Why You Need to Be Concerned About Microsoft’s Latest Vulnerability

cybersecurity, enSilo Corporate and Product

In 2017 we said, "By now everyone knows about WannaCry and the problem with unpatched systems. But, what happens when the next Windows vulnerability is released, and no patch is issued on an end-of-life product?" That moment might have arrived.

Read More

enSilo Co-Founders Deliver Presentation at RSA Conference 2019 on Cryptomining

cybersecurity, enSilo Corporate and Product

enSilo CEO Roy Katmor and CTO Udi Yavo delivered an in-depth presentation at RSA Conference 2019 called “The New Gold Rush: How to Hack Your Own Best Mining Rig”. The session addressed the state of cryptominers versus ransomware, how to build a stealthy and well-distributed miner, and several miner detection methods. Also, the team unveiled

Read More

Cyax Malware - Evasive Loader Reemerges

cybersecurity, enSilo Corporate and Product

Towards the end of 2018, enSilo blocked a suspicious attack attempt originating from a generic PowerShell script. While investigating the attack our team discovered an interesting loader malware that delivers different payloads. During the time of writing this post, commercial Anti-Viruses (AVs) did not identify this script as hostile.

Read More

Not yet another Death Note caused by the Ryuk Ransomware

cybersecurity, enSilo Corporate and Product

Ryuk ransomware is a derivative of the Hermes ransomware. Its objective is to encrypt assets such as files and data, cause the unavailability of resources and force all victims to pay a ransom or suffer the consequences. enSilo prevents Ryuk ransomware attacks.

Read More

The Gartner Market Guide for Endpoint Detection and Response Solutions Validates the enSilo Approach to Protecting Endpoints

cybersecurity, enSilo Corporate and Product

The latest version of the Gartner Market Guide for Endpoint Detection and Response Solutions validates the need for real-time prevention and why the detect-then-decide approach simply can’t keep up with today’s threats. 

Read More

City of Atlanta Ransomware Attack

cybersecurity, enSilo Corporate and Product

Overview

On March 22 of this year, the City of Atlanta experienced one of the most devasting and costly ransomware attacks to date in the US. For one week, the city floundered while five of its thirteen local government departments were held hostage, unable to perform their functions. For city employees logging-in to their devices that morning,

Read More

Exactis Data Breach: The Risk of Data Exposure Without Endpoint Protection

cybersecurity, enSilo Corporate and Product

Earlier this year Exactis, a Florida-based marketing data broker, had their database (close to 340 million individual records) exposed on a public server. Though hacking efforts didn't expose the data, the personally identifiable information was inexplicably left on an unsecured server without basic security safeguards. 
Read More

Melting Down PatchGuard: Leveraging KPTI to Bypass Kernel Patch Protection

cybersecurity, Windows, enSilo Breaking Malware, meltdown, KPTI, PatchGuard

The mitigation for Meltdown created a new part in the kernel which PatchGuard left unprotected, making hooking of system calls and interrupts possible, even with HVCI enabled.

Read More

enSilo Blocks LokiBot Infostealer

cybersecurity, enSilo Corporate and Product

enSilo’s Endpoint Security Platform detected and blocked a new variant of the LokiBot malware in July, 2018. During that time, VirusTotal exhibited only twelve commercial Anti-Virus (AV) applications having a virus definition for this malware, which indicates a low detection rate:

Read More

Turning (Page) Tables: Bypassing Kernel Mitigations to Successfully Escalate Privileges

cybersecurity, enSilo Breaking Malware

On August 8th, at the BSides Conference in Las Vegas, we unveiled a new exploitation technique against the Microsoft Windows operating system. It's a general technique to leverage with kernel vulnerabilities and make privilege escalation easier.

Read More