GandCrab Doppelgänged His Shell?

Malware, enSilo Breaking Malware, Process Doppelganging, Threat Intelligence

A new loader-type malware adopted a technique similar to Process Doppelgänging and spread like wildfire in the last year and half. This loader is a significant threat, besides GandCrab, that closed up shop earlier this year, it delivers over a dozen other payloads like FormBook, LokiBot, SmokeLoader, AZORult, NetWire, njRat and Pony stealer.

Read More

Cybersecurity Predictions 2018

cybersecurity, Malware, AtomBombing, enSilo Corporate and Product, WannaCry, Process Doppelganging

This year is coming to an end.  The media headlines were constantly reporting massive attacks and breaches. We expect nothing less in 2018. 

Read More

enSilo’s Process Doppelganging Security Check

Windows, Malware, enSilo Corporate and Product, Process Doppelganging

WHAT IS PROCESS DOPPELGANGING?

Process Doppelganging is a technique that allows bypassing real-time file scanning of all tested AV and NGAV products on Microsoft Windows starting from Windows Vista. It was first shown by a team of researchers from enSilo during BlackHat Europe 2017 on December 7th in London.

Read More

Webinar: Process Doppelgänging Blocked by enSilo

Windows, Malware, enSilo Corporate and Product, Process Doppelganging

enSilo is real-time endpoint security software that protects against Process Doppelganging (and lots more). See the on-demand webinar of Lost in Transaction: Process Doppelganging featured at BlackHat Europe.

Read More