<img height="1" width="1" alt="" style="display:none" src="https://www.facebook.com/tr?id=619966238105738&amp;ev=PixelInitialized">

Moker: A new APT discovered within a sensitive network

Recently, enSilo found an Advanced Persistent Threat (APT) residing in a sensitive network of a customer. This APT appears to be a Remote Access Trojan (RAT) that is capable of taking complete control of the victim’s computer. To date, this...

The Top 10 BlackHat 2015 Talks for the Security Researcher

BlackHat talks come in all shapes and sizes – from the philosophical keynotes and high-level to the ultra techie. Narrowing down the list of talks isn’t easy so I chose mine based on their technology flare. If you’re more of the techie sort,...

MS Patch Tuesday: A Look into 4 Vulnerabilities in the Windows Kernel

Today’s Microsoft Patch Tuesday includes a patch for CVE-2015-2363, an IMPORTANT-rated exploitable privilege escalation vulnerability which we have responsibly disclosed to Microsoft. CVE-2015-2363 is a nearly 20 year-old vulnerability,...

MS June Patch Tuesday: Double Trouble in the Microsoft Kernel.

Today is the Microsoft June Patch Tuesday. In particular, the patch includes two kernel exploitable vulnerabilities that enSilo researchers had reported to Microsoft just less than two weeks ago. Both vulnerabilities were filed together...

NanoCore RAT: It’s Not 100% Original

A few days ago, a cracked full-version of the NanoCore Remote Access Trojan (RAT) tool was leaked.

With scarce existing documentation of NanoCore we decided to investigate ourselves NanoCore’s core set of features and techniques. What we...

AVG: A Case-Study in Vulnerability Disclosure

Our research team responsibly disclosed a severe vulnerability in AVG Internet Security 2015 build 5736 + Virus database 8919 released January 13th 2015.

Within just two days of disclosure, on Thursday, March 12th, 2015 – AVG released a...

CVE-2015-0057: The 1-Bit that will Bring Windows Down

enSilo’s research team has identified an exploitable privilege escalation vulnerability which enables a threat actor to run code of their liking on the Windows kernel.

The vulnerability was patched today as part of Microsoft’s Patch Tuesday....