Category Archives: IT Pros

Verizon 2018 DBIR: Phishing, Stolen Passwords, and Other Cheap Tricks

Verizon 2018 DBIR: Phishing, Stolen Passwords, and Other Cheap Tricks

Like the rest of the IT security world last week, I had to stop everything I was doing to delve into the latest Verizon Data Breach Investigations Report. I spent some quality time with the 2018 DBIR (after drinking a few espresso), and I can sum it all up in one short paragraph. Last year, companies faced financially driven hackers and insiders, who use malware, stolen credentials, or phishing as attack vectors. They get in…

Women in Tech: The Anatomy of a Female Cybersecurity Leader

women CISO CIO

Cybersecurity has a gender gap. According to the 2017 Women in Cybersecurity study, a joint venture between the Center for Cyber Safety and Education and the Executive Women’s Forum on Information Security, women only make up 11 percent of the total cybersecurity workforce. In addition to occupying a substantially small space in a massive global industry, the few women who are in cybersecurity hold fewer positions of authority and earn a lower annual salary than…

Adventures in Malware-Free Hacking, Part V

Adventures in Malware-Free Hacking, Part V

In this series of post, we’ve been exploring attack techniques that involve minimal efforts on the part of hackers. With the lazy code-free approach I introduced last time, it’s even possible to slip in a teeny payload into a DDE field within Microsoft Word. And by opening the document attached to a phish mail, the unwary user lets the attacker gain a foothold on her laptop. To bring the story up to date, Microsoft ultimately closed the…

Adventures in Malware-Free Hacking, Part IV

Adventures in Malware-Free Hacking, Part IV

For this next post, I was all ready to dive into a more complicated malware-free attack scenario involving multiple stages and persistence. Then I came across an incredibly simple code-free attack — no Word or Excel macro required! — that far more effectively proves the underlying premise in this series: it ain’t that hard to get past the perimeter. The first attack I’ll describe is based on a Microsoft Word vulnerability involving the archaic Dynamic…

12 Ways Varonis Helps You Manage Mergers and Acquisitions

12 Ways Varonis Helps You Manage Mergers and Acquisitions

A well-constructed Merger & Acquisition (M&A) playbook reduces the overall time, cost and risk of the upcoming merger and/or acquisition. Gartner advises that organizations who intend to grow through acquisitions involve the CIO and IT teams early in the process by “sharing models with their business executives that raise the right questions and issues to consider.” Further, according to Gartner analysts Cathleen E. Blanton and Lee Weldon, CIOs should “create a reusable IT M&A playbook…

Adventures in Malware-Free Hacking, Part II

Adventures in Malware-Free Hacking, Part II

I’m a fan of the Hybrid Analysis site. It’s kind of a malware zoo where you can safely observe dangerous specimens captured in the wild without getting mauled. The HA team runs the malware in safe sandboxes and records systems calls, file created, and internet traffic, displaying the results for each malware sample. So you don’t have to necessarily spend time puzzling over or even, gulp, running the heavily obfuscated code to understand the hackers’…

DNSMessenger: 2017’s Most Beloved Remote Access Trojan (RAT)

DNSMessenger: 2017’s Most Beloved Remote Access Trojan (RAT)

I’ve written a lot about Remote Access Trojans (RATs) over the last few years. So I didn’t think there was that much innovation in this classic hacker software utility. RATs, of course, allow hackers to get shell access and issue commands to search for content and then stealthily copy files. However, I somehow missed, DNSMessenger, a new RAT variant that was discovered earlier this year. The malware runs when the victim clicks on a Word doc…

Top Azure Active Directory Tutorials

Top Azure Active Directory Tutorials

Remember a few years ago when security pros and IT admins were afraid to store business files on the cloud? Today, the circumstances are different. I recently spoke with an engineer and he said he’s getting more questions about the cloud than ever before. What’s more, according to Microsoft, 86% of Fortune 500 companies use Microsoft cloud services –  Azure, Office 365, CRM Online etc – all of which sit on Azure AD. And so…

Defining Deviancy With User Behavior Analytics

Defining Deviancy With User Behavior Analytics

For over the last 10 years, security operations centers and analysts have been trading indicators of compromise (IoC), signatures or threshold-based signs of intrusion or attempted intrusion, to try to keep pace with the ever-changing threat environment. It’s been a losing battle. During the same time, attackers have become ever more effective at concealing their activities. A cloaking technique, known as steganography, has rendered traditional signature and threshold-based detective measures practically useless. In response, the…

I’m Mike Thompson, Commercial Sales Engineer at Varonis, and This is How ...

I’m Mike Thompson, Commercial Sales Engineer at Varonis, and This is How I Work

In March of 2015, Mike Thompson joined the Commercial Sales Engineer (CSE) team. From then on, he has been responsible for demonstrating Varonis products to potential customers, installing and configuring the software for both evaluation and production implementations, leading customer training sessions, and making sure customers are getting value out of the Varonis solutions. This role allows him to talk to people from different parts of the country, getting a glimpse of how companies of…

My Big Fat Data Breach Cost Post, Part III

My Big Fat Data Breach Cost Post, Part III

How much does a data breach cost a company? If you’ve been following this series, you’ll know that there’s a huge gap between Ponemon’s average cost per record numbers and the Verizon DBIR’s (as well other researcher’s). Verizon was intentionally provocative in its $.58 per record claim. However, Verizon’s more practical (and less newsworthy) results were based on using a different model that derived average record costs more in line with Ponemon’s analysis. The larger…