GandCrab Doppelgänged His Shell?

Malware, enSilo Breaking Malware, Process Doppelganging, Threat Intelligence

A new loader-type malware adopted a technique similar to Process Doppelgänging and spread like wildfire in the last year and half. This loader is a significant threat, besides GandCrab, that closed up shop earlier this year, it delivers over a dozen other payloads like FormBook, LokiBot, SmokeLoader, AZORult, NetWire, njRat and Pony stealer.

Read More

The Avast Abuser: Metamorfo Banking Malware Hides By Abusing Avast Executable

Malware, enSilo Breaking Malware, Threat Intelligence

Article Summary

In May 2019, enSilo’s Threat Intelligence team observed activity by a cybercrime group, spreading Metamorfo - A Brazilian banking trojan. The variants we discovered abuse an executable digitally signed by Avast, which is one of the most popular AV products in the world for consumers. We were able to connect this activity to a

Read More

Uncovering New Activity By APT10

Malware, APT, enSilo Breaking Malware, APT10, Threat Intelligence

Article Summary

In April 2019, enSilo detected what it believes to be new activity by Chinese cyber espionage group APT10. The variants discovered by enSilo are previously unknown and deploy malware that is unique to the threat actor. These malware families have a rich history of being used in many targeted attacks against government and

Read More

Game of Trojans: Dissecting the #Khalesi Infostealer Malware

Business, Industry, Malware, enSilo Corporate and Product

Summary

During the end of August 2018, the security community discovered an infostealer malware in the wild named Khalesi. This malware was identified by the security community as part of the Kpot malware campaign. Some of the recent Khalesi variants in this campaign were compiled with a Visual Basic 6 (VB6) compiler while the others were

Read More

Cybersecurity Predictions 2018

cybersecurity, Malware, AtomBombing, enSilo Corporate and Product, WannaCry, Process Doppelganging

This year is coming to an end.  The media headlines were constantly reporting massive attacks and breaches. We expect nothing less in 2018. 

Read More

Excel ScriptLet Attack Blocked By enSilo

Windows, Malware, enSilo Corporate and Product, excel-scriptlet

On December 8, 2017, enSilo, a unified endpoint security platform that provides both pre- and post-infection protection in real-time, blocked a new attack technique used to exploit the linked file mechanism in Microsoft Excel. During the time of detection, a spreadsheet file PAYMENT DETAILS.xlsx was used to run the malicious code on the

Read More

enSilo’s Process Doppelganging Security Check

Windows, Malware, enSilo Corporate and Product, Process Doppelganging

WHAT IS PROCESS DOPPELGANGING?

Process Doppelganging is a technique that allows bypassing real-time file scanning of all tested AV and NGAV products on Microsoft Windows starting from Windows Vista. It was first shown by a team of researchers from enSilo during BlackHat Europe 2017 on December 7th in London.

Read More

Webinar: Process Doppelgänging Blocked by enSilo

Windows, Malware, enSilo Corporate and Product, Process Doppelganging

enSilo is real-time endpoint security software that protects against Process Doppelganging (and lots more). See the on-demand webinar of Lost in Transaction: Process Doppelganging featured at BlackHat Europe.

Read More

Scarab Ransomware Blocked by enSilo

Windows, Malware, enSilo Corporate and Product, Ransomware, Scarab

CUSTOMER ADVISORY WARNING: During June 2017, the Scarab ransomware was detected for the first time by several security professionals. Scarab ransomware spreads to victims across the world via necurs, which is the largest email spam botnet spreading across the Internet. (Protection from this and other malware is why you should use enSilo's

Read More

Customers Say it Best - Hospitality

Malware, enSilo Corporate and Product, Ransomware, hospitality

enSilo stops malware post-infection real-time from causing harm and tampering or exfiltrating data from your endpoint.

Read More