WannaCry Jr. : The Little Ransom That Couldn't

Research, enSilo Corporate and Product, Windows, Malware, WannaCry

Earlier today, we caught a new in-the-wild version of what seemed to be WannaCry. A check with VirusTotal

Read More

The NotPetya ‘Not’ Killswitch

Research, enSilo Corporate and Product, NotPetya, Windows, Malware, Ransomware, NSA

In the past few days a new Petya-like ransomware, dubbed NotPetya, infected machines across the world by

Read More

ShadowGroup Reveals All? Initial Analysis of the Equation Group Dump

Research, enSilo Corporate and Product

 

On Good Friday, April 14, The Shadow Brokers released to the public a bunch of powerful Windows’

Read More

Open Door: Unix Open Source Vulnerabilities Affect Mac OS X

Research, enSilo Corporate and Product, Mac OS X, Unix, Vulnerabilities

Today, Apple’s MacOS X 10.12.4 update includes security fixes for several open source vulnerabilities. The

Read More

AtomBombing Goes Nuclear

Research, cybersecurity, enSilo Corporate and Product, AtomBombing, code injection, Windows, Malware

In late 2016, enSilo researchers shared AtomBombing with the security world. More of a “proof of concept”

Read More

Customer Advisory Warning: The Comeback of the Hancitor Campaign

Research, enSilo Corporate and Product, Hancitor, Malware, Windows, Fileless Malware

We are currently witnessing an active malware campaign involving the Hancitor Trojan/Pony botnet. Once

Read More

After the (Atom)Bombing

Research, enSilo Corporate and Product

In late October enSilo researchers discovered a new code injection technique that leveraged atom tables –

Read More

AtomBombing: A Code Injection that Bypasses Current Security Solutions

Research, enSilo Corporate and Product, Windows, code injection, AtomBombing, Malware

Our research team has uncovered new way to leverage mechanisms of the underlying Windows operating system

Read More

AtomBombing: Brand New Code Injection for Windows

Injection Techniques, APC, AtomBombing, code injection, Research, Windows, enSilo Breaking Malware, Malware, enSilo Corporate and Product

TL;DR Here’s a new code injection technique, dubbed AtomBombing, which exploits Windows atom tables and Async

Read More

FindADetour: The Tool that Tests for Vulnerable Microsoft's Detours

Research, enSilo Corporate and Product, FindADetour, hooking, Windows, Malware

Today’s Microsoft September Patch Tuesday includes a patch to what they had tagged as a fix for Microsoft

Read More