Blog

Threat Research

SolarWinds SUNBURST Backdoor: Inside the Stealthy APT Campaign

Snir Ben Shimol

Snir Ben Shimol

Learn how detect and defend against the SolarWinds Sunburst malware that has compromised versions of SolarWinds’ Orion solution

November 2020 Malware Trends Report

Ben Zion Lavi

Ben Zion Lavi

This Malware Trends Report November 2020 is intended to help you better understand the evolving threat landscape and adapt your defenses accordingly.

Exploiting BGInfo to Infiltrate a Corporate Network

Dolev Taler

Dolev Taler

This post details how a clever attacker can embed a path to a malicious script within a BGInfo config file (.bgi), bypass email security, and execute code remotely.

A Queen’s Ransom: Varonis Uncovers Fast-Spreading “SaveTheQueen” Ransomware

Ben Zion Lavi

Ben Zion Lavi

A new strain of ransomware encrypts files and appends them with the extension, “.SaveTheQueen,” and propagates using the SYSVOL share on Active Directory Domain Controllers. Our customers encountered this malware...

Varonis Exposes Global Cyber Campaign: C2 Server Actively Compromising Thousands of Victims

Dolev Taler

Dolev Taler

The Varonis Security Research team discovered a global cyber attack campaign leveraging a new strain of the Qbot banking malware. The campaign is actively targeting U.S. corporations but has hit networks...

Azure Skeleton Key: Exploiting Pass-Through Auth to Steal Credentials

Eric Saraga

Eric Saraga

We created a proof-of-concept that manipulates the Azure authentication function to give us a ‘skeleton key’ password that will work for all users, and dump all real clear-text usernames and passwords into a file.

COVID-19 Threat Update #1

Kilian Englert

Kilian Englert

Varonis sees the highest number of VPN and O365 events ever recorded across customer base. Click to watch our security experts discuss what they’re seeing on the front lines, and what...

Varonis Uncovers New Malware Strains and a Mysterious Web Shell During a Monero Crypto Jacking Investigation

Dolev Taler

Dolev Taler

The Varonis Security Research team recently investigated an ongoing cryptomining infection that had spread to nearly every device at a mid-size company. Analysis of the collected malware samples revealed a...

Varonis Uncovers Another New Strain of the Qbot Banking Malware

Dolev Taler

Dolev Taler

Varonis has discovered and reverse engineered another new strain of Qbot, a sophisticated, well-known type of malware that collects sensitive data, such as browser cookies, digital certificate information, keystrokes, credentials, and session data from its victims to commit financial fraud.

1 2 3 4 5

Next

Try Varonis free.

Get a detailed data risk report based on your company’s data.
Deploys in minutes.