Just weeks after the Shadow Brokers released the NSA Tools, the world has had its first taste of just how effective threats built with these tools can be. Beginning early on May 12th, a ransomware variant using the EternalBlue exploit for Microsoft Windows, began spreading like wildfire, locking down businesses and users in more than 90
On Good Friday, April 14, The Shadow Brokers released to the public a bunch of powerful Windows’ exploits, tools and exploit kits used by The Equation Group – the group supposedly behind the NSA.
We’re currently analyzing the data, and would like to share some initial analyses and recommendations. Understanding the impact will allow security
WhatsApp was under the limelight this week with news that they have allowed government backdoor access.
In 2017, we predict that as Flash phases out, JScript will take its place as the leading browser-exploitation vector.
In 2017, we predict that security – the good and the bad – will be moving down the stack.
Both sides — defense vs offense — are moving down the stack. On one side: the confidentiality, integrity and availability of data, operations and processes. On the other: threat actors that are looking to steal, tamper or disrupt these. (Note that enSilo
In 2017, we predict that ransomware authors will target mission-critical servers and PCs - within targeted departments.
By holding these sensitive devices hostage, ransomware authors will be applying the right pressure at the right time to quickly receive the ransom.
The United States is less than a week away from electing a new president. Cybersecurity has played a large part in the news leading up to the election — hacked and leaked political emails and probing of election databases — and yet there hasn’t been a lot of discussion on how to resolve the problems. As someone who has been closely following
Today’s Microsoft September Patch Tuesday includes a patch to what they had tagged as a fix for Microsoft Office. Behind the scenes, however, that fix extends beyond Microsoft Office to hundreds of applications developed by Microsoft as well as hundreds of other software vendors. Accordingly, this fix affects millions of users – from those
For over a year our enSilo researchers have been looking into hooking engines and injection methods used by different vendors. It all started back in 2015 when we noticed injection issue in AVG but this was only the tip of the iceberg. A few months after that we noticed similar issues in McAfee and Kaspersky Anti-Virus. At that point we decided
TL;DR: We found 6(!) different common security issues that stem from incorrect implementation of code hooking and injection techniques. These issues were found in more than 15 different products. The most impactful discovery was that three different hooking engines also suffer from these kind problems, including the most popular commercial