Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: SANS Daily Network Security Podcast (Stormcast) for Tuesday, September 13th 2016 SANS Daily Network Security Podcast (Stormcast) for Tuesday, September 13th 2016


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Free Document Converters Add Malware; check my.cnf ownership; FDE Ransomware

SANS Daily Network Security Podcast (Stormcast) for Tuesday, September 13th 2016
00:00

My Next Class

Intrusion Detection In-DepthOnline | US EasternApr 26th - May 1st 2021
Intrusion Detection In-DepthOnline | British Summer TimeMay 24th - May 29th 2021

… more classes

Spotify spotify logo

Discussion

Johannes -
Regarding 'Mamba': if FDE is already in place, can Mamba encrypt over it?
Posted by Express26 on Tue Sep 13 2016, 11:03
Hello Johannes, I didn't try this scenario, but I think so. The encryption process occurs while the user is logged on and the filesystem is "open". In my opinion, in this case, Mamba could encrypt the partition (even already encrypted) and overwrites the MBR with it's own and ask for the password during the boot.
Posted by Renato Marinho on Tue Sep 13 2016, 11:48

New Discussions closed for all Podcasts older than two(2) weeks
Please send your comments to our Contact Form

Intrusion Detection In-DepthOnline | US EasternApr 26th - May 1st 2021
Intrusion Detection In-DepthOnline | British Summer TimeMay 24th - May 29th 2021
Defending Web Applications Security EssentialsOnline | Central European Summer TimeJun 14th - Jun 19th 2021
Intrusion Detection In-DepthOnline | British Summer TimeJul 5th - Jul 10th 2021
Defending Web Applications Security EssentialsOnline | British Summer TimeAug 23rd - Aug 28th 2021