomware Early Warning: Data Exfiltration

Thought ransomware couldn’t get any worse? Ransomware gangs are now stealing victim’s data before unleashing ransomware – forcing victims to pay up or deal with the fallout when attackers post...

Read More
 

Does your cybersecurity start at the heart?

Get a highly customized data risk assessment run by engineers who are obsessed with data security.