-
Data Security
Mar 03, 2016
Penetration Testing Explained, Part VII: Exfiltration and Conclusions
In this series of posts, I covered ideas to get you started using basic testing software to find security vulnerabilities. There are more advanced tools, such as Metasploit, which lets...
Michael Buckbee
4 min read
-
Security Bulletins
Feb 24, 2016
DatAlert Analytics and the Varonis Behavior Research Laboratory
Last November, we introduced Varonis UBA threat models to automatically analyze behavior and detect insider threats throughout the lifecycle of a breach. Our UBA threat models, which are major enhancements...
Michael Buckbee
1 min read
-
Data Security
Feb 17, 2016
Entrepreneurial RATs: AlienSpy and TaaS (Trojans as a Service)
When I wrote about Remote Access Trojans (RATs), I thought they were like the mousetraps of the hacking world — it’s hard to improve on. RATs let hackers get a...
Michael Buckbee
2 min read
-
Data Security
Feb 09, 2016
Lessons from the Malware Museum
If you haven’t already seen Mikko Hypponen’s collection of vintage malware at the Internet Archive, take the time for a brief tour. If you’re on a lunch hour, it’s also...
Michael Buckbee
2 min read
-
Data Security
Feb 05, 2016
New Updates to the CIS Critical Security Controls
If you haven’t already heard, the Top 20 Critical Security Controls has a new name. Last year, after the Center for Internet Security(CIS) integrated with the Council on Cybersecurity, the...
Michael Buckbee
5 min read
-
Data Security
Jan 10, 2016
Varonis Seven Part Guide to Penetration Testing
Our sprawling pen-testing series has taken on a life of its own! For your convenience and blog reading pleasure, we’ve assembled all the links to this six seven part series below....
Michael Buckbee
1 min read
-
Data Security
Jan 06, 2016
Penetration Testing Explained, Part VI: Passing the Hash
We’re now at a point in this series where we’ve exhausted all our standard tricks to steal credentials — guessing passwords, or brute force attacks on the hash itself. What’s...
Michael Buckbee
2 min read
-
Data Security
Jan 04, 2016
Data Security’s Tower of Jenga
Over the holiday break, I had a chance to see “The Big Short”, the movie based on Michael Lewis’s book about the housing bubble. Or more accurately, about how a...
Michael Buckbee
3 min read
-
Privacy & Compliance
Dec 11, 2015
What is the EU General Data Protection Regulation?
Table of Contents DPD 2.0 GDPR Vocabulary Articulating the Articles More Articles: The New Stuff Focus Your GDPR Compliance Note: This post now reflects the final version of the EU...
Michael Buckbee
7 min read
-
Data Security
Dec 04, 2015
Design Thinking for your Data Strategy
A fact of life for many Chief Data Officers (CDOs) is that once you’ve achieved certain milestones in your data strategy, your focus will inevitably shift to a new milestone...
Michael Buckbee
2 min read
-
Data Security
Dec 02, 2015
Penetration Testing Explained, Part V: Hash Dumping and Cracking
In the previous post in this series, I guessed a local password and then tried various ways to move laterally within my mythical Acme network. But what happens if you can’t...
Michael Buckbee
3 min read
-
Data Security
Nov 10, 2015
A Brief History of Ransomware
Ransomware’s Early Days The first documented and purported example of ransomware was the 1989 AIDS Trojan, also known as PS Cyborg1. Harvard-trained evolutionary biologist Joseph L. Popp sent 20,000 infected...
Kieran Laffan
5 min read
SECURITY STACK NEWSLETTER
Ready to see the #1 Data Security Platform in action?
Ready to see the #1 Data Security Platform in action?
“I was amazed by how quickly Varonis was able to classify data and uncover potential data exposures during the free assessment. It was truly eye-opening.”
Michael Smith, CISO, HKS
"What I like about Varonis is that they come from a data-centric place. Other products protect the infrastructure, but they do nothing to protect your most precious commodity — your data."
Deborah Haworth, Director of Information Security, Penguin Random House
“Varonis’ support is unprecedented, and their team continues to evolve and improve their products to align with the rapid pace of industry evolution.”
Al Faella, CTO, Prospect Capital