CPE Cyber Attack Lab #2

Detecting & Investigating Insider Threats

Wed, Oct 7 | 10:00 AM SGT

Watch a disgruntled software engineer go rogue! We'll show you how the attack is performed and what the corresponding alerts look like in Varonis.

In a devious attempt to steal sensitive financial info, our insider finds a list of service accounts with admin privileges, performs a Kerberoasting attack to hijack a backup service's credentials, and sends a ZIP full of sensitive info to a personal Gmail account.

+1 CPE

Register Now

About this webinar

See how Varonis uncovers indicators of compromise at every turn.

An insider was paid to exfiltrate sensitive organizational data
To cover his tracks, he takes control of a service account with elevated privileges
Using the service account, he scans company file shares for documents with certain keywords
Copies matching documents to his PC
Creates an encrypted ZIP file
He uses the service account to exfiltrate the ZIP file as an attachment to a personal Gmail account

James Dawson Engineer, Varonis

James Dawson works as a Solutions Engineer in the Southern Australian region. He has 4 years of experience in the cyber security industry across APAC and EMEA and prior to that worked as a software developer.

"Having Varonis is a continually eye-opening -- and sometimes alarming -- experience. A few months ago, a non-HR user opened up an HR folder that contained sensitive employee salary information. With Varonis, I was able to track down the user and review exactly what they had accessed and changed."

Infrastructure Manager, US Federal Credit Union

Want to see Varonis in action?