Featured content

Think about your most recent security awareness training concerning phishing attacks. It likely included guidelines about avoiding clicking on suspicious links and exercises to identify subtle character differences, such as distinguishing between the letter “O” and a zero.

Varonis’ researchers, Tal Peleg and Coby Abrams, discovered a vulnerability in the Postgres trusted language extension PL/Perl that allows setting arbitrary environment variables in PostgreSQL session processes.

Several powerful features are rolling out for Microsoft 365 customers that can fly under the radar for CISOs and risk management teams. One such feature, Organizational Messages, was announced in May 2024 as a public preview. Some may recognize the functionality, as it used to be part of Microsoft Intune in a limited capacity. See a helpful demonstration of the new solution by Microsoft MVP Andy Malone.

A series of vulnerabilities in CUPS were recently disclosed by Simone Margaritelli, who is known as “evilsocket” on X (Twitter). OpenPrinting CUPS (Common UNIX Printing System) is an open-source printing software that is often included by default in various Linux distributions.

Varonis Threat Labs uncovered a vulnerability in Salesforce's public link feature that threat actors could exploit to retrieve sensitive data. By manipulating the API calls sent to the undocumented Salesforce Aura API — combined with SOQL subqueries — hackers could commit a blind SOQL injection attack to retrieve customer information, including PII. Varonis Threat Labs informed Salesforce of the vulnerability January 4, 2024. In February 2024, Salesforce patched the vulnerability for blind SOQL injection. Given the severity and the potential of this exploit to expose and leak sensitive information, Varonis researchers intentionally waited to release their findings. The vulnerability we identified applied to virtually any public link generated by Salesforce, making the potential impact widely detrimental. Because of the ubiquitous nature of public sharing links, most — if not all — Salesforce environments would likely have been vulnerable to some level of exposure, which could lead to data theft or leakage. Varonis recommends that organizations revisit the Salesforce Permission Sets granted to users to limit the creation of public links, remediate them where feasible, and monitor access activity. In this blog, we’ll explain how Salesforce public links work, how we discovered this vulnerability, and how attackers could exploit it to retrieve sensitive data.

The conventional office setting has changed in recent years as more people work from home and living room workstations, creating a new hybrid work model. IT departments must now deal with various devices distributed over different cities and countries, relying on VPNs and remote monitoring and management (RMM) tools for system administration.

Researchers from the Qualys Threat Research Unit recently published details of their discovery of a critical vulnerability in OpenSSH’s server ‘sshd, ’ dubbed ‘regreSSHion’ and assigned the CVE-2024-6387 identifier.

On May 31st, 2024, Snowflake issued a joint statement with CrowdStrike and Mandiant stating that they are investigating a targeted campaign against Snowflake users with single-factor authentication.

On May 1st 2024, Dropbox disclosed a cybersecurity breach in which hackers abused a service account to gain access to Dropbox Sign’s production environment and access customer data.

Palo Alto Networks has warned that a critical, unpatched vulnerability in their PAN-OS firewall is being actively exploited.

The U.S. Cybersecurity and Infrastructure Agency (CISA) issued an alert warning Sisense customers of a data breach. The agency advised all Sisense customers to "reset credentials and secrets potentially exposed to, or used to access, Sisense services" and report any suspicious activity.

Varonis Threat Labs discovered two techniques in SharePoint that allow users to circumvent audit logs and avoid triggering download events while exfiltrating files.