April 25, 2017
Disarming Control Flow Guard Using Advanced Code Reuse Attacks
Posted By:
Categories :

Advanced exploitation is moving away from ROP-based code-reuse attacks.

March 23, 2017
Protecting Against Shamoon 2 and Stonedrill: In the Crossfire of Geopolitics and Wiper Malware

At the end of January, Saudi Arabia’s telecom authority issued an alert warning about Shamoon 2, a wiper malware that hit several organizations, including three government agencies and four private sector companies.

February 27, 2017
The Chakra Exploit and the Limitations of Modern Mitigation Techniques
Posted By:
Categories :

Last November, Microsoft released a security update for Microsoft Edge which included patches for vulnerabilities CVE-2016-7200 and CVE-2016-7201, which were discovered by Google Project Zero.

February 08, 2017
Endgame and Morphick: Closing the Gap in Advanced Cyber Threat Response

In my recently released book Facing Cyber Threats Head On, I spend a lot of time discussing how contemporary cyber security is just as much about stopping people (the attackers) as it is about stopping malware.  When you look at it, stopping people is a different problem and requires a different approach than stopping malware.  At the end of the day, people create and adjust strategies based on what they experience.  Computer programs do not.

Endgame Leapfrogs EDR Incumbents; Dramatically Expanding Preventions and Detections to Stop Zero Days, Malwareless Attacks, and Ransomware

Platform updates solve for industry failures by offering the only end-to-end EDR solution that instantly immobilizes attackers in time to prevent damage and loss 

November 30, 2016
Another 0day, Another Prevention
Posted By:
Categories :

A new 0day against the popular browser Firefox was revealed yesterday which specifically targets the popular “Tor Browser” project, a favorite of Tor users. The Endgame Vulnerability Research & Prevention team quickly analyzed the exploit from the original post, as well as a clean version of reduced JavaScript. 

Endgame Leaves Attackers Nowhere to Hide: Expands Detection Features for In-Memory Attacks and Malicious Persistence

Platform Anticipates Latest Attacker Innovations to Offer the Earliest Endpoint Detection and Response Solution in the Market

August 21, 2016
Capturing 0day Exploits with PERFectly Placed Hardware Traps

To enable earlier detection while limiting the impact on performance, we have developed a new concept we’re calling Hardware Assisted Control Flow Integrity, or HA-CFI.

Endgame Exploit Prevention Technology Achieves 96% Detection of Broad Classes of Advanced Attacks

Endgame HA-CFI proven significantly more effective compared to industry standard Microsoft EMET, which achieved only 83% detection

Endgame Announces Hunt Platform 2.0, Declares IOC Independence

Hardware assisted control flow integrity (HA-CFI™) technology, Endgame MalwareScore™, and automated investigations ensure earliest detection and eviction of advanced attacks