enSilo protects against “WannaCry” and stolen NSA Tools out of the box

Business, Industry, cybersecurity, Windows, Malware, enSilo Corporate and Product, Ransomware, WannaCry, NSA

Just weeks after the Shadow Brokers released the NSA Tools, the world has had its first taste of just how effective threats built with these tools can be. Beginning early on May 12th, a ransomware variant using the EternalBlue exploit for Microsoft Windows, began spreading like wildfire, locking down businesses and users in more than 90

Read More

NSA Tools vs. enSilo

Business, Windows, Malware, enSilo Corporate and Product, NSA

See enSilo take down a nation-state quality attack tool, and stop it from stealing information on a compromised victim machine.

Read More

AtomBombing Goes Nuclear

Research, cybersecurity, Windows, Malware, code injection, AtomBombing, enSilo Corporate and Product

In late 2016, enSilo researchers shared AtomBombing with the security world. More of a “proof of concept” than an actual exploit, AtomBombing took advantage of Microsoft Windows built-in atom tables that would allow specific API calls to inject code into the read-write memory space of a targeted process.

(NOTE: enSilo endpoint protection

Read More

Customer Advisory Warning: The Comeback of the Hancitor Campaign

Research, Windows, Malware, enSilo Corporate and Product, Hancitor, Fileless Malware

We are currently witnessing an active malware campaign involving the Hancitor Trojan/Pony botnet. Once installed on the victim’s machine, Hancitor prepares the groundwork for the download of further malicious modules such as ransomware or data stealing malware.

enSilo provides complete endpoint security, including blocking Hancitor/Pony

Read More

Predictions 2017: Enterprise Network Security Will Move to the Cloud

Industry, Malware, enSilo Corporate and Product

We predict that in 2017 enterprise network security will shift to the cloud and be offered as a service. (enSilo’s endpoint protection is already cloud-managed.)

Read More

Predictions 2017: Security Moves Down the Stack

Industry, Windows, Malware, enSilo Corporate and Product, Android

In 2017, we predict that security – the good and the bad – will be moving down the stack.

Both sides — defense vs offense — are moving down the stack. On one side: the confidentiality, integrity and availability of data, operations and processes. On the other: threat actors that are looking to steal, tamper or disrupt these. (Note that enSilo

Read More

AtomBombing: A Code Injection that Bypasses Current Security Solutions

Research, Windows, Malware, code injection, AtomBombing, enSilo Corporate and Product

Our research team has uncovered new way to leverage mechanisms of the underlying Windows operating system in order to inject malicious code.  (This research is one way enSilo ensures complete endpoint protection.) Threat actors can use this technique, which exists by design of the operating system, to bypass current security solutions that

Read More

AtomBombing: Brand New Code Injection for Windows

Research, Windows, Injection Techniques, Malware, code injection, AtomBombing, APC, enSilo Breaking Malware

TL;DR Here’s a new code injection technique, dubbed AtomBombing, which exploits Windows atom tables and Async Procedure Calls (APC). Currently, this technique goes undetected by common security solutions that focus on preventing infiltration.

Read More

FindADetour: The Tool that Tests for Vulnerable Microsoft's Detours

Research, Windows, Malware, hooking, enSilo Corporate and Product, FindADetour

Today’s Microsoft September Patch Tuesday includes a patch to what they had tagged as a fix for Microsoft Office. Behind the scenes, however, that fix extends beyond Microsoft Office to hundreds of applications developed by Microsoft as well as hundreds of other software vendors. Accordingly, this fix affects millions of users – from those

Read More

Everything You Always Wanted to Know about Ransomware but Were Afraid to Ask

Industry, Windows, Malware, enSilo Corporate and Product, Ransomware

BadBlock, Cerber, Chimera, CoinVault, Crypt0L0cker, CryptoJoker, CTB-Locker, Jigsaw, KeRanger, Locky, NanoLocker, Petya, Samas, TeslaCrypt, zCrypt… these are just a few out of the hundreds of ransomware cropping up in the past year. Your current endpoint security solution may not be enough to protect you.

Read More