Varonis announces strategic partnership with Microsoft to accelerate the secure adoption of Copilot.

Learn more
Blog Security Bulletins

Threat Update 31 – Now are the Zero Days of our Discontent

Three new Zero Day vulnerabilities recently discovered in F5 products, and Microsoft Office 365 let attackers skip the password and authentication completely.
Kilian Englert
1 min read
Last updated January 17, 2023

Contents

    Have you ever wanted to get into a concert, or movie, but you couldn’t get a ticket? Probably not recently, but in this remote age, we’ve all experienced something similar if we’ve forgotten a password. What’s even more frustrating – for attackers, at least – is not having your password at all.

    Unfortunately, three new Zero Day vulnerabilities recently discovered in F5 products and Microsoft Office 365 let attackers skip the password and authentication completely. Join Kilian, Ryan O’Boyle, and Kyle Roth from the Varonis Incident Response Team live as they discuss these new vulnerabilities, what they can mean to organizations if they go unpatched, and how attackers leverage them to become “insiders.”

     

    Articles and resources referenced in this episode:

    👋To learn how else we can help, please visit us at: https://www.varonis.com/help/

    What you should do now

    Below are three ways we can help you begin your journey to reducing data risk at your company:

    1. Schedule a demo session with us, where we can show you around, answer your questions, and help you see if Varonis is right for you.
    2. Download our free report and learn the risks associated with SaaS data exposure.
    3. Share this blog post with someone you know who'd enjoy reading it. Share it with them via email, LinkedIn, Reddit, or Facebook.
    Kilian Englert
    Kilian Englert Kilian has a background in enterprise security engineering, as well as security solution selling. Kilian is a Certified Information Systems Security Professional (CISSP) and creates internal and public content on topics related to cybersecurity and technology best practices.

    Try Varonis free.

    Get a detailed data risk report based on your company’s data.
    Deploys in minutes.
    Get started View sample

    Keep reading

    Varonis tackles hundreds of use cases, making it the ultimate platform to stop data breaches and ensure compliance.

    threat-update-42-–-hidden-costs-of-a-breach
    Threat Update 42 – Hidden Costs of a Breach
    threat-update-42-–-hidden-costs-of-a-breach
    Kilian Englert
    June 11, 2021
    The American Accounting Association performed a study on how data breaches impact businesses beyond the immediate costs of recovery and brand damage.
    threat-update-27-–-concentrations-of-power
    Threat Update 27 – Concentrations of Power
    threat-update-27-–-concentrations-of-power
    Kilian Englert
    February 25, 2021
    Why are there certain account types that are often targeted by attackers? Why can it be really difficult to detect certain types of account misuse? What are some of the biggest AD hygiene issues we run into?
    threat-update-21---solarleaks
    Threat Update 21 - SolarLeaks
    threat-update-21---solarleaks
    Kilian Englert
    January 15, 2021
    The initial news of the SolarWinds supply chain attack was a devastating revelation to many organizations. It didn’t take the cybercriminal world long to try to profit off of this...
    threat-update-43-–-ransomware-early-warning:-brute-force
    Threat Update 43 – Ransomware Early Warning: Brute Force
    threat-update-43-–-ransomware-early-warning:-brute-force
    Kilian Englert
    June 23, 2021
    With the proliferation of more sophisticated, human-operated ransomware, attackers can live inside an organization for days, weeks, or months - finding and exfiltrating data before making their presence known by detonating ransomware.