Varonis announces strategic partnership with Microsoft to accelerate the secure adoption of Copilot.

Learn more
View by category
Data Security Threat Research Varonis Products DSPM AI Security Cloud Security Ransomware Active Directory Privacy & Compliance
Blog

Threat Research

Threat Update 50 – Critical Salesforce Misconfiguration
Kilian Englert

Kilian Englert

Aug 11, 2021

Salesforce is the lifeblood of many organizations. The amount of critical, and sensitive information stored within is astronomical – however, there are parts of the solution designed to be accessed by non-corporate users, such as the Community module.

Threat Update 34 – Isn't the Internet Supposed to be Bombproof?
Kilian Englert

Kilian Englert

Apr 15, 2021

Kilian & Ryan dissect what could happen if a major data center went down, and how organizations leveraging cloud technology or solutions can prepare for business continuity.

Return of the Darkside: Analysis of a Large-Scale Data Theft Campaign
Snir Ben Shimol

Snir Ben Shimol

Mar 18, 2021

Our team has recently led several high-profile investigations of attacks attributed to an up-and-coming cybercrime group, Darkside ransomware

How to Unpack Malware with x64dbg
Neil Fox

Neil Fox

Mar 17, 2021

This article is an x64dbg tutorial in which reverse engineering malware methodology will be explained and demonstrated.

Threat Update - Mass Exploitation of On-Prem Exchange Servers
Snir Ben Shimol

Snir Ben Shimol

Mar 04, 2021

On March 2nd, Microsoft released an urgent software update to patch 4 critical vulnerabilities in Exchange Server 2010, 2013, 2016, and 2019. Our IR and Forensics teams are actively helping organizations patch,...

February 2021 Malware Trends Report
Ben Zion Lavi

Ben Zion Lavi

Feb 18, 2021

This Februrary 2021 malware trends report is intended to help you better understand the evolving threat landscape and adapt your defenses accordingly.  

Threat Update 23 - Bypassing Endpoint Controls Using Office Macros
Kilian Englert

Kilian Englert

Feb 01, 2021

So many attacks start with a simple booby-trapped document that runs malicious code. Crafty attackers can even customize the payload to bypass endpoint controls! Don’t believe us? Check out this...

SolarWinds SUNBURST Backdoor: Inside the Stealthy APT Campaign
Snir Ben Shimol

Snir Ben Shimol

Dec 18, 2020

Learn how detect and defend against the SolarWinds Sunburst malware that has compromised versions of SolarWinds’ Orion solution

November 2020 Malware Trends Report
Ben Zion Lavi

Ben Zion Lavi

Dec 02, 2020

This Malware Trends Report November 2020 is intended to help you better understand the evolving threat landscape and adapt your defenses accordingly.

Threat Update #10
Kilian Englert

Kilian Englert

Oct 22, 2020

An alert notifies you that something suspicious is going on. Minutes matter, so you call the Varonis Incident Response team to help. Security investigators must act fast, but where do...

Exploiting BGInfo to Infiltrate a Corporate Network
Dolev Taler

Dolev Taler

Sep 25, 2020

This post details how a clever attacker can embed a path to a malicious script within a BGInfo config file (.bgi), bypass email security, and execute code remotely.

A Queen’s Ransom: Varonis Uncovers Fast-Spreading “SaveTheQueen” Ransomware
Ben Zion Lavi

Ben Zion Lavi

Aug 12, 2020

A new strain of ransomware encrypts files and appends them with the extension, “.SaveTheQueen,” and propagates using the SYSVOL share on Active Directory Domain Controllers. Our customers encountered this malware...

Prev

1 2 3 4 5

Next

Try Varonis free.

Get a detailed data risk report based on your company’s data.
Deploys in minutes.
Get started View sample