Featured content

Every second, trillions of 1’s and 0’s zip through fiber-optic links, skip from continent to continent through undersea cables and wirelessly bring users all over the world the Internet we know and love. But have you ever wondered exactly how those bits of data move from one place to another? Traceroute, a tool you may already have, can provide some insights by tracing the path between your computer and a target destination. In this post, we’ll look at what traceroute is and how traceroute works, learn how to run traceroute on several different platforms, and how to read a traceroute output.

Although Ryuk ransomware is named after a famous Japanese anime villain, the threat it presents to businesses and organizations is far from fiction. First appearing in 2018, Ryuk ransomware has been targeting any number of both public and private sector entities, most notably hospitals and healthcare facilities in recent years.

Images of an elite hacker commandeering an organization’s network from halfway across the globe might play out well in Hollywood, but for many CISOs, an insider threat ranks high on the list of things keeping them up at night.

As Wi-Fi has become increasingly abundant across many private and public spaces, it has become a breeding ground for malicious hackers and bad actors. One of these attacks is known as the evil twin attack, which takes advantage of individuals looking to connect to Wi-Fi via their devices.

The Varonis Forensics Team recently investigated and remediated a ransomware event that resulted in large-scale encryption and exfiltration across multiple file servers. The threat actor obtained long-term persistence, escalated privileges to domain administrator, executed command and control of multiple hosts, achieved mass data exfiltration, and ultimately destroyed data. Initial indicators Overnight, the victim company received an alert that appeared to show ransomware propagating on multiple file shares. These events originated from a single user, and patterns detected within the events resembled those often generated by ransomware. In the early morning, the company took immediate action to disable the compromised domain Administrator account and engaged Varonis to assist in the incident response and recovery process. Using the Varonis platform, the forensics team immediately identified the ransomware strain as "LockBit" and determined the full scope of impact. The Varonis team also observed PSExec used to perform lateral movement and remote execution within the environment.

Cyber espionage is the unauthorized use of computer networks and other resources to access or transfer secret, classified, or sensitive information. It’s seen as a growing problem for governments, corporations, and individuals. In this post, we’ll explore the ins and outs of cyber espionage, learn how cyberspies carry out their sophisticated operations and dive into some steps you can take to protect your secret data. What is cyber espionage? Which factors define a cyber espionage attack? What makes a CyberSpy? Who’s at risk for cyber espionage? Cyber espionage attacker tactics How to prevent cyber espionage Closing thoughts

Multiple recent campaigns suggest that rogue Windows shortcuts ― specifically LNK files — are back in style with threat actors.

Group policy objects (GPOs) are extremely useful tools for system administrators. With a GPO, sysadmins can manage and configure applications, software operations, and user settings throughout an entire organization. Admins can use GPOs as an efficient, centralized way of helping a company’s entire IT stack and user base to operate more safely and efficiently.

Google Drive has fast become one of the most used productivity and collaboration suites in the cloud. And as its popularity has risen—along with the amount of data stored on Google Drive servers—it increasingly becomes a target of hackers. Knowing how to secure Google Drive is critical to your organization’s cybersecurity posture if it’s a platform you rely on.

Data governance is a must in today's dynamic and ever-changing enterprise environment. Businesses today capture massive amounts of data from a variety of sources, and data governance helps organizations manage risk, maximize value, and reduce costs. In short, data governance is the practice of knowing where your data is, how it's being utilized, and whether or not it’s adequately protected. Good data governance ensures that data has integrity, is consistent, and is not being misused or mishandled.

HIPAA, CMMC, PCI, ISO, NIST - the range of potential security frameworks and certifications an organization has to choose from these days is an acronym soup that can make even a compliance specialist’s head spin!