Featured content

This report is a monthly round-up from the Varonis Forensics Team documenting activity observed while responding to incidents, performing forensics, and reverse engineering malware samples. This report is intended to help you better understand the evolving threat landscape and adapt your defenses accordingly.

This report is a monthly round-up from the Varonis Forensics Team documenting activity observed while responding to incidents, performing forensics, and reverse engineering malware samples. This report is intended to help you better understand the evolving threat landscape and adapt your defenses accordingly.

I’m excited to announce today our agreement to acquire Polyrize, a software company whose team and products are a natural fit as part of the Varonis family. This is the first company Varonis has acquired, and I want to give you some background on the strategic rationale for today’s announcement.

Office 365 and Teams make sharing information and collaborating with distant colleagues a breeze. But if you’re not careful, you’ll open yourself up to considerable risk. That’s because securing your data on a need-to-know basis is easier said than done. You’ve got to check off a long list of questions, like who can (and who does) access your data, what they’re sharing, and how they’re sharing it. Miss these details and your sensitive data could end up…well, anywhere.

Here is a little story that should have made the evening news. Well, it’s actually kind of a big geopolitical story, but given 2020’s logarithmic growth in geopolitical story significance, perhaps even this one is just a bit too tame for prime-time coverage. But we’ll tell the story anyway because it’s a good, big geopolitical story, and one that even saw Microsoft roll up its sleeves and jump in the mix.

DNS Tunneling turns DNS or Domain Name System into a hacking weapon. As we know, DNS is a giant White Pages or phone directory for the Internet. DNS also has a simple protocol to allow admins to query a DNS server’s database. So far, so good. Clever hackers realized that they could secretly communicate with a target computer by sneaking in commands and data into the DNS protocol. This idea is at the core of DNS Tunneling.

Freedom of Information (FOI) requests are one of the ways that public organizations are held accountable by the media and the members of the community they serve. FOI laws require public organizations (i.e., government offices, public colleges, universities, and schools, for example) to release documents concerning a current issue or court case. FOIA.gov says, “The basic function of the Freedom of Information Act (FOIA) is to ensure informed citizens, vital to the functioning of a democratic society.”

Our incident response team is tracking an unprecedented number of Emotet malware infections. The number of active concurrent Emotet investigations is threefold our previous high-water mark. This post will cover indicators of compromise, mitigations, and how Varonis can help you detect and stop Emotet at each phase of an attack.

Data privacy or information privacy is a branch of data security concerned with the proper handling of data – consent, notice, and regulatory obligations. More specifically, practical data privacy concerns often revolve around:

Executive Summary There is a remote code execution attack vector within BGInfo. A clever attacker can embed a path to a malicious script within a BGInfo config file (.bgi). If they can convince a user to click on the config file, it will load the malicious script from a remote location and run it in memory on the victim’s machine.

If you are reading this, you are probably planning a data migration from on-premises data storage to a cloud-based platform or from one cloud platform to another. Data migration can be challenging in the best of times, and it’s crucial to have a secure data migration strategy and execution.

John the Ripper (JtR) is one of the hacking tools the Varonis IR Team used in the first Live Cyber Attack demo, and one of the most popular password cracking programs out there. In this blog post, we are going to dive into John the Ripper, show you how it works, and explain why it’s important.