Cyber Security in 120 Secs: Cyber Weapon Toolbox

Weekly Security News, enSilo Corporate and Product, WannaCry, exploit, Malware, Windows

This week ShadowBrokers released another NSA exploit, UNITEDRAKE that will probably not be noticed due to the Equifax data breach that affected at least 143 million;  Apache Struts released a patch for a vulnerability that could potentially take over a website.

Highlighting the cyber-security news from the past week in a 120 sec. read. Starting

Read More

Class Dismissed: 4 Use-After-Free Vulnerabilities in Windows

Vulnerabilities, Windows, vulnerability, exploit, enSilo Breaking Malware, enSilo Corporate and Product

Introduction

Today, Microsoft released their latest Patch Tuesday. This Patch includes a fix for CVE-2015-2363, a complementary patch to CVE-2015-2360 from last month. The two CVEs together bundles within themselves IMPORTANT-rated exploitable vulnerabilities which we responsibly disclosed to Microsoft.

Read More

CVE-2015-0057: The 1-Bit that will Bring Windows Down

Research, enSilo Corporate and Product, Windows, exploit

enSilo’s research team has identified an exploitable privilege escalation vulnerability which enables a threat actor to run code of their liking on the Windows kernel. (enSilo really, really knows endpoint security!)

The vulnerability was patched today as part of Microsoft’s Patch Tuesday. The vulnerability, CVE-2015-0057, is rated as

Read More

One Bit To Rule Them All: Bypassing Windows 10 Protections Using a Single Bit

Windows 10, exploit, vulnerability, enSilo Breaking Malware, Windows, enSilo Corporate and Product

Introduction

Today, Microsoft released their latest Patch Tuesday. This Patch includes a fix for vulnerability CVE-2015-0057, an IMPORTANT-rated Windows exploitable vulnerability which we responsibly disclosed to Microsoft a few months ago. (enSilo researchers often discover new vulnerabilities in out continuing work towards complete endpoint

Read More