Microsoft’s Response to AtomBombing is Post-Infection Detection

Weekly Security News, enSilo Corporate and Product, AtomBombing, Windows, Malware, code injection

In March 2017, Microsoft (known for fixing vulnerabilities in their software products once a month on

Read More

AtomBombing Goes Nuclear

Research, cybersecurity, enSilo Corporate and Product, AtomBombing, code injection, Windows, Malware

In late 2016, enSilo researchers shared AtomBombing with the security world. More of a “proof of concept”

Read More

Command Injection/Elevation – Environment Variables Revisited

Vulnerabilities, command injection, elevation, variables, enSilo Breaking Malware, UAC, Windows, code injection, enSilo Corporate and Product

Windows environment variables can be used to run commands and can also be used to bypass UAC, allowing an

Read More

AtomBombing CFG-Protected Processes

Injection Techniques, AtomBombing, CFG, code injection, Control Flow Guard, Windows, enSilo Breaking Malware, enSilo Corporate and Product

TL;DR: We show AtomBombing modifications to enable us to inject code into CFG-protected processes.

Read More

AtomBombing: A Code Injection that Bypasses Current Security Solutions

Research, enSilo Corporate and Product, Windows, code injection, AtomBombing, Malware

Our research team has uncovered new way to leverage mechanisms of the underlying Windows operating system

Read More

AtomBombing: Brand New Code Injection for Windows

Injection Techniques, APC, AtomBombing, code injection, Research, Windows, enSilo Breaking Malware, Malware, enSilo Corporate and Product

TL;DR Here’s a new code injection technique, dubbed AtomBombing, which exploits Windows atom tables and Async

Read More

Elastic Boundaries – Elevating privileges by environment variables expansion

Vulnerabilities, bypass UAC, elevation, environment variable, path redirect, variable expansion, enSilo Breaking Malware, UAC, Windows, code injection, enSilo Corporate and Product

Even though any process is provided with variables from its environment, they are often overlooked by

Read More

Intrusive Applications: 6 Security Issues to Watch Out for in Hooking

Research, enSilo Corporate and Product, Windows, hooking, Malware, code injection

For over a year our enSilo researchers have been looking into hooking engines and injection methods used

Read More

Captain Hook: Pirating AVs to Bypass Exploit Mitigations

Vulnerabilities, av, Detours, hooking, vulnerability, enSilo Breaking Malware, Windows, code injection, enSilo Corporate and Product

TL;DR: We found 6(!) different common security issues that stem from incorrect implementation of code

Read More