Uncovering New Activity By APT10

Malware, APT, enSilo Breaking Malware, APT10, Threat Intelligence

Article Summary

In April 2019, enSilo detected what it believes to be new activity by Chinese cyber espionage group APT10. The variants discovered by enSilo are previously unknown and deploy malware that is unique to the threat actor. These malware families have a rich history of being used in many targeted attacks against government and

Read More

Game of Trojans: Dissecting the #Khalesi Infostealer Malware

Business, Industry, Malware, enSilo Corporate and Product

Summary

During the end of August 2018, the security community discovered an infostealer malware in the wild named Khalesi. This malware was identified by the security community as part of the Kpot malware campaign. Some of the recent Khalesi variants in this campaign were compiled with a Visual Basic 6 (VB6) compiler while the others were

Read More

Cybersecurity Predictions 2018

cybersecurity, Malware, AtomBombing, enSilo Corporate and Product, WannaCry, Process Doppelganging

This year is coming to an end.  The media headlines were constantly reporting massive attacks and breaches. We expect nothing less in 2018. 

Read More

Excel ScriptLet Attack Blocked By enSilo

Windows, Malware, enSilo Corporate and Product, excel-scriptlet

On December 8, 2017, enSilo, a unified endpoint security platform that provides both pre- and post-infection protection in real-time, blocked a new attack technique used to exploit the linked file mechanism in Microsoft Excel. During the time of detection, a spreadsheet file PAYMENT DETAILS.xlsx was used to run the malicious code on the

Read More

enSilo’s Process Doppelganging Security Check

Windows, Malware, enSilo Corporate and Product, Process Doppelganging

WHAT IS PROCESS DOPPELGANGING?

Process Doppelganging is a technique that allows bypassing real-time file scanning of all tested AV and NGAV products on Microsoft Windows starting from Windows Vista. It was first shown by a team of researchers from enSilo during BlackHat Europe 2017 on December 7th in London.

Read More

Webinar: Process Doppelgänging Blocked by enSilo

Windows, Malware, enSilo Corporate and Product, Process Doppelganging

enSilo is real-time endpoint security software that protects against Process Doppelganging (and lots more). See the on-demand webinar of Lost in Transaction: Process Doppelganging featured at BlackHat Europe.

Read More

Scarab Ransomware Blocked by enSilo

Windows, Malware, enSilo Corporate and Product, Ransomware, Scarab

CUSTOMER ADVISORY WARNING: During June 2017, the Scarab ransomware was detected for the first time by several security professionals. Scarab ransomware spreads to victims across the world via necurs, which is the largest email spam botnet spreading across the Internet. (Protection from this and other malware is why you should use enSilo's

Read More

Customers Say it Best - Hospitality

Malware, enSilo Corporate and Product, Ransomware, hospitality

enSilo stops malware post-infection real-time from causing harm and tampering or exfiltrating data from your endpoint.

Read More

CryFile - From 0-Day to detection in 48 hours

Windows, Malware, enSilo Corporate and Product, Ransomware, CryFile

CUSTOMER ADVISORY WARNING: A new variant of CryFile ransomware.
Read More

Customers Say it Best - Media Broadcast

Windows, Malware, RAT, enSilo Corporate and Product, media

enSilo's single endpoint security agent provides both pre- and post-infection protection even when machines are compromised.

Read More