Instead of using advanced tools or complex scripts, skilled threat actors infiltrate systems and steal data using the most effective weapon of all - words

Varonis Threat Labs profiles Salt Typhoon, an APT group that is responsible for a series of breaches targeting U.S. infrastructure and government agencies.

Learn new, advanced phishing tactics being used by attackers and how your organization can combat them.

Varonis discovered a vulnerability (CVE-2024-10979) in the Postgres trusted language extension PL/Perl that allows setting arbitrary environment variables in PostgreSQL session processes.

The new organizational messages feature for Microsoft 365 enhances how IT and security teams communicate with users at scale, but also generates risks.

A series of vulnerabilities in OpenPrinting CUPS Software indicates an attack vector for RCE, one of the worst possible consequences for a vulnerability.

Varonis Threat Labs uncovered a vulnerability in Salesforce's public link feature that threat actors could exploit to retrieve sensitive data.

Discover real-world examples of remote monitoring and management (RMM) tool exploits and how to protect your organization from these attacks.

A critical vulnerability in OpenSSH's server, dubbed 'regreSSHion,' raises the risk of remote code execution with root privileges.

Recent data breaches of prominent Snowflake cloud customers highlight the risks of compromised cloud storage accounts.

Dropbox Sign's recent data breach highlights how non-human identities are driving more profound breaches.

Palo Alto Networks issued a warning on April 12, 2024, that a critical, unpatched vulnerability in their PAN-OS firewall is being actively exploited.