enSilo Blocks LokiBot Infostealer

cybersecurity, enSilo Corporate and Product

enSilo’s Endpoint Security Platform detected and blocked a new variant of the LokiBot malware in July, 2018. During that time, VirusTotal exhibited only twelve commercial Anti-Virus (AV) applications having a virus definition for this malware, which indicates a low detection rate:

Read More

Turning (Page) Tables: Bypassing Kernel Mitigations to Successfully Escalate Privileges

cybersecurity, enSilo Breaking Malware, enSilo Corporate and Product

On August 8th, at the BSides Conference in Las Vegas, we unveiled a new exploitation technique against the Microsoft Windows operating system. It's a general technique to leverage with kernel vulnerabilities and make privilege escalation easier.

Read More

Supporting the Growth of Managed Detection and Response Services

cybersecurity, enSilo Corporate and Product

Gartner says it best in its most recent Market Guide for Managed Detection and Response (MDR) Services: “Managed detection and response improves threat detection monitoring and incident response capabilities via a turnkey approach to detecting threats that have bypassed other controls. Security and risk management leaders need to understand

Read More

enSilo Terminates DLL Search Order Hijacking

cybersecurity, enSilo Corporate and Product

In June 2018, Cybereason posted a blog about a malicious Dynamic-Link Library (DLL) file exhibiting a behavior associated with credential theft. Their analysis discovered that the malicious DLL MSVCR100.dll was leveraging the DLL search-order hijacking technique to load itself during the execution of unpack200.exe – an Oracle verified Portable

Read More

enSilo Blocks Hidden Cobras Latest Attack Tool

cybersecurity, enSilo Corporate and Product

Hidden Cobra’s latest attack tool

Read More

5 Ways To Tackle Ransomware Attacks

cybersecurity, enSilo Corporate and Product

Ransomware attacks are continuing to threaten the stability of government authorities, healthcare organizations, utility companies and critical data in all industries. It has been a year since WannaCry hit and businesses are still feeling the after-effects of a worldwide ransomware attack.  Now in 2018, SamSam, a targeted ransomware attack, hit

Read More

Customers Say It Best - Managed Security Service Provider

cybersecurity, enSilo Corporate and Product

This MSSP increased its service offerings from Security Information Event Management (SIEM) to include Intrusion Prevention (IPS) and 24/7/365 incident detection and response delivered by a Security Operations Center (SOC) team. In addition to incident detection and response capabilities, the SOC team also supports compliance monitoring. The

Read More

enSilo Protects: Point of Sale (POS)

enSilo Corporate and Product

“Nearly 98% of all recorded point of sale (POS) attacks resulting in a confirmed data breach”.  Verizon Data Breach Investigations

Read More

enSilo Blocks SynAck Ransomware

enSilo Corporate and Product

 

Read More

Ctrl-Inject

enSilo Corporate and Product

In this post we will unveil a new process injection we call “Ctrl-Inject” that leverages the mechanism of handling Ctrl signals in console applications. While going through MSDN as part of our research we came across the following comment regarding Ctrl signal handling:

Read More