-
Security Bulletins Threat Research
Jun 04, 2024
Targeted Campaign Against Snowflake Customers: What You Need to Know
Recent data breaches of prominent Snowflake cloud customers highlight the risks of compromised cloud storage accounts.
Varonis Threat Labs
4 min read
-
Threat Research
May 03, 2024
Dropbox Sign Data Breach: What You Need to Know
Dropbox Sign's recent data breach highlights how non-human identities are driving more profound breaches.
Omri Marom
3 min read
-
Threat Research
Apr 12, 2024
Palo Alto Networks PAN-OS Zero-Day Active Exploit: What You Need to Know
Palo Alto Networks issued a warning on April 12, 2024, that a critical, unpatched vulnerability in their PAN-OS firewall is being actively exploited.
Varonis Threat Labs
2 min read
-
Threat Research
Apr 11, 2024
Sisense Data Breach: What You Need to Know
The U.S. Cybersecurity and Infrastructure Agency (CISA) issued an alert this week warning Sisense customers of a data breach. Here's what you need to know.
Varonis Threat Labs
2 min read
-
Threat Research
Apr 09, 2024
Sidestepping SharePoint Security: Two New Techniques to Evade Exfiltration Detection
Varonis Threat Labs discovered two techniques in SharePoint that allow users to circumvent audit logs and avoid triggering download events while exfiltrating files.
Eric Saraga
6 min read
-
Threat Research
Apr 05, 2024
XZ Backdoor: Supply Chain Jump Scare
While the XZ backdoor is scary, most companies learned from SolarWinds
Varonis Threat Labs
4 min read
-
Threat Research
Mar 20, 2024
Increased Threat Activity Targeting Ivanti Vulnerabilities
A recent surge in activity targeting Ivanti Connect Secure (ICS) involves chaining two vulnerabilities that give threat actors the ability to execute arbitrary commands remotely.
Jason Hill
2 min read
-
Threat Research
Feb 20, 2024
Security Vulnerabilities in Apex Code Could Leak Salesforce Data
Varonis' threat researchers identified high- and critical-severity vulnerabilities in Apex, a programming language for customizing Salesforce instances.
Nitay Bachrach
7 min read
-
Threat Research
Jan 18, 2024
Outlook Vulnerability Discovery and New Ways to Leak NTLM Hashes
Varonis Threat Labs discovered a new Outlook exploit and three new ways to access NTLM v2 hashed passwords.
Dolev Taler
7 min read
-
Threat Research
Jul 18, 2023
Taking Microsoft Office by "Storm"
The “Storm-0978” ransomware group is actively exploiting an unpatched Microsoft Office and Windows HTML remote code execution vulnerability.
Jason Hill
3 min read
-
Threat Research
Jun 07, 2023
Imposter Syndrome: UI Bug in Visual Studio Lets Attackers Impersonate Publishers
Varonis Threat Labs found a bug in Microsoft Visual Studio installer that allows an attacker to impersonate a publisher and issue a malicious extension to compromise a targeted system
Dolev Taler
2 min read
-
Threat Research
May 31, 2023
Ghost Sites: Stealing Data From Deactivated Salesforce Communities
Varonis Threat Labs discovered improperly deactivated Salesforce 'ghost' Sites that are easily found, accessible, and exploitable by attackers.
Nitay Bachrach
2 min read
SECURITY STACK NEWSLETTER
Ready to see the #1 Data Security Platform in action?
Ready to see the #1 Data Security Platform in action?
“I was amazed by how quickly Varonis was able to classify data and uncover potential data exposures during the free assessment. It was truly eye-opening.”
Michael Smith, CISO, HKS
"What I like about Varonis is that they come from a data-centric place. Other products protect the infrastructure, but they do nothing to protect your most precious commodity — your data."
Deborah Haworth, Director of Information Security, Penguin Random House
“Varonis’ support is unprecedented, and their team continues to evolve and improve their products to align with the rapid pace of industry evolution.”
Al Faella, CTO, Prospect Capital