On May 31st, 2024, Snowflake issued a joint statement with CrowdStrike and Mandiant stating that they are investigating a targeted campaign against Snowflake users with single-factor authentication.

When responding to a cybersecurity incident I’ve always found memory forensics to be a great skill to have. By capturing the memory of a compromised device you can quickly perform some analysis to identify potential malware and gather IOC’s which can then be used to identify other compromised devices.

On July 3rd, at 10:00 AM EST, a malicious hotfix was released and pushed by Kaseya VSA servers that propagated to servers managed by Kaseya, resulting in the compromise and encryption of thousands of nodes at hundreds of different businesses.

This report is a monthly round-up from the Varonis Forensics Team documenting activity observed while responding to incidents, performing forensics, and reverse engineering malware samples. This report is intended to help you better understand the evolving threat landscape and adapt your defenses accordingly.

YARA rules are used to classify and identify malware samples by creating descriptions of malware families based on textual or binary patterns.

Hospitals, biotech firms and pharma companies are entrusted to protect sensitive information—from personal patient data to valuable proprietary research–from skilled adversaries looking to grab sensitive data to steal, sell, or extort from victim organizations.

Understanding how to use Autoruns means you may be able to detect if your home PC is infected with unwanted software.

In a previous blog post, I explained what x64dbg is and also broke down some of the features of the tool and why they are useful for malware analysis. This article will serve as an x64dbg tutorial in which I will cover the methodology I use when reverse engineering malware and demonstrate how to use the tool to unpack a malware sample.

In my previous article “How to Revert a Commit in Git” (a PowerShell Git tutorial), I showed how you can use a local PowerShell Git repository and utilize the benefits of local source control. Using Git, you can create commits or snapshots of your code and revert to previous versions. Typically when working with Git and code repositories, you create the remote one first, then download it to your local system.

How do you visualize, measure, and reduce internal data exposure in Microsoft 365? What about detecting advanced threats like the SolarWinds attack?

It was one of those fragile, oversized wine glasses that couldn’t have cost more than a buck. I saw it teetering on the counter’s edge, soon to meet the kitchen floor. That unmistakable shattering noise was made especially painful by the fact that we had a six-month-old baby who loved to mop the floor with her belly.

Malware has become a huge threat to organizations across the globe. Something as simple as opening an email attachment can end up costing a company millions of dollars if the appropriate controls are not in place. Thankfully, there are a plethora of malware analysis tools to help curb these cyber threats.