Data Security

Cybersecurity Memo Templates and Awareness Flyers Employees Won’t Forget

Rob Sobers

Oct 17, 2019

Celebrate cybersecurity awareness year-round with these cybersecurity memo templates and attention-grabbing flyers that promote awareness and best practices

How Hackers Use OSINT to Find Business Data

Kody Kinzie

Oct 15, 2019

OSINT can be a valuible resource for finding business data, if you know where to look. Here are the best sources of OSINT for business info in 2019.

What is a Security Operations Center (SOC)?

Michael Buckbee

Oct 02, 2019

Learn how a security operations center (SOC) functions in an enterprise, SOC models, job roles, best practices and the value it brings to an organization

A Practical Software Approach to Insider Threats

Michael Buckbee

Sep 30, 2019

Insider data theft presents multiple challenges for traditional IT security. Insiders are employees who are entitled to be in the network unlike hackers. Standard perimeter security measures won’t work. But...

Adventures in Fileless Malware, Part IV: DDE and Word Fields

Michael Buckbee

Jul 09, 2019

For this next post, I was all ready to dive into a more complicated fileless attack scenario involving multiple stages and persistence. Then I came across an incredibly simple code-free...

Working With Windows Local Administrator Accounts, Part III

Michael Buckbee

Jun 20, 2019

One point to keep in mind in this series is that we’re trying to limit the powers that are inherent in Administrator accounts. In short: use the Force sparingly. In...

California Consumer Privacy Act (CCPA) vs. GDPR

Michael Buckbee

Nov 05, 2018

Check out our interactive Venn diagram below to better understand the similarities and differences between the GDPR and CCPA.

What is ITAR Compliance? Definition and Regulations

Michael Buckbee

Oct 10, 2018

Learn more about ITAR compliance, requirements, and penalties. Find the definition, detail of regulations, types of defense articles, and more from Varonis.

Master Fileless Malware Penetration Testing!

Michael Buckbee

Oct 05, 2018

Our five-part series brings you up to speed on stealthy techniques used by hackers. Learn how to sneakily run scripts with mshta, rundll32, and regsrvr32, scary Windows binaries that live...

The Top Skills of Fortune 100 CISOs

Rob Sobers

Sep 04, 2018

What does it take to become a top CISO? We analyzed CISOs of Fortune 100 companies to find the most common skills and educational background of the world's top cybersecurity leaders today.

What is the Colorado Privacy Law?

Michael Buckbee

Aug 31, 2018

On September 1, 2018, the Colorado Protections for Consumer Data Privacy law, HB 18-1128, goes into effect. A bi-partisan group introduced HB 18-1128 in January, and after the usual negotiations,...

The Malware Hiding in Your Windows System32 Folder: More Rundll32 and LoL Security Defense Tips

Michael Buckbee

Jul 19, 2018

When we left off last, I showed how it’s possible to run VBScript directly from mshta. I can play a similar trick with another LoL-ware binary, our old friend rundll32....