<img height="1" width="1" alt="" style="display:none" src="https://www.facebook.com/tr?id=619966238105738&amp;ev=PixelInitialized">

ArdBot: An Inside Look into Malware in the Making

Crediting R136a1 who published malware samples a few days ago on a forum, we found these samples under development. We quickly went ahead and analyzed one, allowing us a unique view into malware at such an early development stage.

You’re so predictable: the AV vulnerability that bypasses mitigations

Our research team exposed a critical security vulnerability appearing in various Anti-Virus (AV) products which has the potential to turn the Anti-Virus to an attack-enabler tool. This issue is not necessarily constrained to security...

Moker: A new APT discovered within a sensitive network

Recently, enSilo found an Advanced Persistent Threat (APT) residing in a sensitive network of a customer. This APT appears to be a Remote Access Trojan (RAT) that is capable of taking complete control of the victim’s computer. To date, this...

The Top 10 BlackHat 2015 Talks for the Security Researcher

BlackHat talks come in all shapes and sizes – from the philosophical keynotes and high-level to the ultra techie. Narrowing down the list of talks isn’t easy so I chose mine based on their technology flare. If you’re more of the techie sort,...

MS Patch Tuesday: A Look into 4 Vulnerabilities in the Windows Kernel

Today’s Microsoft Patch Tuesday includes a patch for CVE-2015-2363, an IMPORTANT-rated exploitable privilege escalation vulnerability which we have responsibly disclosed to Microsoft. CVE-2015-2363 is a nearly 20 year-old vulnerability,...

MS June Patch Tuesday: Double Trouble in the Microsoft Kernel.

Today is the Microsoft June Patch Tuesday. In particular, the patch includes two kernel exploitable vulnerabilities that enSilo researchers had reported to Microsoft just less than two weeks ago. Both vulnerabilities were filed together...

NanoCore RAT: It’s Not 100% Original

A few days ago, a cracked full-version of the NanoCore Remote Access Trojan (RAT) tool was leaked.

With scarce existing documentation of NanoCore we decided to investigate ourselves NanoCore’s core set of features and techniques. What we...

AVG: A Case-Study in Vulnerability Disclosure

Our research team responsibly disclosed a severe vulnerability in AVG Internet Security 2015 build 5736 + Virus database 8919 released January 13th 2015.

Within just two days of disclosure, on Thursday, March 12th, 2015 – AVG released a...

CVE-2015-0057: The 1-Bit that will Bring Windows Down

enSilo’s research team has identified an exploitable privilege escalation vulnerability which enables a threat actor to run code of their liking on the Windows kernel.

The vulnerability was patched today as part of Microsoft’s Patch Tuesday....