[Owasp-egypt] More on ransomware

Hassan Mourad hassan.mourad at owasp.org
Sat Jul 16 17:39:25 UTC 2016


Good research,

But one thing CryptoDrop will fail to catch is ransomware that relies on
locking you out of the machine by encrypting for example the MFT or the MBR

On Jul 16, 2016 7:36 PM, "Sherif Khattab" <s.khattab at fci-cu.edu.eg> wrote:

... and more on the research side is CryptoDrop (
http://www.cise.ufl.edu/~traynor/papers/scaife-icdcs16.pdf), which monitors
the *real* files instead of monitoring file canaries/honeytokens/decoy
folders. Of the main research issues are how to reduce false positives and
performance hit.

Thanks,

sherif

On Sun, Jul 3, 2016 at 10:55 AM, Hassan Mourad <hassan.mourad at owasp.org>
wrote:

> Some tricks to detect and respond to ransomware using scripting
>
> I find some of the ideas very cool
>
>
> http://www.freeforensics.org/2016/03/proactively-reacting-to-ransomware.html?m=1
>
> Let me know what you think
>
> Hassan
>
> _______________________________________________
> Owasp-egypt mailing list
> Owasp-egypt at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-egypt
>
>



_______________________________________________
Owasp-egypt mailing list
Owasp-egypt at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-egypt
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-egypt/attachments/20160716/23a255a9/attachment.html>


More information about the Owasp-egypt mailing list