<img height="1" width="1" alt="" style="display:none" src="https://www.facebook.com/tr?id=619966238105738&amp;ev=PixelInitialized">

ShadowGroup Reveals All? Initial Analysis of the Equation Group Dump

 

On Good Friday, April 14, The Shadow Brokers released to the public a bunch of powerful Windows’ exploits, tools and exploit kits used by The Equation Group – the group supposedly behind the NSA.

We’re currently analyzing the data, and...

Open Door: Unix Open Source Vulnerabilities Affect macOS

Today, Apple’s macOS 10.12.4 update includes security fixes for several open source vulnerabilities. The update includes a vulnerability fix that enSilo’s researcher, Omer Medan, disclosed to Apple whereas the vulnerability allows an...

AtomBombing Goes Nuclear

//** enSilo protects against Dridex v4 malware out-of-the-box **//

In late 2016, enSilo researchers shared AtomBombing with the security world. More of a “proof of concept” than an actual exploit, AtomBombing took advantage of Microsoft...

Customer Advisory Warning: The Comeback of the Hancitor Campaign

We are currently witnessing an active malware campaign involving the Hancitor Trojan/Pony botnet. Once installed on the victim’s machine, Hancitor prepares the groundwork for the download of further malicious modules such as ransomware or...

After the (Atom)Bombing

In late October enSilo researchers discovered a new code injection technique that leveraged atom tables – an underlying component of the Windows Operating System.

While code injection isn’t new, utilizing the atom tables in Windows is. The...

AtomBombing: A Code Injection that Bypasses Current Security Solutions

Our research team has uncovered new way to leverage mechanisms of the underlying Windows operating system in order to inject malicious code. Threat actors can use this technique, which exists by design of the operating system, to bypass...

FindADetour: The Tool that Tests for Vulnerable Microsoft's Detours

Today’s Microsoft September Patch Tuesday includes a patch to what they had tagged as a fix for Microsoft Office. Behind the scenes, however, that fix extends beyond Microsoft Office to hundreds of applications developed by Microsoft as well...

Adding UAC Bypass to the Attacker’s Tool Set

Recently our researchers revealed a new way that attackers can bypass Microsoft’s User Access Control (UAC) mechanisms.

Intrusive Applications: 6 Security Issues to Watch Out for in Hooking

For over a year our enSilo researchers have been looking into hooking engines and injection methods used by different vendors. It all started back in 2015 when we noticed injection issue in AVG but this was only the tip of the iceberg. A few...

Furtim: The Ultra-Cautious Malware

Furtim is the latest stealthy malware, found in the wild, and its discovery is credited to @hFireF0X.

Clearly, Furtim’s developers were more interested in keeping their malware hidden from security’s prying eyes than hitting more targets....