NTLM warning

A Closer Look at Pass the Hash, Part III: How NTLM will get you hacked (and what you should do about it)

I was about ready to wrap up this series of posts (part 1, part 2 ) on PtH and make my larger point, which is that you should assume hackers will break into your system. And then I learned new information about credential stealing that amplifies this warning by a factor of 10. The most…

digital universe

The Expanding Data Universe

It’s June and half of the year is almost over. So it’s a good time for a data growth reality check.  Nearly every week, we continue to see validation in our news feed about how data is on an  exponential growth curve. Here’s more evidence: while “only” 4.4 Zettabytes of data was generated in 2013,…

3 Challenges for the National Patient-Centered Clinical Research Network (PCORnet)

3 Challenges for the National Patient-Centered Clinical Research Network (PCORnet)

Have you noticed that a lot of health information created daily during patient visits is still not digitized? And if it is, the opportunities to use this data for research and for prevention are often missed because the networks that store this data cannot easily collaborate or communicate with each other. Finally, at the end…

Digital StillCamera

Ultimate Security Wisdom From Verizon’s DBIR: Limit, Control, and Monitor

For those in IT too busy to read the 60-page Data Breach Investigations Report, Verizon provides the shorter executive summary. And to summarize the summary, they’ve come up with seven tips based on their analysis of over 60,000 security incidents. If I had to condense this list into a simple one sentence security mantra it…

Anabas_testudineus_Day

Anatomy of a Phish: New Varonis eBook Connects Social Attacks and APTs to Human-Generated Data

Security analysts have been telling us that phishing incidents have been on the rise, and the threat will get worse in the coming years. Sure phishing and other social attacks are insanely clever, tricking victims into effectively inviting hackers in through the front door. But when cyber thieves also use advanced persistent threats or APTs—embedding…

800px-Moscone_Center,_San_Francisco_(2013)

The ‘Varonis Track’ at RSA 2014

The tagline for the RSA Conference to be held later this month (2/24 – 2/28) at San Francisco’s Moscone Center is “where the world talks security.”  The Varonis team will also be there (South Expo #2309) to talk security.  At the Metadata Era, we’ve been lately focusing on new threats based on a combination of…

beenhacked

Secrets to Preventing POS-based Attacks in Retail

There’s still much mystery surrounding the recent cyber heist in which tens of millions of credit card numbers were removed from a major retailer’s POS system, though we learn more almost every day. The always indispensable Krebs is a good starting point for background information and very informed speculation.  There are good reasons—based on FBI…

virus

How DatAdvantage Helps With Virus Recovery

During my conversations with our customers, it is always great to hear how they are leveraging Varonis to support their data governance initiatives. It is even better when we hear about scenarios that reach outside their original use-cases, like recovering from a virus. Today we are sharing a story from a customer who was recently…