Varonis announces strategic partnership with Microsoft to accelerate the secure adoption of Copilot.

Learn more
Blog Security Bulletins

Threat Update 56 – SSO Imposter: Targeting Box

In the final part of the series, Kilian Englert and Ryan O’Boyle from the Varonis Cloud Architecture team walk through how attackers could target Box. They investigate how an attacker…
Kilian Englert
1 min read
Last updated January 17, 2023

Contents

    In the final part of the series, Kilian Englert and Ryan O’Boyle from the Varonis Cloud Architecture team walk through how attackers could target Box. They investigate how an attacker who compromised a single sign-on admin account can maximize their effort, perform recon on a connected Box environment, elevate account rights, and make malicious configuration changes to allow anonymous data sharing.

    Ryan and Kilian also discuss tips on how organizations can defend against these types of attacks. 

    👉Watch more attack scenarios here: https://www.varonis.com/webinars/

    👋To learn how else we can help, please visit us at: https://www.varonis.com/help/

    What you should do now

    Below are three ways we can help you begin your journey to reducing data risk at your company:

    1. Schedule a demo session with us, where we can show you around, answer your questions, and help you see if Varonis is right for you.
    2. Download our free report and learn the risks associated with SaaS data exposure.
    3. Share this blog post with someone you know who'd enjoy reading it. Share it with them via email, LinkedIn, Reddit, or Facebook.
    Kilian Englert
    Kilian Englert Kilian has a background in enterprise security engineering, as well as security solution selling. Kilian is a Certified Information Systems Security Professional (CISSP) and creates internal and public content on topics related to cybersecurity and technology best practices.

    Try Varonis free.

    Get a detailed data risk report based on your company’s data.
    Deploys in minutes.
    Get started View sample

    Keep reading

    Varonis tackles hundreds of use cases, making it the ultimate platform to stop data breaches and ensure compliance.

    threat-update-45-–-ransomware-early-warning:-ad-attacks
    Threat Update 45 – Ransomware Early Warning: AD Attacks
    threat-update-45-–-ransomware-early-warning:-ad-attacks
    Kilian Englert
    July 2, 2021
    Attackers leverage a number of techniques, but two of the most common are password spray attacks and kerberoasting. Join Kilian and Kyle Roth from the Varonis Incident Response team as they discuss how and why attackers leverage each technique and look at a real-life example of each type of attack from one of our attack lab scenarios.
    threat-update-23---bypassing-endpoint-controls-using-office-macros
    Threat Update 23 - Bypassing Endpoint Controls Using Office Macros
    threat-update-23---bypassing-endpoint-controls-using-office-macros
    Kilian Englert
    February 1, 2021
    So many attacks start with a simple booby-trapped document that runs malicious code. Crafty attackers can even customize the payload to bypass endpoint controls! Don’t believe us? Check out this...
    hackers-take-aim-at-home-wifi-networks
    Hackers Take Aim at Home WiFi Networks
    hackers-take-aim-at-home-wifi-networks
    Rachel Hunt
    April 15, 2020
    Millions of people are working remotely – and attackers are taking advantage. As more workers log into residential WiFi networks, cybercriminals have plenty of opportunities to launch attacks. Varonis security...
    threat-update-55-–-sso-imposter:-targeting-google
    Threat Update 55 – SSO Imposter: Targeting Google
    threat-update-55-–-sso-imposter:-targeting-google
    Kilian Englert
    September 15, 2021
    In part two of this three-part series, Kilian Englert and Ryan O’Boyle from the Varonis Cloud Architecture team investigate how an attacker who compromised a single sign-on admin account can…