Carbanak Attack Post-Mortem: Same Old Phish

The Kaspersky report about Carbanak malware released last month led to some pretty frightening headlines, usually starting with “Billion dollar heist…”.  Now that we’re over a month into reviewing some of the forensic evidence, it appears that Carbanak is less sophisticated than many first thought. At its heart, this was a spear phishing attack that…

health-insurance-and-wearable

What if Fitness Wearables Affected Our Health Insurance Rates?

Fitness wearables have been very popular, but sadly not very sticky. After 3-4 months, consumers tend to put them in a drawer and never wear them again. Many companies in this space think the solution might be to increase the value of the data that these fitness wearables collect. For instance, companies like FitBit started…

fido-x

Windows 10’s Security Reboot, Part II: More on Authentication

A good part of Windows 10’s security improvements center on basic changes to the way users and software prove their identities. No, that wasn’t a mistake in the last sentence. Software, like, people, also can have an identity and be required to show they’re the apps they say they are. The underlying technology is well…

Big Data Recommendations Engine for Data Access

Could you imagine the web without personalized recommendations? Amazon tells us what new books to buy Spotify tells us what music to listen to Netflix tells us which movies to watch Foursquare tells us where to eat and what to order …but what about a recommendations engine for data access? As users move through an…

campbell-logo

Varonis Keeps Client and Company Data Protected and Private at Campbell Global

Campbell Global is a leader in sustainable timberland and natural resource investment. The company manages approximately 3.1 million acres of land globally and about $6.1 billion in assets. Based in Portland, Oregon, its 300 employees are spread throughout 25 offices. The company critically needed a reliable way to closely document, track and manage activity associated…

tidy room

Feng Shui Fabulous

Happy New Year! One way to celebrate 2015 with fresh, new energy is to implement Feng Shui. Feng Shui is a popular practice in many Asian households to balance the energies of a space: promoting health, wealth and good luck. An important element of Feng Shui is to get rid of clutter. Clutter creates confusion,…

Egyptian-Chariot

99.99% Report Brakes Slowing Down Their Car

(.01% were moving too quickly to comment.) “The whole point of a car is so I can get where I’m going quickly. I just can’t understand why they put the brake pedal right next to the accelerator. And the brakes are merciless now. Whenever I step on them I stop almost immediately. What were they…

Varonis Perspective on the Sony Breach

While we have few details on the Sony Pictures attack itself, this very public breach (or pwning in hacker slang) has shown the extent of the actual exposure—it is massive. The always informative Krebs knows, at this point at least, as much as the rest of us—possible North Korean connection and perhaps the use of destructive erase-all malware….

5-things-privacy-wearables

5 Things Privacy Experts Want You to Know About Wearables

There’s been a lot of news lately in the health and fitness wearables space. Apple just announced they’re releasing an app, called “Health,” as well as a cloud-based platform “Health Kit”. Somewhat related, Nike recently pulled the plug on its activity tracking Fuelband. The conventional wisdom is that fitness trackers are on the decline, while…

NTLM warning

A Closer Look at Pass the Hash, Part III: How NTLM will get you hacked (and what you should do about it)

I was about ready to wrap up this series of posts (part 1, part 2 ) on PtH and make my larger point, which is that you should assume hackers will break into your system. And then I learned new information about credential stealing that amplifies this warning by a factor of 10. The most…