Threat Research
Threat Update 50 – Critical Salesforce Misconfiguration
Aug 11, 2021
Salesforce is the lifeblood of many organizations. The amount of critical, and sensitive information stored within is astronomical – however, there are parts of the solution designed to be accessed by non-corporate users, such as the Community module.
Threat Update 34 – Isn't the Internet Supposed to be Bombproof?
Apr 15, 2021
Kilian & Ryan dissect what could happen if a major data center went down, and how organizations leveraging cloud technology or solutions can prepare for business continuity.
Return of the Darkside: Analysis of a Large-Scale Data Theft Campaign
Mar 18, 2021
Our team has recently led several high-profile investigations of attacks attributed to an up-and-coming cybercrime group, Darkside ransomware
How to Unpack Malware with x64dbg
Mar 17, 2021
This article is an x64dbg tutorial in which reverse engineering malware methodology will be explained and demonstrated.
Threat Update - Mass Exploitation of On-Prem Exchange Servers
Mar 04, 2021
On March 2nd, Microsoft released an urgent software update to patch 4 critical vulnerabilities in Exchange Server 2010, 2013, 2016, and 2019. Our IR and Forensics teams are actively helping organizations patch,...
February 2021 Malware Trends Report
Feb 18, 2021
This Februrary 2021 malware trends report is intended to help you better understand the evolving threat landscape and adapt your defenses accordingly.
Threat Update 23 - Bypassing Endpoint Controls Using Office Macros
Feb 01, 2021
So many attacks start with a simple booby-trapped document that runs malicious code. Crafty attackers can even customize the payload to bypass endpoint controls! Don’t believe us? Check out this...
SolarWinds SUNBURST Backdoor: Inside the Stealthy APT Campaign
Dec 18, 2020
Learn how detect and defend against the SolarWinds Sunburst malware that has compromised versions of SolarWinds’ Orion solution
November 2020 Malware Trends Report
Dec 02, 2020
This Malware Trends Report November 2020 is intended to help you better understand the evolving threat landscape and adapt your defenses accordingly.
Threat Update #10
Oct 22, 2020
An alert notifies you that something suspicious is going on. Minutes matter, so you call the Varonis Incident Response team to help. Security investigators must act fast, but where do...
Exploiting BGInfo to Infiltrate a Corporate Network
Sep 25, 2020
This post details how a clever attacker can embed a path to a malicious script within a BGInfo config file (.bgi), bypass email security, and execute code remotely.
A Queen’s Ransom: Varonis Uncovers Fast-Spreading “SaveTheQueen” Ransomware
Aug 12, 2020
A new strain of ransomware encrypts files and appends them with the extension, “.SaveTheQueen,” and propagates using the SYSVOL share on Active Directory Domain Controllers. Our customers encountered this malware...
Try Varonis free.
Deploys in minutes.