Today is the Microsoft June Patch Tuesday. In particular, the patch includes two kernel exploitable vulnerabilities that enSilo researchers had reported to Microsoft just less than two weeks ago. Both vulnerabilities were filed together under CVE-2015-2360, ranked as IMPORTANT. These two vulnerabilities date back to the old – yet already
tools, enSilo Breaking Malware, Endpoint Protection, Malware, Windows, enSilo Corporate and Product
TL;DR: In this blog post we describe Selfie, a tool we have developed that automates finding the OEP for a majority of malwares packed with self-modifying code. The Selfie tool is now open-sourced, compiled to 32-bit, and can be found here.
Industry, enSilo Corporate and Product
I’ve just completed one of the most difficult pre-RSA tasks… narrowing the list of talks to attend during the RSA SF 2015. I was able to nail mine down to the 10 that I found not only most beneficial, but also engaging.
I tried spreading it over the week as much as possible to fit in also meetings and walk the expo floor. Hopefully, this list
Research, enSilo Corporate and Product, Malware, Windows, RAT
A few days ago, a cracked full-version of the NanoCore Remote Access Trojan (RAT) tool was leaked.
With scarce existing documentation of NanoCore we decided to investigate ourselves NanoCore’s core set of features and techniques. (We do this as part of enSilo’s development of the best endpoint security software.) What we found was that although
Research, enSilo Corporate and Product
Our research team responsibly disclosed a severe vulnerability in AVG Internet Security 2015 build 5736 + Virus database 8919 released January 13th 2015.
Within just two days of disclosure, on Thursday, March 12th, 2015 – AVG released a patch to its user base.
AVG’s response to this flaw is something we should all learn from. It stands in dark
Vulnerabilities, enSilo Breaking Malware, Windows, enSilo Corporate and Product
Introduction
As part of our research, we analyze the intricate relationship between Anti-Virus and Operating Systems (OS). During this process, we came across a vulnerability in AVG Internet Security 2015 build 5736 + Virus database 8919 released January 13th 2015.
The vulnerability? The affected AVG product had allocated a memory page with RWX
Business, Industry, enSilo Corporate and Product
I’m excited to announce that today we’ve officially launched enSilo, a cyber-security startup dealing with today’s state of advanced targeted threats. With a few hundred cyber-security startups worldwide, and hundreds of other corporate security vendors, undoubtedly the question on everyone’s mind is: “Another cyber-security startup… Haven’t we
Research, enSilo Corporate and Product, Windows, exploit
enSilo’s research team has identified an exploitable privilege escalation vulnerability which enables a threat actor to run code of their liking on the Windows kernel. (enSilo really, really knows endpoint security!)
The vulnerability was patched today as part of Microsoft’s Patch Tuesday. The vulnerability, CVE-2015-0057, is rated as
Windows 10, exploit, vulnerability, enSilo Breaking Malware, Windows, enSilo Corporate and Product
Introduction
Today, Microsoft released their latest Patch Tuesday. This Patch includes a fix for vulnerability CVE-2015-0057, an IMPORTANT-rated Windows exploitable vulnerability which we responsibly disclosed to Microsoft a few months ago. (enSilo researchers often discover new vulnerabilities in out continuing work towards complete endpoint
Tags
- enSilo Corporate and Product (219)
- Weekly Security News (96)
- Windows (50)
- Malware (42)
- cybersecurity (28)
- Industry (23)
- enSilo Breaking Malware (23)
- Research (22)
- Business (14)
- Ransomware (13)
- code injection (9)
- Vulnerabilities (7)
- AtomBombing (6)
- WannaCry (6)
- POS malware (5)
- RAT (5)
- NSA (4)
- exploit (4)
- APT (3)
- Endpoint Protection (3)
- Mac OS X (3)
- Moker (3)
- NotPetya (3)
- Process Doppelganging (3)
- UAC (3)
- Web Malware (3)
- documentation (3)
- hooking (3)
- vulnerability (3)
- Android (2)
- ArdBot (2)
- CFG (2)
- Control Flow Guard (2)
- Emotet Botnet (2)
- Fileless Malware (2)
- Furtim (2)
- Gartner (2)
- GlobeImposter (2)
- Injection Techniques (2)
- Windows XP (2)
- av (2)
- elevation (2)
- meltdown (2)
- tools (2)
- APC (1)
- Bad Rabbit (1)
- CVS (1)
- CryFile (1)
- Detours (1)
- ESTEEMAUDIT (1)
- Equifax (1)
- FindADetour (1)
- GOZI (1)
- HIPAA (1)
- Hancitor (1)
- KPTI (1)
- Linux (1)
- Lockerpin.A (1)
- MSSP (1)
- ModPOS (1)
- NtSetInformationVirtualMemory (1)
- PCI DSS (1)
- Patch (1)
- PatchGuard (1)
- SCADA (1)
- Scarab (1)
- Unix (1)
- Verizon (1)
- Windows 10 (1)
- anti-virus (1)
- avulnerabilitychecker (1)
- bypass UAC (1)
- command injection (1)
- environment variable (1)
- excel-scriptlet (1)
- hospitality (1)
- media (1)
- path redirect (1)
- spectre (1)
- variable expansion (1)
- variables (1)
Subscribe
Subscribe to enSilo's Blog
and Stay on Top of the
Latest Security Research
and Industry News