In this post, we dive into six ransomware trends that shaped 2021.

How threat actors can use Microsoft Power Automate to automate data exfiltration, C2 communication, lateral movement, and evade DLP solutions.

Varonis has observed the ALPHV (BlackCat) ransomware, actively recruiting new affiliates and targeting organizations across multiple sectors worldwide.

Varonis Threat Labs discovered a way to bypass multi-factor authentication (MFA) for Box accounts that use an SMS code for login verification.

The Varonis research team discovered a way to bypass Box's Time-based One-Time Password MFA for Box accounts that use authenticator applications.

Varonis researchers enumerated a list of 812 subdomains and found 689 accessible Jira instances. We found 3,774 public dashboards, 244 projects, and 75,629 issues containing email addresses, URLs, and IP...

If your organization uses Salesforce Communities and Einstein Activity Capture, you might have unknowingly exposed your administrator's Outlook or Google calendar events to the internet due to a bug called...

CISA has issued a security bulletin regarding the BlackMatter 'big game hunter' ransomware group following a sharp increase in cases targeting U.S. businesses. To mitigate these attacks, it is recommended...

Our research team has discovered numerous publicly accessible Salesforce Communities that are misconfigured and expose sensitive information.

A group known as "DeepBlueMagic" is suspected of launching a ransomware attack against Hillel Yaffe Medical Center in Israel, violating a loose "code of conduct" that many ransomware groups operate...

What happened? Increasingly covered by the mainstream press throughout Wednesday, October 6, 2021, the impact of the recent Twitch leak will undoubtedly grow as bad actors take advantage of the...

Our team has recently led several high-profile investigations of attacks attributed to an up-and-coming cybercrime group, Darkside ransomware