Live Cyber Attack Lab 🎯 Watch our IR team detect & respond to a rogue insider trying to steal data! Choose a Session

X

Incident Response

Articles

Threat Update 49 – SeriousSAM & Black Hat 2021

Cybersecurity folks find themselves in a “Zero-Daze” as they get hit with another new 0-day attack, called SeriousSAM, that allows attackers to get access to the Windows Security Account Manager...

Read More

Memory Forensics for Incident Response

When responding to a cybersecurity incident I’ve always found memory forensics to be a great skill to have. By capturing the memory of a compromised device you can quickly perform...

Read More

Threat Update 47 – Ransomware Early Warning: Data Exfiltration

Thought ransomware couldn’t get any worse? Ransomware gangs are now stealing victim’s data before unleashing ransomware – forcing victims to pay up or deal with the fallout when attackers post...

Read More

Threat Update 46 – Ransomware Early Warning: Data Discovery

Breaking News: The REvil ransomware gang launched an attack over the U.S. long holiday weekend. Varonis presented a webinar on the attack and you can check out this detailed breakdown...

Read More

Threat Update 45 – Ransomware Early Warning: AD Attacks

Once ransomware gangs establish a foothold in an organization, the next move is often to compromise additional accounts and escalate their privileges — which puts Active Directory squarely in their...

Read More

April 2021 Malware Trends Report

This report is a monthly round-up from the Varonis Forensics Team documenting activity observed while responding to incidents, performing forensics, and reverse engineering malware samples. This report is intended to...

Read More

Threat Update 39 – Let Me Google That PII On You

Cloud collaboration tools like Google Drive are ubiquitous, but in our work from anywhere world, IT and security often face challenges understanding how and where personal accounts intermingle with corporate...

Read More

Threat Update 36 – A Supply Chain Attack By Any Other Name

The SolarWinds supply chain attack was seen as a wake-up call for many in business, IT, and security. Both attackers & defenders took notice of the attack’s effectiveness, and created...

Read More

Threat Update 33 – S3 Security Suggestions & Cyber Insurance Targets

Question: What does S3 security, and cyber insurance have in common? Answer: We discuss them in the video today! That was a bit of a trick question, but two very...

Read More

Return of the Darkside: Analysis of a Large-Scale Data Theft Campaign

Our team has recently led several high-profile investigations of attacks attributed to an up-and-coming cybercrime group, Darkside. These highly targeted campaigns were conducted in several phases over weeks or months,...

Read More
 

Does your cybersecurity start at the heart?

Get a highly customized data risk assessment run by engineers who are obsessed with data security.