enSilo Webinar Recording Process Doppelganging December2017

Process Doppelgänging meets Process Hollowing in Osiris dropper

Process doppleganging, a rare technique of impersonating a process, was discovered last year, but hasn't been seen much in the wild since. It was an interesting surprise, then, to discover its use ...
Exploit kits: summer 2018 review

Exploit kits: summer 2018 review

Just like the beach, the EK landscape got a little crowded this summer. Find out what we discovered in our exploit kits summer review. Categories: Exploits Threat analysis Tags: drive-by downloadsdrive-bysEKEKsexploit kitsgrandsoftGreenFlash ...
‘Hidden Bee’ miner delivered via improved drive-by download toolkit

‘Hidden Bee’ miner delivered via improved drive-by download toolkit

Threat actors switch to the Hidden Bee miner as a payload for this unusual and complex drive-by download campaign. Categories: Exploits Threat analysis Tags: bootkitcryptominerdrive-by attackexploithidden beehidden bee minerMBR (Read more...) The ...
New strain of Mac malware Proton found after two years

New strain of Mac malware Proton found after two years

A new variant of the Mac malware Proton, which was rampant on macOS last year, has been found dating back to at least two years ago. Learn how this could still affect ...

Decision Analysis Applications in Threat Analysis Frameworks

Cybersecurity is generally considered to be a highly reactive field where professionals struggle to keep up with new and emerging threats. As the profession works to become more human-centered and proactive, I ...
Magniber ransomware improves, expands within Asia

Magniber ransomware improves, expands within Asia

After a controlled delivery focused on South Korea, an upgraded Magniber ransomware is now affecting other Asian countries. Categories: Exploits Threat analysis Tags: asiaEKmagniberMagnigateMagnitudeMalaysiaSouth KoreaTaiwan (Read more...) The post Magniber ransomware improves, ...
Using Reported Phish to Hunt Threats

Using Reported Phish to Hunt Threats

| | Phishing, Threat analysis
Reported phishing emails are useful for plenty of reasons ...
Obfuscated Coinhive shortlink reveals larger mining operation

Obfuscated Coinhive shortlink reveals larger mining operation

A web miner injected into compromised sites is just the tip of the iceberg for an infrastructure hosting malicious Windows and Linux coin miners. Categories: Cryptomining Threat analysis Tags: cnhvcoinhiveminingmoneroshortlinks (Read more...) ...
New macro-less technique to distribute malware

New macro-less technique to distribute malware

The latest macro-less technique to distribute malware via Office documents does not involve exploits. Just a little bit of social engineering. Categories: Threat analysis Tags: deeplinkmacro-lessmalwareOfficesettingcontent-ms (Read more...) The post New macro-less ...
SamSam ransomware: controlled distribution for an elusive malware

SamSam ransomware: controlled distribution for an elusive malware

SamSam ransomware is a unique malware for its explicit human interaction on selected targets and care to erase most of its tracks. Categories: Malware Threat analysis Tags: ransomwaresamsamsamsam ransomware (Read more...) The ...