Live Cyber Attack Lab 🎯 Watch our IR team detect & respond to a rogue insider trying to steal data! Choose a Session


IT Pros


Using PowerShell to Combat CryptoLocker

On the Varonis blog, we recently wrote about how CryptoLocker—the malware that encrypts your local files and holds them for a Bitcoin ransom—has better marketing than many companies. However, we...

Read More

How Can I Find Out Which Active Directory Groups I’m a Member Of?

The ability to administer and maintain up-to-date user lists and groups is critical to the security of an organization. There are a number of different ways to determine which groups...

Read More

What You May Have Missed

1. Here’s an interesting perspective from a CTO on why metadata matters. 2. By September 30th, California Governor Jerry Brown will either veto or sign two very important bills that will protect...

Read More

In Search of Kerberos’s Golden Ticket

In a Kerberos environment, all users get tickets, or more specifically TGTs (Ticketing Granting Tickets). It’s the starting point for gaining access to services—network files, email, apps, etc.  In Windows,...

Read More

Kerberos Weaknesses: Pass the Ticket Is a Real Threat

August is always a good time to check up on the dark side.  Black Hat had its annual conference earlier this month, and there are always presentations worth looking at....

Read More

Authentication Lessons From the Magic Kingdom: A Closer Look at Kerberos, Part II

Let’s continue our journey into the Magic Kingdom as a way to explore Kerberos. Sure the comparison doesn’t completely track, but it’s close and easy enough to grasp that I...

Read More

Top Five Most Dangerous Software Errors

Over the years, Mitre, the MIT research group, has been analyzing software bugs and missteps that hackers have been able to exploit. Their Common Vulnerabilities and Exposures (CVE) classifications are...

Read More

Risks of Renaming Your Domain in Active Directory

As a sysadmin, there might be moments where you’ll find the need to change, merge, or rename your domain. Hopefully you name your domain well the first time, but there...

Read More

3 Deadly File Permissions Mistakes

Scarily, in most organizations people have access to much more information than they need in order to do their jobs.  With file permissions, it’s easy to mess things up and...

Read More

A Closer Look at Pass the Hash, Part II: Prevention

Last week, I attended a webinar that was intended to give IT attendees a snapshot of recent threats—a kind of hacker heads-up. For their representative case, the two sec gurus...

Read More

Does your cybersecurity start at the heart?

Get a highly customized data risk assessment run by engineers who are obsessed with data security.