Featured content

Government hacking exploits, unfortunately, pose a very real threat for organizations of all kinds, and those of us working in cybersecurity need to be aware of it.

I’ve been on a mission the last few months to bring basic knowledge about data security to the upper reaches of the organization. Our C-level readers and other executives, who haven’t already, should review this video explaining how easy it is for hackers to do their work. And this post showing how hackers can leverage legitimate Windows software for non-legitimate activities.

Azure Active Directory (Azure AD) is Microsoft’s enterprise cloud-based identity and access management (IAM) solution. Azure AD is the backbone of the Office 365 system, and it can sync with on-premise Active Directory and provide authentication to other cloud-based systems via OAuth.

Phishing remains one of the most successful ways to infiltrate an organization. We’ve seen a massive amount of malware infections stemming from users opening infected attachments or clicking links that send them to malicious sites that try to compromise vulnerable browsers or plugins.

Technology and social media giants like Facebook and Google are about to get a huge reality check in how they handle customer data. The California Privacy Rights Act (CPRA) is on the ballot for Californians and would introduce a new slew of standards and initiatives to improve data protection and privacy for all Californians.

If you’ve been reading our blog, you know that Windows software can be weaponized to allow hackers to live-off-the-land and stealthily steal sensitive data. Insiders are also aware of the dark side of Windows software. In our Guide to WMI Events as a Surveillance Tool, you’ll learn how employees can abuse Windows Management Instrumentation (WMI) system to monitor and steal credentials from other employees.

A new strain of ransomware encrypts files and appends them with the extension, “.SaveTheQueen,” and propagates using the SYSVOL share on Active Directory Domain Controllers.

Did you ever have the urge to put together a few PowerShell scripts to parse and analyze the Sysmon event log in order to create your own threat analysis software? Nothing to be embarrassed about! But before you do anything rash, you should first read about the results of my own modest efforts in this area. If you’re still convinced you want to take on this project, you’ll quickly realize, as I did, how hard it is to develop real enterprise-level threat monitoring.

A man-in-the-middle (MitM) attack is a form of cyberattack where important data is intercepted by an attacker using a technique to interject themselves into the communication process. The attacker can be a passive listener in your conversation, silently stealing your secrets, or an active participant, altering the contents of your messages, or impersonating the person/system you think you’re talking to.

Varonis received the Gartner Peer Insights Customers’ Choice distinction for the File Analysis Software market.

Active Directory is the foundation for a majority of enterprise networks, and cybersecurity professionals need to have a solid understanding of it to protect and secure sensitive data.

DNS security should be considered an essential part of any business’s security plan. Name resolution services (translating hostnames into IP addresses) are used by nearly all applications and services on a network.