Blog

Threat Research

Varonis Threat Labs

OpenSSH 'RegreSSHion' RCE Vulnerability

Jason Hill

Jason Hill

A critical vulnerability in OpenSSH's server, dubbed 'regreSSHion,' raises the risk of remote code execution with root privileges.

Targeted Campaign Against Snowflake Customers: What You Need to Know

Varonis Threat Labs

Varonis Threat Labs

Recent data breaches of prominent Snowflake cloud customers highlight the risks of compromised cloud storage accounts.

Dropx Sign Data Breach

Dropbox Sign Data Breach: What You Need to Know

Omri Marom

Omri Marom

Dropbox Sign's recent data breach highlights how non-human identities are driving more profound breaches.

PAN-OS Zero-Day Active Exploit

Palo Alto Networks PAN-OS Zero-Day Active Exploit: What You Need to Know

Varonis Threat Labs

Varonis Threat Labs

Palo Alto Networks issued a warning on April 12, 2024, that a critical, unpatched vulnerability in their PAN-OS firewall is being actively exploited.

Sisense Data Breach: What You Need to Know

Varonis Threat Labs

Varonis Threat Labs

The U.S. Cybersecurity and Infrastructure Agency (CISA) issued an alert this week warning Sisense customers of a data breach. Here's what you need to know.

hand tries accessing SharePoint files

Sidestepping SharePoint Security: Two New Techniques to Evade Exfiltration Detection

Eric Saraga

Eric Saraga

Varonis Threat Labs discovered two techniques in SharePoint that allow users to circumvent audit logs and avoid triggering download events while exfiltrating files.

XZ Backdoor: Supply Chain Jump Scare

Varonis Threat Labs

Varonis Threat Labs

While the XZ backdoor is scary, most companies learned from SolarWinds

hand coming out of Invanti logo to symbolize threat actor

Increased Threat Activity Targeting Ivanti Vulnerabilities

Jason Hill

Jason Hill

A recent surge in activity targeting Ivanti Connect Secure (ICS) involves chaining two vulnerabilities that give threat actors the ability to execute arbitrary commands remotely.

Security Vulnerabilities in Apex Code Could Leak Salesforce Data

Nitay Bachrach

Nitay Bachrach

Varonis' threat researchers identified high- and critical-severity vulnerabilities in Apex, a programming language for customizing Salesforce instances.

microsoft NTLM leaks

Outlook Vulnerability Discovery and New Ways to Leak NTLM Hashes

Dolev Taler

Dolev Taler

Varonis Threat Labs discovered a new Outlook exploit and three new ways to access NTLM v2 hashed passwords.

Microsoft Word document surrounded by storm clouds

Taking Microsoft Office by "Storm"

Jason Hill

Jason Hill

The “Storm-0978” ransomware group is actively exploiting an unpatched Microsoft Office and Windows HTML remote code execution vulnerability.

Imposter Syndrome: UI Bug in Visual Studio Lets Attackers Impersonate Publishers

Dolev Taler

Dolev Taler

Varonis Threat Labs found a bug in Microsoft Visual Studio installer that allows an attacker to impersonate a publisher and issue a malicious extension to compromise a targeted system

Prev

1 2 3 4 5

Try Varonis free.

Get a detailed data risk report based on your company’s data.
Deploys in minutes.