Varonis announces strategic partnership with Microsoft to accelerate the secure adoption of Copilot.

Learn more
Blog

Security Bulletins

Threat Update 56 – SSO Imposter: Targeting Box

Kilian Englert

Kilian Englert

In the final part of the series, Kilian Englert and Ryan O’Boyle from the Varonis Cloud Architecture team walk through how attackers could target Box. They investigate how an attacker…

Threat Update 55 – SSO Imposter: Targeting Google

Kilian Englert

Kilian Englert

In part two of this three-part series, Kilian Englert and Ryan O’Boyle from the Varonis Cloud Architecture team investigate how an attacker who compromised a single sign-on admin account can…

Threat Update 54 – SSO Imposter: Intrusion

Kilian Englert

Kilian Englert

Virtually every organization leveraging more than a few cloud offerings has a single sign-on solution to simplify the management of their various cloud apps. With a little careful planning, attackers…

Threat Update 53 – ProxyShell and PetitPotam and Ransomware… Oh My!

Kilian Englert

Kilian Englert

Technology grows, evolves, and changes over time, but most organizations often need to support legacy systems. In the Microsoft world, this typically means keeping legacy authentication protocols like NTLM authentication…

Threat Update 52 – 2021 SaaS Risk Report

Kilian Englert

Kilian Englert

Cloud solutions have changed the way we do business, allowing organizations to leverage the scale and flexibility of SaaS, and IaaS platforms, and support an increasingly mobile “work from anywhere...

Threat Update 49 – SeriousSAM & Black Hat 2021

Kilian Englert

Kilian Englert

Cybersecurity folks find themselves in a “Zero-Daze” as they get hit with another new 0-day attack, called SeriousSAM, that allows attackers to get access to the Windows Security Account Manager (SAM) file containing hashed account passwords from a system.

Memory Forensics for Incident Response

Neil Fox

Neil Fox

When responding to a cybersecurity incident I’ve always found memory forensics to be a great skill to have. By capturing the memory of a compromised device you can quickly perform…

Threat Update 47 – Ransomware Early Warning: Data Exfiltration

Kilian Englert

Kilian Englert

Thought ransomware couldn’t get any worse? Ransomware gangs are now stealing victim’s data before unleashing ransomware – forcing victims to pay up or deal with the fallout when attackers post…

Threat Update 46 – Ransomware Early Warning: Data Discovery

Kilian Englert

Kilian Englert

Ransomware gangs are in it for the payout. To ensure maximum “conversion” rates for their victims to pay up, they often try to find as much sensitive or valuable data to steal before unleashing an attack and encrypting the victim's data.

REvil Ransomware Attack on Kaseya VSA: What You Need to Know

Dvir Sason

Dvir Sason

A malicious hotfix was released by Kaseya VSA servers resulting in the compromise and encryption of thousands of nodes at hundreds of businesses by REvil.

Threat Update 45 – Ransomware Early Warning: AD Attacks

Kilian Englert

Kilian Englert

Attackers leverage a number of techniques, but two of the most common are password spray attacks and kerberoasting. Join Kilian and Kyle Roth from the Varonis Incident Response team as they discuss how and why attackers leverage each technique and look at a real-life example of each type of attack from one of our attack lab scenarios.

Threat Update 44 – Ransomware Early Warning: DNS Recon

Kilian Englert

Kilian Englert

Join Kilian and Kyle Roth from the Varonis Incident Response team as they discuss what DNS is, how it works, and how attackers can “live off the land” to map out an organization’s network using a few command-line tools built into every OS.

Prev

1 2 3 4 5

Try Varonis free.

Get a detailed data risk report based on your company’s data.
Deploys in minutes.