The mitigation for Meltdown created a new part in the kernel which PatchGuard left unprotected, making hooking of system calls and interrupts possible, even with HVCI enabled.
During the end of August 2018, the security community discovered an infostealer malware in the wild named Khalesi. This malware was identified by the security community as part of the Kpot malware campaign. Some of the recent Khalesi variants in this campaign were compiled with a Visual Basic 6 (VB6) compiler while the others were
enSilo has earned the prestigious Gold status in the Golden Bridge Awards® for their product in the Endpoint Security Solution Innovations category. The coveted annual Golden Bridge Awards program encompasses the world’s best in organizational performance, innovations, products and services, executives and management teams, women in business
enSilo’s Endpoint Security Platform detected and blocked a new variant of the LokiBot malware in July, 2018. During that time, VirusTotal exhibited only twelve commercial Anti-Virus (AV) applications having a virus definition for this malware, which indicates a low detection rate:
On August 8th, at the BSides Conference in Las Vegas, we unveiled a new exploitation technique against the Microsoft Windows operating system. It's a general technique to leverage with kernel vulnerabilities and make privilege escalation easier.
Gartner says it best in its most recent Market Guide for Managed Detection and Response (MDR) Services: “Managed detection and response improves threat detection monitoring and incident response capabilities via a turnkey approach to detecting threats that have bypassed other controls. Security and risk management leaders need to understand
In June 2018, Cybereason posted a blog about a malicious Dynamic-Link Library (DLL) file exhibiting a behavior associated with credential theft. Their analysis discovered that the malicious DLL MSVCR100.dll was leveraging the DLL search-order hijacking technique to load itself during the execution of unpack200.exe – an Oracle verified Portable
Hidden Cobra’s latest attack tool
Ransomware attacks are continuing to threaten the stability of government authorities, healthcare organizations, utility companies and critical data in all industries. It has been a year since WannaCry hit and businesses are still feeling the after-effects of a worldwide ransomware attack. Now in 2018, SamSam, a targeted ransomware attack, hit
This MSSP increased its service offerings from Security Information Event Management (SIEM) to include Intrusion Prevention (IPS) and 24/7/365 incident detection and response delivered by a Security Operations Center (SOC) team. In addition to incident detection and response capabilities, the SOC team also supports compliance monitoring. The