[Owasp-egypt] More on ransomware

Sherif Khattab s.khattab at fci-cu.edu.eg
Sat Jul 16 20:40:02 UTC 2016


sure, good catch.

Thanks,

sherif

On Sat, Jul 16, 2016 at 7:39 PM, Hassan Mourad <hassan.mourad at owasp.org>
wrote:

> Good research,
>
> But one thing CryptoDrop will fail to catch is ransomware that relies on
> locking you out of the machine by encrypting for example the MFT or the MBR
>
> On Jul 16, 2016 7:36 PM, "Sherif Khattab" <s.khattab at fci-cu.edu.eg> wrote:
>
> ... and more on the research side is CryptoDrop (
> http://www.cise.ufl.edu/~traynor/papers/scaife-icdcs16.pdf), which
> monitors the *real* files instead of monitoring file
> canaries/honeytokens/decoy folders. Of the main research issues are how to
> reduce false positives and performance hit.
>
> Thanks,
>
> sherif
>
> On Sun, Jul 3, 2016 at 10:55 AM, Hassan Mourad <hassan.mourad at owasp.org>
> wrote:
>
>> Some tricks to detect and respond to ransomware using scripting
>>
>> I find some of the ideas very cool
>>
>>
>> http://www.freeforensics.org/2016/03/proactively-reacting-to-ransomware.html?m=1
>>
>> Let me know what you think
>>
>> Hassan
>>
>> _______________________________________________
>> Owasp-egypt mailing list
>> Owasp-egypt at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-egypt
>>
>>
>
>
>
> _______________________________________________
> Owasp-egypt mailing list
> Owasp-egypt at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-egypt
>
>
>

-- 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-egypt/attachments/20160716/1d13cc34/attachment.html>


More information about the Owasp-egypt mailing list