About Calin Ghibu
Technical background: over 15 years experience in testing, developing, researching and managing network security solutions. Currently focusing on information security and IT management.
Specialties: Network audit, information security, web security, endpoint security, perimeter security SIEM, legal compliance, competitive intelligence.
Entries by Calin Ghibu
Sorebrect case subject – fileless ransomware This variant arrives as a text file with a name that tricks the users into opening it either downloaded from malicious websites or installed by other malware. It injects malicious code in the Service Host process (svchost.exe) to avoid antivirus detection and application control. The actual encryption is done from […]
Most people do not know where all their important files are, and this makes detecting data breaches tad difficult. To fully understand where data is, companies use data indexing solutions, but these are expensive and come with a significant IT overhead. There are, however, simpler ways to get just enough insight into where important files […]
Ransomware is an important phenomenon nowadays and dealing with it is a top concern of IT admins. This type of malware is capable of incurring enormous costs on businesses that rely on IT to carry out everyday activities so enterprise ransomware protection became a hot topic in IT communities. From our experience, simple measures and […]
This article provides information on what to do when attacked by ransomware, depending on how important the files are and your skills when using computers. Everyone should have the important files backed up on a regular basis. This ensures that you do not lose it all in case your computer is compromised or if ransomware […]
Case subject – A zero-day Jaff (WLU extension) Jaff ransomware has seen some updates lately and we selected the newest variant for today’s exercise. At the time of the recording, the detection rate on virustotal is 18/60. Jaff is distributed through email SPAM campaigns that trick users into opening malicious attachments. A common example is the claim […]
Ransomware is a type of malware that aims to extort money from companies by disrupting their activities. The most widespread type of ransomware targets data and renders information or computer systems unusable until a ransom is paid. When business-critical information gets locked up, most businesses seriously consider paying ransoms to recover it. In many cases, however, paying […]
Cyber extortion has been around for nearly three decades, and the general feeling you get when reading the news nowadays is that the world is not yet prepared to deal with it. Although sustained efforts have been made to combat ransomware, the primary tool for cyber extortion, many businesses and institutions still fall victim to […]
TEMASOFT Ranstop is a successful combination of anti-ransomware and smart, real-time backup technologies, with a unique approach to combating the ransomware threats. While the detection capabilities, based on file access patterns and in-memory correlations, provide protection against old and new threats, the backup engine acts like a safe net, making sure that the files are […]