Featured content

Your garden variety ransomware, like Cerber, is the canary in the coal mine that rudely, but thankfully announces bigger security issues: insider threats and cyberattacks that take advantage of too much employee access to files. As disruptive as WannaCry has been to vulnerable organizations, this is their canary in the coal mine moment that should alert them to more deadly attacks that don’t announce their presence, like the cryptocurrency miner Adylkuzz.

Explosive ransomware infection rates of WannaCrypt/WannaCry have IT groups trying to mass diagnose, update and protect their machines. Thing is, that’s just not practical to do manually – for pretty much any but the smallest of organizations.

Quick ransomware background Ransomware is a type of malware that encrypts your data and asks for you to pay a ransom to restore access to your files. Cyber criminals usually request that the ransom be paid in Bitcoins: the #1 cryptocurrency (basically a distributed ledger) which can be used to buy and sell goods. By nature, Bitcoin transactions (e.g. ransom payments) are very difficult to trace.

Remember those NSA exploits that got leaked a few months back? A new variant of ransomware using those exploits is spreading quickly across the world – affecting everyone from the NHS to telecom companies to FedEx.

If you were expecting a quiet Friday in terms of cyberattacks, this ain’t it. There are reports of a massive ransomware attack affecting computers on a global scale: in the UK, Spain, Russia, Ukraine, Japan, and Taiwan.

This article is part of the series "Practical PowerShell for IT Security". Check out the rest: Part I: File Event Monitoring Part II: File Access Analytics (FAA) Part III: Classification on a Budget Part IV: Security Scripting Platform (SSP) Part V: Security Scripting Platform Gets a Makeover

Put Least Privilege on Autopilot Getting to least privilege can be a nightmare. The first steps – tracking down inconsistent ACLs and remediating global access groups can turn even the most basic file share clean-up project into a huge to-do.

We’re bringing our powerful DatAlert functionality to Splunk® Enterprise to give you comprehensive visibility into data security with our new Varonis App for Splunk – now available for download on splunkbase!

This article is part of the series "Data Security Compliance and DatAdvantage". Check out the rest: Part I: Essential Reports for Risk Assessment Part II: More on Risk Assessment Part III: Protect and Monitor

This article is part of the series "Data Security Compliance and DatAdvantage". Check out the rest: Part I: Essential Reports for Risk Assessment Part II: More on Risk Assessment Part III: Protect and Monitor

A Data Security Portfolio (DSP) is a category of security products that replaces traditionally disparate security tools.

In 2005, our founders had a vision to build a solution focused on protecting the data organizations have the most of and yet know the least about – files and emails. Executing on this vision, Varonis has built an innovative Data Security Platform (DSP) to protect enterprise data against insider threats, data breaches and cyberattacks.