SANS Daily Network Security Podcast (Stormcast) for Tuesday, September 13th 2016

Free Document Converters Add Malware; check my.cnf ownership; FDE Ransomware

00:00

My Next Class

Defending Web Applications Security Essentials	Online \| US Pacific	Mar 15th - Mar 20th 2021
Intrusion Detection In-Depth	Online \| US Eastern	Apr 26th - May 1st 2021

… more classes

Help us make this podcast better by participating in a simple two question survey

If it's Free, YOU are the Product
https://isc.sans.edu/forums/diary/If+its+Free+YOU+are+the+Product/21469/

Weak MySQL Configurations Can Lead To Privilege Escalation
http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html

Full Disk Encryption Ransomware
https://www.linkedin.com/pulse/mamba-new-full-disk-encryption-ransomware-family-member-marinho?trk=prof-post

iTunes

MP3 Download

RSS Feed

Google Play

Stitcher

Podbean

Amazon Echo

YouTube

Spreaker

iOS App

Spotify

Discussion

Johannes -
Regarding 'Mamba': if FDE is already in place, can Mamba encrypt over it?

Posted by Express26 on Tue Sep 13 2016, 11:03

Hello Johannes, I didn't try this scenario, but I think so. The encryption process occurs while the user is logged on and the filesystem is "open". In my opinion, in this case, Mamba could encrypt the partition (even already encrypted) and overwrites the MBR with it's own and ask for the password during the boot.

Posted by Renato Marinho on Tue Sep 13 2016, 11:48

New Discussions closed for all Podcasts older than two(2) weeks
Please send your comments to our Contact Form

Top of page

Defending Web Applications Security Essentials	Online \| US Pacific	Mar 15th - Mar 20th 2021
Intrusion Detection In-Depth	Online \| US Eastern	Apr 26th - May 1st 2021
Defending Web Applications Security Essentials	Online \| Central European Summer Time	Jun 14th - Jun 19th 2021