Threat Research
![](https://142972.fs1.hubspotusercontent-na1.net/hubfs/142972/Imported_Blog_Media/threat-modeling-hero-4.png)
BlackMatter Ransomware: In-Depth Analysis & Recommendations
![Dvir Sason](https://info.varonis.com/hubfs/dvir-sason.jpg)
Nov 02, 2021
CISA has issued a security bulletin regarding the BlackMatter 'big game hunter' ransomware group following a sharp increase in cases targeting U.S. businesses. To mitigate these attacks, it is recommended...
![](https://info.varonis.com/hubfs/MicrosoftTeams-image%20%286%29.png)
Abusing Misconfigured Salesforce Communities for Recon and Data Theft
![Nitay Bachrach](https://info.varonis.com/hubfs/nitay-bachrach.jpg)
Oct 21, 2021
Our research team has discovered numerous publicly accessible Salesforce Communities that are misconfigured and expose sensitive information.
![](https://142972.fs1.hubspotusercontent-na1.net/hubfs/142972/Imported_Blog_Media/Healthcare-Data-Risk-Report-hero-blog-1.png)
Good for Evil: DeepBlueMagic Ransomware Group Abuses Legit Encryption Tools
![Jason Hill](https://info.varonis.com/hubfs/jason-hill.jpg)
Oct 19, 2021
A group known as "DeepBlueMagic" is suspected of launching a ransomware attack against Hillel Yaffe Medical Center in Israel, violating a loose "code of conduct" that many ransomware groups operate...
![](https://142972.fs1.hubspotusercontent-na1.net/hubfs/142972/Imported_Blog_Media/threat-modeling-hero-4.png)
Lessons from the Twitch Data Leak
![Dvir Sason](https://info.varonis.com/hubfs/Headshots/Dvir%20Sason.jpg)
Oct 07, 2021
What happened? Increasingly covered by the mainstream press throughout Wednesday, October 6, 2021, the impact of the recent Twitch leak will undoubtedly grow as bad actors take advantage of the...
![](https://info.varonis.com/hubfs/Imported_Blog_Media/Blog_NetwalkerRansomwareGuide_202011_FNL.png)
Return of the Darkside: Analysis of a Large-Scale Data Theft Campaign
![Snir Ben Shimol](https://info.varonis.com/hubfs/snir-ben-shimol.jpg)
Mar 18, 2021
Our team has recently led several high-profile investigations of attacks attributed to an up-and-coming cybercrime group, Darkside ransomware
![](https://info.varonis.com/hubfs/Imported_Blog_Media/unpack-malware-with-x64dbg-hero.png)
How to Unpack Malware with x64dbg
![Neil Fox](https://info.varonis.com/hubfs/neilfox.jpg)
Mar 17, 2021
This article is an x64dbg tutorial in which reverse engineering malware methodology will be explained and demonstrated.
![](https://info.varonis.com/hubfs/Imported_Blog_Media/malware-trends-feb-2021.png)
February 2021 Malware Trends Report
![Ben Zion Lavi](https://info.varonis.com/hubfs/ben-zion-lavi.jpg)
Feb 18, 2021
This Februrary 2021 malware trends report is intended to help you better understand the evolving threat landscape and adapt your defenses accordingly.
![](https://info.varonis.com/hubfs/Imported_Blog_Media/Blog_Sunburst_202012_FNL.png)
SolarWinds SUNBURST Backdoor: Inside the Stealthy APT Campaign
![Snir Ben Shimol](https://info.varonis.com/hubfs/snir-ben-shimol.jpg)
Dec 18, 2020
Learn how detect and defend against the SolarWinds Sunburst malware that has compromised versions of SolarWinds’ Orion solution
![](https://info.varonis.com/hubfs/Imported_Blog_Media/Blog_GenericVariant-1.png)
November 2020 Malware Trends Report
![Ben Zion Lavi](https://info.varonis.com/hubfs/ben-zion-lavi.jpg)
Dec 02, 2020
This Malware Trends Report November 2020 is intended to help you better understand the evolving threat landscape and adapt your defenses accordingly.
![](https://info.varonis.com/hubfs/Imported_Blog_Media/bg-info.png)
Exploiting BGInfo to Infiltrate a Corporate Network
![Dolev Taler](https://info.varonis.com/hubfs/dolev-taler.jpg)
Sep 25, 2020
This post details how a clever attacker can embed a path to a malicious script within a BGInfo config file (.bgi), bypass email security, and execute code remotely.
![](https://info.varonis.com/hubfs/Imported_Blog_Media/A-Queens-Ransom-.png)
A Queen’s Ransom: Varonis Uncovers Fast-Spreading “SaveTheQueen” Ransomware
![Ben Zion Lavi](https://info.varonis.com/hubfs/ben-zion-lavi.jpg)
Aug 12, 2020
A new strain of ransomware encrypts files and appends them with the extension, “.SaveTheQueen,” and propagates using the SYSVOL share on Active Directory Domain Controllers. Our customers encountered this malware...
![](https://info.varonis.com/hubfs/Varonis_June2021/Images/world-in-data-breached-header-v2.png)
Varonis Exposes Global Cyber Campaign: C2 Server Actively Compromising Thousands of Victims
![Dolev Taler](https://info.varonis.com/hubfs/dolev-taler.jpg)
Jun 17, 2020
The Varonis Security Research team discovered a global cyber attack campaign leveraging a new strain of the Qbot banking malware. The campaign is actively targeting U.S. corporations but has hit networks...
Try Varonis free.
Deploys in minutes.