Varonis debuts trailblazing features for securing Salesforce. Learn More

Varonis named a Leader in The Forrester Wave™: Data Security Platforms, Q1 2023

Read the report

Blog / Threat Research (3)

Threat Research (3)

Abusing Misconfigured Salesforce Communities for Recon and Data Theft

Nitay Bachrach

Nitay Bachrach

Our research team has discovered numerous publicly accessible Salesforce Communities that are misconfigured and expose sensitive information.

Good for Evil: DeepBlueMagic Ransomware Group Abuses Legit Encryption Tools

Jason Hill

Jason Hill

A group known as "DeepBlueMagic" is suspected of launching a ransomware attack against Hillel Yaffe Medical Center in Israel, violating a loose "code of conduct" that many ransomware groups operate...

Lessons from the Twitch Data Leak

Dvir Sason

Dvir Sason

What happened? Increasingly covered by the mainstream press throughout Wednesday, October 6, 2021, the impact of the recent Twitch leak will undoubtedly grow as bad actors take advantage of the...

Threat Update 50 – Critical Salesforce Misconfiguration

Kilian Englert

Kilian Englert

Salesforce is the lifeblood of many organizations. The amount of critical, and sensitive information stored within is astronomical – however, there are parts of the solution designed to be accessed by non-corporate users, such as the Community module.

Threat Update 34 – Isn't the Internet Supposed to be Bombproof?

Kilian Englert

Kilian Englert

Kilian & Ryan dissect what could happen if a major data center went down, and how organizations leveraging cloud technology or solutions can prepare for business continuity.

Return of the Darkside: Analysis of a Large-Scale Data Theft Campaign

Snir Ben Shimol

Snir Ben Shimol

Our team has recently led several high-profile investigations of attacks attributed to an up-and-coming cybercrime group, Darkside ransomware

How to Unpack Malware with x64dbg

Neil Fox

Neil Fox

This article is an x64dbg tutorial in which reverse engineering malware methodology will be explained and demonstrated.

Threat Update - Mass Exploitation of On-Prem Exchange Servers

Snir Ben Shimol

Snir Ben Shimol

On March 2nd, Microsoft released an urgent software update to patch 4 critical vulnerabilities in Exchange Server 2010, 2013, 2016, and 2019. Our IR and Forensics teams are actively helping organizations patch,...

February 2021 Malware Trends Report

Ben Zion Lavi

Ben Zion Lavi

This Februrary 2021 malware trends report is intended to help you better understand the evolving threat landscape and adapt your defenses accordingly.  

Threat Update 23 - Bypassing Endpoint Controls Using Office Macros

Kilian Englert

Kilian Englert

So many attacks start with a simple booby-trapped document that runs malicious code. Crafty attackers can even customize the payload to bypass endpoint controls! Don’t believe us? Check out this...

SolarWinds SUNBURST Backdoor: Inside the Stealthy APT Campaign

Snir Ben Shimol

Snir Ben Shimol

Learn how detect and defend against the SolarWinds Sunburst malware that has compromised versions of SolarWinds’ Orion solution

November 2020 Malware Trends Report

Ben Zion Lavi

Ben Zion Lavi

This Malware Trends Report November 2020 is intended to help you better understand the evolving threat landscape and adapt your defenses accordingly.

We're Varonis.
Our mission is to deliver meaningful security outcomes on autopilot.
No overhead. Just outcomes.