Featured content

Reverse proxies allow adversaries (APTs) to pivot attacks into secured environments, as they’re capable of bypassing inbound firewall restrictions. In recent news, a federal agency’s enterprise network was the victim of such an attack. The adversaries used a variant of Invoke-SocksProxy, an open-source reverse proxy tool found on GitHub.

In a previous blog post, I explained what x64dbg is and also broke down some of the features of the tool and why they are useful for malware analysis. This article will serve as an x64dbg tutorial in which I will cover the methodology I use when reverse engineering malware and demonstrate how to use the tool to unpack a malware sample.

Honeypots are traps that the Blue Team (defenders) plant to catch potentially bad actors trying to exploit a vulnerability, snoop for data, or escalate privileges. Since a honeypot is a decoy, any access to it should raise a red flag.

In my previous article “How to Revert a Commit in Git” (a PowerShell Git tutorial), I showed how you can use a local PowerShell Git repository and utilize the benefits of local source control. Using Git, you can create commits or snapshots of your code and revert to previous versions. Typically when working with Git and code repositories, you create the remote one first, then download it to your local system.

Phishing scams are as old as the internet—tricking victims into divulging important information about themselves and their accounts. These scams are so common that all of the major email providers have built-in anti-phishing features. Improved email security has forced hackers to get creative when it comes to getting their malicious links to hit the inbox.

Welcome to the Varonis Veteran Spotlight! The purpose of this spotlight is to show our gratitude and appreciation for our Varonis Veterans, as well as honor their military service and impact. Sharing their unique and compelling stories will not only help shed light on the important roles these men and women played in their country, but also help us recognize the strong qualities they bring to our teams.

Third-party risk management is an essential part of a company’s cybersecurity strategy but one that doesn’t often get the attention (or resources) it needs. But if it’s ignored, enterprises are leaving one of their biggest sources of risk open to criminal hackers, bad actors, and nation-state attackers. They can also leave themselves liable to reputational or operational risk if their third-party fails to secure themselves or falters.

How do you visualize, measure, and reduce internal data exposure in Microsoft 365? What about detecting advanced threats like the SolarWinds attack?

The Group Policy Editor is a Windows administration tool that allows users to configure many important settings on their computers or networks. Administrators can configure password requirements, startup programs, and define what applications or settings users can change.

Whether you write scripts in isolation or work with a team, the ability to track versions of code is essential. You may add code that ends up not working out, and the ability to reverse these changes (without manually deleting code) can save your project. In this post, I will cover how to use a Git reset command to revert to a previous commit of your code in the Git source control system, as well as the following topics:

This report is a monthly round-up from the Varonis Forensics Team documenting activity observed while responding to incidents, performing forensics, and reverse engineering malware samples. This report is intended to help you better understand the evolving threat landscape and adapt your defenses accordingly.

It was one of those fragile, oversized wine glasses that couldn’t have cost more than a buck. I saw it teetering on the counter’s edge, soon to meet the kitchen floor. That unmistakable shattering noise was made especially painful by the fact that we had a six-month-old baby who loved to mop the floor with her belly.