<img height="1" width="1" alt="" style="display:none" src="https://www.facebook.com/tr?id=619966238105738&amp;ev=PixelInitialized">

ENSILO BLOG

You are Reading:  

Microsoft’s Response to AtomBombing is Post-Infection Detection

In March 2017, Microsoft (known for fixing vulnerabilities in their software products once a month on “Patch Tuesday”) recently addressed post-infection detection, investigation, and response with...

Read More

AtomBombing Goes Nuclear

In late 2016, enSilo researchers shared AtomBombing with the security world. More of a “proof of concept” than an actual exploit, AtomBombing took advantage of Microsoft Windows built-in atom...

Read More

Command Injection/Elevation – Environment Variables Revisited

Windows environment variables can be used to run commands and can also be used to bypass UAC, allowing an attacker with limited privileges to take complete control of the system. This code...

Read More

AtomBombing CFG-Protected Processes

TL;DR: We show AtomBombing modifications to enable us to inject code into CFG-protected processes.

Read More

AtomBombing: A Code Injection that Bypasses Current Security Solutions

Our research team has uncovered new way to leverage mechanisms of the underlying Windows operating system in order to inject malicious code.  (This research is one way enSilo ensures complete...

Read More

AtomBombing: Brand New Code Injection for Windows

TL;DR Here’s a new code injection technique, dubbed AtomBombing, which exploits Windows atom tables and Async Procedure Calls (APC). Currently, this technique goes undetected by common security...

Read More

Elastic Boundaries – Elevating privileges by environment variables expansion

Even though any process is provided with variables from its environment, they are often overlooked by users, developers and sometimes even the OS itself.

Read More

Intrusive Applications: 6 Security Issues to Watch Out for in Hooking

For over a year our enSilo researchers have been looking into hooking engines and injection methods used by different vendors. It all started back in 2015 when we noticed injection issue in AVG...

Read More

Captain Hook: Pirating AVs to Bypass Exploit Mitigations

TL;DR: We found 6(!) different common security issues that stem from incorrect implementation of code hooking and injection techniques. These issues were found in more than 15 different products....

Read More

Sign-Up for a Demo Today

CATEGORIES

FEATURED ARTICLES

tag cloud