Incident Response

Cybersecurity folks find themselves in a “Zero-Daze” as they get hit with another new 0-day attack, called SeriousSAM, that allows attackers to get access to the Windows Security Account Manager...

When responding to a cybersecurity incident I’ve always found memory forensics to be a great skill to have. By capturing the memory of a compromised device you can quickly perform...

Thought ransomware couldn’t get any worse? Ransomware gangs are now stealing victim’s data before unleashing ransomware – forcing victims to pay up or deal with the fallout when attackers post...

Breaking News: The REvil ransomware gang launched an attack over the U.S. long holiday weekend. Varonis presented a webinar on the attack and you can check out this detailed breakdown...

Once ransomware gangs establish a foothold in an organization, the next move is often to compromise additional accounts and escalate their privileges — which puts Active Directory squarely in their...

This report is a monthly round-up from the Varonis Forensics Team documenting activity observed while responding to incidents, performing forensics, and reverse engineering malware samples. This report is intended to...

Cloud collaboration tools like Google Drive are ubiquitous, but in our work from anywhere world, IT and security often face challenges understanding how and where personal accounts intermingle with corporate...

The SolarWinds supply chain attack was seen as a wake-up call for many in business, IT, and security. Both attackers & defenders took notice of the attack’s effectiveness, and created...

Question: What does S3 security, and cyber insurance have in common? Answer: We discuss them in the video today! That was a bit of a trick question, but two very...

Our team has recently led several high-profile investigations of attacks attributed to an up-and-coming cybercrime group, Darkside. These highly targeted campaigns were conducted in several phases over weeks or months,...