<img height="1" width="1" alt="" style="display:none" src="https://www.facebook.com/tr?id=619966238105738&amp;ev=PixelInitialized">

ENSILO BLOG

You are Reading:  

Sedating the Watchdog: Abusing Security Products to Bypass Mitigations

tldr; design issues in various security products, such as anti-virus, make it significantly easier for threat actors to bypass exploit mitigations. In particular, we found a prevalent flaw where...

Read More

A Technical Breakdown of ModPOS

ModPOS is the latest in the string of POS malware that’s making the news. As its family name implies, this malware is intent on one: stealing credit card information.

Read More

Moker, Part 2: Capabilities

A few days ago, we published a blog entry on an advanced malware – Moker, and discussed the different challenges that Moker placed to avoid detection and anti-dissection.

Read More

Moker, Part 1: dissecting a new APT under the microscope

Recently, we came across Moker, an advanced malware residing in a sensitive network of a customer. Since the malware did not try to access an external server, but rather tamper with the system...

Read More

Class Dismissed: 4 Use-After-Free Vulnerabilities in Windows

Introduction

Today, Microsoft released their latest Patch Tuesday. This Patch includes a fix for CVE-2015-2363, a complementary patch to CVE-2015-2360 from last month. The two CVEs together...

Read More

“Selfie”: A Tool to Unpack Self-Modifying Code using DynamoRIO

tl;dr: In this blog post we describe “Selfie”, a tool we have developed that automates finding the OEP for a majority of malwares packed with self-modifying code. The tool itself is now...

Read More

Vulnerability Patching: Learning from AVG on Doing it Right.

Updated March 25: added a proof-of-concept video

Read More

One-Bit To Rule Them All: Bypassing Windows’ 10 Protections using a Single Bit

Read More

CATEGORIES

FEATURED ARTICLES

tag cloud