Tal Liberman, Security Research Team Leader, enSilo

Tal Liberman, Security Research Team Leader, enSilo

A never-ending desire to understand how things work. Love to discover the undiscoverable and see what’s yet to be seen. Hit me up.

AtomBombing CFG-Protected Processes

Injection Techniques, AtomBombing, CFG, code injection, Control Flow Guard, Windows, enSilo Breaking Malware, enSilo Corporate and Product

TL;DR: We show AtomBombing modifications to enable us to inject code into CFG-protected processes.

Read More

AtomBombing: A Code Injection that Bypasses Current Security Solutions

Research, enSilo Corporate and Product, Windows, code injection, AtomBombing, Malware

Our research team has uncovered new way to leverage mechanisms of the underlying Windows operating system

Read More

AtomBombing: Brand New Code Injection for Windows

Injection Techniques, APC, AtomBombing, code injection, Research, Windows, enSilo Breaking Malware, Malware, enSilo Corporate and Product

TL;DR Here’s a new code injection technique, dubbed AtomBombing, which exploits Windows atom tables and Async

Read More

Documenting the Undocumented: Adding CFG Exceptions

documentation, CFG, Control Flow Guard, NtSetInformationVirtualMemory, Windows, enSilo Breaking Malware, enSilo Corporate and Product

TL;DR Microsoft’s Control Flow Guard (CFG) is a security feature that prevents the abuse of indirect calls

Read More