Free Document Converters Add Malware; check my.cnf ownership; FDE Ransomware

SANS Daily Network Security Podcast (Stormcast) for Tuesday, September 13th 2016
00:00
My Next Class
Defending Web Applications Security Essentials | Online | US Pacific | Mar 15th - Mar 20th 2021 |
Intrusion Detection In-Depth | Online | US Eastern | Apr 26th - May 1st 2021 |
If it's Free, YOU are the Product
https://isc.sans.edu/forums/diary/If+its+Free+YOU+are+the+Product/21469/
Weak MySQL Configurations Can Lead To Privilege Escalation
http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html
Full Disk Encryption Ransomware
https://www.linkedin.com/pulse/mamba-new-full-disk-encryption-ransomware-family-member-marinho?trk=prof-post
https://isc.sans.edu/forums/diary/If+its+Free+YOU+are+the+Product/21469/
Weak MySQL Configurations Can Lead To Privilege Escalation
http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html
Full Disk Encryption Ransomware
https://www.linkedin.com/pulse/mamba-new-full-disk-encryption-ransomware-family-member-marinho?trk=prof-post
Discussion
Hello Johannes, I didn't try this scenario, but I think so. The encryption process occurs while the user is logged on and the filesystem is "open". In my opinion, in this case, Mamba could encrypt the partition (even already encrypted) and overwrites the MBR with it's own and ask for the password during the boot.
New Discussions closed for all Podcasts older than two(2) weeks
Please send your comments to our Contact Form
Defending Web Applications Security Essentials | Online | US Pacific | Mar 15th - Mar 20th 2021 |
Intrusion Detection In-Depth | Online | US Eastern | Apr 26th - May 1st 2021 |
Defending Web Applications Security Essentials | Online | Central European Summer Time | Jun 14th - Jun 19th 2021 |
Regarding 'Mamba': if FDE is already in place, can Mamba encrypt over it?