Varonis announces strategic partnership with Microsoft to accelerate the secure adoption of Copilot.

Learn more

Threat Update 49 – SeriousSAM & Black Hat 2021

Cybersecurity folks find themselves in a “Zero-Daze” as they get hit with another new 0-day attack, called SeriousSAM, that allows attackers to get access to the Windows Security Account Manager (SAM) file containing hashed account passwords from a system.
Kilian Englert
1 min read
Published July 30, 2021
Last updated January 17, 2023

Cybersecurity folks find themselves in a “Zero-Daze” as they get hit with another new 0-day attack, called SeriousSAM, that allows attackers to get access to the Windows Security Account Manager (SAM) file containing hashed account passwords from a system.

Join Kilian and Kyle Roth from the Varonis Incident Response team as they discuss what an attacker could do if they successfully execute this attack, as well as mitigation steps for this issue. Kyle and Kilian also discuss the Black Hat 2021 conference.

Articles referenced in this episode: https://lnkd.in/gzzC6dv

👋To learn how else we can help, please visit us at: https://lnkd.in/eZqMASj

👉Where to see a full attack lab: https://lnkd.in/dap-BNs

What you should do now

Below are three ways we can help you begin your journey to reducing data risk at your company:

  1. Schedule a demo session with us, where we can show you around, answer your questions, and help you see if Varonis is right for you.
  2. Download our free report and learn the risks associated with SaaS data exposure.
  3. Share this blog post with someone you know who'd enjoy reading it. Share it with them via email, LinkedIn, Reddit, or Facebook.

Try Varonis free.

Get a detailed data risk report based on your company’s data.
Deploys in minutes.

Keep reading

Varonis tackles hundreds of use cases, making it the ultimate platform to stop data breaches and ensure compliance.

threat-update-27-–-concentrations-of-power
Threat Update 27 – Concentrations of Power
Why are there certain account types that are often targeted by attackers? Why can it be really difficult to detect certain types of account misuse? What are some of the biggest AD hygiene issues we run into?
how-to-use-powershell-for-privilege-escalation-with-local-computer-accounts
How To Use PowerShell for Privilege Escalation with Local Computer Accounts
Privilege escalation is when an attacker is able to exploit the current rights of an account to gain additional, unexpected access. While this can be caused by zero-day vulnerabilities, state-level...
threat-update-55-–-sso-imposter:-targeting-google
Threat Update 55 – SSO Imposter: Targeting Google
In part two of this three-part series, Kilian Englert and Ryan O’Boyle from the Varonis Cloud Architecture team investigate how an attacker who compromised a single sign-on admin account can…
is-your-data-insider-proof?-five-steps-to-keep-your-secrets-safe
Is Your Data Insider-Proof? Five Steps To Keep Your Secrets Safe
This article explains the five steps you can take to see how prepared you are for a nefarious insider or an outside attacker that compromises an insider's account or computer.